From 98a055db69dcc504037f35f564ddcd6d004c4149 Mon Sep 17 00:00:00 2001 From: "sylor_huang@126.com" Date: Fri, 24 Apr 2020 09:45:42 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E9=99=84=E4=BB=B6=E5=8F=8A?= =?UTF-8?q?=E6=90=9C=E7=B4=A2=E5=8D=8F=E4=BD=9C=E8=80=85=E7=9A=84bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/attachments_controller.rb | 23 +++-------------------- app/models/attachment.rb | 6 +++--- app/models/user.rb | 2 +- 3 files changed, 7 insertions(+), 24 deletions(-) diff --git a/app/controllers/attachments_controller.rb b/app/controllers/attachments_controller.rb index 495b0dde4..8a32ba81b 100644 --- a/app/controllers/attachments_controller.rb +++ b/app/controllers/attachments_controller.rb @@ -177,31 +177,14 @@ class AttachmentsController < ApplicationController candown = true unless params[:type] == 'history' if @file.container && current_user.logged? - # 课堂资源、作业、毕设相关资源的权限判断 - if @file.container.is_a?(Course) - course = @file.container - candown = current_user.member_of_course?(course) || (course.is_public? && @file.publiced?) - elsif @file.container.is_a?(HomeworkCommon) || @file.container.is_a?(GraduationTask) || @file.container.is_a?(GraduationTopic) - course = @file.container&.course - candown = current_user.member_of_course?(course) - elsif @file.container.is_a?(StudentWork) - course = @file.container&.homework_common&.course - candown = current_user.member_of_course?(course) - elsif @file.container.is_a?(StudentWorksScore) - course = @file.container&.student_work&.homework_common&.course - candown = current_user.member_of_course?(course) - elsif @file.container.is_a?(GraduationWork) - course = @file.container&.graduation_task&.course - candown = current_user.member_of_course?(course) - elsif @file.container.is_a?(GraduationWorkScore) - course = @file.container&.graduation_work&.graduation_task&.course - candown = current_user.member_of_course?(course) - elsif @file.container.is_a?(Issue) + if @file.container.is_a?(Issue) course = @file.container.project candown = course.member?(current_user) elsif @file.container.is_a?(Journal) course = @file.container.issue.project candown = course.member?(current_user) + else + course = nil end tip_exception(403, "您没有权限进入") if course.present? && !candown tip_exception(403, "您没有权限进入") if @file.container.is_a?(ApplyUserAuthentication) diff --git a/app/models/attachment.rb b/app/models/attachment.rb index 553c1daf2..45ba882d0 100644 --- a/app/models/attachment.rb +++ b/app/models/attachment.rb @@ -6,11 +6,11 @@ class Attachment < ApplicationRecord belongs_to :container, polymorphic: true, optional: true belongs_to :author, class_name: "User", foreign_key: :author_id - belongs_to :course, foreign_key: :container_id, optional: true - has_many :attachment_group_settings, :dependent => :destroy + # belongs_to :course, foreign_key: :container_id, optional: true + # has_many :attachment_group_settings, :dependent => :destroy has_many :attachment_histories, -> { order(version: :desc) }, :dependent => :destroy # 二级目录 - belongs_to :course_second_category, optional: true + # belongs_to :course_second_category, optional: true scope :by_filename_or_user_name, -> (keywords) { joins(:author).where("filename like :search or LOWER(concat(users.lastname, users.firstname)) LIKE :search", :search => "%#{keywords.split(" ").join('|')}%") unless keywords.blank? } diff --git a/app/models/user.rb b/app/models/user.rb index f26fcb094..a093665f3 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -91,7 +91,7 @@ class User < ApplicationRecord # Groups and active users scope :active, lambda { where(status: STATUS_ACTIVE) } scope :like, lambda { |keywords| - where("LOWER(concat(lastname, firstname, login)) LIKE ?", "%#{keywords.split(" ").join('|')}%") unless keywords.blank? + where("LOWER(concat(lastname, firstname, login, mail)) LIKE ?", "%#{keywords.split(" ").join('|')}%") unless keywords.blank? } attr_accessor :password, :password_confirmation