From 77b6b52cff13adb2dea41c5e6a16e2ae32cf6a5c Mon Sep 17 00:00:00 2001
From: jasder <jasder@jasderdeMacBook-Pro.local>
Date: Wed, 3 Jul 2019 14:53:03 +0800
Subject: [PATCH] files pemission

---
 app/controllers/files_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/files_controller.rb b/app/controllers/files_controller.rb
index c8fd042ea..2af178e47 100644
--- a/app/controllers/files_controller.rb
+++ b/app/controllers/files_controller.rb
@@ -200,7 +200,7 @@ class FilesController < ApplicationController
 
   # 资源设置
   def update
-    return  normal_status(403, "您没有权限进行该操作") unless current_user.teacher_or_admin?(@course) || @file.author == current_user
+    return normal_status(403, "您没有权限进行该操作") if current_user.course_identity(@course) >= 5 && @file.author != current_user
 
     is_unified_setting = params[:is_unified_setting]
     publish_time = params[:publish_time]