cafe-grader-web Files · app/controllers/application

cafe-grader-web

Location: cafe-grader-web/app/controllers/application_controller.rb - annotation

Commit Description:

fix error message when submission to closed problem

Commit Description:

fix error message when submission to closed problem

References:

r797:ebe6e5beb7c4 algo

File last commit:

r796:d1494dbef0e7 algo

Show/Diff file:

Action:

            
                    app/controllers/application_controller.rb
                
             | 168 lines
             | 4.9 KiB
             | text/x-ruby 
             | RubyLexer
             | 
      
            History
        
           Show Full History
         |
          Source
         | Raw
         |
              
              Download
              
     admin
  
add ip whitelisting

              r755
            
      require 'ipaddr'

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
      class ApplicationController < ActionController::Base

     Jittat Fakcharoenphol
  
boots into rails 3

              r318
            
        protect_from_forgery

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
     admin
  
change depricated before_filter to before_action

              r745
            
        before_action :current_user

     admin
  
use jquery by default

              r554
            
     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
        SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode'

     admin
  
add option to disable login from multiple ip

              r525
            
        MULTIPLE_IP_LOGIN_CONF_KEY = 'right.multiple_ip_login'

     admin
  
fix whitelisting bugs...

              r784
            
        WHITELIST_IGNORE_CONF_KEY = 'right.whitelist_ignore'

     admin
  
add ip whitelisting

              r755
            
        WHITELIST_IP_CONF_KEY = 'right.whitelist_ip'

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
     admin
  
- fix authorization for viewing submission, only admin can view all problems all the time, normal user depends on right.view_submission and problem.available?...

              r593
            
        #report and redirect for unauthorized activities

     admin
  
more test and clean up authorization

              r756
            
        def unauthorized_redirect(notice = 'You are not authorized to view the page you requested')

          flash[:notice] = notice

          redirect_to login_main_path

     admin
  
- fix authorization for viewing submission, only admin can view all problems all the time, normal user depends on right.view_submission and problem.available?...

              r593
            
        end

     admin
  
use jquery by default

              r554
            
        # Returns the current logged-in user (if any).

        def current_user

     admin
  
wip: bootstrap toggle switch...

              r556
            
          return nil unless session[:user_id]

     admin
  
use jquery by default

              r554
            
          @current_user ||= User.find(session[:user_id])

        end

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
        def admin_authorization

     admin
  
more test and clean up authorization

              r756
            
          return false unless check_valid_login

     admin
  
change find(:xxx) to correct syntax for rails 4

              r619
            
          user = User.includes(:roles).find(session[:user_id])

     admin
  
prepare for better hall of fame

              r425
            
          unless user.admin?

     admin
  
- fix authorization for viewing submission, only admin can view all problems all the time, normal user depends on right.view_submission and problem.available?...

              r593
            
            unauthorized_redirect

     admin
  
prepare for better hall of fame

              r425
            
            return false

          end

          return true

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
        end

        def authorization_by_roles(allowed_roles)

     admin
  
more test and clean up authorization

              r756
            
          return false unless check_valid_login

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
          user = User.find(session[:user_id])

          unless user.roles.detect { |role| allowed_roles.member?(role.name) }

     admin
  
- fix authorization for viewing submission, only admin can view all problems all the time, normal user depends on right.view_submission and problem.available?...

              r593
            
            unauthorized_redirect

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
            return false

          end

        end

     admin
  
add show testcase feature

              r625
            
        def testcase_authorization

          #admin always has privileged

          if @current_user.admin?

            return true

          end

     admin
  
- add view testcase toggle for each problem...

              r632
            
          unauthorized_redirect unless GraderConfiguration["right.view_testcase"]

     admin
  
add show testcase feature

              r625
            
        end

     admin
  
add ip whitelisting

              r755
            
     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
        protected

     admin
  
add ip whitelisting

              r755
            
        #redirect to root (and also force logout)

        #if the user is not logged_in or the system is in "ADMIN ONLY" mode

     admin
  
more test and clean up authorization

              r756
            
        def check_valid_login

          #check if logged in

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
          unless session[:user_id]

     admin
  
add options to allow hall of fame viewing by any user...

              r424
            
            if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY]

     admin
  
more test and clean up authorization

              r756
            
              unauthorized_redirect('You need to login but you cannot log in at this time')

            else

              unauthorized_redirect('You need to login')

     admin
  
add options to allow hall of fame viewing by any user...

              r424
            
            end

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
            return false

          end

          # check if run in single user mode

     Jittat Fakcharoenphol
  
renamed model Configuration to GraderConfiguration, renamed rhtml views to erb, fixed other small errors

              r320
            
          if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY]

     admin
  
fix user.admin? bug

              r757
            
            if @current_user==nil || (!@current_user.admin?)

     admin
  
more test and clean up authorization

              r756
            
              unauthorized_redirect('You cannot log in at this time')

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
              return false

            end

          end

     admin
  
add enabled option for user

              r670
            
          # check if the user is enabled

     admin
  
add ip whitelisting

              r755
            
          unless @current_user.enabled? || @current_user.admin?

     admin
  
more test and clean up authorization

              r756
            
            unauthorized_redirect 'Your account is disabled'

     admin
  
add enabled option for user

              r670
            
            return false

          end

     admin
  
add ip whitelisting

              r755
            
          # check if user ip is allowed

     admin
  
fix whitelisting bugs...

              r784
            
          unless @current_user.admin? || GraderConfiguration[WHITELIST_IGNORE_CONF_KEY]

     admin
  
add ip whitelisting

              r755
            
            unless is_request_ip_allowed?

     admin
  
fix whitelisting bugs...

              r784
            
              unauthorized_redirect 'Your IP is not allowed to login at this time.'

     admin
  
more test and clean up authorization

              r756
            
              return false

     admin
  
add ip whitelisting

              r755
            
            end

          end

     Jittat Fakcharoenphol
  
renamed model Configuration to GraderConfiguration, renamed rhtml views to erb, fixed other small errors

              r320
            
          if GraderConfiguration.multicontests? 

     admin
  
add enabled option for user

              r670
            
            return true if @current_user.admin?

     Jittat Fakcharoenphol
  
a cleaner, testable way to log out user after contest changed

              r295
            
            begin

     admin
  
add enabled option for user

              r670
            
              if @current_user.contest_stat(true).forced_logout

     Jittat Fakcharoenphol
  
a cleaner, testable way to log out user after contest changed

              r295
            
                flash[:notice] = 'You have been automatically logged out.'

                redirect_to :controller => 'main', :action => 'index'

              end

            rescue

            end

          end

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
          return true

        end

     admin
  
add ip whitelisting

              r755
            
        #redirect to root (and also force logout)

        #if the user use different ip from the previous connection

        #  only applicable when MULTIPLE_IP_LOGIN options is false only

     admin
  
add option to disable login from multiple ip

              r525
            
        def authenticate_by_ip_address

          #this assume that we have already authenticate normally

          unless GraderConfiguration[MULTIPLE_IP_LOGIN_CONF_KEY]

            user = User.find(session[:user_id])

     admin
  
fix user.admin? bug

              r757
            
            if (!user.admin? && user.last_ip && user.last_ip != request.remote_ip)

     admin
  
add option to disable login from multiple ip

              r525
            
              flash[:notice] = "You cannot use the system from #{request.remote_ip}. Your last ip is #{user.last_ip}"

              redirect_to :controller => 'main', :action => 'login'

              return false

            end

            unless user.last_ip

              user.last_ip = request.remote_ip

              user.save

            end

          end

          return true

        end

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
        def authorization

     admin
  
more test and clean up authorization

              r756
            
          return false unless check_valid_login

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
          user = User.find(session[:user_id])

          unless user.roles.detect { |role|

     admin
  
- add view testcase toggle for each problem...

              r632
            
              role.rights.detect{ |right|

                right.controller == self.class.controller_name and

     admin
  
add ip whitelisting

              r755
            
                  (right.action == 'all' || right.action == action_name)

     admin
  
- add view testcase toggle for each problem...

              r632
            
              }

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
            }

            flash[:notice] = 'You are not authorized to view the page you requested'

            #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login')

            redirect_to :controller => 'main', :action => 'login'

            return false

          end

        end

        def verify_time_limit

          return true if session[:user_id]==nil

          user = User.find(session[:user_id], :include => :site)

     admin
  
add ip whitelisting

              r755
            
          return true if user==nil || user.site == nil

     Jittat Fakcharoenphol
  
added individual contest mode

              r217
            
          if user.contest_finished?

            flash[:notice] = 'Error: the contest you are participating is over.'

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
            redirect_to :back

            return false

          end

          return true

        end

     admin
  
add ip whitelisting

              r755
            
        def is_request_ip_allowed?

     admin
  
fix whitelisting bugs...

              r784
            
          unless GraderConfiguration[WHITELIST_IGNORE_CONF_KEY]

     admin
  
add ip whitelisting

              r755
            
            user_ip = IPAddr.new(request.remote_ip)

     admin
  
problem group enabled

              r796
            
            allowed = GraderConfiguration[WHITELIST_IP_CONF_KEY] || ''

     admin
  
fix whitelisting bugs...

              r784
            
     admin
  
problem group enabled

              r796
            
            allowed.delete(' ').split(',').each do |ips|

     admin
  
add ip whitelisting

              r755
            
              allow_ips = IPAddr.new(ips)

     admin
  
fix whitelisting bugs...

              r784
            
              if allow_ips.include?(user_ip)

                return true

     admin
  
add ip whitelisting

              r755
            
              end

            end

     admin
  
fix whitelisting bugs...

              r784
            
            return false

     admin
  
add ip whitelisting

              r755
            
          end

          return true

        end

     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
      end

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository permissions settings

Sign in to your account

Last Author

admin add ip whitelisting	r755	require 'ipaddr'

jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	class ApplicationController < ActionController::Base
Jittat Fakcharoenphol boots into rails 3	r318	protect_from_forgery
jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162
admin change depricated before_filter to before_action	r745	before_action :current_user
admin use jquery by default	r554
jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode'
admin add option to disable login from multiple ip	r525	MULTIPLE_IP_LOGIN_CONF_KEY = 'right.multiple_ip_login'
admin fix whitelisting bugs...	r784	WHITELIST_IGNORE_CONF_KEY = 'right.whitelist_ignore'
admin add ip whitelisting	r755	WHITELIST_IP_CONF_KEY = 'right.whitelist_ip'
jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162
admin - fix authorization for viewing submission, only admin can view all problems all the time, normal user depends on right.view_submission and problem.available?...	r593	#report and redirect for unauthorized activities
admin more test and clean up authorization	r756	def unauthorized_redirect(notice = 'You are not authorized to view the page you requested')
		flash[:notice] = notice
		redirect_to login_main_path
admin - fix authorization for viewing submission, only admin can view all problems all the time, normal user depends on right.view_submission and problem.available?...	r593	end

admin use jquery by default	r554	# Returns the current logged-in user (if any).
		def current_user
admin wip: bootstrap toggle switch...	r556	return nil unless session[:user_id]
admin use jquery by default	r554	@current_user \|\|= User.find(session[:user_id])
		end

jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	def admin_authorization
admin more test and clean up authorization	r756	return false unless check_valid_login
admin change find(:xxx) to correct syntax for rails 4	r619	user = User.includes(:roles).find(session[:user_id])
admin prepare for better hall of fame	r425	unless user.admin?
admin - fix authorization for viewing submission, only admin can view all problems all the time, normal user depends on right.view_submission and problem.available?...	r593	unauthorized_redirect
admin prepare for better hall of fame	r425	return false
		end
		return true
jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	end

		def authorization_by_roles(allowed_roles)
admin more test and clean up authorization	r756	return false unless check_valid_login
jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	user = User.find(session[:user_id])
		unless user.roles.detect { \|role\| allowed_roles.member?(role.name) }
admin - fix authorization for viewing submission, only admin can view all problems all the time, normal user depends on right.view_submission and problem.available?...	r593	unauthorized_redirect
jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	return false
		end
		end

admin add show testcase feature	r625	def testcase_authorization
		#admin always has privileged
		if @current_user.admin?
		return true
		end

admin - add view testcase toggle for each problem...	r632	unauthorized_redirect unless GraderConfiguration["right.view_testcase"]
admin add show testcase feature	r625	end

admin add ip whitelisting	r755
jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	protected

admin add ip whitelisting	r755	#redirect to root (and also force logout)
		#if the user is not logged_in or the system is in "ADMIN ONLY" mode
admin more test and clean up authorization	r756	def check_valid_login
		#check if logged in
jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	unless session[:user_id]
admin add options to allow hall of fame viewing by any user...	r424	if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY]
admin more test and clean up authorization	r756	unauthorized_redirect('You need to login but you cannot log in at this time')
		else
		unauthorized_redirect('You need to login')
admin add options to allow hall of fame viewing by any user...	r424	end
jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	return false
		end

		# check if run in single user mode
Jittat Fakcharoenphol renamed model Configuration to GraderConfiguration, renamed rhtml views to erb, fixed other small errors	r320	if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY]
admin fix user.admin? bug	r757	if @current_user==nil \|\| (!@current_user.admin?)
admin more test and clean up authorization	r756	unauthorized_redirect('You cannot log in at this time')
jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	return false
		end
		end

admin add enabled option for user	r670	# check if the user is enabled
admin add ip whitelisting	r755	unless @current_user.enabled? \|\| @current_user.admin?
admin more test and clean up authorization	r756	unauthorized_redirect 'Your account is disabled'
admin add enabled option for user	r670	return false
		end

admin add ip whitelisting	r755	# check if user ip is allowed
admin fix whitelisting bugs...	r784	unless @current_user.admin? \|\| GraderConfiguration[WHITELIST_IGNORE_CONF_KEY]
admin add ip whitelisting	r755	unless is_request_ip_allowed?
admin fix whitelisting bugs...	r784	unauthorized_redirect 'Your IP is not allowed to login at this time.'
admin more test and clean up authorization	r756	return false
admin add ip whitelisting	r755	end
		end

Jittat Fakcharoenphol renamed model Configuration to GraderConfiguration, renamed rhtml views to erb, fixed other small errors	r320	if GraderConfiguration.multicontests?
admin add enabled option for user	r670	return true if @current_user.admin?
Jittat Fakcharoenphol a cleaner, testable way to log out user after contest changed	r295	begin
admin add enabled option for user	r670	if @current_user.contest_stat(true).forced_logout
Jittat Fakcharoenphol a cleaner, testable way to log out user after contest changed	r295	flash[:notice] = 'You have been automatically logged out.'
		redirect_to :controller => 'main', :action => 'index'
		end
		rescue
		end
		end
jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	return true
		end

admin add ip whitelisting	r755	#redirect to root (and also force logout)
		#if the user use different ip from the previous connection
		# only applicable when MULTIPLE_IP_LOGIN options is false only
admin add option to disable login from multiple ip	r525	def authenticate_by_ip_address
		#this assume that we have already authenticate normally
		unless GraderConfiguration[MULTIPLE_IP_LOGIN_CONF_KEY]
		user = User.find(session[:user_id])
admin fix user.admin? bug	r757	if (!user.admin? && user.last_ip && user.last_ip != request.remote_ip)
admin add option to disable login from multiple ip	r525	flash[:notice] = "You cannot use the system from #{request.remote_ip}. Your last ip is #{user.last_ip}"
		redirect_to :controller => 'main', :action => 'login'
		return false
		end
		unless user.last_ip
		user.last_ip = request.remote_ip
		user.save
		end
		end
		return true
		end

jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	def authorization
admin more test and clean up authorization	r756	return false unless check_valid_login
jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	user = User.find(session[:user_id])
		unless user.roles.detect { \|role\|
admin - add view testcase toggle for each problem...	r632	role.rights.detect{ \|right\|
		right.controller == self.class.controller_name and
admin add ip whitelisting	r755	(right.action == 'all' \|\| right.action == action_name)
admin - add view testcase toggle for each problem...	r632	}
jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	}
		flash[:notice] = 'You are not authorized to view the page you requested'
		#request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login')
		redirect_to :controller => 'main', :action => 'login'
		return false
		end
		end

		def verify_time_limit
		return true if session[:user_id]==nil
		user = User.find(session[:user_id], :include => :site)
admin add ip whitelisting	r755	return true if user==nil \|\| user.site == nil
Jittat Fakcharoenphol added individual contest mode	r217	if user.contest_finished?
		flash[:notice] = 'Error: the contest you are participating is over.'
jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	redirect_to :back
		return false
		end
		return true
		end

admin add ip whitelisting	r755	def is_request_ip_allowed?
admin fix whitelisting bugs...	r784	unless GraderConfiguration[WHITELIST_IGNORE_CONF_KEY]
admin add ip whitelisting	r755	user_ip = IPAddr.new(request.remote_ip)
admin problem group enabled	r796	allowed = GraderConfiguration[WHITELIST_IP_CONF_KEY] \|\| ''
admin fix whitelisting bugs...	r784
admin problem group enabled	r796	allowed.delete(' ').split(',').each do \|ips\|
admin add ip whitelisting	r755	allow_ips = IPAddr.new(ips)
admin fix whitelisting bugs...	r784	if allow_ips.include?(user_ip)
		return true
admin add ip whitelisting	r755	end
		end
admin fix whitelisting bugs...	r784	return false
admin add ip whitelisting	r755	end
		return true
		end

jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	end