实训的关卡控制

dev_forum
daiao 5 years ago
parent c8bfb0b4c1
commit bc61bbbe05

@ -23,6 +23,13 @@ class ApplicationController < ActionController::Base
EduSetting.get(name) EduSetting.get(name)
end end
# 实训的访问权限
def shixun_access_allowed
if !current_user.shixun_permission(@shixun)
tip_exception(403, "..")
end
end
def user_course_identity def user_course_identity
@user_course_identity = current_user.course_identity(@course) @user_course_identity = current_user.course_identity(@course)
if @user_course_identity > Course::STUDENT && @course.is_public == 0 if @user_course_identity > Course::STUDENT && @course.is_public == 0

@ -5,8 +5,10 @@ class ChallengesController < ApplicationController
before_action :find_challenge, only: [:edit, :show, :update, :create_choose_question, :index_down, :index_up, before_action :find_challenge, only: [:edit, :show, :update, :create_choose_question, :index_down, :index_up,
:edit_choose_question, :show_choose_question, :destroy_challenge_choose, :edit_choose_question, :show_choose_question, :destroy_challenge_choose,
:update_choose_question, :destroy, :crud_answer, :answer] :update_choose_question, :destroy, :crud_answer, :answer]
# 权限控制 # 关卡更新和操作的权限控制
before_action :allowed, except: [:index] before_action :update_allowed, except: [:index]
# 关卡访问的权限控制
before_action :shixun_access_allowed
include ShixunsHelper include ShixunsHelper
include ChallengesHelper include ChallengesHelper
@ -279,6 +281,9 @@ class ChallengesController < ApplicationController
def find_shixun def find_shixun
@shixun = Shixun.find_by_identifier(params[:shixun_identifier]) @shixun = Shixun.find_by_identifier(params[:shixun_identifier])
if !current_user.shixun_permission(@shixun)
tip_exception(403, "..")
end
end end
# 通用接口 # 通用接口
@ -298,7 +303,7 @@ class ChallengesController < ApplicationController
:standard_answer, :score, :difficult) :standard_answer, :score, :difficult)
end end
def allowed def update_allowed
unless current_user.manager_of_shixun?(@shixun) unless current_user.manager_of_shixun?(@shixun)
raise Educoder::TipException.new(403, "..") raise Educoder::TipException.new(403, "..")
end end

@ -2,8 +2,9 @@ class ShixunsController < ApplicationController
before_action :require_login, except: [:download_file, :index, :menus] before_action :require_login, except: [:download_file, :index, :menus]
before_action :check_auth, except: [:download_file, :index] before_action :check_auth, except: [:download_file, :index]
before_action :find_shixun, except: [:index, :new, :create, :menus, :get_recommend_shixuns, :propaedeutics, before_action :find_shixun, :shixun_access_allowed, except: [:index, :new, :create, :menus, :get_recommend_shixuns,
:departments, :apply_shixun_mirror, :get_mirror_script, :download_file] :propaedeutics, :departments, :apply_shixun_mirror,
:get_mirror_script, :download_file]
before_action :find_repo_name, only: [:repository, :commits, :file_content, :update_file, :shixun_exec, :copy] before_action :find_repo_name, only: [:repository, :commits, :file_content, :update_file, :shixun_exec, :copy]
before_action :allowed, only: [:update, :close, :update_propaedeutics, :settings, :publish, before_action :allowed, only: [:update, :close, :update_propaedeutics, :settings, :publish,
@ -726,10 +727,6 @@ private
normal_status(404, "...") normal_status(404, "...")
return return
end end
if !current_user.shixun_permission(@shixun)
tip_exception(403, "..")
end
end end
def find_repo_name def find_repo_name

Loading…
Cancel
Save