cafe-grader-web

Commit r291:43d936feb73b public

parent | child
Description:
fixed X-Sendfile restriction on output download
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Ignore whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r291:43d936feb73b - - 1 file changed: 9 inserted, 5 deleted

Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -110,101 +110,105
110 @problems = @user.available_problems
110 @problems = @user.available_problems
111 if params[:id]==nil
111 if params[:id]==nil
112 @problem = nil
112 @problem = nil
113 @submissions = nil
113 @submissions = nil
114 else
114 else
115 @problem = Problem.find_by_name(params[:id])
115 @problem = Problem.find_by_name(params[:id])
116 if not @problem.available
116 if not @problem.available
117 redirect_to :action => 'list'
117 redirect_to :action => 'list'
118 flash[:notice] = 'Error: submissions for that problem are not viewable.'
118 flash[:notice] = 'Error: submissions for that problem are not viewable.'
119 return
119 return
120 end
120 end
121 @submissions = Submission.find_all_by_user_problem(@user.id, @problem.id)
121 @submissions = Submission.find_all_by_user_problem(@user.id, @problem.id)
122 end
122 end
123 end
123 end
124
124
125 def result
125 def result
126 if !Configuration.show_grading_result
126 if !Configuration.show_grading_result
127 redirect_to :action => 'list' and return
127 redirect_to :action => 'list' and return
128 end
128 end
129 @user = User.find(session[:user_id])
129 @user = User.find(session[:user_id])
130 @submission = Submission.find(params[:id])
130 @submission = Submission.find(params[:id])
131 if @submission.user!=@user
131 if @submission.user!=@user
132 flash[:notice] = 'You are not allowed to view result of other users.'
132 flash[:notice] = 'You are not allowed to view result of other users.'
133 redirect_to :action => 'list' and return
133 redirect_to :action => 'list' and return
134 end
134 end
135 prepare_grading_result(@submission)
135 prepare_grading_result(@submission)
136 end
136 end
137
137
138 def load_output
138 def load_output
139 if !Configuration.show_grading_result or params[:num]==nil
139 if !Configuration.show_grading_result or params[:num]==nil
140 redirect_to :action => 'list' and return
140 redirect_to :action => 'list' and return
141 end
141 end
142 @user = User.find(session[:user_id])
142 @user = User.find(session[:user_id])
143 @submission = Submission.find(params[:id])
143 @submission = Submission.find(params[:id])
144 if @submission.user!=@user
144 if @submission.user!=@user
145 flash[:notice] = 'You are not allowed to view result of other users.'
145 flash[:notice] = 'You are not allowed to view result of other users.'
146 redirect_to :action => 'list' and return
146 redirect_to :action => 'list' and return
147 end
147 end
148 case_num = params[:num].to_i
148 case_num = params[:num].to_i
149 out_filename = output_filename(@user.login,
149 out_filename = output_filename(@user.login,
150 @submission.problem.name,
150 @submission.problem.name,
151 @submission.id,
151 @submission.id,
152 case_num)
152 case_num)
153 if !FileTest.exists?(out_filename)
153 if !FileTest.exists?(out_filename)
154 flash[:notice] = 'Output not found.'
154 flash[:notice] = 'Output not found.'
155 redirect_to :action => 'list' and return
155 redirect_to :action => 'list' and return
156 end
156 end
157
157
158 - response.headers['Content-Type'] = "application/force-download"
158 + if defined?(USE_APACHE_XSENDFILE) and USE_APACHE_XSENDFILE
159 - response.headers['Content-Disposition'] = "attachment; filename=\"output-#{case_num}.txt\""
159 + response.headers['Content-Type'] = "application/force-download"
160 - response.headers["X-Sendfile"] = out_filename
160 + response.headers['Content-Disposition'] = "attachment; filename=\"output-#{case_num}.txt\""
161 - response.headers['Content-length'] = File.size(out_filename)
161 + response.headers["X-Sendfile"] = out_filename
162 - render :nothing => true
162 + response.headers['Content-length'] = File.size(out_filename)
163 + render :nothing => true
164 + else
165 + send_file out_filename, :stream => false, :filename => "output-#{case_num}.txt", :type => "text/plain"
166 + end
163 end
167 end
164
168
165 def error
169 def error
166 @user = User.find(session[:user_id])
170 @user = User.find(session[:user_id])
167 end
171 end
168
172
169 # announcement refreshing and hiding methods
173 # announcement refreshing and hiding methods
170
174
171 def announcements
175 def announcements
172 if params.has_key? 'recent'
176 if params.has_key? 'recent'
173 prepare_announcements(params[:recent])
177 prepare_announcements(params[:recent])
174 else
178 else
175 prepare_announcements
179 prepare_announcements
176 end
180 end
177 render(:partial => 'announcement',
181 render(:partial => 'announcement',
178 :collection => @announcements,
182 :collection => @announcements,
179 :locals => {:announcement_effect => true})
183 :locals => {:announcement_effect => true})
180 end
184 end
181
185
182 protected
186 protected
183
187
184 def prepare_announcements(recent=nil)
188 def prepare_announcements(recent=nil)
185 if Configuration.show_tasks_to?(@user)
189 if Configuration.show_tasks_to?(@user)
186 @announcements = Announcement.find_published(true)
190 @announcements = Announcement.find_published(true)
187 else
191 else
188 @announcements = Announcement.find_published
192 @announcements = Announcement.find_published
189 end
193 end
190 if recent!=nil
194 if recent!=nil
191 recent_id = recent.to_i
195 recent_id = recent.to_i
192 @announcements = @announcements.find_all { |a| a.id > recent_id }
196 @announcements = @announcements.find_all { |a| a.id > recent_id }
193 end
197 end
194 end
198 end
195
199
196 def prepare_list_information
200 def prepare_list_information
197 @user = User.find(session[:user_id])
201 @user = User.find(session[:user_id])
198 if not Configuration.multicontests?
202 if not Configuration.multicontests?
199 @problems = problem_list_for_user(@user)
203 @problems = problem_list_for_user(@user)
200 else
204 else
201 @contest_problems = @user.available_problems_group_by_contests
205 @contest_problems = @user.available_problems_group_by_contests
202 @problems = @user.available_problems
206 @problems = @user.available_problems
203 end
207 end
204 @prob_submissions = {}
208 @prob_submissions = {}
205 @problems.each do |p|
209 @problems.each do |p|
206 sub = Submission.find_last_by_user_and_problem(@user.id,p.id)
210 sub = Submission.find_last_by_user_and_problem(@user.id,p.id)
207 if sub!=nil
211 if sub!=nil
208 @prob_submissions[p.id] = { :count => sub.number, :submission => sub }
212 @prob_submissions[p.id] = { :count => sub.number, :submission => sub }
209 else
213 else
210 @prob_submissions[p.id] = { :count => 0, :submission => nil }
214 @prob_submissions[p.id] = { :count => 0, :submission => nil }
You need to be logged in to leave comments. Login now