cafe-grader-web

Commit r261:432c3e723bef public

parent | child
Description:
hacked user creation to bypass member name validation, changed default config for test pair import
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Ignore whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r261:432c3e723bef - - 2 files changed: 2 inserted, 1 deleted

Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,259 +1,260
1 1 class UserAdminController < ApplicationController
2 2
3 3 before_filter :admin_authorization
4 4
5 5 def index
6 6 list
7 7 render :action => 'list'
8 8 end
9 9
10 10 # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html)
11 11 verify :method => :post, :only => [ :destroy,
12 12 :create, :create_from_list,
13 13 :update ],
14 14 :redirect_to => { :action => :list }
15 15
16 16 def list
17 17 @users = User.find(:all)
18 18 @hidden_columns = ['hashed_password', 'salt', 'created_at', 'updated_at']
19 19 end
20 20
21 21 def active
22 22 sessions = ActiveRecord::SessionStore::Session.find(:all, :conditions => ["updated_at >= ?", 60.minutes.ago])
23 23 @users = []
24 24 sessions.each do |session|
25 25 if session.data[:user_id]
26 26 @users << User.find(session.data[:user_id])
27 27 end
28 28 end
29 29 end
30 30
31 31 def show
32 32 @user = User.find(params[:id])
33 33 end
34 34
35 35 def new
36 36 @user = User.new
37 37 end
38 38
39 39 def create
40 40 @user = User.new(params[:user])
41 + @user.member1_full_name = @user.full_name
41 42 @user.activated = true
42 43 if @user.save
43 44 flash[:notice] = 'User was successfully created.'
44 45 redirect_to :action => 'list'
45 46 else
46 47 render :action => 'new'
47 48 end
48 49 end
49 50
50 51 def create_from_list
51 52 lines = params[:user_list]
52 53
53 54 note = []
54 55
55 56 lines.split("\n").each do |line|
56 57 items = line.chomp.split(',')
57 58 if items.length>=2
58 59 login = items[0]
59 60 full_name = items[1]
60 61
61 62 added_random_password = false
62 63 if items.length>=3
63 64 password = items[2]
64 65 user_alias = (items.length>=4) ? items[3] : login
65 66 else
66 67 password = random_password
67 68 user_alias = (items.length>=4) ? items[3] : login
68 69 added_random_password = true
69 70 end
70 71
71 72 user = User.new({:login => login,
72 73 :full_name => full_name,
73 74 :password => password,
74 75 :password_confirmation => password,
75 76 :alias => user_alias})
76 77 user.activated = true
77 78 user.save
78 79
79 80 if added_random_password
80 81 note << "'#{login}' (+)"
81 82 else
82 83 note << login
83 84 end
84 85 end
85 86 end
86 87 flash[:notice] = 'User(s) ' + note.join(', ') +
87 88 ' were successfully created. ' +
88 89 '( (+) - created with random passwords.)'
89 90 redirect_to :action => 'list'
90 91 end
91 92
92 93 def edit
93 94 @user = User.find(params[:id])
94 95 end
95 96
96 97 def update
97 98 @user = User.find(params[:id])
98 99 if @user.update_attributes(params[:user])
99 100 flash[:notice] = 'User was successfully updated.'
100 101 redirect_to :action => 'show', :id => @user
101 102 else
102 103 render :action => 'edit'
103 104 end
104 105 end
105 106
106 107 def destroy
107 108 User.find(params[:id]).destroy
108 109 redirect_to :action => 'list'
109 110 end
110 111
111 112 def user_stat
112 113 @problems = Problem.find_available_problems
113 114 @users = User.find(:all)
114 115 @scorearray = Array.new
115 116 @users.each do |u|
116 117 ustat = Array.new
117 118 ustat[0] = u
118 119 @problems.each do |p|
119 120 sub = Submission.find_last_by_user_and_problem(u.id,p.id)
120 121 if (sub!=nil) and (sub.points!=nil)
121 122 ustat << [(sub.points.to_f*100/p.full_score).round, (sub.points>=p.full_score)]
122 123 else
123 124 ustat << [0,false]
124 125 end
125 126 end
126 127 @scorearray << ustat
127 128 end
128 129 end
129 130
130 131 def import
131 132 if params[:file]==''
132 133 flash[:notice] = 'Error importing no file'
133 134 redirect_to :action => 'list' and return
134 135 end
135 136 import_from_file(params[:file])
136 137 end
137 138
138 139 def random_all_passwords
139 140 users = User.find(:all)
140 141 @prefix = params[:prefix] || ''
141 142 @non_admin_users = User.find_non_admin_with_prefix(@prefix)
142 143 @changed = false
143 144 if request.request_method == :post
144 145 @non_admin_users.each do |user|
145 146 password = random_password
146 147 user.password = password
147 148 user.password_confirmation = password
148 149 user.save
149 150 end
150 151 @changed = true
151 152 end
152 153 end
153 154
154 155 # admin management
155 156
156 157 def admin
157 158 @admins = User.find(:all).find_all {|user| user.admin? }
158 159 end
159 160
160 161 def grant_admin
161 162 login = params[:login]
162 163 user = User.find_by_login(login)
163 164 if user!=nil
164 165 admin_role = Role.find_by_name('admin')
165 166 user.roles << admin_role
166 167 else
167 168 flash[:notice] = 'Unknown user'
168 169 end
169 170 flash[:notice] = 'User added as admins'
170 171 redirect_to :action => 'admin'
171 172 end
172 173
173 174 def revoke_admin
174 175 user = User.find(params[:id])
175 176 if user==nil
176 177 flash[:notice] = 'Unknown user'
177 178 redirect_to :action => 'admin' and return
178 179 elsif user.login == 'root'
179 180 flash[:notice] = 'You cannot revoke admisnistrator permission from root.'
180 181 redirect_to :action => 'admin' and return
181 182 end
182 183
183 184 admin_role = Role.find_by_name('admin')
184 185 user.roles.delete(admin_role)
185 186 flash[:notice] = 'User permission revoked'
186 187 redirect_to :action => 'admin'
187 188 end
188 189
189 190 protected
190 191
191 192 def random_password(length=5)
192 193 chars = 'abcdefghijkmnopqrstuvwxyz23456789'
193 194 newpass = ""
194 195 length.times { newpass << chars[rand(chars.size-1)] }
195 196 return newpass
196 197 end
197 198
198 199 def import_from_file(f)
199 200 data_hash = YAML.load(f)
200 201 @import_log = ""
201 202
202 203 country_data = data_hash[:countries]
203 204 site_data = data_hash[:sites]
204 205 user_data = data_hash[:users]
205 206
206 207 # import country
207 208 countries = {}
208 209 country_data.each_pair do |id,country|
209 210 c = Country.find_by_name(country[:name])
210 211 if c!=nil
211 212 countries[id] = c
212 213 @import_log << "Found #{country[:name]}\n"
213 214 else
214 215 countries[id] = Country.new(:name => country[:name])
215 216 countries[id].save
216 217 @import_log << "Created #{country[:name]}\n"
217 218 end
218 219 end
219 220
220 221 # import sites
221 222 sites = {}
222 223 site_data.each_pair do |id,site|
223 224 s = Site.find_by_name(site[:name])
224 225 if s!=nil
225 226 @import_log << "Found #{site[:name]}\n"
226 227 else
227 228 s = Site.new(:name => site[:name])
228 229 @import_log << "Created #{site[:name]}\n"
229 230 end
230 231 s.password = site[:password]
231 232 s.country = countries[site[:country_id]]
232 233 s.save
233 234 sites[id] = s
234 235 end
235 236
236 237 # import users
237 238 user_data.each_pair do |id,user|
238 239 u = User.find_by_login(user[:login])
239 240 if u!=nil
240 241 @import_log << "Found #{user[:login]}\n"
241 242 else
242 243 u = User.new(:login => user[:login])
243 244 @import_log << "Created #{user[:login]}\n"
244 245 end
245 246 u.full_name = user[:name]
246 247 u.password = user[:password]
247 248 u.country = countries[user[:country_id]]
248 249 u.site = sites[user[:site_id]]
249 250 u.activated = true
250 251 u.email = "empty-#{u.login}@none.com"
251 252 if not u.save
252 253 @import_log << "Errors\n"
253 254 u.errors.each { |attr,msg| @import_log << "#{attr} - #{msg}\n" }
254 255 end
255 256 end
256 257
257 258 end
258 259
259 260 end
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,112 +1,112
1 1 # Be sure to restart your web server when you modify this file.
2 2
3 3 # Uncomment below to force Rails into production mode when
4 4 # you don't control web/app server and can't set it the proper way
5 5 # ENV['RAILS_ENV'] ||= 'production'
6 6
7 7 # Specifies gem version of Rails to use when vendor/rails is not present
8 8 RAILS_GEM_VERSION = '2.3.5' unless defined? RAILS_GEM_VERSION
9 9
10 10 # Bootstrap the Rails environment, frameworks, and default configuration
11 11 require File.join(File.dirname(__FILE__), 'boot')
12 12
13 13 Rails::Initializer.run do |config|
14 14 # Settings in config/environments/* take precedence over those specified here
15 15
16 16 # Skip frameworks you're not going to use (only works if using vendor/rails)
17 17 # config.frameworks -= [ :action_web_service, :action_mailer ]
18 18
19 19 # Only load the plugins named here, by default all plugins in vendor/plugins are loaded
20 20 # config.plugins = %W( exception_notification ssl_requirement )
21 21
22 22 # Add additional load paths for your own custom dirs
23 23 # config.load_paths += %W( #{RAILS_ROOT}/extras )
24 24
25 25 # Force all environments to use the same logger level
26 26 # (by default production uses :info, the others :debug)
27 27 # config.log_level = :debug
28 28
29 29 # Use the database for sessions instead of the file system
30 30 # (create the session table with 'rake db:sessions:create')
31 31 config.action_controller.session_store = :active_record_store
32 32
33 33 # Use SQL instead of Active Record's schema dumper when creating the test database.
34 34 # This is necessary if your schema can't be completely dumped by the schema dumper,
35 35 # like if you have constraints or database-specific column types
36 36 # config.active_record.schema_format = :sql
37 37
38 38 # Activate observers that should always be running
39 39 # config.active_record.observers = :cacher, :garbage_collector
40 40
41 41 # Make Active Record use UTC-base instead of local time
42 42 config.time_zone = 'UTC'
43 43
44 44 # Setting locales
45 45 config.i18n.default_locale = 'en'
46 46
47 47 # See Rails::Configuration for more options
48 48
49 49 # -------------
50 50 # Required gems
51 51 # -------------
52 52 config.gem "haml"
53 53 config.gem "tmail"
54 54 config.gem "rdiscount", :lib => "rdiscount"
55 55
56 56 # NOTES on rspec: if you wan to test with rspec, you have to install
57 57 # rspec yourself, just call: [sudo] gem install rspec-rails
58 58
59 59 end
60 60
61 61 # Add new inflection rules using the following format
62 62 # (all these examples are active by default):
63 63 # Inflector.inflections do |inflect|
64 64 # inflect.plural /^(ox)$/i, '\1en'
65 65 # inflect.singular /^(ox)en/i, '\1'
66 66 # inflect.irregular 'person', 'people'
67 67 # inflect.uncountable %w( fish sheep )
68 68 # end
69 69
70 70 # Add new mime types for use in respond_to blocks:
71 71 # Mime::Type.register "text/richtext", :rtf
72 72 # Mime::Type.register "application/x-mobile", :mobile
73 73
74 74 # Include your application configuration below
75 75
76 76 # If you want to manage graders through web interface, set the path to
77 77 # the grader directory below. This dir is where raw, ev, ev-exam,
78 78 # scripts reside. All grader scripts will be in
79 79 # #{GRADER_ROOT_DIR}/scripts.
80 80 GRADER_ROOT_DIR = ''
81 81
82 82 # These are where inputs and outputs of test requests are stored
83 83 TEST_REQUEST_INPUT_FILE_DIR = RAILS_ROOT + '/data/test_request/input'
84 84 TEST_REQUEST_OUTPUT_FILE_DIR = RAILS_ROOT + '/data/test_request/output'
85 85
86 86 # To use ANALYSIS MODE, provide the testcases/testruns breakdown,
87 87 # and the directory of the grading result (usually in judge's dir).
88 88 TASK_GRADING_INFO_FILENAME = RAILS_ROOT + '/config/tasks.yml'
89 89
90 90 # TODO: change this to where results are kept.
91 91 GRADING_RESULT_DIR = 'RESULT-DIR'
92 92
93 93 # Change this to allow importing testdata into database as test-pairs.
94 94 # This is mainly for Code Jom contest.
95 - ALLOW_TEST_PAIR_IMPORT = false
95 + ALLOW_TEST_PAIR_IMPORT = true
96 96
97 97 # Uncomment so that the system validates user e-mails
98 98 # VALIDATE_USER_EMAILS = true
99 99
100 100 # Uncomment so that Apache X-Sendfile is used when delivering files
101 101 # (e.g., in /tasks/view).
102 102 # USE_APACHE_XSENDFILE = true
103 103
104 104 # Uncomment so that configuration is read only once when the server is loaded
105 105 # Configuration.enable_caching
106 106
107 107 # OPTIONS FOR CODE JOM
108 108 # --------------------
109 109 CODEJOM_MAX_ALIVE_LEVEL = 10
110 110 TEST_ASSIGNMENT_EXPIRATION_DURATION = 5.minute
111 111 SHOW_CONTEST_STATUS = false
112 112 HIDE_PASSED_TASKS = true No newline at end of file
You need to be logged in to leave comments. Login now