cafe-grader-web Commit - r282:6dab27215603

cafe-grader-web

Commit `r282:6dab27215603` public

parent | child

Description:

added contest problem access control

Commit status:

[Not Reviewed]

References:

default

Diff options:

| | | |

Comments:

0 Commit comments 0 Inline Comments

Unresolved TODOs:

There are no unresolved TODOs

Add another comment

r282:6dab27215603 - Thu, 04 Mar 2010 17:56:29 - 5 files changed: 77 inserted, 18 deleted

app/controllers/tasks_controller.rb ¶ +28 -13

               class TasksController < ApplicationController
                 before_filter :authenticate, :check_viewability
                 def index
                   redirect_to :action => 'list'
                 end
                 def list
                   @problems = Problem.find_available_problems
-            -     @user = User.find(session[:user_id])
                 end
+            +   # this has contest-wide access control
                 def view
                   base_name = params[:file]
-            -     if !check_user_viewability(base_name)
+            +     base_filename = File.basename("#{base_name}.#{params[:ext]}")
+            +     filename = "#{Problem.download_file_basedir}/#{base_filename}"
+            +
+            +     if !FileTest.exists?(filename)
                     redirect_to :action => 'index' and return
                   end
-            -     base_filename = File.basename("#{base_name}.#{params[:ext]}")
+            +     send_file_to_user(filename, base_filename)
-            -     filename = "#{Problem.download_file_basedir}/#{base_filename}"
+            +   end
-            -     if !check_user_viewability(base_name) or !FileTest.exists?(filename)
+            +   # this has problem-level access control
+            +   def download
+            +     problem = Problem.find(params[:id])
+            +     if !problem or !problem.available or !@user.can_view_problem? problem
                     redirect_to :action => 'index' and return
                   end
+            +     base_name = params[:file]
+            +     base_filename = File.basename("#{base_name}.#{params[:ext]}")
+            +     filename = "#{Problem.download_file_basedir}/#{params[:id]}/#{base_filename}"
+            +     puts "SENDING: #{filename}"
+            +
+            +     if !FileTest.exists?(filename)
+            +       redirect_to :action => 'index' and return
+            +     end
+            +
+            +     puts "SENDING: #{filename}"
+            +
+            +     send_file_to_user(filename, base_filename)
+            +   end
+            +
+            +   protected
+            +
+            +   def send_file_to_user(filename, base_filename)
                   if defined?(USE_APACHE_XSENDFILE) and USE_APACHE_XSENDFILE
                     response.headers['Content-Type'] = "application/force-download"
                     response.headers['Content-Disposition'] = "attachment; filename=\"#{File.basename(filename)}\""
                     response.headers["X-Sendfile"] = filename
                     response.headers['Content-length'] = File.size(filename)
                     render :nothing => true
                   else
                     if params[:ext]=='pdf'
                       content_type = 'application/pdf'
                     else
                       content_type = 'application/octet-stream'
                     end
                     send_file filename, :stream => false, :filename => base_filename, :type => content_type
                   end
                 end
-            -   protected
                 def check_viewability
                   @user = User.find(session[:user_id])
                   if @user==nil or !Configuration.show_tasks_to?(@user)
                     redirect_to :controller => 'main', :action => 'list'
                     return false
                   end
                 end
-            -   def check_user_viewability(filename)
-            -     # individual file access control shall be added here
-            -     return false if not @user
-            -     return Configuration.show_tasks_to?(@user)
-            -   end
               end

app/helpers/main_helper.rb ¶ +2 -1

               module MainHelper
                 def link_to_description_if_any(name, problem, options={})
                   if !problem.url.blank?
                     return link_to name, problem.url, options
                   elsif !problem.description_filename.blank?
                     basename, ext = problem.description_filename.split('.')
                     options[:controller] = 'tasks'
-            -       options[:action] = 'view'
+            +       options[:action] = 'download'
+            +       options[:id] = problem.id
                     options[:file] = basename
                     options[:ext] = ext
                     return link_to name, options
                   else
                     return ''
                   end
                 end
               end

app/models/user.rb ¶ +23

                   end
                 end
                 def update_start_time
                   stat = self.contest_stat
                   if stat == nil
                     stat = UserContestStat.new(:user => self,
                                                :started_at => Time.now.gmtime)
                     stat.save
                   end
                 end
+            +   def problem_in_user_contests?(problem)
+            +     problem_contests = problem.contests.all
+            +
+            +     if problem_contests.length == 0   # this is public contest
+            +       return true
+            +     end
+            +
+            +     contests.each do |contest|
+            +       if problem_contests.find {|c| c.id == contest.id }
+            +         return true
+            +       end
+            +     end
+            +     return false
+            +   end
+            +
+            +   def can_view_problem?(problem)
+            +     if not Configuration.multicontests?
+            +       return problem.available
+            +     else
+            +       return problem_in_user_contests? problem
+            +     end
+            +   end
+            +
                 protected
                   def encrypt_new_password
                     return if password.blank?
                     self.salt = (10+rand(90)).to_s
                     self.hashed_password = User.encrypt(self.password,self.salt)
                   end
                   def assign_default_site
                     # have to catch error when migrating (because self.site is not available).
                     begin
                       if self.site==nil
                         self.site = Site.find_by_name('default')

config/routes.rb ¶ +1

                 # map.purchase 'products/:id/purchase', :controller => 'catalog', :action => 'purchase'
                 # This route can be invoked with purchase_url(:id => product.id)
                 # You can have the root of your site routed by hooking up ''
                 # -- just remember to delete public/index.html.
                 map.connect '', :controller => 'main', :action => 'login'
                 # Allow downloading Web Service WSDL as a file with an extension
                 # instead of a file named 'wsdl'
                 map.connect ':controller/service.wsdl', :action => 'wsdl'
                 map.connect 'tasks/view/:file.:ext', :controller => 'tasks', :action => 'view'
+            +   map.connect 'tasks/download/:id/:file.:ext', :controller => 'tasks', :action => 'download'
                 # Install the default route as the lowest priority.
                 map.connect ':controller/:action/:id.:format'
                 map.connect ':controller/:action/:id'
               end

lib/testdata_importer.rb ¶ +23 -4

                 def self.long_ext(filename)
                   i = filename.index('.')
                   len = filename.length
                   return filename.slice(i..len)
                 end
                 def extract(tempfile)
                   testdata_filename = save_testdata_file(tempfile)
                   ext = TestdataImporter.long_ext(tempfile.original_filename)
                   extract_dir = File.join(GraderScript.raw_dir, @problem.name)
-            -     begin
+            +     if File.exists? extract_dir
-            -       Dir.mkdir extract_dir
+            +       backup_count = 0
-            -     rescue Errno::EEXIST
+            +       begin
+            +         backup_count += 1
+            +         backup_dirname = "#{extract_dir}.backup.#{backup_count}"
+            +       end while File.exists? backup_dirname
+            +       File.rename(extract_dir, backup_dirname)
                   end
+            +     Dir.mkdir extract_dir
                   if ext=='.tar.gz' or ext=='.tgz'
                     cmd = "tar -zxvf #{testdata_filename} -C #{extract_dir}"
                   elsif ext=='.tar'
                     cmd = "tar -xvf #{testdata_filename} -C #{extract_dir}"
                   elsif ext=='.zip'
                     cmd = "unzip -o #{testdata_filename} -d #{extract_dir}"
                   else
                     return nil
                   end
                   system(cmd)
                     description.body = open(filename).read
                     description.save
                     @problem.description = description
                     @problem.save
                     return "\nProblem description imported from #{filename}."
                   else
                     return ''
                   end
                 end
                 def import_problem_pdf(dirname)
                   pdf_files = Dir["#{dirname}/*.pdf"]
+            +     puts "CHECKING... #{dirname}"
                   if pdf_files.length != 0
+            +       puts "HAS PDF FILE"
                     filename = pdf_files[0]
-            -       out_filename = "#{Problem.download_file_basedir}/#{@problem.name}.pdf"
+            +       @problem.save if not @problem.id
+            +       out_dirname = "#{Problem.download_file_basedir}/#{@problem.id}"
+            +       if not FileTest.exists? out_dirname
+            +         Dir.mkdir out_dirname
+            +       end
+            +
+            +       out_filename = "#{out_dirname}/#{@problem.name}.pdf"
+            +
+            +       if FileTest.exists? out_filename
+            +         File.delete out_filename
+            +       end
+            +
                     File.rename(filename, out_filename)
                     @problem.description_filename = "#{@problem.name}.pdf"
                     @problem.save
                     return "\nProblem pdf imported from #{filename}."
                   else
                     return ""
                   end
                 end
               end

Write
Preview

You need to be logged in to leave comments. Login now

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository permissions settings

Sign in to your account

Author

r282:6dab27215603 - Thu, 04 Mar 2010 17:56:29 - 5 files changed: 77 inserted, 18 deleted

Sign in to your account

Commit r282:6dab27215603 public

Author

r282:6dab27215603 - Thu, 04 Mar 2010 17:56:29 - 5 files changed: 77 inserted, 18 deleted

Commit `r282:6dab27215603` public