跨域bug修复2

2026-04-14 15:56:57 +08:00
parent 74053bdbdc
commit fd3535f884
14 changed files with 65 additions and 65 deletions
--- a/backend/services/attendance_service.py
+++ b/backend/services/attendance_service.py
@@ -41,9 +41,7 @@ class AttendanceService:
            return {"success": False, "message": "无权进行此操作"}
        
        # 检查是否同班级
-        can_manage = await PermissionChecker.check_can_manage_student(recorder_id, student_id)
-        if not can_manage:
-            return {"success": False, "message": "无权操作该学生"}
+        # 单班级系统，管理员均可操作
        
        # 添加考勤记录
        attendance_id = await AttendanceModel.create_record(
@@ -96,17 +94,12 @@ class AttendanceService:
        role = await PermissionChecker.get_user_role(user_id)
        
        if role in ["班主任", "考勤委员"]:
-            class_id = await PermissionChecker.get_user_class_id(user_id)
            records = await AttendanceModel.get_class_records(
-                class_id=class_id,
                date=date,
                student_id=student_id
            )
        elif student_id:
-            # 查看指定学生
-            can_manage = await PermissionChecker.check_can_manage_student(user_id, student_id)
-            if not can_manage:
-                return {"error": "无权查看该学生记录"}
+            # 管理员可查看指定学生
            records = await AttendanceModel.get_student_records(student_id)
        else:
            records = []
--- a/backend/services/auth_service.py
+++ b/backend/services/auth_service.py
@@ -146,8 +146,6 @@ class AuthService:
            if student:
                result["student_no"] = student["student_no"]
                result["student_name"] = student["name"]
-                result["class_id"] = student["class_id"]
-                result["class_name"] = student["class_name"]
                result["total_points"] = student["total_points"]
        
        # 获取管理员角色
@@ -155,7 +153,6 @@ class AuthService:
            admin_role = await AdminRoleModel.get_by_user_id(user_id)
            if admin_role:
                result["role"] = admin_role["role_type"]
-                result["class_id"] = admin_role["class_id"]
        
        return result
    
--- a/backend/services/conduct_service.py
+++ b/backend/services/conduct_service.py
@@ -133,9 +133,7 @@ class ConductService:
        
        # 班主任/班长可查看全班
        if role in ["班主任", "班长"]:
-            user_class = await PermissionChecker.get_user_class_id(user_id)
            records = await ConductModel.get_all_records(
-                class_id=user_class,
                limit=page_size,
                offset=offset,
                start_date=start_date,
@@ -147,16 +145,13 @@ class ConductService:
            count_sql = """
                SELECT COUNT(*) as total FROM conduct_records cr
                JOIN students s ON cr.student_id = s.student_id
-                WHERE s.class_id = %s AND cr.is_revoked = 0
+                WHERE cr.is_revoked = 0
            """
-            total_result = await execute_one(count_sql, (user_class,))
+            total_result = await execute_one(count_sql)
            total = total_result["total"] if total_result else 0
            
        elif student_id:
-            # 查看指定学生（需权限验证）
-            can_manage = await PermissionChecker.check_can_manage_student(user_id, student_id)
-            if not can_manage:
-                return {"error": "无权查看该学生记录"}
+            # 管理员可查看指定学生
            
            records = await ConductModel.get_student_records(
                student_id=student_id,
--- a/backend/services/homework_service.py
+++ b/backend/services/homework_service.py
@@ -31,12 +31,10 @@ class HomeworkService:
        role = await PermissionChecker.get_user_role(user_id)
        
        if role == "班主任":
-            class_id = await PermissionChecker.get_user_class_id(user_id)
-            assignments = await HomeworkModel.get_assignments_by_class(class_id)
+            assignments = await HomeworkModel.get_all_assignments()
        elif role == "科代表":
-            class_id = await PermissionChecker.get_user_class_id(user_id)
            subject_ids = await PermissionChecker.get_user_subject_ids(user_id)
-            assignments = await HomeworkModel.get_assignments_by_subjects(class_id, subject_ids)
+            assignments = await HomeworkModel.get_assignments_by_subjects(subject_ids)
        else:
            assignments = []
        
@@ -51,10 +49,7 @@ class HomeworkService:
        created_by: int
    ) -> Dict[str, Any]:
        """创建作业"""
-        class_id = await PermissionChecker.get_user_class_id(created_by)
-        
        assignment_id = await HomeworkModel.create_assignment(
-            class_id=class_id,
            subject_id=subject_id,
            title=title,
            description=description,
--- a/backend/services/student_service.py
+++ b/backend/services/student_service.py
@@ -119,15 +119,12 @@ class StudentService:
    @staticmethod
    async def get_ranking(
        user_id: int,
-        class_id: Optional[int] = None,
        limit: int = 50
    ) -> Dict[str, Any]:
        """获取排行榜（单班级系统）"""
-        # 单班级系统，直接获取排行榜
        ranking = await StudentModel.get_ranking(limit=limit)
        
        return {
-            "class_id": class_id or 1,
            "ranking": ranking
        }