cafe-grader-web

Commit r58:94b5b7562ca1 public

parent | child
Description:
[web] added graders_right_to_admin_role, added a few functional tests: main, user_admin, graders, login git-svn-id: http://theory.cpe.ku.ac.th/grader/web/trunk@131 6386c4cd-e34a-4fa8-8920-d93eb39b512e
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Ignore whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r58:94b5b7562ca1 - - 14 files changed: 182 inserted, 39 deleted

Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -0,0 +1,17
1 + class AddGradersRightToAdminRole < ActiveRecord::Migration
2 + def self.up
3 + admin_role = Role.find_by_name('admin')
4 +
5 + graders_right = Right.create(:name => 'graders_admin',
6 + :controller => 'graders',
7 + :action => 'all')
8 +
9 + admin_role.rights << graders_right;
10 + admin_role.save
11 + end
12 +
13 + def self.down
14 + graders_right = Right.find_by_name('graders_admin')
15 + graders_right.destroy
16 + end
17 + end
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,34 +1,34
1 1 # Filters added to this controller apply to all controllers in the application.
2 2 # Likewise, all the methods added will be available for all controllers.
3 3
4 4 class ApplicationController < ActionController::Base
5 5 # Pick a unique cookie name to distinguish our session data from others'
6 6 session :session_key => '_grader_session_id'
7 7
8 8 protected
9 9 def authenticate
10 10 unless session[:user_id]
11 11 redirect_to :controller => 'main', :action => 'login'
12 12 return false
13 13 end
14 14 return true
15 15 end
16 16
17 17 def authorization
18 18 return false unless authenticate
19 19 user = User.find(session[:user_id])
20 20 unless user.roles.detect { |role|
21 21 role.rights.detect{ |right|
22 22 right.controller == self.class.controller_name and
23 23 (right.action == 'all' or right.action == action_name)
24 24 }
25 25 }
26 26 flash[:notice] = 'You are not authorized to view the page you requested'
27 27 #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login')
28 - redirect_to :controller => 'login'
28 + redirect_to :controller => 'main', :action => 'login'
29 29 return false
30 30 end
31 31 end
32 32
33 33 end
34 34
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,18 +1,18
1 1 class GradersController < ApplicationController
2 2
3 3
4 - before_filter :authenticate
4 + before_filter :authorization
5 5
6 6 def list
7 7 @grader_processes = GraderProcess.find(:all,
8 8 :order => 'updated_at desc')
9 9 @stalled_processes = GraderProcess.find_stalled_process
10 10 end
11 11
12 12 def clear
13 13 grader_proc = GraderProcess.find(params[:id])
14 14 grader_proc.destroy if grader_proc!=nil
15 15 redirect_to :action => 'list'
16 16 end
17 17
18 18 end
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,76 +1,76
1 1 require 'digest/sha1'
2 2
3 3 class User < ActiveRecord::Base
4 4
5 5 has_and_belongs_to_many :roles
6 6
7 7 has_many :test_requests, :order => "problem_id"
8 8
9 9 validates_presence_of :login
10 10 validates_presence_of :full_name
11 11 validates_length_of :full_name, :minimum => 1
12 12
13 13 validates_presence_of :password, :if => :password_required?
14 14 validates_length_of :password, :within => 4..20, :if => :password_required?
15 15 validates_confirmation_of :password, :if => :password_required?
16 16
17 17 attr_accessor :password
18 18
19 19 before_save :encrypt_new_password
20 20
21 21 def self.authenticate(login, password)
22 22 user = find_by_login(login)
23 23 return user if user && user.authenticated?(password)
24 24 end
25 25
26 26 def authenticated?(password)
27 - hashed_password == encrypt(password,salt)
27 + hashed_password == User.encrypt(password,self.salt)
28 28 end
29 29
30 30 def admin?
31 31 self.roles.detect {|r| r.name == 'admin' }
32 32 end
33 33
34 34 def email_for_editing
35 35 if self.email==nil
36 36 "(unknown)"
37 37 elsif self.email==''
38 38 "(blank)"
39 39 else
40 40 self.email
41 41 end
42 42 end
43 43
44 44 def email_for_editing=(e)
45 45 self.email=e
46 46 end
47 47
48 48 def alias_for_editing
49 49 if self.alias==nil
50 50 "(unknown)"
51 51 elsif self.alias==''
52 52 "(blank)"
53 53 else
54 54 self.alias
55 55 end
56 56 end
57 57
58 58 def alias_for_editing=(e)
59 59 self.alias=e
60 60 end
61 61
62 62 protected
63 63 def encrypt_new_password
64 64 return if password.blank?
65 65 self.salt = (10+rand(90)).to_s
66 - self.hashed_password = encrypt(password,salt)
66 + self.hashed_password = User.encrypt(self.password,self.salt)
67 67 end
68 68
69 69 def password_required?
70 - hashed_password.blank? || !password.blank?
70 + self.hashed_password.blank? || !self.password.blank?
71 71 end
72 72
73 - def encrypt(string,salt)
73 + def self.encrypt(string,salt)
74 74 Digest::SHA1.hexdigest(salt + string)
75 75 end
76 76 end
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,9 +1,9
1 1 class AddTaskToGraderProcess < ActiveRecord::Migration
2 2 def self.up
3 3 add_column :grader_processes, :task_id, :integer
4 4 end
5 5
6 6 def self.down
7 - remove_column :grader_processes, :task_id, :integer
7 + remove_column :grader_processes, :task_id
8 8 end
9 9 end
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,108 +1,108
1 1 # This file is auto-generated from the current state of the database. Instead of editing this file,
2 2 # please use the migrations feature of ActiveRecord to incrementally modify your database, and
3 3 # then regenerate this schema definition.
4 4 #
5 5 # Note that this schema.rb definition is the authoritative source for your database schema. If you need
6 6 # to create the application database on another system, you should be using db:schema:load, not running
7 7 # all the migrations from scratch. The latter is a flawed and unsustainable approach (the more migrations
8 8 # you'll amass, the slower it'll run and the greater likelihood for issues).
9 9 #
10 10 # It's strongly recommended to check this file into your version control system.
11 11
12 - ActiveRecord::Schema.define(:version => 19) do
12 + ActiveRecord::Schema.define(:version => 20) do
13 13
14 14 create_table "grader_processes", :force => true do |t|
15 15 t.string "host", :limit => 20
16 16 t.integer "pid"
17 17 t.string "mode"
18 18 t.boolean "active"
19 19 t.datetime "created_at"
20 20 t.datetime "updated_at"
21 21 t.integer "task_id"
22 22 end
23 23
24 24 add_index "grader_processes", ["host", "pid"], :name => "index_grader_processes_on_ip_and_pid"
25 25
26 26 create_table "languages", :force => true do |t|
27 27 t.string "name", :limit => 10
28 28 t.string "pretty_name"
29 29 t.string "ext", :limit => 10
30 30 end
31 31
32 32 create_table "problems", :force => true do |t|
33 33 t.string "name", :limit => 30
34 34 t.string "full_name"
35 35 t.integer "full_score"
36 36 t.date "date_added"
37 37 t.boolean "available"
38 38 t.string "url"
39 39 end
40 40
41 41 create_table "rights", :force => true do |t|
42 42 t.string "name"
43 43 t.string "controller"
44 44 t.string "action"
45 45 end
46 46
47 47 create_table "rights_roles", :id => false, :force => true do |t|
48 48 t.integer "right_id"
49 49 t.integer "role_id"
50 50 end
51 51
52 52 add_index "rights_roles", ["role_id"], :name => "index_rights_roles_on_role_id"
53 53
54 54 create_table "roles", :force => true do |t|
55 55 t.string "name"
56 56 end
57 57
58 58 create_table "roles_users", :id => false, :force => true do |t|
59 59 t.integer "role_id"
60 60 t.integer "user_id"
61 61 end
62 62
63 63 add_index "roles_users", ["user_id"], :name => "index_roles_users_on_user_id"
64 64
65 65 create_table "sessions", :force => true do |t|
66 66 t.string "session_id"
67 67 t.text "data"
68 68 t.datetime "updated_at"
69 69 end
70 70
71 71 add_index "sessions", ["session_id"], :name => "index_sessions_on_session_id"
72 72 add_index "sessions", ["updated_at"], :name => "index_sessions_on_updated_at"
73 73
74 74 create_table "submissions", :force => true do |t|
75 75 t.integer "user_id"
76 76 t.integer "problem_id"
77 77 t.integer "language_id"
78 78 t.text "source"
79 79 t.binary "binary"
80 80 t.datetime "submitted_at"
81 81 t.datetime "compiled_at"
82 82 t.text "compiler_message"
83 83 t.datetime "graded_at"
84 84 t.integer "points"
85 85 t.text "grader_comment"
86 86 t.integer "number"
87 87 end
88 88
89 89 add_index "submissions", ["user_id", "problem_id", "number"], :name => "index_submissions_on_user_id_and_problem_id_and_number", :unique => true
90 90 add_index "submissions", ["user_id", "problem_id"], :name => "index_submissions_on_user_id_and_problem_id"
91 91
92 92 create_table "tasks", :force => true do |t|
93 93 t.integer "submission_id"
94 94 t.datetime "created_at"
95 95 t.integer "status"
96 96 t.datetime "updated_at"
97 97 end
98 98
99 99 create_table "test_requests", :force => true do |t|
100 100 t.integer "user_id"
101 101 t.integer "problem_id"
102 102 t.integer "submission_id"
103 103 t.string "input_file_name"
104 104 t.string "output_file_name"
105 105 t.string "running_stat"
106 106 t.integer "status"
107 107 t.datetime "updated_at"
108 108 t.datetime "submitted_at"
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,5 +1,11
1 1 # Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
2 2 one:
3 3 id: 1
4 + name: add
5 + full_name: add_full_name
6 + available: true
4 7 two:
5 8 id: 2
9 + name: subtract
10 + full_name: subtract_full_name
11 + available: false
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,5 +1,13
1 1 # Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
2 - one:
3 - id: 1
4 - two:
5 - id: 2
2 +
3 + graders_right:
4 + controller: graders
5 + action: all
6 +
7 + user_admin_right:
8 + controller: user_admin
9 + action: all
10 +
11 + problems_right:
12 + controller: problems
13 + action: all
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,5 +1,3
1 1 # Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
2 - one:
3 - id: 1
4 - two:
5 - id: 2
2 + admin:
3 + rights: graders_right, user_admin_right, problems_right No newline at end of file
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,5 +1,18
1 1 # Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
2 - one:
3 - id: 1
4 - two:
5 - id: 2
2 +
3 + <%
4 + User.public_class_method :encrypt
5 +
6 + SALT = "abc"
7 + %>
8 +
9 + john:
10 + login: john
11 + hashed_password: <%= User.encrypt("hello",SALT) %>
12 + salt: <%= SALT %>
13 + mary:
14 + login: mary
15 + hashed_password: <%= User.encrypt("goodbye",SALT) %>
16 + salt: <%= SALT %>
17 + roles: admin
18 +
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,8 +1,26
1 1 require File.dirname(__FILE__) + '/../test_helper'
2 2
3 3 class GradersControllerTest < ActionController::TestCase
4 - # Replace this with your real tests.
5 - def test_truth
6 - assert true
4 +
5 + fixtures :users, :roles, :rights
6 +
7 + def test_should_not_allow_new_user_to_see
8 + get :list
9 + assert_redirected_to :controller => 'main', :action => 'login'
7 10 end
11 +
12 + def test_should_not_allow_normal_user_to_see
13 + john = users(:john)
14 +
15 + get :list, {}, {:user_id => john.id}
16 + assert_redirected_to :controller => 'main', :action => 'login'
17 + end
18 +
19 + def test_should_allow_admin_to_see
20 + mary = users(:mary)
21 +
22 + get :list, {}, {:user_id => mary.id}
23 + assert_template 'graders/list'
24 + end
25 +
8 26 end
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,18 +1,37
1 1 require File.dirname(__FILE__) + '/../test_helper'
2 2 require 'login_controller'
3 3
4 4 # Re-raise errors caught by the controller.
5 5 class LoginController; def rescue_action(e) raise e end; end
6 6
7 7 class LoginControllerTest < Test::Unit::TestCase
8 +
9 + fixtures :users
10 +
8 11 def setup
9 12 @controller = LoginController.new
10 13 @request = ActionController::TestRequest.new
11 14 @response = ActionController::TestResponse.new
12 15 end
13 16
14 17 # Replace this with your real tests.
15 - def test_truth
16 - assert true
18 + def test_should_hide_index
19 + get :index
20 + assert_redirected_to :controller => 'main', :action => 'login'
21 + end
22 +
23 + def test_should_login_user_and_set_session
24 + john = users(:john)
25 +
26 + post :login, :login => 'john', :password => "hello"
27 + assert_redirected_to :controller => 'main', :action => 'list'
28 + assert_equal john.id, session[:user_id]
29 + end
30 +
31 + def test_should_reject_user_with_wrong_password
32 + john = users(:john)
33 +
34 + post :login, :login => 'john', :password => "wrong"
35 + assert_redirected_to :controller => 'main', :action => 'login'
17 36 end
18 37 end
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,18 +1,32
1 1 require File.dirname(__FILE__) + '/../test_helper'
2 2 require 'main_controller'
3 3
4 4 # Re-raise errors caught by the controller.
5 5 class MainController; def rescue_action(e) raise e end; end
6 6
7 7 class MainControllerTest < Test::Unit::TestCase
8 +
9 + fixtures :problems
10 + fixtures :users
11 +
8 12 def setup
9 13 @controller = MainController.new
10 14 @request = ActionController::TestRequest.new
11 15 @response = ActionController::TestResponse.new
12 16 end
13 17
14 18 # Replace this with your real tests.
15 - def test_truth
16 - assert true
19 + def test_should_redirect_new_user_to_login
20 + get :list
21 + assert_redirected_to :action => 'login'
17 22 end
23 +
24 + def test_should_list_available_problems_if_logged_in
25 + john = users(:john)
26 + get :list, {}, {:user_id => john.id}
27 +
28 + assert_template 'main/list'
29 + assert_select "table tr:nth-child(2)", :text => /\(add\)/
30 + end
31 +
18 32 end
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,92 +1,142
1 1 require File.dirname(__FILE__) + '/../test_helper'
2 2 require 'user_admin_controller'
3 3
4 4 # Re-raise errors caught by the controller.
5 5 class UserAdminController; def rescue_action(e) raise e end; end
6 6
7 7 class UserAdminControllerTest < Test::Unit::TestCase
8 8 fixtures :users
9 + fixtures :roles
10 + fixtures :rights
9 11
10 12 def setup
11 13 @controller = UserAdminController.new
12 14 @request = ActionController::TestRequest.new
13 15 @response = ActionController::TestResponse.new
14 16
15 - @first_id = users(:first).id
17 + @first_id = users(:john).id
18 + @admin_id = users(:mary).id
19 + end
20 +
21 + def test_should_not_allow_new_user_to_see
22 + get :list
23 + assert_redirected_to :controller => 'main', :action => 'login'
16 24 end
17 25
26 + def test_should_not_allow_normal_user_to_see
27 + john = users(:john)
28 +
29 + get :list, {}, {:user_id => john.id}
30 + assert_redirected_to :controller => 'main', :action => 'login'
31 + end
32 +
33 + def test_should_allow_admin_to_see
34 + mary = users(:mary)
35 +
36 + get :list, {}, {:user_id => mary.id}
37 + assert_template 'user_admin/list'
38 + end
39 +
40 +
18 41 def test_index
19 - get :index
42 + get :index, {}, {:user_id => @admin_id}
20 43 assert_response :success
21 44 assert_template 'list'
22 45 end
23 46
24 47 def test_list
25 - get :list
48 + get :list, {}, {:user_id => @admin_id}
26 49
27 50 assert_response :success
28 51 assert_template 'list'
29 52
30 53 assert_not_nil assigns(:users)
31 54 end
32 55
33 56 def test_show
34 - get :show, :id => @first_id
57 + get :show, {:id => @first_id}, {:user_id => @admin_id}
35 58
36 59 assert_response :success
37 60 assert_template 'show'
38 61
39 62 assert_not_nil assigns(:user)
40 - assert assigns(:user).valid?
41 63 end
42 64
43 65 def test_new
44 - get :new
66 + get :new, {}, {:user_id => @admin_id}
45 67
46 68 assert_response :success
47 69 assert_template 'new'
48 70
49 71 assert_not_nil assigns(:user)
50 72 end
51 73
52 - def test_create
74 + def test_create_with_correct_confirmation_password
53 75 num_users = User.count
54 76
55 - post :create, :user => {}
77 + post :create, {:user => {
78 + :login => 'test',
79 + :full_name => 'hello',
80 + :password => 'abcde',
81 + :password_confirmation => 'abcde'
82 + }}, {:user_id => @admin_id}
56 83
57 84 assert_response :redirect
58 85 assert_redirected_to :action => 'list'
59 86
60 87 assert_equal num_users + 1, User.count
61 88 end
62 89
90 + def test_create_with_wrong_confirmation_password
91 + num_users = User.count
92 +
93 + post :create, {:user => {
94 + :login => 'test',
95 + :full_name => 'hello',
96 + :password => 'abcde',
97 + :password_confirmation => 'abcdef'
98 + }}, {:user_id => @admin_id}
99 +
100 + assert_response :success
101 + assert_template 'new'
102 +
103 + assert_equal num_users, User.count
104 + end
105 +
63 106 def test_edit
64 - get :edit, :id => @first_id
107 + get :edit, {:id => @first_id}, {:user_id => @admin_id}
65 108
66 109 assert_response :success
67 110 assert_template 'edit'
68 111
69 112 assert_not_nil assigns(:user)
70 - assert assigns(:user).valid?
71 113 end
72 114
73 115 def test_update
74 - post :update, :id => @first_id
116 + post :update, {
117 + :id => @first_id,
118 + :user => {
119 + :login => 'test',
120 + :full_name => 'hello',
121 + :password => 'abcde',
122 + :password_confirmation => 'abcde'
123 + }
124 + }, {:user_id => @admin_id}
75 125 assert_response :redirect
76 126 assert_redirected_to :action => 'show', :id => @first_id
77 127 end
78 128
79 129 def test_destroy
80 130 assert_nothing_raised {
81 131 User.find(@first_id)
82 132 }
83 133
84 - post :destroy, :id => @first_id
134 + post :destroy, {:id => @first_id}, {:user_id => @admin_id}
85 135 assert_response :redirect
86 136 assert_redirected_to :action => 'list'
87 137
88 138 assert_raise(ActiveRecord::RecordNotFound) {
89 139 User.find(@first_id)
90 140 }
91 141 end
92 142 end
You need to be logged in to leave comments. Login now