From 91e984f7e5b982329f43c7b25d3ac74b0337c38e Mon Sep 17 00:00:00 2001
From: Jason Lee <huacnlee@gmail.com>
Date: Sun, 3 Apr 2011 00:02:04 +0800
Subject: [PATCH 1/2] =?UTF-8?q?Mod:=20in=5Fplace=5Fedit=20=E8=B0=83?=
 =?UTF-8?q?=E7=94=A8=E7=9A=84Ajax=20API=E5=8A=A0=E5=85=A5=E6=9D=83?=
 =?UTF-8?q?=E9=99=90=E9=99=90=E5=88=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/home_controller.rb | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb
index 6db050b..718736d 100644
--- a/app/controllers/home_controller.rb
+++ b/app/controllers/home_controller.rb
@@ -52,6 +52,13 @@ def muted
   def update_in_place
     # TODO: Here need to chack permission
     klass, field, id = params[:id].split('__')
+    puts params[:id]
+
+    # 验证权限,用户是否有修改制定信息的权限
+    case klass
+    when "user" then return if current_user.id.to_s != id
+    end
+
     object = klass.camelize.constantize.find(id)
     if object.update_attributes(field => params[:value])
       render :text => object.send(field).to_s

From 994e47691e5f935516b337085578072c25e7ef5b Mon Sep 17 00:00:00 2001
From: Jason Lee <huacnlee@gmail.com>
Date: Sun, 3 Apr 2011 00:06:26 +0800
Subject: [PATCH 2/2] =?UTF-8?q?Mod:=20=E7=A9=BA=E8=AF=84=E8=AE=BA=E6=97=A0?=
 =?UTF-8?q?=E6=B3=95=E5=86=8D=E6=8F=90=E4=BA=A4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/models/comment.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/models/comment.rb b/app/models/comment.rb
index e7a45e8..31ac0a3 100644
--- a/app/models/comment.rb
+++ b/app/models/comment.rb
@@ -8,6 +8,8 @@ class Comment
   belongs_to :commentable, :polymorphic => true
   belongs_to :user
 
+  validates_presence_of :body
+
   before_create :fix_commentable_id
   def fix_commentable_id
     if self.commentable_id.class == "".class