cafe-grader-web Commit - r799:584294790340

cafe-grader-web

Commit `r799:584294790340` public

parent | child

Description:

add TA roles

Commit status:

[Not Reviewed]

References:

algo

Diff options:

| | | |

Comments:

0 Commit comments 0 Inline Comments

Unresolved TODOs:

There are no unresolved TODOs

Add another comment

r799:584294790340 - Wed, 02 Sep 2020 16:49:10 - 6 files changed: 82 inserted, 53 deleted

app/controllers/submissions_controller.rb ¶ +2 -3

                   @submission = Submission.find(params[:id])
                   @task = @submission.task
                   @task.status_inqueue! if @task
                   respond_to do |format|
                     format.js
                   end
                 end
               protected
                 def submission_authorization
                   #admin always has privileged
-            -     if @current_user.admin?
-            -       return true
-            -     end
+            +     return true if @current_user.admin?
+            +     return true if @current_user.has_role?('TA') && (['show','download'].include? action_name)
                   sub = Submission.find(params[:id])
                   if @current_user.available_problems.include? sub.problem
                     return true if GraderConfiguration["right.user_view_submission"] or sub.user == @current_user
                   end
                   #default to NO
                   unauthorized_redirect
                   return false
                 end

app/controllers/user_admin_controller.rb ¶ +23 -26

                   if params[:reset_timer]
                     logout_users(users)
                   end
                   flash[:notice] = 'User(s) ' + note.join(', ') +
                     ' were successfully modified.  '
                   redirect_to :action => 'contest_management'
                 end
                 # admin management
                 def admin
-            -     @admins = User.all.find_all {|user| user.admin? }
+            +     @admins = Role.where(name: 'admin').take.users
+            +     @tas = Role.where(name: 'ta').take.users
                 end
-            -   def grant_admin
-            -     login = params[:login]
-            -     user = User.find_by_login(login)
-            -     if user!=nil
-            -       admin_role = Role.find_by_name('admin')
-            -       user.roles << admin_role
-            -     else
-            -       flash[:notice] = 'Unknown user'
+            +   def modify_role
+            +     user = User.find_by_login(params[:login])
+            +     role = Role.find_by_name(params[:role])
+            +     unless user && role
+            +       flash[:error] = 'Unknown user or role'
+            +       redirect_to admin_user_admin_index_path
+            +       return
                   end
-            -     flash[:notice] = 'User added as admins'
-            -     redirect_to :action => 'admin'
-            -   end
+            -
-            -   def revoke_admin
-            -     user = User.find(params[:id])
-            -     if user==nil
-            -       flash[:notice] = 'Unknown user'
-            -       redirect_to :action => 'admin' and return
-            -     elsif user.login == 'root'
-            -       flash[:notice] = 'You cannot revoke admisnistrator permission from root.'
-            -       redirect_to :action => 'admin' and return
+            +     if params[:commit] == 'Grant'
+            +       #grant role
+            +       user.roles << role
+            +       flash[:notice] = "User '#{user.login}' has been granted the role '#{role.name}'"
+            +     else
+            +       #revoke role
+            +       if user.login == 'root' && role.name == 'admin'
+            +         flash[:error] = 'You cannot revoke admisnistrator permission from root.'
+            +         redirect_to admin_user_admin_index_path
+            +         return
+            +       end
+            +       user.roles.delete(role)
+            +       flash[:notice] = "The role '#{role.name}' has been revoked from User '#{user.login}'"
                   end
+            -
-            -     admin_role = Role.find_by_name('admin')
-            -     user.roles.delete(admin_role)
-            -     flash[:notice] = 'User permission revoked'
-            -     redirect_to :action => 'admin'
+            +     redirect_to admin_user_admin_index_path
                 end
                 # mass mailing
                 def mass_mailing
                 end
                 def bulk_mail
                   lines = params[:login_list]
                   if !lines or lines.blank?
                     flash[:notice] = 'You entered an empty list.'
                     redirect_to :action => 'mass_mailing' and return

app/models/user.rb ¶ +5 -1

                   end
                 end
                 def authenticated?(password)
                   if self.activated
                     hashed_password == User.encrypt(password,self.salt)
                   else
                     false
                   end
                 end
                 def admin?
-            -     self.roles.where(name: 'admin').count > 0
+            +     has_role?('admin')
+            +   end
+            +
+            +   def has_role?(role)
+            +     self.roles.where(name: role).count > 0
                 end
                 def email_for_editing
                   if self.email==nil
                     "(unknown)"
                   elsif self.email==''
                     "(blank)"
                   else
                     self.email
                   end
                 end

app/views/user_admin/admin.html.haml ¶ +50 -21

		@@ -1,25 +1,54
1		- %h1 Administrators
	1	+ %h1 Modify Role
	2	+ .row
	3	+ .col-md-6
	4	+ %h4 Administrators
	5	+ = form_tag modify_role_user_admin_index_path, method: 'post', class: 'form-inline' do
	6	+ = hidden_field_tag :role, 'admin'
	7	+ .form-group
	8	+ = label_tag :login, 'Grant admin role to:'
	9	+ = text_field_tag 'login',nil, class: 'form-control'
	10	+ .form-group
	11	+ = submit_tag 'Grant', class: 'btn btn-primary'
	12	+ %br
	13	+ %table.table.table-condense.table-hover.table-striped.table-bordered
	14	+ %thead{:class => 'info-head'}
	15	+ %th #
	16	+ %th Login
	17	+ %th Full name
	18	+ %th
	19	+ - @admins.each_with_index do \|user, i\|
	20	+ %tr
	21	+ %td= i+1
	22	+ %td= user.login
	23	+ %td= user.full_name
	24	+ %td
	25	+ - if user.login!='root'
	26	+ = link_to '[revoke]', modify_role_user_admin_index_path( login: user.login, role: 'admin', commit: 'revoke')
	27	+ .col-md-6
	28	+ %h4 Teacher Assistants (TA)
	29	+ = form_tag modify_role_user_admin_index_path, method: 'post', class: 'form-inline' do
	30	+ = hidden_field_tag :role, 'TA'
	31	+ .form-group
	32	+ = label_tag :login, 'Grant TA role to:'
	33	+ = text_field_tag 'login',nil, class: 'form-control'
	34	+ .form-group
	35	+ = submit_tag 'Grant', class: 'btn btn-primary'
	36	+ %br
	37	+ %table.table.table-condense.table-hover.table-striped.table-bordered
	38	+ %thead{:class => 'info-head'}
	39	+ %th #
	40	+ %th Login
	41	+ %th Full name
	42	+ %th
	43	+ - @tas.each_with_index do \|user, i\|
	44	+ %tr
	45	+ %td= i+1
	46	+ %td= user.login
	47	+ %td= user.full_name
	48	+ %td
	49	+ - if user.login!='root'
	50	+ = link_to '[revoke]', modify_role_user_admin_index_path( login: user.login, role: 'TA', commit: 'revoke')
2	51
3		- %table{:class => 'info'}
4		- %tr{:class => 'info-head'}
5		- %th #
6		- %th Login
7		- %th Full name
8		- %th
9		- - @admins.each_with_index do \|user, i\|
10		- %tr
11		- %td= i+1
12		- %td= user.login
13		- %td= user.full_name
14		- %td
15		- - if user.login!='root'
16		- = link_to '[revoke]', :action => 'revoke_admin', :id => user.id
17		- %hr
18		-
19		- = form_tag :action => 'grant_admin' do
20		- = label_tag :login, 'Grant admin permission to:'
21		- = text_field_tag 'login',nil, class: 'input-field'
22		- = submit_tag 'Grant', class: 'btn btn-primary'
23	52
24	53	%hr/
25	54	= link_to '[go back to index]', :action => 'index'

config/routes.rb ¶ +1 -2

                 #user admin
                 resources :user_admin  do
                   collection do
                     match 'bulk_manage', via: [:get, :post]
                     get 'bulk_mail'
                     get 'user_stat'
                     get 'import'
                     get 'new_list'
                     get 'admin'
                     get 'active'
                     get 'mass_mailing'
-            -       get 'revoke_admin'
-            -       post 'grant_admin'
+            +       match 'modify_role', via: [:get, :post]
                     match 'create_from_list', via: [:get, :post]
                     match 'random_all_passwords', via: [:get, :post]
                   end
                   member do
                     get 'clear_last_ip'
                   end
                 end
                 resources :contest_management, only: [:index] do
                   collection do
                     get 'user_stat'
                     get 'clear_stat'

db/seeds.rb ¶ +1

                     desc = conf[:description]
                   else
                     desc = ''
                   end
                   create_configuration_key(conf[:key],
                                            conf[:value_type],
                                            conf[:default_value],
                                            desc)
                 end
               end
               def seed_roles
+            +   Role.find_or_create_by(name: 'TA')
                 return if Role.find_by_name('admin')
                 role = Role.create(:name => 'admin')
                 user_admin_right = Right.create(:name => 'user_admin',
                                                 :controller => 'user_admin',
                                                 :action => 'all')
                 problem_admin_right = Right.create(:name=> 'problem_admin',
                                                    :controller => 'problems',
                                                    :action => 'all')
                 graders_right = Right.create(:name => 'graders_admin',
                                              :controller => 'graders',

Write
Preview

You need to be logged in to leave comments. Login now

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository permissions settings

Sign in to your account

Author

r799:584294790340 - Wed, 02 Sep 2020 16:49:10 - 6 files changed: 82 inserted, 53 deleted

Sign in to your account

Commit r799:584294790340 public

Author

r799:584294790340 - Wed, 02 Sep 2020 16:49:10 - 6 files changed: 82 inserted, 53 deleted

Commit `r799:584294790340` public