Merge branch 'dev_aliyun' of https://bdgit.educoder.net/Hjqreturn/educoder into dev_aliyun

app/controllers/live_links_controller.rb

@@ -2,7 +2,8 @@ class LiveLinksController < ApplicationController
   before_action :require_login
   before_action :find_course, only: [:index, :create]
   before_action :user_course_identity, :teacher_allowed, only: [:create]
-  before_action :edit_auth, only: [:edit, :update, :destroy]
+  before_action :edit_auth, only: [:edit, :update]
+  before_action :delete_auth, only: [:destroy]
 
   def index
     lives = @course.live_links
@@ -58,6 +59,10 @@ class LiveLinksController < ApplicationController
   end
 
   def edit_auth
+    tip_exception(403, "无权限操作") unless current_user.id == current_live.user_id || current_user.admin_or_business?
+  end
+
+  def delete_auth
     tip_exception(403, "无权限操作") unless current_user.id == current_live.user_id || current_user.admin?
   end
 end

app/models/live_link.rb

@@ -8,6 +8,10 @@ class LiveLink < ApplicationRecord
   validates :description, length: { maximum: 100, too_long: "不能超过100个字符" }
 
   def op_auth?
+    user == User.current || User.current.admin_or_business?
+  end
+
+  def delete_auth?
     user == User.current || User.current.admin?
   end
 end

app/views/live_links/index.json.jbuilder

@@ -5,6 +5,7 @@ json.lives @lives do |live|
   json.author_login live.user.login
   json.author_img url_to_avatar(live.user)
   json.op_auth live.op_auth?
+  json.delete_auth live.delete_auth?
   json.created_at live.created_at.strftime('%Y-%m-%d')
 end
 json.my_live_id @my_live_id