|
|
|
@ -45,7 +45,7 @@ class CommonsController < ApplicationController
|
|
|
|
|
code =
|
|
|
|
|
case params[:object_type].strip
|
|
|
|
|
when 'message'
|
|
|
|
|
if current_user.course_identity(@object.board.course) >= 5 || @object.author != current_user
|
|
|
|
|
if current_user.course_identity(@object.board.course) >= 5 && @object.author != current_user
|
|
|
|
|
403
|
|
|
|
|
else
|
|
|
|
|
200
|
|
|
|
@ -53,7 +53,7 @@ class CommonsController < ApplicationController
|
|
|
|
|
else
|
|
|
|
|
current_user.admin? ? 200 : 403
|
|
|
|
|
end
|
|
|
|
|
return normal_status(403, "你没有权限操作!") if code == 403
|
|
|
|
|
return normal_status(code, "你没有权限操作!") if code == 403
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def action(flag)
|
|
|
|
|