管理员查看在线测验的权限

app/controllers/exercise_controller.rb

@@ -18,13 +18,13 @@ class ExerciseController < ApplicationController
     end_exercises.each do |exercise|
       exercise.update_column('exercise_status', 3)
     end
-    if @course.is_public == 0 && !User.current.member_of_course?(@course)
+    if @course.is_public == 0 && !(User.current.member_of_course?(@course)||User.current.admin?)
       render_403
       return
     end
     remove_invalid_exercise(@course)
     @is_teacher = User.current.allowed_to?(:as_teacher,@course)
-    if @is_teacher
+    if @is_teacher || User.current.admin?
       exercises = @course.exercises.order("created_at asc")
     else
       exercises = @course.exercises.where(:exercise_status => 2).order("created_at asc")
@@ -48,13 +48,13 @@ class ExerciseController < ApplicationController
     end_exercises.each do |exercise|
       exercise.update_column('exercise_status', 3)
     end
-    unless User.current.member_of_course?(@course)
+    unless User.current.member_of_course?(@course) || User.current.admin?
       render_403
       return
     end
     @exercise = Exercise.find params[:id]
     @is_teacher = User.current.allowed_to?(:as_teacher,@course) || User.current.admin?
-    if @exercise.exercise_status != 2 && (!User.current.allowed_to?(:as_teacher,@course) || User.current.admin?)
+    if @exercise.exercise_status != 2 && (!(User.current.allowed_to?(:as_teacher,@course) || User.current.admin?))
       render_403
       return
     end