cafe-grader-web

Commit r307:2cdefa1ab6f2 public

parent | child
Description:
fixed new users import bug when passwords contain extra spaces at the end
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Show whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r307:2cdefa1ab6f2 - - 1 file changed: 1 inserted, 1 deleted

Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -1,413 +1,413
1 class UserAdminController < ApplicationController
1 class UserAdminController < ApplicationController
2
2
3 include MailHelperMethods
3 include MailHelperMethods
4
4
5 before_filter :admin_authorization
5 before_filter :admin_authorization
6
6
7 def index
7 def index
8 list
8 list
9 render :action => 'list'
9 render :action => 'list'
10 end
10 end
11
11
12 # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html)
12 # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html)
13 verify :method => :post, :only => [ :destroy,
13 verify :method => :post, :only => [ :destroy,
14 :create, :create_from_list,
14 :create, :create_from_list,
15 :update ],
15 :update ],
16 :redirect_to => { :action => :list }
16 :redirect_to => { :action => :list }
17
17
18 def list
18 def list
19 @user_count = User.count
19 @user_count = User.count
20 if params[:page] == 'all'
20 if params[:page] == 'all'
21 @users = User.all
21 @users = User.all
22 @paginated = false
22 @paginated = false
23 else
23 else
24 @users = User.paginate :page => params[:page]
24 @users = User.paginate :page => params[:page]
25 @paginated = true
25 @paginated = true
26 end
26 end
27 @hidden_columns = ['hashed_password', 'salt', 'created_at', 'updated_at']
27 @hidden_columns = ['hashed_password', 'salt', 'created_at', 'updated_at']
28 @contests = Contest.enabled
28 @contests = Contest.enabled
29 end
29 end
30
30
31 def active
31 def active
32 sessions = ActiveRecord::SessionStore::Session.find(:all, :conditions => ["updated_at >= ?", 60.minutes.ago])
32 sessions = ActiveRecord::SessionStore::Session.find(:all, :conditions => ["updated_at >= ?", 60.minutes.ago])
33 @users = []
33 @users = []
34 sessions.each do |session|
34 sessions.each do |session|
35 if session.data[:user_id]
35 if session.data[:user_id]
36 @users << User.find(session.data[:user_id])
36 @users << User.find(session.data[:user_id])
37 end
37 end
38 end
38 end
39 end
39 end
40
40
41 def show
41 def show
42 @user = User.find(params[:id])
42 @user = User.find(params[:id])
43 end
43 end
44
44
45 def new
45 def new
46 @user = User.new
46 @user = User.new
47 end
47 end
48
48
49 def create
49 def create
50 @user = User.new(params[:user])
50 @user = User.new(params[:user])
51 @user.activated = true
51 @user.activated = true
52 if @user.save
52 if @user.save
53 flash[:notice] = 'User was successfully created.'
53 flash[:notice] = 'User was successfully created.'
54 redirect_to :action => 'list'
54 redirect_to :action => 'list'
55 else
55 else
56 render :action => 'new'
56 render :action => 'new'
57 end
57 end
58 end
58 end
59
59
60 def create_from_list
60 def create_from_list
61 lines = params[:user_list]
61 lines = params[:user_list]
62
62
63 note = []
63 note = []
64
64
65 lines.split("\n").each do |line|
65 lines.split("\n").each do |line|
66 items = line.chomp.split(',')
66 items = line.chomp.split(',')
67 if items.length>=2
67 if items.length>=2
68 login = items[0]
68 login = items[0]
69 full_name = items[1]
69 full_name = items[1]
70
70
71 added_random_password = false
71 added_random_password = false
72 if items.length>=3
72 if items.length>=3
73 - password = items[2]
73 + password = items[2].chomp(" ")
74 user_alias = (items.length>=4) ? items[3] : login
74 user_alias = (items.length>=4) ? items[3] : login
75 else
75 else
76 password = random_password
76 password = random_password
77 user_alias = (items.length>=4) ? items[3] : login
77 user_alias = (items.length>=4) ? items[3] : login
78 added_random_password = true
78 added_random_password = true
79 end
79 end
80
80
81 user = User.new({:login => login,
81 user = User.new({:login => login,
82 :full_name => full_name,
82 :full_name => full_name,
83 :password => password,
83 :password => password,
84 :password_confirmation => password,
84 :password_confirmation => password,
85 :alias => user_alias})
85 :alias => user_alias})
86 user.activated = true
86 user.activated = true
87 user.save
87 user.save
88
88
89 if added_random_password
89 if added_random_password
90 note << "'#{login}' (+)"
90 note << "'#{login}' (+)"
91 else
91 else
92 note << login
92 note << login
93 end
93 end
94 end
94 end
95 end
95 end
96 flash[:notice] = 'User(s) ' + note.join(', ') +
96 flash[:notice] = 'User(s) ' + note.join(', ') +
97 ' were successfully created. ' +
97 ' were successfully created. ' +
98 '( (+) - created with random passwords.)'
98 '( (+) - created with random passwords.)'
99 redirect_to :action => 'list'
99 redirect_to :action => 'list'
100 end
100 end
101
101
102 def edit
102 def edit
103 @user = User.find(params[:id])
103 @user = User.find(params[:id])
104 end
104 end
105
105
106 def update
106 def update
107 @user = User.find(params[:id])
107 @user = User.find(params[:id])
108 if @user.update_attributes(params[:user])
108 if @user.update_attributes(params[:user])
109 flash[:notice] = 'User was successfully updated.'
109 flash[:notice] = 'User was successfully updated.'
110 redirect_to :action => 'show', :id => @user
110 redirect_to :action => 'show', :id => @user
111 else
111 else
112 render :action => 'edit'
112 render :action => 'edit'
113 end
113 end
114 end
114 end
115
115
116 def destroy
116 def destroy
117 User.find(params[:id]).destroy
117 User.find(params[:id]).destroy
118 redirect_to :action => 'list'
118 redirect_to :action => 'list'
119 end
119 end
120
120
121 def user_stat
121 def user_stat
122 @problems = Problem.find_available_problems
122 @problems = Problem.find_available_problems
123 @users = User.find(:all, :include => [:contests, :contest_stat])
123 @users = User.find(:all, :include => [:contests, :contest_stat])
124 @scorearray = Array.new
124 @scorearray = Array.new
125 @users.each do |u|
125 @users.each do |u|
126 ustat = Array.new
126 ustat = Array.new
127 ustat[0] = u
127 ustat[0] = u
128 @problems.each do |p|
128 @problems.each do |p|
129 sub = Submission.find_last_by_user_and_problem(u.id,p.id)
129 sub = Submission.find_last_by_user_and_problem(u.id,p.id)
130 if (sub!=nil) and (sub.points!=nil)
130 if (sub!=nil) and (sub.points!=nil)
131 ustat << [(sub.points.to_f*100/p.full_score).round, (sub.points>=p.full_score)]
131 ustat << [(sub.points.to_f*100/p.full_score).round, (sub.points>=p.full_score)]
132 else
132 else
133 ustat << [0,false]
133 ustat << [0,false]
134 end
134 end
135 end
135 end
136 @scorearray << ustat
136 @scorearray << ustat
137 end
137 end
138 end
138 end
139
139
140 def import
140 def import
141 if params[:file]==''
141 if params[:file]==''
142 flash[:notice] = 'Error importing no file'
142 flash[:notice] = 'Error importing no file'
143 redirect_to :action => 'list' and return
143 redirect_to :action => 'list' and return
144 end
144 end
145 import_from_file(params[:file])
145 import_from_file(params[:file])
146 end
146 end
147
147
148 def random_all_passwords
148 def random_all_passwords
149 users = User.find(:all)
149 users = User.find(:all)
150 @prefix = params[:prefix] || ''
150 @prefix = params[:prefix] || ''
151 @non_admin_users = User.find_non_admin_with_prefix(@prefix)
151 @non_admin_users = User.find_non_admin_with_prefix(@prefix)
152 @changed = false
152 @changed = false
153 if request.request_method == :post
153 if request.request_method == :post
154 @non_admin_users.each do |user|
154 @non_admin_users.each do |user|
155 password = random_password
155 password = random_password
156 user.password = password
156 user.password = password
157 user.password_confirmation = password
157 user.password_confirmation = password
158 user.save
158 user.save
159 end
159 end
160 @changed = true
160 @changed = true
161 end
161 end
162 end
162 end
163
163
164 # contest management
164 # contest management
165
165
166 def contests
166 def contests
167 @contest, @users = find_contest_and_user_from_contest_id(params[:id])
167 @contest, @users = find_contest_and_user_from_contest_id(params[:id])
168 @contests = Contest.enabled
168 @contests = Contest.enabled
169 end
169 end
170
170
171 def assign_from_list
171 def assign_from_list
172 contest_id = params[:users_contest_id]
172 contest_id = params[:users_contest_id]
173 org_contest, users = find_contest_and_user_from_contest_id(contest_id)
173 org_contest, users = find_contest_and_user_from_contest_id(contest_id)
174 contest = Contest.find(params[:new_contest][:id])
174 contest = Contest.find(params[:new_contest][:id])
175 if !contest
175 if !contest
176 flash[:notice] = 'Error: no contest'
176 flash[:notice] = 'Error: no contest'
177 redirect_to :action => 'contests', :id =>contest_id
177 redirect_to :action => 'contests', :id =>contest_id
178 end
178 end
179
179
180 note = []
180 note = []
181 users.each do |u|
181 users.each do |u|
182 u.contests = [contest]
182 u.contests = [contest]
183 note << u.login
183 note << u.login
184 end
184 end
185 flash[:notice] = 'User(s) ' + note.join(', ') +
185 flash[:notice] = 'User(s) ' + note.join(', ') +
186 " were successfully reassigned to #{contest.title}."
186 " were successfully reassigned to #{contest.title}."
187 redirect_to :action => 'contests', :id =>contest.id
187 redirect_to :action => 'contests', :id =>contest.id
188 end
188 end
189
189
190 def add_to_contest
190 def add_to_contest
191 user = User.find(params[:id])
191 user = User.find(params[:id])
192 contest = Contest.find(params[:contest_id])
192 contest = Contest.find(params[:contest_id])
193 if user and contest
193 if user and contest
194 user.contests << contest
194 user.contests << contest
195 end
195 end
196 redirect_to :action => 'list'
196 redirect_to :action => 'list'
197 end
197 end
198
198
199 def remove_from_contest
199 def remove_from_contest
200 user = User.find(params[:id])
200 user = User.find(params[:id])
201 contest = Contest.find(params[:contest_id])
201 contest = Contest.find(params[:contest_id])
202 if user and contest
202 if user and contest
203 user.contests.delete(contest)
203 user.contests.delete(contest)
204 end
204 end
205 redirect_to :action => 'list'
205 redirect_to :action => 'list'
206 end
206 end
207
207
208 def contest_management
208 def contest_management
209 end
209 end
210
210
211 def manage_contest
211 def manage_contest
212 contest = Contest.find(params[:contest][:id])
212 contest = Contest.find(params[:contest][:id])
213 if !contest
213 if !contest
214 flash[:notice] = 'You did not choose the contest.'
214 flash[:notice] = 'You did not choose the contest.'
215 redirect_to :action => 'contest_management' and return
215 redirect_to :action => 'contest_management' and return
216 end
216 end
217
217
218 operation = params[:operation]
218 operation = params[:operation]
219
219
220 if not ['add','remove','assign'].include? operation
220 if not ['add','remove','assign'].include? operation
221 flash[:notice] = 'You did not choose the operation to perform.'
221 flash[:notice] = 'You did not choose the operation to perform.'
222 redirect_to :action => 'contest_management' and return
222 redirect_to :action => 'contest_management' and return
223 end
223 end
224
224
225 lines = params[:login_list]
225 lines = params[:login_list]
226 if !lines or lines.blank?
226 if !lines or lines.blank?
227 flash[:notice] = 'You entered an empty list.'
227 flash[:notice] = 'You entered an empty list.'
228 redirect_to :action => 'contest_management' and return
228 redirect_to :action => 'contest_management' and return
229 end
229 end
230
230
231 note = []
231 note = []
232 users = []
232 users = []
233 lines.split("\n").each do |line|
233 lines.split("\n").each do |line|
234 user = User.find_by_login(line.chomp)
234 user = User.find_by_login(line.chomp)
235 if user
235 if user
236 if operation=='add'
236 if operation=='add'
237 if ! user.contests.include? contest
237 if ! user.contests.include? contest
238 user.contests << contest
238 user.contests << contest
239 end
239 end
240 elsif operation=='remove'
240 elsif operation=='remove'
241 user.contests.delete(contest)
241 user.contests.delete(contest)
242 else
242 else
243 user.contests = [contest]
243 user.contests = [contest]
244 end
244 end
245
245
246 if params[:reset_timer]
246 if params[:reset_timer]
247 user.contest_stat.forced_logout = true
247 user.contest_stat.forced_logout = true
248 user.contest_stat.reset_timer_and_save
248 user.contest_stat.reset_timer_and_save
249 end
249 end
250
250
251 if params[:notification_emails]
251 if params[:notification_emails]
252 send_contest_update_notification_email(user, contest)
252 send_contest_update_notification_email(user, contest)
253 end
253 end
254
254
255 note << user.login
255 note << user.login
256 users << user
256 users << user
257 end
257 end
258 end
258 end
259
259
260 if params[:reset_timer]
260 if params[:reset_timer]
261 logout_users(users)
261 logout_users(users)
262 end
262 end
263
263
264 flash[:notice] = 'User(s) ' + note.join(', ') +
264 flash[:notice] = 'User(s) ' + note.join(', ') +
265 ' were successfully modified. '
265 ' were successfully modified. '
266 redirect_to :action => 'contest_management'
266 redirect_to :action => 'contest_management'
267 end
267 end
268
268
269 # admin management
269 # admin management
270
270
271 def admin
271 def admin
272 @admins = User.find(:all).find_all {|user| user.admin? }
272 @admins = User.find(:all).find_all {|user| user.admin? }
273 end
273 end
274
274
275 def grant_admin
275 def grant_admin
276 login = params[:login]
276 login = params[:login]
277 user = User.find_by_login(login)
277 user = User.find_by_login(login)
278 if user!=nil
278 if user!=nil
279 admin_role = Role.find_by_name('admin')
279 admin_role = Role.find_by_name('admin')
280 user.roles << admin_role
280 user.roles << admin_role
281 else
281 else
282 flash[:notice] = 'Unknown user'
282 flash[:notice] = 'Unknown user'
283 end
283 end
284 flash[:notice] = 'User added as admins'
284 flash[:notice] = 'User added as admins'
285 redirect_to :action => 'admin'
285 redirect_to :action => 'admin'
286 end
286 end
287
287
288 def revoke_admin
288 def revoke_admin
289 user = User.find(params[:id])
289 user = User.find(params[:id])
290 if user==nil
290 if user==nil
291 flash[:notice] = 'Unknown user'
291 flash[:notice] = 'Unknown user'
292 redirect_to :action => 'admin' and return
292 redirect_to :action => 'admin' and return
293 elsif user.login == 'root'
293 elsif user.login == 'root'
294 flash[:notice] = 'You cannot revoke admisnistrator permission from root.'
294 flash[:notice] = 'You cannot revoke admisnistrator permission from root.'
295 redirect_to :action => 'admin' and return
295 redirect_to :action => 'admin' and return
296 end
296 end
297
297
298 admin_role = Role.find_by_name('admin')
298 admin_role = Role.find_by_name('admin')
299 user.roles.delete(admin_role)
299 user.roles.delete(admin_role)
300 flash[:notice] = 'User permission revoked'
300 flash[:notice] = 'User permission revoked'
301 redirect_to :action => 'admin'
301 redirect_to :action => 'admin'
302 end
302 end
303
303
304 protected
304 protected
305
305
306 def random_password(length=5)
306 def random_password(length=5)
307 chars = 'abcdefghijkmnopqrstuvwxyz23456789'
307 chars = 'abcdefghijkmnopqrstuvwxyz23456789'
308 newpass = ""
308 newpass = ""
309 length.times { newpass << chars[rand(chars.size-1)] }
309 length.times { newpass << chars[rand(chars.size-1)] }
310 return newpass
310 return newpass
311 end
311 end
312
312
313 def import_from_file(f)
313 def import_from_file(f)
314 data_hash = YAML.load(f)
314 data_hash = YAML.load(f)
315 @import_log = ""
315 @import_log = ""
316
316
317 country_data = data_hash[:countries]
317 country_data = data_hash[:countries]
318 site_data = data_hash[:sites]
318 site_data = data_hash[:sites]
319 user_data = data_hash[:users]
319 user_data = data_hash[:users]
320
320
321 # import country
321 # import country
322 countries = {}
322 countries = {}
323 country_data.each_pair do |id,country|
323 country_data.each_pair do |id,country|
324 c = Country.find_by_name(country[:name])
324 c = Country.find_by_name(country[:name])
325 if c!=nil
325 if c!=nil
326 countries[id] = c
326 countries[id] = c
327 @import_log << "Found #{country[:name]}\n"
327 @import_log << "Found #{country[:name]}\n"
328 else
328 else
329 countries[id] = Country.new(:name => country[:name])
329 countries[id] = Country.new(:name => country[:name])
330 countries[id].save
330 countries[id].save
331 @import_log << "Created #{country[:name]}\n"
331 @import_log << "Created #{country[:name]}\n"
332 end
332 end
333 end
333 end
334
334
335 # import sites
335 # import sites
336 sites = {}
336 sites = {}
337 site_data.each_pair do |id,site|
337 site_data.each_pair do |id,site|
338 s = Site.find_by_name(site[:name])
338 s = Site.find_by_name(site[:name])
339 if s!=nil
339 if s!=nil
340 @import_log << "Found #{site[:name]}\n"
340 @import_log << "Found #{site[:name]}\n"
341 else
341 else
342 s = Site.new(:name => site[:name])
342 s = Site.new(:name => site[:name])
343 @import_log << "Created #{site[:name]}\n"
343 @import_log << "Created #{site[:name]}\n"
344 end
344 end
345 s.password = site[:password]
345 s.password = site[:password]
346 s.country = countries[site[:country_id]]
346 s.country = countries[site[:country_id]]
347 s.save
347 s.save
348 sites[id] = s
348 sites[id] = s
349 end
349 end
350
350
351 # import users
351 # import users
352 user_data.each_pair do |id,user|
352 user_data.each_pair do |id,user|
353 u = User.find_by_login(user[:login])
353 u = User.find_by_login(user[:login])
354 if u!=nil
354 if u!=nil
355 @import_log << "Found #{user[:login]}\n"
355 @import_log << "Found #{user[:login]}\n"
356 else
356 else
357 u = User.new(:login => user[:login])
357 u = User.new(:login => user[:login])
358 @import_log << "Created #{user[:login]}\n"
358 @import_log << "Created #{user[:login]}\n"
359 end
359 end
360 u.full_name = user[:name]
360 u.full_name = user[:name]
361 u.password = user[:password]
361 u.password = user[:password]
362 u.country = countries[user[:country_id]]
362 u.country = countries[user[:country_id]]
363 u.site = sites[user[:site_id]]
363 u.site = sites[user[:site_id]]
364 u.activated = true
364 u.activated = true
365 u.email = "empty-#{u.login}@none.com"
365 u.email = "empty-#{u.login}@none.com"
366 if not u.save
366 if not u.save
367 @import_log << "Errors\n"
367 @import_log << "Errors\n"
368 u.errors.each { |attr,msg| @import_log << "#{attr} - #{msg}\n" }
368 u.errors.each { |attr,msg| @import_log << "#{attr} - #{msg}\n" }
369 end
369 end
370 end
370 end
371
371
372 end
372 end
373
373
374 def logout_users(users)
374 def logout_users(users)
375 users.each do |user|
375 users.each do |user|
376 contest_stat = user.contest_stat(true)
376 contest_stat = user.contest_stat(true)
377 if contest_stat and !contest_stat.forced_logout
377 if contest_stat and !contest_stat.forced_logout
378 contest_stat.forced_logout = true
378 contest_stat.forced_logout = true
379 contest_stat.save
379 contest_stat.save
380 end
380 end
381 end
381 end
382 end
382 end
383
383
384 def send_contest_update_notification_email(user, contest)
384 def send_contest_update_notification_email(user, contest)
385 contest_title_name = Configuration['contest.name']
385 contest_title_name = Configuration['contest.name']
386 contest_name = contest.name
386 contest_name = contest.name
387 subject = t('contest.notification.email_subject', {
387 subject = t('contest.notification.email_subject', {
388 :contest_title_name => contest_title_name,
388 :contest_title_name => contest_title_name,
389 :contest_name => contest_name })
389 :contest_name => contest_name })
390 body = t('contest.notification.email_body', {
390 body = t('contest.notification.email_body', {
391 :full_name => user.full_name,
391 :full_name => user.full_name,
392 :contest_title_name => contest_title_name,
392 :contest_title_name => contest_title_name,
393 :contest_name => contest.name,
393 :contest_name => contest.name,
394 })
394 })
395
395
396 logger.info body
396 logger.info body
397 send_mail(user.email, subject, body)
397 send_mail(user.email, subject, body)
398 end
398 end
399
399
400 def find_contest_and_user_from_contest_id(id)
400 def find_contest_and_user_from_contest_id(id)
401 if id!='none'
401 if id!='none'
402 @contest = Contest.find(id)
402 @contest = Contest.find(id)
403 else
403 else
404 @contest = nil
404 @contest = nil
405 end
405 end
406 if @contest
406 if @contest
407 @users = @contest.users
407 @users = @contest.users
408 else
408 else
409 @users = User.find_users_with_no_contest
409 @users = User.find_users_with_no_contest
410 end
410 end
411 return [@contest, @users]
411 return [@contest, @users]
412 end
412 end
413 end
413 end
You need to be logged in to leave comments. Login now