diff --git a/app/api/mobile/apis/comments.rb b/app/api/mobile/apis/comments.rb new file mode 100644 index 000000000..fb6d01fb4 --- /dev/null +++ b/app/api/mobile/apis/comments.rb @@ -0,0 +1,22 @@ +#coding=utf-8 +module Mobile + module Apis + class Comments < Grape::API + resource :comments do + desc '课程通知评论' + params do + requires :token, type: String + requires :comment, type: String + end + post ':id' do + cs = CommentService.new + comments = cs.news_comments params,current_user + raise "create comments failed #{comments.errors.full_messages}" if comments.new_record? + present :data, comments, with: Mobile::Entities::Comment + present :status, 0 + end + + end + end + end +end \ No newline at end of file diff --git a/app/api/mobile/apis/courses.rb b/app/api/mobile/apis/courses.rb index 7c1aa5e7e..2e678bad4 100644 --- a/app/api/mobile/apis/courses.rb +++ b/app/api/mobile/apis/courses.rb @@ -188,10 +188,11 @@ module Mobile desc "课程通知列表" params do + optional :token, type: String end get ":course_id/news" do cs = CoursesService.new - news = cs.course_news_list params + news = cs.course_news_list params,current_user.nil? ? User.find(2):current_user present :data, news, with: Mobile::Entities::News present :status, 0 end diff --git a/app/api/mobile/entities/comment.rb b/app/api/mobile/entities/comment.rb new file mode 100644 index 000000000..803d0c6d0 --- /dev/null +++ b/app/api/mobile/entities/comment.rb @@ -0,0 +1,30 @@ +module Mobile + module Entities + class Comment < Grape::Entity + include Redmine::I18n + def self.comment_expose(field) + expose field do |f,opt| + if f.is_a?(Hash) && f.key?(field) + f[field] + elsif f.is_a?(::Comment) + if f.respond_to?(field) + if field == :created_on + format_time(f.send(field)) + else + f.send(field) + end + end + end + end + end + comment_expose :id + expose :author, using: Mobile::Entities::User do |c, opt| + if c.is_a? ::Comment + c.author + end + end + comment_expose :comments + comment_expose :created_on + end + end +end \ No newline at end of file diff --git a/app/api/mobile/entities/news.rb b/app/api/mobile/entities/news.rb index 7c77f8c82..406db59e4 100644 --- a/app/api/mobile/entities/news.rb +++ b/app/api/mobile/entities/news.rb @@ -34,7 +34,11 @@ module Mobile #评论数量 news_expose :comments_count #评论 - news_expose :comments + expose :comments, using: Mobile::Entities::Comment do |f, opt| + if f.is_a?(Hash) && f.key?(:comments) + f[:comments] + end + end end diff --git a/app/services/comment_service.rb b/app/services/comment_service.rb new file mode 100644 index 000000000..b6727a941 --- /dev/null +++ b/app/services/comment_service.rb @@ -0,0 +1,12 @@ +class CommentService + #评论 + def news_comments params,current_user + raise Unauthorized unless @news.commentable? + @news = News.find(params[:id]) + @comment = Comment.new + @comment.safe_attributes = params[:comment] + @comment.author = current_user + @news.comments << @comment + @comment + end +end \ No newline at end of file diff --git a/app/services/courses_service.rb b/app/services/courses_service.rb index 41b6f2c68..afd674610 100644 --- a/app/services/courses_service.rb +++ b/app/services/courses_service.rb @@ -106,11 +106,14 @@ class CoursesService end #课程通知列表 - def course_news_list params + def course_news_list params,current_user if params[:course_id] && @course==nil @course = Course.find(params[:course_id]) end - scope = @course ? @course.news.course_visible : News.course_visible + if current_user.nil? || !(current_user.admin? || @course.is_public == 1 || (@course.is_public == 0 && current_user.member_of_course?(@course))) + raise '403' + end + scope = @course ? @course.news.course_visible(current_user) : News.course_visible(current_user) news = [] scope.each do |n| news << {:title => n.title,:author_name => n.author.name,:author_id => n.author.id, :description => n.description,:created_on => format_time(n.created_on),:comments_count => n.comments_count}