From 43b204e0a7e9e6bfff082803377c748083f5449e Mon Sep 17 00:00:00 2001
From: sw <939547590@qq.com>
Date: Wed, 8 Oct 2014 15:06:29 +0800
Subject: [PATCH] =?UTF-8?q?1.=E4=BF=AE=E6=8A=A4=E8=AF=BE=E7=A8=8B=E4=BD=9C?=
 =?UTF-8?q?=E4=B8=9A=E7=BC=96=E8=BE=91=E9=A1=B5=E9=9D=A2=EF=BC=8C=E6=B2=A1?=
 =?UTF-8?q?=E6=9D=83=E9=99=90=E9=80=9A=E8=BF=87url=E8=AE=BF=E9=97=AE?=
 =?UTF-8?q?=E6=97=B6=E6=8A=A5=E9=94=99=E7=9A=84BUG=202.=E4=BF=AE=E5=A4=8D?=
 =?UTF-8?q?=E7=94=A8=E6=88=B7=E5=8F=AF=E9=80=9A=E8=BF=87url=E8=AE=BF?=
 =?UTF-8?q?=E9=97=AE=E8=AF=BE=E7=A8=8B=E9=85=8D=E7=BD=AE=E9=A1=B5=E9=9D=A2?=
 =?UTF-8?q?=E7=9A=84BUG?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/bids_controller.rb    |  2 +-
 app/controllers/courses_controller.rb | 13 +++++++++----
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/app/controllers/bids_controller.rb b/app/controllers/bids_controller.rb
index 047f7103e..7264c03ee 100644
--- a/app/controllers/bids_controller.rb
+++ b/app/controllers/bids_controller.rb
@@ -832,7 +832,7 @@ class BidsController < ApplicationController
       }
        end
     else
-      render 403
+      render_403
     end
   end
   
diff --git a/app/controllers/courses_controller.rb b/app/controllers/courses_controller.rb
index da527e552..945b8c514 100644
--- a/app/controllers/courses_controller.rb
+++ b/app/controllers/courses_controller.rb
@@ -216,10 +216,15 @@ class CoursesController < ApplicationController
   end
 
   def settings
-    @issue_custom_fields = IssueCustomField.sorted.all
-    @issue_category ||= IssueCategory.new
-    @member ||= @course.members.new
-    @trackers = Tracker.sorted.all
+    if User.current.allowed_to?(:as_teacher,@course)
+      @issue_custom_fields = IssueCustomField.sorted.all
+      @issue_category ||= IssueCategory.new
+      @member ||= @course.members.new
+      @trackers = Tracker.sorted.all
+    else
+      render_403
+    end
+
   end
 
   def create