diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index cf7ac6d2e..cae9d6413 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,570 +1,572 @@ -require 'oauth2' - -class ApplicationController < ActionController::Base - include CodeExample - include RenderExpand - include RenderHelper - include ControllerRescueHandler - include GitHelper - include LoggerHelper - - protect_from_forgery prepend: true, unless: -> { request.format.json? } - - before_action :user_setup - #before_action :check_account - - DCODES = %W(2 3 4 5 6 7 8 9 a b c f e f g h i j k l m n o p q r s t u v w x y z) - - helper_method :current_user - - # 全局配置参数 - # 返回name对应的value - def edu_setting(name) - EduSetting.get(name) - end - - # 实训的访问权限 - def shixun_access_allowed - if !current_user.shixun_permission(@shixun) - tip_exception(403, "..") - end - end - - def admin_or_business? - User.current.admin? || User.current.business? - end - - # 访问课堂时没权限直接弹加入课堂的弹框 :409 - def user_course_identity - @user_course_identity = current_user.course_identity(@course) - if @user_course_identity > Course::STUDENT && @course.is_public == 0 - tip_exception(409, "您没有权限进入") - end - uid_logger("###############user_course_identity:#{@user_course_identity}") - end - - - # 判断用户的邮箱或者手机是否可用 - # params[:type] 1: 注册;2:忘记密码 - def check_mail_and_phone_valid login, type - unless login =~ /^[a-zA-Z0-9]+([._\\]*[a-zA-Z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$/ || login =~ /^1\d{10}$/ || - login =~ /^[a-zA-Z0-9]+([._\\]*[a-zA-Z0-9])$/ - tip_exception(-2, "请输入正确的手机号或邮箱") - end - # 考虑到安全参数问题,多一次查询,去掉Union - user = User.where(phone: login).first || User.where(mail: login).first - if type.to_i == 1 && !user.nil? - tip_exception(-2, "该手机号码或邮箱已被注册") - elsif type.to_i == 2 && user.nil? - tip_exception(-2, "该手机号码或邮箱未注册") - end - sucess_status - end - - # 发送及记录激活码 - # 发送验证码:type 1:注册手机验证码 2:找回密码手机验证码 3:找回密码邮箱验证码 4:绑定手机 5:绑定邮箱 - # 6:手机验证码登录 7:邮箱验证码登录 8:邮箱注册验证码 - def check_verification_code(code, send_type, value) - case send_type - when 1, 2, 4 - # 手机类型的发送 - sigle_para = {phone: value} - status = Educoder::Sms.send(mobile: value, code: code) - tip_exception(-2, code_msg(status)) if status != 0 - when 8, 3, 5 - # 邮箱类型的发送 - sigle_para = {email: value} - begin - UserMailer.register_email(value, code).deliver_now - # Mailer.run.email_register(code, value) - rescue Exception => e - logger_error(e) - tip_exception(-2,"邮件发送失败,请稍后重试") - end - end - ver_params = {code_type: send_type, code: code}.merge(sigle_para) - VerificationCode.create!(ver_params) - end - - def code_msg status - case status - when 0 - "验证码已经发送到您的手机,请注意查收" - when 8 - "同一手机号30秒内重复提交相同的内容" - when 9 - "同一手机号5分钟内重复提交相同的内容超过3次" - when 22 - "1小时内同一手机号发送次数超过限制" - when 33 - "验证码发送次数超过频率" - when 43 - "一天内同一手机号发送次数超过限制" - end - end - - def find_course - return normal_status(2, '缺少course_id参数!') if params[:course_id].blank? - @course = Course.find(params[:course_id]) - rescue Exception => e - tip_exception(e.message) - end - - def course_manager - return normal_status(403, '只有课堂管理员才有权限') if @user_course_identity > Course::CREATOR - end - - def find_board - return normal_status(2, "缺少board_id参数") if params[:board_id].blank? - @board = Board.find(params[:board_id]) - rescue Exception => e - uid_logger_error(e.message) - tip_exception(e.message) - end - - def validate_type(object_type) - normal_status(2, "参数") if params.has_key?(:sort_type) && !SORT_TYPE.include?(params[:sort_type].strip) - end - - def set_pagination - @page = params[:page] || 1 - @page_size = params[:page_size] || 15 - end - - # 课堂教师权限 - def teacher_allowed - logger.info("#####identity: #{current_user.course_identity(@course)}") - unless current_user.course_identity(@course) < Course::STUDENT - normal_status(403, "") - end - end - - # 课堂教师、课堂管理员、超级管理员的权限(不包含助教) - def teacher_or_admin_allowed - unless current_user.course_identity(@course) < Course::ASSISTANT_PROFESSOR - normal_status(403, "") - end - end - - def require_admin - normal_status(403, "") unless User.current.admin? - end - - def require_business - normal_status(403, "") unless admin_or_business? - end - - # 前端会捕捉401,弹登录弹框 - # 未授权的捕捉407,弹试用申请弹框 - def require_login - #6.13 -hs - tip_exception(401, "..") unless User.current.logged? - end - - # 异常提醒 - def tip_exception(status = -1, message) - raise Educoder::TipException.new(status, message) - end - - def missing_template - tip_exception(404, "...") - end - - # 弹框提醒 - def tip_show_exception(status = -2, message) - raise Educoder::TipException.new(status, message) - end - - def normal_status(status = 0, message) - case status - when 403 - message = "您没有权限进行该操作" - when 404 - message = "您访问的页面不存在或已被删除" - end - render :json => { status: status, message: message } - end - - # 系统全局认证 - def check_auth - day_cer = UserDayCertification.find_by(user_id: current_user.id) - # 如果注册超过24小时则需要完善资料及授权 - if (Time.now.to_i - day_cer.try(:created_at).to_i) > 86400 - if !current_user.profile_completed? - info_url = '/account/profile' - tip_exception(402, info_url) - elsif current_user.certification != 1 - if current_user.apply_actions.exists?(container_type: 'TrialAuthorization', status: 0) - tip_exception(408, "您的试用申请正在审核中,请耐心等待") - end - tip_exception(407, "系统未授权") - end - end - - - # if current_user.certification != 1 && current_user.apply_actions.exists?(container_type: 'TrialAuthorization', status: 0) - # tip_exception(408, "您的试用申请正在审核中,请耐心等待") - # elsif (Time.now.to_i - day_cer.try(:created_at).to_i) < 86400 - # if !current_user.profile_completed? - # info_url = '/account/profile' - # tip_exception(402, info_url) - # elsif current_user.certification != 1 - # day_cer = UserDayCertification.find_by(user_id: current_user.id) - # tip_exception(407, "系统未授权") unless (Time.now.to_i - day_cer.try(:created_at).to_i) < 86400 - # end - # end - end - - def start_user_session(user) - session[:user_id] = user.id - session[:ctime] = Time.now.utc.to_i - session[:atime] = Time.now.utc.to_i - end - - def user_setup - # reacct静态资源加载不需要走这一步 - return if params[:controller] == "main" - # Find the current user - User.current = find_current_user - uid_logger("user_setup: " + (User.current.logged? ? "#{User.current.try(:login)} (id=#{User.current.try(:id)})" : "anonymous")) - - if !User.current.logged? && Rails.env.development? - User.current = User.find 12 - end - - # User.current = User.find 81403 - - if params[:debug] == 'teacher' #todo 为了测试,记得讲debug删除 - User.current = User.find 81403 - elsif params[:debug] == 'student' - User.current = User.find 8686 - elsif params[:debug] == 'admin' - User.current = User.find 1 - elsif params[:debug] - User.current = User.find_by_login params[:debug] - end - end - - # Sets the logged in user - def logged_user=(user) - reset_session - if user && user.is_a?(User) - User.current = user - start_user_session(user) - else - User.current = User.anonymous - end - end - - # Returns the current user or nil if no user is logged in - # and starts a session if needed - def find_current_user - uid_logger("user setup start: session[:user_id] is #{session[:user_id]}") - if session[:user_id] - # existing session - (User.active.find(session[:user_id]) rescue nil) - elsif autologin_user = try_to_autologin - autologin_user - elsif params[:format] == 'atom' && params[:key] && request.get? && accept_rss_auth? - # RSS key authentication does not start a session - User.find_by_rss_key(params[:key]) - end - end - - def autologin_cookie_name - edu_setting('autologin_cookie_name').presence || 'autologin' - end - - def try_to_autologin - if cookies[autologin_cookie_name] - # auto-login feature starts a new session - user = User.try_to_autologin(cookies[autologin_cookie_name]) - if user - start_user_session(user) - end - user - end - end - - def api_request? - %w(xml json).include? params[:format] - end - - def current_user - User.current - end - - ## 默认输出json - def render_json - respond_to do |format| - format.json - end - end - - ## 输出错误信息 - def error_status(message = nil) - @status = -1 - @message = message - end - - # 实训等对应的仓库地址 - def repo_ip_url(repo_path) - "#{edu_setting('git_address_ip')}/#{repo_path}" - end - - def repo_url(repo_path) - "#{edu_setting('git_address_domain')}/#{repo_path}" - end - - # 通关后,把最后一次成功的代码存到数据库 - # type 0 创始内容, 1 最新内容 - def game_passed_code(path, myshixun, game_id) - file_content = git_fle_content myshixun.repo_path, path - unless file_content.present? - raise("获取文件代码异常") - end - game_code = GameCode.where(:game_id => game_id, :path => path).first - if game_code.nil? - GameCode.create!(:game_id => game_id, :new_code => file_content, :path => path) - else - game_code.update_attributes!(:new_code => file_content) - end - end - - # Post请求 - def uri_post(uri, params) - begin - uid_logger("--uri_exec: params is #{params}, url is #{uri}") - uri = URI.parse(URI.encode(uri.strip)) - res = Net::HTTP.post_form(uri, params).body - logger.info("--uri_exec: .....res is #{res}") - JSON.parse(res) - rescue Exception => e - uid_logger("--uri_exec: exception #{e.message}") - raise Educoder::TipException.new("实训平台繁忙(繁忙等级:84)") - end - end - - # 处理返回非0就报错的请求 - def interface_post(uri, params, status, message) - begin - uid_logger("--uri_exec: params is #{params}, url is #{uri}") - uri = URI.parse(URI.encode(uri.strip)) - res = Net::HTTP.post_form(uri, params).body - logger.info("--uri_exec: .....res is #{res}") - res = JSON.parse(res) - if (res && res['code'] != 0) - tip_exception(status, message) - else - res - end - rescue Exception => e - uid_logger("--uri_exec: exception #{e.message}") - raise Educoder::TipException.new("实训平台繁忙(繁忙等级:84)") - end - end - - # 适用与已经用url_safe编码后,回调字符串形式 - def tran_base64_decode64(str) - s_size = str.size % 4 - if s_size != 0 - str += "=" * (4 - s_size) - end - if str.blank? - str - else - Base64.decode64(str.tr("-_", "+/")).force_encoding("utf-8") - end - end - - def sucess_status(message = 'success') - render :json => { status: 1, message: message } - end - - # 随机生成字符 - def generate_identifier(container, num) - code = DCODES.sample(num).join - if container == User - while container.exists?(login: code) do - code = DCODES.sample(num).join - end - else - while container.exists?(identifier: code) do - code = DCODES.sample(num).join - end - end - code - end - - - # 实训主类别列表,自带描述 - def shixun_main_type - list = [] - mirrors = MirrorRepository.select([:id, :type_name]).published_main_mirror - mirrors.try(:each) do |mirror| - list << {id: mirror.id, type_name: mirror.type_name, description: mirror.try(:description)} - end - list - end - - # 小类别列表 - def shixun_small_type - list = [] - mirrors = MirrorRepository.select([:id, :type_name]).published_small_mirror - mirrors.try(:each) do |mirror| - list << {id: mirror.id, type_name: mirror.type_name} - end - list - end - - def container_limit(mirror_repositories) - container = [] - mirror_repositories.each do |mr| - if mr.name.present? - container << {:image => mr.name, :cpuLimit => mr.cpu_limit, :memoryLimit => "#{mr.memory_limit}M", :type => mr.try(:main_type) == "1" ? "main" : "sub"} - end - end - container.to_json - end - - # 实训中间层pod配置 - def shixun_container_limit shixun - container = [] - shixun.shixun_service_configs.each do |config| - mirror = config.mirror_repository - if mirror.name.present? - container << {:image => mirror.name, - :cpuLimit => config.cpu_limit, - :cpuRequest => config.lower_cpu_limit, - :memoryLimit => "#{config.memory_limit}M", - :memoryRequest => "#{config.request_limit}M", - :resourceLimit => "#{config.resource_limit}K", - :type => mirror.try(:main_type) == "1" ? "main" : "sub"} - end - end - container.to_json - end - - # 毕设任务列表的赛选 - def course_work(task, **option) - logger.info("#############{option}") - course = task.course - work_list = task.graduation_works.includes(user: [:user_extension]) - # 教师评阅搜索 0: 未评, 1 已评 - if option[:teacher_comment] - graduation_work_ids = GraduationWorkScore.where(graduation_work_id: work_list.map(&:id)).pluck(:graduation_work_id) - if option[:teacher_comment].zero? - work_list = work_list.where.not(id: graduation_work_ids) - elsif option[:teacher_comment] == 1 - work_list = work_list.where(id: graduation_work_ids).where.not(work_status: 0) - end - end - - # 作品状态 0: 未提交, 1 按时提交, 2 延迟提交 - if option[:task_status] - work_list = work_list.where(work_status: option[:task_status]) - end - - # 分班情况 - if option[:course_group] - group_user_ids = course.course_members.where(course_group_id: option[:course_group]).pluck(:user_id) - # 有分组只可能是老师身份查看列表 - work_list = work_list.where(user_id: group_user_ids) - end - - # 只看我的交叉评阅 - if option[:cross_comment] - graduation_work_id = task.graduation_work_comment_assignations.where(:user_id => current_user.id) - .pluck(:graduation_work_id).uniq if task.graduation_work_comment_assignations - work_list = work_list.where(id: graduation_work_id) - end - - # 输入姓名和学号搜索 - # TODO user_extension 如果修改 请调整 - if option[:search] - work_list = work_list.joins(user: :user_extension).where("concat(lastname, firstname) like ? - or student_id like ?", "%#{option[:search]}%", "%#{option[:search]}%") - end - - # 排序 - rorder = option[:order] || "updated_at" - b_order = option[:b_order] || "desc" - if rorder == "created_at" || rorder == "work_score" - work_list = work_list.order("graduation_works.#{rorder} #{b_order}") - elsif rorder == "student_id" - work_list = work_list.joins(user: :user_extension).order("user_extensions.#{rorder} #{b_order}") - end - work_list - end - - def strip_html(text, len=0, endss="...") - ss = "" - if !text.nil? && text.length>0 - ss=text.gsub(/<\/?.*?>/, '').strip - ss = ss.gsub(/ */, '') - ss = ss.gsub(/\r\n/,'') #新增 - ss = ss.gsub(/\n/,'') #新增 - if len > 0 && ss.length > len - ss = ss[0, len] + endss - elsif len > 0 && ss.length <= len - ss = ss - #ss = truncate(ss, :length => len) - end - end - ss - end - - # Returns a string that can be used as filename value in Content-Disposition header - def filename_for_content_disposition(name) - request.env['HTTP_USER_AGENT'] =~ %r{MSIE|Trident|Edge} ? ERB::Util.url_encode(name) : name - end - - def format_time(time) - time.blank? ? '' : time.strftime("%Y-%m-%d %H:%M") - end - - # 获取Oauth Client - def get_client(site) - client_id = Rails.configuration.educoder['client_id'] - client_secret = Rails.configuration.educoder['client_secret'] - - OAuth2::Client.new(client_id, client_secret, site: site) - end - - def paginate(relation) - limit = params[:limit].to_i.zero? ? 20 : params[:limit].to_i - page = params[:page].to_i.zero? ? 1 : params[:page].to_i - offset = (page - 1) * limit - - if relation.is_a?(Array) - relation[offset, limit] - else - relation.limit(limit).offset(offset) - end - end - - def strf_time(time) - time.blank? ? '' : time.strftime("%Y-%m-%d %H:%M:%S") - end - - def logger_error(error) - Rails.logger.error(error.message) - error.backtrace.each { |msg| Rails.logger.error(msg) } - end - - private - def object_not_found - uid_logger("Missing template or cant't find record, responding with 404") - render json: {message: "您访问的页面不存在或已被删除", status: 404} - false - end - - def tip_show(exception) - uid_logger("Tip show status is #{exception.status}, message is #{exception.message}") - render json: exception.tip_json - end - - def render_parameter_missing - render json: { status: -1, message: '参数缺失' } - end -end +require 'oauth2' + +class ApplicationController < ActionController::Base + include CodeExample + include RenderExpand + include RenderHelper + include ControllerRescueHandler + include GitHelper + include LoggerHelper + + protect_from_forgery prepend: true, unless: -> { request.format.json? } + + before_action :user_setup + #before_action :check_account + + DCODES = %W(2 3 4 5 6 7 8 9 a b c f e f g h i j k l m n o p q r s t u v w x y z) + + helper_method :current_user + + # 全局配置参数 + # 返回name对应的value + def edu_setting(name) + EduSetting.get(name) + end + + # 实训的访问权限 + def shixun_access_allowed + if !current_user.shixun_permission(@shixun) + tip_exception(403, "..") + end + end + + def admin_or_business? + User.current.admin? || User.current.business? + end + + # 访问课堂时没权限直接弹加入课堂的弹框 :409 + def user_course_identity + @user_course_identity = current_user.course_identity(@course) + if @user_course_identity > Course::STUDENT && @course.is_public == 0 + tip_exception(409, "您没有权限进入") + end + uid_logger("###############user_course_identity:#{@user_course_identity}") + end + + + # 判断用户的邮箱或者手机是否可用 + # params[:type] 1: 注册;2:忘记密码 + def check_mail_and_phone_valid login, type + unless login =~ /^[a-zA-Z0-9]+([._\\]*[a-zA-Z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$/ || login =~ /^1\d{10}$/ || + login =~ /^[a-zA-Z0-9]+([._\\]*[a-zA-Z0-9])$/ + tip_exception(-2, "请输入正确的手机号或邮箱") + end + # 考虑到安全参数问题,多一次查询,去掉Union + user = User.where(phone: login).first || User.where(mail: login).first + if type.to_i == 1 && !user.nil? + tip_exception(-2, "该手机号码或邮箱已被注册") + elsif type.to_i == 2 && user.nil? + tip_exception(-2, "该手机号码或邮箱未注册") + end + sucess_status + end + + # 发送及记录激活码 + # 发送验证码:type 1:注册手机验证码 2:找回密码手机验证码 3:找回密码邮箱验证码 4:绑定手机 5:绑定邮箱 + # 6:手机验证码登录 7:邮箱验证码登录 8:邮箱注册验证码 + def check_verification_code(code, send_type, value) + case send_type + when 1, 2, 4 + # 手机类型的发送 + sigle_para = {phone: value} + status = Educoder::Sms.send(mobile: value, code: code) + tip_exception(-2, code_msg(status)) if status != 0 + when 8, 3, 5 + # 邮箱类型的发送 + sigle_para = {email: value} + begin + UserMailer.register_email(value, code).deliver_now + # Mailer.run.email_register(code, value) + rescue Exception => e + logger_error(e) + tip_exception(-2,"邮件发送失败,请稍后重试") + end + end + ver_params = {code_type: send_type, code: code}.merge(sigle_para) + VerificationCode.create!(ver_params) + end + + def code_msg status + case status + when 0 + "验证码已经发送到您的手机,请注意查收" + when 8 + "同一手机号30秒内重复提交相同的内容" + when 9 + "同一手机号5分钟内重复提交相同的内容超过3次" + when 22 + "1小时内同一手机号发送次数超过限制" + when 33 + "验证码发送次数超过频率" + when 43 + "一天内同一手机号发送次数超过限制" + end + end + + def find_course + return normal_status(2, '缺少course_id参数!') if params[:course_id].blank? + @course = Course.find(params[:course_id]) + rescue Exception => e + tip_exception(e.message) + end + + def course_manager + return normal_status(403, '只有课堂管理员才有权限') if @user_course_identity > Course::CREATOR + end + + def find_board + return normal_status(2, "缺少board_id参数") if params[:board_id].blank? + @board = Board.find(params[:board_id]) + rescue Exception => e + uid_logger_error(e.message) + tip_exception(e.message) + end + + def validate_type(object_type) + normal_status(2, "参数") if params.has_key?(:sort_type) && !SORT_TYPE.include?(params[:sort_type].strip) + end + + def set_pagination + @page = params[:page] || 1 + @page_size = params[:page_size] || 15 + end + + # 课堂教师权限 + def teacher_allowed + logger.info("#####identity: #{current_user.course_identity(@course)}") + unless current_user.course_identity(@course) < Course::STUDENT + normal_status(403, "") + end + end + + # 课堂教师、课堂管理员、超级管理员的权限(不包含助教) + def teacher_or_admin_allowed + unless current_user.course_identity(@course) < Course::ASSISTANT_PROFESSOR + normal_status(403, "") + end + end + + def require_admin + normal_status(403, "") unless User.current.admin? + end + + def require_business + normal_status(403, "") unless admin_or_business? + end + + # 前端会捕捉401,弹登录弹框 + # 未授权的捕捉407,弹试用申请弹框 + def require_login + #6.13 -hs + tip_exception(401, "..") unless User.current.logged? + end + + # 异常提醒 + def tip_exception(status = -1, message) + raise Educoder::TipException.new(status, message) + end + + def missing_template + tip_exception(404, "...") + end + + # 弹框提醒 + def tip_show_exception(status = -2, message) + raise Educoder::TipException.new(status, message) + end + + def normal_status(status = 0, message) + case status + when 403 + message = "您没有权限进行该操作" + when 404 + message = "您访问的页面不存在或已被删除" + end + render :json => { status: status, message: message } + end + + # 系统全局认证 + def check_auth + day_cer = UserDayCertification.find_by(user_id: current_user.id) + # 如果注册超过24小时则需要完善资料及授权 + if (Time.now.to_i - day_cer.try(:created_at).to_i) > 86400 + if !current_user.profile_completed? + info_url = '/account/profile' + tip_exception(402, info_url) + elsif current_user.certification != 1 + if current_user.apply_actions.exists?(container_type: 'TrialAuthorization', status: 0) + tip_exception(408, "您的试用申请正在审核中,请耐心等待") + end + tip_exception(407, "系统未授权") + end + end + + + # if current_user.certification != 1 && current_user.apply_actions.exists?(container_type: 'TrialAuthorization', status: 0) + # tip_exception(408, "您的试用申请正在审核中,请耐心等待") + # elsif (Time.now.to_i - day_cer.try(:created_at).to_i) < 86400 + # if !current_user.profile_completed? + # info_url = '/account/profile' + # tip_exception(402, info_url) + # elsif current_user.certification != 1 + # day_cer = UserDayCertification.find_by(user_id: current_user.id) + # tip_exception(407, "系统未授权") unless (Time.now.to_i - day_cer.try(:created_at).to_i) < 86400 + # end + # end + end + + def start_user_session(user) + session[:user_id] = user.id + session[:ctime] = Time.now.utc.to_i + session[:atime] = Time.now.utc.to_i + end + + def user_setup + # reacct静态资源加载不需要走这一步 + return if params[:controller] == "main" + # Find the current user + User.current = find_current_user + uid_logger("user_setup: " + (User.current.logged? ? "#{User.current.try(:login)} (id=#{User.current.try(:id)})" : "anonymous")) + + if !User.current.logged? && Rails.env.development? + User.current = User.find 12 + end + + # User.current = User.find 81403 + + if params[:debug] == 'teacher' #todo 为了测试,记得讲debug删除 + User.current = User.find 81403 + elsif params[:debug] == 'student' + User.current = User.find 8686 + elsif params[:debug] == 'admin' + User.current = User.find 1 + elsif params[:debug] + User.current = User.find_by_login params[:debug] + end + end + + # Sets the logged in user + def logged_user=(user) + reset_session + if user && user.is_a?(User) + User.current = user + start_user_session(user) + else + User.current = User.anonymous + end + end + + # Returns the current user or nil if no user is logged in + # and starts a session if needed + def find_current_user + uid_logger("user setup start: session[:user_id] is #{session[:user_id]}") + if session[:user_id] + # existing session + (User.active.find(session[:user_id]) rescue nil) + elsif autologin_user = try_to_autologin + autologin_user + elsif params[:format] == 'atom' && params[:key] && request.get? && accept_rss_auth? + # RSS key authentication does not start a session + User.find_by_rss_key(params[:key]) + end + end + + def autologin_cookie_name + edu_setting('autologin_cookie_name').presence || 'autologin' + end + + def try_to_autologin + if cookies[autologin_cookie_name] + # auto-login feature starts a new session + user = User.try_to_autologin(cookies[autologin_cookie_name]) + if user + start_user_session(user) + end + user + end + end + + def api_request? + %w(xml json).include? params[:format] + end + + def current_user + User.current + end + + ## 默认输出json + def render_json + respond_to do |format| + format.json + end + end + + ## 输出错误信息 + def error_status(message = nil) + @status = -1 + @message = message + end + + # 实训等对应的仓库地址 + def repo_ip_url(repo_path) + "#{edu_setting('git_address_ip')}/#{repo_path}" + end + + def repo_url(repo_path) + "#{edu_setting('git_address_domain')}/#{repo_path}" + end + + # 通关后,把最后一次成功的代码存到数据库 + # type 0 创始内容, 1 最新内容 + def game_passed_code(path, myshixun, game_id) + # 如果代码窗口是隐藏的,则不用保存代码 + return if myshixun.shixun.hide_code + file_content = git_fle_content myshixun.repo_path, path + unless file_content.present? + raise("获取文件代码异常") + end + game_code = GameCode.where(:game_id => game_id, :path => path).first + if game_code.nil? + GameCode.create!(:game_id => game_id, :new_code => file_content, :path => path) + else + game_code.update_attributes!(:new_code => file_content) + end + end + + # Post请求 + def uri_post(uri, params) + begin + uid_logger("--uri_exec: params is #{params}, url is #{uri}") + uri = URI.parse(URI.encode(uri.strip)) + res = Net::HTTP.post_form(uri, params).body + logger.info("--uri_exec: .....res is #{res}") + JSON.parse(res) + rescue Exception => e + uid_logger("--uri_exec: exception #{e.message}") + raise Educoder::TipException.new("实训平台繁忙(繁忙等级:84)") + end + end + + # 处理返回非0就报错的请求 + def interface_post(uri, params, status, message) + begin + uid_logger("--uri_exec: params is #{params}, url is #{uri}") + uri = URI.parse(URI.encode(uri.strip)) + res = Net::HTTP.post_form(uri, params).body + logger.info("--uri_exec: .....res is #{res}") + res = JSON.parse(res) + if (res && res['code'] != 0) + tip_exception(status, message) + else + res + end + rescue Exception => e + uid_logger("--uri_exec: exception #{e.message}") + raise Educoder::TipException.new("实训平台繁忙(繁忙等级:84)") + end + end + + # 适用与已经用url_safe编码后,回调字符串形式 + def tran_base64_decode64(str) + s_size = str.size % 4 + if s_size != 0 + str += "=" * (4 - s_size) + end + if str.blank? + str + else + Base64.decode64(str.tr("-_", "+/")).force_encoding("utf-8") + end + end + + def sucess_status(message = 'success') + render :json => { status: 1, message: message } + end + + # 随机生成字符 + def generate_identifier(container, num) + code = DCODES.sample(num).join + if container == User + while container.exists?(login: code) do + code = DCODES.sample(num).join + end + else + while container.exists?(identifier: code) do + code = DCODES.sample(num).join + end + end + code + end + + + # 实训主类别列表,自带描述 + def shixun_main_type + list = [] + mirrors = MirrorRepository.select([:id, :type_name]).published_main_mirror + mirrors.try(:each) do |mirror| + list << {id: mirror.id, type_name: mirror.type_name, description: mirror.try(:description)} + end + list + end + + # 小类别列表 + def shixun_small_type + list = [] + mirrors = MirrorRepository.select([:id, :type_name]).published_small_mirror + mirrors.try(:each) do |mirror| + list << {id: mirror.id, type_name: mirror.type_name} + end + list + end + + def container_limit(mirror_repositories) + container = [] + mirror_repositories.each do |mr| + if mr.name.present? + container << {:image => mr.name, :cpuLimit => mr.cpu_limit, :memoryLimit => "#{mr.memory_limit}M", :type => mr.try(:main_type) == "1" ? "main" : "sub"} + end + end + container.to_json + end + + # 实训中间层pod配置 + def shixun_container_limit shixun + container = [] + shixun.shixun_service_configs.each do |config| + mirror = config.mirror_repository + if mirror.name.present? + container << {:image => mirror.name, + :cpuLimit => config.cpu_limit, + :cpuRequest => config.lower_cpu_limit, + :memoryLimit => "#{config.memory_limit}M", + :memoryRequest => "#{config.request_limit}M", + :resourceLimit => "#{config.resource_limit}K", + :type => mirror.try(:main_type) == "1" ? "main" : "sub"} + end + end + container.to_json + end + + # 毕设任务列表的赛选 + def course_work(task, **option) + logger.info("#############{option}") + course = task.course + work_list = task.graduation_works.includes(user: [:user_extension]) + # 教师评阅搜索 0: 未评, 1 已评 + if option[:teacher_comment] + graduation_work_ids = GraduationWorkScore.where(graduation_work_id: work_list.map(&:id)).pluck(:graduation_work_id) + if option[:teacher_comment].zero? + work_list = work_list.where.not(id: graduation_work_ids) + elsif option[:teacher_comment] == 1 + work_list = work_list.where(id: graduation_work_ids).where.not(work_status: 0) + end + end + + # 作品状态 0: 未提交, 1 按时提交, 2 延迟提交 + if option[:task_status] + work_list = work_list.where(work_status: option[:task_status]) + end + + # 分班情况 + if option[:course_group] + group_user_ids = course.course_members.where(course_group_id: option[:course_group]).pluck(:user_id) + # 有分组只可能是老师身份查看列表 + work_list = work_list.where(user_id: group_user_ids) + end + + # 只看我的交叉评阅 + if option[:cross_comment] + graduation_work_id = task.graduation_work_comment_assignations.where(:user_id => current_user.id) + .pluck(:graduation_work_id).uniq if task.graduation_work_comment_assignations + work_list = work_list.where(id: graduation_work_id) + end + + # 输入姓名和学号搜索 + # TODO user_extension 如果修改 请调整 + if option[:search] + work_list = work_list.joins(user: :user_extension).where("concat(lastname, firstname) like ? + or student_id like ?", "%#{option[:search]}%", "%#{option[:search]}%") + end + + # 排序 + rorder = option[:order] || "updated_at" + b_order = option[:b_order] || "desc" + if rorder == "created_at" || rorder == "work_score" + work_list = work_list.order("graduation_works.#{rorder} #{b_order}") + elsif rorder == "student_id" + work_list = work_list.joins(user: :user_extension).order("user_extensions.#{rorder} #{b_order}") + end + work_list + end + + def strip_html(text, len=0, endss="...") + ss = "" + if !text.nil? && text.length>0 + ss=text.gsub(/<\/?.*?>/, '').strip + ss = ss.gsub(/ */, '') + ss = ss.gsub(/\r\n/,'') #新增 + ss = ss.gsub(/\n/,'') #新增 + if len > 0 && ss.length > len + ss = ss[0, len] + endss + elsif len > 0 && ss.length <= len + ss = ss + #ss = truncate(ss, :length => len) + end + end + ss + end + + # Returns a string that can be used as filename value in Content-Disposition header + def filename_for_content_disposition(name) + request.env['HTTP_USER_AGENT'] =~ %r{MSIE|Trident|Edge} ? ERB::Util.url_encode(name) : name + end + + def format_time(time) + time.blank? ? '' : time.strftime("%Y-%m-%d %H:%M") + end + + # 获取Oauth Client + def get_client(site) + client_id = Rails.configuration.educoder['client_id'] + client_secret = Rails.configuration.educoder['client_secret'] + + OAuth2::Client.new(client_id, client_secret, site: site) + end + + def paginate(relation) + limit = params[:limit].to_i.zero? ? 20 : params[:limit].to_i + page = params[:page].to_i.zero? ? 1 : params[:page].to_i + offset = (page - 1) * limit + + if relation.is_a?(Array) + relation[offset, limit] + else + relation.limit(limit).offset(offset) + end + end + + def strf_time(time) + time.blank? ? '' : time.strftime("%Y-%m-%d %H:%M:%S") + end + + def logger_error(error) + Rails.logger.error(error.message) + error.backtrace.each { |msg| Rails.logger.error(msg) } + end + + private + def object_not_found + uid_logger("Missing template or cant't find record, responding with 404") + render json: {message: "您访问的页面不存在或已被删除", status: 404} + false + end + + def tip_show(exception) + uid_logger("Tip show status is #{exception.status}, message is #{exception.message}") + render json: exception.tip_json + end + + def render_parameter_missing + render json: { status: -1, message: '参数缺失' } + end +end