init project

app/controllers/users/accounts_controller.rb

@@ -0,0 +1,23 @@
+class Users::AccountsController < Users::BaseAccountController
+  before_action :private_user_resources!
+
+  def show
+  end
+
+  def update
+    Users::UpdateAccountService.call(observed_user, update_params)
+
+    render 'show'
+  end
+
+  private
+
+  def observed_user
+    @_observed_user ||= (User.find_by_id(params[:id]) || User.find_by_login(params[:id]))
+  end
+
+  def update_params
+    params.permit(:nickname, :name, :show_realname, :gender, :location, :location_city,
+                  :identity, :student_id, :technical_title, :school_id, :department_id)
+  end
+end

app/controllers/users/auth_attachments_controller.rb

@@ -0,0 +1,39 @@
+class Users::AuthAttachmentsController < Users::BaseAccountController
+  before_action :private_user_resources!
+  before_action :convert_image!, only: [:create]
+
+  def create
+    image_temp_path = auth_image_path + 'temp' # 上传文件保存至临时文件，提交申请时再移到正常目录
+
+    File.delete(image_temp_path) if File.exist?(image_temp_path) # 删除之前的临时文件
+
+    Util.write_file(@image, image_temp_path)
+
+    render_ok
+  rescue StandardError => ex
+    logger_error(ex)
+    render_error('上传失败')
+  end
+
+  private
+
+  def convert_image!
+    max_size = EduSetting.get('upload_avatar_max_size') || 10 * 1024 * 1024 # 10M
+    if params[:image].class == ActionDispatch::Http::UploadedFile
+      @image = params[:image]
+      render_error('请上传文件') if @image.size.zero?
+      render_error('文件大小超过限制') if @image.size > max_size
+    else
+      image = params[:image].to_s.strip
+      return render_error('请上传正确的图片') if image.blank?
+      @image = Util.convert_base64_image(image, max_size: max_size)
+    end
+  rescue Base64ImageConverter::Error => ex
+    render_error(ex.message)
+  end
+
+  def auth_image_path
+    url_method = params[:type] == 'professional' ? :disk_professional_auth_filename : :disk_real_name_auth_filename
+    ApplicationController.helpers.send(url_method, observed_user.id)
+  end
+end

app/controllers/users/authentication_applies_controller.rb

@@ -0,0 +1,23 @@
+class Users::AuthenticationAppliesController < Users::BaseAccountController
+  before_action :private_user_resources!
+  before_action :check_account, only: [:create]
+
+  def create
+    Users::ApplyAuthenticationService.call(observed_user, create_params)
+    render_ok
+  rescue ApplicationService::Error => ex
+    render_error(ex.message)
+  end
+
+  def destroy
+    return render_error('已认证后不能撤销') if observed_user.authentication?
+    observed_user.process_real_name_apply&.revoke!
+    render_ok
+  end
+
+  private
+
+  def create_params
+    params.permit(:name, :show_realname, :gender, :id_number, :upload_image, attachment_ids: [])
+  end
+end

app/controllers/users/avatars_controller.rb

@@ -0,0 +1,33 @@
+class Users::AvatarsController < Users::BaseAccountController
+  before_action :private_user_resources!
+  before_action :convert_base64_image!, only: [:update]
+
+  def update
+    Util.write_file(@image, avatar_path)
+
+    # 首次上传头像
+    RewardGradeService.call(observed_user, container_id: observed_user.id, container_type: 'Avatar', score: 100)
+
+    render_ok(avatar_url: avatar_url)
+  rescue StandardError => ex
+    logger_error(ex)
+    render_error('修改失败')
+  end
+
+  private
+
+  def convert_base64_image!
+    max_size = EduSetting.get('upload_avatar_max_size')
+    @image = Util.convert_base64_image(params[:image].to_s.strip, max_size: max_size)
+  rescue Base64ImageConverter::Error => ex
+    render_error(ex.message)
+  end
+
+  def avatar_path
+    ApplicationController.helpers.disk_filename(observed_user.class, observed_user.id)
+  end
+
+  def avatar_url
+    ApplicationController.helpers.url_to_avatar(observed_user).to_s + "?#{Time.now.to_i}"
+  end
+end

app/controllers/users/banks_controller.rb

@@ -0,0 +1,40 @@
+class Users::BanksController < Users::BaseController
+  before_action :params_filter
+  def index
+    order = params[:order] || "updated_at"
+    sort = params[:sort] || "desc"
+    @banks = @object_type.classify.constantize.where(@object_filter)
+    @course_lists = CourseList.where(id: @banks.pluck(:course_list_id))
+    @banks = @banks.where(course_list_id: params[:tag_id]) unless params[:tag_id].blank?
+    @banks = @banks.order("#{order} #{sort}")
+    @banks_count = @banks.size
+  end
+
+  private
+
+  def params_filter
+    type = ["normal", "group", "poll", "exercise", "gtask", "gtopic"]
+    tip_exception("object_type类型不正确") unless type.include?(params[:object_type])
+    # HomeworkBank 普通、分组作业题库；ExerciseBank试卷、问卷题库；GtaskBank毕设选题题库；GtopicBank毕设任务题库；
+    case params[:object_type]
+    when 'normal'
+      @object_type = "HomeworkBank"
+      @object_filter = "homework_type = 1" # 普通作业
+    when 'group'
+      @object_type = "HomeworkBank"
+      @object_filter = "homework_type = 3" # 分组作业
+    when 'poll'
+      @object_type = "ExerciseBank"
+      @object_filter = "container_type = 'Poll'" # 问卷
+    when 'exercise'
+      @object_type = "ExerciseBank"
+      @object_filter = "container_type = 'Exercise'" # 试卷
+    when 'gtask'
+      @object_type = "GtaskBank"
+      @object_filter = nil
+    when 'gtopic'
+      @object_type = "GtopicBank"
+      @object_filter = nil
+    end
+  end
+end

app/controllers/users/base_account_controller.rb

@@ -0,0 +1,8 @@
+class Users::BaseAccountController < Users::BaseController
+  before_action :require_login
+
+  def observed_user
+    @_observed_user ||= (User.find_by_id(params[:account_id]) || User.find_by_login(params[:account_id]))
+  end
+
+end

app/controllers/users/base_controller.rb

@@ -0,0 +1,73 @@
+class Users::BaseController < ApplicationController
+
+  before_action :check_observed_user_exists!
+
+  helper_method :observed_logged_user?, :observed_user
+
+  def observed_user
+    @_observed_user ||= (User.find_by_id(params[:user_id]) || User.find_by_login(params[:user_id]))
+  end
+
+  def observed_logged_user?
+    observed_user.id == User.current&.id
+  end
+
+  private
+
+  def check_observed_user_exists!
+    return if observed_user.present?
+    render_not_found
+  end
+
+  def private_user_resources!
+    require_login
+    return if current_user.admin_or_business? || observed_logged_user?
+
+    render_forbidden
+  end
+
+  def require_teacher!
+    return if current_user.admin_or_business? || observed_user.is_teacher?
+
+    render_forbidden
+  end
+
+  def require_auth_teacher!
+    return if current_user.admin_or_business? || observed_user.certification_teacher?
+
+    render_forbidden
+  end
+
+  def page_value
+    params[:page].to_i <= 0 ? 1 : params[:page].to_i
+  end
+
+  def per_page_value
+    params[:per_page].to_i > 0 && params[:per_page].to_i <= 100 ? params[:per_page].to_i : 20
+  end
+  alias_method :limit_value, :per_page_value
+
+  def offset_value
+    (page_value - 1) * limit_value
+  end
+
+  def paginate(objs, **opts)
+    page     = page_value
+    per_page = per_page_value
+
+    unless opts[:special] && observed_logged_user?
+      if objs.is_a?(Array)
+        return Kaminari.paginate_array(objs).page(page).per(per_page)
+      else
+        return objs.page(page).per(per_page)
+      end
+    end
+
+    # note: 为实现第一页少一条记录，让前端放置新建入口
+    if page == 1
+      objs.limit(per_page - 1)
+    else
+      objs.limit(per_page).offset((page - 2) * per_page + per_page - 1)
+    end
+  end
+end

app/controllers/users/courses_controller.rb

@@ -0,0 +1,16 @@
+class Users::CoursesController < Users::BaseController
+  def index
+    courses = Users::CourseService.new(observed_user, query_params).call
+
+    courses = courses.where(id: current_laboratory.all_courses)
+
+    @count = courses.count
+    @courses = paginate(courses.includes(teacher: { user_extension: :school }), special: observed_user.is_teacher?)
+  end
+
+  private
+
+  def query_params
+    params.permit(:category, :status, :sort_direction)
+  end
+end

app/controllers/users/email_binds_controller.rb

@@ -0,0 +1,16 @@
+class Users::EmailBindsController < Users::BaseAccountController
+  before_action :private_user_resources!
+
+  def create
+    Users::BindEmailService.call(observed_user, create_params)
+    render_ok
+  rescue Users::BindEmailService::Error => ex
+    render_error(ex.message)
+  end
+
+  private
+
+  def create_params
+    params.permit(:email, :code)
+  end
+end

app/controllers/users/experience_records_controller.rb

@@ -0,0 +1,10 @@
+class Users::ExperienceRecordsController < Users::BaseController
+  before_action :private_user_resources!
+
+  def show
+    experiences = observed_user.experiences.where('score > 0')
+
+    @count = experiences.count
+    @experience_records = paginate(experiences.order(created_at: :desc))
+  end
+end

app/controllers/users/grade_records_controller.rb

@@ -0,0 +1,18 @@
+class Users::GradeRecordsController < Users::BaseController
+  before_action :private_user_resources!
+
+  def show
+    grades = observed_user.grades
+
+    type = params[:type].to_s.strip
+    grades =
+      case type
+      when 'income' then grades.where('score > 0')
+      when 'cost'   then grades.where('score < 0')
+      else grades
+      end
+
+    @count = grades.count
+    @grade_records = paginate(grades.order(created_at: :desc))
+  end
+end

app/controllers/users/interests_controller.rb

@@ -0,0 +1,28 @@
+class Users::InterestsController < Users::BaseController
+  skip_before_action :check_observed_user_exists!
+  before_action :require_login
+
+  def create
+    return render_forbidden if current_user.user_extension&.identity.present?
+    identity = params[:identity].to_s.strip
+
+    extension = current_user.user_extension || current_user.build_user_extension
+    return render_error('请选择职业') unless %w(teacher student professional).include?(identity)
+
+    # interest_ids = Array.wrap(params[:interest_ids]).map(&:to_i)
+    # return render_error('请选择兴趣') if interest_ids.blank?
+
+    ActiveRecord::Base.transaction do
+      extension.update_column(:identity, identity)
+
+      # 兴趣
+      # UserInterest.bulk_insert(:user_id, :repertoire_id) do |worker|
+      #   (Repertoire.pluck(:id) & interest_ids).each do |repertoire_id|
+      #     worker.add(user_id: current_user.id, repertoire_id: repertoire_id)
+      #   end
+      # end
+    end
+
+    render_ok
+  end
+end

app/controllers/users/open_users_controller.rb

@@ -0,0 +1,13 @@
+class Users::OpenUsersController < Users::BaseAccountController
+  def destroy
+    current_open_users.destroy!
+
+    render_ok
+  end
+
+  private
+
+  def current_open_users
+    @_current_third_party ||= observed_user.open_users.find(params[:id])
+  end
+end

app/controllers/users/passwords_controller.rb

@@ -0,0 +1,14 @@
+class Users::PasswordsController < Users::BaseAccountController
+  def update
+    Users::UpdatePasswordService.call(observed_user, update_params)
+    render_ok
+  rescue Users::UpdatePasswordService::Error => ex
+    render_error(ex.message)
+  end
+
+  private
+
+  def update_params
+    params.permit(:password, :old_password)
+  end
+end

app/controllers/users/phone_binds_controller.rb

@@ -0,0 +1,16 @@
+class Users::PhoneBindsController < Users::BaseAccountController
+  before_action :private_user_resources!
+
+  def create
+    Users::BindPhoneService.call(observed_user, create_params)
+    render_ok
+  rescue Users::BindPhoneService::Error => ex
+    render_error(ex.message)
+  end
+
+  private
+
+  def create_params
+    params.permit(:phone, :code)
+  end
+end

app/controllers/users/private_message_details_controller.rb

@@ -0,0 +1,26 @@
+class Users::PrivateMessageDetailsController < Users::BaseController
+  before_action :require_login
+  before_action :private_user_resources!
+
+  after_action :update_message_status, only: [:show]
+
+  helper_method :target_user
+
+  def show
+    messages = observed_user.private_messages.without_deleted.where(target: target_user)
+
+    @count    = messages.count
+    @messages = paginate messages.order(send_time: :desc).includes(sender: :user_extension)
+  end
+
+  private
+
+  def target_user
+    @_target_user ||= User.find(params[:target_id])
+  end
+
+  # 置为已读
+  def update_message_status
+    observed_user.private_messages.only_unread.where(target: target_user).update_all(status: 1)
+  end
+end

app/controllers/users/private_messages_controller.rb

@@ -0,0 +1,42 @@
+class Users::PrivateMessagesController < Users::BaseController
+  before_action :require_login
+  before_action :private_user_resources!
+  after_action :update_onclick_time!, only: [:index]
+
+  def index
+    @count = observed_user.private_messages.without_deleted.group(:target_id).count.count
+
+    subquery = observed_user.private_messages.without_deleted.order(send_time: :desc).to_sql
+    query = "SELECT subquery.*, COUNT(*) message_count FROM (#{subquery}) subquery "\
+            "GROUP BY subquery.target_id ORDER BY subquery.send_time desc LIMIT #{limit_value} OFFSET #{offset_value}"
+    @messages = PrivateMessage.select('*').from("(#{query}) AS query").includes(target: :user_extension)
+
+    observed_user.private_messages.only_unread.update_all(status: 1)
+  end
+
+  def create
+    receiver = User.find_by(id: params[:target_id])
+    return render_error('用户未找到') if receiver.blank?
+
+    @message = PrivateMessages::CreateService.call(observed_user, receiver, create_params)
+  rescue PrivateMessages::CreateService::Error => ex
+    render_error(ex.message)
+  end
+
+  def destroy
+    message = observed_user.private_messages.without_deleted.find(params[:id])
+    message.destroy!
+
+    render_ok
+  end
+
+  private
+
+  def update_onclick_time!
+    current_user.onclick_time.touch(:onclick_time)
+  end
+
+  def create_params
+    params.permit(:content)
+  end
+end

app/controllers/users/professional_auth_applies_controller.rb

@@ -0,0 +1,23 @@
+class Users::ProfessionalAuthAppliesController < Users::BaseAccountController
+  before_action :private_user_resources!
+  before_action :check_account, only: [:create]
+
+  def create
+    Users::ApplyProfessionalAuthService.call(observed_user, create_params)
+    render_ok
+  rescue Users::ApplyProfessionalAuthService::Error => ex
+    render_error(ex.message)
+  end
+
+  def destroy
+    return render_error('已认证后不能撤销') if observed_user.professional_certification?
+    observed_user.process_professional_apply&.revoke!
+    render_ok
+  end
+
+  private
+
+  def create_params
+    params.permit(:school_id, :department_id, :identity, :extra, :upload_image, attachment_ids: [])
+  end
+end

app/controllers/users/project_packages_controller.rb

@@ -0,0 +1,17 @@
+class Users::ProjectPackagesController < Users::BaseController
+
+  def index
+    packages = Users::ProjectPackageService.call(observed_user, query_params)
+
+    @count = packages.count
+    @packages = paginate(packages.includes(:project_package_category))
+
+    bidding_users = BiddingUser.where(project_package_id: @packages.map(&:id), user_id: observed_user.id)
+    bidding_users = bidding_users.group(:project_package_id).select(:project_package_id, :status)
+    @bidding_status_map = bidding_users.each_with_object({}) { |u, h| h[u.project_package_id] = u.status }
+  end
+
+  def query_params
+    params.permit(:category, :status, :sort_by, :sort_direction)
+  end
+end

app/controllers/users/projects_controller.rb

@@ -0,0 +1,25 @@
+class Users::ProjectsController < Users::BaseController
+  skip_before_action :check_observed_user_exists!, only: [:search]
+
+  def index
+    projects = Users::ProjectService.new(observed_user, query_params).call
+
+    @count = projects.count
+    @projects = paginate(projects.includes(:project_score, owner: { user_extension: :school }), special: observed_user.is_teacher?)
+  end
+
+  def search
+    query_params = { keyword: params[:keyword], category: 'manage' }
+    projects = Users::ProjectService.new(current_user, query_params).call
+
+    params[:limit] = params[:per_page].to_i.zero? ? 20 : params[:per_page].to_i
+    @count    = projects.count
+    @projects = paginate projects
+  end
+
+  private
+
+  def query_params
+    params.permit(:category, :status, :sort_direction)
+  end
+end

app/controllers/users/recent_contacts_controller.rb

@@ -0,0 +1,9 @@
+class Users::RecentContactsController < Users::BaseController
+  before_action :private_user_resources!
+
+  def index
+    contacts  = observed_user.recent_contacts.distinct
+    contacts = contacts.where(laboratory_id: current_laboratory.id) unless current_laboratory.main_site?
+    @contacts = contacts.order('private_messages.created_at DESC').limit(10).includes(:user_extension)
+  end
+end

app/controllers/users/subjects_controller.rb

@@ -0,0 +1,16 @@
+class Users::SubjectsController < Users::BaseController
+  def index
+    subjects = Users::SubjectService.new(observed_user, query_params).call
+
+    subjects = subjects.where(id: current_laboratory.subjects)
+
+    @count = subjects.count
+    @subjects = paginate(subjects.includes(:user, :repertoire), special: observed_user.is_teacher?)
+  end
+
+  private
+
+  def query_params
+    params.permit(:category, :status, :sort_direction)
+  end
+end

app/controllers/users/unread_message_infos_controller.rb

@@ -0,0 +1,12 @@
+class Users::UnreadMessageInfosController < Users::BaseController
+  before_action :private_user_resources!
+
+  def show
+    click_time = observed_user.click_time
+
+    unread_tiding_count  = observed_user.tidings.where('created_at > ?', click_time).count
+    unread_message_count = observed_user.private_messages.only_unread.group(:target_id).count.count
+
+    render_ok(unread_tiding_count: unread_tiding_count, unread_message_count: unread_message_count)
+  end
+end

app/controllers/users/video_auths_controller.rb

@@ -0,0 +1,26 @@
+class Users::VideoAuthsController < Users::BaseController
+  before_action :private_user_resources!, :check_account, :require_auth_teacher!
+
+  def create
+    result = Videos::CreateAuthService.call(observed_user, create_params)
+    render_ok(data: result)
+  rescue Videos::CreateAuthService::Error => ex
+    render_error(ex.message)
+  end
+
+  def update
+    video = observed_user.videos.find_by(uuid: params[:video_id])
+    return render_error('该视频凭证不存在') if video.blank?
+
+    result = AliyunVod::Service.refresh_upload_video(video.uuid)
+    render_ok(data: result)
+  rescue AliyunVod::Error => _
+    render_error('刷新上传凭证失败')
+  end
+
+  private
+
+  def create_params
+    params.permit(:title, :file_name, :file_size, :description, :cover_url)
+  end
+end

app/controllers/users/videos_controller.rb

@@ -0,0 +1,77 @@
+class Users::VideosController < Users::BaseController
+  before_action :private_user_resources!, :check_account
+  before_action :require_teacher!
+  before_action :require_auth_teacher!, except: [:index, :review]
+
+  helper_method :current_video
+
+  def index
+    videos = Users::VideoQuery.call(observed_user, search_params)
+
+    @count  = videos.count
+    @videos = paginate videos
+  end
+
+  def update
+    return render_error('该状态下不能编辑视频信息') unless (current_video.published? || current_video.course_videos.present?)
+
+    current_video.update!(title: params[:title])
+
+    AliyunVod::Service.update_video_info(current_video.uuid, Title: current_video.title) rescue nil
+  end
+
+  def cancel
+    video = observed_user.videos.find_by(uuid: params[:video_id])
+    return render_not_found if video.blank?
+    return render_error('该状态下不能删除视频') unless video.pending?
+
+    video.destroy!
+    AliyunVod::Service.delete_video([video.uuid]) rescue nil
+
+    render_ok
+  end
+
+  def review
+    params[:status] = 'processing'
+    videos = Users::VideoQuery.call(observed_user, params)
+
+    @count  = videos.count
+    @videos = paginate videos
+  end
+
+  def get_video_data
+    start_time = params[:start_time].to_time.utc.strftime('%Y-%m-%dT%H:%M:%SZ')
+    end_time = params[:end_time].to_time.utc.strftime('%Y-%m-%dT%H:%M:%SZ')
+    result = AliyunVod::Service.video_data(current_video.uuid, start_time, end_time)
+    render :json => {data: result}
+  end
+
+  def batch_publish
+    Videos::BatchPublishService.call(observed_user, batch_publish_params)
+    render_ok
+  rescue Videos::BatchPublishService::Error => ex
+    render_error(ex.message)
+  end
+
+  private
+
+  def current_video
+    @_current_video ||= observed_user.videos.find_by(id: params[:id])
+    if @_current_video.nil?
+      video = Video.find_by(id: params[:id])
+      if video.course_videos.present?
+        video
+      end
+    else
+      @_current_video
+    end
+  end
+
+  def search_params
+    params.permit(:keyword, :sort_by, :sort_direction)
+  end
+
+  def batch_publish_params
+    params.permit(videos: %i[video_id title course_id])
+  end
+end

app/controllers/users/watches_controller.rb

@@ -0,0 +1,28 @@
+class Users::WatchesController < Users::BaseController
+  before_action :require_login, :check_auth
+
+  def create
+    if observed_logged_user?
+      render_error('不能关注自己')
+      return
+    end
+
+    if current_user.watched?(observed_user)
+      render_ok
+      return
+    end
+
+    current_user.watch!(observed_user)
+    render_ok
+  end
+
+  def destroy
+    unless current_user.watched?(observed_user)
+      render_ok
+      return
+    end
+
+    current_user.unwatch!(observed_user)
+    render_ok
+  end
+end