#1653 修改开启匿评之后，学生仍可以通过url进行作业的修改和删除

11 years ago · 64497b10e4
parent 192a2f8549
commit 64497b10e4
1 changed files with 4 additions and 2 deletions
--- a/app/controllers/homework_attach_controller.rb
+++ b/app/controllers/homework_attach_controller.rb
@ -305,7 +305,8 @@ class HomeworkAttachController < ApplicationController
  end

  def edit
-    if User.current.admin? || User.current.member_of_course?(@homework.bid.courses.first)
+    bid = @homework.bid
+    if (bid.comment_status == 0 || bid.open_anonymous_evaluation == 0) && (User.current.admin? || User.current.member_of_course?(bid.courses.first))
      get_homework_member @homework
    else
      render_403 :message => :notice_not_authorized
@ -337,7 +338,8 @@ class HomeworkAttachController < ApplicationController
  end

  def destroy
-    if User.current.admin? || User.current == @homework.user
+    bid = @homework.bid
+    if (bid.comment_status == 0 || bid.open_anonymous_evaluation == 0) && (User.current.admin? || User.current == @homework.user)
      if @homework.destroy
        #respond_to do |format|
        #  format.html { redirect_to course_for_bid_url @homework.bid }