anph
/
forgeplus
forked from Trustie/forgeplus
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

增加排序参数的判断预防SQL注入、项目导航栏数量改为开启中的数量、项目邀请码增加索引、搜索用户sql优化

This commit is contained in:
jasder 2021-06-17 17:03:56 +08:00
parent ffc14da311 bdb8154a55
commit b38e7dce2d
48 changed files with 243 additions and 205 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/admins/auth_schools_controller.rb
View File

@ -32,7 +32,7 @@ class Admins::AuthSchoolsController < Admins::BaseController
def search_manager
school = School.find_by(id: params[:school_id])
user_ids = school&.ec_school_users&.pluck(:user_id)
@users = User.where.not(id: user_ids).where("CONCAT_WS(lastname, firstname, nickname) like ?", "%#{params[:name].strip.to_s}%").limit(10)
@users = User.where.not(id: user_ids).where("CONCAT(lastname, firstname) like ? OR nickname like ?", "%#{params[:name].strip.to_s}%", "%#{params[:name].strip.to_s}%").limit(10)
end
# 添加认证学校管理员

4
app/controllers/admins/faqs_controller.rb
View File

@ -2,8 +2,8 @@ class Admins::FaqsController < Admins::BaseController
before_action :find_faq, only: [:edit,:update, :destroy]
def index
sort_by = params[:sort_by] ||= 'updated_at'
sort_direction = params[:sort_direction] ||= 'desc'
sort_by = Faq.column_names.include?(params[:sort_by]) ? params[:sort_by] : 'updated_at'
sort_direction = %w(desc asc).include?(params[:sort_direction]) ? params[:sort_direction] : 'desc'
keyword = params[:keyword].to_s.strip
collection = Faq.search_question(keyword).order("#{sort_by} #{sort_direction}")

6
app/controllers/admins/laboratories_controller.rb
View File

@ -32,8 +32,8 @@ class Admins::LaboratoriesController < Admins::BaseController
keyword = params[:keyword].to_s.strip
if keyword.present?
like_sql = 'shixuns.name LIKE :keyword OR CONCAT_WS(users.lastname, users.firstname, users.nickname) LIKE :keyword '\
'OR mirror_repositories.name LIKE :keyword'
like_sql = 'shixuns.name LIKE :keyword OR CONCAT(users.lastname, users.firstname) LIKE :keyword '\
'users.nickname LIKE :keyword OR mirror_repositories.name LIKE :keyword'
shixuns = shixuns.joins(:user, :mirror_repositories).where(like_sql, keyword: "%#{keyword}%")
end
@ -48,7 +48,7 @@ class Admins::LaboratoriesController < Admins::BaseController
keyword = params[:keyword].to_s.strip
if keyword.present?
like_sql = 'subjects.name LIKE :keyword OR CONCAT_WS(users.lastname, users.firstname, users.nickname) LIKE :keyword'
like_sql = 'subjects.name LIKE :keyword OR CONCAT(users.lastname, users.firstname) LIKE :keyword OR users.nickname LIKE :keyword'
subjects = subjects.joins(:user).where(like_sql, keyword: "%#{keyword}%")
end

4
app/controllers/admins/project_categories_controller.rb
View File

@ -3,8 +3,8 @@ class Admins::ProjectCategoriesController < Admins::BaseController
before_action :validate_names, only: [:create, :update]
def index
sort_by = params[:sort_by] ||= 'created_at'
sort_direction = params[:sort_direction] ||= 'desc'
sort_by = ProjectCategory.column_names.include?(params[:sort_by]) ? params[:sort_by] : 'created_at'
sort_direction = %w(desc asc).include?(params[:sort_direction]) ? params[:sort_direction] : 'desc'
q = ProjectCategory.ransack(name_cont: params[:name])
project_categories = q.result(distinct: true).order("#{sort_by} #{sort_direction}")
@project_categories = paginate(project_categories)

4
app/controllers/admins/project_ignores_controller.rb
View File

@ -3,8 +3,8 @@ class Admins::ProjectIgnoresController < Admins::BaseController
before_action :validate_params, only: [:create, :update]
def index
sort_by = params[:sort_by] ||= 'created_at'
sort_direction = params[:sort_direction] ||= 'desc'
sort_by = Ignore.column_names.include?(params[:sort_by]) ? params[:sort_by] : 'created_at'
sort_direction = %w(desc asc).include?(params[:sort_direction]) ? params[:sort_direction] : 'desc'
q = Ignore.ransack(name_cont: params[:search])
project_ignores = q.result(distinct: true).order("#{sort_by} #{sort_direction}")
@project_ignores = paginate(project_ignores)

4
app/controllers/admins/project_languages_controller.rb
View File

@ -3,8 +3,8 @@ class Admins::ProjectLanguagesController < Admins::BaseController
before_action :validate_names, only: [:create, :update]
def index
sort_by = params[:sort_by] ||= 'created_at'
sort_direction = params[:sort_direction] ||= 'desc'
sort_by = ProjectLanguage.column_names.include?(params[:sort_by]) ? params[:sort_by] : 'created_at'
sort_direction = %w(desc asc).include?(params[:sort_direction]) ? params[:sort_direction] : 'desc'
q = ProjectLanguage.ransack(name_cont: params[:search])
project_languages = q.result(distinct: true).order("#{sort_by} #{sort_direction}")
@project_languages = paginate(project_languages)

4
app/controllers/admins/project_licenses_controller.rb
View File

@ -3,8 +3,8 @@ class Admins::ProjectLicensesController < Admins::BaseController
before_action :validate_params, only: [:create, :update]
def index
sort_by = params[:sort_by] ||= 'created_at'
sort_direction = params[:sort_direction] ||= 'desc'
sort_by = License.column_names.include?(params[:sort_by]) ? params[:sort_by] : 'created_at'
sort_direction = %w(desc asc).include?(params[:sort_direction]) ? params[:sort_direction] : 'desc'
q = License.ransack(name_cont: params[:search])
project_licenses = q.result(distinct: true).order("#{sort_by} #{sort_direction}")
@project_licenses = paginate(project_licenses)

5
app/controllers/admins/projects_controller.rb
View File

@ -1,9 +1,8 @@
class Admins::ProjectsController < Admins::BaseController
def index
sort_by = params[:sort_by] ||= 'created_on'
sort_direction = params[:sort_direction] ||= 'desc'
sort_by = Project.column_names.include?(params[:sort_by]) ? params[:sort_by] : 'created_on'
sort_direction = %w(desc asc).include?(params[:sort_direction]) ? params[:sort_direction] : 'desc'
search = params[:search].to_s.strip
projects = Project.where("name like ?", "%#{search}%").order("#{sort_by} #{sort_direction}")
@projects = paginate projects.includes(:owner, :members, :issues, :versions, :attachments, :project_score)

4
app/controllers/application_controller.rb
View File

@ -615,8 +615,8 @@ class ApplicationController < ActionController::Base
end
# 排序
rorder = option[:order] || "updated_at"
b_order = option[:b_order] || "desc"
rorder = UserExtension.column_names.include?(option[:order]) ? option[:order] : "updated_at"
b_order = %w(desc asc).include?(option[:b_order]) ? option[:b_order] : "desc"
if rorder == "created_at" || rorder == "work_score"
work_list = work_list.order("graduation_works.#{rorder} #{b_order}")
elsif rorder == "student_id"

7
app/controllers/composes_controller.rb
View File

@ -3,13 +3,12 @@ class ComposesController < ApplicationController
before_action :find_compose, except: [:index, :new,:create]
def index
@order_type = params[:order] || "created_at"
@search_name = params[:search]
composes = Compose.compose_includes
if @search_name.present?
composes = composes.where("title like ?", "%#{@search_name}%")
end
composes = composes.order("#{@order_type} desc")
composes = composes.order("#{order_type} desc")
@page = params[:page] || 1
@limit = params[:limit] || 15
@composes_size = composes.size
@ -96,4 +95,8 @@ class ComposesController < ApplicationController
end
end
def order_type
Compose.column_names.include?(params[:order_type]) ? params[:order_type] : 'created_at'
end
end

13
app/controllers/issue_tags_controller.rb
View File

@ -7,9 +7,6 @@ class IssueTagsController < ApplicationController
def index
order_name = params[:order_name] || "created_at"
order_type = params[:order_type] || "desc"
issue_tags = @project.issue_tags.order("#{order_name} #{order_type}")
@user_admin_or_member = current_user.present? && (current_user.admin || @project.member?(current_user))
@page = params[:page] || 1
@ -138,4 +135,14 @@ class IssueTagsController < ApplicationController
end
end
private
def order_name
IssueTag.column_names.include?(params[:order_name]) ? params[:order_name] : 'created_at'
end
def order_type
%w(desc asc).include?(params[:order_type]) ? params[:order_type] : 'desc'
end
end

16
app/controllers/issues_controller.rb
View File

@ -17,13 +17,17 @@ class IssuesController < ApplicationController
issues = @project.issues.issue_issue.issue_index_includes
issues = issues.where(is_private: false) unless @user_admin_or_member
@all_issues_size = issues.size
@open_issues_size = issues.where.not(status_id: 5).size
@close_issues_size = issues.where(status_id: 5).size
@assign_to_me_size = issues.where(assigned_to_id: current_user&.id).size
@my_published_size = issues.where(author_id: current_user&.id).size
@all_issues = issues
@filter_issues = @all_issues
@filter_issues = @filter_issues.where.not(status_id: 5) if params[:status_type].to_i == 1
@filter_issues = @filter_issues.where(status_id: 5) if params[:status_type].to_i == 2
@filter_issues = @filter_issues.where("subject LIKE ? OR description LIKE ? ", "%#{params[:search]}%", "%#{params[:search]}%") if params[:search].present?
@open_issues = @all_issues.where.not(status_id: 5)
@close_issues = @all_issues.where(status_id: 5)
@assign_to_me = @filter_issues.where(assigned_to_id: current_user&.id)
@my_published = @filter_issues.where(author_id: current_user&.id)
scopes = Issues::ListQueryService.call(issues,params.delete_if{|k,v| v.blank?}, "Issue")
@issues_size = scopes.size
@issues_size = @filter_issues.size
@issues = paginate(scopes)
respond_to do |format|

2
app/controllers/members_controller.rb
View File

@ -18,7 +18,7 @@ class MembersController < ApplicationController
scope = @project.members.includes(:roles, user: :user_extension)
search = params[:search].to_s.downcase
role = params[:role].to_s
scope = scope.joins(:user).where("LOWER(CONCAT_WS(users.lastname, users.firstname, users.login, users.mail, users.nickname)) LIKE ?", "%#{search.split(" ").join('|')}%") if search.present?
scope = scope.joins(:user).merge(User.like(search))
scope = scope.joins(:roles).where("roles.name LIKE ?", "%#{role}%") if role.present?
@total_count = scope.size

2
app/controllers/organizations/organization_users_controller.rb
View File

@ -5,7 +5,7 @@ class Organizations::OrganizationUsersController < Organizations::BaseController
def index
@organization_users = @organization.organization_users.includes(:user)
search = params[:search].to_s.downcase
@organization_users = @organization_users.joins(:user).where("LOWER(CONCAT_WS(users.lastname, users.firstname, users.login, users.mail, users.nickname)) LIKE ?", "%#{search.split(" ").join('|')}%") if search.present?
@organization_users = @organization_users.joins(:user).merge(User.like(search))
@organization_users = kaminari_paginate(@organization_users)
end

4
app/controllers/organizations/organizations_controller.rb
View File

@ -88,11 +88,11 @@ class Organizations::OrganizationsController < Organizations::BaseController
end
def sort_by
params.fetch(:sort_by, "created_at")
OrganizationExtension.column_names.include?(params[:sort_by]) ? params[:sort_by] : 'created_at'
end
def sort_direction
params.fetch(:sort_direction, "desc")
%w(desc asc).include?(params[:sort_direction]) ? params[:sort_direction] : 'desc'
end
end

4
app/controllers/organizations/projects_controller.rb
View File

@ -36,10 +36,10 @@ class Organizations::ProjectsController < Organizations::BaseController
end
def sort
params.fetch(:sort_by, "updated_on")
Project.column_names.include?(params[:sort_by]) ? params[:sort_by] : 'updated_on'
end
def sort_direction
params.fetch(:sort_direction, "desc")
%w(desc asc).include?(params[:sort_direction]) ? params[:sort_direction] : 'desc'
end
end

2
app/controllers/organizations/team_users_controller.rb
View File

@ -8,7 +8,7 @@ class Organizations::TeamUsersController < Organizations::BaseController
@team_users = @team.team_users.includes(:user)
search = params[:search].to_s.downcase
@team_users = @team_users.joins(:user).where("LOWER(CONCAT_WS(users.lastname, users.firstname, users.login, users.mail, users.nickname)) LIKE ?", "%#{search.split(" ").join('|')}%") if search.present?
@team_users = @team_users.joins(:user).merge(User.like(search))
@team_users = kaminari_paginate(@team_users)
end

12
app/controllers/pull_requests_controller.rb
View File

@ -12,14 +12,16 @@ class PullRequestsController < ApplicationController
# @issues = Gitea::PullRequest::ListService.new(@user,@repository.try(:identifier)).call #通过gitea获取
issues = @project.issues.issue_pull_request.issue_index_includes.includes(pull_request: :user)
issues = issues.where(is_private: false) unless current_user.present? && (current_user.admin? || @project.member?(current_user))
@all_issues_size = issues.size
@open_issues_size = issues.joins(:pull_request).where(pull_requests: {status: 0}).size
@close_issues_size = issues.joins(:pull_request).where(pull_requests: {status: 2}).size
@merged_issues_size = issues.joins(:pull_request).where(pull_requests: {status: 1}).size
@all_issues = issues.distinct
@filter_issues = @all_issues
@filter_issues = @filter_issues.where("subject LIKE ? OR description LIKE ? ", "%#{params[:search]}%", "%#{params[:search]}%") if params[:search].present?
@open_issues = @filter_issues.joins(:pull_request).where(pull_requests: {status: 0})
@close_issues = @filter_issues.joins(:pull_request).where(pull_requests: {status: 2})
@merged_issues = @filter_issues.joins(:pull_request).where(pull_requests: {status: 1})
@user_admin_or_member = current_user.present? && (current_user.admin || @project.member?(current_user))
scopes = Issues::ListQueryService.call(issues,params.delete_if{|k,v| v.blank?}, "PullRequest")
@issues_size = scopes.size
@issues_size = @filter_issues.size
@issues = paginate(scopes)
end

4
app/controllers/users/banks_controller.rb
View File

@ -1,8 +1,8 @@
class Users::BanksController < Users::BaseController
before_action :params_filter
def index
order = params[:order] || "updated_at"
sort = params[:sort] || "desc"
order = CourseList.column_names.include?(params[:order]) ? params[:order] : "updated_at"
sort = %w(desc asc).includes?(params[:sort]) ? params[:sort] : "desc"
@banks = @object_type.classify.constantize.where(@object_filter)
@course_lists = CourseList.where(id: @banks.pluck(:course_list_id))
@banks = @banks.where(course_list_id: params[:tag_id]) unless params[:tag_id].blank?

4
app/controllers/users/organizations_controller.rb
View File

@ -16,10 +16,10 @@ class Users::OrganizationsController < Users::BaseController
private
def sort_by
params.fetch(:sort_by, "created_at")
OrganizationExtension.column_names.include?(params[:sort_by]) ? params[:sort_by] : 'created_at'
end
def sort_direction
params.fetch(:sort_direction, "desc")
%w(desc asc).include?(params[:sort_direction]) ? params[:sort_direction] : 'desc'
end
end

3
app/controllers/users_controller.rb
View File

@ -65,8 +65,7 @@ class UsersController < ApplicationController
def fan_users
watchers = @user.watchers.includes(:user).order("watchers.created_at desc")
watchers = watchers.joins(:user).where("LOWER(CONCAT_WS(users.lastname, users.firstname, users.login, users.nickname)) LIKE ?", "%#{params[:search].split(" ").join('|')}%") if params[:search].present?
watchers = watchers.joins(:user).merge(User.like(params[:search]))
@watchers_count = watchers.size
@watchers = paginate(watchers)
end

2
app/controllers/users_for_private_messages_controller.rb
View File

@ -11,7 +11,7 @@ class UsersForPrivateMessagesController < ApplicationController
return
end
users = users.where('LOWER(CONCAT_WS(lastname, firstname, nickname)) LIKE ?', "%#{keyword}%")
users = users.like(keyword)
@users = users.limit(10).includes(:user_extension)
end

13
app/controllers/versions_controller.rb
View File

@ -7,8 +7,6 @@ class VersionsController < ApplicationController
def index
return render_not_found unless @project.has_menu_permission("versions")
@user_admin_or_member = current_user.present? && (current_user.admin || @project.member?(current_user))
order_name = params[:order_name] || "created_on"
order_type = params[:order_type] || "desc"
status = params[:status]
versions = @project.versions.version_includes
@open_versions_size = versions.where(status: "open")&.size
@ -27,9 +25,6 @@ class VersionsController < ApplicationController
end
def show
order_name = params[:order_name] || "created_on"
order_type = params[:order_type] || "desc"
version_issues = @version.issues.issue_includes
status_type = params[:status_type] || "1"
@ -167,4 +162,12 @@ class VersionsController < ApplicationController
end
end
def order_name
Version.column_names.include?(params[:order_name]) ? params[:order_name] : 'created_on'
end
def order_type
%w(desc asc).include?(params[:order_type]) ? params[:order_type] : 'desc'
end
end

6
app/controllers/weapps/courses_controller.rb
View File

@ -86,7 +86,7 @@ class Weapps::CoursesController < Weapps::BaseController
end
if search.present?
@teacher_list = @teacher_list.joins(:user).where("LOWER(CONCAT_WS(users.lastname, users.firstname, users.nickname)) like ?", "%#{search}%")
@teacher_list = @teacher_list.joins(:user).where("LOWER(CONCAT(users.lastname, users.firstname)) like ? OR users.nickname like ?", "%#{search}%", "%#{search}%")
end
@teacher_list_size = @teacher_list.size
@ -127,8 +127,8 @@ class Weapps::CoursesController < Weapps::BaseController
@students = CourseMember.students(@course)
if search.present?
@students = @students.joins(user: :user_extension).where("LOWER(CONCAT_WS(users.lastname, users.firstname, users.nickname)) like ? or
user_extensions.student_id like ?", "%#{search}%", "%#{search}%")
@students = @students.joins(user: :user_extension).where("LOWER(CONCAT(users.lastname, users.firstname)) like ? or users.nickname like ? or
user_extensions.student_id like ?", "%#{search}%", "%#{search}%", "%#{search}%")
end
if course_group_id.present?

6
app/controllers/zips_controller.rb
View File

@ -86,7 +86,7 @@ class ZipsController < ApplicationController
#搜索
if params[:search].present?
@ex_users = @ex_users.joins(user: :user_extension).where("CONCAT_WS(lastname, firstname, nickname) like ? OR student_id like ?", "%#{params[:search]}%", "%#{params[:search]}%")
@ex_users = @ex_users.joins(user: :user_extension).where("CONCAT(lastname, firstname) like ? OR nickname like ? OR student_id like ?", "%#{params[:search]}%", "%#{params[:search]}%", "%#{params[:search]}%")
end
default_ex_users_size = @ex_users&.size
@ -130,8 +130,8 @@ class ZipsController < ApplicationController
end
unless params[:search].blank?
@all_student_works = @all_student_works.joins(user: :user_extension).where("CONCAT_WS(lastname, firstname, nickname) like ?
or student_id like ?", "%#{params[:search]}%", "%#{params[:search]}%")
@all_student_works = @all_student_works.joins(user: :user_extension).where("CONCAT(lastname, firstname) like ? or nickname like ?
or student_id like ?", "%#{params[:search]}%", "%#{params[:search]}%", "%#{params[:search]}%")
end
student_work_sizes = @all_student_works&.size

80
app/models/attachment.rb
View File

@ -1,42 +1,42 @@
# == Schema Information
#
# Table name: attachments
#
# id :integer not null, primary key
# container_id :integer
# container_type :string(30)
# filename :string(255) default(""), not null
# disk_filename :string(255) default(""), not null
# filesize :integer default("0"), not null
# content_type :string(255) default("")
# digest :string(60) default(""), not null
# downloads :integer default("0"), not null
# author_id :integer default("0"), not null
# created_on :datetime
# description :text(65535)
# disk_directory :string(255)
# attachtype :integer default("1")
# is_public :integer default("1")
# copy_from :integer
# quotes :integer default("0")
# is_publish :integer default("1")
# publish_time :datetime
# resource_bank_id :integer
# unified_setting :boolean default("1")
# cloud_url :string(255) default("")
# course_second_category_id :integer default("0")
# delay_publish :boolean default("0")
#
# Indexes
#
# index_attachments_on_author_id (author_id)
# index_attachments_on_container_id_and_container_type (container_id,container_type)
# index_attachments_on_course_second_category_id (course_second_category_id)
# index_attachments_on_created_on (created_on)
# index_attachments_on_is_public (is_public)
# index_attachments_on_quotes (quotes)
#
# == Schema Information
#
# Table name: attachments
#
# id :integer not null, primary key
# container_id :integer
# container_type :string(30)
# filename :string(255) default(""), not null
# disk_filename :string(255) default(""), not null
# filesize :integer default("0"), not null
# content_type :string(255) default("")
# digest :string(60) default(""), not null
# downloads :integer default("0"), not null
# author_id :integer default("0"), not null
# created_on :datetime
# description :text(65535)
# disk_directory :string(255)
# attachtype :integer default("1")
# is_public :integer default("1")
# copy_from :integer
# quotes :integer default("0")
# is_publish :integer default("1")
# publish_time :datetime
# resource_bank_id :integer
# unified_setting :boolean default("1")
# cloud_url :string(255) default("")
# course_second_category_id :integer default("0")
# delay_publish :boolean default("0")
#
# Indexes
#
# index_attachments_on_author_id (author_id)
# index_attachments_on_container_id_and_container_type (container_id,container_type)
# index_attachments_on_course_second_category_id (course_second_category_id)
# index_attachments_on_created_on (created_on)
# index_attachments_on_is_public (is_public)
# index_attachments_on_quotes (quotes)
#
class Attachment < ApplicationRecord
include BaseModel
@ -52,7 +52,7 @@ class Attachment < ApplicationRecord
# 二级目录
# belongs_to :course_second_category, optional: true
scope :by_filename_or_user_name, -> (keywords) { joins(:author).where("filename like :search or LOWER(CONCAT_WS(users.lastname, users.firstname, users.nickname)) LIKE :search",
scope :by_filename_or_user_name, -> (keywords) { joins(:author).where("filename like :search or LOWER(CONCAT(users.lastname, users.firstname)) LIKE :search OR users.nickname LIKE :search",
:search => "%#{keywords.split(" ").join('|')}%") unless keywords.blank? }
scope :by_keywords, -> (keywords) { where("filename LIKE ?", "%#{keywords.split(" ").join('|')}%") unless keywords.blank? }
scope :ordered, -> (opts = {}) { order("#{opts[:sort_type]} #{opts[:sort] == 1 ? 'asc': 'desc'}") }

148
app/models/project.rb
View File

@ -1,76 +1,78 @@
# == Schema Information
#
# Table name: projects
#
# id :integer not null, primary key
# name :string(255) default(""), not null
# description :text(4294967295)
# homepage :string(255) default("")
# is_public :boolean default("1"), not null
# parent_id :integer
# created_on :datetime
# updated_on :datetime
# identifier :string(255)
# status :integer default("1"), not null
# lft :integer
# rgt :integer
# inherit_members :boolean default("0"), not null
# project_type :integer default("0")
# hidden_repo :boolean default("0"), not null
# attachmenttype :integer default("1")
# user_id :integer
# dts_test :integer default("0")
# enterprise_name :string(255)
# organization_id :integer
# project_new_type :integer
# gpid :integer
# forked_from_project_id :integer
# forked_count :integer default("0")
# publish_resource :integer default("0")
# visits :integer default("0")
# hot :integer default("0")
# invite_code :string(255)
# qrcode :string(255)
# qrcode_expiretime :integer default("0")
# script :text(65535)
# training_status :integer default("0")
# rep_identifier :string(255)
# project_category_id :integer
# project_language_id :integer
# license_id :integer
# ignore_id :integer
# praises_count :integer default("0")
# watchers_count :integer default("0")
# issues_count :integer default("0")
# pull_requests_count :integer default("0")
# language :string(255)
# versions_count :integer default("0")
# issue_tags_count :integer default("0")
# closed_issues_count :integer default("0")
# open_devops :boolean default("0")
# gitea_webhook_id :integer
# open_devops_count :integer default("0")
# recommend :boolean default("0")
# platform :integer default("0")
# default_branch :string(255) default("master")
# website :string(255)
# order_index :integer default("0")
# lesson_url :string(255)
#
# Indexes
#
# index_projects_on_forked_from_project_id (forked_from_project_id)
# index_projects_on_identifier (identifier)
# index_projects_on_is_public (is_public)
# index_projects_on_lft (lft)
# index_projects_on_name (name)
# index_projects_on_platform (platform)
# index_projects_on_project_type (project_type)
# index_projects_on_recommend (recommend)
# index_projects_on_rgt (rgt)
# index_projects_on_status (status)
# index_projects_on_updated_on (updated_on)
#
# == Schema Information
#
# Table name: projects
#
# id :integer not null, primary key
# name :string(255) default(""), not null
# description :text(4294967295)
# homepage :string(255) default("")
# is_public :boolean default("1"), not null
# parent_id :integer
# created_on :datetime
# updated_on :datetime
# identifier :string(255)
# status :integer default("1"), not null
# lft :integer
# rgt :integer
# inherit_members :boolean default("0"), not null
# project_type :integer default("0")
# hidden_repo :boolean default("0"), not null
# attachmenttype :integer default("1")
# user_id :integer
# dts_test :integer default("0")
# enterprise_name :string(255)
# organization_id :integer
# project_new_type :integer
# gpid :integer
# forked_from_project_id :integer
# forked_count :integer default("0")
# publish_resource :integer default("0")
# visits :integer default("0")
# hot :integer default("0")
# invite_code :string(255)
# qrcode :string(255)
# qrcode_expiretime :integer default("0")
# script :text(65535)
# training_status :integer default("0")
# rep_identifier :string(255)
# project_category_id :integer
# project_language_id :integer
# license_id :integer
# ignore_id :integer
# praises_count :integer default("0")
# watchers_count :integer default("0")
# issues_count :integer default("0")
# pull_requests_count :integer default("0")
# language :string(255)
# versions_count :integer default("0")
# issue_tags_count :integer default("0")
# closed_issues_count :integer default("0")
# open_devops :boolean default("0")
# gitea_webhook_id :integer
# open_devops_count :integer default("0")
# recommend :boolean default("0")
# platform :integer default("0")
# default_branch :string(255) default("master")
# website :string(255)
# order_index :integer default("0")
# lesson_url :string(255)
#
# Indexes
#
# index_projects_on_forked_from_project_id (forked_from_project_id)
# index_projects_on_identifier (identifier)
# index_projects_on_invite_code (invite_code)
# index_projects_on_is_public (is_public)
# index_projects_on_lft (lft)
# index_projects_on_name (name)
# index_projects_on_platform (platform)
# index_projects_on_project_type (project_type)
# index_projects_on_recommend (recommend)
# index_projects_on_rgt (rgt)
# index_projects_on_status (status)
# index_projects_on_updated_on (updated_on)
#

3
app/models/pull_request.rb
View File

@ -38,7 +38,8 @@ class PullRequest < ApplicationRecord
has_many :project_trends, as: :trend, dependent: :destroy
has_many :attachments, as: :container, dependent: :destroy
scope :merged_and_closed, ->{where.not(status: 1)}
scope :merged_and_closed, ->{where.not(status: 0)}
scope :opening, -> {where(status: 0)}
after_save :reset_cache_data
after_destroy :reset_cache_data

2
app/models/user.rb
View File

@ -174,7 +174,7 @@ class User < Owner
# Groups and active users
scope :active, lambda { where(status: STATUS_ACTIVE) }
scope :like, lambda { |keywords|
sql = "CONCAT_WS(lastname, firstname, nickname) LIKE :search OR login LIKE :search OR mail LIKE :search OR nickname LIKE :search"
sql = "CONCAT(lastname, firstname) LIKE :search OR nickname LIKE :search OR login LIKE :search OR mail LIKE :search OR nickname LIKE :search"
where(sql, :search => "%#{keywords.split(" ").join('|')}%") unless keywords.blank?
}

1
app/models/version.rb
View File

@ -30,6 +30,7 @@ class Version < ApplicationRecord
scope :version_includes, ->{includes(:issues, :user)}
scope :closed, ->{where(status: 'closed')}
scope :opening, ->{where(status: 'open')}
# def open_issues_count
# issues.select(:id,:status_id).where(status_id: [1,2,3,4,6]).size

2
app/queries/admins/apply_item_bank_query.rb
View File

@ -26,7 +26,7 @@ class Admins::ApplyItemBankQuery < ApplicationQuery
keyword = params[:keyword].to_s.strip
if keyword.present?
applies = applies.joins(user: { user_extension: :school })
.where('CONCAT_WS(lastname,firstname, nickname) LIKE :keyword OR schools.name LIKE :keyword', keyword: "%#{keyword}%")
.where('CONCAT(lastname,firstname) LIKE :keyword OR users.nickname LIKE :keyword OR schools.name LIKE :keyword', keyword: "%#{keyword}%")
end
custom_sort(applies, params[:sort_by], params[:sort_direction])

2
app/queries/admins/apply_user_authentication_query.rb
View File

@ -26,7 +26,7 @@ class Admins::ApplyUserAuthenticationQuery < ApplicationQuery
keyword = params[:keyword].to_s.strip
if keyword.present?
applies = applies.joins(user: { user_extension: :school })
.where('CONCAT_WS(lastname,firstname,nickname) LIKE :keyword OR schools.name LIKE :keyword', keyword: "%#{keyword}%")
.where('CONCAT(lastname,firstname) LIKE :keyword OR users.nickname LIKE :keyword OR schools.name LIKE :keyword', keyword: "%#{keyword}%")
end
custom_sort(applies, params[:sort_by], params[:sort_direction])

2
app/queries/admins/course_list_query.rb
View File

@ -19,7 +19,7 @@ class Admins::CourseListQuery < ApplicationQuery
case search_type
when "0"
course_lists = course_lists.joins(:user)
.where('CONCAT_WS(lastname, firstname, nickname) like :keyword', keyword: "%#{keyword}%")
.where('CONCAT(lastname, firstname) like :keyword OR users.nickname like :keyword', keyword: "%#{keyword}%")
when "1"
course_lists = course_lists.where('name like :keyword', keyword: "%#{keyword}%")
end

2
app/queries/admins/course_query.rb
View File

@ -35,7 +35,7 @@ class Admins::CourseQuery < ApplicationQuery
# 关键字
keyword = params[:keyword].to_s.strip
if keyword
sql = 'CONCAT_WS(lastname, firstname, nickname) LIKE :keyword OR courses.name LIKE :keyword OR course_lists.name LIKE :keyword'
sql = 'CONCAT(lastname, firstname) LIKE :keyword OR users.nickname LIKE :keyword OR courses.name LIKE :keyword OR course_lists.name LIKE :keyword'
courses = courses.joins(:teacher, :course_list).where(sql, keyword: "%#{keyword}%")
end

2
app/queries/admins/laboratory_shixun_query.rb
View File

@ -11,7 +11,7 @@ class Admins::LaboratoryShixunQuery < ApplicationQuery
keyword = params[:keyword].to_s.strip
if keyword.present?
like_sql = 'shixuns.name LIKE :keyword OR CONCAT_WS(users.lastname, users.firstname, users.nickname) LIKE :keyword'
like_sql = 'shixuns.name LIKE :keyword OR CONCAT(users.lastname, users.firstname) LIKE :keyword OR users.nickname LIKE :keyword'
laboratory_shixuns = laboratory_shixuns.joins(shixun: :user).where(like_sql, keyword: "%#{keyword}%")
end

2
app/queries/admins/laboratory_subject_query.rb
View File

@ -11,7 +11,7 @@ class Admins::LaboratorySubjectQuery < ApplicationQuery
keyword = params[:keyword].to_s.strip
if keyword.present?
like_sql = 'subjects.name LIKE :keyword OR CONCAT_WS(users.lastname, users.firstname, users.nickname) LIKE :keyword'
like_sql = 'subjects.name LIKE :keyword OR CONCAT(users.lastname, users.firstname) LIKE :keyword OR users.nickname LIKE :keyword'
laboratory_subjects = laboratory_subjects.joins(subject: :user).where(like_sql, keyword: "%#{keyword}%")
end

2
app/queries/admins/subject_query.rb
View File

@ -40,7 +40,7 @@ class Admins::SubjectQuery < ApplicationQuery
# 关键字
keyword = params[:keyword].to_s.strip
if keyword
sql = 'CONCAT_WS(lastname, firstname, nickname) LIKE :keyword OR subjects.name LIKE :keyword'
sql = 'CONCAT(lastname, firstname) LIKE :keyword OR users.nickname LIKE :keyword OR subjects.name LIKE :keyword'
subjects = subjects.joins(:user).where(sql, keyword: "%#{keyword}%")
end

4
app/queries/admins/user_query.rb
View File

@ -30,14 +30,14 @@ class Admins::UserQuery < ApplicationQuery
# 关键字检索
keyword = params[:keyword].to_s.strip.presence
if keyword
sql = 'CONCAT_WS(lastname, firstname, nickname) LIKE :keyword OR login LIKE :keyword OR mail LIKE :keyword OR phone LIKE :keyword'
sql = 'CONCAT(lastname, firstname) LIKE :keyword OR nickname LIKE :keyword OR login LIKE :keyword OR mail LIKE :keyword OR phone LIKE :keyword'
users = users.where(sql, keyword: "%#{keyword}%")
end
# 姓名
name = params[:name].to_s.strip.presence
if name.present?
users = users.where('CONCAT_WS(lastname, firstname, nickname) LIKE :name', name: "%#{name}%")
users = users.where('CONCAT(lastname, firstname) LIKE :name OR nickname LIKE :name', name: "%#{name}%")
end
# 单位ID

4
app/queries/projects/list_my_query.rb
View File

@ -55,8 +55,8 @@ class Projects::ListMyQuery < ApplicationQuery
scope = q.result.includes(:project_category, :project_language,:owner, :repository, :has_pinned_users)
sort = params[:sort_by] || "updated_on"
sort_direction = params[:sort_direction] || "desc"
sort = Project.column_names.include?(params[:sort_by]) ? params[:sort_by] : "updated_on"
sort_direction = %w(desc asc).include?(params[:sort_direction]) ? params[:sort_direction] : "desc"
if params[:choosed].present? && params[:choosed].is_a?(Array)
scope.order("FIELD(id, #{params[:choosed].reverse.join(",")}) desc")

2
app/queries/user_query.rb
View File

@ -10,7 +10,7 @@ class UserQuery < ApplicationQuery
# 真实姓名
if name = strip_param(:name)
users = users.where('LOWER(CONCAT_WS(users.lastname, users.firstname, users.nickname)) LIKE ?', "%#{name.downcase}%")
users = users.where('LOWER(CONCAT(users.lastname, users.firstname)) LIKE ? OR users.nickname LIKE ?', "%#{name.downcase}%", "%#{name.downcase}%")
end
# 单位名称

4
app/queries/weapps/subject_query.rb
View File

@ -28,10 +28,10 @@ class Weapps::SubjectQuery < ApplicationQuery
private
def order_type
params[:order] || "updated_at"
Subject.column_names.include?(params[:order]) ? params[:order] : 'updated_at'
end
def sort_type
params[:sort] || "desc"
%w(desc asc).include?(params[:sort]) ? params[:sort] : "desc"
end
end

2
app/services/admins/import_user_service.rb
View File

@ -84,7 +84,7 @@ class Admins::ImportUserService < ApplicationService
if data.identity.to_i == 1
users = users.where(user_extensions: { student_id: data.student_id })
else
users = users.where(user_extensions: { technical_title: data.technical_title }).where('CONCAT_WS(users.lastname,users.firstname,users.nickname) = ?', data.name)
users = users.where(user_extensions: { technical_title: data.technical_title }).where('CONCAT(users.lastname,users.firstname) = ? OR users.nickname = ?', data.name, data.name)
end
users.first

12
app/services/issues/list_query_service.rb
View File

@ -45,9 +45,17 @@ class Issues::ListQueryService < ApplicationService
issues = issues.where(issue_type: params[:issue_type].to_s) if params[:issue_type].present? && params[:issue_type].to_s != "all"
issues = issues.joins(:issue_tags).where(issue_tags: {id: params[:issue_tag_id].to_i}) if params[:issue_tag_id].present? && params[:issue_tag_id].to_s != "all"
order_type = params[:order_type] || "desc" #或者"asc"
order_name = params[:order_name] || "updated_on" #或者"updated_on"
issues.reorder("issues.#{order_name} #{order_type}")
end
private
def order_name
Issue.column_names.include?(params[:order_name]) ? params[:order_name] : 'updated_on'
end
def order_type
%w(desc asc).include?(params[:order_type]) ? params[:order_type] : 'desc'
end
end

2
app/services/projects/apply_join_service.rb
View File

@ -33,7 +33,7 @@ class Projects::ApplyJoinService < ApplicationService
private
def project
@_project ||= Project.find_by('binary(invite_code) = ? ',"#{params[:code].to_s.strip}")
@_project ||= Project.find_by(invite_code: params[:code].to_s.strip)
end
def role_value

10
app/views/issues/index.json.jbuilder
View File

@ -1,9 +1,9 @@
json.partial! "commons/success"
json.all_count @all_issues_size
json.open_count @open_issues_size
json.close_count @close_issues_size
json.assign_me_count @assign_to_me_size
json.my_published_count @my_published_size
json.all_count @all_issues.size
json.open_count @open_issues.size
json.close_count @close_issues.size
json.assign_me_count @assign_to_me.size
json.my_published_count @my_published.size
json.search_count @issues_size
json.limit @limit
json.user_admin_or_member @user_admin_or_member

8
app/views/pull_requests/index.json.jbuilder
View File

@ -1,8 +1,8 @@
json.partial! "commons/success"
json.all_count @all_issues_size
json.open_count @open_issues_size
json.close_count @close_issues_size
json.merged_issues_size @merged_issues_size
json.all_count @all_issues.size
json.open_count @open_issues.size
json.close_count @close_issues.size
json.merged_issues_size @merged_issues.size
json.search_count @issues_size
json.limit @limit
json.user_admin_or_member @user_admin_or_member

7
app/views/repositories/detail.json.jbuilder
View File

@ -12,13 +12,13 @@ json.name @project.name
json.description @project.description
json.project_id @project.id
json.repo_id @repository.id
json.issues_count @project.issues_count.to_i - @project.pull_requests_count.to_i
json.pull_requests_count @project.pull_requests_count
json.issues_count @project.issues.issue_issue.size - @project.issues.issue_issue.closed.size
json.pull_requests_count @project.pull_requests.opening.size
json.project_identifier render_identifier(@project)
json.praises_count @project.praises_count.to_i
json.forked_count @project.forked_count.to_i
json.watchers_count @project.watchers_count.to_i
json.versions_count @project.versions_count #里程碑数量
json.versions_count @project.versions.opening.size #里程碑数量
json.version_releases_count @project.releases_size(@user.try(:id), "all")
json.version_releasesed_count @project.releases_size(@user.try(:id), "released") #已发行的版本
json.permission render_permission(@user, @project)
@ -43,6 +43,7 @@ json.fork_info do
json.fork_project_user_login @fork_project_user.try(:login)
json.fork_project_identifier @fork_project.identifier
json.fork_project_user_name @fork_project_user.try(:show_real_name)
json.fork_project_user_type @fork_project_user.try(:type)
end
end
if @result[:repo]

8
db/migrate/20210615063727_add_invite_code_index_to_projects.rb Normal file
View File

@ -0,0 +1,8 @@
class AddInviteCodeIndexToProjects < ActiveRecord::Migration[5.2]
def change
add_index :projects, :invite_code
execute <<-SQL
ALTER TABLE projects MODIFY COLUMN invite_code VARCHAR(255) BINARY CHARACTER SET utf8 COLLATE utf8_bin DEFAULT NULL;
SQL
end
end