cafe-grader-web Commit - r784:73e8782d729d

cafe-grader-web

Commit `r784:73e8782d729d` public

parent | child

Description:

fix whitelisting bugs fix report bug

Commit status:

[Not Reviewed]

References:

algo

Diff options:

| | | |

Comments:

0 Commit comments 0 Inline Comments

Unresolved TODOs:

There are no unresolved TODOs

Add another comment

r784:73e8782d729d - Mon, 04 Nov 2019 09:01:41 - 5 files changed: 58 inserted, 54 deleted

app/controllers/application_controller.rb ¶ +10 -9

               require 'ipaddr'
               class ApplicationController < ActionController::Base
                 protect_from_forgery
                 before_action :current_user
                 SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode'
                 MULTIPLE_IP_LOGIN_CONF_KEY = 'right.multiple_ip_login'
-            -   ALLOW_WHITELIST_IP_ONLY_CONF_KEY = 'right.allow_whitelist_ip_only'
+            +   WHITELIST_IGNORE_CONF_KEY = 'right.whitelist_ignore'
                 WHITELIST_IP_CONF_KEY = 'right.whitelist_ip'
                 #report and redirect for unauthorized activities
                 def unauthorized_redirect(notice = 'You are not authorized to view the page you requested')
                   flash[:notice] = notice
                   redirect_to login_main_path
                 end
                 # Returns the current logged-in user (if any).
                 def current_user
                   return nil unless session[:user_id]
                   @current_user ||= User.find(session[:user_id])
                 end
                 def admin_authorization
                   return false unless check_valid_login
                   user = User.includes(:roles).find(session[:user_id])
                   unless user.admin?
                     unauthorized_redirect
                     return false
                   end
                   return true
                 end
                 def authorization_by_roles(allowed_roles)
                   return false unless check_valid_login
                   user = User.find(session[:user_id])
                   unless user.roles.detect { |role| allowed_roles.member?(role.name) }
                     unauthorized_redirect
                     return false
                   end
                 end
                 def testcase_authorization
                   #admin always has privileged
                   if @current_user.admin?
                     return true
                   end
                   unauthorized_redirect unless GraderConfiguration["right.view_testcase"]
                 end
                 protected
                 #redirect to root (and also force logout)
                 #if the user is not logged_in or the system is in "ADMIN ONLY" mode
                 def check_valid_login
                   #check if logged in
                   unless session[:user_id]
                     if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY]
                       unauthorized_redirect('You need to login but you cannot log in at this time')
                     else
                       unauthorized_redirect('You need to login')
                     end
                     return false
                   end
                   # check if run in single user mode
                   if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY]
                     if @current_user==nil || (!@current_user.admin?)
                       unauthorized_redirect('You cannot log in at this time')
                       return false
                     end
                   end
                   # check if the user is enabled
                   unless @current_user.enabled? || @current_user.admin?
                     unauthorized_redirect 'Your account is disabled'
                     return false
                   end
                   # check if user ip is allowed
-            -     unless @current_user.admin? || !GraderConfiguration[ALLOW_WHITELIST_IP_ONLY_CONF_KEY]
+            +     unless @current_user.admin? || GraderConfiguration[WHITELIST_IGNORE_CONF_KEY]
                     unless is_request_ip_allowed?
-            -         unauthorized_redirect 'Your IP is not allowed'
+            +         unauthorized_redirect 'Your IP is not allowed to login at this time.'
                       return false
                     end
                   end
                   if GraderConfiguration.multicontests?
                     return true if @current_user.admin?
                     begin
                       if @current_user.contest_stat(true).forced_logout
                         flash[:notice] = 'You have been automatically logged out.'
                         redirect_to :controller => 'main', :action => 'index'
                       end
                     rescue
                     end
                   end
                   return true
                 end
                 #redirect to root (and also force logout)
                 #if the user use different ip from the previous connection
                 #  only applicable when MULTIPLE_IP_LOGIN options is false only
                 def authenticate_by_ip_address
                   #this assume that we have already authenticate normally
                   unless GraderConfiguration[MULTIPLE_IP_LOGIN_CONF_KEY]
                     user = User.find(session[:user_id])
-            -       puts "User admin #{user.admin?}"
                     if (!user.admin? && user.last_ip && user.last_ip != request.remote_ip)
                       flash[:notice] = "You cannot use the system from #{request.remote_ip}. Your last ip is #{user.last_ip}"
-            -         puts "hahaha"
                       redirect_to :controller => 'main', :action => 'login'
                       return false
                     end
                     unless user.last_ip
                       user.last_ip = request.remote_ip
                       user.save
                     end
                   end
                   return true
                 end
                 def authorization
                   return false unless check_valid_login
                   user = User.find(session[:user_id])
                   unless user.roles.detect { |role|
                       role.rights.detect{ |right|
                         right.controller == self.class.controller_name and
                           (right.action == 'all' || right.action == action_name)
                       }
                     }
                     flash[:notice] = 'You are not authorized to view the page you requested'
                     #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login')
                     redirect_to :controller => 'main', :action => 'login'
                     return false
                   end
                 end
                 def verify_time_limit
                   return true if session[:user_id]==nil
                   user = User.find(session[:user_id], :include => :site)
                   return true if user==nil || user.site == nil
                   if user.contest_finished?
                     flash[:notice] = 'Error: the contest you are participating is over.'
                     redirect_to :back
                     return false
                   end
                   return true
                 end
                 def is_request_ip_allowed?
-            -     if GraderConfiguration[ALLOW_WHITELIST_IP_ONLY_CONF_KEY]
+            +     unless GraderConfiguration[WHITELIST_IGNORE_CONF_KEY]
                     user_ip = IPAddr.new(request.remote_ip)
-            -       GraderConfiguration[WHITELIST_IP_LIST_CONF_KEY].delete(' ').split(',').each do |ips|
+            +       GraderConfiguration[WHITELIST_IP_CONF_KEY].delete(' ').split(',').each do |ips|
+            +         puts "ip is #{ips}, user ip is #{user_ip}"
                       allow_ips = IPAddr.new(ips)
-            -         unless allow_ips.includes(user_ip)
+            +         if allow_ips.include?(user_ip)
-            -           return false
+            +           return true
                       end
                     end
+            +       return false
                   end
                   return true
                 end
               end

app/controllers/report_controller.rb ¶ +1 -1

               UNION
                 SELECT l2.*
                   FROM logins l2 INNER JOIN
                   (SELECT l.ip_address,COUNT(DISTINCT u.id) as count
                     FROM logins l
                     INNER JOIN users u ON l.user_id =  u.id
                     WHERE l.created_at >= '#{@since_time.in_time_zone("UTC")}' and l.created_at <= '#{@until_time.in_time_zone("UTC")}'
                     GROUP BY l.ip_address
                     HAVING count > 1
                   ) ml on ml.ip_address = l2.ip_address
                   INNER JOIN users u ON l2.user_id = u.id
                   WHERE l2.created_at >= '#{@since_time.in_time_zone("UTC")}' and l2.created_at <= '#{@until_time.in_time_zone("UTC")}'
               ORDER BY ip_address,created_at
                             SQL
                   @mld = Login.find_by_sql(st)
                   st = <<-SQL
                 SELECT s.id,s.user_id,s.ip_address,s.submitted_at,s.problem_id
                   FROM submissions s INNER JOIN
                   (SELECT u.id,COUNT(DISTINCT ip_address) as count,u.login,u.full_name
                     FROM logins l
                     INNER JOIN users u ON l.user_id =  u.id
                     WHERE l.created_at >= ? and l.created_at <= ?
                     GROUP BY u.id
                     HAVING count > 1
                   ) ml ON s.user_id = ml.id
                   WHERE s.submitted_at >= ? and s.submitted_at <= ?
               UNION
                 SELECT s.id,s.user_id,s.ip_address,s.submitted_at,s.problem_id
                   FROM submissions s INNER JOIN
                   (SELECT l.ip_address,COUNT(DISTINCT u.id) as count
                     FROM logins l
                     INNER JOIN users u ON l.user_id =  u.id
                     WHERE l.created_at >= ? and l.created_at <= ?
                     GROUP BY l.ip_address
                     HAVING count > 1
                   ) ml on ml.ip_address = s.ip_address
                   WHERE s.submitted_at >= ? and s.submitted_at <= ?
               ORDER BY ip_address,submitted_at
                           SQL
                   @subs = Submission.joins(:problem).find_by_sql([st,@since_time,@until_time,
                                                      @since_time,@until_time,
                                                      @since_time,@until_time,
                                                      @since_time,@until_time])
                 end
                 def cheat_scruntinize
                   #convert date & time
                   date_and_time = '%Y-%m-%d %H:%M'
                   begin
                     md = params[:since_datetime].match(/(\d+)-(\d+)-(\d+) (\d+):(\d+)/)
                     @since_time = Time.zone.local(md[1].to_i,md[2].to_i,md[3].to_i,md[4].to_i,md[5].to_i)
                   rescue
                     @since_time = Time.zone.now.ago( 90.minutes)
                   end
                   begin
                     md = params[:until_datetime].match(/(\d+)-(\d+)-(\d+) (\d+):(\d+)/)
                     @until_time = Time.zone.local(md[1].to_i,md[2].to_i,md[3].to_i,md[4].to_i,md[5].to_i)
                   rescue
                     @until_time = Time.zone.now
                   end
                   #convert sid
                   @sid = params[:SID].split(/[,\s]/) if params[:SID]
                   unless @sid and @sid.size > 0
                     return
                     redirect_to actoin: :cheat_scruntinize
                     flash[:notice] = 'Please enter at least 1 student id'
                   end
                   mark = Array.new(@sid.size,'?')
                   condition = "(u.login = " + mark.join(' OR u.login = ') + ')'
                   @st = <<-SQL
                 SELECT l.created_at as submitted_at ,-1 as id,u.login,u.full_name,l.ip_address,"" as problem_id,"" as points,l.user_id
                 FROM logins l INNER JOIN users u on l.user_id  = u.id
                 WHERE l.created_at >= ? AND l.created_at <= ? AND #{condition}
               UNION
                 SELECT s.submitted_at,s.id,u.login,u.full_name,s.ip_address,s.problem_id,s.points,s.user_id
                 FROM submissions s INNER JOIN users u ON s.user_id = u.id
                 WHERE s.submitted_at >= ? AND s.submitted_at <= ? AND #{condition}
               ORDER BY submitted_at
                 SQL
                   p = [@st,@since_time,@until_time] + @sid + [@since_time,@until_time] + @sid
                   @logs = Submission.joins(:problem).find_by_sql(p)
                 end
                 protected
                 def calculate_max_score(problems, users,since_id,until_id, get_last_score = false)
-            -     #score[i] = user #i's user stat where i is the index (not id)
+            +     #scorearray[i] = user #i's user stat where i is the index (not id)
                   scorearray = Array.new
                   users.each do |u|
                     ustat = Array.new
                     ustat[0] = u
                     problems.each do |p|
                       unless get_last_score
                         #get max score
                         max_points = 0
                         Submission.find_in_range_by_user_and_problem(u.id,p.id,since_id,until_id).each do |sub|
                           max_points = sub.points if sub and sub.points and (sub.points > max_points)
                         end
                         ustat << [(max_points.to_f*100/p.full_score).round, (max_points>=p.full_score)]
                       else
                         #get latest score
                         sub = Submission.find_last_by_user_and_problem(u.id,p.id)
                         if (sub!=nil) and (sub.points!=nil) and p and p.full_score
                           ustat << [(sub.points.to_f*100/p.full_score).round, (sub.points>=p.full_score)]
                         else
                           ustat << [0,false]
                         end
                       end
                     end
                     scorearray << ustat
                   end
                   return scorearray
                 end
                 def gen_csv_from_scorearray(scorearray,problem)
                   CSV.generate do |csv|
                     #add header
                     header = ['User','Name', 'Activated?', 'Logged in', 'Contest']
                     problem.each { |p| header << p.name }
                     header += ['Total','Passed']
                     csv << header
                     #add data
                     scorearray.each do |sc|
                       total = num_passed = 0
                       row = Array.new
                       sc.each_index do |i|
                         if i == 0
                           row << sc[i].login
                           row << sc[i].full_name
                           row << sc[i].activated
                           row << (sc[i].try(:contest_stat).try(:started_at)!=nil ? 'yes' : 'no')
                           row << sc[i].contests.collect {|c| c.name}.join(', ')
                         else
                           row << sc[i][0]
                           total += sc[i][0]
                           num_passed += 1 if sc[i][1]
                         end
                       end
                       row << total
                       row << num_passed
                       csv << row
                     end
                   end
                 end
               end

app/views/report/_score_table.html.haml ¶ +5 -3

               %table.table.sortable.table-striped.table-bordered.table-condensed
                 %thead
                   %tr
                     %th Login
                     %th Name
                     / %th Activated?
                     / %th Logged_in
                     / %th Contest(s)
                     %th Remark
                     - @problems.each do |p|
                       %th.text-right= p.name.gsub('_',' ')
                     %th.text-right Total
                     %th.text-right Passed
                 %tbody
-            -     - sum = Array.new(@problems.count,0)
+            +     - sum = Array.new(@problems.count+1,0)
-            -     - nonzero = Array.new(@problems.count,0)
+            +     - nonzero = Array.new(@problems.count+1,0)
-            -     - full = Array.new(@problems.count,0)
+            +     - full = Array.new(@problems.count+1,0)
+            +     - puts @scorearray
+            +     - puts @problems.count
                   - @scorearray.each do |sc|
                     %tr
                       - total,num_passed = 0,0
                       - sc.each_index do |i|
                         - if i == 0
                           %td= link_to sc[i].login, stat_user_path(sc[i])
                           %td= sc[i].full_name
                           / %td= sc[i].activated
                           / %td= sc[i].try(:contest_stat).try(:started_at) ? 'yes' : 'no'
                           / %td= sc[i].contests.collect {|c| c.name}.join(', ')
                           %td= sc[i].remark
                         - else
                           %td.text-right= sc[i][0]
                           - total += sc[i][0]
                           - num_passed += 1 if sc[i][1]
                           - sum[i] += sc[i][0]
                           - nonzero[i] += 1 if sc[i][0] > 0
                           - full[i] += 1 if sc[i][1]
                       %td.text-right= total
                       %td.text-right= num_passed
                   %tfoot
                     %tr
                       %td Summation
                       %td
                       %td
                       - sum.each.with_index do |s,i|
                         - next if i == 0
                         %td.text-right= number_with_delimiter(s)
                       %td
                       %td
                     %tr
                       %td partial solver
                       %td
                       %td
                       - nonzero.each.with_index do |s,i|
                         - next if i == 0
                         %td.text-right= number_with_delimiter(s)
                       %td
                       %td
                     %tr
                       %td Full solver
                       %td
                       %td
                       - full.each.with_index do |s,i|
                         - next if i == 0
                         %td.text-right= number_with_delimiter(s)
                       %td
                       %td
               :javascript
                 $.bootstrapSortable(true,'reversed')

db/schema.rb ¶ +37 -36

               # This file is auto-generated from the current state of the database. Instead
               # of editing this file, please use the migrations feature of Active Record to
               # incrementally modify your database, and then regenerate this schema definition.
               #
               # Note that this schema.rb definition is the authoritative source for your
               # database schema. If you need to create the application database on another
               # system, you should be using db:schema:load, not running all the migrations
               # from scratch. The latter is a flawed and unsustainable approach (the more migrations
               # you'll amass, the slower it'll run and the greater likelihood for issues).
               #
               # It's strongly recommended that you check this file into your version control system.
               ActiveRecord::Schema.define(version: 2018_06_12_102327) do
-            -   create_table "announcements", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "announcements", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.string "author"
                   t.text "body"
                   t.boolean "published"
                   t.datetime "created_at"
                   t.datetime "updated_at"
                   t.boolean "frontpage", default: false
                   t.boolean "contest_only", default: false
                   t.string "title"
                   t.string "notes"
                 end
-            -   create_table "contests", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "contests", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.string "title"
                   t.boolean "enabled"
                   t.datetime "created_at"
                   t.datetime "updated_at"
                   t.string "name"
                 end
-            -   create_table "contests_problems", id: false, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "contests_problems", id: false, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "contest_id"
                   t.integer "problem_id"
                 end
-            -   create_table "contests_users", id: false, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "contests_users", id: false, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "contest_id"
                   t.integer "user_id"
                 end
-            -   create_table "countries", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "countries", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.string "name"
                   t.datetime "created_at"
                   t.datetime "updated_at"
                 end
-            -   create_table "descriptions", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "descriptions", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.text "body"
                   t.boolean "markdowned"
                   t.datetime "created_at"
                   t.datetime "updated_at"
                 end
-            -   create_table "grader_configurations", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "grader_configurations", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.string "key"
                   t.string "value_type"
                   t.string "value"
                   t.datetime "created_at"
                   t.datetime "updated_at"
                   t.text "description"
                 end
-            -   create_table "grader_processes", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "grader_processes", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.string "host"
                   t.integer "pid"
                   t.string "mode"
                   t.boolean "active"
                   t.datetime "created_at"
                   t.datetime "updated_at"
                   t.integer "task_id"
                   t.string "task_type"
                   t.boolean "terminated"
-            -     t.index ["host", "pid"], name: "index_grader_processes_on_ip_and_pid"
+            +     t.index ["host", "pid"], name: "index_grader_processes_on_host_and_pid"
                 end
-            -   create_table "groups", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci", force: :cascade do |t|
+            +   create_table "groups", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.string "name"
                   t.string "description"
                 end
-            -   create_table "groups_problems", id: false, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci", force: :cascade do |t|
+            +   create_table "groups_problems", id: false, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "problem_id", null: false
                   t.integer "group_id", null: false
                   t.index ["group_id", "problem_id"], name: "index_groups_problems_on_group_id_and_problem_id"
                 end
-            -   create_table "groups_users", id: false, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci", force: :cascade do |t|
+            +   create_table "groups_users", id: false, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "group_id", null: false
                   t.integer "user_id", null: false
                   t.index ["user_id", "group_id"], name: "index_groups_users_on_user_id_and_group_id"
                 end
                 create_table "heart_beats", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "user_id"
                   t.string "ip_address"
-            -     t.datetime "created_at", null: false
+            +     t.datetime "created_at"
-            -     t.datetime "updated_at", null: false
+            +     t.datetime "updated_at"
                   t.string "status"
                   t.index ["updated_at"], name: "index_heart_beats_on_updated_at"
                 end
-            -   create_table "languages", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "languages", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.string "name", limit: 10
                   t.string "pretty_name"
                   t.string "ext", limit: 10
                   t.string "common_ext"
                 end
                 create_table "logins", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "user_id"
                   t.string "ip_address"
-            -     t.datetime "created_at", null: false
+            +     t.datetime "created_at"
-            -     t.datetime "updated_at", null: false
+            +     t.datetime "updated_at"
                 end
-            -   create_table "messages", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "messages", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "sender_id"
                   t.integer "receiver_id"
                   t.integer "replying_message_id"
                   t.text "body"
                   t.boolean "replied"
                   t.datetime "created_at"
                   t.datetime "updated_at"
                 end
-            -   create_table "problems", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "problems", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.string "name", limit: 30
                   t.string "full_name"
                   t.integer "full_score"
                   t.date "date_added"
                   t.boolean "available"
                   t.string "url"
                   t.integer "description_id"
                   t.boolean "test_allowed"
                   t.boolean "output_only"
                   t.string "description_filename"
                   t.boolean "view_testcase"
                 end
-            -   create_table "problems_tags", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci", force: :cascade do |t|
+            +   create_table "problems_tags", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "problem_id"
                   t.integer "tag_id"
                   t.index ["problem_id", "tag_id"], name: "index_problems_tags_on_problem_id_and_tag_id", unique: true
                   t.index ["problem_id"], name: "index_problems_tags_on_problem_id"
                   t.index ["tag_id"], name: "index_problems_tags_on_tag_id"
                 end
-            -   create_table "rights", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "rights", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.string "name"
                   t.string "controller"
                   t.string "action"
                 end
-            -   create_table "rights_roles", id: false, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "rights_roles", id: false, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "right_id"
                   t.integer "role_id"
                   t.index ["role_id"], name: "index_rights_roles_on_role_id"
                 end
-            -   create_table "roles", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "roles", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.string "name"
                 end
-            -   create_table "roles_users", id: false, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "roles_users", id: false, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "role_id"
                   t.integer "user_id"
                   t.index ["user_id"], name: "index_roles_users_on_user_id"
                 end
-            -   create_table "sessions", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "sessions", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.string "session_id"
                   t.text "data"
                   t.datetime "updated_at"
                   t.index ["session_id"], name: "index_sessions_on_session_id"
                   t.index ["updated_at"], name: "index_sessions_on_updated_at"
                 end
-            -   create_table "sites", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "sites", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.string "name"
                   t.boolean "started"
                   t.datetime "start_time"
                   t.datetime "created_at"
                   t.datetime "updated_at"
                   t.integer "country_id"
                   t.string "password"
                 end
                 create_table "submission_view_logs", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "user_id"
                   t.integer "submission_id"
-            -     t.datetime "created_at", null: false
+            +     t.datetime "created_at"
-            -     t.datetime "updated_at", null: false
+            +     t.datetime "updated_at"
                 end
-            -   create_table "submissions", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "submissions", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "user_id"
                   t.integer "problem_id"
                   t.integer "language_id"
                   t.text "source", limit: 16777215
                   t.binary "binary"
                   t.datetime "submitted_at"
                   t.datetime "compiled_at"
                   t.text "compiler_message"
                   t.datetime "graded_at"
                   t.integer "points"
                   t.text "grader_comment"
                   t.integer "number"
                   t.string "source_filename"
                   t.float "max_runtime"
                   t.integer "peak_memory"
                   t.integer "effective_code_length"
                   t.string "ip_address"
                   t.index ["user_id", "problem_id", "number"], name: "index_submissions_on_user_id_and_problem_id_and_number", unique: true
                   t.index ["user_id", "problem_id"], name: "index_submissions_on_user_id_and_problem_id"
                 end
-            -   create_table "tags", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci", force: :cascade do |t|
+            +   create_table "tags", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.string "name", null: false
                   t.text "description"
                   t.boolean "public"
                   t.datetime "created_at", null: false
                   t.datetime "updated_at", null: false
                 end
-            -   create_table "tasks", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "tasks", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "submission_id"
                   t.datetime "created_at"
                   t.integer "status"
                   t.datetime "updated_at"
                   t.index ["submission_id"], name: "index_tasks_on_submission_id"
                 end
-            -   create_table "test_pairs", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "test_pairs", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "problem_id"
                   t.text "input", limit: 16777215
                   t.text "solution", limit: 16777215
                   t.datetime "created_at"
                   t.datetime "updated_at"
                 end
-            -   create_table "test_requests", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "test_requests", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "user_id"
                   t.integer "problem_id"
                   t.integer "submission_id"
                   t.string "input_file_name"
                   t.string "output_file_name"
                   t.string "running_stat"
                   t.integer "status"
                   t.datetime "updated_at"
                   t.datetime "submitted_at"
                   t.datetime "compiled_at"
                   t.text "compiler_message"
                   t.datetime "graded_at"
                   t.string "grader_comment"
                   t.datetime "created_at"
                   t.float "running_time"
                   t.string "exit_status"
                   t.integer "memory_usage"
                   t.index ["user_id", "problem_id"], name: "index_test_requests_on_user_id_and_problem_id"
                 end
-            -   create_table "testcases", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci", force: :cascade do |t|
+            +   create_table "testcases", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "problem_id"
                   t.integer "num"
                   t.integer "group"
                   t.integer "score"
                   t.text "input", limit: 4294967295
                   t.text "sol", limit: 4294967295
                   t.datetime "created_at"
                   t.datetime "updated_at"
                   t.index ["problem_id"], name: "index_testcases_on_problem_id"
                 end
-            -   create_table "user_contest_stats", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "user_contest_stats", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.integer "user_id"
                   t.datetime "started_at"
                   t.datetime "created_at"
                   t.datetime "updated_at"
+            +     t.boolean "forced_logout"
                 end
-            -   create_table "users", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t|
+            +   create_table "users", id: :integer, options: "ENGINE=InnoDB DEFAULT CHARSET=latin1", force: :cascade do |t|
                   t.string "login", limit: 50
                   t.string "full_name"
                   t.string "hashed_password"
                   t.string "salt", limit: 5
                   t.string "alias"
                   t.string "email"
                   t.integer "site_id"
                   t.integer "country_id"
                   t.boolean "activated", default: false
                   t.datetime "created_at"
                   t.datetime "updated_at"
                   t.string "section"
                   t.boolean "enabled", default: true
                   t.string "remark"
                   t.string "last_ip"
                   t.index ["login"], name: "index_users_on_login", unique: true
                 end
                 add_foreign_key "problems_tags", "problems"
                 add_foreign_key "problems_tags", "tags"
               end

db/seeds.rb ¶ +5 -5

                    :description => 'Only admins can log in to the system when running under single user mode.'
                  },
                  {
                    :key => 'ui.front.title',
                    :value_type => 'string',
                    :default_value => 'Grader'
                  },
                  {
                    :key => 'ui.front.welcome_message',
                    :value_type => 'string',
                    :default_value => 'Welcome!'
                  },
                  {
                    :key => 'ui.show_score',
                    :value_type => 'boolean',
                    :default_value => 'true'
                  },
                  {
                    :key => 'contest.time_limit',
                    :value_type => 'string',
                    :default_value => 'unlimited',
                    :description => 'Time limit in format hh:mm, or "unlimited" for contests with no time limits.  This config is CACHED.  Restart the server before the change can take effect.'
                  },
                  {
                    :key => 'system.mode',
                    :value_type => 'string',
                    :default_value => 'standard',
                    :description => 'Current modes are "standard", "contest", "indv-contest", and "analysis".'
                  },
                  {
                    :key => 'contest.name',
                    :value_type => 'string',
                    :default_value => 'Grader',
                    :description => 'This name will be shown on the user header bar.'
                  },
                  {
                    :key => 'contest.multisites',
                    :value_type => 'boolean',
                    :default_value => 'false',
                    :description => 'If the server is in contest mode and this option is true, on the log in of the admin a menu for site selections is shown.'
                  },
                  #---------------------------- right --------------------------------
                  {
                    :key => 'right.user_hall_of_fame',
                    :value_type => 'boolean',
                    :default_value => 'false',
                    :description => 'If true, any user can access hall of fame page.'
                  },
                  {
                    :key => 'right.multiple_ip_login',
                    :value_type => 'boolean',
                    :default_value => 'true',
                    :description => 'When change from true to false, a user can login from the first IP they logged into afterward.'
                  },
                  {
                    :key => 'right.user_view_submission',
                    :value_type => 'boolean',
                    :default_value => 'false',
                    :description => 'If true, any user can view submissions of every one.'
                  },
                  {
                    :key => 'right.bypass_agreement',
                    :value_type => 'boolean',
                    :default_value => 'true',
                    :description => 'When false, a user must accept usage agreement before login'
                  },
                  {
                    :key => 'right.heartbeat_response',
                    :value_type => 'string',
                    :default_value => 'OK',
                    :description => 'Heart beat response text'
                  },
                  {
                    :key => 'right.heartbeat_response_full',
                    :value_type => 'string',
                    :default_value => 'OK',
                    :description => 'Heart beat response text when user got full score (set this value to the empty string to disable this feature)'
                  },
                  {
                    :key => 'right.view_testcase',
                    :value_type => 'boolean',
                    :default_value => 'false',
-            -      :description => 'When true, any user can view/download test data'
+            +      :description => 'If true, any user can view/download test data'
                  },
                  {
                    :key => 'system.online_registration',
                    :value_type => 'boolean',
                    :default_value => 'false',
                    :description => 'This option enables online registration.'
                  },
                  # If Configuration['system.online_registration'] is true, the
                  # system allows online registration, and will use these
                  # information for sending confirmation emails.
                  {
                    :key => 'system.online_registration.smtp',
                    :value_type => 'string',
                    :default_value => 'smtp.somehost.com'
                  },
                  {
                    :key => 'system.online_registration.from',
                    :value_type => 'string',
                    :default_value => 'your.email@address'
                  },
                  {
                    :key => 'system.admin_email',
                    :value_type => 'string',
                    :default_value => 'admin@admin.email'
                  },
                  {
                    :key => 'system.user_setting_enabled',
                    :value_type => 'boolean',
                    :default_value => 'true',
                    :description => 'If this option is true, users can change their settings'
                  },
                  {
                    :key => 'system.user_setting_enabled',
                    :value_type => 'boolean',
                    :default_value => 'true',
                    :description => 'If this option is true, users can change their settings'
                  },
                  # If Configuration['contest.test_request.early_timeout'] is true
                  # the user will not be able to use test request at 30 minutes
                  # before the contest ends.
                  {
                    :key => 'contest.test_request.early_timeout',
                    :value_type => 'boolean',
                    :default_value => 'false'
                  },
                  {
                    :key => 'system.multicontests',
                    :value_type => 'boolean',
                    :default_value => 'false'
                  },
                  {
                    :key => 'contest.confirm_indv_contest_start',
                    :value_type => 'boolean',
                    :default_value => 'false'
                  },
                  {
                    :key => 'contest.default_contest_name',
                    :value_type => 'string',
                    :default_value => 'none',
                    :description => "New user will be assigned to this contest automatically, if it exists.  Set to 'none' if there is no default contest."
                  },
                  {
                    :key => 'system.use_problem_group',
                    :value_type => 'boolean',
                    :default_value => 'false',
                    :description => "If true, available problem to the user will be only ones associated with the group of the user."
                  },
                  {
-            -      :key => 'right.whitelist_ip_only',
+            +      :key => 'right.whitelist_ignore',
                    :value_type => 'boolean',
-            -      :default_value => 'false',
+            +      :default_value => 'true',
-            -      :description => "If true, non-admin user will be able to use the system only when their ip is in the 'whitelist_ip'."
+            +      :description => "If true, no IP check against whitelist_ip is perform. However, when false, non-admin user must have their ip in 'whitelist_ip' to be able to login."
                  },
                  {
                    :key => 'right.whitelist_ip',
                    :value_type => 'string',
                    :default_value => '0.0.0.0/0',
-            -      :description => "list of whitelist ip, given in comma separated CIDR notation. For example '161.200.92.0/23, 161.200.80.1/32'"
+            +      :description => "list of whitelist ip, given in comma separated CIDR notation. For example '192.168.90.0/23, 192.168.1.23/32'"
                  },
                 ]
               def create_configuration_key(key,
                                            value_type,
                                            default_value,
                                            description='')
                 conf = (GraderConfiguration.find_by_key(key) ||
                         GraderConfiguration.new(:key => key,
                                           :value_type => value_type,
                                           :value => default_value))
                 conf.description = description
                 conf.save
               end
               def seed_config
                 CONFIGURATIONS.each do |conf|
                   if conf.has_key? :description
                     desc = conf[:description]
                   else
                     desc = ''
                   end
                   create_configuration_key(conf[:key],
                                            conf[:value_type],
                                            conf[:default_value],
                                            desc)
                 end
               end
               def seed_roles
                 return if Role.find_by_name('admin')
                 role = Role.create(:name => 'admin')
                 user_admin_right = Right.create(:name => 'user_admin',
                                                 :controller => 'user_admin',
                                                 :action => 'all')
                 problem_admin_right = Right.create(:name=> 'problem_admin',
                                                    :controller => 'problems',
                                                    :action => 'all')
                 graders_right = Right.create(:name => 'graders_admin',
                                              :controller => 'graders',
                                              :action => 'all')
                 role.rights << user_admin_right;
                 role.rights << problem_admin_right;
                 role.rights << graders_right;
                 role.save
               end
               def seed_root
                 return if User.find_by_login('root')
                 root = User.new(:login => 'root',
                                 :full_name => 'Administrator',
                                 :alias => 'root')
                 root.password = 'ioionrails';
                 class << root
                   public :encrypt_new_password
                   def valid?(context=nil)
                     true
                   end
                 end
                 root.encrypt_new_password
                 root.roles << Role.find_by_name('admin')
                 root.activated = true
                 root.save
               end
               def seed_users_and_roles
                 seed_roles
                 seed_root
               end
               def seed_more_languages
                 #Language.delete_all
                 Language.find_or_create_by( name: 'c', pretty_name: 'C', ext: 'c', common_ext: 'c' )
                 Language.find_or_create_by( name: 'cpp', pretty_name: 'C++', ext: 'cpp', common_ext: 'cpp,cc' )
                 Language.find_or_create_by( name: 'pas', pretty_name: 'Pascal', ext: 'pas', common_ext: 'pas' )
                 Language.find_or_create_by( name: 'ruby', pretty_name: 'Ruby', ext: 'rb', common_ext: 'rb' )
                 Language.find_or_create_by( name: 'python', pretty_name: 'Python', ext: 'py', common_ext: 'py' )
                 Language.find_or_create_by( name: 'java', pretty_name: 'Java', ext: 'java', common_ext: 'java' )
               end
               seed_config
               seed_users_and_roles
               seed_more_languages

Write
Preview

You need to be logged in to leave comments. Login now

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository permissions settings

Sign in to your account

Author

r784:73e8782d729d - Mon, 04 Nov 2019 09:01:41 - 5 files changed: 58 inserted, 54 deleted

Sign in to your account

Commit r784:73e8782d729d public

Author

r784:73e8782d729d - Mon, 04 Nov 2019 09:01:41 - 5 files changed: 58 inserted, 54 deleted

Commit `r784:73e8782d729d` public