forked from jasder/forgeplus
77 lines
2.2 KiB
Ruby
77 lines
2.2 KiB
Ruby
|
class CommonsController < ApplicationController
|
||
|
OBJECT_TYPE = %W[message journals_for_message]
|
||
|
|
||
|
before_action :require_login, :check_auth
|
||
|
before_action :validate_object_type
|
||
|
before_action :find_object
|
||
|
before_action :validate_power
|
||
|
|
||
|
def delete
|
||
|
begin
|
||
|
@object.destroy!
|
||
|
rescue Exception => e
|
||
|
uid_logger_error(e.message)
|
||
|
tip_exception(e.message)
|
||
|
raise ActiveRecord::Rollback
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def hidden
|
||
|
action(true)
|
||
|
end
|
||
|
|
||
|
def unhidden
|
||
|
action(false)
|
||
|
end
|
||
|
|
||
|
private
|
||
|
def find_object
|
||
|
begin
|
||
|
@object = params[:object_type].strip.classify.constantize.find params[:object_id]
|
||
|
rescue Exception => e
|
||
|
uid_logger_error(e.message)
|
||
|
tip_exception(e.message)
|
||
|
return
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def validate_object_type
|
||
|
return normal_status(2, "缺少object_id参数") if params[:object_id].blank?
|
||
|
return normal_status(2, "缺少object_type参数") if params[:object_type].blank?
|
||
|
return normal_status(2, "object_type参数格式错误") unless OBJECT_TYPE.include? params[:object_type].strip
|
||
|
end
|
||
|
|
||
|
def validate_power
|
||
|
code =
|
||
|
case params[:object_type].strip
|
||
|
when 'message'
|
||
|
if current_user.course_identity(@object.board.course) >= Course::STUDENT && @object.author != current_user
|
||
|
403
|
||
|
else
|
||
|
200
|
||
|
end
|
||
|
when 'journals_for_message'
|
||
|
course = @object&.jour_type.to_s == "StudentWorksScore" ? @object.jour&.student_work&.homework_common&.course : @object.jour&.course
|
||
|
if current_user.course_identity(course) >= Course::STUDENT && @object.user != current_user
|
||
|
403
|
||
|
else
|
||
|
200
|
||
|
end
|
||
|
else
|
||
|
current_user.admin_or_business? ? 200 : 403
|
||
|
end
|
||
|
return normal_status(code, "你没有权限操作!") if code == 403
|
||
|
end
|
||
|
|
||
|
def action(flag)
|
||
|
begin
|
||
|
@object.has_attribute?(:is_hidden) ? @object.update_attributes(:is_hidden => flag )
|
||
|
: @object.update_attributes(:hidden => flag )
|
||
|
rescue Exception => e
|
||
|
uid_logger_error(e.message)
|
||
|
tip_exception(e.message)
|
||
|
raise ActiveRecord::Rollback
|
||
|
end
|
||
|
end
|
||
|
end
|