Description:
change depricated before_filter to before_action
Commit status:
[Not Reviewed]
References:
Diff options:
Comments:
0 Commit comments
0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Author
-
r745:75264caa616f - - 20 files changed: 38 inserted, 31 deleted
| @@ -4,24 +4,25 | |||
|
|
4 | 4 | gem 'rails', '~>5.0' |
|
|
5 | 5 | gem 'activerecord-session_store' |
|
|
6 | 6 | |
|
|
7 | 7 | |
|
|
8 | 8 | # Bundle edge Rails instead: |
|
|
9 | 9 | # gem 'rails', :git => 'git://github.com/rails/rails.git' |
|
|
10 | 10 | |
|
|
11 | 11 | #---------------- database --------------------- |
|
|
12 | 12 | #the database |
|
|
13 | 13 | gem 'mysql2' |
|
|
14 | 14 | #for testing |
|
|
15 | 15 | gem 'sqlite3' |
|
|
16 | + gem 'rails-controller-testing' | |
|
|
16 | 17 | #for dumping database into yaml |
|
|
17 | 18 | gem 'yaml_db' |
|
|
18 | 19 | |
|
|
19 | 20 | # Gems used only for assets and not required |
|
|
20 | 21 | # in production environments by default. |
|
|
21 | 22 | gem 'sass-rails' |
|
|
22 | 23 | gem 'coffee-rails' |
|
|
23 | 24 | |
|
|
24 | 25 | # See https://github.com/sstephenson/execjs#readme for more supported runtimes |
|
|
25 | 26 | # gem 'therubyracer', :platforms => :ruby |
|
|
26 | 27 | |
|
|
27 | 28 | gem 'uglifier' |
| @@ -150,24 +150,28 | |||
|
|
150 | 150 | rails (5.0.7.2) |
|
|
151 | 151 | actioncable (= 5.0.7.2) |
|
|
152 | 152 | actionmailer (= 5.0.7.2) |
|
|
153 | 153 | actionpack (= 5.0.7.2) |
|
|
154 | 154 | actionview (= 5.0.7.2) |
|
|
155 | 155 | activejob (= 5.0.7.2) |
|
|
156 | 156 | activemodel (= 5.0.7.2) |
|
|
157 | 157 | activerecord (= 5.0.7.2) |
|
|
158 | 158 | activesupport (= 5.0.7.2) |
|
|
159 | 159 | bundler (>= 1.3.0) |
|
|
160 | 160 | railties (= 5.0.7.2) |
|
|
161 | 161 | sprockets-rails (>= 2.0.0) |
|
|
162 | + rails-controller-testing (1.0.4) | |
|
|
163 | + actionpack (>= 5.0.1.x) | |
|
|
164 | + actionview (>= 5.0.1.x) | |
|
|
165 | + activesupport (>= 5.0.1.x) | |
|
|
162 | 166 | rails-dom-testing (2.0.3) |
|
|
163 | 167 | activesupport (>= 4.2.0) |
|
|
164 | 168 | nokogiri (>= 1.6) |
|
|
165 | 169 | rails-html-sanitizer (1.0.4) |
|
|
166 | 170 | loofah (~> 2.2, >= 2.2.2) |
|
|
167 | 171 | rails_bootstrap_sortable (2.0.6) |
|
|
168 | 172 | momentjs-rails (>= 2.8.3) |
|
|
169 | 173 | railties (5.0.7.2) |
|
|
170 | 174 | actionpack (= 5.0.7.2) |
|
|
171 | 175 | activesupport (= 5.0.7.2) |
|
|
172 | 176 | method_source |
|
|
173 | 177 | rake (>= 0.8.7) |
| @@ -249,24 +253,25 | |||
|
|
249 | 253 | in_place_editing |
|
|
250 | 254 | jquery-countdown-rails |
|
|
251 | 255 | jquery-datatables-rails |
|
|
252 | 256 | jquery-rails |
|
|
253 | 257 | jquery-tablesorter |
|
|
254 | 258 | jquery-timepicker-addon-rails |
|
|
255 | 259 | jquery-ui-rails |
|
|
256 | 260 | |
|
|
257 | 261 | minitest-reporters |
|
|
258 | 262 | momentjs-rails |
|
|
259 | 263 | mysql2 |
|
|
260 | 264 | rails (~> 5.0) |
|
|
265 | + rails-controller-testing | |
|
|
261 | 266 | rails_bootstrap_sortable |
|
|
262 | 267 | rdiscount |
|
|
263 | 268 | rouge |
|
|
264 | 269 | sass-rails |
|
|
265 | 270 | sassc-rails (>= 2.1.0) |
|
|
266 | 271 | select2-rails |
|
|
267 | 272 | sqlite3 |
|
|
268 | 273 | uglifier |
|
|
269 | 274 | verification! |
|
|
270 | 275 | will_paginate (~> 3.0.7) |
|
|
271 | 276 | yaml_db |
|
|
272 | 277 | |
| @@ -1,15 +1,15 | |||
|
|
1 | 1 | class AnnouncementsController < ApplicationController |
|
|
2 | 2 | |
|
|
3 |
- before_ |
|
|
|
3 | + before_action :admin_authorization | |
|
|
4 | 4 | |
|
|
5 | 5 | in_place_edit_for :announcement, :published |
|
|
6 | 6 | |
|
|
7 | 7 | # GET /announcements |
|
|
8 | 8 | # GET /announcements.xml |
|
|
9 | 9 | def index |
|
|
10 | 10 | @announcements = Announcement.order(created_at: :desc) |
|
|
11 | 11 | |
|
|
12 | 12 | respond_to do |format| |
|
|
13 | 13 | format.html # index.html.erb |
|
|
14 | 14 | format.xml { render :xml => @announcements } |
|
|
15 | 15 | end |
| @@ -1,16 +1,16 | |||
|
|
1 | 1 | class ApplicationController < ActionController::Base |
|
|
2 | 2 | protect_from_forgery |
|
|
3 | 3 | |
|
|
4 |
- before_ |
|
|
|
4 | + before_action :current_user | |
|
|
5 | 5 | |
|
|
6 | 6 | SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode' |
|
|
7 | 7 | MULTIPLE_IP_LOGIN_CONF_KEY = 'right.multiple_ip_login' |
|
|
8 | 8 | |
|
|
9 | 9 | #report and redirect for unauthorized activities |
|
|
10 | 10 | def unauthorized_redirect |
|
|
11 | 11 | flash[:notice] = 'You are not authorized to view the page you requested' |
|
|
12 | 12 | redirect_to :controller => 'main', :action => 'login' |
|
|
13 | 13 | end |
|
|
14 | 14 | |
|
|
15 | 15 | # Returns the current logged-in user (if any). |
|
|
16 | 16 | def current_user |
| @@ -1,16 +1,16 | |||
|
|
1 | 1 | class ConfigurationsController < ApplicationController |
|
|
2 | 2 | |
|
|
3 |
- before_ |
|
|
|
4 |
- before_ |
|
|
|
3 | + before_action :authenticate | |
|
|
4 | + before_action { |controller| controller.authorization_by_roles(['admin'])} | |
|
|
5 | 5 | |
|
|
6 | 6 | |
|
|
7 | 7 | def index |
|
|
8 | 8 | @configurations = GraderConfiguration.order(:key) |
|
|
9 | 9 | @group = GraderConfiguration.pluck("grader_configurations.key").map{ |x| x[0...(x.index('.'))] }.uniq.sort |
|
|
10 | 10 | end |
|
|
11 | 11 | |
|
|
12 | 12 | def reload |
|
|
13 | 13 | GraderConfiguration.reload |
|
|
14 | 14 | redirect_to :action => 'index' |
|
|
15 | 15 | end |
|
|
16 | 16 | |
| @@ -1,15 +1,15 | |||
|
|
1 | 1 | class ContestManagementController < ApplicationController |
|
|
2 | 2 | |
|
|
3 |
- before_ |
|
|
|
3 | + before_action :admin_authorization | |
|
|
4 | 4 | |
|
|
5 | 5 | def index |
|
|
6 | 6 | @num_contests = Contest.count() |
|
|
7 | 7 | end |
|
|
8 | 8 | |
|
|
9 | 9 | def user_stat |
|
|
10 | 10 | if not GraderConfiguration.indv_contest_mode? |
|
|
11 | 11 | redirect_to :action => 'index' and return |
|
|
12 | 12 | end |
|
|
13 | 13 | |
|
|
14 | 14 | @users = User.all |
|
|
15 | 15 | @start_times = {} |
| @@ -1,15 +1,15 | |||
|
|
1 | 1 | class ContestsController < ApplicationController |
|
|
2 | 2 | |
|
|
3 |
- before_ |
|
|
|
3 | + before_action :admin_authorization | |
|
|
4 | 4 | |
|
|
5 | 5 | in_place_edit_for :contest, :title |
|
|
6 | 6 | in_place_edit_for :contest, :enabled |
|
|
7 | 7 | |
|
|
8 | 8 | # GET /contests |
|
|
9 | 9 | # GET /contests.xml |
|
|
10 | 10 | def index |
|
|
11 | 11 | @contests = Contest.all |
|
|
12 | 12 | |
|
|
13 | 13 | respond_to do |format| |
|
|
14 | 14 | format.html # index.html.erb |
|
|
15 | 15 | format.xml { render :xml => @contests } |
| @@ -1,15 +1,15 | |||
|
|
1 | 1 | class GradersController < ApplicationController |
|
|
2 | 2 | |
|
|
3 |
- before_ |
|
|
|
3 | + before_action :admin_authorization | |
|
|
4 | 4 | |
|
|
5 | 5 | verify :method => :post, :only => ['clear_all', |
|
|
6 | 6 | 'start_exam', |
|
|
7 | 7 | 'start_grading', |
|
|
8 | 8 | 'stop_all', |
|
|
9 | 9 | 'clear_terminated'], |
|
|
10 | 10 | :redirect_to => {:action => 'index'} |
|
|
11 | 11 | |
|
|
12 | 12 | def index |
|
|
13 | 13 | redirect_to :action => 'list' |
|
|
14 | 14 | end |
|
|
15 | 15 | |
| @@ -1,14 +1,14 | |||
|
|
1 | 1 | class HeartbeatController < ApplicationController |
|
|
2 |
- before_ |
|
|
|
2 | + before_action :admin_authorization, :only => ['index'] | |
|
|
3 | 3 | |
|
|
4 | 4 | def edit |
|
|
5 | 5 | #@user = User.find_by_login(params[:id]) |
|
|
6 | 6 | #unless @user |
|
|
7 | 7 | # render text: "LOGIN_NOT_FOUND" |
|
|
8 | 8 | # return |
|
|
9 | 9 | #end |
|
|
10 | 10 | |
|
|
11 | 11 | #hb = HeartBeat.where(user_id: @user.id, ip_address: request.remote_ip).first |
|
|
12 | 12 | #puts "status = #{params[:status]}" |
|
|
13 | 13 | #if hb |
|
|
14 | 14 | # if params[:status] |
| @@ -1,28 +1,28 | |||
|
|
1 | 1 | class MainController < ApplicationController |
|
|
2 | 2 | |
|
|
3 |
- before_ |
|
|
|
4 |
- before_ |
|
|
|
3 | + before_action :authenticate, :except => [:index, :login] | |
|
|
4 | + before_action :check_viewability, :except => [:index, :login] | |
|
|
5 | 5 | |
|
|
6 |
- append_before_ |
|
|
|
6 | + append_before_action :confirm_and_update_start_time, | |
|
|
7 | 7 | :except => [:index, |
|
|
8 | 8 | :login, |
|
|
9 | 9 | :confirm_contest_start] |
|
|
10 | 10 | |
|
|
11 | 11 | # to prevent log in box to be shown when user logged out of the |
|
|
12 | 12 | # system only in some tab |
|
|
13 |
- prepend_before_ |
|
|
|
13 | + prepend_before_action :reject_announcement_refresh_when_logged_out, | |
|
|
14 | 14 | :only => [:announcements] |
|
|
15 | 15 | |
|
|
16 |
- before_ |
|
|
|
16 | + before_action :authenticate_by_ip_address, :only => [:list] | |
|
|
17 | 17 | |
|
|
18 | 18 | # COMMENTED OUT: filter in each action instead |
|
|
19 | 19 | # before_filter :verify_time_limit, :only => [:submit] |
|
|
20 | 20 | |
|
|
21 | 21 | verify :method => :post, :only => [:submit], |
|
|
22 | 22 | :redirect_to => { :action => :index } |
|
|
23 | 23 | |
|
|
24 | 24 | # COMMENT OUT: only need when having high load |
|
|
25 | 25 | # caches_action :index, :login |
|
|
26 | 26 | |
|
|
27 | 27 | # NOTE: This method is not actually needed, 'config/routes.rb' has |
|
|
28 | 28 | # assigned action login as a default action. |
| @@ -1,15 +1,15 | |||
|
|
1 | 1 | class MessagesController < ApplicationController |
|
|
2 | 2 | |
|
|
3 |
- before_ |
|
|
|
3 | + before_action :authenticate | |
|
|
4 | 4 | |
|
|
5 | 5 | verify :method => :post, :only => ['create'], |
|
|
6 | 6 | :redirect_to => { :action => 'list' } |
|
|
7 | 7 | |
|
|
8 | 8 | before_filter :admin_authorization, :only => ['console','show', |
|
|
9 | 9 | 'reply','hide','list_all'] |
|
|
10 | 10 | |
|
|
11 | 11 | def list |
|
|
12 | 12 | @user = User.find(session[:user_id]) |
|
|
13 | 13 | @messages = Message.find_all_sent_by_user(@user) |
|
|
14 | 14 | end |
|
|
15 | 15 | |
| @@ -1,21 +1,21 | |||
|
|
1 | 1 | require 'csv' |
|
|
2 | 2 | |
|
|
3 | 3 | class ReportController < ApplicationController |
|
|
4 | 4 | |
|
|
5 |
- before_ |
|
|
|
5 | + before_action :authenticate | |
|
|
6 | 6 | |
|
|
7 |
- before_ |
|
|
|
7 | + before_action :admin_authorization, only: [:login_stat,:submission_stat, :stuck, :cheat_report, :cheat_scruntinize, :show_max_score, :current_score] | |
|
|
8 | 8 | |
|
|
9 |
- before_ |
|
|
|
9 | + before_action(only: [:problem_hof]) { |c| | |
|
|
10 | 10 | return false unless authenticate |
|
|
11 | 11 | |
|
|
12 | 12 | admin_authorization unless GraderConfiguration["right.user_view_submission"] |
|
|
13 | 13 | } |
|
|
14 | 14 | |
|
|
15 | 15 | def max_score |
|
|
16 | 16 | end |
|
|
17 | 17 | |
|
|
18 | 18 | def current_score |
|
|
19 | 19 | @problems = Problem.available_problems |
|
|
20 | 20 | @users = User.includes(:contests).includes(:contest_stat).where(enabled: true) |
|
|
21 | 21 | @scorearray = calculate_max_score(@problems, @users,0,0,true) |
| @@ -1,15 +1,15 | |||
|
|
1 | 1 | class SiteController < ApplicationController |
|
|
2 | 2 | |
|
|
3 |
- before_ |
|
|
|
3 | + before_action :site_admin_authorization, :except => 'login' | |
|
|
4 | 4 | |
|
|
5 | 5 | def login |
|
|
6 | 6 | # Site administrator login |
|
|
7 | 7 | @countries = Country.includes(:sites).all |
|
|
8 | 8 | @country_select = @countries.collect { |c| [c.name, c.id] } |
|
|
9 | 9 | |
|
|
10 | 10 | @country_select_with_all = [['Any',0]] |
|
|
11 | 11 | @countries.each do |country| |
|
|
12 | 12 | @country_select_with_all << [country.name, country.id] |
|
|
13 | 13 | end |
|
|
14 | 14 | |
|
|
15 | 15 | @site_select = [] |
| @@ -1,15 +1,15 | |||
|
|
1 | 1 | class SitesController < ApplicationController |
|
|
2 | 2 | |
|
|
3 |
- before_ |
|
|
|
3 | + before_action :admin_authorization | |
|
|
4 | 4 | |
|
|
5 | 5 | # GET /sites |
|
|
6 | 6 | # GET /sites.xml |
|
|
7 | 7 | def index |
|
|
8 | 8 | @sites = Site.order(:country_id) |
|
|
9 | 9 | |
|
|
10 | 10 | respond_to do |format| |
|
|
11 | 11 | format.html # index.html.erb |
|
|
12 | 12 | format.xml { render :xml => @sites } |
|
|
13 | 13 | end |
|
|
14 | 14 | end |
|
|
15 | 15 | |
| @@ -1,15 +1,15 | |||
|
|
1 | 1 | class TasksController < ApplicationController |
|
|
2 | 2 | |
|
|
3 |
- before_ |
|
|
|
3 | + before_action :authenticate, :check_viewability | |
|
|
4 | 4 | |
|
|
5 | 5 | def index |
|
|
6 | 6 | redirect_to :action => 'list' |
|
|
7 | 7 | end |
|
|
8 | 8 | |
|
|
9 | 9 | def list |
|
|
10 | 10 | @problems = @user.available_problems |
|
|
11 | 11 | end |
|
|
12 | 12 | |
|
|
13 | 13 | # this has contest-wide access control |
|
|
14 | 14 | def view |
|
|
15 | 15 | base_name = params[:file] |
| @@ -1,15 +1,15 | |||
|
|
1 | 1 | class TestController < ApplicationController |
|
|
2 | 2 | |
|
|
3 |
- before_ |
|
|
|
3 | + before_action :authenticate, :check_viewability | |
|
|
4 | 4 | |
|
|
5 | 5 | # |
|
|
6 | 6 | # COMMENT OUT: filter in each action instead |
|
|
7 | 7 | # |
|
|
8 | 8 | # before_filter :verify_time_limit, :only => [:submit] |
|
|
9 | 9 | |
|
|
10 | 10 | verify :method => :post, :only => [:submit], |
|
|
11 | 11 | :redirect_to => { :action => :index } |
|
|
12 | 12 | |
|
|
13 | 13 | def index |
|
|
14 | 14 | prepare_index_information |
|
|
15 | 15 | end |
| @@ -1,19 +1,19 | |||
|
|
1 | 1 | require 'csv' |
|
|
2 | 2 | |
|
|
3 | 3 | class UserAdminController < ApplicationController |
|
|
4 | 4 | |
|
|
5 | 5 | include MailHelperMethods |
|
|
6 | 6 | |
|
|
7 |
- before_ |
|
|
|
7 | + before_action :admin_authorization | |
|
|
8 | 8 | |
|
|
9 | 9 | # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html) |
|
|
10 | 10 | verify :method => :post, :only => [ |
|
|
11 | 11 | :create, :create_from_list, |
|
|
12 | 12 | :update, |
|
|
13 | 13 | :manage_contest, |
|
|
14 | 14 | :bulk_mail |
|
|
15 | 15 | ], |
|
|
16 | 16 | :redirect_to => { :action => :list } |
|
|
17 | 17 | |
|
|
18 | 18 | def index |
|
|
19 | 19 | @user_count = User.count |
| @@ -1,31 +1,31 | |||
|
|
1 | 1 | require 'net/smtp' |
|
|
2 | 2 | |
|
|
3 | 3 | class UsersController < ApplicationController |
|
|
4 | 4 | |
|
|
5 | 5 | include MailHelperMethods |
|
|
6 | 6 | |
|
|
7 |
- before_ |
|
|
|
7 | + before_action :authenticate, :except => [:new, | |
|
|
8 | 8 | :register, |
|
|
9 | 9 | :confirm, |
|
|
10 | 10 | :forget, |
|
|
11 | 11 | :retrieve_password] |
|
|
12 | 12 | |
|
|
13 |
- before_ |
|
|
|
13 | + before_action :verify_online_registration, :only => [:new, | |
|
|
14 | 14 | :register, |
|
|
15 | 15 | :forget, |
|
|
16 | 16 | :retrieve_password] |
|
|
17 |
- before_ |
|
|
|
17 | + before_action :authenticate, :profile_authorization, only: [:profile] | |
|
|
18 | 18 | |
|
|
19 |
- before_ |
|
|
|
19 | + before_action :admin_authorization, only: [:stat, :toggle_activate, :toggle_enable] | |
|
|
20 | 20 | |
|
|
21 | 21 | |
|
|
22 | 22 | verify :method => :post, :only => [:chg_passwd], |
|
|
23 | 23 | :redirect_to => { :action => :index } |
|
|
24 | 24 | |
|
|
25 | 25 | #in_place_edit_for :user, :alias_for_editing |
|
|
26 | 26 | #in_place_edit_for :user, :email_for_editing |
|
|
27 | 27 | |
|
|
28 | 28 | def index |
|
|
29 | 29 | if !GraderConfiguration['system.user_setting_enabled'] |
|
|
30 | 30 | redirect_to :controller => 'main', :action => 'list' |
|
|
31 | 31 | else |
| @@ -1,20 +1,21 | |||
|
|
1 | 1 | CafeGrader::Application.routes.draw do |
|
|
2 | 2 | resources :tags |
|
|
3 | 3 | get "sources/direct_edit" |
|
|
4 | 4 | |
|
|
5 | 5 | root :to => 'main#login' |
|
|
6 | 6 | |
|
|
7 | 7 | #logins |
|
|
8 |
- |
|
|
|
8 | + match 'login/login', to: 'login#login', via: [:get,:post] | |
|
|
9 | + | |
|
|
9 | 10 | |
|
|
10 | 11 | resources :contests |
|
|
11 | 12 | |
|
|
12 | 13 | resources :sites |
|
|
13 | 14 | |
|
|
14 | 15 | resources :announcements do |
|
|
15 | 16 | member do |
|
|
16 | 17 | get 'toggle','toggle_front' |
|
|
17 | 18 | end |
|
|
18 | 19 | end |
|
|
19 | 20 | |
|
|
20 | 21 | resources :problems do |
| @@ -1,40 +1,40 | |||
|
|
1 | 1 | require 'test_helper' |
|
|
2 | 2 | |
|
|
3 | 3 | class LoginTest < ActionDispatch::IntegrationTest |
|
|
4 | 4 | # test "the truth" do |
|
|
5 | 5 | # assert true |
|
|
6 | 6 | # end |
|
|
7 | 7 | |
|
|
8 | 8 | test "login with invalid information" do |
|
|
9 | 9 | get root_path |
|
|
10 | 10 | assert_response :success |
|
|
11 | - post login_login_path, login: "root", password: "hahaha" | |
|
|
11 | + post login_login_path, params: {login: "root", password: "hahaha"} | |
|
|
12 | 12 | assert_redirected_to root_path |
|
|
13 | 13 | end |
|
|
14 | 14 | |
|
|
15 | 15 | test "normal user login" do |
|
|
16 | 16 | get root_path |
|
|
17 | 17 | assert_response :success |
|
|
18 | - post login_login_path, {login: "john", password: "hello" } | |
|
|
18 | + post login_login_path, params: {login: "john", password: "hello" } | |
|
|
19 | 19 | assert_redirected_to main_list_path |
|
|
20 | 20 | end |
|
|
21 | 21 | |
|
|
22 | 22 | test "normal user login in single_user mode" do |
|
|
23 | 23 | GraderConfiguration.find_by(key: GraderConfiguration::SINGLE_USER_KEY).update_attributes(value: 'true') |
|
|
24 | 24 | GraderConfiguration.reload |
|
|
25 | 25 | get root_path |
|
|
26 | 26 | assert_response :success |
|
|
27 | - post login_login_path, {login: "john", password: "hello" } | |
|
|
27 | + post login_login_path, params: {login: "john", password: "hello" } | |
|
|
28 | 28 | follow_redirect! |
|
|
29 | 29 | assert_redirected_to root_path |
|
|
30 | 30 | end |
|
|
31 | 31 | |
|
|
32 | 32 | test "root login in in single_user mode" do |
|
|
33 | 33 | GraderConfiguration.find_by(key: GraderConfiguration::SINGLE_USER_KEY).update_attributes(value: 'true') |
|
|
34 | 34 | GraderConfiguration.reload |
|
|
35 | 35 | get root_path |
|
|
36 | 36 | assert_response :success |
|
|
37 | - post login_login_path, {login: "admin", password: "admin" } | |
|
|
37 | + post login_login_path, params: {login: "admin", password: "admin" } | |
|
|
38 | 38 | assert_redirected_to main_list_path |
|
|
39 | 39 | end |
|
|
40 | 40 | end |
You need to be logged in to leave comments.
Login now