cafe-grader-web

Commit r852:41c96ab8e589 public

parent | child
Description:
use uuid cookie
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Ignore whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r852:41c96ab8e589 - - 3 files changed: 20 inserted, 2 deleted

Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,243 +1,251
1 1 require 'ipaddr'
2 + require "securerandom"
2 3
3 4 class ApplicationController < ActionController::Base
4 5 protect_from_forgery
5 6
6 7 before_action :current_user
7 8 before_action :nav_announcement
9 + before_action :unique_visitor_id
8 10
9 11 SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode'
10 12 MULTIPLE_IP_LOGIN_CONF_KEY = 'right.multiple_ip_login'
11 13 WHITELIST_IGNORE_CONF_KEY = 'right.whitelist_ignore'
12 14 WHITELIST_IP_CONF_KEY = 'right.whitelist_ip'
13 15
14 16 #report and redirect for unauthorized activities
15 17 def unauthorized_redirect(notice = 'You are not authorized to view the page you requested')
16 18 flash[:notice] = notice
17 19 redirect_to login_main_path
18 20 end
19 21
20 22 # Returns the current logged-in user (if any).
21 23 def current_user
22 24 return nil unless session[:user_id]
23 25 @current_user ||= User.find(session[:user_id])
24 26 end
25 27
26 28 def nav_announcement
27 29 @nav_announcement = Announcement.where(on_nav_bar: true)
28 30 end
29 31
30 32 def admin_authorization
31 33 return false unless check_valid_login
32 34 user = User.includes(:roles).find(session[:user_id])
33 35 unless user.admin?
34 36 unauthorized_redirect
35 37 return false
36 38 end
37 39 return true
38 40 end
39 41
40 42 def authorization_by_roles(allowed_roles)
41 43 return false unless check_valid_login
42 44 unless @current_user.roles.detect { |role| allowed_roles.member?(role.name) }
43 45 unauthorized_redirect
44 46 return false
45 47 end
46 48 end
47 49
48 50 def testcase_authorization
49 51 #admin always has privileged
50 52 if @current_user.admin?
51 53 return true
52 54 end
53 55
54 56 unauthorized_redirect unless GraderConfiguration["right.view_testcase"]
55 57 end
56 58
59 + def unique_visitor_id
60 + unless cookies[:uuid]
61 + value = SecureRandom.uuid
62 + cookies[:uuid] = { value: value, expires: 20.year }
63 + end
64 + end
57 65
58 66 protected
59 67
60 68 #redirect to root (and also force logout)
61 69 #if the user is not logged_in or the system is in "ADMIN ONLY" mode
62 70 def check_valid_login
63 71 #check if logged in
64 72 unless session[:user_id]
65 73 if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY]
66 74 unauthorized_redirect('You need to login but you cannot log in at this time')
67 75 else
68 76 unauthorized_redirect('You need to login')
69 77 end
70 78 return false
71 79 end
72 80
73 81 # check if run in single user mode
74 82 if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY]
75 83 if @current_user==nil || (!@current_user.admin?)
76 84 unauthorized_redirect('You cannot log in at this time')
77 85 return false
78 86 end
79 87 end
80 88
81 89 # check if the user is enabled
82 90 unless @current_user.enabled? || @current_user.admin?
83 91 unauthorized_redirect 'Your account is disabled'
84 92 return false
85 93 end
86 94
87 95 # check if user ip is allowed
88 96 unless @current_user.admin? || GraderConfiguration[WHITELIST_IGNORE_CONF_KEY]
89 97 unless is_request_ip_allowed?
90 98 unauthorized_redirect 'Your IP is not allowed to login at this time.'
91 99 return false
92 100 end
93 101 end
94 102
95 103 if GraderConfiguration.multicontests?
96 104 return true if @current_user.admin?
97 105 begin
98 106 if @current_user.contest_stat(true).forced_logout
99 107 flash[:notice] = 'You have been automatically logged out.'
100 108 redirect_to :controller => 'main', :action => 'index'
101 109 end
102 110 rescue
103 111 end
104 112 end
105 113 return true
106 114 end
107 115
108 116 #redirect to root (and also force logout)
109 117 #if the user use different ip from the previous connection
110 118 # only applicable when MULTIPLE_IP_LOGIN options is false only
111 119 def authenticate_by_ip_address
112 120 #this assume that we have already authenticate normally
113 121 unless GraderConfiguration[MULTIPLE_IP_LOGIN_CONF_KEY]
114 122 user = User.find(session[:user_id])
115 123 if (!user.admin? && user.last_ip && user.last_ip != request.remote_ip)
116 124 flash[:notice] = "You cannot use the system from #{request.remote_ip}. Your last ip is #{user.last_ip}"
117 125 redirect_to :controller => 'main', :action => 'login'
118 126 return false
119 127 end
120 128 unless user.last_ip
121 129 user.last_ip = request.remote_ip
122 130 user.save
123 131 end
124 132 end
125 133 return true
126 134 end
127 135
128 136 def authorization
129 137 return false unless check_valid_login
130 138 user = User.find(session[:user_id])
131 139 unless user.roles.detect { |role|
132 140 role.rights.detect{ |right|
133 141 right.controller == self.class.controller_name and
134 142 (right.action == 'all' || right.action == action_name)
135 143 }
136 144 }
137 145 flash[:notice] = 'You are not authorized to view the page you requested'
138 146 #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login')
139 147 redirect_to :controller => 'main', :action => 'login'
140 148 return false
141 149 end
142 150 end
143 151
144 152 def verify_time_limit
145 153 return true if session[:user_id]==nil
146 154 user = User.find(session[:user_id], :include => :site)
147 155 return true if user==nil || user.site == nil
148 156 if user.contest_finished?
149 157 flash[:notice] = 'Error: the contest you are participating is over.'
150 158 redirect_to :back
151 159 return false
152 160 end
153 161 return true
154 162 end
155 163
156 164 def is_request_ip_allowed?
157 165 unless GraderConfiguration[WHITELIST_IGNORE_CONF_KEY]
158 166 user_ip = IPAddr.new(request.remote_ip)
159 167 allowed = GraderConfiguration[WHITELIST_IP_CONF_KEY] || ''
160 168
161 169 allowed.delete(' ').split(',').each do |ips|
162 170 allow_ips = IPAddr.new(ips)
163 171 if allow_ips.include?(user_ip)
164 172 return true
165 173 end
166 174 end
167 175 return false
168 176 end
169 177 return true
170 178 end
171 179
172 180 #function for datatable ajax query
173 181 #return record,total_count,filter_count
174 182 def process_query_record(record,
175 183 total_count: nil,
176 184 select: '',
177 185 global_search: [],
178 186 no_search: false,
179 187 force_order: '',
180 188 date_filter: '', date_param_since: 'date_since',date_param_until: 'date_until',
181 189 hard_limit: nil)
182 190 arel_table = record.model.arel_table
183 191
184 192 if !no_search && params['search']
185 193 global_value = record.model.sanitize_sql(params['search']['value'].strip.downcase)
186 194 if !global_value.blank?
187 195 global_value.split.each do |value|
188 196 global_where = global_search.map{|f| "LOWER(#{f}) like '%#{value}%'"}.join(' OR ')
189 197 record = record.where(global_where)
190 198 end
191 199 end
192 200
193 201 params['columns'].each do |i, col|
194 202 if !col['search']['value'].blank?
195 203 record = record.where(arel_table[col['name']].lower.matches("%#{col['search']['value'].strip.downcase}%"))
196 204 end
197 205 end
198 206 end
199 207
200 208 if !date_filter.blank?
201 209 param_since = params[date_param_since]
202 210 param_until = params[date_param_until]
203 211 date_since = Time.zone.parse( param_since ) || Time.new(1,1,1) rescue Time.new(1,1,1)
204 212 date_until = Time.zone.parse( param_until ) || Time.zone.now() rescue Time.zone.now()
205 213 date_range = date_since..(date_until.end_of_day)
206 214 record = record.where(date_filter.to_sym => date_range)
207 215 end
208 216
209 217 if force_order.blank?
210 218 if params['order']
211 219 params['order'].each do |i, o|
212 220 colName = params['columns'][o['column']]['name']
213 221 colName = "#{record.model.table_name}.#{colName}" if colName.upcase == 'ID'
214 222 record = record.order("#{colName} #{o['dir'].casecmp('desc') != 0 ? 'ASC' : 'DESC'}") unless colName.blank?
215 223 end
216 224 end
217 225 else
218 226 record = record.order(force_order)
219 227 end
220 228
221 229 filterCount = record.count(record.model.primary_key)
222 230 # if .group() is used, filterCount might be like {id_1: count_1, id_2: count_2, ...}
223 231 # so we should count the result again..
224 232 if filterCount.is_a? Hash
225 233 filterCount = filterCount.count
226 234 end
227 235
228 236
229 237 record = record.offset(params['start'] || 0)
230 238 record = record.limit(hard_limit)
231 239 if (params['length'])
232 240 limit = params['length'].to_i
233 241 limit == hard_limit if (hard_limit && hard_limit < limit)
234 242 record = record.limit(limit)
235 243 end
236 244 if (!select.blank?)
237 245 record = record.select(select)
238 246 end
239 247
240 248 return record, total_count || record.model.count, filterCount
241 249 end
242 250
243 251 end
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,89 +1,99
1 1 class LoginController < ApplicationController
2 2
3 3 @@authenticators = []
4 4
5 5 def index
6 6 # show login screen
7 7 reset_session
8 8 redirect_to :controller => 'main', :action => 'login'
9 9 end
10 10
11 11 def login
12 12 user = get_authenticated_user(params[:login], params[:password])
13 13 unless user
14 14 flash[:notice] = 'Wrong password'
15 15 redirect_to :controller => 'main', :action => 'login'
16 16 return
17 17 end
18 18
19 19 if (!GraderConfiguration['right.bypass_agreement']) and (!params[:accept_agree]) and !user.admin?
20 20 flash[:notice] = 'You must accept the agreement before logging in'
21 21 redirect_to :controller => 'main', :action => 'login'
22 22 return
23 23 end
24 24
25 + #store uuid when login
26 + if user.last_ip.nil?
27 + user.last_ip = cookies[:uuid]
28 + else
29 + if user.last_ip != cookies[:uuid]
30 + user.last_ip =cookies[:uuid]
31 + #log different login
32 + end
33 + end
34 +
25 35 #process logging in
26 36 session[:user_id] = user.id
27 37 session[:admin] = user.admin?
28 38
29 39 # clear forced logout flag for multicontests contest change
30 40 if GraderConfiguration.multicontests?
31 41 contest_stat = user.contest_stat
32 42 if contest_stat.respond_to? :forced_logout
33 43 if contest_stat.forced_logout
34 44 contest_stat.forced_logout = false
35 45 contest_stat.save
36 46 end
37 47 end
38 48 end
39 49
40 50 #save login information
41 - Login.create(user_id: user.id, ip_address: request.remote_ip)
51 + Login.create(user_id: user.id, ip_address: cookies[:uuid])
42 52
43 53 redirect_to :controller => 'main', :action => 'list'
44 54 end
45 55
46 56 def site_login
47 57 begin
48 58 site = Site.find(params[:login][:site_id])
49 59 rescue ActiveRecord::RecordNotFound
50 60 site = nil
51 61 end
52 62 if site==nil
53 63 flash[:notice] = 'Wrong site'
54 64 redirect_to :controller => 'main', :action => 'login' and return
55 65 end
56 66 if (site.password) and (site.password == params[:login][:password])
57 67 session[:site_id] = site.id
58 68 redirect_to :controller => 'site', :action => 'index'
59 69 else
60 70 flash[:notice] = 'Wrong site password'
61 71 redirect_to :controller => 'site', :action => 'login'
62 72 end
63 73 end
64 74
65 75 def logout
66 76 redirect_to root_path
67 77 end
68 78
69 79 def self.add_authenticator(authenticator)
70 80 @@authenticators << authenticator
71 81 end
72 82
73 83 protected
74 84
75 85 def get_authenticated_user(login, password)
76 86 if @@authenticators.empty?
77 87 return User.authenticate(login, password)
78 88 else
79 89 user = User.authenticate(login, password)
80 90 @@authenticators.each do |authenticator|
81 91 if not user
82 92 user = authenticator.authenticate(login, password)
83 93 end
84 94 end
85 95 return user
86 96 end
87 97 end
88 98
89 99 end
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,461 +1,461
1 1 require 'digest/sha1'
2 2 require 'net/pop'
3 3 require 'net/https'
4 4 require 'net/http'
5 5 require 'json'
6 6
7 7 class User < ActiveRecord::Base
8 8
9 9 has_and_belongs_to_many :roles
10 10
11 11 #has_and_belongs_to_many :groups
12 12 has_many :groups_users, class_name: 'GroupUser'
13 13 has_many :groups, :through => :groups_users
14 14
15 15 has_many :test_requests, -> {order(submitted_at: :desc)}
16 16
17 17 has_many :messages, -> { order(created_at: :desc) },
18 18 :class_name => "Message",
19 19 :foreign_key => "sender_id"
20 20
21 21 has_many :replied_messages, -> { order(created_at: :desc) },
22 22 :class_name => "Message",
23 23 :foreign_key => "receiver_id"
24 24
25 25 has_many :logins
26 26
27 27 has_one :contest_stat, :class_name => "UserContestStat", :dependent => :destroy
28 28
29 29 belongs_to :site
30 30 belongs_to :country
31 31
32 32 has_and_belongs_to_many :contests, -> { order(:name)}
33 33
34 34 scope :activated_users, -> {where activated: true}
35 35
36 36 validates_presence_of :login
37 37 validates_uniqueness_of :login
38 38 validates_format_of :login, :with => /\A[\_A-Za-z0-9]+\z/
39 39 validates_length_of :login, :within => 3..30
40 40
41 41 validates_presence_of :full_name
42 42 validates_length_of :full_name, :minimum => 1
43 -
43 +
44 44 validates_presence_of :password, :if => :password_required?
45 45 validates_length_of :password, :within => 4..50, :if => :password_required?
46 46 validates_confirmation_of :password, :if => :password_required?
47 47
48 48 validates_format_of :email,
49 49 :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i,
50 50 :if => :email_validation?
51 51 validate :uniqueness_of_email_from_activated_users,
52 52 :if => :email_validation?
53 53 validate :enough_time_interval_between_same_email_registrations,
54 54 :if => :email_validation?
55 55
56 56 # these are for ytopc
57 57 # disable for now
58 58 #validates_presence_of :province
59 59
60 60 attr_accessor :password
61 61
62 62 before_save :encrypt_new_password
63 63 before_save :assign_default_site
64 64 before_save :assign_default_contest
65 65
66 66 # this is for will_paginate
67 67 cattr_reader :per_page
68 68 @@per_page = 50
69 69
70 70 def self.authenticate(login, password)
71 71 user = find_by_login(login)
72 72 if user
73 73 return user if user.authenticated?(password)
74 74 end
75 75 end
76 76
77 77 def authenticated?(password)
78 78 if self.activated
79 79 hashed_password == User.encrypt(password,self.salt)
80 80 else
81 81 false
82 82 end
83 83 end
84 84
85 85 def login_with_name
86 86 "[#{login}] #{full_name}"
87 87 end
88 88
89 89 def admin?
90 90 has_role?('admin')
91 91 end
92 92
93 93 def has_role?(role)
94 94 self.roles.where(name: role).count > 0
95 95 end
96 96
97 97 def email_for_editing
98 98 if self.email==nil
99 99 "(unknown)"
100 100 elsif self.email==''
101 101 "(blank)"
102 102 else
103 103 self.email
104 104 end
105 105 end
106 106
107 107 def email_for_editing=(e)
108 108 self.email=e
109 109 end
110 110
111 111 def alias_for_editing
112 112 if self.alias==nil
113 113 "(unknown)"
114 114 elsif self.alias==''
115 115 "(blank)"
116 116 else
117 117 self.alias
118 118 end
119 119 end
120 120
121 121 def alias_for_editing=(e)
122 122 self.alias=e
123 123 end
124 124
125 125 def activation_key
126 126 if self.hashed_password==nil
127 127 encrypt_new_password
128 128 end
129 129 Digest::SHA1.hexdigest(self.hashed_password)[0..7]
130 130 end
131 131
132 132 def verify_activation_key(key)
133 133 key == activation_key
134 134 end
135 135
136 136 def self.random_password(length=5)
137 137 chars = 'abcdefghjkmnopqrstuvwxyz'
138 138 password = ''
139 139 length.times { password << chars[rand(chars.length - 1)] }
140 140 password
141 141 end
142 142
143 143
144 144 # Contest information
145 145
146 146 def self.find_users_with_no_contest()
147 147 users = User.all
148 148 return users.find_all { |u| u.contests.length == 0 }
149 149 end
150 150
151 151
152 152 def contest_time_left
153 153 if GraderConfiguration.contest_mode?
154 154 return nil if site==nil
155 155 return site.time_left
156 156 elsif GraderConfiguration.indv_contest_mode?
157 157 time_limit = GraderConfiguration.contest_time_limit
158 158 if time_limit == nil
159 159 return nil
160 160 end
161 161 if contest_stat==nil or contest_stat.started_at==nil
162 162 return (Time.now.gmtime + time_limit) - Time.now.gmtime
163 163 else
164 164 finish_time = contest_stat.started_at + time_limit
165 165 current_time = Time.now.gmtime
166 166 if current_time > finish_time
167 167 return 0
168 168 else
169 169 return finish_time - current_time
170 170 end
171 171 end
172 172 else
173 173 return nil
174 174 end
175 175 end
176 176
177 177 def contest_finished?
178 178 if GraderConfiguration.contest_mode?
179 179 return false if site==nil
180 180 return site.finished?
181 181 elsif GraderConfiguration.indv_contest_mode?
182 182 return false if self.contest_stat==nil
183 183 return contest_time_left == 0
184 184 else
185 185 return false
186 186 end
187 187 end
188 188
189 189 def contest_started?
190 190 if GraderConfiguration.indv_contest_mode?
191 191 stat = self.contest_stat
192 192 return ((stat != nil) and (stat.started_at != nil))
193 193 elsif GraderConfiguration.contest_mode?
194 194 return true if site==nil
195 195 return site.started
196 196 else
197 197 return true
198 198 end
199 199 end
200 200
201 201 def update_start_time
202 202 stat = self.contest_stat
203 203 if stat.nil? or stat.started_at.nil?
204 204 stat ||= UserContestStat.new(:user => self)
205 205 stat.started_at = Time.now.gmtime
206 206 stat.save
207 207 end
208 208 end
209 209
210 210 def problem_in_user_contests?(problem)
211 211 problem_contests = problem.contests.all
212 212
213 213 if problem_contests.length == 0 # this is public contest
214 214 return true
215 215 end
216 216
217 217 contests.each do |contest|
218 218 if problem_contests.find {|c| c.id == contest.id }
219 219 return true
220 220 end
221 221 end
222 222 return false
223 223 end
224 224
225 225 def available_problems_group_by_contests
226 226 contest_problems = []
227 227 pin = {}
228 228 contests.enabled.each do |contest|
229 229 available_problems = contest.problems.available
230 230 contest_problems << {
231 231 :contest => contest,
232 232 :problems => available_problems
233 233 }
234 234 available_problems.each {|p| pin[p.id] = true}
235 235 end
236 236 other_avaiable_problems = Problem.available.find_all {|p| pin[p.id]==nil and p.contests.length==0}
237 237 contest_problems << {
238 238 :contest => nil,
239 239 :problems => other_avaiable_problems
240 240 }
241 241 return contest_problems
242 242 end
243 243
244 244 def solve_all_available_problems?
245 245 available_problems.each do |p|
246 246 u = self
247 247 sub = Submission.find_last_by_user_and_problem(u.id,p.id)
248 248 return false if !p or !sub or sub.points < p.full_score
249 249 end
250 250 return true
251 251 end
252 252
253 253 #get a list of available problem
254 254 def available_problems
255 255 # first, we check if this is normal mode
256 256 if not GraderConfiguration.multicontests?
257 257
258 258 #if this is a normal mode
259 259 #we show problem based on problem_group, if the config said so
260 260 if GraderConfiguration.use_problem_group?
261 261 return available_problems_in_group
262 262 else
263 263 return Problem.available_problems
264 264 end
265 265 else
266 266 #this is multi contest mode
267 267 contest_problems = []
268 268 pin = {}
269 269 contests.enabled.each do |contest|
270 270 contest.problems.available.each do |problem|
271 271 if not pin.has_key? problem.id
272 272 contest_problems << problem
273 273 end
274 274 pin[problem.id] = true
275 275 end
276 276 end
277 277 other_avaiable_problems = Problem.available.find_all {|p| pin[p.id]==nil and p.contests.length==0}
278 278 return contest_problems + other_avaiable_problems
279 279 end
280 280 end
281 281
282 282 # new feature, get list of available problem in all enabled group that the user belongs to
283 283 def available_problems_in_group
284 284 problem = []
285 285 self.groups.where(enabled: true).each do |group|
286 286 group.problems.where(available: true).each { |p| problem << p }
287 287 end
288 288 problem.uniq!
289 289 if problem
290 290 problem.sort! do |a,b|
291 291 case
292 292 when a.date_added < b.date_added
293 293 1
294 294 when a.date_added > b.date_added
295 295 -1
296 296 else
297 297 a.name <=> b.name
298 298 end
299 299 end
300 300 return problem
301 301 else
302 302 return []
303 303 end
304 304 end
305 305
306 306 #check if the user has the right to view that problem
307 307 #this also consider group based problem policy
308 308 def can_view_problem?(problem)
309 309 return true if admin?
310 310 return available_problems.include? problem
311 311 end
312 312
313 313 def self.clear_last_login
314 314 User.update_all(:last_ip => nil)
315 315 end
316 316
317 317 #create multiple user, one per lines of input
318 318 def self.create_from_list(lines)
319 319 error_logins = []
320 320 first_error = nil
321 321 created_users = []
322 322
323 323 lines.split("\n").each do |line|
324 324 #split with large limit, this will cause consecutive ',' to be result in a blank
325 325 items = line.chomp.split(',',1000)
326 326 if items.length>=2
327 327 login = items[0]
328 328 full_name = items[1]
329 329 remark =''
330 330 user_alias = ''
331 331
332 332 added_random_password = false
333 333 added_password = false
334 334
335 335 #given password?
336 336 if items.length >= 3
337 337 if items[2].chomp(" ").length > 0
338 338 password = items[2].chomp(" ")
339 339 added_password = true
340 340 end
341 341 else
342 342 password = random_password
343 343 added_random_password=true;
344 344 end
345 345
346 346 #given alias?
347 347 if items.length>= 4 and items[3].chomp(" ").length > 0;
348 348 user_alias = items[3].chomp(" ")
349 349 else
350 350 user_alias = login
351 351 end
352 352
353 353 #given remark?
354 354 has_remark = false
355 355 if items.length>=5
356 356 remark = items[4].strip;
357 357 has_remark = true
358 358 end
359 359
360 360 user = User.find_by_login(login)
361 361 if (user)
362 362 user.full_name = full_name
363 363 user.remark = remark if has_remark
364 364 user.password = password if added_password || added_random_password
365 365 else
366 366 #create a random password if none are given
367 367 password = random_password unless password
368 368 user = User.new({:login => login,
369 369 :full_name => full_name,
370 370 :password => password,
371 371 :password_confirmation => password,
372 372 :alias => user_alias,
373 373 :remark => remark})
374 374 end
375 375 user.activated = true
376 376
377 377 if user.save
378 378 created_users << user
379 379 else
380 380 error_logins << "'#{login}'"
381 381 first_error = user.errors.full_messages.to_sentence unless first_error
382 382 end
383 383 end
384 384 end
385 385
386 386 return {error_logins: error_logins, first_error: first_error, created_users: created_users}
387 387
388 388 end
389 389
390 390 def self.find_non_admin_with_prefix(prefix='')
391 391 users = User.all
392 392 return users.find_all { |u| !(u.admin?) and u.login.index(prefix)==0 }
393 393 end
394 394
395 395 protected
396 396 def encrypt_new_password
397 397 return if password.blank?
398 398 self.salt = (10+rand(90)).to_s
399 399 self.hashed_password = User.encrypt(self.password,self.salt)
400 400 end
401 401
402 402 def assign_default_site
403 403 # have to catch error when migrating (because self.site is not available).
404 404 begin
405 405 if self.site==nil
406 406 self.site = Site.find_by_name('default')
407 407 if self.site==nil
408 408 self.site = Site.find(1) # when 'default has be renamed'
409 409 end
410 410 end
411 411 rescue
412 412 end
413 413 end
414 414
415 415 def assign_default_contest
416 416 # have to catch error when migrating (because self.site is not available).
417 417 begin
418 418 if self.contests.length == 0
419 419 default_contest = Contest.find_by_name(GraderConfiguration['contest.default_contest_name'])
420 420 if default_contest
421 421 self.contests = [default_contest]
422 422 end
423 423 end
424 424 rescue
425 425 end
426 426 end
427 427
428 428 def password_required?
429 429 self.hashed_password.blank? || !self.password.blank?
430 430 end
431 431
432 432 def self.encrypt(string,salt)
433 433 Digest::SHA1.hexdigest(salt + string)
434 434 end
435 435
436 436 def uniqueness_of_email_from_activated_users
437 437 user = User.activated_users.find_by_email(self.email)
438 438 if user and (user.login != self.login)
439 439 self.errors.add(:base,"Email has already been taken")
440 440 end
441 441 end
442 442
443 443 def enough_time_interval_between_same_email_registrations
444 444 return if !self.new_record?
445 445 return if self.activated
446 446 open_user = User.find_by_email(self.email,
447 447 :order => 'created_at DESC')
448 448 if open_user and open_user.created_at and
449 449 (open_user.created_at > Time.now.gmtime - 5.minutes)
450 450 self.errors.add(:base,"There are already unactivated registrations with this e-mail address (please wait for 5 minutes)")
451 451 end
452 452 end
453 453
454 454 def email_validation?
455 455 begin
456 456 return VALIDATE_USER_EMAILS
457 457 rescue
458 458 return false
459 459 end
460 460 end
461 461 end
You need to be logged in to leave comments. Login now