cafe-grader-web

Commit r525:89e2deff986b public

parent | child
Description:
add option to disable login from multiple ip
Commit status:
[Not Reviewed]
References:
algo
Diff options:
Raw Diff | Patch Diff | Download Diff | Show whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r525:89e2deff986b - - 6 files changed: 45 inserted, 13 deleted

Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -1,10 +1,11
1 1 class ApplicationController < ActionController::Base
2 2 protect_from_forgery
3 3
4 4 SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode'
5 + MULTIPLE_IP_LOGIN_CONF_KEY = 'right.multiple_ip_login'
5 6
6 7 def admin_authorization
7 8 return false unless authenticate
8 9 user = User.find(session[:user_id], :include => ['roles'])
9 10 unless user.admin?
10 11 flash[:notice] = 'You are not authorized to view the page you requested'
@@ -58,12 +59,29
58 59 rescue
59 60 end
60 61 end
61 62 return true
62 63 end
63 64
65 + def authenticate_by_ip_address
66 + #this assume that we have already authenticate normally
67 + unless GraderConfiguration[MULTIPLE_IP_LOGIN_CONF_KEY]
68 + user = User.find(session[:user_id])
69 + if (not user.admin? and user.last_ip and user.last_ip != request.remote_ip)
70 + flash[:notice] = "You cannot use the system from #{request.remote_ip}. Your last ip is #{user.last_ip}"
71 + redirect_to :controller => 'main', :action => 'login'
72 + return false
73 + end
74 + unless user.last_ip
75 + user.last_ip = request.remote_ip
76 + user.save
77 + end
78 + end
79 + return true
80 + end
81 +
64 82 def authorization
65 83 return false unless authenticate
66 84 user = User.find(session[:user_id])
67 85 unless user.roles.detect { |role|
68 86 role.rights.detect{ |right|
69 87 right.controller == self.class.controller_name and
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -13,12 +13,13
13 13 GraderConfiguration.reload
14 14 redirect_to :action => 'index'
15 15 end
16 16
17 17 def update
18 18 @config = GraderConfiguration.find(params[:id])
19 + User.clear_last_login if @config.key = 'multiple_ip_login' and @config.value == 'true' and params[:grader_configuration][:value] == 'false'
19 20 respond_to do |format|
20 21 if @config.update_attributes(params[:grader_configuration])
21 22 format.json { head :ok }
22 23 else
23 24 format.json { respond_with_bip(@config) }
24 25 end
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -10,12 +10,14
10 10
11 11 # to prevent log in box to be shown when user logged out of the
12 12 # system only in some tab
13 13 prepend_before_filter :reject_announcement_refresh_when_logged_out,
14 14 :only => [:announcements]
15 15
16 + before_filter :authenticate_by_ip_address, :only => [:list]
17 +
16 18 # COMMENTED OUT: filter in each action instead
17 19 # before_filter :verify_time_limit, :only => [:submit]
18 20
19 21 verify :method => :post, :only => [:submit],
20 22 :redirect_to => { :action => :index }
21 23
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -304,12 +304,16
304 304 return problem.available
305 305 else
306 306 return problem_in_user_contests? problem
307 307 end
308 308 end
309 309
310 + def self.clear_last_login
311 + User.update_all(:last_ip => nil)
312 + end
313 +
310 314 protected
311 315 def encrypt_new_password
312 316 return if password.blank?
313 317 self.salt = (10+rand(90)).to_s
314 318 self.hashed_password = User.encrypt(self.password,self.salt)
315 319 end
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -8,17 +8,17
8 8 # system, you should be using db:schema:load, not running all the migrations
9 9 # from scratch. The latter is a flawed and unsustainable approach (the more migrations
10 10 # you'll amass, the slower it'll run and the greater likelihood for issues).
11 11 #
12 12 # It's strongly recommended to check this file into your version control system.
13 13
14 - ActiveRecord::Schema.define(:version => 20150503164846) do
14 + ActiveRecord::Schema.define(:version => 20150618085823) do
15 15
16 16 create_table "announcements", :force => true do |t|
17 17 t.string "author"
18 - t.text "body", :limit => 16777215
18 + t.text "body"
19 19 t.boolean "published"
20 20 t.datetime "created_at", :null => false
21 21 t.datetime "updated_at", :null => false
22 22 t.boolean "frontpage", :default => false
23 23 t.boolean "contest_only", :default => false
24 24 t.string "title"
@@ -47,25 +47,25
47 47 t.string "name"
48 48 t.datetime "created_at", :null => false
49 49 t.datetime "updated_at", :null => false
50 50 end
51 51
52 52 create_table "descriptions", :force => true do |t|
53 - t.text "body", :limit => 16777215
53 + t.text "body"
54 54 t.boolean "markdowned"
55 55 t.datetime "created_at", :null => false
56 56 t.datetime "updated_at", :null => false
57 57 end
58 58
59 59 create_table "grader_configurations", :force => true do |t|
60 60 t.string "key"
61 61 t.string "value_type"
62 62 t.string "value"
63 63 t.datetime "created_at", :null => false
64 64 t.datetime "updated_at", :null => false
65 - t.text "description", :limit => 16777215
65 + t.text "description"
66 66 end
67 67
68 68 create_table "grader_processes", :force => true do |t|
69 69 t.string "host", :limit => 20
70 70 t.integer "pid"
71 71 t.string "mode"
@@ -94,13 +94,13
94 94 end
95 95
96 96 create_table "messages", :force => true do |t|
97 97 t.integer "sender_id"
98 98 t.integer "receiver_id"
99 99 t.integer "replying_message_id"
100 - t.text "body", :limit => 16777215
100 + t.text "body"
101 101 t.boolean "replied"
102 102 t.datetime "created_at", :null => false
103 103 t.datetime "updated_at", :null => false
104 104 end
105 105
106 106 create_table "problems", :force => true do |t|
@@ -139,13 +139,13
139 139 end
140 140
141 141 add_index "roles_users", ["user_id"], :name => "index_roles_users_on_user_id"
142 142
143 143 create_table "sessions", :force => true do |t|
144 144 t.string "session_id"
145 - t.text "data", :limit => 16777215
145 + t.text "data"
146 146 t.datetime "updated_at"
147 147 end
148 148
149 149 add_index "sessions", ["session_id"], :name => "index_sessions_on_session_id"
150 150 add_index "sessions", ["updated_at"], :name => "index_sessions_on_updated_at"
151 151
@@ -160,20 +160,20
160 160 end
161 161
162 162 create_table "submissions", :force => true do |t|
163 163 t.integer "user_id"
164 164 t.integer "problem_id"
165 165 t.integer "language_id"
166 - t.text "source", :limit => 16777215
166 + t.text "source"
167 167 t.binary "binary"
168 168 t.datetime "submitted_at"
169 169 t.datetime "compiled_at"
170 - t.text "compiler_message", :limit => 16777215
170 + t.text "compiler_message"
171 171 t.datetime "graded_at"
172 172 t.integer "points"
173 - t.text "grader_comment", :limit => 16777215
173 + t.text "grader_comment"
174 174 t.integer "number"
175 175 t.string "source_filename"
176 176 t.float "max_runtime"
177 177 t.integer "peak_memory"
178 178 t.integer "effective_code_length"
179 179 t.string "ip_address"
@@ -188,14 +188,14
188 188 t.integer "status"
189 189 t.datetime "updated_at"
190 190 end
191 191
192 192 create_table "test_pairs", :force => true do |t|
193 193 t.integer "problem_id"
194 - t.text "input", :limit => 2147483647
195 - t.text "solution", :limit => 2147483647
194 + t.text "input", :limit => 16777215
195 + t.text "solution", :limit => 16777215
196 196 t.datetime "created_at", :null => false
197 197 t.datetime "updated_at", :null => false
198 198 end
199 199
200 200 create_table "test_requests", :force => true do |t|
201 201 t.integer "user_id"
@@ -205,13 +205,13
205 205 t.string "output_file_name"
206 206 t.string "running_stat"
207 207 t.integer "status"
208 208 t.datetime "updated_at", :null => false
209 209 t.datetime "submitted_at"
210 210 t.datetime "compiled_at"
211 - t.text "compiler_message", :limit => 16777215
211 + t.text "compiler_message"
212 212 t.datetime "graded_at"
213 213 t.string "grader_comment"
214 214 t.datetime "created_at", :null => false
215 215 t.float "running_time"
216 216 t.string "exit_status"
217 217 t.integer "memory_usage"
@@ -236,14 +236,14
236 236 t.string "email"
237 237 t.integer "site_id"
238 238 t.integer "country_id"
239 239 t.boolean "activated", :default => false
240 240 t.datetime "created_at"
241 241 t.datetime "updated_at"
242 - t.string "section"
243 242 t.boolean "enabled", :default => true
244 243 t.string "remark"
244 + t.string "last_ip"
245 245 end
246 246
247 247 add_index "users", ["login"], :name => "index_users_on_login", :unique => true
248 248
249 249 end
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -58,12 +58,19
58 58 :value_type => 'boolean',
59 59 :default_value => 'false',
60 60 :description => 'If true, any user can access hall of fame page.'
61 61 },
62 62
63 63 {
64 + :key => 'right.multiple_ip_login',
65 + :value_type => 'boolean',
66 + :default_value => 'true',
67 + :description => 'When change from true to false, a user can login from the first IP they logged into afterward.'
68 + },
69 +
70 + {
64 71 :key => 'right.user_view_submission',
65 72 :value_type => 'boolean',
66 73 :default_value => 'false',
67 74 :description => 'If true, any user can view submissions of every one.'
68 75 },
69 76
You need to be logged in to leave comments. Login now