cafe-grader-web

Commit r200:3383214a2837 public

parent | child
Description:
added random user passwords, better user creation by list. git-svn-id: http://theory.cpe.ku.ac.th/grader/web/trunk@429 6386c4cd-e34a-4fa8-8920-d93eb39b512e
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Show whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r200:3383214a2837 - - 5 files changed: 104 inserted, 14 deleted

Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -0,0 +1,39
1 + %h1 Random user passwords
2 +
3 + -if @changed
4 + %p
5 + %b Done!
6 + Here's a new password list.
7 + Go back to
8 + = (link_to '[user list]', :action => 'index') + '.'
9 + %br/
10 + %table
11 + %tr
12 + %th Login
13 + %th Fullname
14 + %th Password
15 + -for u in @non_admin_users
16 + %tr
17 + %td= u.login
18 + %td= u.full_name
19 + %td
20 + %tt= u.password
21 +
22 + -else
23 + -if @prefix!=''
24 + Current prefix:
25 + = @prefix
26 + -form_tag((url_for :action => 'random_all_passwords'), :method => 'get') do
27 + Change prefix
28 + =text_field_tag 'prefix'
29 + =submit_tag 'Change'
30 +
31 + This will change passwords of the following users.
32 + %ul
33 + -for u in @non_admin_users
34 + %li= u.login
35 +
36 + -form_tag((url_for :action => 'random_all_passwords'), :method => 'post') do
37 + =hidden_field_tag 'prefix', @prefix
38 + Are you sure?
39 + =submit_tag 'Go ahead'
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -1,175 +1,224
1 1 class UserAdminController < ApplicationController
2 2
3 3 before_filter :admin_authorization
4 4
5 5 def index
6 6 list
7 7 render :action => 'list'
8 8 end
9 9
10 10 # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html)
11 - verify :method => :post, :only => [ :destroy, :create, :update ],
11 + verify :method => :post, :only => [ :destroy,
12 + :create, :create_from_list,
13 + :update ],
12 14 :redirect_to => { :action => :list }
13 15
14 16 def list
15 17 @users = User.find(:all)
16 18 @hidden_columns = ['hashed_password', 'salt', 'created_at', 'updated_at']
17 19 end
18 20
19 21 def active
20 22 sessions = ActiveRecord::SessionStore::Session.find(:all, :conditions => ["updated_at >= ?", 60.minutes.ago])
21 23 @users = []
22 24 sessions.each do |session|
23 25 if session.data[:user_id]
24 26 @users << User.find(session.data[:user_id])
25 27 end
26 28 end
27 29 end
28 30
29 31 def show
30 32 @user = User.find(params[:id])
31 33 end
32 34
33 35 def new
34 36 @user = User.new
35 37 end
36 38
37 39 def create
38 40 @user = User.new(params[:user])
39 41 @user.activated = true
40 42 if @user.save
41 43 flash[:notice] = 'User was successfully created.'
42 44 redirect_to :action => 'list'
43 45 else
44 46 render :action => 'new'
45 47 end
46 48 end
47 49
48 50 def create_from_list
49 51 lines = params[:user_list]
52 +
53 + note = []
54 +
50 55 lines.split("\n").each do |line|
51 56 items = line.chomp.split(',')
52 - if items.length==4
53 - user = User.new
54 - user.login = items[0]
55 - user.full_name = items[1]
56 - user.alias = items[2]
57 - user.password = items[3]
58 - user.password_confirmation = items[3]
57 + if items.length>=2
58 + login = items[0]
59 + full_name = items[1]
60 +
61 + added_random_password = false
62 + if items.length>=3
63 + password = items[2]
64 + user_alias = (items.length>=4) ? items[3] : login
65 + else
66 + password = random_password
67 + user_alias = (items.length>=4) ? items[3] : login
68 + added_random_password = true
69 + end
70 +
71 + user = User.new({:login => login,
72 + :full_name => full_name,
73 + :password => password,
74 + :password_confirmation => password,
75 + :alias => user_alias})
59 76 user.activated = true
60 77 user.save
78 +
79 + if added_random_password
80 + note << "'#{login}' (+)"
81 + else
82 + note << login
61 83 end
62 84 end
85 + end
86 + flash[:notice] = 'User(s) ' + note.join(', ') +
87 + ' were successfully created. ' +
88 + '( (+) - created with random passwords.)'
63 89 redirect_to :action => 'list'
64 90 end
65 91
66 92 def edit
67 93 @user = User.find(params[:id])
68 94 end
69 95
70 96 def update
71 97 @user = User.find(params[:id])
72 98 if @user.update_attributes(params[:user])
73 99 flash[:notice] = 'User was successfully updated.'
74 100 redirect_to :action => 'show', :id => @user
75 101 else
76 102 render :action => 'edit'
77 103 end
78 104 end
79 105
80 106 def destroy
81 107 User.find(params[:id]).destroy
82 108 redirect_to :action => 'list'
83 109 end
84 110
85 111 def user_stat
86 112 @problems = Problem.find_available_problems
87 113 @users = User.find(:all)
88 114 @scorearray = Array.new
89 115 @users.each do |u|
90 116 ustat = Array.new
91 117 ustat[0] = u
92 118 @problems.each do |p|
93 119 sub = Submission.find_last_by_user_and_problem(u.id,p.id)
94 120 if (sub!=nil) and (sub.points!=nil)
95 121 ustat << [(sub.points.to_f*100/p.full_score).round, (sub.points>=p.full_score)]
96 122 else
97 123 ustat << [0,false]
98 124 end
99 125 end
100 126 @scorearray << ustat
101 127 end
102 128 end
103 129
104 130 def import
105 131 if params[:file]==''
106 132 flash[:notice] = 'Error importing no file'
107 133 redirect_to :action => 'list' and return
108 134 end
109 135 import_from_file(params[:file])
110 136 end
111 137
138 + def random_all_passwords
139 + users = User.find(:all)
140 + @prefix = params[:prefix] || ''
141 + @non_admin_users = User.find_non_admin_with_prefix(@prefix)
142 + @changed = false
143 + if request.request_method == :post
144 + @non_admin_users.each do |user|
145 + password = random_password
146 + user.password = password
147 + user.password_confirmation = password
148 + user.save
149 + end
150 + @changed = true
151 + end
152 + end
153 +
112 154 protected
113 155
156 + def random_password(length=5)
157 + chars = 'abcdefghijkmnopqrstuvwxyz23456789'
158 + newpass = ""
159 + length.times { newpass << chars[rand(chars.size-1)] }
160 + return newpass
161 + end
162 +
114 163 def import_from_file(f)
115 164 data_hash = YAML.load(f)
116 165 @import_log = ""
117 166
118 167 country_data = data_hash[:countries]
119 168 site_data = data_hash[:sites]
120 169 user_data = data_hash[:users]
121 170
122 171 # import country
123 172 countries = {}
124 173 country_data.each_pair do |id,country|
125 174 c = Country.find_by_name(country[:name])
126 175 if c!=nil
127 176 countries[id] = c
128 177 @import_log << "Found #{country[:name]}\n"
129 178 else
130 179 countries[id] = Country.new(:name => country[:name])
131 180 countries[id].save
132 181 @import_log << "Created #{country[:name]}\n"
133 182 end
134 183 end
135 184
136 185 # import sites
137 186 sites = {}
138 187 site_data.each_pair do |id,site|
139 188 s = Site.find_by_name(site[:name])
140 189 if s!=nil
141 190 @import_log << "Found #{site[:name]}\n"
142 191 else
143 192 s = Site.new(:name => site[:name])
144 193 @import_log << "Created #{site[:name]}\n"
145 194 end
146 195 s.password = site[:password]
147 196 s.country = countries[site[:country_id]]
148 197 s.save
149 198 sites[id] = s
150 199 end
151 200
152 201 # import users
153 202 user_data.each_pair do |id,user|
154 203 u = User.find_by_login(user[:login])
155 204 if u!=nil
156 205 @import_log << "Found #{user[:login]}\n"
157 206 else
158 207 u = User.new(:login => user[:login])
159 208 @import_log << "Created #{user[:login]}\n"
160 209 end
161 210 u.full_name = user[:name]
162 211 u.password = user[:password]
163 212 u.country = countries[user[:country_id]]
164 213 u.site = sites[user[:site_id]]
165 214 u.activated = true
166 215 u.email = "empty-#{u.login}@none.com"
167 216 if not u.save
168 217 @import_log << "Errors\n"
169 218 u.errors.each { |attr,msg| @import_log << "#{attr} - #{msg}\n" }
170 219 end
171 220 end
172 221
173 222 end
174 223
175 224 end
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -20,150 +20,155
20 20 belongs_to :country
21 21
22 22 named_scope :activated_users, :conditions => {:activated => true}
23 23
24 24 validates_presence_of :login
25 25 validates_uniqueness_of :login
26 26 validates_format_of :login, :with => /^[\_A-Za-z0-9]+$/
27 27 validates_length_of :login, :within => 3..30
28 28
29 29 validates_presence_of :full_name
30 30 validates_length_of :full_name, :minimum => 1
31 31
32 32 validates_presence_of :password, :if => :password_required?
33 33 validates_length_of :password, :within => 4..20, :if => :password_required?
34 34 validates_confirmation_of :password, :if => :password_required?
35 35
36 36 validates_format_of :email,
37 37 :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i,
38 38 :if => :email_validation?
39 39 validate :uniqueness_of_email_from_activated_users,
40 40 :if => :email_validation?
41 41 validate :enough_time_interval_between_same_email_registrations,
42 42 :if => :email_validation?
43 43
44 44 # these are for ytopc
45 45 # disable for now
46 46 #validates_presence_of :province
47 47
48 48 attr_accessor :password
49 49
50 50 before_save :encrypt_new_password
51 51 before_save :assign_default_site
52 52
53 53 def self.authenticate(login, password)
54 54 user = find_by_login(login)
55 55 return user if user && user.authenticated?(password)
56 56 end
57 57
58 58 def authenticated?(password)
59 59 if self.activated
60 60 hashed_password == User.encrypt(password,self.salt)
61 61 else
62 62 false
63 63 end
64 64 end
65 65
66 66 def admin?
67 67 self.roles.detect {|r| r.name == 'admin' }
68 68 end
69 69
70 70 def email_for_editing
71 71 if self.email==nil
72 72 "(unknown)"
73 73 elsif self.email==''
74 74 "(blank)"
75 75 else
76 76 self.email
77 77 end
78 78 end
79 79
80 80 def email_for_editing=(e)
81 81 self.email=e
82 82 end
83 83
84 84 def alias_for_editing
85 85 if self.alias==nil
86 86 "(unknown)"
87 87 elsif self.alias==''
88 88 "(blank)"
89 89 else
90 90 self.alias
91 91 end
92 92 end
93 93
94 94 def alias_for_editing=(e)
95 95 self.alias=e
96 96 end
97 97
98 98 def activation_key
99 99 if self.hashed_password==nil
100 100 encrypt_new_password
101 101 end
102 102 Digest::SHA1.hexdigest(self.hashed_password)[0..7]
103 103 end
104 104
105 105 def verify_activation_key(key)
106 106 key == activation_key
107 107 end
108 108
109 109 def self.random_password(length=5)
110 110 chars = 'abcdefghjkmnopqrstuvwxyz'
111 111 password = ''
112 112 length.times { password << chars[rand(chars.length - 1)] }
113 113 password
114 114 end
115 115
116 + def self.find_non_admin_with_prefix(prefix='')
117 + users = User.find(:all)
118 + return users.find_all { |u| !(u.admin?) and u.login.index(prefix)==0 }
119 + end
120 +
116 121 protected
117 122 def encrypt_new_password
118 123 return if password.blank?
119 124 self.salt = (10+rand(90)).to_s
120 125 self.hashed_password = User.encrypt(self.password,self.salt)
121 126 end
122 127
123 128 def assign_default_site
124 129 # have to catch error when migrating (because self.site is not available).
125 130 begin
126 131 if self.site==nil
127 132 self.site = Site.find_by_name('default')
128 133 if self.site==nil
129 134 self.site = Site.find(1) # when 'default has be renamed'
130 135 end
131 136 end
132 137 rescue
133 138 end
134 139 end
135 140
136 141 def password_required?
137 142 self.hashed_password.blank? || !self.password.blank?
138 143 end
139 144
140 145 def self.encrypt(string,salt)
141 146 Digest::SHA1.hexdigest(salt + string)
142 147 end
143 148
144 149 def uniqueness_of_email_from_activated_users
145 150 user = User.activated_users.find_by_email(self.email)
146 151 if user and (user.login != self.login)
147 152 self.errors.add_to_base("Email has already been taken")
148 153 end
149 154 end
150 155
151 156 def enough_time_interval_between_same_email_registrations
152 157 return if !self.new_record?
153 158 return if self.activated
154 159 open_user = User.find_by_email(self.email,
155 160 :order => 'created_at DESC')
156 161 if open_user and open_user.created_at and
157 162 (open_user.created_at > Time.now.gmtime - 5.minutes)
158 163 self.errors.add_to_base("There are already unactivated registrations with this e-mail address (please wait for 5 minutes)")
159 164 end
160 165 end
161 166
162 167 def email_validation?
163 168 begin
164 169 return VALIDATE_USER_EMAILS
165 170 rescue
166 171 return false
167 172 end
168 173 end
169 174 end
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -1,63 +1,64
1 1 <h1>Listing users</h1>
2 2
3 3 <div class="submitbox">
4 4 <b>Quick add</b>
5 5 <% form_tag :action => 'create' do %>
6 6 <table border="0">
7 7 <tr>
8 8 <td><label for="user_login">Login</label></td>
9 9 <td><label for="user_full_name">Full name</label></td>
10 10 <td><label for="user_password">Password</label></td>
11 11 <td><label for="user_password_confirmation">Confirm</label></td>
12 12 <td><label for="user_email">Email</label></td>
13 13 </tr>
14 14 <tr>
15 15 <td><%= text_field 'user', 'login', :size => 10 %></td>
16 16 <td><%= text_field 'user', 'full_name', :size => 30 %></td>
17 17 <td><%= password_field 'user', 'password', :size => 10 %></td>
18 18 <td><%= password_field 'user', 'password_confirmation', :size => 10 %></td>
19 19 <td><%= text_field 'user', 'email', :size => 15 %></td>
20 20 <td><%= submit_tag "Create" %></td>
21 21 </tr></table>
22 22 <% end %>
23 23 <br/>
24 24 <b>Import from site management</b>
25 25 <% form_tag({:action => 'import'}, :multipart => true) do %>
26 26 File: <%= file_field_tag 'file' %> <%= submit_tag 'Import' %>
27 27 <% end %>
28 28 <br/>
29 29 <b>What else: </b>
30 30 <%= link_to '[New user]', :action => 'new' %>
31 31 <%= link_to '[New list of users]', :action => 'new_list' %>
32 + <%= link_to '[Random passwords]', :action => 'random_all_passwords' %>
32 33 <%= link_to '[View active users]', :action => 'active' %>
33 34
34 35 </div>
35 36
36 37 <table>
37 38 <tr>
38 39 <% for column in User.content_columns %>
39 40 <% if !@hidden_columns.index(column.name) %>
40 41 <th><%= column.human_name %></th>
41 42 <% end %>
42 43 <% end %>
43 44 </tr>
44 45
45 46 <% for user in @users %>
46 47 <tr>
47 48 <% for column in User.content_columns %>
48 49 <% if !@hidden_columns.index(column.name) %>
49 50 <td><%=h user.send(column.name) %></td>
50 51 <% end %>
51 52 <% end %>
52 53 <td><%= link_to 'Show', :action => 'show', :id => user %></td>
53 54 <td><%= link_to 'Edit', :action => 'edit', :id => user %></td>
54 55 <td><%= link_to 'Destroy', { :action => 'destroy', :id => user }, :confirm => 'Are you sure?', :method => :post %></td>
55 56 </tr>
56 57 <% end %>
57 58 </table>
58 59
59 60
60 61 <br />
61 62
62 63 <%= link_to 'New user', :action => 'new' %>
63 64 <%= link_to 'New list of users', :action => 'new_list' %>
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -1,12 +1,8
1 1 <h1>Adding list of users</h1>
2 2
3 - <div class="usermenu">
4 - <%= link_to 'User admin', :action => 'list' %>
5 - <%= link_to 'Main', :controller => 'main', :action => 'list' %>
6 - </div>
7 -
8 3 <% form_tag :action => 'create_from_list' do %>
9 4 <%= submit_tag 'create users' %><br/>
10 - List of user information: user_id,name,alias,passwd<br/>
5 + List of user information in this format: <tt>user_id,name(,passwd(,alias))</tt><br/>
6 + Note that <tt>passwd</tt> and <tt>alias</tt> is optional.<br/>
11 7 <%= text_area_tag 'user_list', nil, :rows => 50, :cols => 80 %>
12 8 <% end %>
You need to be logged in to leave comments. Login now