Merge branch 'DEV' of git.mooctest.net:summer/main-site into DEV

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/configure/realm/ShiroRealm.java

@@ -138,6 +138,7 @@ public class ShiroRealm extends AuthorizingRealm {
     }
 
     private Boolean checkTaskPermission(TaskPermission taskPermission) {
+
         List<TaskPermission> taskPermissions = taskPermissionService.getByUserIdAndInstanceId(taskPermission.getUserId(),
                 taskPermission.getInstanceId());
         return taskPermissions.stream().anyMatch(tp -> tp.implies(taskPermission));
@@ -171,6 +172,7 @@ public class ShiroRealm extends AuthorizingRealm {
         List<ReportPermission> reportPermissions = reportPermissionService.getByUserIdAndInstanceId(reportPermission.getUserId(),
                 reportPermission.getInstanceId());
         return reportPermissions.stream().anyMatch(rp -> rp.implies(reportPermission));
+
     }
 }
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/dao/ContestMentorDao.java

@@ -0,0 +1,15 @@
+package cn.iselab.mooctest.site.dao;
+
+import cn.iselab.mooctest.site.models.ContestMentor;
+import org.springframework.data.repository.CrudRepository;
+
+import javax.transaction.Transactional;
+import java.util.List;
+
+/**
+ * Created by shanshan on 2017/8/1.
+ */
+@Transactional
+public interface ContestMentorDao  extends CrudRepository<ContestMentor, Long> {
+    List<ContestMentor> findByExamIdAndParticipantId(Long examId, Long userId);
+}

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/dao/ExamGroupUserDao.java

@@ -1,6 +1,7 @@
 package cn.iselab.mooctest.site.dao;
 
 import cn.iselab.mooctest.site.models.ExamGroupUser;
+import cn.iselab.mooctest.site.models.Task;
 import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
 import org.springframework.data.repository.PagingAndSortingRepository;
 
@@ -8,4 +9,5 @@ import org.springframework.data.repository.PagingAndSortingRepository;
  * Created by shanshan on 2017/7/25.
  */
 public interface ExamGroupUserDao extends PagingAndSortingRepository<ExamGroupUser, Long>,JpaSpecificationExecutor<ExamGroupUser> {
+    ExamGroupUser findByIdAndParticipantId(Long examId, Long participantId);
 }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/dao/GroupDao.java

@@ -26,6 +26,8 @@ public interface GroupDao extends PagingAndSortingRepository<Group, Long> {
     List<Group> findByManagerId(long managerId);
     List<Group> findByOwnerId(long ownerId);
 
+    Page<Group> findByOwnerId(long ownerId, Pageable pageable);
+
     List<Group> findByManagerIdAndName(long managerId, String name);
 
     int countByManagerId(long managerId);

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/dao/instancePermission/TaskPermissionDao.java

@@ -15,7 +15,8 @@ import java.util.List;
 @Transactional
 public interface TaskPermissionDao extends CrudRepository<TaskPermission, Long> {
 
-    @Query("SELECT tp FROM TaskPermission tp WHERE tp.userId = :userId OR tp.userId = 0")
+//    @Query("SELECT tp FROM TaskPermission tp WHERE tp.userId = :userId OR tp.userId = 0")
+    @Query("SELECT tp FROM TaskPermission tp WHERE tp.userId = :userId")
     List<TaskPermission> findByUserId(@Param("userId") Long userId);
 
     List<TaskPermission> findByInstanceId(Long instanceId);

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/ContestMentor.java

@@ -0,0 +1,29 @@
+package cn.iselab.mooctest.site.models;
+
+import lombok.Data;
+
+import javax.persistence.*;
+
+/**
+ * Created by shanshan on 2017/8/1.
+ */
+@Data
+@Entity
+@Table(name = "contest_mentor")
+public class ContestMentor {
+    @Id
+    @GeneratedValue
+    private Long id;
+
+    @Column(name = "participant_id")
+    private Long participantId;
+
+    @Column(name = "exam_id")
+    private Long examId;
+
+    @Column(name = "teacher_name")
+    private String teacherName;
+
+    @Column(name = "teacher_email")
+    private String teacherEmail;
+}

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/Grade.java

@@ -14,15 +14,15 @@ public class Grade {
     private long id;
 
     @NotNull
-    @Column(name="workerID")
+    @Column(name="worker_id")
     private long workerId;
 
     @NotNull
-    @Column(name="caseID")
+    @Column(name="case_id")
     private long caseId;
 
     @NotNull
-    @Column(name="taskID")
+    @Column(name="task_id")
     private long taskId;
 
     private double sc;

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/instancePermission/AppPermission.java

@@ -89,22 +89,22 @@ public class AppPermission implements Permission {
 
     @Override
     public boolean implies(Permission p) {
-        if (!(p instanceof TaskPermission)) return false;
+        if (!(p instanceof AppPermission)) return false;
 
-        TaskPermission other = (TaskPermission) p;
+        AppPermission other = (AppPermission) p;
 
         boolean isImplies = true;
 
         // ！（所有为True的情况） 这句很好理解我就不说明了。
 
-        if (!("*".equals(this.getOperation()) || this.getOperation().equals(other.getOperation()))) isImplies = false;
+        if (!("*".equals(this.getOperation()) || this.getOperation().contains(other.getOperation()))) isImplies = false;
 
         //注意这里的<是有点讲究的；如果你先让管理员可以修改自己这种非通常情况这里就可以使用<=
 
-        if (!("0".equals(this.getInstanceId()) || this.getInstanceId().equals(other.getInstanceId())))
+        if (!("0".equals(this.getInstanceId().toString()) || this.getInstanceId().equals(other.getInstanceId())))
             isImplies = false;
 
-        if (!("0".equals(this.getUserId()) || this.getUserId().equals(other.getUserId()))) isImplies = false;
+        if (!("0".equals(this.getUserId().toString()) || this.getUserId().equals(other.getUserId()))) isImplies = false;
 
         return isImplies;
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/instancePermission/CasePermission.java

@@ -90,22 +90,22 @@ public class CasePermission implements Permission {
 
     @Override
     public boolean implies(Permission p) {
-        if (!(p instanceof TaskPermission)) return false;
+        if (!(p instanceof CasePermission)) return false;
 
-        TaskPermission other = (TaskPermission) p;
+        CasePermission other = (CasePermission) p;
 
         boolean isImplies = true;
 
         // ！（所有为True的情况） 这句很好理解我就不说明了。
 
-        if (!("*".equals(this.getOperation()) || this.getOperation().equals(other.getOperation()))) isImplies = false;
+        if (!("*".equals(this.getOperation()) || this.getOperation().contains(other.getOperation()))) isImplies = false;
 
         //注意这里的<是有点讲究的；如果你先让管理员可以修改自己这种非通常情况这里就可以使用<=
 
-        if (!("0".equals(this.getInstanceId()) || this.getInstanceId().equals(other.getInstanceId())))
+        if (!("0".equals(this.getInstanceId().toString()) || this.getInstanceId().equals(other.getInstanceId())))
             isImplies = false;
 
-        if (!("0".equals(this.getUserId()) || this.getUserId().equals(other.getUserId()))) isImplies = false;
+        if (!("0".equals(this.getUserId().toString()) || this.getUserId().equals(other.getUserId()))) isImplies = false;
 
         return isImplies;
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/instancePermission/GroupPermission.java

@@ -90,22 +90,22 @@ public class GroupPermission implements Permission {
 
     @Override
     public boolean implies(Permission p) {
-        if (!(p instanceof TaskPermission)) return false;
+        if (!(p instanceof GroupPermission)) return false;
 
-        TaskPermission other = (TaskPermission) p;
+        GroupPermission other = (GroupPermission) p;
 
         boolean isImplies = true;
 
         // ！（所有为True的情况） 这句很好理解我就不说明了。
 
-        if (!("*".equals(this.getOperation()) || this.getOperation().equals(other.getOperation()))) isImplies = false;
+        if (!("*".equals(this.getOperation()) || this.getOperation().contains(other.getOperation()))) isImplies = false;
 
         //注意这里的<是有点讲究的；如果你先让管理员可以修改自己这种非通常情况这里就可以使用<=
 
-        if (!("0".equals(this.getInstanceId()) || this.getInstanceId().equals(other.getInstanceId())))
+        if (!("0".equals(this.getInstanceId().toString()) || this.getInstanceId().equals(other.getInstanceId())))
             isImplies = false;
 
-        if (!("0".equals(this.getUserId()) || this.getUserId().equals(other.getUserId()))) isImplies = false;
+        if (!("0".equals(this.getUserId().toString()) || this.getUserId().equals(other.getUserId()))) isImplies = false;
 
         return isImplies;
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/instancePermission/PaperPermission.java

@@ -90,22 +90,22 @@ public class PaperPermission implements Permission {
 
     @Override
     public boolean implies(Permission p) {
-        if (!(p instanceof TaskPermission)) return false;
+        if (!(p instanceof PaperPermission)) return false;
 
-        TaskPermission other = (TaskPermission) p;
+        PaperPermission other = (PaperPermission) p;
 
         boolean isImplies = true;
 
         // ！（所有为True的情况） 这句很好理解我就不说明了。
 
-        if (!("*".equals(this.getOperation()) || this.getOperation().equals(other.getOperation()))) isImplies = false;
+        if (!("*".equals(this.getOperation()) || this.getOperation().contains(other.getOperation()))) isImplies = false;
 
         //注意这里的<是有点讲究的；如果你先让管理员可以修改自己这种非通常情况这里就可以使用<=
 
-        if (!("0".equals(this.getInstanceId()) || this.getInstanceId().equals(other.getInstanceId())))
+        if (!("0".equals(this.getInstanceId().toString()) || this.getInstanceId().equals(other.getInstanceId())))
             isImplies = false;
 
-        if (!("0".equals(this.getUserId()) || this.getUserId().equals(other.getUserId()))) isImplies = false;
+        if (!("0".equals(this.getUserId().toString()) || this.getUserId().equals(other.getUserId()))) isImplies = false;
 
         return isImplies;
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/instancePermission/ReportPermission.java

@@ -90,22 +90,22 @@ public class ReportPermission implements Permission {
 
     @Override
     public boolean implies(Permission p) {
-        if (!(p instanceof TaskPermission)) return false;
+        if (!(p instanceof ReportPermission)) return false;
 
-        TaskPermission other = (TaskPermission) p;
+        ReportPermission other = (ReportPermission) p;
 
         boolean isImplies = true;
 
         // ！（所有为True的情况） 这句很好理解我就不说明了。
 
-        if (!("*".equals(this.getOperation()) || this.getOperation().equals(other.getOperation()))) isImplies = false;
+        if (!("*".equals(this.getOperation()) || this.getOperation().contains(other.getOperation()))) isImplies = false;
 
         //注意这里的<是有点讲究的；如果你先让管理员可以修改自己这种非通常情况这里就可以使用<=
 
-        if (!("0".equals(this.getInstanceId()) || this.getInstanceId().equals(other.getInstanceId())))
+        if (!("0".equals(this.getInstanceId().toString()) || this.getInstanceId().equals(other.getInstanceId())))
             isImplies = false;
 
-        if (!("0".equals(this.getUserId()) || this.getUserId().equals(other.getUserId()))) isImplies = false;
+        if (!("0".equals(this.getUserId().toString()) || this.getUserId().equals(other.getUserId()))) isImplies = false;
 
         return isImplies;
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/instancePermission/TaskPermission.java

@@ -4,6 +4,7 @@ import org.apache.shiro.authz.Permission;
 
 import javax.persistence.*;
 import java.sql.Timestamp;
+import java.util.logging.Logger;
 
 /**
  * @author sean
@@ -93,6 +94,7 @@ public class TaskPermission implements Permission {
 
     @Override
     public boolean implies(Permission p) {
+
         if (!(p instanceof TaskPermission)) return false;
 
         TaskPermission other = (TaskPermission) p;
@@ -101,14 +103,14 @@ public class TaskPermission implements Permission {
 
         // ！（所有为True的情况） 这句很好理解我就不说明了。
 
-        if (!("*".equals(this.getOperation()) || this.getOperation().equals(other.getOperation()))) isImplies = false;
+        if (!("*".equals(this.getOperation()) || this.getOperation().contains(other.getOperation()))) isImplies = false;
 
-        //注意这里的<是有点讲究的；如果你先让管理员可以修改自己这种非通常情况这里就可以使用<=
+        //注意这里的<是有点讲究的；如果你先让管理员可以修改自己这种非通常情况这里就可以使用<=666
 
-        if (!("0".equals(this.getInstanceId()) || this.getInstanceId().equals(other.getInstanceId())))
+        if (!("0".equals(this.getInstanceId().toString()) || this.getInstanceId().equals(other.getInstanceId())))
             isImplies = false;
 
-        if (!("0".equals(this.getUserId()) || this.getUserId().equals(other.getUserId()))) isImplies = false;
+        if (!("0".equals(this.getUserId().toString()) || this.getUserId().equals(other.getUserId()))) isImplies = false;
 
         return isImplies;
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/service/ContestService.java

@@ -2,6 +2,8 @@ package cn.iselab.mooctest.site.service;
 
 import cn.iselab.mooctest.site.data.ContestStatistics;
 import cn.iselab.mooctest.site.models.Contest;
+import cn.iselab.mooctest.site.models.ContestMentor;
+import cn.iselab.mooctest.site.web.data.EnterContestVO;
 
 import java.util.List;
 
@@ -21,4 +23,6 @@ public interface ContestService {
     String sycnStudentInfo();
 
     String sycnStudentArea();
+
+    List<ContestMentor> addContestMentor(Long examId, Long userId, List<EnterContestVO> enterContestVOs);
 }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/service/ExamService.java

@@ -17,6 +17,8 @@ public interface ExamService {
 
     Page<ExamGroupUser> getExamsByParticipantId(Long participantId, Byte type, Integer status, String keyword, Pageable pageable);
 
+    Task getExamByIdAndParticipantIdIfPermited(Long examId, Long participantId);
+
     Task createExam(Task exam, List<Long> groupIds);
 
     Task updateExam(Task exam);

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/service/GroupService.java

@@ -26,6 +26,8 @@ public interface GroupService {
     List<Group> getGroupsByManagerId(long managerId);
     List<Group> getGroupsByOwnerId(long ownerId);
 
+    Page<Group> getPageableGroupsByOwnerId(long ownerId,Pageable pageable);
+
     Page<Worker> getWorkersInGroup(long groupId, Pageable pageable);
 
     List<Worker> getWorkersByGroupId(long groupId);

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/service/impl/ContestServiceImpl.java

@@ -1,20 +1,23 @@
 package cn.iselab.mooctest.site.service.impl;
 
 import cn.iselab.mooctest.site.dao.ContestDao;
+import cn.iselab.mooctest.site.dao.ContestMentorDao;
 import cn.iselab.mooctest.site.dao.SignRecordDao;
 import cn.iselab.mooctest.site.dao.WorkerDao;
 import cn.iselab.mooctest.site.data.ContestStatistics;
 import cn.iselab.mooctest.site.models.Contest;
+import cn.iselab.mooctest.site.models.ContestMentor;
 import cn.iselab.mooctest.site.models.Worker;
 import cn.iselab.mooctest.site.models.SignRecord;
 import cn.iselab.mooctest.site.service.ContestService;
-import cn.iselab.mooctest.site.util.data.StringUtil;
-import com.google.common.collect.Lists;
+import cn.iselab.mooctest.site.web.data.EnterContestVO;
+import org.apache.commons.collections.IteratorUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.cache.annotation.Cacheable;
 import org.springframework.stereotype.Service;
 
+import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -34,6 +37,9 @@ public class ContestServiceImpl implements ContestService {
     @Autowired
     private SignRecordDao signRecordDao;
 
+    @Autowired
+    private ContestMentorDao contestMentorDao;
+
     @Override
     public List<Contest> findByYear(String year) {
         return contestDao.findByYear(year);
@@ -194,4 +200,19 @@ public class ContestServiceImpl implements ContestService {
         return "ok";
     }
 
+    @Override
+    public List<ContestMentor> addContestMentor(Long examId, Long userId, List<EnterContestVO> enterContestVOs) {
+        contestMentorDao.delete(contestMentorDao.findByExamIdAndParticipantId(examId,userId));
+        List<ContestMentor> contestMentors = new ArrayList<>();
+        enterContestVOs.stream().forEach(enterContestVO -> {
+            ContestMentor contestMentor = new ContestMentor();
+            contestMentor.setExamId(examId);
+            contestMentor.setParticipantId(userId);
+            contestMentor.setTeacherName(enterContestVO.getTeacherName());
+            contestMentor.setTeacherEmail(enterContestVO.getTeacherEmail());
+            contestMentors.add(contestMentor);
+        });
+        return IteratorUtils.toList(contestMentorDao.save(contestMentors).iterator());
+    }
+
 }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/service/impl/ExamSchedulerServiceImpl.java

@@ -42,7 +42,7 @@ public class ExamSchedulerServiceImpl implements ExamSchedulerService {
             return true;
         }
         return false;
-    };
+    }
 
     @Override
     public boolean cancelExamScheduler(Task task) {
@@ -53,7 +53,7 @@ public class ExamSchedulerServiceImpl implements ExamSchedulerService {
             return true;
         }
         return false;
-    };
+    }
 
     public String generateNextCronExp(Task task) {
         String cronExp = null;

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/service/impl/ExamServiceImpl.java

@@ -9,7 +9,9 @@ import cn.iselab.mooctest.site.models.*;
 import cn.iselab.mooctest.site.service.BaseService;
 import cn.iselab.mooctest.site.service.ExamService;
 import cn.iselab.mooctest.site.web.exception.HttpBadRequestException;
+import cn.iselab.mooctest.site.web.util.Converter;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.UnauthorizedException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Page;
 
@@ -53,6 +55,15 @@ public class ExamServiceImpl extends BaseService implements ExamService {
     }
 
     @Override
+    public Task getExamByIdAndParticipantIdIfPermited(Long examId, Long participantId) {
+        ExamGroupUser examGroupUser = examGroupUserDao.findByIdAndParticipantId(examId, participantId);
+        if(examGroupUser == null){
+            throw new UnauthorizedException("unauthorized");
+        }
+        return Converter.convert(Task.class, examGroupUser);
+    }
+
+    @Override
     public Task createExam(Task exam, List<Long> groupIds) {
         //eeee
         exam.setSubsiteId(SubsiteConstants.DEV_SUBSITE_ID);

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/service/impl/GroupServiceImpl.java

@@ -6,7 +6,11 @@ import cn.iselab.mooctest.site.dao.Task2CaseDao;
 import cn.iselab.mooctest.site.dao.Task2GroupDao;
 import cn.iselab.mooctest.site.data.AssignedCase;
 import cn.iselab.mooctest.site.models.*;
+import cn.iselab.mooctest.site.models.instancePermission.GroupPermission;
 import cn.iselab.mooctest.site.service.*;
+import cn.iselab.mooctest.site.service.instancePermission.GroupPermissionService;
+import cn.iselab.mooctest.site.web.exception.IllegalOperationException;
+import org.apache.shiro.SecurityUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
@@ -52,6 +56,9 @@ public class GroupServiceImpl implements GroupService {
     @Autowired
     private Task2CaseDao paper2CaseDao;
 
+    @Autowired
+    private GroupPermissionService groupPermissionService;
+
     @Override
     public List<Group> getGroupsByWorkerId(long workerId) {
         return groupDao.findGroupListByWorker(workerId);
@@ -90,6 +97,11 @@ public class GroupServiceImpl implements GroupService {
         return groupList;
     }
 
+    @Override
+    public Page<Group> getPageableGroupsByOwnerId(long ownerId, Pageable pageable) {
+        return groupDao.findByOwnerId(ownerId,pageable);
+    }
+
     public List<Group> getGroupsByExamIdAndParticipantId(long examId, long participantId) {
         return groupDao.findByExamIdAndParticipantId(examId, participantId);
     }
@@ -118,6 +130,10 @@ public class GroupServiceImpl implements GroupService {
     @Override
     public Group joinGroup(long userId, Group group) {
 
+        String permission = userId + ":group:*:" + group.getId();
+        if(SecurityUtils.getSubject().isPermitted(new GroupPermission(permission))){
+            throw new IllegalOperationException("Cannot join Group YOU OWN!");
+        }
         if (group2WorkerDao.findByParticipantIdAndGroupId(userId, group.getId()) != null) {
             return group;
         }
@@ -130,6 +146,11 @@ public class GroupServiceImpl implements GroupService {
         group2Worker.setRecordCreateTime(new Timestamp(System.currentTimeMillis()));
         group2WorkerDao.save(group2Worker);
 
+        GroupPermission groupPermission=groupPermissionService.joinGroup(userId,group.getId());
+        if(groupPermission == null){
+            throw new IllegalOperationException("Can not create Group Permission!");
+        }
+
         return group;
     }
 
@@ -165,11 +186,19 @@ public class GroupServiceImpl implements GroupService {
 
     @Override
     public User addUserIntoGroup(long userId, long groupId) {
+        String permission = userId + ":group:*:" + groupId;
+        if(SecurityUtils.getSubject().isPermitted(new GroupPermission(permission))){
+            throw new IllegalOperationException("Cannot join Group YOU OWN!");
+        }
         Group2Worker group2Worker = new Group2Worker();
         group2Worker.setGroupId(groupId);
         group2Worker.setParticipantId(userId);
         group2Worker.setWorkerId(userId);
         group2WorkerDao.save(group2Worker);
+        GroupPermission groupPermission=groupPermissionService.joinGroup(userId,groupId);
+        if(groupPermission == null){
+            throw new IllegalOperationException("Can not create Group Permission!");
+        }
         return userService.findByUserId(userId);
     }
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/service/instancePermission/impl/AppPermissionServiceImpl.java

@@ -40,9 +40,9 @@ public class AppPermissionServiceImpl implements AppPermissionService {
     @Override
     public List<AppPermission> getByUserIdAndInstanceId(Long id, Long instanceId) {
 
-        if (appPermissionDao.findByUserIdAndInstanceId(id, instanceId) != null) {
+        if (appPermissionDao.findByUserIdAndInstanceId(id, instanceId).size() != 0) {
             return appPermissionDao.findByUserIdAndInstanceId(id, instanceId);
-        } else if (appPermissionDao.findByUserIdAndInstanceId(0L, instanceId) != null) {
+        } else if (appPermissionDao.findByUserIdAndInstanceId(0L, instanceId).size() != 0) {
             return appPermissionDao.findByUserIdAndInstanceId(0L, instanceId);
         } else {
             throw new UnauthorizedException("unauthorized");

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/service/instancePermission/impl/CasePermissionServiceImpl.java

@@ -27,9 +27,9 @@ public class CasePermissionServiceImpl implements CasePermissionService {
 
     @Override
     public List<CasePermission> getByUserIdAndInstanceId(Long userId, Long instanceId) {
-        if (casePermissionDao.findByUserIdAndInstanceId(userId, instanceId) != null) {
+        if (casePermissionDao.findByUserIdAndInstanceId(userId, instanceId).size() != 0) {
             return casePermissionDao.findByUserIdAndInstanceId(userId, instanceId);
-        } else if (casePermissionDao.findByUserIdAndInstanceId(0L, instanceId) != null) {
+        } else if (casePermissionDao.findByUserIdAndInstanceId(0L, instanceId).size() != 0) {
             return casePermissionDao.findByUserIdAndInstanceId(0L, instanceId);
         } else {
             throw new UnauthorizedException("unauthorized");

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/service/instancePermission/impl/GroupPermissionServiceImpl.java

@@ -61,12 +61,10 @@ public class GroupPermissionServiceImpl implements GroupPermissionService {
 
     @Override
     public List<GroupPermission> getByUserIdAndInstanceId(Long userId, Long instanceId) {
-        if (groupPermissionDao.findByUserIdAndInstanceId(userId, instanceId) != null) {
+        if (groupPermissionDao.findByUserIdAndInstanceId(userId, instanceId).size()!=0) {
             return groupPermissionDao.findByUserIdAndInstanceId(userId, instanceId);
-        } else if (groupPermissionDao.findByUserIdAndInstanceId(userId, instanceId) != null) {
-            return groupPermissionDao.findByUserIdAndInstanceId(0L, instanceId);
         } else {
-            throw new UnauthorizedException("unauthorized");
+            return groupPermissionDao.findByUserIdAndInstanceId(0L, instanceId);
         }
     }
 }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/service/instancePermission/impl/PaperPermissionServiceImpl.java

@@ -52,9 +52,9 @@ public class PaperPermissionServiceImpl implements PaperPermissionService {
 
     @Override
     public List<PaperPermission> getByUserIdAndInstanceId(Long userId, Long instanceId) {
-        if (paperPermissionDao.findByUserIdAndInstanceId(userId, instanceId) != null) {
+        if (paperPermissionDao.findByUserIdAndInstanceId(userId, instanceId).size()!=0) {
             return paperPermissionDao.findByUserIdAndInstanceId(userId, instanceId);
-        } else if (paperPermissionDao.findByUserIdAndInstanceId(0L, instanceId) != null) {
+        } else if (paperPermissionDao.findByUserIdAndInstanceId(0L, instanceId).size() != 0) {
             return paperPermissionDao.findByUserIdAndInstanceId(0L, instanceId);
         } else {
             throw new UnauthorizedException("unauthorized");

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/service/instancePermission/impl/ReportPermissionServiceImpl.java

@@ -52,9 +52,9 @@ public class ReportPermissionServiceImpl implements ReportPermissionService {
     @Override
     public List<ReportPermission> getByUserIdAndInstanceId(Long userId, Long instanceId) {
 
-        if (reportPermissionDao.findByUserIdAndInstanceId(userId, instanceId) != null) {
+        if (reportPermissionDao.findByUserIdAndInstanceId(userId, instanceId).size() !=0) {
             return reportPermissionDao.findByUserIdAndInstanceId(userId, instanceId);
-        } else if (reportPermissionDao.findByUserIdAndInstanceId(0L, userId) != null) {
+        } else if (reportPermissionDao.findByUserIdAndInstanceId(0L, userId).size() !=0) {
             return reportPermissionDao.findByUserIdAndInstanceId(0L, instanceId);
         } else {
             throw new UnauthorizedException("unauthorized");

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/service/instancePermission/impl/TaskPermissionServiceImpl.java

@@ -83,12 +83,10 @@ public class TaskPermissionServiceImpl extends BaseService implements TaskPermis
 
     @Override
     public List<TaskPermission> getByUserIdAndInstanceId(Long userId, Long instanceId) {
-        if (taskPermissionDao.findByUserIdAndInstanceId(userId, instanceId) != null) {
+        if (taskPermissionDao.findByUserIdAndInstanceId(userId, instanceId).size() != 0) {
             return taskPermissionDao.findByUserIdAndInstanceId(userId, instanceId);
-        } else if (taskPermissionDao.findByUserIdAndInstanceId(0L, instanceId) != null) {
+        } else{
             return taskPermissionDao.findByUserIdAndInstanceId(0L, instanceId);
-        } else {
-            throw new UnauthorizedException("unauthorized");
         }
     }
 }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/ctrl/CaseController.java

@@ -10,7 +10,9 @@ import cn.iselab.mooctest.site.dao.fromKibug.CaseFromKibugDao;
 import cn.iselab.mooctest.site.models.*;
 import cn.iselab.mooctest.site.models.fromKibug.Application;
 import cn.iselab.mooctest.site.models.fromKibug.CaseFromKibug;
+import cn.iselab.mooctest.site.models.instancePermission.TaskPermission;
 import cn.iselab.mooctest.site.models.instancePermission.CasePermission;
+import cn.iselab.mooctest.site.service.ExamService;
 import cn.iselab.mooctest.site.util.http.RequestUtils;
 import cn.iselab.mooctest.site.web.data.CaseExtendsVO;
 import cn.iselab.mooctest.site.web.data.CaseVO;
@@ -45,6 +47,8 @@ public class CaseController extends BaseController {
 
     @Autowired
     private CaseLogic caseLogic;
+    @Autowired
+    private ExamService examService;
 
     //obsoleted
     @RequestMapping(value = UrlConstants.API_MANAGER + "case/public", method = RequestMethod.GET)
@@ -136,10 +140,10 @@ public class CaseController extends BaseController {
     public List<CaseExtendsVO> getCasesForExam(@PathVariable @NotNull Long paperId,@PathVariable @NotNull Long examId) throws Exception {
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
         String permissionStr = user.getId().toString() + ":task:view:" + examId.toString();
-        if (!SecurityUtils.getSubject().isPermitted(new CasePermission(permissionStr))) {
-            throw new UnauthorizedException("unauthorized");
+        if (!SecurityUtils.getSubject().isPermitted(new TaskPermission(permissionStr))) {
+            examService.getExamByIdAndParticipantIdIfPermited(examId,user.getId());
         }
-        return caseLogic.getCasesForExam(paperId,examId,user.getName());
+        return caseLogic.getCasesForExam(paperId,examId,user.getId());
     }
 
     //--------------------------------------------case 数据迁移---------------------------------------------------------------

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/ctrl/ContestController.java

@@ -1,9 +1,12 @@
 package cn.iselab.mooctest.site.web.ctrl;
 
 import cn.iselab.mooctest.site.common.constant.UrlConstants;
+import cn.iselab.mooctest.site.models.User;
 import cn.iselab.mooctest.site.util.http.RequestUtils;
 import cn.iselab.mooctest.site.web.data.ContestVO;
+import cn.iselab.mooctest.site.web.data.EnterContestVO;
 import cn.iselab.mooctest.site.web.logic.ContestLogic;
+import org.apache.shiro.SecurityUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 
@@ -19,6 +22,12 @@ public class ContestController {
     @Autowired
     private ContestLogic contestLogic;
 
+    @RequestMapping(value = UrlConstants.API + "contest/enter/{contestId}", method = RequestMethod.POST)
+    public List<EnterContestVO> enterContest(@PathVariable("contestId") Long contestId, @RequestBody List<EnterContestVO> enterContestVOs) {
+        User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
+        return contestLogic.enterContest(contestId,user.getId(),enterContestVOs);
+    }
+
     @RequestMapping(value = UrlConstants.API_COMMON + "contest/{year:\\d+}", method = RequestMethod.GET)
     public List<ContestVO> get(@PathVariable("year") String year) {
         return contestLogic.findByYear(year);

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/ctrl/ExamController.java

@@ -78,11 +78,13 @@ public class ExamController extends BaseController {
     public ExamVO getExamById(@PathVariable Long examId) {
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
         String permissionStr = user.getId().toString() + ":task:view:" + examId.toString();
+        boolean isOwner = SecurityUtils.getSubject().isPermitted(new TaskPermission(permissionStr));
 
-        if (!SecurityUtils.getSubject().isPermitted(new TaskPermission(permissionStr))) {
-            throw new UnauthorizedException("unauthorized");
+        if (isOwner) {
+            return examLogic.getExamById(examId);
+        }else {
+             return examLogic.getExamByIdAndParticipantIdIfPermited(examId,user.getId());
         }
-        return examLogic.getExamById(examId);
     }
 
     @RequiresPermissions("task:create")

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/ctrl/GroupController.java

@@ -2,6 +2,7 @@ package cn.iselab.mooctest.site.web.ctrl;
 
 import cn.iselab.mooctest.site.common.constant.UrlConstants;
 import cn.iselab.mooctest.site.models.User;
+import cn.iselab.mooctest.site.models.instancePermission.GroupPermission;
 import cn.iselab.mooctest.site.util.http.RequestUtils;
 import cn.iselab.mooctest.site.web.data.GroupVO;
 import cn.iselab.mooctest.site.web.data.UserVO;
@@ -11,6 +12,9 @@ import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authz.UnauthorizedException;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.PageRequest;
+import org.springframework.data.domain.Pageable;
 import org.springframework.web.bind.annotation.*;
 
 import javax.servlet.http.HttpServletRequest;
@@ -36,9 +40,24 @@ public class GroupController extends BaseController {
     @RequiresPermissions("groups:view")
     @RequestMapping(value = UrlConstants.API + "group", method = RequestMethod.GET)
     public List<GroupVO> getOwnerGroups(@RequestParam(value = "ownerId", required = false) Long ownerId) {
+        ownerId = ((User)SecurityUtils.getSubject().getSession().getAttribute("User")).getId();
         return groupLogic.getOwnerGroups(ownerId);
     }
 
+    @RequiresPermissions("groups:view")
+    @RequestMapping(value = UrlConstants.API + "pageableGroup", method = RequestMethod.GET)
+    public Page<GroupVO> getOwnerGroups(@RequestParam(value = "ownerId", required = false) Long ownerId,HttpServletRequest request) {
+        ownerId = ((User)SecurityUtils.getSubject().getSession().getAttribute("User")).getId();
+        String activePage = request.getHeader("activePage");
+        String rowsOnPage = request.getHeader("rowsOnPage");
+        if(activePage == null || rowsOnPage == null) {
+            throw new IllegalArgumentException("缺少分页信息");
+        }
+        Pageable pageable = new PageRequest(Integer.parseInt(activePage) - 1, Integer.parseInt(rowsOnPage));
+        return groupLogic.getPageableGroups(ownerId,pageable);
+    }
+
+
     @RequiresPermissions("group:create")
     @RequestMapping(value = UrlConstants.API + "group", method = RequestMethod.POST)
     public GroupVO createGroup(@RequestBody GroupVO groupVO){
@@ -50,7 +69,7 @@ public class GroupController extends BaseController {
     public GroupVO getManagerGroupDetail(@PathVariable("id") long groupId) {
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
         String permission = user.getId() + ":group:view:" + groupId;
-        if(!SecurityUtils.getSubject().isPermitted(permission)) {
+        if(!SecurityUtils.getSubject().isPermitted(new GroupPermission(permission))) {
             throw new UnauthorizedException("unauthorized");
         }
         return groupLogic.getGroupDetail(groupId);
@@ -61,7 +80,7 @@ public class GroupController extends BaseController {
     public List<UserVO> getManagerWorkersInGroup(@PathVariable("id") long groupId) {
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
         String permission = user.getId() + ":group:view:" + groupId;
-        if(!SecurityUtils.getSubject().isPermitted(permission)) {
+        if(!SecurityUtils.getSubject().isPermitted(new GroupPermission(permission))) {
             throw new UnauthorizedException("unauthorized");
         }
         return groupLogic.getManagerWorkersInGroup(groupId);
@@ -72,7 +91,7 @@ public class GroupController extends BaseController {
     public UserVO addUserToGroup(@PathVariable("id") long groupId,@RequestBody UserVO userVO){
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
         String permission = user.getId() + ":group:update:" + groupId;
-        if(!SecurityUtils.getSubject().isPermitted(permission)) {
+        if(!SecurityUtils.getSubject().isPermitted(new GroupPermission(permission))) {
             throw new UnauthorizedException("unauthorized");
         }
         return groupLogic.addUserIntoGroup(userVO.getUserName(),groupId);
@@ -133,7 +152,7 @@ public class GroupController extends BaseController {
     public GroupVO updateAllowJoin(@PathVariable("groupId") long groupId){
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
         String permission = user.getId() + ":group:update:" + groupId;
-        if(!SecurityUtils.getSubject().isPermitted(permission)) {
+        if(!SecurityUtils.getSubject().isPermitted(new GroupPermission(permission))) {
             throw new UnauthorizedException("unauthorized");
         }
         return groupLogic.updateAllowJoin(groupId);
@@ -162,6 +181,12 @@ public class GroupController extends BaseController {
         return groupLogic.deleteUserFromGroup(userId,groupId);
     }
 
+    @RequestMapping(value = UrlConstants.API + "group/{groupId:\\d+}/user", method = RequestMethod.DELETE)
+    public UserVO deleteMyselfFromGroup(@PathVariable("groupId") long groupId){
+        Long userId = ((User)SecurityUtils.getSubject().getSession().getAttribute("User")).getId();
+        return groupLogic.deleteUserFromGroup(userId,groupId);
+    }
+
     @RequestMapping(value = UrlConstants.API_WORKER + "group/{id:\\d+}", method = RequestMethod.GET)
     public GroupVO getGroupByWorkerId(HttpServletRequest request, @PathVariable("id")long id){
         long workerId = RequestUtils.getWorkerId(request);

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/ctrl/PaperController.java

@@ -6,6 +6,7 @@ import cn.iselab.mooctest.site.common.web.StatusCode;
 import cn.iselab.mooctest.site.common.web.SuccessResult;
 import cn.iselab.mooctest.site.models.User;
 import cn.iselab.mooctest.site.models.instancePermission.PaperPermission;
+import cn.iselab.mooctest.site.models.instancePermission.TaskPermission;
 import cn.iselab.mooctest.site.web.data.PaperVO;
 import cn.iselab.mooctest.site.web.data.TargetKibugVO;
 import cn.iselab.mooctest.site.web.logic.PaperLogic;
@@ -40,7 +41,7 @@ public class PaperController {
     @RequestMapping(value= "api/paper/{paperId}", method = RequestMethod.GET)
     public PaperVO getPaperById(@PathVariable Long paperId, @RequestParam(value="examId", required=false) Long examId ) {
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
-        String permissionStr = user.getId().toString() + ":paper:view:" + examId.toString();
+        String permissionStr = user.getId().toString() + ":paper:view:" + paperId.toString();
         if (!SecurityUtils.getSubject().isPermitted(new PaperPermission(permissionStr))) {
             throw new UnauthorizedException("unauthorized");
         }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/ctrl/fromDev/PluginController.java

@@ -19,7 +19,7 @@ public class PluginController extends BaseController{
     @Autowired
     PluginLogic pluginLogic;
 
-    @RequestMapping(value = UrlConstants.API_DEV + "/plugin/downloadSig", method = RequestMethod.GET)
+    @RequestMapping(value = UrlConstants.API_DEV + "plugin/downloadSig", method = RequestMethod.GET)
     public String getDownloadSignature(HttpServletRequest request) {
         String taskID = request.getParameter("taskID"),
                 workerID = request.getParameter("workerID"),
@@ -33,7 +33,7 @@ public class PluginController extends BaseController{
         }
     }
 
-    @RequestMapping(value =UrlConstants.API_DEV  + "/plugin/submitSig", method = RequestMethod.GET)
+    @RequestMapping(value =UrlConstants.API_DEV  + "plugin/submitSig", method = RequestMethod.GET)
     public String getSubmitSignature(HttpServletRequest request) {
         String taskID = request.getParameter("taskID"),
                 workerID = request.getParameter("workerID"),
@@ -46,7 +46,7 @@ public class PluginController extends BaseController{
         }
     }
 
-    @RequestMapping(value =UrlConstants.API_DEV + "/plugin/submitAnswersSig", method = RequestMethod.GET)
+    @RequestMapping(value =UrlConstants.API_DEV + "plugin/submitAnswersSig", method = RequestMethod.GET)
     public String getSubmitAnswersSignature(HttpServletRequest request) {
         String taskID = request.getParameter("taskID"),
                 workerID = request.getParameter("workerID"),
@@ -59,7 +59,7 @@ public class PluginController extends BaseController{
         }
     }
 
-    @RequestMapping(value =UrlConstants.API_DEV + "/plugin/grade", method = RequestMethod.POST)
+    @RequestMapping(value =UrlConstants.API_DEV + "plugin/grade", method = RequestMethod.POST)
     public boolean addGrade(@RequestBody AddGradeVO addGradeVO,
                             @RequestParam(name = "workerId") long workerId,
                             @RequestParam(name = "caseId") long caseId,
@@ -68,7 +68,7 @@ public class PluginController extends BaseController{
 
     }
 
-    @RequestMapping(value = "debug", method = RequestMethod.POST)
+    @RequestMapping(value = UrlConstants.API_DEV + "plugin/debug", method = RequestMethod.POST)
     public boolean addDebugGrade(@RequestParam(name = "score") double score,
                                  @RequestParam(name = "workerId") long workerId,
                                  @RequestParam(name = "caseId") long caseId,
@@ -76,7 +76,7 @@ public class PluginController extends BaseController{
         return pluginLogic.addDebugGrade(workerId,taskId,caseId,score);
     }
 
-    @RequestMapping(value =UrlConstants.API_DEV + "/plugin/version", method = RequestMethod.GET)
+    @RequestMapping(value =UrlConstants.API_DEV + "plugin/version", method = RequestMethod.GET)
     public String getVersion(@RequestParam(name = "area") String area) {
         return pluginLogic.getVersion(area);
     }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/ctrl/fromKibug/BugController.java

@@ -5,9 +5,11 @@ import cn.iselab.mooctest.site.common.web.ErrorResult;
 import cn.iselab.mooctest.site.common.web.ResponseMessage;
 import cn.iselab.mooctest.site.common.web.StatusCode;
 import cn.iselab.mooctest.site.common.web.SuccessResult;
+import cn.iselab.mooctest.site.models.User;
 import cn.iselab.mooctest.site.models.fromKibug.Bug;
 import cn.iselab.mooctest.site.models.fromKibug.CaseTake;
 import cn.iselab.mooctest.site.models.fromKibug.Report;
+import cn.iselab.mooctest.site.models.instancePermission.ReportPermission;
 import cn.iselab.mooctest.site.service.fromKibug.BugService;
 import cn.iselab.mooctest.site.service.fromKibug.KibugCaseService;
 import cn.iselab.mooctest.site.service.fromKibug.KibugTaskService;
@@ -15,6 +17,9 @@ import cn.iselab.mooctest.site.service.fromKibug.ReportService;
 import cn.iselab.mooctest.site.web.data.fromKibug.BugVO;
 import cn.iselab.mooctest.site.web.exception.IllegalOperationException;
 import cn.iselab.mooctest.site.web.util.Converter;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authz.AuthorizationException;
+import org.apache.shiro.authz.UnauthorizedException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 
@@ -39,6 +44,11 @@ public class BugController {
 
     @RequestMapping(value= UrlConstants.API_KIBUG+"bug", method = RequestMethod.GET)
     public Map<String, Object> search(@RequestParam(name = "reportId", required = true) Long reportId) throws Exception {
+        User user=(User) SecurityUtils.getSubject().getSession().getAttribute("User");
+        String permissionStr=user.getId().toString()+ ":report:view:" +reportId.toString();
+        if(!SecurityUtils.getSubject().isPermitted(new ReportPermission(permissionStr))){
+            throw new UnauthorizedException("unauthorized");
+        }
         List<Bug> bugList = bugService.getBugsByReportId(reportId);
 
         List<BugVO> bugVoList = new ArrayList<>();
@@ -52,6 +62,12 @@ public class BugController {
 
     @RequestMapping(value= UrlConstants.API_KIBUG+"bug", method = RequestMethod.POST)
     public Map<String, Object> create(@RequestBody @NotNull BugVO vo) throws Exception {
+        User user=(User) SecurityUtils.getSubject().getSession().getAttribute("User");
+        String permissionStr=user.getId().toString()+ ":report:edit:" +String.valueOf(vo.getReportId());
+        if(!SecurityUtils.getSubject().isPermitted(new ReportPermission(permissionStr))){
+            throw new UnauthorizedException("unauthorized");
+        }
+
         vo.validate();
         Report report = reportService.getReport(Long.valueOf(vo.getReportId()));
         if (report == null) {
@@ -74,6 +90,11 @@ public class BugController {
     @RequestMapping(value= UrlConstants.API_KIBUG+"bug/{bugId}", method = RequestMethod.GET)
     public Map<String, Object> get(@PathVariable @NotNull Long bugId) throws Exception {
         Bug bug = bugService.getBugById(bugId);
+        User user=(User) SecurityUtils.getSubject().getSession().getAttribute("User");
+        String permissionStr=user.getId().toString()+ ":report:view:" +String.valueOf(bug.getReportId());
+        if(!SecurityUtils.getSubject().isPermitted(new ReportPermission(permissionStr))){
+            throw new UnauthorizedException("unauthorized");
+        }
         SuccessResult successResult = new SuccessResult();
         if (bug != null) {
             BugVO vo = Converter.convert(BugVO.class, bug);
@@ -85,6 +106,11 @@ public class BugController {
     @RequestMapping(value= UrlConstants.API_KIBUG+"bug/{bugId}", method = RequestMethod.PUT)
     public Map<String, Object> update(@PathVariable @NotNull Long bugId,
                                       @RequestBody @NotNull BugVO vo) throws Exception {
+        User user=(User) SecurityUtils.getSubject().getSession().getAttribute("User");
+        String permissionStr=user.getId().toString()+ ":report:edit:" +String.valueOf(vo.getReportId());
+        if(!SecurityUtils.getSubject().isPermitted(new ReportPermission(permissionStr))){
+            throw new UnauthorizedException("unauthorized");
+        }
         Report report = reportService.getReport(Long.valueOf(vo.getReportId()));
         if (report == null) {
             throw new IllegalOperationException("update bug error,report not exists");
@@ -102,6 +128,11 @@ public class BugController {
     @RequestMapping(value= UrlConstants.API_KIBUG+"bug/{bugId}", method = RequestMethod.DELETE)
     public Map<String, Object> deleteBug(@PathVariable @NotNull Long bugId) throws Exception {
         Bug bug = bugService.getBugById(bugId);
+        User user=(User) SecurityUtils.getSubject().getSession().getAttribute("User");
+        String permissionStr=user.getId().toString()+ ":report:edit:" +String.valueOf(bug.getReportId());
+        if(!SecurityUtils.getSubject().isPermitted(new ReportPermission(permissionStr))){
+            throw new UnauthorizedException("unauthorized");
+        }
         SuccessResult successResult = new SuccessResult();
         bugService.deleteBug(bugId);
         return successResult;

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/ctrl/fromKibug/ReportController.java

@@ -14,6 +14,8 @@ import cn.iselab.mooctest.site.models.fromKibug.CaseTake;
 import cn.iselab.mooctest.site.models.fromKibug.ManagerScore;
 import cn.iselab.mooctest.site.models.fromKibug.Report;
 import cn.iselab.mooctest.site.models.fromKibug.ScriptAutoResult;
+import cn.iselab.mooctest.site.models.instancePermission.ReportPermission;
+import cn.iselab.mooctest.site.models.instancePermission.TaskPermission;
 import cn.iselab.mooctest.site.service.AssignedTaskService;
 import cn.iselab.mooctest.site.service.CaseService;
 import cn.iselab.mooctest.site.service.fromKibug.KibugCaseService;
@@ -61,7 +63,7 @@ public class ReportController {
                                          @RequestParam(name = "taskId", required = false) Long taskId, HttpServletRequest request) throws Exception {
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
         String permissionStr = user.getId().toString() + ":task:score:" + taskId.toString();
-        if (!SecurityUtils.getSubject().isPermitted(permissionStr)) {
+        if (!SecurityUtils.getSubject().isPermitted(new TaskPermission(permissionStr))) {
             throw new UnauthorizedException("unauthorized");
         }
 
@@ -86,7 +88,7 @@ public class ReportController {
                                  @RequestParam(name = "workerId", required = false) Long workerId, HttpServletRequest request) throws Exception {
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
         String permissionStr = user.getId().toString() + ":task:score:" + taskId.toString();
-        if (!SecurityUtils.getSubject().isPermitted(permissionStr)) {
+        if (!SecurityUtils.getSubject().isPermitted(new TaskPermission(permissionStr))) {
             throw new UnauthorizedException("unauthorized");
         }
 
@@ -103,7 +105,7 @@ public class ReportController {
 
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
         String permissionStr = user.getId().toString() + ":task:view:" + vo.getTaskId().toString();
-        if (!SecurityUtils.getSubject().isPermitted(permissionStr)) {
+        if (!SecurityUtils.getSubject().isPermitted(new TaskPermission(permissionStr))) {
             throw new UnauthorizedException("unauthorized");
         }
 
@@ -136,7 +138,7 @@ public class ReportController {
 
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
         String permissionStr = user.getId().toString() + ":report:view:" +reportId.toString();
-        if (!SecurityUtils.getSubject().isPermitted(permissionStr)) {
+        if (!SecurityUtils.getSubject().isPermitted(new ReportPermission(permissionStr))) {
             throw new UnauthorizedException("unauthorized");
         }
 
@@ -165,7 +167,7 @@ public class ReportController {
                                       @RequestBody @NotNull ReportVO vo) throws Exception {
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
         String permissionStr = user.getId().toString() + ":report:edit:" + reportId.toString();
-        if (!SecurityUtils.getSubject().isPermitted(permissionStr)) {
+        if (!SecurityUtils.getSubject().isPermitted(new ReportPermission(permissionStr))) {
             throw new UnauthorizedException("unauthorized");
         }
 
@@ -190,7 +192,7 @@ public class ReportController {
                                             @RequestBody @NotNull ReportScoreVO vo) throws Exception {
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
         String permissionStr = user.getId().toString() + ":report:score:" + vo.getReportId().toString();
-        if (!SecurityUtils.getSubject().isPermitted(permissionStr)) {
+        if (!SecurityUtils.getSubject().isPermitted(new ReportPermission(permissionStr))) {
             throw new UnauthorizedException("unauthorized");
         }
 
@@ -207,7 +209,7 @@ public class ReportController {
                                                @RequestParam(name = "reportId", required = false) Long reportId) throws Exception {
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
         String permissionStr = user.getId().toString() + ":report:score:" + reportId.toString();
-        if (!SecurityUtils.getSubject().isPermitted(permissionStr)) {
+        if (!SecurityUtils.getSubject().isPermitted(new ReportPermission(permissionStr))) {
             throw new UnauthorizedException("unauthorized");
         }
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/data/EnterContestVO.java

@@ -0,0 +1,15 @@
+package cn.iselab.mooctest.site.web.data;
+
+import lombok.Data;
+
+/**
+ * Created by shanshan on 2017/8/1.
+ */
+@Data
+public class EnterContestVO{
+    private Long id;
+    private Long participantId;
+    private Long examId;
+    private String teacherName;
+    private String teacherEmail;
+}

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/data/UserVO.java

@@ -1,6 +1,7 @@
 package cn.iselab.mooctest.site.web.data;
 
 import com.fasterxml.jackson.annotation.JsonInclude;
+import lombok.Data;
 import lombok.EqualsAndHashCode;
 
 import java.util.List;
@@ -9,6 +10,7 @@ import java.util.List;
  * @author sean
  * @date 2017-06-13.
  */
+@Data
 @EqualsAndHashCode(exclude = "createTime")
 @JsonInclude(JsonInclude.Include.NON_NULL)
 public class UserVO extends BaseVO{
@@ -23,6 +25,8 @@ public class UserVO extends BaseVO{
 
     private String password;
 
+    private String oldPassword;
+
     private Long createTime;
 
     private  String school;
@@ -32,81 +36,4 @@ public class UserVO extends BaseVO{
     private String captcha;
 
     private List<MenuVO> menuVOs;
-
-    public List<MenuVO> getMenuVOs() {
-        return menuVOs;
-    }
-
-    public void setMenuVOs(List<MenuVO> menuVOs) {
-        this.menuVOs = menuVOs;
-    }
-
-    public String getName() {
-        return name;
-    }
-
-    public void setName(String name) {
-        this.name = name;
-    }
-
-    public String getEmail() {
-        return email;
-    }
-
-    public void setEmail(String email) {
-        this.email = email;
-    }
-
-    public String getMobile() {
-        return mobile;
-    }
-
-    public void setMobile(String mobile) {
-        this.mobile = mobile;
-    }
-
-    public Long getId() {
-        return id;
-    }
-
-    public void setId(Long id) {
-        this.id = id;
-    }
-
-
-    public String getPassword() {
-        return password;
-    }
-
-    public void setPassword(String password) {
-        this.password = password;
-    }
-
-    public Long getCreateTime() {
-        return createTime;
-    }
-
-    public void setCreateTime(Long createTime) {
-        this.createTime = createTime;
-    }
-
-    public void setSchool(String school){
-        this.school=school;
-    }
-    public String getSchool(){
-        return this.school;
-    }
-
-    public void setUserName(String userName){
-        this.userName=userName;
-    }
-    public String getUserName(){ return this.userName;}
-
-    public void setCaptcha(String captcha){
-        this.captcha=captcha;
-    }
-
-    public String getCaptcha(){
-        return this.captcha;
-    }
 }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/logic/CaseLogic.java

@@ -1,5 +1,6 @@
 package cn.iselab.mooctest.site.web.logic;
 
+import cn.iselab.mooctest.site.models.User;
 import cn.iselab.mooctest.site.web.data.CaseExtendsVO;
 import cn.iselab.mooctest.site.web.data.CaseVO;
 import org.springframework.data.domain.Page;
@@ -32,5 +33,5 @@ public interface CaseLogic {
 
     CaseExtendsVO getCaseExtends(Long caseId) throws Exception;
 
-    List<CaseExtendsVO> getCasesForExam(Long paperId,Long examId,String username) throws Exception;
+    List<CaseExtendsVO> getCasesForExam(Long paperId,Long examId, Long userId) throws Exception;
 }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/logic/ContestLogic.java

@@ -1,9 +1,10 @@
 package cn.iselab.mooctest.site.web.logic;
 
-import cn.iselab.mooctest.site.web.data.ContestStatisticsVO;
 import cn.iselab.mooctest.site.web.data.ContestVO;
 
 import java.util.List;
+
+import cn.iselab.mooctest.site.web.data.EnterContestVO;
 import net.sf.json.*;
 
 /**
@@ -14,6 +15,7 @@ public interface ContestLogic {
     List<ContestVO> findByYear(String year);
 
     boolean joinContest(long workerId, String contestIds);
+    List<EnterContestVO> enterContest(Long contestId, Long userId, List<EnterContestVO> enterContestVOs);
 
     List<ContestVO> findByWorkerId(long workerId);
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/logic/ExamLogic.java

@@ -14,6 +14,7 @@ import java.util.List;
  */
 public interface ExamLogic {
     ExamVO getExamById(long examId);
+    ExamVO getExamByIdAndParticipantIdIfPermited(Long examId, Long userId);
 
     Page<ExamVO> getOrganizerExamList(Long organizerId, Byte type, Integer status, String keyword, Pageable pageable);
 
@@ -40,5 +41,4 @@ public interface ExamLogic {
     boolean updateStatutsForAllTask();
 
     public void clearAllSchedulers();
-
 }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/logic/GroupLogic.java

@@ -3,6 +3,8 @@ package cn.iselab.mooctest.site.web.logic;
 import cn.iselab.mooctest.site.web.data.GroupVO;
 import cn.iselab.mooctest.site.web.data.UserVO;
 import cn.iselab.mooctest.site.web.data.WorkerVO;
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.Pageable;
 
 import javax.servlet.http.HttpServletRequest;
 import java.util.List;
@@ -18,6 +20,8 @@ public interface GroupLogic {
     List<GroupVO> getManagerGroups(long managerId);
     List<GroupVO> getOwnerGroups(long ownerId);
 
+    Page<GroupVO> getPageableGroups(long ownerId, Pageable pageable);
+
     List<GroupVO> getWorkerGroups(long workerId);
     List<GroupVO> getUserGroups(long participantId);
 

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/logic/impl/CaseLogicImpl.java

@@ -212,11 +212,10 @@ public class CaseLogicImpl implements CaseLogic {
     }
 
     @Override
-    public List<CaseExtendsVO> getCasesForExam(Long paperId, Long examId, String username) throws Exception {
+    public List<CaseExtendsVO> getCasesForExam(Long paperId, Long examId, Long userId) throws Exception {
         boolean isWorker = false;
         boolean isManager = false;
-        User user = userService.findByEmail(username);
-        List<Role> roles = roleService.getRolesOfUser(user.getId());
+        List<Role> roles = roleService.getRolesOfUser(userId);
         for (Role role : roles) {
             if (role.getId() == 3)
                 isWorker = true;
@@ -233,10 +232,10 @@ public class CaseLogicImpl implements CaseLogic {
             CaseExtendsVO caseExtendsVO = Converter.convert(CaseExtendsVO.class, caseService.getCaseExtendsById(caseid));
             caseExtendsVO.setTaskId(examId);
             if (isWorker == true && caseExtendsVO.getSubsiteId() == SubsiteConstants.DEV_SUBSITE_ID)
-                caseExtendsVO.setSecret(indexService.getSecret(user.getId(), caseid));
+                caseExtendsVO.setSecret(indexService.getSecret(userId, caseid));
             if (caseExtendsVO.getSubsiteId() == SubsiteConstants.KIKBUG_SUBSITE_ID) {
                 caseExtendsVO.setAppLocation(applicationService.getAppById(caseExtendsVO.getTargetId()).getAppLocation());
-                Report report = reportService.getReport(examId, caseid, user.getId());
+                Report report = reportService.getReport(examId, caseid, userId);
                 if (report != null)
                     caseExtendsVO.setReportId(report.getId());
                 if (isManager)

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/logic/impl/ContestLogicImpl.java

@@ -2,19 +2,23 @@ package cn.iselab.mooctest.site.web.logic.impl;
 
 import cn.iselab.mooctest.site.data.ContestStatistics;
 import cn.iselab.mooctest.site.models.Contest;
+import cn.iselab.mooctest.site.models.ContestMentor;
+import cn.iselab.mooctest.site.models.Group;
 import cn.iselab.mooctest.site.service.ContestService;
 import cn.iselab.mooctest.site.service.GroupService;
 import cn.iselab.mooctest.site.service.Worker2ContestService;
-import cn.iselab.mooctest.site.web.data.ContestStatisticsVO;
 import cn.iselab.mooctest.site.web.data.ContestVO;
+import cn.iselab.mooctest.site.web.data.EnterContestVO;
 import cn.iselab.mooctest.site.web.data.GroupVO;
 import cn.iselab.mooctest.site.web.data.wrapper.ContestStatisticsVOWrapper;
 import cn.iselab.mooctest.site.web.data.wrapper.ContestVOWrapper;
 import cn.iselab.mooctest.site.web.logic.ContestLogic;
+import cn.iselab.mooctest.site.web.util.Converter;
 import net.sf.json.JSONObject;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import java.util.ArrayList;
 import java.util.List;
 
 /**
@@ -64,6 +68,19 @@ public class ContestLogicImpl implements ContestLogic {
     }
 
     @Override
+    public List<EnterContestVO> enterContest(Long contestId, Long userId, List<EnterContestVO> enterContestVOs) {
+        List<Group> groups = groupService.getByExamId(contestId);
+        groups.forEach(group -> groupService.joinGroup(userId, group));
+        List<ContestMentor> contestMentors = contestService.addContestMentor(contestId, userId, enterContestVOs);
+
+        List<EnterContestVO> result = new ArrayList<>();
+        contestMentors.stream().forEach(contestMentor ->{
+            result.add(Converter.convert(EnterContestVO.class, contestMentor));
+        });
+        return result;
+    }
+
+    @Override
     public List<ContestVO> findByWorkerId(long workerId) {
         return contestVOWrapper.wrap(contestService.findByWorkerId(workerId));
     }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/logic/impl/ExamLogicImpl.java

@@ -87,6 +87,13 @@ public class ExamLogicImpl extends BaseLogic implements ExamLogic {
     }
 
     @Override
+    public ExamVO getExamByIdAndParticipantIdIfPermited(Long examId, Long userId) {
+        Task task = examService.getExamByIdAndParticipantIdIfPermited(examId, userId);
+        ExamVO examVO = examVOWrapper.wrapExamFrom(task);
+        return examVO;
+    }
+
+    @Override
     public Page<ExamVO> getOrganizerExamList(Long organizerId, Byte type, Integer status, String keyword, Pageable pageable) {
         Page<Task> taskPage = examService.getExamsByOrganizerId(organizerId, type, status, keyword, pageable);
         Page<ExamVO> examVOPage = taskPage.map(new Converter<Task, ExamVO>() {
@@ -142,7 +149,7 @@ public class ExamLogicImpl extends BaseLogic implements ExamLogic {
             examSchedulerService.createNewExamScheduler(result);
 
             taskPermissionService.createTask(result.getOwnerId(), result.getId());
-            taskPermissionService.takeTask(examVO.getGroupIds().get(0), result.getId());
+            //taskPermissionService.takeTask(examVO.getGroupIds().get(0), result.getId());
             return examVOWrapper.wrapExamFrom(result);
         } else {
             throw new HttpBadRequestException("No right for some group");

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/logic/impl/GroupLogicImpl.java

@@ -11,6 +11,7 @@ import cn.iselab.mooctest.site.service.UserService;
 import cn.iselab.mooctest.site.service.WorkerService;
 import cn.iselab.mooctest.site.service.instancePermission.GroupPermissionService;
 import cn.iselab.mooctest.site.web.data.GroupVO;
+import cn.iselab.mooctest.site.web.data.PaperVO;
 import cn.iselab.mooctest.site.web.data.UserVO;
 import cn.iselab.mooctest.site.web.data.WorkerVO;
 import cn.iselab.mooctest.site.web.data.wrapper.GroupVOWrapper;
@@ -26,6 +27,8 @@ import cn.iselab.mooctest.site.web.util.Converter;
 import com.google.common.collect.Lists;
 import org.apache.shiro.SecurityUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.Pageable;
 import org.springframework.stereotype.Service;
 
 import javax.servlet.http.HttpServletRequest;
@@ -89,6 +92,20 @@ public class GroupLogicImpl extends BaseLogic implements GroupLogic {
     }
 
     @Override
+    public Page<GroupVO> getPageableGroups(long ownerId, Pageable pageable) {
+        Page<Group> groups = groupService.getPageableGroupsByOwnerId(ownerId,pageable);
+        Page<GroupVO> groupVOS = groups.map(new org.springframework.core.convert.converter.Converter<Group, GroupVO>(){
+            @Override
+            public GroupVO convert(Group group) {
+                GroupVO groupVO = Converter.convert(GroupVO.class,group);
+                return groupVO;
+            }
+        });
+        return groupVOS;
+    }
+
+
+    @Override
     public List<GroupVO> getWorkerGroups(long workerId) {
 
         List<GroupVO> vos = groupVOWrapper.wrap(groupService.getGroupsByWorkerId(workerId));
@@ -228,10 +245,6 @@ public class GroupLogicImpl extends BaseLogic implements GroupLogic {
                 throw new HttpBadRequestException("Manager[name=" + groupVO.getManagerName() +
                         "] is not manager of Group[id=" + groupVO.getId() + "]");
             }
-            GroupPermission groupPermission=groupPermissionService.joinGroup(userId,groupVO.getId());
-            if(groupPermission == null){
-                throw new IllegalOperationException("Can not create Group Permission!");
-            }
             return groupVOWrapper.wrap(groupService.joinGroup(userId, group));
         }else{
             throw new HttpBadRequestException("Captcha error");
@@ -383,10 +396,7 @@ public class GroupLogicImpl extends BaseLogic implements GroupLogic {
             throw new HttpForbiddenException("Group not allowed to join");
         }
 
-        GroupPermission groupPermission=groupPermissionService.joinGroup(userId,groupId);
-        if(groupPermission == null){
-            throw new IllegalOperationException("Can not create Group Permission!");
-        }
         return groupVOWrapper.wrap(groupService.joinGroup(userId, group));
     }
+
 }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/logic/impl/PaperLogicImpl.java

@@ -79,8 +79,8 @@ public class PaperLogicImpl extends BaseLogic implements PaperLogic {
         List<Task2Case> task2Cases = paperService.copyCase(paper.getId(),newPaper.getId());
 
         User user = (User) SecurityUtils.getSubject().getSession().getAttribute("User");
-        paperPermissionService.createPaper(user.getId(), paperId);
-        paperPermissionService.publishPaper(paperId);
+        paperPermissionService.createPaper(user.getId(), newPaper.getId());
+        paperPermissionService.publishPaper(newPaper.getId());
 
         return Converter.convert(PaperVO.class,newPaper);
     }

mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/logic/impl/UserLogicImpl.java

@@ -114,9 +114,14 @@ public class UserLogicImpl extends BaseLogic implements UserLogic {
     public UserVO updateUserPassword(UserVO userVO, HttpServletRequest request) {
         if ((userVO.getCaptcha().equals("summer")) || (CaptchaUtils.verifyPictureCaptcha(request, userVO.getCaptcha()))) {
             User user = userService.findByUserId(userVO.getId());
+            if(!EncryptionUtil.encryptMD5(userVO.getOldPassword()).equals(user.getPassword())){
+                throw new HttpBadRequestException("旧密码错误！");
+            }
             String password = EncryptionUtil.encryptMD5(userVO.getPassword());
             user.setPassword(password);
-            return Converter.copy(userVO, userService.updateUser(user));
+            UserVO uv=Converter.copy(userVO, userService.updateUser(user));
+            uv.setPassword("");
+            return uv;
         } else {
             throw new HttpBadRequestException("Captcha error");
         }

mooctest-site-server/src/test/java/cn/iselab/mooctest/site/service/fromKibug/impl/ReportServiceImplTest.java

@@ -3,9 +3,12 @@ package cn.iselab.mooctest.site.service.fromKibug.impl;
 import cn.iselab.mooctest.site.dao.fromKibug.CaseTakeDao;
 import cn.iselab.mooctest.site.dao.fromKibug.IncrementIdDao;
 import cn.iselab.mooctest.site.dao.fromKibug.ReportDao;
+import cn.iselab.mooctest.site.models.Task;
 import cn.iselab.mooctest.site.models.fromKibug.CaseTake;
 import cn.iselab.mooctest.site.models.fromKibug.IncrementId;
 import cn.iselab.mooctest.site.models.fromKibug.Report;
+import cn.iselab.mooctest.site.service.TaskService;
+import cn.iselab.mooctest.site.service.instancePermission.ReportPermissionService;
 import cn.iselab.mooctest.site.web.data.fromKibug.ReportVO;
 import cn.iselab.mooctest.site.web.exception.IllegalOperationException;
 import org.junit.Assert;
@@ -25,6 +28,7 @@ import java.util.Collections;
 import java.util.List;
 
 import static org.mockito.Matchers.any;
+import static org.mockito.Matchers.anyLong;
 import static org.mockito.Mockito.when;
 
 /**
@@ -39,14 +43,20 @@ public class ReportServiceImplTest {
     private ReportDao reportDao;
     @Mock
     private IncrementIdDao incrementIdDao;
+    @Mock
+    private ReportPermissionService reportPermissionService;
+    @Mock
+    private TaskService taskService;
     @Rule
     public ExpectedException thrown= ExpectedException.none();
+    private Task task=new Task();
 
     @Before
     public void setUp() {
         MockitoAnnotations.initMocks(this);
-    }
 
+        task.setOwnerId(1L);
+    }
 
     @Test
     public void should_changeReportStatus_when_givenReportId() throws Exception {
@@ -67,6 +77,7 @@ public class ReportServiceImplTest {
         incrementId.setId(111111);
         when(caseTakeDao.findByTaskIdAndCaseIdAndWorkerId(72,123,27)).thenReturn(caseTakes);
         when(incrementIdDao.save(any(IncrementId.class))).thenReturn(incrementId);
+        when(taskService.getTask(anyLong())).thenReturn(task);
 
         ReportVO vo = new ReportVO();
         vo.setCaseId(123L);
@@ -88,6 +99,7 @@ public class ReportServiceImplTest {
         when(caseTakeDao.findByTaskIdAndCaseIdAndWorkerId(72,123,27)).thenReturn(Collections.emptyList());
         when(incrementIdDao.save(any(IncrementId.class))).thenReturn(incrementId);
         when(caseTakeDao.save(any(CaseTake.class))).thenReturn(caseTake);
+        when(taskService.getTask(anyLong())).thenReturn(task);
 
         ReportVO vo = new ReportVO();
         vo.setCaseId(123L);

mooctest-site-server/src/test/java/cn/iselab/mooctest/site/web/ctrl/CaseControllerTest.java

@@ -309,7 +309,8 @@ public class CaseControllerTest extends AbstractShiroTest{
         when(session.getAttribute(anyString())).thenReturn(user);
         when(subjectUnderTest.isPermitted(anyString())).thenReturn(true);
         setSubject(subjectUnderTest);
-        when(caseLogic.getCasesForExam(anyLong(),anyLong(),anyString())).thenReturn(caseExtendsList);
+
+        when(caseLogic.getCasesForExam(anyLong(),anyLong(),anyLong())).thenReturn(caseExtendsList);
 
         MvcResult result=mockMvc.perform(
                 get("/api/cases/1/1")

mooctest-site-server/src/test/java/cn/iselab/mooctest/site/web/ctrl/fromKibug/ReportControllerTest.java

@@ -8,6 +8,8 @@ import cn.iselab.mooctest.site.models.CaseExtends;
 import cn.iselab.mooctest.site.models.User;
 import cn.iselab.mooctest.site.models.fromKibug.CaseFromKibug;
 import cn.iselab.mooctest.site.models.fromKibug.Report;
+import cn.iselab.mooctest.site.models.instancePermission.ReportPermission;
+import cn.iselab.mooctest.site.models.instancePermission.TaskPermission;
 import cn.iselab.mooctest.site.service.AssignedTaskService;
 import cn.iselab.mooctest.site.service.CaseService;
 import cn.iselab.mooctest.site.service.fromKibug.KibugCaseService;
@@ -90,7 +92,8 @@ public class ReportControllerTest extends AbstractShiroTest{
         user.setId(1L);
         when(subject.getSession()).thenReturn(session);
         when(session.getAttribute(anyString())).thenReturn(user);
-        when(subject.isPermitted(anyString())).thenReturn(true);
+        when(subject.isPermitted(any(TaskPermission.class))).thenReturn(true);
+        when(subject.isPermitted(any(ReportPermission.class))).thenReturn(true);
         setSubject(subject);
     }
 

mooctest-site-server/src/test/java/cn/iselab/mooctest/site/web/logic/impl/CaseLogicImplTest.java

@@ -292,7 +292,7 @@ public class CaseLogicImplTest {
         when(applicationService.getAppById(anyLong())).thenReturn(application);
         when(reportService.getReport(anyLong(),anyLong(),anyLong())).thenReturn(report);
 
-        List<CaseExtendsVO> result=caseLogic.getCasesForExam(1L,1L,"123");
+        List<CaseExtendsVO> result=caseLogic.getCasesForExam(1L,1L,1L);
 
         Assert.assertEquals(caseExtendsVOList.get(0).getReportId(),result.get(0).getReportId());
         Assert.assertEquals(caseExtendsVOList.get(0).getCaseReportUrl(),result.get(0).getCaseReportUrl());