Description:
fixed X-Sendfile restriction on output download
Commit status:
[Not Reviewed]
References:
Diff options:
Comments:
0 Commit comments
0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Author
Jittat Fakcharoenphol
-
r291:43d936feb73b - - 1 file changed: 9 inserted, 5 deleted
| @@ -62,197 +62,201 | |||||
|
|
62 | @submission.source_filename = params['file'].original_filename |
|
62 | @submission.source_filename = params['file'].original_filename |
|
|
63 | end |
|
63 | end |
|
|
64 | @submission.submitted_at = Time.new.gmtime |
|
64 | @submission.submitted_at = Time.new.gmtime |
|
|
65 |
|
65 | ||
|
|
66 | if Configuration.time_limit_mode? and user.contest_finished? |
|
66 | if Configuration.time_limit_mode? and user.contest_finished? |
|
|
67 | @submission.errors.add_to_base "The contest is over." |
|
67 | @submission.errors.add_to_base "The contest is over." |
|
|
68 | prepare_list_information |
|
68 | prepare_list_information |
|
|
69 | render :action => 'list' and return |
|
69 | render :action => 'list' and return |
|
|
70 | end |
|
70 | end |
|
|
71 |
|
71 | ||
|
|
72 | if @submission.valid? |
|
72 | if @submission.valid? |
|
|
73 | if @submission.save == false |
|
73 | if @submission.save == false |
|
|
74 | flash[:notice] = 'Error saving your submission' |
|
74 | flash[:notice] = 'Error saving your submission' |
|
|
75 | elsif Task.create(:submission_id => @submission.id, |
|
75 | elsif Task.create(:submission_id => @submission.id, |
|
|
76 | :status => Task::STATUS_INQUEUE) == false |
|
76 | :status => Task::STATUS_INQUEUE) == false |
|
|
77 | flash[:notice] = 'Error adding your submission to task queue' |
|
77 | flash[:notice] = 'Error adding your submission to task queue' |
|
|
78 | end |
|
78 | end |
|
|
79 | else |
|
79 | else |
|
|
80 | prepare_list_information |
|
80 | prepare_list_information |
|
|
81 | render :action => 'list' and return |
|
81 | render :action => 'list' and return |
|
|
82 | end |
|
82 | end |
|
|
83 | redirect_to :action => 'list' |
|
83 | redirect_to :action => 'list' |
|
|
84 | end |
|
84 | end |
|
|
85 |
|
85 | ||
|
|
86 | def source |
|
86 | def source |
|
|
87 | submission = Submission.find(params[:id]) |
|
87 | submission = Submission.find(params[:id]) |
|
|
88 | if submission.user_id == session[:user_id] |
|
88 | if submission.user_id == session[:user_id] |
|
|
89 | send_data(submission.source, |
|
89 | send_data(submission.source, |
|
|
90 | {:filename => submission.download_filename, |
|
90 | {:filename => submission.download_filename, |
|
|
91 | :type => 'text/plain'}) |
|
91 | :type => 'text/plain'}) |
|
|
92 | else |
|
92 | else |
|
|
93 | flash[:notice] = 'Error viewing source' |
|
93 | flash[:notice] = 'Error viewing source' |
|
|
94 | redirect_to :action => 'list' |
|
94 | redirect_to :action => 'list' |
|
|
95 | end |
|
95 | end |
|
|
96 | end |
|
96 | end |
|
|
97 |
|
97 | ||
|
|
98 | def compiler_msg |
|
98 | def compiler_msg |
|
|
99 | @submission = Submission.find(params[:id]) |
|
99 | @submission = Submission.find(params[:id]) |
|
|
100 | if @submission.user_id == session[:user_id] |
|
100 | if @submission.user_id == session[:user_id] |
|
|
101 | render :action => 'compiler_msg', :layout => 'empty' |
|
101 | render :action => 'compiler_msg', :layout => 'empty' |
|
|
102 | else |
|
102 | else |
|
|
103 | flash[:notice] = 'Error viewing source' |
|
103 | flash[:notice] = 'Error viewing source' |
|
|
104 | redirect_to :action => 'list' |
|
104 | redirect_to :action => 'list' |
|
|
105 | end |
|
105 | end |
|
|
106 | end |
|
106 | end |
|
|
107 |
|
107 | ||
|
|
108 | def submission |
|
108 | def submission |
|
|
109 | @user = User.find(session[:user_id]) |
|
109 | @user = User.find(session[:user_id]) |
|
|
110 | @problems = @user.available_problems |
|
110 | @problems = @user.available_problems |
|
|
111 | if params[:id]==nil |
|
111 | if params[:id]==nil |
|
|
112 | @problem = nil |
|
112 | @problem = nil |
|
|
113 | @submissions = nil |
|
113 | @submissions = nil |
|
|
114 | else |
|
114 | else |
|
|
115 | @problem = Problem.find_by_name(params[:id]) |
|
115 | @problem = Problem.find_by_name(params[:id]) |
|
|
116 | if not @problem.available |
|
116 | if not @problem.available |
|
|
117 | redirect_to :action => 'list' |
|
117 | redirect_to :action => 'list' |
|
|
118 | flash[:notice] = 'Error: submissions for that problem are not viewable.' |
|
118 | flash[:notice] = 'Error: submissions for that problem are not viewable.' |
|
|
119 | return |
|
119 | return |
|
|
120 | end |
|
120 | end |
|
|
121 | @submissions = Submission.find_all_by_user_problem(@user.id, @problem.id) |
|
121 | @submissions = Submission.find_all_by_user_problem(@user.id, @problem.id) |
|
|
122 | end |
|
122 | end |
|
|
123 | end |
|
123 | end |
|
|
124 |
|
124 | ||
|
|
125 | def result |
|
125 | def result |
|
|
126 | if !Configuration.show_grading_result |
|
126 | if !Configuration.show_grading_result |
|
|
127 | redirect_to :action => 'list' and return |
|
127 | redirect_to :action => 'list' and return |
|
|
128 | end |
|
128 | end |
|
|
129 | @user = User.find(session[:user_id]) |
|
129 | @user = User.find(session[:user_id]) |
|
|
130 | @submission = Submission.find(params[:id]) |
|
130 | @submission = Submission.find(params[:id]) |
|
|
131 | if @submission.user!=@user |
|
131 | if @submission.user!=@user |
|
|
132 | flash[:notice] = 'You are not allowed to view result of other users.' |
|
132 | flash[:notice] = 'You are not allowed to view result of other users.' |
|
|
133 | redirect_to :action => 'list' and return |
|
133 | redirect_to :action => 'list' and return |
|
|
134 | end |
|
134 | end |
|
|
135 | prepare_grading_result(@submission) |
|
135 | prepare_grading_result(@submission) |
|
|
136 | end |
|
136 | end |
|
|
137 |
|
137 | ||
|
|
138 | def load_output |
|
138 | def load_output |
|
|
139 | if !Configuration.show_grading_result or params[:num]==nil |
|
139 | if !Configuration.show_grading_result or params[:num]==nil |
|
|
140 | redirect_to :action => 'list' and return |
|
140 | redirect_to :action => 'list' and return |
|
|
141 | end |
|
141 | end |
|
|
142 | @user = User.find(session[:user_id]) |
|
142 | @user = User.find(session[:user_id]) |
|
|
143 | @submission = Submission.find(params[:id]) |
|
143 | @submission = Submission.find(params[:id]) |
|
|
144 | if @submission.user!=@user |
|
144 | if @submission.user!=@user |
|
|
145 | flash[:notice] = 'You are not allowed to view result of other users.' |
|
145 | flash[:notice] = 'You are not allowed to view result of other users.' |
|
|
146 | redirect_to :action => 'list' and return |
|
146 | redirect_to :action => 'list' and return |
|
|
147 | end |
|
147 | end |
|
|
148 | case_num = params[:num].to_i |
|
148 | case_num = params[:num].to_i |
|
|
149 | out_filename = output_filename(@user.login, |
|
149 | out_filename = output_filename(@user.login, |
|
|
150 | @submission.problem.name, |
|
150 | @submission.problem.name, |
|
|
151 | @submission.id, |
|
151 | @submission.id, |
|
|
152 | case_num) |
|
152 | case_num) |
|
|
153 | if !FileTest.exists?(out_filename) |
|
153 | if !FileTest.exists?(out_filename) |
|
|
154 | flash[:notice] = 'Output not found.' |
|
154 | flash[:notice] = 'Output not found.' |
|
|
155 | redirect_to :action => 'list' and return |
|
155 | redirect_to :action => 'list' and return |
|
|
156 | end |
|
156 | end |
|
|
157 |
|
157 | ||
|
|
158 | - response.headers['Content-Type'] = "application/force-download" |
|
158 | + if defined?(USE_APACHE_XSENDFILE) and USE_APACHE_XSENDFILE |
|
|
159 | - response.headers['Content-Disposition'] = "attachment; filename=\"output-#{case_num}.txt\"" |
|
159 | + response.headers['Content-Type'] = "application/force-download" |
|
|
160 | - response.headers["X-Sendfile"] = out_filename |
|
160 | + response.headers['Content-Disposition'] = "attachment; filename=\"output-#{case_num}.txt\"" |
|
|
161 |
- response.headers[ |
|
161 | + response.headers["X-Sendfile"] = out_filename |
|
|
162 | - render :nothing => true |
|
162 | + response.headers['Content-length'] = File.size(out_filename) |
|
|
|
163 | + render :nothing => true | ||
|
|
|
164 | + else | ||
|
|
|
165 | + send_file out_filename, :stream => false, :filename => "output-#{case_num}.txt", :type => "text/plain" | ||
|
|
|
166 | + end | ||
|
|
163 | end |
|
167 | end |
|
|
164 |
|
168 | ||
|
|
165 | def error |
|
169 | def error |
|
|
166 | @user = User.find(session[:user_id]) |
|
170 | @user = User.find(session[:user_id]) |
|
|
167 | end |
|
171 | end |
|
|
168 |
|
172 | ||
|
|
169 | # announcement refreshing and hiding methods |
|
173 | # announcement refreshing and hiding methods |
|
|
170 |
|
174 | ||
|
|
171 | def announcements |
|
175 | def announcements |
|
|
172 | if params.has_key? 'recent' |
|
176 | if params.has_key? 'recent' |
|
|
173 | prepare_announcements(params[:recent]) |
|
177 | prepare_announcements(params[:recent]) |
|
|
174 | else |
|
178 | else |
|
|
175 | prepare_announcements |
|
179 | prepare_announcements |
|
|
176 | end |
|
180 | end |
|
|
177 | render(:partial => 'announcement', |
|
181 | render(:partial => 'announcement', |
|
|
178 | :collection => @announcements, |
|
182 | :collection => @announcements, |
|
|
179 | :locals => {:announcement_effect => true}) |
|
183 | :locals => {:announcement_effect => true}) |
|
|
180 | end |
|
184 | end |
|
|
181 |
|
185 | ||
|
|
182 | protected |
|
186 | protected |
|
|
183 |
|
187 | ||
|
|
184 | def prepare_announcements(recent=nil) |
|
188 | def prepare_announcements(recent=nil) |
|
|
185 | if Configuration.show_tasks_to?(@user) |
|
189 | if Configuration.show_tasks_to?(@user) |
|
|
186 | @announcements = Announcement.find_published(true) |
|
190 | @announcements = Announcement.find_published(true) |
|
|
187 | else |
|
191 | else |
|
|
188 | @announcements = Announcement.find_published |
|
192 | @announcements = Announcement.find_published |
|
|
189 | end |
|
193 | end |
|
|
190 | if recent!=nil |
|
194 | if recent!=nil |
|
|
191 | recent_id = recent.to_i |
|
195 | recent_id = recent.to_i |
|
|
192 | @announcements = @announcements.find_all { |a| a.id > recent_id } |
|
196 | @announcements = @announcements.find_all { |a| a.id > recent_id } |
|
|
193 | end |
|
197 | end |
|
|
194 | end |
|
198 | end |
|
|
195 |
|
199 | ||
|
|
196 | def prepare_list_information |
|
200 | def prepare_list_information |
|
|
197 | @user = User.find(session[:user_id]) |
|
201 | @user = User.find(session[:user_id]) |
|
|
198 | if not Configuration.multicontests? |
|
202 | if not Configuration.multicontests? |
|
|
199 | @problems = problem_list_for_user(@user) |
|
203 | @problems = problem_list_for_user(@user) |
|
|
200 | else |
|
204 | else |
|
|
201 | @contest_problems = @user.available_problems_group_by_contests |
|
205 | @contest_problems = @user.available_problems_group_by_contests |
|
|
202 | @problems = @user.available_problems |
|
206 | @problems = @user.available_problems |
|
|
203 | end |
|
207 | end |
|
|
204 | @prob_submissions = {} |
|
208 | @prob_submissions = {} |
|
|
205 | @problems.each do |p| |
|
209 | @problems.each do |p| |
|
|
206 | sub = Submission.find_last_by_user_and_problem(@user.id,p.id) |
|
210 | sub = Submission.find_last_by_user_and_problem(@user.id,p.id) |
|
|
207 | if sub!=nil |
|
211 | if sub!=nil |
|
|
208 | @prob_submissions[p.id] = { :count => sub.number, :submission => sub } |
|
212 | @prob_submissions[p.id] = { :count => sub.number, :submission => sub } |
|
|
209 | else |
|
213 | else |
|
|
210 | @prob_submissions[p.id] = { :count => 0, :submission => nil } |
|
214 | @prob_submissions[p.id] = { :count => 0, :submission => nil } |
|
|
211 | end |
|
215 | end |
|
|
212 | end |
|
216 | end |
|
|
213 | prepare_announcements |
|
217 | prepare_announcements |
|
|
214 | end |
|
218 | end |
|
|
215 |
|
219 | ||
|
|
216 | def check_viewability |
|
220 | def check_viewability |
|
|
217 | @user = User.find(session[:user_id]) |
|
221 | @user = User.find(session[:user_id]) |
|
|
218 | if (!Configuration.show_tasks_to?(@user)) and |
|
222 | if (!Configuration.show_tasks_to?(@user)) and |
|
|
219 | ((action_name=='submission') or (action_name=='submit')) |
|
223 | ((action_name=='submission') or (action_name=='submit')) |
|
|
220 | redirect_to :action => 'list' and return |
|
224 | redirect_to :action => 'list' and return |
|
|
221 | end |
|
225 | end |
|
|
222 | end |
|
226 | end |
|
|
223 |
|
227 | ||
|
|
224 | def prepare_grading_result(submission) |
|
228 | def prepare_grading_result(submission) |
|
|
225 | if Configuration.task_grading_info.has_key? submission.problem.name |
|
229 | if Configuration.task_grading_info.has_key? submission.problem.name |
|
|
226 | grading_info = Configuration.task_grading_info[submission.problem.name] |
|
230 | grading_info = Configuration.task_grading_info[submission.problem.name] |
|
|
227 | else |
|
231 | else |
|
|
228 | # guess task info from problem.full_score |
|
232 | # guess task info from problem.full_score |
|
|
229 | cases = submission.problem.full_score / 10 |
|
233 | cases = submission.problem.full_score / 10 |
|
|
230 | grading_info = { |
|
234 | grading_info = { |
|
|
231 | 'testruns' => cases, |
|
235 | 'testruns' => cases, |
|
|
232 | 'testcases' => cases |
|
236 | 'testcases' => cases |
|
|
233 | } |
|
237 | } |
|
|
234 | end |
|
238 | end |
|
|
235 | @test_runs = [] |
|
239 | @test_runs = [] |
|
|
236 | if grading_info['testruns'].is_a? Integer |
|
240 | if grading_info['testruns'].is_a? Integer |
|
|
237 | trun_count = grading_info['testruns'] |
|
241 | trun_count = grading_info['testruns'] |
|
|
238 | trun_count.times do |i| |
|
242 | trun_count.times do |i| |
|
|
239 | @test_runs << [ read_grading_result(@user.login, |
|
243 | @test_runs << [ read_grading_result(@user.login, |
|
|
240 | submission.problem.name, |
|
244 | submission.problem.name, |
|
|
241 | submission.id, |
|
245 | submission.id, |
|
|
242 | i+1) ] |
|
246 | i+1) ] |
|
|
243 | end |
|
247 | end |
|
|
244 | else |
|
248 | else |
|
|
245 | grading_info['testruns'].keys.sort.each do |num| |
|
249 | grading_info['testruns'].keys.sort.each do |num| |
|
|
246 | run = [] |
|
250 | run = [] |
|
|
247 | testrun = grading_info['testruns'][num] |
|
251 | testrun = grading_info['testruns'][num] |
|
|
248 | testrun.each do |c| |
|
252 | testrun.each do |c| |
|
|
249 | run << read_grading_result(@user.login, |
|
253 | run << read_grading_result(@user.login, |
|
|
250 | submission.problem.name, |
|
254 | submission.problem.name, |
|
|
251 | submission.id, |
|
255 | submission.id, |
|
|
252 | c) |
|
256 | c) |
|
|
253 | end |
|
257 | end |
|
|
254 | @test_runs << run |
|
258 | @test_runs << run |
|
|
255 | end |
|
259 | end |
|
|
256 | end |
|
260 | end |
|
|
257 | end |
|
261 | end |
|
|
258 |
|
262 | ||
You need to be logged in to leave comments.
Login now