diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 06e5dac30..1c26ec07e 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -177,6 +177,22 @@ class ApplicationController < ActionController::Base end end + def logged_user_by_apptoken + #从手机端传来apptoken则将当前登陆用户变为对应的用户 + if params[:apptoken] + token = ApiKey.where(access_token: params[:apptoken]).first + if token && !token.expired? + @current_user = User.find(token.user_id) + end + unless @current_user.nil? + self.logged_user = @current_user + if @current_user + @current_user.update_column(:last_login_on, Time.now) + end + end + end + end + # Logs out current user def logout_user if User.current.logged? diff --git a/app/controllers/courses_controller.rb b/app/controllers/courses_controller.rb index 8fae547c4..9b66c047f 100644 --- a/app/controllers/courses_controller.rb +++ b/app/controllers/courses_controller.rb @@ -17,6 +17,7 @@ class CoursesController < ApplicationController menu_item l(:label_sort_by_influence), :only => :index before_filter :can_show_course, :except => [] + before_filter :logged_user_by_apptoken,:only => [:show,:new_homework,:feedback] before_filter :find_course, :except => [ :index, :search,:list, :new,:join,:unjoin, :create, :copy, :statistics, :new_join, :course, :enterprise_course, :course_enterprise,:view_homework_attaches,:join_private_courses] before_filter :authorize_course, :only => [:show, :settings, :edit, :update, :modules, :close, :reopen, :view_homework_attaches, :course] before_filter :authorize_course_global, :only => [:view_homework_attaches, :new,:create] diff --git a/app/controllers/homework_attach_controller.rb b/app/controllers/homework_attach_controller.rb index 2c943e778..ba7e92467 100644 --- a/app/controllers/homework_attach_controller.rb +++ b/app/controllers/homework_attach_controller.rb @@ -6,7 +6,7 @@ class HomeworkAttachController < ApplicationController ############################### before_filter :can_show_course,except: [] #判断当前角色权限时需先找到当前操作的project - before_filter :find_course_by_bid_id, :only => [:new] + before_filter :logged_user_by_apptoken,:find_course_by_bid_id, :only => [:new] before_filter :find_bid_and_course,:only => [:get_not_batch_homework,:get_batch_homeworks,:get_homeworks,:get_homework_jours, :get_student_batch_homework, :get_my_homework] before_filter :find_course_by_hoemwork_id, :only => [:edit,:update,:destroy,:show,:add_homework_users,:destory_homework_users, :praise_homework] #判断当前角色是否有操作权限 diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 48c08e2fc..e6171bf81 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -19,6 +19,7 @@ class UsersController < ApplicationController layout :setting_layout #Added by young before_filter :auth_login1, :only => [:show, :user_activities, :user_newfeedback] + before_filter :logged_user_by_apptoken, :only => [:show,:user_newfeedback] menu_item :activity menu_item :user_information, :only => :info menu_item :user_course, :only => :user_courses