|
@@ -1,10 +1,12 @@
|
|
|
package com.example.onlinejudge.controller;
|
|
|
|
|
|
+import com.alibaba.druid.wall.violation.ErrorCode;
|
|
|
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
|
|
|
|
|
import com.example.onlinejudge.common.DeleteRequest;
|
|
|
|
|
|
|
|
|
+import com.example.onlinejudge.exception.BusinessException;
|
|
|
import com.example.onlinejudge.model.VO.QuestionVO;
|
|
|
import com.example.onlinejudge.model.dto.question.*;
|
|
|
import com.example.onlinejudge.model.entity.Question;
|
|
@@ -66,9 +68,9 @@ public class QuestionController {
|
|
|
question.setJudgeConfig(GSON.toJson(judgeConfig));
|
|
|
}
|
|
|
questionService.validQuestion(question, true);
|
|
|
- //TODO:记录谁创建了这个题目
|
|
|
-// User loginUser = userService.getLoginUser(request);
|
|
|
-// question.setUserId(loginUser.getId());
|
|
|
+ //TODO:记录谁创建了这个题目 Done
|
|
|
+ Long loginUserId = userService.getLoginUserId();
|
|
|
+ question.setUserId(loginUserId);
|
|
|
boolean result = questionService.save(question);
|
|
|
if(!result){
|
|
|
return Result.error(ResultCode.PARAM_IS_INVALID);
|
|
@@ -98,8 +100,8 @@ public class QuestionController {
|
|
|
}
|
|
|
//ThrowUtils.throwIf(oldQuestion == null, ErrorCode.NOT_FOUND_ERROR);
|
|
|
// 仅本人或管理员可删除
|
|
|
- //TODO:判断是否是管理员
|
|
|
- if (false) {
|
|
|
+ //TODO:判断是否是管理员 DONE
|
|
|
+ if (userService.isAdmin(userService.getLoginUserId())) {
|
|
|
return Result.error(ResultCode.PERMISSION_DENIED);
|
|
|
}
|
|
|
boolean b = questionService.removeById(id);
|
|
@@ -122,12 +124,13 @@ public class QuestionController {
|
|
|
if (question == null) {
|
|
|
return Result.error(ResultCode.NOT_FOUND_ERROR);
|
|
|
}
|
|
|
- //TODO:判断是否是管理员
|
|
|
+ //TODO:判断是否是管理员 DONE
|
|
|
// User loginUser = userService.getLoginUser(request);
|
|
|
+ Long loginUserId = userService.getLoginUserId();
|
|
|
// // 不是本人或管理员,不能直接获取所有信息
|
|
|
-// if (!question.getUserId().equals(loginUser.getId()) && !userService.isAdmin(loginUser)) {
|
|
|
-// throw new BusinessException(ErrorCode.NO_AUTH_ERROR);
|
|
|
-// }
|
|
|
+ if (!question.getUserId().equals(loginUserId) && !userService.isAdmin(loginUserId)) {
|
|
|
+ throw new BusinessException(ResultCode.PERMISSION_DENIED);
|
|
|
+ }
|
|
|
return Result.success(question);
|
|
|
}
|
|
|
|