From 6f97f3e6c94891c72bb8e813f410f9427c114478 Mon Sep 17 00:00:00 2001
From: daiao <358551898@qq.com>
Date: Fri, 28 Jun 2019 09:01:05 +0800
Subject: [PATCH] =?UTF-8?q?=E5=85=B3=E5=8D=A1=E7=9A=84=E6=9D=83=E9=99=90?=
 =?UTF-8?q?=E6=8E=A7=E5=88=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/challenges_controller.rb | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/app/controllers/challenges_controller.rb b/app/controllers/challenges_controller.rb
index f2a964c8d..e315ab596 100644
--- a/app/controllers/challenges_controller.rb
+++ b/app/controllers/challenges_controller.rb
@@ -5,8 +5,8 @@ class ChallengesController < ApplicationController
   before_action :find_challenge, only: [:edit, :show, :update, :create_choose_question, :index_down, :index_up,
                                         :edit_choose_question, :show_choose_question, :destroy_challenge_choose,
                                         :update_choose_question, :destroy, :crud_answer, :answer]
-  # before_action :allowed, except: [:index, :show, :edit_choose_question, :edit]
-
+  # 权限控制
+  before_action :allowed, except: [:index]
 
   include ShixunsHelper
   include ChallengesHelper
@@ -296,8 +296,7 @@ class ChallengesController < ApplicationController
   end
 
   def allowed
-    # 实训为发布前,除实训的管理者外,其他人都不人都不允许访问
-    if !current_user.manager_of_shixun?(@shixun) && (@shixun.status < 1 || @shixun.hidden == 1)
+    unless current_user.manager_of_shixun?(@shixun)
       raise Educoder::TipException.new(403, "..")
     end
   end