修复: 判断工作项是否在组织内以及是否有组织的权限

app/jobs/change_issue_status_by_message_job.rb

@@ -7,6 +7,24 @@ class ChangeIssueStatusByMessageJob < ApplicationJob
   # Implement, Implements, Implemented, Implementing, implement, implements, implemented, implementing
   # 以上关键词后接 issue_id 例如：Closes #234 Closes #123, #245, #992
 
+
+  def get_pm_issue_data(user, org, pm_project_id, issue_id)
+    url = URI("#{EduSetting.get("pms_server_url")}/api/pms/#{org.login}/pmsProjectIssues/#{issue_id}?pmProjectId=#{pm_project_id}")
+
+
+    https = Net::HTTP.new(url.host, url.port)
+    https.use_ssl = true
+    request = Net::HTTP::Get.new(url)
+    request["Cookie"] = "autologin_trustie=#{Token.get_or_create_permanent_login_token(user, 'autologin')&.value}"
+    response = https.request(request)
+
+    puts response.read_body
+    return JSON.parse(response.read_body)['code'].to_i == 200
+  rescue 
+    return false
+  end
+
+
   def perform(commitsha, project, user, tag_issue_id_content, status_id=1)
     Rails.logger.info "需要操作的issue_id内容为 #{tag_issue_id_content}"
     tag_issue_id_content = tag_issue_id_content.gsub(/\s+/, '')
@@ -15,7 +33,8 @@ class ChangeIssueStatusByMessageJob < ApplicationJob
       issue = project.issues.issue_issue.where(project_issues_index: issue_id).where.not(id: issue_id).take || Issue.issue_issue.find_by_id(issue_id)
       next unless issue.present? # issue不存在 跳过
       next if issue.project.present? && !user.admin? && !issue.project.member?(user) # issue归属项目，用户没有修改issue的权限，跳过
-      next if issue.pm_project_id.present? && project.owner.is_a?(Organization) && !project.owner.is_member?(user.id) # issue是组织下工作项，不具备组织的访问权限，跳过
+      next if issue.pm_project_id.present? && !user.admin? && project.owner.is_a?(Organization) && get_pm_issue_data(user, project.owner, issue.pm_project_id, issue.id) # issue是组织下工作项，不具备组织的访问权限，跳过
+
       issue_project = issue.project || Project.new(id: 0, user_id: 0, name: 'pm_mm', identifier: 'pm_mm', is_public:true)
       if issue.pm_project_id.present?
         Api::Pm::Issues::UpdateService.call(issue_project, issue, {status_id: status_id}, user, "Project##{project.id}@#{commitsha}")

app/models/journal.rb

@@ -88,7 +88,7 @@ class Journal < ApplicationRecord
     if self.operate_by.starts_with?("Project#")
       project_id, commit_sha = self.operate_by.scan(/#(\d+).*?@(\w+)/)[0]
       project =Project.find_by_id(project_id)
-      return "通过<a href=\"#{Rails.application.config_for(:configuration)['platform_url']}/#{project&.owner&.login}/#{project&.identifier}/commits/#{commit_sha}\">#{project&.owner&.real_name}/#{project&.name} 提交 #{commit_sha[0...10]}</a>"
+      return "通过 #{project&.owner&.real_name}/#{project&.name} 提交 <a href=\"#{Rails.application.config_for(:configuration)['platform_url']}/#{project&.owner&.login}/#{project&.identifier}/commits/#{commit_sha}\">#{commit_sha[0...10]}</a>"
     end
   rescue 
     return ''