真的心累

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/configure/realm/ShiroRealm.java

@@ -142,7 +142,7 @@ public class ShiroRealm extends AuthorizingRealm {
         if (taskPermissions.size() == 0) {
             return false;
         }
-        if (!taskPermissions.stream().findAny().get().implies(taskPermission)) {
+        if (!taskPermissions.stream().anyMatch( p-> p.implies(taskPermission))) {
             return false;
         }
         return true;
@@ -153,7 +153,7 @@ public class ShiroRealm extends AuthorizingRealm {
         if (appPermissions.size() == 0) {
             return false;
         }
-        if (!appPermissions.stream().findAny().get().implies(appPermission)) {
+        if (!appPermissions.stream().anyMatch(p-> p.implies(appPermission))) {
             return false;
         }
         return true;
@@ -164,7 +164,7 @@ public class ShiroRealm extends AuthorizingRealm {
         if (casePermissions.size() == 0) {
             return false;
         }
-        if (!casePermissions.stream().findAny().get().implies(casePermission)) {
+        if (!casePermissions.stream().anyMatch(p-> p.implies(casePermission))) {
             return false;
         }
         return true;
@@ -175,7 +175,7 @@ public class ShiroRealm extends AuthorizingRealm {
         if (groupPermissions.size() == 0) {
             return false;
         }
-        if (!groupPermissions.stream().findAny().get().implies(groupPermission)) {
+        if (!groupPermissions.stream().anyMatch(p-> p.implies(groupPermission))) {
             return false;
         }
         return true;
@@ -186,7 +186,7 @@ public class ShiroRealm extends AuthorizingRealm {
         if (paperPermissions.size() == 0) {
             return false;
         }
-        if (!paperPermissions.stream().findAny().get().implies(paperPermission)) {
+        if (!paperPermissions.stream().anyMatch(p-> p.implies(paperPermission))) {
             return false;
         }
         return true;
@@ -197,7 +197,7 @@ public class ShiroRealm extends AuthorizingRealm {
         if (reportPermissions.size() == 0) {
             return false;
         }
-        if (!reportPermissions.stream().findAny().get().implies(reportPermission)) {
+        if (!reportPermissions.stream().anyMatch(p-> p.implies(reportPermission))) {
             return false;
         }
         return true;

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/dao/instancePermission/TaskPermissionDao.java

@@ -15,7 +15,8 @@ import java.util.List;
 @Transactional
 public interface TaskPermissionDao extends CrudRepository<TaskPermission, Long> {
 
-    @Query("SELECT tp FROM TaskPermission tp WHERE tp.userId = :userId OR tp.userId = 0")
+//    @Query("SELECT tp FROM TaskPermission tp WHERE tp.userId = :userId OR tp.userId = 0")
+    @Query("SELECT tp FROM TaskPermission tp WHERE tp.userId = :userId")
     List<TaskPermission> findByUserId(@Param("userId") Long userId);
 
     List<TaskPermission> findByInstanceId(Long instanceId);

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/Grade.java

@@ -14,15 +14,15 @@ public class Grade {
     private long id;
 
     @NotNull
-    @Column(name="workerID")
+    @Column(name="worker_id")
     private long workerId;
 
     @NotNull
-    @Column(name="caseID")
+    @Column(name="case_id")
     private long caseId;
 
     @NotNull
-    @Column(name="taskID")
+    @Column(name="task_id")
     private long taskId;
 
     private double sc;

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/instancePermission/AppPermission.java

@@ -89,9 +89,9 @@ public class AppPermission implements Permission {
 
     @Override
     public boolean implies(Permission p) {
-        if (!(p instanceof TaskPermission)) return false;
+        if (!(p instanceof AppPermission)) return false;
 
-        TaskPermission other = (TaskPermission) p;
+        AppPermission other = (AppPermission) p;
 
         boolean isImplies = true;
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/instancePermission/CasePermission.java

@@ -90,9 +90,9 @@ public class CasePermission implements Permission {
 
     @Override
     public boolean implies(Permission p) {
-        if (!(p instanceof TaskPermission)) return false;
+        if (!(p instanceof CasePermission)) return false;
 
-        TaskPermission other = (TaskPermission) p;
+        CasePermission other = (CasePermission) p;
 
         boolean isImplies = true;
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/instancePermission/GroupPermission.java

@@ -90,9 +90,9 @@ public class GroupPermission implements Permission {
 
     @Override
     public boolean implies(Permission p) {
-        if (!(p instanceof TaskPermission)) return false;
+        if (!(p instanceof GroupPermission)) return false;
 
-        TaskPermission other = (TaskPermission) p;
+        GroupPermission other = (GroupPermission) p;
 
         boolean isImplies = true;
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/instancePermission/PaperPermission.java

@@ -90,9 +90,9 @@ public class PaperPermission implements Permission {
 
     @Override
     public boolean implies(Permission p) {
-        if (!(p instanceof TaskPermission)) return false;
+        if (!(p instanceof PaperPermission)) return false;
 
-        TaskPermission other = (TaskPermission) p;
+        PaperPermission other = (PaperPermission) p;
 
         boolean isImplies = true;
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/instancePermission/ReportPermission.java

@@ -90,9 +90,9 @@ public class ReportPermission implements Permission {
 
     @Override
     public boolean implies(Permission p) {
-        if (!(p instanceof TaskPermission)) return false;
+        if (!(p instanceof ReportPermission)) return false;
 
-        TaskPermission other = (TaskPermission) p;
+        ReportPermission other = (ReportPermission) p;
 
         boolean isImplies = true;
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/instancePermission/TaskPermission.java

@@ -4,6 +4,7 @@ import org.apache.shiro.authz.Permission;
 
 import javax.persistence.*;
 import java.sql.Timestamp;
+import java.util.logging.Logger;
 
 /**
  * @author sean
@@ -93,6 +94,7 @@ public class TaskPermission implements Permission {
 
     @Override
     public boolean implies(Permission p) {
+
         if (!(p instanceof TaskPermission)) return false;
 
         TaskPermission other = (TaskPermission) p;

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/ctrl/PaperController.java

@@ -6,6 +6,7 @@ import cn.iselab.mooctest.site.common.web.StatusCode;
 import cn.iselab.mooctest.site.common.web.SuccessResult;
 import cn.iselab.mooctest.site.models.User;
 import cn.iselab.mooctest.site.models.instancePermission.PaperPermission;
+import cn.iselab.mooctest.site.models.instancePermission.TaskPermission;
 import cn.iselab.mooctest.site.web.data.PaperVO;
 import cn.iselab.mooctest.site.web.data.TargetKibugVO;
 import cn.iselab.mooctest.site.web.logic.PaperLogic;
@@ -40,9 +41,16 @@ public class PaperController {
     @RequestMapping(value= "api/paper/{paperId}", method = RequestMethod.GET)
     public PaperVO getPaperById(@PathVariable Long paperId, @RequestParam(value="examId", required=false) Long examId ) {
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
-        String permissionStr = user.getId().toString() + ":paper:view:" + examId.toString();
-        if (!SecurityUtils.getSubject().isPermitted(new PaperPermission(permissionStr))) {
-            throw new UnauthorizedException("unauthorized");
+        if(examId==null) {
+            String permissionStr = user.getId().toString() + ":paper:view:" + paperId.toString();
+            if (!SecurityUtils.getSubject().isPermitted(new PaperPermission(permissionStr))) {
+                throw new UnauthorizedException("unauthorized");
+            }
+        }else {
+            String permissionStr = user.getId().toString() + ":task:view:" + examId.toString();
+            if (!SecurityUtils.getSubject().isPermitted(new TaskPermission(permissionStr))) {
+                throw new UnauthorizedException("unauthorized");
+            }
         }
         return paperLogic.getPaperById(paperId,examId);
     }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/ctrl/fromDev/PluginController.java

@@ -19,7 +19,7 @@ public class PluginController extends BaseController{
     @Autowired
     PluginLogic pluginLogic;
 
-    @RequestMapping(value = UrlConstants.API_DEV + "/plugin/downloadSig", method = RequestMethod.GET)
+    @RequestMapping(value = UrlConstants.API_DEV + "plugin/downloadSig", method = RequestMethod.GET)
     public String getDownloadSignature(HttpServletRequest request) {
         String taskID = request.getParameter("taskID"),
                 workerID = request.getParameter("workerID"),
@@ -33,7 +33,7 @@ public class PluginController extends BaseController{
         }
     }
 
-    @RequestMapping(value =UrlConstants.API_DEV  + "/plugin/submitSig", method = RequestMethod.GET)
+    @RequestMapping(value =UrlConstants.API_DEV  + "plugin/submitSig", method = RequestMethod.GET)
     public String getSubmitSignature(HttpServletRequest request) {
         String taskID = request.getParameter("taskID"),
                 workerID = request.getParameter("workerID"),
@@ -46,7 +46,7 @@ public class PluginController extends BaseController{
         }
     }
 
-    @RequestMapping(value =UrlConstants.API_DEV + "/plugin/submitAnswersSig", method = RequestMethod.GET)
+    @RequestMapping(value =UrlConstants.API_DEV + "plugin/submitAnswersSig", method = RequestMethod.GET)
     public String getSubmitAnswersSignature(HttpServletRequest request) {
         String taskID = request.getParameter("taskID"),
                 workerID = request.getParameter("workerID"),
@@ -59,7 +59,7 @@ public class PluginController extends BaseController{
         }
     }
 
-    @RequestMapping(value =UrlConstants.API_DEV + "/plugin/grade", method = RequestMethod.POST)
+    @RequestMapping(value =UrlConstants.API_DEV + "plugin/grade", method = RequestMethod.POST)
     public boolean addGrade(@RequestBody AddGradeVO addGradeVO,
                             @RequestParam(name = "workerId") long workerId,
                             @RequestParam(name = "caseId") long caseId,
@@ -68,7 +68,7 @@ public class PluginController extends BaseController{
 
     }
 
-    @RequestMapping(value = "debug", method = RequestMethod.POST)
+    @RequestMapping(value = UrlConstants.API_DEV + "plugin/debug", method = RequestMethod.POST)
     public boolean addDebugGrade(@RequestParam(name = "score") double score,
                                  @RequestParam(name = "workerId") long workerId,
                                  @RequestParam(name = "caseId") long caseId,
@@ -76,7 +76,7 @@ public class PluginController extends BaseController{
         return pluginLogic.addDebugGrade(workerId,taskId,caseId,score);
     }
 
-    @RequestMapping(value =UrlConstants.API_DEV + "/plugin/version", method = RequestMethod.GET)
+    @RequestMapping(value =UrlConstants.API_DEV + "plugin/version", method = RequestMethod.GET)
     public String getVersion(@RequestParam(name = "area") String area) {
         return pluginLogic.getVersion(area);
     }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/ctrl/fromKibug/BugController.java

@@ -5,6 +5,7 @@ import cn.iselab.mooctest.site.common.web.ErrorResult;
 import cn.iselab.mooctest.site.common.web.ResponseMessage;
 import cn.iselab.mooctest.site.common.web.StatusCode;
 import cn.iselab.mooctest.site.common.web.SuccessResult;
+import cn.iselab.mooctest.site.models.User;
 import cn.iselab.mooctest.site.models.fromKibug.Bug;
 import cn.iselab.mooctest.site.models.fromKibug.CaseTake;
 import cn.iselab.mooctest.site.models.fromKibug.Report;
@@ -15,6 +16,7 @@ import cn.iselab.mooctest.site.service.fromKibug.ReportService;
 import cn.iselab.mooctest.site.web.data.fromKibug.BugVO;
 import cn.iselab.mooctest.site.web.exception.IllegalOperationException;
 import cn.iselab.mooctest.site.web.util.Converter;
+import org.apache.shiro.SecurityUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 
@@ -39,6 +41,9 @@ public class BugController {
 
     @RequestMapping(value= UrlConstants.API_KIBUG+"bug", method = RequestMethod.GET)
     public Map<String, Object> search(@RequestParam(name = "reportId", required = true) Long reportId) throws Exception {
+        User user=(User) SecurityUtils.getSubject().getSession().getAttribute("user");
+
+
         List<Bug> bugList = bugService.getBugsByReportId(reportId);
 
         List<BugVO> bugVoList = new ArrayList<>();