update

TEAMModelOS.Extension/IES.Exam/IES.ExamServer/Controllers/ManageController.cs

@@ -164,7 +164,7 @@ namespace IES.ExamServer.Controllers
             }
             //如果要访问中心，则需要教师登录联网。  
             var token = GetAuthTokenInfo();
-            if (token.scope.Equals(ExamConstant.ScopeTeacher))
+            if ( token.scope.Equals(ExamConstant.ScopeTeacher) || token.scope.Equals(ExamConstant.ScopeVisitor))//由于已经绑定学校，访客教师也可以访问中心。
             {
                 if (_connectionService.centerIsConnected)
                 {
@@ -633,7 +633,7 @@ namespace IES.ExamServer.Controllers
                     var anonymousObject = new Dictionary<string, object?>();
                     foreach (var property in properties)
                     {
-                        if (!property.Name.Equals("password") && !property.Name.Equals("shortCode")&& !property.Name.Equals("openCode"))
+                        if (!property.Name.Equals("password") && !property.Name.Equals("openCode"))
                         {
                             anonymousObject[property.Name] = property.GetValue(client);
                         }

TEAMModelOS.SDK/Extension/HttpContextExtensions.cs

@@ -248,7 +248,6 @@ namespace TEAMModelOS.SDK.Extension
             httpContext?.Items.TryGetValue("Name", out name);
             httpContext?.Items.TryGetValue("Picture", out picture);
             httpContext?.Items.TryGetValue("School", out school);
-
             return (id?.ToString(), name?.ToString(), picture?.ToString(), school?.ToString());
         }
         /// <summary>

TEAMModelOS/Controllers/Both/EvaluationSyncInfoController.cs

@@ -64,7 +64,7 @@ namespace TEAMModelOS.Controllers.Both
         /// <param name="request"></param>
         /// <returns></returns>
         [ProducesDefaultResponseType]
-        [AuthToken(Roles = "teacher,admin")]
+        [AuthToken(Roles = "teacher,admin,visitor")]
         [HttpPost("find-sync-info")]
         //#if !DEBUG
         //        [Authorize(Roles = "IES")]
@@ -73,7 +73,7 @@ namespace TEAMModelOS.Controllers.Both
         {
            // int code =0;
             //string msg = string.Empty;
-            var tokenInfo =  HttpContext.GetAuthTokenInfo();
+            var tokenInfo =  HttpContext.GetAuthTokenKey("Scope");
 
             string shortCode = $"{json["shortCode"]}";
             string evaluationId = $"{json["evaluationId"]}";
@@ -105,12 +105,31 @@ namespace TEAMModelOS.Controllers.Both
             }
             if (evaluationSyncInfo.scope.Equals("school"))
             {
-                ResponseMessage  response=  await _azureCosmos.GetCosmosClient().GetContainer(Constant.TEAMModelOS, Constant.School).ReadItemStreamAsync(tokenInfo.id, new PartitionKey($"Teacher-{evaluationSyncInfo.ownerId}"));
-                if (!response.IsSuccessStatusCode) 
+                if (!string.IsNullOrWhiteSpace(tokenInfo.school))
                 {
-                    await _dingDing.SendBotMsg($"根据试卷提取码搜索评测，检测到查询数据的教师未加入学校,数据归属{evaluationSyncInfo.scope}，教师id:{tokenInfo.id},ownerId:{evaluationSyncInfo.ownerId}", GroupNames.成都开发測試群組);
-                    return Ok(new { code = 4, msg = "教师未加入当前评测的学校！" });
+                    if (!evaluationSyncInfo.ownerId.Equals(tokenInfo.school))
+                    {
+                        return Ok(new { code = 4, msg = "教师未加入当前评测的学校！" });
+                    }
+                    else
+                    {
+                        if (tokenInfo.keyData.Equals(Constant.ScopeTeacher))
+                        {
+                            ResponseMessage response = await _azureCosmos.GetCosmosClient().GetContainer(Constant.TEAMModelOS, Constant.School).ReadItemStreamAsync(tokenInfo.id, new PartitionKey($"Teacher-{evaluationSyncInfo.ownerId}"));
+                            if (!response.IsSuccessStatusCode)
+                            {
+                                await _dingDing.SendBotMsg($"根据试卷提取码搜索评测，检测到查询数据的教师未加入学校,数据归属{evaluationSyncInfo.scope}，教师id:{tokenInfo.id},ownerId:{evaluationSyncInfo.ownerId}", GroupNames.成都开发測試群組);
+                                return Ok(new { code = 4, msg = "教师未加入当前评测的学校！" });
+                            }
+                        }
+                    }
                 }
+                else 
+                {
+                    await _dingDing.SendBotMsg($"{tokenInfo.id},{tokenInfo.name},{json.ToJsonString()},评测客户端未绑定学校", GroupNames.成都开发測試群組);
+                    return Ok(new { code = 12, msg = "评测客户端未绑定学校！" });
+                }
+
             }
             else 
             {

TEAMModelOS/Filter/AuthTokenAttribute.cs

@@ -170,7 +170,7 @@ namespace TEAMModelOS.Filter
                         context.HttpContext.Items.Add("School", school);
                         context.HttpContext.Items.Add("Standard", standard);
                         context.HttpContext.Items.Add("Roles", _role);
-                        context.HttpContext.Items.Add("Scope", scope);
+                        context.HttpContext.Items.Add("c", scope);
                         context.HttpContext.Items.Add("Website", website);
                         context.HttpContext.Items.Add("Area", area);
                         context.HttpContext.Items.Add("Permissions", _permission);