From b9e5c77b912acc5704f42a9475181a6889e1578d Mon Sep 17 00:00:00 2001
From: huang <huang.jingquan@163.com>
Date: Fri, 13 May 2016 18:02:06 +0800
Subject: [PATCH] =?UTF-8?q?=E8=B5=84=E6=BA=90500=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/users_controller.rb | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index e498ace44..2e1abdecf 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -2618,6 +2618,7 @@ class UsersController < ApplicationController
 
   # 获取我的资源
   def get_my_resources author_id, user_course_ids, user_project_ids, order, score
+    author_id = User.find_by_login(author_id).id
     attachments = Attachment.where("(author_id = #{author_id} and is_publish = 1 and container_id is not null and container_type in('OrgSubfield','Principal','Issue','Document','Message','News','StudentWorkScore','HomewCommon')) "+
                                        "or (container_type = 'Course'  and container_id in (#{user_course_ids.empty? ? '0': user_course_ids.join(',')}) and is_publish = 1 and container_id is not null)" +
                                        "or (container_type = 'Project'  and container_id in (#{user_project_ids.empty? ? '0': user_project_ids.join(',')}) and is_publish = 1 and container_id is not null)" ).order("#{order.nil? ? 'created_on' : order} #{score}")
@@ -2625,6 +2626,7 @@ class UsersController < ApplicationController
 
   # 获取我的资源查询结果
   def get_my_resources_search (author_id, user_course_ids, user_project_ids, order, score, search)
+    author_id = User.find_by_login(author_id).id
     @attachments = Attachment.where("((author_id = #{author_id} and is_publish = 1 and container_id is not null and container_type in('Project','OrgSubfield','Principal','Course','Issue','Document','Message','News','StudentWorkScore','HomewCommon')) "+
                                         "or (container_type = 'Course'  and container_id in (#{user_course_ids.empty? ? '0': user_course_ids.join(',')}) and is_publish = 1 and container_id is not null)" +
                                         "or (container_type = 'Project'  and container_id in (#{user_project_ids.empty? ? '0': user_project_ids.join(',')}) and is_publish = 1 and container_id is not null)) and (filename like :p)" ,:p => search).order("#{order.nil? ? 'created_on' : order} #{score}")
@@ -2632,6 +2634,7 @@ class UsersController < ApplicationController
 
   # 获取我的课程资源
   def get_course_resources author_id, user_course_ids, order, score
+    author_id = User.find_by_login(author_id).id
     attchments = Attachment.where("(author_id = #{author_id} and is_publish = 1 and container_id is not null and container_type = 'Course')"+
                                    "or (container_type = 'Course'  and container_id in (#{user_course_ids.empty? ? '0': user_course_ids.join(',')})
                                and is_publish = 1 and container_id is not null)" ).order("#{order.nil? ? 'created_on' : order} #{score}")
@@ -2639,6 +2642,7 @@ class UsersController < ApplicationController
 
   # 获取我的课程资源中搜索结果
   def get_course_resources_search author_id, user_course_ids, order, score, search
+    author_id = User.find_by_login(author_id).id
     attchments = Attachment.where("((author_id = #{author_id} and is_publish = 1 and container_id is not null and container_type = 'Course')"+
                                       "or (container_type = 'Course'  and container_id in (#{user_course_ids.empty? ? '0': user_course_ids.join(',')})
                                and is_publish = 1 and container_id is not null)) and (filename like :p)", :p => search ).order("#{order.nil? ? 'created_on' : order} #{score}")
@@ -2656,6 +2660,7 @@ class UsersController < ApplicationController
 
   # 获取我的项目资源
   def get_project_resources author_id, user_project_ids, order, score
+    author_id = User.find_by_login(author_id).id
     attchments = Attachment.where("(author_id = #{author_id} and is_publish = 1 and container_id is not null and container_type = 'Project') "+
                                    "or (container_type = 'Project'  and container_id in (#{user_project_ids.empty? ? '0': user_project_ids.join(',')})
                               and is_publish = 1 and container_id is not null)").order("#{order.nil? ? 'created_on' : order} #{score}")
@@ -2663,6 +2668,7 @@ class UsersController < ApplicationController
 
   # 获取我的项目资源搜索
   def get_project_resources_search author_id, user_project_ids, order, score, search
+    author_id = User.find_by_login(author_id).id
     attchments = Attachment.where("((author_id = #{author_id} and is_publish = 1 and container_id is not null and container_type = 'Project') "+
                                       "or (container_type = 'Project'  and container_id in (#{user_project_ids.empty? ? '0': user_project_ids.join(',')})
                               and is_publish = 1 and container_id is not null)) and (filename like :p)", :p => search ).order("#{order.nil? ? 'created_on' : order} #{score}")
@@ -2680,12 +2686,14 @@ class UsersController < ApplicationController
 
   # 获取我上传的附件
   def get_attch_resources author_id, order, score
+    author_id = User.find_by_login(author_id).id
     attchments = Attachment.where("(author_id = #{author_id} and is_publish = 1 and container_id is not null and container_type in('Project','OrgSubfield','Principal','Course','Issue',
                                'Document','Message','News','StudentWorkScore','HomewCommon'))").order("#{order.nil? ? 'created_on' : order} #{score}")
   end
 
   # 获取我上传的附件搜索结果
   def get_attch_resources_search author_id, order, score, search
+    author_id = User.find_by_login(author_id).id
     attchments = Attachment.where("(author_id = #{author_id} and is_publish = 1 and container_id is not null and container_type in('Project','OrgSubfield','Principal','Course','Issue',
                                'Document','Message','News','StudentWorkScore','HomewCommon')) and (filename like :p)", :p => search ).order("#{order.nil? ? 'created_on' : order} #{score}")
   end
@@ -2704,11 +2712,13 @@ class UsersController < ApplicationController
 
   # 获取我的用户类型资源
   def get_principal_resources author_id, order, score
+    author_id = User.find_by_login(author_id).id
     attchments = Attachment.where("author_id = #{author_id} and is_publish = 1 and container_id is not null and container_type = 'Principal'").order("#{order.nil? ? 'created_on' : order} #{score}")
   end
 
   # 获取我的用户类型资源搜索
   def get_principal_resources_search author_id, order, score, search
+    author_id = User.find_by_login(author_id).id
     attchments = Attachment.where("(author_id = #{author_id} and is_publish = 1 and container_id is not null and container_type = 'Principal') and (filename like :p)", :p => search).order("#{order.nil? ? 'created_on' : order} #{score}")
   end
 
@@ -2780,14 +2790,13 @@ class UsersController < ApplicationController
   # 导入资源
   def import_resources
     # 别人的资源库是没有权限去看的
-    user = User.find_by_login(params[:id])
-    if User.current != user
+    @user = User.find_by_login(params[:id])
+    if User.current != @user
       render_403
       return
     end
     @resource_id = params[:project_id].nil? ? (params[:course_id].nil? ? params[:subfield_file_id] : params[:course_id]) : params[:project_id]
     @resource_type = params[:project_id].nil? ? (params[:course_id].nil? ? "SubfieldFile" : "Course") : "Project"
-    @user = User.find(params[:id])
     @order, @b_sort = params[:order] || "created_on", params[:sort] || "asc"
     @score = @b_sort == "desc" ? "asc" : "desc"
     user_course_ids = User.current.courses.map { |c| c.is_delete == 0 && c.id}