add change work name method and release 1.7.9

pom.xml

@@ -10,7 +10,7 @@
     </parent>
     <groupId>top.yunshu</groupId>
     <artifactId>shw_server</artifactId>
-    <version>1.7.8-RELEASE</version>
+    <version>1.7.9-RELEASE</version>
     <name>shw_server</name>
     <description>Student HomeWork Management System</description>
 

src/main/java/top/yunshu/shw/server/controller/teacher/TeacherController.java

@@ -207,14 +207,30 @@ public ResponseEntity<Work> addWork(@ApiIgnore LoginUser loginUser,
      * @param enabled 开启状态
      * @return ResponseEntity
      */
-    @SuppressWarnings("unused")
     @ApiOperation("更新作业启用状态")
-    @PatchMapping("/work/{workId}/{enabled}")
+    @PatchMapping("/work/enabled/{workId}/{enabled}")
     public ResponseEntity<Void> updateWorkEnabled(@ApiIgnore LoginUser loginUser,
                                                   @ApiParam(value = "作业ID", required = true) @PathVariable String workId,
                                                   @ApiParam(value = "开启状态", required = true) @PathVariable String enabled) {
         logger.debug("up work , work id: " + workId + " enabled: " + enabled);
-        workService.changeEnabledWord(workId, Boolean.parseBoolean(enabled));
+        workService.changeWorkEnabledStatus(loginUser.getNo(), workId, Boolean.parseBoolean(enabled));
+        return ResponseEntity.noContent().build();
+    }
+
+    /**
+     * 更新作业名称
+     *
+     * @param workId   作业ID
+     * @param workName 新名称
+     * @return ResponseEntity
+     */
+    @ApiOperation("更新作业名称")
+    @PatchMapping("/work/name/{workId}/{workName}")
+    public ResponseEntity<Void> updateWorkName(@ApiIgnore LoginUser loginUser,
+                                               @ApiParam(value = "作业ID", required = true) @PathVariable String workId,
+                                               @ApiParam(value = "作业名", required = true) @PathVariable String workName) {
+        logger.debug("up work , work id: " + workId + " name: " + workName);
+        workService.changeWorkName(loginUser.getNo(), workId, workName);
         return ResponseEntity.noContent().build();
     }
 

src/main/java/top/yunshu/shw/server/service/work/WorkService.java

@@ -65,10 +65,20 @@ public interface WorkService {
     /**
      * 更改作业开启状态
      *
-     * @param workId  作业ID
-     * @param enabled 是否开启
+     * @param teacherNumber 教师ID
+     * @param workId        作业ID
+     * @param enabled       是否开启
+     */
+    void changeWorkEnabledStatus(String teacherNumber, String workId, boolean enabled);
+
+    /**
+     * 更改作业名称
+     *
+     * @param teacherNumber 教师ID
+     * @param workId        作业ID
+     * @param workName      新作业名
      */
-    void changeEnabledWord(String workId, boolean enabled);
+    void changeWorkName(String teacherNumber, String workId, String workName);
 
     /**
      * 删除作业

src/main/java/top/yunshu/shw/server/service/work/impl/WorkServiceImpl.java

@@ -19,6 +19,7 @@
 import top.yunshu.shw.server.entity.Upload;
 import top.yunshu.shw.server.entity.Work;
 import top.yunshu.shw.server.exception.NoSuchFiledValueException;
+import top.yunshu.shw.server.exception.PermissionsException;
 import top.yunshu.shw.server.model.WorkDetailsModel;
 import top.yunshu.shw.server.model.WorkModel;
 import top.yunshu.shw.server.service.work.WorkService;
@@ -135,12 +136,27 @@ public Work createWork(String workName, String groupId, String format, boolean e
             @CacheEvict(cacheNames = "work", allEntries = true)
     })
     @Override
-    public void changeEnabledWord(String workId, boolean enabled) {
+    public void changeWorkEnabledStatus(String teacherNumber, String workId, boolean enabled) {
         Work work = workDao.findById(workId).orElseThrow(() -> new NoSuchFiledValueException("作业ID: " + workId + "不存在", HttpStatus.NOT_FOUND));
+        checkTeacherWorkModifyPermission(teacherNumber, work);
         work.setEnabled(enabled);
         workDao.save(work);
     }
 
+    @Caching(evict = {
+            @CacheEvict(cacheNames = "studentDoneWork", allEntries = true),
+            @CacheEvict(cacheNames = "studentUndoneWork", allEntries = true),
+            @CacheEvict(cacheNames = "work", key = "'regex:'+#teacherNumber+'*'"),
+            @CacheEvict(cacheNames = "workDetail", key = "'regex:'+#workId+'*'")
+    })
+    @Override
+    public void changeWorkName(String teacherNumber, String workId, String workName) {
+        Work work = workDao.findById(workId).orElseThrow(() -> new NoSuchFiledValueException("作业ID: " + workId + "不存在", HttpStatus.NOT_FOUND));
+        checkTeacherWorkModifyPermission(teacherNumber, work);
+        work.setWorkName(workName);
+        workDao.save(work);
+    }
+
     @Caching(evict = {
             @CacheEvict(cacheNames = "studentDoneWork", allEntries = true),
             @CacheEvict(cacheNames = "studentUndoneWork", allEntries = true),
@@ -210,4 +226,21 @@ private Page<WorkModel> getWorkModels(Pageable pageable, List<Work> workList) {
         return new PageImpl<>(modelMapper.map(works, new TypeToken<List<WorkModel>>() {
         }.getType()), pageable, workList.size());
     }
+
+    /**
+     * 检查教师修改作业权限(横向越权检查)
+     *
+     * @param teacherNumber 教师ID
+     * @param work          作业
+     */
+    private void checkTeacherWorkModifyPermission(String teacherNumber, Work work) {
+        String teacherNumberInDao = groupDao.findById(work.getGroupId()).orElseThrow(() -> {
+            logger.error("group id: " + work.getGroupId() + " not found and work id is: " + work.getId());
+            return new NoSuchFiledValueException("该作业所属群ID: " + work.getGroupId() + "没有找到", HttpStatus.NOT_FOUND);
+        }).getTeacherNumber();
+        if (!teacherNumberInDao.equals(teacherNumber)) {
+            logger.warn("Horizontal override permission log: " + teacherNumber);
+            throw new PermissionsException("没有找到");
+        }
+    }
 }