cafe-grader-web

Commit r525:89e2deff986b public

parent | child
Description:
add option to disable login from multiple ip
Commit status:
[Not Reviewed]
References:
algo
Diff options:
Raw Diff | Patch Diff | Download Diff | Ignore whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r525:89e2deff986b - - 6 files changed: 59 inserted, 27 deleted

Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,16 +1,17
1 class ApplicationController < ActionController::Base
1 class ApplicationController < ActionController::Base
2 protect_from_forgery
2 protect_from_forgery
3
3
4 SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode'
4 SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode'
5 + MULTIPLE_IP_LOGIN_CONF_KEY = 'right.multiple_ip_login'
5
6
6 def admin_authorization
7 def admin_authorization
7 return false unless authenticate
8 return false unless authenticate
8 user = User.find(session[:user_id], :include => ['roles'])
9 user = User.find(session[:user_id], :include => ['roles'])
9 unless user.admin?
10 unless user.admin?
10 flash[:notice] = 'You are not authorized to view the page you requested'
11 flash[:notice] = 'You are not authorized to view the page you requested'
11 redirect_to :controller => 'main', :action => 'login' unless user.admin?
12 redirect_to :controller => 'main', :action => 'login' unless user.admin?
12 return false
13 return false
13 end
14 end
14 return true
15 return true
15 end
16 end
16
17
@@ -52,24 +53,41
52 return true if user.admin?
53 return true if user.admin?
53 begin
54 begin
54 if user.contest_stat(true).forced_logout
55 if user.contest_stat(true).forced_logout
55 flash[:notice] = 'You have been automatically logged out.'
56 flash[:notice] = 'You have been automatically logged out.'
56 redirect_to :controller => 'main', :action => 'index'
57 redirect_to :controller => 'main', :action => 'index'
57 end
58 end
58 rescue
59 rescue
59 end
60 end
60 end
61 end
61 return true
62 return true
62 end
63 end
63
64
65 + def authenticate_by_ip_address
66 + #this assume that we have already authenticate normally
67 + unless GraderConfiguration[MULTIPLE_IP_LOGIN_CONF_KEY]
68 + user = User.find(session[:user_id])
69 + if (not user.admin? and user.last_ip and user.last_ip != request.remote_ip)
70 + flash[:notice] = "You cannot use the system from #{request.remote_ip}. Your last ip is #{user.last_ip}"
71 + redirect_to :controller => 'main', :action => 'login'
72 + return false
73 + end
74 + unless user.last_ip
75 + user.last_ip = request.remote_ip
76 + user.save
77 + end
78 + end
79 + return true
80 + end
81 +
64 def authorization
82 def authorization
65 return false unless authenticate
83 return false unless authenticate
66 user = User.find(session[:user_id])
84 user = User.find(session[:user_id])
67 unless user.roles.detect { |role|
85 unless user.roles.detect { |role|
68 role.rights.detect{ |right|
86 role.rights.detect{ |right|
69 right.controller == self.class.controller_name and
87 right.controller == self.class.controller_name and
70 (right.action == 'all' or right.action == action_name)
88 (right.action == 'all' or right.action == action_name)
71 }
89 }
72 }
90 }
73 flash[:notice] = 'You are not authorized to view the page you requested'
91 flash[:notice] = 'You are not authorized to view the page you requested'
74 #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login')
92 #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login')
75 redirect_to :controller => 'main', :action => 'login'
93 redirect_to :controller => 'main', :action => 'login'
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -7,22 +7,23
7 def index
7 def index
8 @configurations = GraderConfiguration.find(:all,
8 @configurations = GraderConfiguration.find(:all,
9 :order => '`key`')
9 :order => '`key`')
10 end
10 end
11
11
12 def reload
12 def reload
13 GraderConfiguration.reload
13 GraderConfiguration.reload
14 redirect_to :action => 'index'
14 redirect_to :action => 'index'
15 end
15 end
16
16
17 def update
17 def update
18 @config = GraderConfiguration.find(params[:id])
18 @config = GraderConfiguration.find(params[:id])
19 + User.clear_last_login if @config.key = 'multiple_ip_login' and @config.value == 'true' and params[:grader_configuration][:value] == 'false'
19 respond_to do |format|
20 respond_to do |format|
20 if @config.update_attributes(params[:grader_configuration])
21 if @config.update_attributes(params[:grader_configuration])
21 format.json { head :ok }
22 format.json { head :ok }
22 else
23 else
23 format.json { respond_with_bip(@config) }
24 format.json { respond_with_bip(@config) }
24 end
25 end
25 end
26 end
26 end
27 end
27
28
28 end
29 end
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -4,24 +4,26
4 before_filter :check_viewability, :except => [:index, :login]
4 before_filter :check_viewability, :except => [:index, :login]
5
5
6 append_before_filter :confirm_and_update_start_time,
6 append_before_filter :confirm_and_update_start_time,
7 :except => [:index,
7 :except => [:index,
8 :login,
8 :login,
9 :confirm_contest_start]
9 :confirm_contest_start]
10
10
11 # to prevent log in box to be shown when user logged out of the
11 # to prevent log in box to be shown when user logged out of the
12 # system only in some tab
12 # system only in some tab
13 prepend_before_filter :reject_announcement_refresh_when_logged_out,
13 prepend_before_filter :reject_announcement_refresh_when_logged_out,
14 :only => [:announcements]
14 :only => [:announcements]
15
15
16 + before_filter :authenticate_by_ip_address, :only => [:list]
17 +
16 # COMMENTED OUT: filter in each action instead
18 # COMMENTED OUT: filter in each action instead
17 # before_filter :verify_time_limit, :only => [:submit]
19 # before_filter :verify_time_limit, :only => [:submit]
18
20
19 verify :method => :post, :only => [:submit],
21 verify :method => :post, :only => [:submit],
20 :redirect_to => { :action => :index }
22 :redirect_to => { :action => :index }
21
23
22 # COMMENT OUT: only need when having high load
24 # COMMENT OUT: only need when having high load
23 # caches_action :index, :login
25 # caches_action :index, :login
24
26
25 # NOTE: This method is not actually needed, 'config/routes.rb' has
27 # NOTE: This method is not actually needed, 'config/routes.rb' has
26 # assigned action login as a default action.
28 # assigned action login as a default action.
27 def index
29 def index
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -298,24 +298,28
298 return contest_problems + other_avaiable_problems
298 return contest_problems + other_avaiable_problems
299 end
299 end
300 end
300 end
301
301
302 def can_view_problem?(problem)
302 def can_view_problem?(problem)
303 if not GraderConfiguration.multicontests?
303 if not GraderConfiguration.multicontests?
304 return problem.available
304 return problem.available
305 else
305 else
306 return problem_in_user_contests? problem
306 return problem_in_user_contests? problem
307 end
307 end
308 end
308 end
309
309
310 + def self.clear_last_login
311 + User.update_all(:last_ip => nil)
312 + end
313 +
310 protected
314 protected
311 def encrypt_new_password
315 def encrypt_new_password
312 return if password.blank?
316 return if password.blank?
313 self.salt = (10+rand(90)).to_s
317 self.salt = (10+rand(90)).to_s
314 self.hashed_password = User.encrypt(self.password,self.salt)
318 self.hashed_password = User.encrypt(self.password,self.salt)
315 end
319 end
316
320
317 def assign_default_site
321 def assign_default_site
318 # have to catch error when migrating (because self.site is not available).
322 # have to catch error when migrating (because self.site is not available).
319 begin
323 begin
320 if self.site==nil
324 if self.site==nil
321 self.site = Site.find_by_name('default')
325 self.site = Site.find_by_name('default')
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -2,34 +2,34
2 # This file is auto-generated from the current state of the database. Instead
2 # This file is auto-generated from the current state of the database. Instead
3 # of editing this file, please use the migrations feature of Active Record to
3 # of editing this file, please use the migrations feature of Active Record to
4 # incrementally modify your database, and then regenerate this schema definition.
4 # incrementally modify your database, and then regenerate this schema definition.
5 #
5 #
6 # Note that this schema.rb definition is the authoritative source for your
6 # Note that this schema.rb definition is the authoritative source for your
7 # database schema. If you need to create the application database on another
7 # database schema. If you need to create the application database on another
8 # system, you should be using db:schema:load, not running all the migrations
8 # system, you should be using db:schema:load, not running all the migrations
9 # from scratch. The latter is a flawed and unsustainable approach (the more migrations
9 # from scratch. The latter is a flawed and unsustainable approach (the more migrations
10 # you'll amass, the slower it'll run and the greater likelihood for issues).
10 # you'll amass, the slower it'll run and the greater likelihood for issues).
11 #
11 #
12 # It's strongly recommended to check this file into your version control system.
12 # It's strongly recommended to check this file into your version control system.
13
13
14 - ActiveRecord::Schema.define(:version => 20150503164846) do
14 + ActiveRecord::Schema.define(:version => 20150618085823) do
15
15
16 create_table "announcements", :force => true do |t|
16 create_table "announcements", :force => true do |t|
17 t.string "author"
17 t.string "author"
18 - t.text "body", :limit => 16777215
18 + t.text "body"
19 t.boolean "published"
19 t.boolean "published"
20 - t.datetime "created_at", :null => false
20 + t.datetime "created_at", :null => false
21 - t.datetime "updated_at", :null => false
21 + t.datetime "updated_at", :null => false
22 - t.boolean "frontpage", :default => false
22 + t.boolean "frontpage", :default => false
23 - t.boolean "contest_only", :default => false
23 + t.boolean "contest_only", :default => false
24 t.string "title"
24 t.string "title"
25 t.string "notes"
25 t.string "notes"
26 end
26 end
27
27
28 create_table "contests", :force => true do |t|
28 create_table "contests", :force => true do |t|
29 t.string "title"
29 t.string "title"
30 t.boolean "enabled"
30 t.boolean "enabled"
31 t.datetime "created_at", :null => false
31 t.datetime "created_at", :null => false
32 t.datetime "updated_at", :null => false
32 t.datetime "updated_at", :null => false
33 t.string "name"
33 t.string "name"
34 end
34 end
35
35
@@ -41,37 +41,37
41 create_table "contests_users", :id => false, :force => true do |t|
41 create_table "contests_users", :id => false, :force => true do |t|
42 t.integer "contest_id"
42 t.integer "contest_id"
43 t.integer "user_id"
43 t.integer "user_id"
44 end
44 end
45
45
46 create_table "countries", :force => true do |t|
46 create_table "countries", :force => true do |t|
47 t.string "name"
47 t.string "name"
48 t.datetime "created_at", :null => false
48 t.datetime "created_at", :null => false
49 t.datetime "updated_at", :null => false
49 t.datetime "updated_at", :null => false
50 end
50 end
51
51
52 create_table "descriptions", :force => true do |t|
52 create_table "descriptions", :force => true do |t|
53 - t.text "body", :limit => 16777215
53 + t.text "body"
54 t.boolean "markdowned"
54 t.boolean "markdowned"
55 - t.datetime "created_at", :null => false
55 + t.datetime "created_at", :null => false
56 - t.datetime "updated_at", :null => false
56 + t.datetime "updated_at", :null => false
57 end
57 end
58
58
59 create_table "grader_configurations", :force => true do |t|
59 create_table "grader_configurations", :force => true do |t|
60 t.string "key"
60 t.string "key"
61 t.string "value_type"
61 t.string "value_type"
62 t.string "value"
62 t.string "value"
63 - t.datetime "created_at", :null => false
63 + t.datetime "created_at", :null => false
64 - t.datetime "updated_at", :null => false
64 + t.datetime "updated_at", :null => false
65 - t.text "description", :limit => 16777215
65 + t.text "description"
66 end
66 end
67
67
68 create_table "grader_processes", :force => true do |t|
68 create_table "grader_processes", :force => true do |t|
69 t.string "host", :limit => 20
69 t.string "host", :limit => 20
70 t.integer "pid"
70 t.integer "pid"
71 t.string "mode"
71 t.string "mode"
72 t.boolean "active"
72 t.boolean "active"
73 t.datetime "created_at", :null => false
73 t.datetime "created_at", :null => false
74 t.datetime "updated_at", :null => false
74 t.datetime "updated_at", :null => false
75 t.integer "task_id"
75 t.integer "task_id"
76 t.string "task_type"
76 t.string "task_type"
77 t.boolean "terminated"
77 t.boolean "terminated"
@@ -88,28 +88,28
88
88
89 create_table "logins", :force => true do |t|
89 create_table "logins", :force => true do |t|
90 t.integer "user_id"
90 t.integer "user_id"
91 t.string "ip_address"
91 t.string "ip_address"
92 t.datetime "created_at", :null => false
92 t.datetime "created_at", :null => false
93 t.datetime "updated_at", :null => false
93 t.datetime "updated_at", :null => false
94 end
94 end
95
95
96 create_table "messages", :force => true do |t|
96 create_table "messages", :force => true do |t|
97 t.integer "sender_id"
97 t.integer "sender_id"
98 t.integer "receiver_id"
98 t.integer "receiver_id"
99 t.integer "replying_message_id"
99 t.integer "replying_message_id"
100 - t.text "body", :limit => 16777215
100 + t.text "body"
101 t.boolean "replied"
101 t.boolean "replied"
102 - t.datetime "created_at", :null => false
102 + t.datetime "created_at", :null => false
103 - t.datetime "updated_at", :null => false
103 + t.datetime "updated_at", :null => false
104 end
104 end
105
105
106 create_table "problems", :force => true do |t|
106 create_table "problems", :force => true do |t|
107 t.string "name", :limit => 30
107 t.string "name", :limit => 30
108 t.string "full_name"
108 t.string "full_name"
109 t.integer "full_score"
109 t.integer "full_score"
110 t.date "date_added"
110 t.date "date_added"
111 t.boolean "available"
111 t.boolean "available"
112 t.string "url"
112 t.string "url"
113 t.integer "description_id"
113 t.integer "description_id"
114 t.boolean "test_allowed"
114 t.boolean "test_allowed"
115 t.boolean "output_only"
115 t.boolean "output_only"
@@ -133,94 +133,94
133 t.string "name"
133 t.string "name"
134 end
134 end
135
135
136 create_table "roles_users", :id => false, :force => true do |t|
136 create_table "roles_users", :id => false, :force => true do |t|
137 t.integer "role_id"
137 t.integer "role_id"
138 t.integer "user_id"
138 t.integer "user_id"
139 end
139 end
140
140
141 add_index "roles_users", ["user_id"], :name => "index_roles_users_on_user_id"
141 add_index "roles_users", ["user_id"], :name => "index_roles_users_on_user_id"
142
142
143 create_table "sessions", :force => true do |t|
143 create_table "sessions", :force => true do |t|
144 t.string "session_id"
144 t.string "session_id"
145 - t.text "data", :limit => 16777215
145 + t.text "data"
146 t.datetime "updated_at"
146 t.datetime "updated_at"
147 end
147 end
148
148
149 add_index "sessions", ["session_id"], :name => "index_sessions_on_session_id"
149 add_index "sessions", ["session_id"], :name => "index_sessions_on_session_id"
150 add_index "sessions", ["updated_at"], :name => "index_sessions_on_updated_at"
150 add_index "sessions", ["updated_at"], :name => "index_sessions_on_updated_at"
151
151
152 create_table "sites", :force => true do |t|
152 create_table "sites", :force => true do |t|
153 t.string "name"
153 t.string "name"
154 t.boolean "started"
154 t.boolean "started"
155 t.datetime "start_time"
155 t.datetime "start_time"
156 t.datetime "created_at", :null => false
156 t.datetime "created_at", :null => false
157 t.datetime "updated_at", :null => false
157 t.datetime "updated_at", :null => false
158 t.integer "country_id"
158 t.integer "country_id"
159 t.string "password"
159 t.string "password"
160 end
160 end
161
161
162 create_table "submissions", :force => true do |t|
162 create_table "submissions", :force => true do |t|
163 t.integer "user_id"
163 t.integer "user_id"
164 t.integer "problem_id"
164 t.integer "problem_id"
165 t.integer "language_id"
165 t.integer "language_id"
166 - t.text "source", :limit => 16777215
166 + t.text "source"
167 t.binary "binary"
167 t.binary "binary"
168 t.datetime "submitted_at"
168 t.datetime "submitted_at"
169 t.datetime "compiled_at"
169 t.datetime "compiled_at"
170 - t.text "compiler_message", :limit => 16777215
170 + t.text "compiler_message"
171 t.datetime "graded_at"
171 t.datetime "graded_at"
172 t.integer "points"
172 t.integer "points"
173 - t.text "grader_comment", :limit => 16777215
173 + t.text "grader_comment"
174 t.integer "number"
174 t.integer "number"
175 t.string "source_filename"
175 t.string "source_filename"
176 t.float "max_runtime"
176 t.float "max_runtime"
177 t.integer "peak_memory"
177 t.integer "peak_memory"
178 t.integer "effective_code_length"
178 t.integer "effective_code_length"
179 t.string "ip_address"
179 t.string "ip_address"
180 end
180 end
181
181
182 add_index "submissions", ["user_id", "problem_id", "number"], :name => "index_submissions_on_user_id_and_problem_id_and_number", :unique => true
182 add_index "submissions", ["user_id", "problem_id", "number"], :name => "index_submissions_on_user_id_and_problem_id_and_number", :unique => true
183 add_index "submissions", ["user_id", "problem_id"], :name => "index_submissions_on_user_id_and_problem_id"
183 add_index "submissions", ["user_id", "problem_id"], :name => "index_submissions_on_user_id_and_problem_id"
184
184
185 create_table "tasks", :force => true do |t|
185 create_table "tasks", :force => true do |t|
186 t.integer "submission_id"
186 t.integer "submission_id"
187 t.datetime "created_at"
187 t.datetime "created_at"
188 t.integer "status"
188 t.integer "status"
189 t.datetime "updated_at"
189 t.datetime "updated_at"
190 end
190 end
191
191
192 create_table "test_pairs", :force => true do |t|
192 create_table "test_pairs", :force => true do |t|
193 t.integer "problem_id"
193 t.integer "problem_id"
194 - t.text "input", :limit => 2147483647
194 + t.text "input", :limit => 16777215
195 - t.text "solution", :limit => 2147483647
195 + t.text "solution", :limit => 16777215
196 - t.datetime "created_at", :null => false
196 + t.datetime "created_at", :null => false
197 - t.datetime "updated_at", :null => false
197 + t.datetime "updated_at", :null => false
198 end
198 end
199
199
200 create_table "test_requests", :force => true do |t|
200 create_table "test_requests", :force => true do |t|
201 t.integer "user_id"
201 t.integer "user_id"
202 t.integer "problem_id"
202 t.integer "problem_id"
203 t.integer "submission_id"
203 t.integer "submission_id"
204 t.string "input_file_name"
204 t.string "input_file_name"
205 t.string "output_file_name"
205 t.string "output_file_name"
206 t.string "running_stat"
206 t.string "running_stat"
207 t.integer "status"
207 t.integer "status"
208 - t.datetime "updated_at", :null => false
208 + t.datetime "updated_at", :null => false
209 t.datetime "submitted_at"
209 t.datetime "submitted_at"
210 t.datetime "compiled_at"
210 t.datetime "compiled_at"
211 - t.text "compiler_message", :limit => 16777215
211 + t.text "compiler_message"
212 t.datetime "graded_at"
212 t.datetime "graded_at"
213 t.string "grader_comment"
213 t.string "grader_comment"
214 - t.datetime "created_at", :null => false
214 + t.datetime "created_at", :null => false
215 t.float "running_time"
215 t.float "running_time"
216 t.string "exit_status"
216 t.string "exit_status"
217 t.integer "memory_usage"
217 t.integer "memory_usage"
218 end
218 end
219
219
220 add_index "test_requests", ["user_id", "problem_id"], :name => "index_test_requests_on_user_id_and_problem_id"
220 add_index "test_requests", ["user_id", "problem_id"], :name => "index_test_requests_on_user_id_and_problem_id"
221
221
222 create_table "user_contest_stats", :force => true do |t|
222 create_table "user_contest_stats", :force => true do |t|
223 t.integer "user_id"
223 t.integer "user_id"
224 t.datetime "started_at"
224 t.datetime "started_at"
225 t.datetime "created_at", :null => false
225 t.datetime "created_at", :null => false
226 t.datetime "updated_at", :null => false
226 t.datetime "updated_at", :null => false
@@ -230,20 +230,20
230 create_table "users", :force => true do |t|
230 create_table "users", :force => true do |t|
231 t.string "login", :limit => 50
231 t.string "login", :limit => 50
232 t.string "full_name"
232 t.string "full_name"
233 t.string "hashed_password"
233 t.string "hashed_password"
234 t.string "salt", :limit => 5
234 t.string "salt", :limit => 5
235 t.string "alias"
235 t.string "alias"
236 t.string "email"
236 t.string "email"
237 t.integer "site_id"
237 t.integer "site_id"
238 t.integer "country_id"
238 t.integer "country_id"
239 t.boolean "activated", :default => false
239 t.boolean "activated", :default => false
240 t.datetime "created_at"
240 t.datetime "created_at"
241 t.datetime "updated_at"
241 t.datetime "updated_at"
242 - t.string "section"
243 t.boolean "enabled", :default => true
242 t.boolean "enabled", :default => true
244 t.string "remark"
243 t.string "remark"
244 + t.string "last_ip"
245 end
245 end
246
246
247 add_index "users", ["login"], :name => "index_users_on_login", :unique => true
247 add_index "users", ["login"], :name => "index_users_on_login", :unique => true
248
248
249 end
249 end
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -52,24 +52,31
52 :default_value => 'false',
52 :default_value => 'false',
53 :description => 'If the server is in contest mode and this option is true, on the log in of the admin a menu for site selections is shown.'
53 :description => 'If the server is in contest mode and this option is true, on the log in of the admin a menu for site selections is shown.'
54 },
54 },
55
55
56 {
56 {
57 :key => 'right.user_hall_of_fame',
57 :key => 'right.user_hall_of_fame',
58 :value_type => 'boolean',
58 :value_type => 'boolean',
59 :default_value => 'false',
59 :default_value => 'false',
60 :description => 'If true, any user can access hall of fame page.'
60 :description => 'If true, any user can access hall of fame page.'
61 },
61 },
62
62
63 {
63 {
64 + :key => 'right.multiple_ip_login',
65 + :value_type => 'boolean',
66 + :default_value => 'true',
67 + :description => 'When change from true to false, a user can login from the first IP they logged into afterward.'
68 + },
69 +
70 + {
64 :key => 'right.user_view_submission',
71 :key => 'right.user_view_submission',
65 :value_type => 'boolean',
72 :value_type => 'boolean',
66 :default_value => 'false',
73 :default_value => 'false',
67 :description => 'If true, any user can view submissions of every one.'
74 :description => 'If true, any user can view submissions of every one.'
68 },
75 },
69
76
70 # If Configuration['system.online_registration'] is true, the
77 # If Configuration['system.online_registration'] is true, the
71 # system allows online registration, and will use these
78 # system allows online registration, and will use these
72 # information for sending confirmation emails.
79 # information for sending confirmation emails.
73 {
80 {
74 :key => 'system.online_registration.smtp',
81 :key => 'system.online_registration.smtp',
75 :value_type => 'string',
82 :value_type => 'string',
You need to be logged in to leave comments. Login now