cafe-grader-web Commit - r801:33c0929c92ed

cafe-grader-web

Commit `r801:33c0929c92ed` public

parent | child

Description:

master

Commit status:

[Not Reviewed]

References:

merge default

Diff options:

| | | |

Comments:

0 Commit comments 0 Inline Comments

Unresolved TODOs:

There are no unresolved TODOs

Add another comment

r801:33c0929c92ed - Mon, 21 Sep 2020 14:13:04 - 23 files changed: 180 inserted, 96 deleted

app/views/groups/toggle.js.haml created 644 ¶ +8

@@ -0,0 +1,8
	1	+ = render partial: 'toggle_button',
	2	+ locals: {button_id: "#group-enabled-#{@group.id}",button_on: @group.enabled }
	3	+ :plain
	4	+ r = $("#group-#{@group.id}");
	5	+ r.removeClass('success');
	6	+ r.removeClass('danger');
	7	+ r.addClass("#{@group.enabled? ? 'success' : 'danger'}");
	8	+

db/migrate/20200813083020_add_enabled_to_group.rb created 644 ¶ +5

@@ -0,0 +1,5
	1	+ class AddEnabledToGroup < ActiveRecord::Migration[5.2]
	2	+ def change
	3	+ add_column :groups, :enabled, :boolean, default: true
	4	+ end
	5	+ end

app/controllers/application_controller.rb ¶ +2 -1

                 def is_request_ip_allowed?
                   unless GraderConfiguration[WHITELIST_IGNORE_CONF_KEY]
                     user_ip = IPAddr.new(request.remote_ip)
+            +       allowed = GraderConfiguration[WHITELIST_IP_CONF_KEY] || ''
-            -       GraderConfiguration[WHITELIST_IP_CONF_KEY].delete(' ').split(',').each do |ips|
+            +       allowed.delete(' ').split(',').each do |ips|
                       allow_ips = IPAddr.new(ips)
                       if allow_ips.include?(user_ip)
                         return true

app/controllers/groups_controller.rb ¶ +7 -1

                 before_action :set_group, only: [:show, :edit, :update, :destroy,
                                                  :add_user, :remove_user,:remove_all_user,
                                                  :add_problem, :remove_problem,:remove_all_problem,
+            +                                    :toggle,
                                                 ]
                 before_action :admin_authorization
                   redirect_to groups_url, notice: 'Group was successfully destroyed.'
                 end
+            +   def toggle
+            +     @group.enabled = @group.enabled? ? false : true
+            +     @group.save
+            +   end
+            +
                 def remove_user
                   user = User.find(params[:user_id])
                   @group.users.delete(user)
                   # Only allow a trusted parameter "white list" through.
                   def group_params
-            -       params.require(:group).permit(:name, :description)
+            +       params.require(:group).permit(:name, :description, :enabled)
                   end
               end

app/controllers/submissions_controller.rb ¶ +4 -5

                   else
                     @problem = Problem.find_by_id(params[:problem_id])
                     if (@problem == nil) or (not @problem.available)
-            -         redirect_to main_list_path
+            +         redirect_to list_main_path
-            -         flash[:notice] = 'Error: submissions for that problem are not viewable.'
+            +         flash[:error] = 'Authorization error: You have no right to view submissions for this problem'
                       return
                     end
                     @submissions = Submission.find_all_by_user_problem(@user.id, @problem.id).order(id: :desc)
                 def submission_authorization
                   #admin always has privileged
-            -     if @current_user.admin?
+            +     return true if @current_user.admin?
-            -       return true
+            +     return true if @current_user.has_role?('TA') && (['show','download'].include? action_name)
-            -     end
                   sub = Submission.find(params[:id])
                   if @current_user.available_problems.include? sub.problem

app/controllers/tasks_controller.rb ¶ +5 -3

                 def download
                   problem = Problem.find(params[:id])
                   unless @current_user.can_view_problem? problem
-            -       flash[:notice] = 'You are not authorized to access this file'
+            +       flash[:error] = 'You are not authorized to access this file'
-            -       redirect_to :action => 'index' and return
+            +       redirect_to list_main_path
+            +       return
                   end
                   base_name = params[:file]
                   if !FileTest.exists?(filename)
                     flash[:notice] = 'File does not exists'
-            -       redirect_to :action => 'index' and return
+            +       redirect_to list_main_path
+            +       return
                   end
                   send_file_to_user(filename, base_filename)

app/controllers/user_admin_controller.rb ¶ +37 -30

                   ok_user = []
                   lines.split("\n").each do |line|
-            -       items = line.chomp.split(',')
+            +       #split with large limit, this will cause consecutive ',' to be result in a blank
+            +       items = line.chomp.split(',',1000)
                     if items.length>=2
                       login = items[0]
                       full_name = items[1]
                       user_alias = ''
                       added_random_password = false
-            -         if items.length >= 3 and items[2].chomp(" ").length > 0;
+            +         added_password = false
+            +         if items.length >= 3
+            +           if items[2].chomp(" ").length > 0
                           password = items[2].chomp(" ")
+            +             added_password = true
+            +           end
                       else
                         password = random_password
                         added_random_password=true;
                         user_alias = login
                       end
+            +
+            +         has_remark = false
                       if items.length>=5
                         remark = items[4].strip;
+            +           has_remark = true
                       end
                       user = User.find_by_login(login)
                       if (user)
                         user.full_name = full_name
-            -           user.password = password
+            +           user.remark = remark if has_remark
-            -           user.remark = remark
+            +           user.password = password if added_password || added_random_password
                       else
+            +           #create a random password if none are given
+            +           password = random_password unless password
                         user = User.new({:login => login,
                                          :full_name => full_name,
                                          :password => password,
                 # admin management
                 def admin
-            -     @admins = User.all.find_all {|user| user.admin? }
+            +     @admins = Role.where(name: 'admin').take.users
+            +     @tas = Role.where(name: 'ta').take.users
                 end
-            -   def grant_admin
+            +   def modify_role
-            -     login = params[:login]
+            +     user = User.find_by_login(params[:login])
-            -     user = User.find_by_login(login)
+            +     role = Role.find_by_name(params[:role])
-            -     if user!=nil
+            +     unless user && role
-            -       admin_role = Role.find_by_name('admin')
+            +       flash[:error] = 'Unknown user or role'
-            -       user.roles << admin_role
+            +       redirect_to admin_user_admin_index_path
-            -     else
+            +       return
-            -       flash[:notice] = 'Unknown user'
-            -     end
-            -     flash[:notice] = 'User added as admins'
-            -     redirect_to :action => 'admin'
                   end
+            +     if params[:commit] == 'Grant'
-            -   def revoke_admin
+            +       #grant role
-            -     user = User.find(params[:id])
+            +       user.roles << role
-            -     if user==nil
+            +       flash[:notice] = "User '#{user.login}' has been granted the role '#{role.name}'"
-            -       flash[:notice] = 'Unknown user'
+            +     else
-            -       redirect_to :action => 'admin' and return
+            +       #revoke role
-            -     elsif user.login == 'root'
+            +       if user.login == 'root' && role.name == 'admin'
-            -       flash[:notice] = 'You cannot revoke admisnistrator permission from root.'
+            +         flash[:error] = 'You cannot revoke admisnistrator permission from root.'
-            -       redirect_to :action => 'admin' and return
+            +         redirect_to admin_user_admin_index_path
+            +         return
                     end
+            +       user.roles.delete(role)
-            -     admin_role = Role.find_by_name('admin')
+            +       flash[:notice] = "The role '#{role.name}' has been revoked from User '#{user.login}'"
-            -     user.roles.delete(admin_role)
+            +     end
-            -     flash[:notice] = 'User permission revoked'
+            +     redirect_to admin_user_admin_index_path
-            -     redirect_to :action => 'admin'
                 end
                 # mass mailing

app/helpers/application_helper.rb ¶ +2 -4

                 def toggle_button(on,toggle_url,id, option={})
                   btn_size = option[:size] || 'btn-xs'
+            +     btn_block = option[:block] || 'btn-block'
                   link_to (on ? "Yes" : "No"), toggle_url,
-            -       {class: "btn btn-block #{btn_size} btn-#{on ? 'success' : 'default'} ajax-toggle",
+            +       {class: "btn #{btn_block} #{btn_size} btn-#{on ? 'success' : 'default'} ajax-toggle",
                       id: id,
                       data: {remote: true, method: 'get'}}
                 end
               #{header}
               <tr>
               <td class="left-col">
-            - #{user.full_name}<br/>
-            - #{t 'title_bar.current_time'} #{format_short_time(Time.zone.now)}
-            - #{time_left}
               <br/>
               </td>
               <td class="right-col">#{contest_name}</td>

app/helpers/main_helper.rb ¶ +3 -9

               module MainHelper
-            -   def link_to_description_if_any(name, problem, options={})
+            +   def link_to_description_if_any(name, problem)
                   if !problem.url.blank?
-            -       return link_to name, problem.url, options
+            +       return link_to name, problem.url
                   elsif !problem.description_filename.blank?
-            -       #build a link to a problem (via task controller)
                     basename, ext = problem.description_filename.split('.')
-            -       options[:controller] = 'tasks'
+            +       return link_to name, download_task_path(problem.id,basename,ext), target: '_blank'
-            -       options[:action] = 'download'
-            -       options[:id] = problem.id
-            -       options[:file] = basename
-            -       options[:ext] = ext
-            -       return link_to name, options
                   else
                     return ''
                   end

app/models/submission.rb ¶ +1 -1

                     return if self.user.admin?
                     #check if user has the right to submit the problem
-            -       errors.add('problem',"must be valid.") if (!self.user.available_problems.include?(self.problem)) and (self.new_record?)
+            +       errors[:base] << "Authorization error: you have no right to submit to this problem" if (!self.user.available_problems.include?(self.problem)) and (self.new_record?)
                   end
                 end

app/models/user.rb ¶ +9 -2

                 end
                 def admin?
-            -     self.roles.where(name: 'admin').count > 0
+            +     has_role?('admin')
+            +   end
+            +
+            +   def has_role?(role)
+            +     self.roles.where(name: role).count > 0
                 end
                 def email_for_editing
                   end
                 end
+            +   # new feature, get list of available problem in all enabled group that the user belongs to
                 def available_problems_in_group
                   problem = []
-            -     self.groups.each do |group|
+            +     self.groups.where(enabled: true).each do |group|
                     group.problems.where(available: true).each { |p| problem << p }
                   end
                   problem.uniq!
                   end
                 end
+            +   #check if the user has the right to view that problem
+            +   #this also consider group based problem policy
                 def can_view_problem?(problem)
                   return true if admin?
                   return available_problems.include? problem

app/views/application/_submission.html.haml ¶ +1 -1

                 %td
                   = submission.source_filename
                   = " (#{submission.language.pretty_name}) "
-            -     = link_to('[load]',{:action => 'source', :id => submission.id})
+            +     = link_to '[load]', download_submission_path(submission)
                 %td
                   - if submission.graded_at
                     = "Graded at #{format_short_time(submission.graded_at)}."

app/views/graders/list.html.haml ¶ +4 -4

                 .panel-heading
                   Grader control:
                 .panel-body
-            -     =link_to 'Start Graders in grading env', { action: 'start_grading'}, class: 'btn btn-default', method: 'post'
+            +     =link_to 'Start Graders in grading env', { action: 'start_grading'}, class: 'btn btn-default'
-            -     =link_to 'Start Graders in exam env', { action: 'start_exam'}, class: 'btn btn-default', method: 'post'
+            +     =link_to 'Start Graders in exam env', { action: 'start_exam'}, class: 'btn btn-default'
-            -     =link_to 'Stop all running Graders', { action: 'stop_all'}, class: 'btn btn-default', method: 'post'
+            +     =link_to 'Stop all running Graders', { action: 'stop_all'}, class: 'btn btn-default'
-            -     =link_to 'Clear all data', { action: 'clear_all'}, class: 'btn btn-default', method: 'post'
+            +     =link_to 'Clear all data', { action: 'clear_all'}, class: 'btn btn-default'
               .row
                 .col-md-6

app/views/groups/_form.html.haml ¶ +12 -1

                     %ul
                       - @group.errors.full_messages.each do |msg|
                         %li= msg
+            +   .row
+            +     .col-md-6
                     .form-group.field
                       = f.label :name
                       = f.text_field :name, class: 'form-control'
+            +   .row
+            +     .col-md-6
                     .form-group.field
                       = f.label :description
                       = f.text_field :description, class: 'form-control'
+            +   .row
+            +     .col-md-6
+            +       .checkbox
+            +         = f.label :enabled do
+            +           = f.check_box :enabled
+            +           Enabled
+            +   .row
+            +     .col-md-6
                     .form-group.actions
                       = f.submit 'Save', class: 'btn btn-primary'

app/views/groups/index.html.haml ¶ +3 -1

                   %tr
                     %th Name
                     %th Description
+            +       %th Enabled?
                     %th
                     %th
                 %tbody
                   - @groups.each do |group|
-            -       %tr
+            +       %tr{:class => "#{(group.enabled?) ? "success" : "danger"}", id: "group-#{group.id}"}
                       %td= group.name
                       %td= group.description
+            +         %td= toggle_button(group.enabled?, toggle_group_path(group), "group-enabled-#{group.id}", size: ' ', block: ' ')
                       %td= link_to 'View', group, class: 'btn btn-default'
                       %td= link_to 'Destroy', group, :method => :delete, :data => { :confirm => 'Are you sure?' }, class: 'btn btn-danger'

app/views/layouts/_header.html.haml ¶ +1 -1

                               = add_menu( 'Login Report', 'report', 'login')
                           - if (ungraded = Submission.where('graded_at is null').where('submitted_at < ?', 1.minutes.ago).count) > 0
                             =link_to "#{ungraded} backlogs!",
-            -                 grader_list_path,
+            +                 graders_list_path,
                               class: 'navbar-btn btn btn-default btn-warning', data: {toggle: 'tooltip'},title: 'Number of ungraded submission'
                       %ul.nav.navbar-nav.navbar-right

app/views/main/help.html.haml ¶ +1 -1

                         %tt <tt>{<br/>LANG: Pascal<br/>TASK: mobiles<br/>}</tt>
                   %p
-            -       = raw(t('help.ask_questions_at_messages',:message_link_name => (t 'menu.messages'),:url => url_for(:controller => 'messages', :action => 'list')))
+            +       = raw(t('help.ask_questions_at_messages',:message_link_name => (t 'menu.messages'),url: messages_path ))

app/views/problems/stat.html.haml ¶ +16 -12

@@ -6,19 +6,23
6	%h1 Problem stat: #{@problem.name}	6	%h1 Problem stat: #{@problem.name}
7	%h2 Overview	7	%h2 Overview
8		8
		9	+ .row
		10	+ .col-md-2
		11	+ %strong Name:
		12	+ .col-md-10
		13	+ = @problem.full_name #in_place_editor_field :problem, :full_name, {}, :rows=>1
		14	+ = link_to_description_if_any "[#{t 'main.problem_desc'}] <span class='glyphicon glyphicon-file'></span>".html_safe, @problem
		15	+ .row
		16	+ .col-md-2.strong
		17	+ %strong Submissions:
		18	+ .col-md-10
		19	+ = @submissions.count
		20	+ .row
		21	+ .col-md-2.strong
		22	+ %strong Solved/Attemped User
		23	+ .col-md-10
		24	+ #{@summary[:solve]}/#{@summary[:attempt]} (#{(@summary[:solve]*100.0/@summary[:attempt]).round(1)}%)
9		25
10	- %table.info
11	- %thead
12	- %tr.info-head
13	- %th Stat
14	- %th Value
15	- %tbody
16	- %tr{class: cycle('info-even','info-odd')}
17	- %td Submissions
18	- %td= @submissions.count
19	- %tr{class: cycle('info-even','info-odd')}
20	- %td Solved/Attempted User
21	- %td #{@summary[:solve]}/#{@summary[:attempt]} (#{(@summary[:solve]*100.0/@summary[:attempt]).round(1)}%)
22		26
23	%h2 Submissions Count	27	%h2 Submissions Count
24	= render partial: 'application/bar_graph', locals: { histogram: @histogram }	28	= render partial: 'application/bar_graph', locals: { histogram: @histogram }

app/views/submissions/show.html.haml ¶ +1

                           - if @submission.problem!=nil
                             = link_to "[#{@submission.problem.name}]", stat_problem_path(@submission.problem)
                             = @submission.problem.full_name
+            +               = link_to_description_if_any "[download] <span class='glyphicon glyphicon-file'></span>".html_safe, @submission.problem
                           - else
                             = "(n/a)"
                       %tr

app/views/user_admin/admin.html.haml ¶ +39 -10

@@ -1,7 +1,17
1	- %h1 Administrators	1	+ %h1 Modify Role
2	-	2	+ .row
3	- %table{:class => 'info'}	3	+ .col-md-6
4	- %tr{:class => 'info-head'}	4	+ %h4 Administrators
		5	+ = form_tag modify_role_user_admin_index_path, method: 'post', class: 'form-inline' do
		6	+ = hidden_field_tag :role, 'admin'
		7	+ .form-group
		8	+ = label_tag :login, 'Grant admin role to:'
		9	+ = text_field_tag 'login',nil, class: 'form-control'
		10	+ .form-group
		11	+ = submit_tag 'Grant', class: 'btn btn-primary'
		12	+ %br
		13	+ %table.table.table-condense.table-hover.table-striped.table-bordered
		14	+ %thead{:class => 'info-head'}
5	%th #	15	%th #
6	%th Login	16	%th Login
7	%th Full name	17	%th Full name
@@ -13,13 +23,32
13	%td= user.full_name	23	%td= user.full_name
14	%td	24	%td
15	- if user.login!='root'	25	- if user.login!='root'
16	- = link_to '[revoke]', :action => 'revoke_admin', :id => user.id	26	+ = link_to '[revoke]', modify_role_user_admin_index_path( login: user.login, role: 'admin', commit: 'revoke')
17	- %hr	27	+ .col-md-6
		28	+ %h4 Teacher Assistants (TA)
		29	+ = form_tag modify_role_user_admin_index_path, method: 'post', class: 'form-inline' do
		30	+ = hidden_field_tag :role, 'TA'
		31	+ .form-group
		32	+ = label_tag :login, 'Grant TA role to:'
		33	+ = text_field_tag 'login',nil, class: 'form-control'
		34	+ .form-group
		35	+ = submit_tag 'Grant', class: 'btn btn-primary'
		36	+ %br
		37	+ %table.table.table-condense.table-hover.table-striped.table-bordered
		38	+ %thead{:class => 'info-head'}
		39	+ %th #
		40	+ %th Login
		41	+ %th Full name
		42	+ %th
		43	+ - @tas.each_with_index do \|user, i\|
		44	+ %tr
		45	+ %td= i+1
		46	+ %td= user.login
		47	+ %td= user.full_name
		48	+ %td
		49	+ - if user.login!='root'
		50	+ = link_to '[revoke]', modify_role_user_admin_index_path( login: user.login, role: 'TA', commit: 'revoke')
18		51
19	- = form_tag :action => 'grant_admin' do
20	- = label_tag :login, 'Grant admin permission to:'
21	- = text_field_tag 'login',nil, class: 'input-field'
22	- = submit_tag 'Grant', class: 'btn btn-primary'
23		52
24	%hr/	53	%hr/
25	= link_to '[go back to index]', :action => 'index'	54	= link_to '[go back to index]', :action => 'index'

app/views/user_admin/new_list.html.haml ¶ +9

@@ -26,6 +26,15
26	is empty, the original value will be used instead.	26	is empty, the original value will be used instead.
27	%li	27	%li
28	If the users with the same user_id already exists, existing information will be overwritten.	28	If the users with the same user_id already exists, existing information will be overwritten.
		29	+ Example:
		30	+ %ol
		31	+ %li
		32	+ %pre user1,Somchai Jaidee
		33	+ will create (or update) a user with login "user1" and setting the fullname to "Somchai Jaidee", also setting a random password.
		34	+ %li
		35	+ %pre user1,Somchai Jaidee,
		36	+ will create (or update) a user with login "user1" and and setting the fullname "Somchai Jaidee". No change is made to the password unless this is a new user. If this is a new user, a random password will be generated.
		37	+
29		38
30	.row	39	.row
31	.col-md-6	40	.col-md-6

config/routes.rb ¶ +9 -9

                     post 'add_problem', to: 'groups#add_problem', as: 'add_problem'
                     delete 'remove_problem/:problem_id', to: 'groups#remove_problem', as: 'remove_problem'
                     delete 'remove_all_problem', to: 'groups#remove_all_problem', as: 'remove_all_problem'
+            +       get 'toggle'
                   end
                   collection do
                     get 'download'
                     get 'compiler_msg'
                     get 'rejudge'
-            -       get 'source'
                   end
                   collection do
                     get 'prob/:problem_id', to: 'submissions#index', as: 'problem'
                     get 'admin'
                     get 'active'
                     get 'mass_mailing'
-            -       get 'revoke_admin'
+            +       match 'modify_role', via: [:get, :post]
-            -       post 'grant_admin'
                     match 'create_from_list', via: [:get, :post]
                     match 'random_all_passwords', via: [:get, :post]
                   end
                 #
                 get 'tasks/view/:file.:ext' => 'tasks#view'
-            -   get 'tasks/download/:id/:file.:ext' => 'tasks#download'
+            +   get 'tasks/download/:id/:file.:ext' => 'tasks#download', as: 'download_task'
                 get 'heartbeat/:id/edit' => 'heartbeat#edit'
                 #grader
-            -   get 'graders/list', to: 'graders#list', as: 'grader_list'
+            +   #get 'graders/list', to: 'graders#list', as: 'grader_list'
                 namespace :graders do
                   get 'task/:id/:type', action: 'task', as: 'task'
                   get 'view/:id/:type', action: 'view', as: 'view'
                   get 'clear/:id', action: 'clear', as: 'clear'
-            -     get 'stop'
-            -     get 'stop_all'
-            -     get 'clear_all'
-            -     get 'clear_terminated'
                   get 'start_grading'
                   get 'start_exam'
+            +     get 'clear_all'
+            +     get 'stop_all'
+            +     get 'stop'
+            +     get 'clear_terminated'
+            +     get 'list'
                 end

db/seeds.rb ¶ +1

               end
               def seed_roles
+            +   Role.find_or_create_by(name: 'TA')
                 return if Role.find_by_name('admin')
                 role = Role.create(:name => 'admin')

Write
Preview

You need to be logged in to leave comments. Login now

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository permissions settings

Sign in to your account

Commit r801:33c0929c92ed public

Author

r801:33c0929c92ed - Mon, 21 Sep 2020 14:13:04 - 23 files changed: 180 inserted, 96 deleted

Commit `r801:33c0929c92ed` public