检查班级创建者是否加入班级

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/service/impl/GroupServiceImpl.java

@@ -6,7 +6,11 @@ import cn.iselab.mooctest.site.dao.Task2CaseDao;
 import cn.iselab.mooctest.site.dao.Task2GroupDao;
 import cn.iselab.mooctest.site.data.AssignedCase;
 import cn.iselab.mooctest.site.models.*;
+import cn.iselab.mooctest.site.models.instancePermission.GroupPermission;
 import cn.iselab.mooctest.site.service.*;
+import cn.iselab.mooctest.site.service.instancePermission.GroupPermissionService;
+import cn.iselab.mooctest.site.web.exception.IllegalOperationException;
+import org.apache.shiro.SecurityUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
@@ -52,6 +56,9 @@ public class GroupServiceImpl implements GroupService {
     @Autowired
     private Task2CaseDao paper2CaseDao;
 
+    @Autowired
+    private GroupPermissionService groupPermissionService;
+
     @Override
     public List<Group> getGroupsByWorkerId(long workerId) {
         return groupDao.findGroupListByWorker(workerId);
@@ -123,6 +130,10 @@ public class GroupServiceImpl implements GroupService {
     @Override
     public Group joinGroup(long userId, Group group) {
 
+        String permission = userId + ":group:*:" + group.getId();
+        if(SecurityUtils.getSubject().isPermitted(new GroupPermission(permission))){
+            throw new IllegalOperationException("Cannot join Group YOU OWN!");
+        }
         if (group2WorkerDao.findByParticipantIdAndGroupId(userId, group.getId()) != null) {
             return group;
         }
@@ -135,6 +146,11 @@ public class GroupServiceImpl implements GroupService {
         group2Worker.setRecordCreateTime(new Timestamp(System.currentTimeMillis()));
         group2WorkerDao.save(group2Worker);
 
+        GroupPermission groupPermission=groupPermissionService.joinGroup(userId,group.getId());
+        if(groupPermission == null){
+            throw new IllegalOperationException("Can not create Group Permission!");
+        }
+
         return group;
     }
 
@@ -170,11 +186,19 @@ public class GroupServiceImpl implements GroupService {
 
     @Override
     public User addUserIntoGroup(long userId, long groupId) {
+        String permission = userId + ":group:*:" + groupId;
+        if(SecurityUtils.getSubject().isPermitted(new GroupPermission(permission))){
+            throw new IllegalOperationException("Cannot join Group YOU OWN!");
+        }
         Group2Worker group2Worker = new Group2Worker();
         group2Worker.setGroupId(groupId);
         group2Worker.setParticipantId(userId);
         group2Worker.setWorkerId(userId);
         group2WorkerDao.save(group2Worker);
+        GroupPermission groupPermission=groupPermissionService.joinGroup(userId,groupId);
+        if(groupPermission == null){
+            throw new IllegalOperationException("Can not create Group Permission!");
+        }
         return userService.findByUserId(userId);
     }
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/service/instancePermission/impl/GroupPermissionServiceImpl.java

@@ -63,10 +63,8 @@ public class GroupPermissionServiceImpl implements GroupPermissionService {
     public List<GroupPermission> getByUserIdAndInstanceId(Long userId, Long instanceId) {
         if (groupPermissionDao.findByUserIdAndInstanceId(userId, instanceId).size()!=0) {
             return groupPermissionDao.findByUserIdAndInstanceId(userId, instanceId);
-        } else if (groupPermissionDao.findByUserIdAndInstanceId(userId, instanceId).size()!=0) {
-            return groupPermissionDao.findByUserIdAndInstanceId(0L, instanceId);
         } else {
-            throw new UnauthorizedException("unauthorized");
+            return groupPermissionDao.findByUserIdAndInstanceId(0L, instanceId);
         }
     }
 }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/logic/impl/GroupLogicImpl.java

@@ -245,10 +245,6 @@ public class GroupLogicImpl extends BaseLogic implements GroupLogic {
                 throw new HttpBadRequestException("Manager[name=" + groupVO.getManagerName() +
                         "] is not manager of Group[id=" + groupVO.getId() + "]");
             }
-            GroupPermission groupPermission=groupPermissionService.joinGroup(userId,groupVO.getId());
-            if(groupPermission == null){
-                throw new IllegalOperationException("Can not create Group Permission!");
-            }
             return groupVOWrapper.wrap(groupService.joinGroup(userId, group));
         }else{
             throw new HttpBadRequestException("Captcha error");
@@ -400,10 +396,6 @@ public class GroupLogicImpl extends BaseLogic implements GroupLogic {
             throw new HttpForbiddenException("Group not allowed to join");
         }
 
-        GroupPermission groupPermission=groupPermissionService.joinGroup(userId,groupId);
-        if(groupPermission == null){
-            throw new IllegalOperationException("Can not create Group Permission!");
-        }
         return groupVOWrapper.wrap(groupService.joinGroup(userId, group));
     }