using Entities.Contracts; using Entities.DTO; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Mvc; using TechHelper.Server.Services; using TechHelper.Context; using TechHelper.Repository; using SharedDATA.Api; using System.Security.Claims; namespace TechHelper.Server.Controllers { [Route("api/student-submission-detail")] [ApiController] [Authorize] public class StudentSubmissionDetailController : ControllerBase { private readonly IStudentSubmissionDetailService _studentSubmissionDetailService; private readonly UserManager _userManager; private readonly IUnitOfWork _unitOfWork; public StudentSubmissionDetailController( IStudentSubmissionDetailService studentSubmissionDetailService, UserManager userManager, IUnitOfWork unitOfWork) { _studentSubmissionDetailService = studentSubmissionDetailService; _userManager = userManager; _unitOfWork = unitOfWork; } /// /// 获取学生提交的详细信息 /// /// 提交ID /// 学生提交详细信息 [HttpGet("{submissionId:guid}")] public async Task GetSubmissionDetail(Guid submissionId) { try { // 验证用户权限 - 只有学生本人或教师可以查看 var user = await _userManager.FindByEmailAsync(User.Identity.Name); if (user == null) { return NotFound("未找到用户信息"); } var submission = await _unitOfWork.GetRepository() .GetFirstOrDefaultAsync(predicate: s => s.Id == submissionId); if (submission == null) { return NotFound("未找到指定的提交记录"); } // 检查权限:学生只能查看自己的提交,教师可以查看所有提交 if (user.Id != submission.StudentId && !User.IsInRole("Teacher")) { return Forbid("您没有权限查看此提交记录"); } var result = await _studentSubmissionDetailService.GetSubmissionDetailAsync(submissionId); if (result.Status) { return Ok(result.Result); } else { return BadRequest(result.Message); } } catch (Exception ex) { return StatusCode(500, $"获取学生提交详细信息失败: {ex.Message}"); } } } }