cafe-grader-web

Commit r803:30dd5b343f6b public

parent | child
Description:
allow ta to view problem stat
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Show whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r803:30dd5b343f6b - - 2 files changed: 5 inserted, 3 deleted

Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -25,26 +25,25
25 def admin_authorization
25 def admin_authorization
26 return false unless check_valid_login
26 return false unless check_valid_login
27 user = User.includes(:roles).find(session[:user_id])
27 user = User.includes(:roles).find(session[:user_id])
28 unless user.admin?
28 unless user.admin?
29 unauthorized_redirect
29 unauthorized_redirect
30 return false
30 return false
31 end
31 end
32 return true
32 return true
33 end
33 end
34
34
35 def authorization_by_roles(allowed_roles)
35 def authorization_by_roles(allowed_roles)
36 return false unless check_valid_login
36 return false unless check_valid_login
37 - user = User.find(session[:user_id])
37 + unless @current_user.roles.detect { |role| allowed_roles.member?(role.name) }
38 - unless user.roles.detect { |role| allowed_roles.member?(role.name) }
39 unauthorized_redirect
38 unauthorized_redirect
40 return false
39 return false
41 end
40 end
42 end
41 end
43
42
44 def testcase_authorization
43 def testcase_authorization
45 #admin always has privileged
44 #admin always has privileged
46 if @current_user.admin?
45 if @current_user.admin?
47 return true
46 return true
48 end
47 end
49
48
50 unauthorized_redirect unless GraderConfiguration["right.view_testcase"]
49 unauthorized_redirect unless GraderConfiguration["right.view_testcase"]
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -1,15 +1,18
1 class ProblemsController < ApplicationController
1 class ProblemsController < ApplicationController
2
2
3 - before_action :admin_authorization
3 + before_action :admin_authorization, except: [:stat]
4 + before_action only: [:stat] do
5 + authorization_by_roles(['admin','ta'])
6 + end
4
7
5 in_place_edit_for :problem, :name
8 in_place_edit_for :problem, :name
6 in_place_edit_for :problem, :full_name
9 in_place_edit_for :problem, :full_name
7 in_place_edit_for :problem, :full_score
10 in_place_edit_for :problem, :full_score
8
11
9 def index
12 def index
10 @problems = Problem.order(date_added: :desc)
13 @problems = Problem.order(date_added: :desc)
11 end
14 end
12
15
13
16
14 def show
17 def show
15 @problem = Problem.find(params[:id])
18 @problem = Problem.find(params[:id])
You need to be logged in to leave comments. Login now