修改附件及搜索协作者的bug

6 years ago · 98a055db69
--- a/app/controllers/attachments_controller.rb
+++ b/app/controllers/attachments_controller.rb
@@ -177,31 +177,14 @@ class AttachmentsController < ApplicationController
      candown = true
      unless params[:type] == 'history'
        if @file.container && current_user.logged?
          # 课堂资源、作业、毕设相关资源的权限判断
          if @file.container.is_a?(Course)
            course = @file.container
            candown = current_user.member_of_course?(course) || (course.is_public? && @file.publiced?)
          elsif @file.container.is_a?(HomeworkCommon) || @file.container.is_a?(GraduationTask) || @file.container.is_a?(GraduationTopic)
            course = @file.container&.course
            candown = current_user.member_of_course?(course)
          elsif @file.container.is_a?(StudentWork)
            course = @file.container&.homework_common&.course
            candown = current_user.member_of_course?(course)
          elsif @file.container.is_a?(StudentWorksScore)
            course = @file.container&.student_work&.homework_common&.course
            candown = current_user.member_of_course?(course)
          elsif @file.container.is_a?(GraduationWork)
            course = @file.container&.graduation_task&.course
            candown = current_user.member_of_course?(course)
          elsif @file.container.is_a?(GraduationWorkScore)
            course = @file.container&.graduation_work&.graduation_task&.course
            candown = current_user.member_of_course?(course)
          elsif @file.container.is_a?(Issue)
          if @file.container.is_a?(Issue)
            course = @file.container.project
            candown = course.member?(current_user)
          elsif @file.container.is_a?(Journal)
            course = @file.container.issue.project
            candown = course.member?(current_user)
          else
            course = nil
          end
          tip_exception(403, "您没有权限进入") if course.present? && !candown
          tip_exception(403, "您没有权限进入") if @file.container.is_a?(ApplyUserAuthentication)
--- a/app/models/attachment.rb
+++ b/app/models/attachment.rb
@@ -6,11 +6,11 @@ class Attachment < ApplicationRecord

  belongs_to :container, polymorphic: true, optional: true
  belongs_to :author, class_name: "User", foreign_key: :author_id
  belongs_to :course, foreign_key: :container_id, optional: true
  has_many :attachment_group_settings, :dependent => :destroy
  # belongs_to :course, foreign_key: :container_id, optional: true
  # has_many :attachment_group_settings, :dependent => :destroy
  has_many :attachment_histories, -> { order(version: :desc) }, :dependent => :destroy
  # 二级目录
  belongs_to :course_second_category, optional: true
  # belongs_to :course_second_category, optional: true

  scope :by_filename_or_user_name,      -> (keywords) { joins(:author).where("filename like :search or LOWER(concat(users.lastname, users.firstname)) LIKE :search",
                                                        :search => "%#{keywords.split(" ").join('|')}%") unless keywords.blank? }
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -91,7 +91,7 @@ class User < ApplicationRecord
  # Groups and active users
  scope :active, lambda { where(status: STATUS_ACTIVE) }
  scope :like, lambda { |keywords|
    where("LOWER(concat(lastname, firstname, login)) LIKE ?", "%#{keywords.split(" ").join('|')}%") unless keywords.blank?
    where("LOWER(concat(lastname, firstname, login, mail)) LIKE ?", "%#{keywords.split(" ").join('|')}%") unless keywords.blank?
  }

  attr_accessor :password, :password_confirmation