Description:
- fix authorization for viewing submission, only admin can view all problems all the time, normal user depends on right.view_submission and problem.available?
- add max score query
Commit status:
[Not Reviewed]
References:
Diff options:
Comments:
0 Commit comments
0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Author
-
r593:a1d7330b2f43 - - 6 files changed: 106 inserted, 7 deleted
| @@ -0,0 +1,43 | |||
|
|
1 | + %h1 Maximum score | |
|
|
2 | + | |
|
|
3 | + = form_tag report_max_score_path | |
|
|
4 | + .row | |
|
|
5 | + .col-md-4 | |
|
|
6 | + .panel.panel-primary | |
|
|
7 | + .panel-heading | |
|
|
8 | + Problems | |
|
|
9 | + .panel-body | |
|
|
10 | + = label_tag :problems, "Problems" | |
|
|
11 | + = select 'problems', 'problem_id', [[(t 'main.specified_in_header'),'-1']] + Problem.all.collect {|p| ["[#{p.name}] #{p.full_name}", p.id]}, {:selected => '-1'}, { class: 'select2 form-control' } | |
|
|
12 | + .col-md-4 | |
|
|
13 | + .panel.panel-primary | |
|
|
14 | + .panel-heading | |
|
|
15 | + Submission range | |
|
|
16 | + .panel-body | |
|
|
17 | + .form-group | |
|
|
18 | + = label_tag :from, "From" | |
|
|
19 | + = text_field_tag 'from_id', nil, class: "form-control" | |
|
|
20 | + .form-group | |
|
|
21 | + = label_tag :from, "To" | |
|
|
22 | + = text_field_tag 'to_id', nil, class: "form-control" | |
|
|
23 | + .col-md-4 | |
|
|
24 | + .panel.panel-primary | |
|
|
25 | + .panel-heading | |
|
|
26 | + Users | |
|
|
27 | + .panel-body | |
|
|
28 | + .radio | |
|
|
29 | + %label | |
|
|
30 | + = radio_button_tag 'users', 'all', true | |
|
|
31 | + All users | |
|
|
32 | + .radio | |
|
|
33 | + %label | |
|
|
34 | + = radio_button_tag 'users', 'enabled' | |
|
|
35 | + Only enabled users | |
|
|
36 | + .row | |
|
|
37 | + .col-md-12 | |
|
|
38 | + = button_tag 'Show', class: "btn btn-primary btn-large" | |
|
|
39 | + = button_tag 'Download CSV', class: "btn btn-primary btn-large" | |
|
|
40 | + /.col-md-4.col-md-offset-1 | |
|
|
41 | + / = button_tag 'Show', class: "btn btn-primary btn-block" | |
|
|
42 | + /.col-md-4.col-md-offset-2 | |
|
|
43 | + / = button_tag 'Download CSV', class: "btn btn-primary btn-block" | |
| @@ -27,3 +27,7 | |||
|
|
27 | 27 | #ignore .orig and .swp |
|
|
28 | 28 | *.orig |
|
|
29 | 29 | *.swp |
|
|
30 | + | |
|
|
31 | + #ignore rvm setting file | |
|
|
32 | + .ruby-gemset | |
|
|
33 | + .ruby-version | |
| @@ -6,6 +6,12 | |||
|
|
6 | 6 | SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode' |
|
|
7 | 7 | MULTIPLE_IP_LOGIN_CONF_KEY = 'right.multiple_ip_login' |
|
|
8 | 8 | |
|
|
9 | + #report and redirect for unauthorized activities | |
|
|
10 | + def unauthorized_redirect | |
|
|
11 | + flash[:notice] = 'You are not authorized to view the page you requested' | |
|
|
12 | + redirect_to :controller => 'main', :action => 'login' | |
|
|
13 | + end | |
|
|
14 | + | |
|
|
9 | 15 | # Returns the current logged-in user (if any). |
|
|
10 | 16 | def current_user |
|
|
11 | 17 | return nil unless session[:user_id] |
| @@ -16,8 +22,7 | |||
|
|
16 | 22 | return false unless authenticate |
|
|
17 | 23 | user = User.find(session[:user_id], :include => ['roles']) |
|
|
18 | 24 | unless user.admin? |
|
|
19 | - flash[:notice] = 'You are not authorized to view the page you requested' | |
|
|
20 | - redirect_to :controller => 'main', :action => 'login' unless user.admin? | |
|
|
25 | + unauthorized_redirect | |
|
|
21 | 26 | return false |
|
|
22 | 27 | end |
|
|
23 | 28 | return true |
| @@ -27,8 +32,7 | |||
|
|
27 | 32 | return false unless authenticate |
|
|
28 | 33 | user = User.find(session[:user_id]) |
|
|
29 | 34 | unless user.roles.detect { |role| allowed_roles.member?(role.name) } |
|
|
30 | - flash[:notice] = 'You are not authorized to view the page you requested' | |
|
|
31 | - redirect_to :controller => 'main', :action => 'login' | |
|
|
35 | + unauthorized_redirect | |
|
|
32 | 36 | return false |
|
|
33 | 37 | end |
|
|
34 | 38 | end |
| @@ -2,13 +2,20 | |||
|
|
2 | 2 | |
|
|
3 | 3 | before_filter :admin_authorization, except: [ :submission ] |
|
|
4 | 4 | before_filter(only: [:submission]) { |
|
|
5 | + #check if authenticated | |
|
|
5 | 6 | return false unless authenticate |
|
|
6 | 7 | |
|
|
7 | - if GraderConfiguration["right.user_view_submission"] | |
|
|
8 | - return true; | |
|
|
8 | + #admin always has privileged | |
|
|
9 | + if @current_user.admin? | |
|
|
10 | + return true | |
|
|
9 | 11 | end |
|
|
10 | 12 | |
|
|
11 | - admin_authorization | |
|
|
13 | + if GraderConfiguration["right.user_view_submission"] and Submission.find(params[:id]).problem.available? | |
|
|
14 | + return true | |
|
|
15 | + else | |
|
|
16 | + unauthorized_redirect | |
|
|
17 | + return false | |
|
|
18 | + end | |
|
|
12 | 19 | } |
|
|
13 | 20 | |
|
|
14 | 21 | verify :method => :post, :only => ['clear_all', |
| @@ -12,6 +12,45 | |||
|
|
12 | 12 | admin_authorization |
|
|
13 | 13 | } |
|
|
14 | 14 | |
|
|
15 | + def show_max_score | |
|
|
16 | + end | |
|
|
17 | + | |
|
|
18 | + def get_max_score | |
|
|
19 | + #process list of problems | |
|
|
20 | + | |
|
|
21 | + #process submission range | |
|
|
22 | + if params[:commit] == 'download csv' | |
|
|
23 | + @problems = Problem.all | |
|
|
24 | + else | |
|
|
25 | + @problems = Problem.find_available_problems | |
|
|
26 | + end | |
|
|
27 | + @users = User.find(:all, :include => [:contests, :contest_stat]) | |
|
|
28 | + @scorearray = Array.new | |
|
|
29 | + #set up range from param | |
|
|
30 | + since_id = params.fetch(:since_id, 0).to_i | |
|
|
31 | + until_id = params.fetch(:until_id, 0).to_i | |
|
|
32 | + @users.each do |u| | |
|
|
33 | + ustat = Array.new | |
|
|
34 | + ustat[0] = u | |
|
|
35 | + @problems.each do |p| | |
|
|
36 | + max_points = 0 | |
|
|
37 | + Submission.find_in_range_by_user_and_problem(u.id,p.id,since_id,until_id).each do |sub| | |
|
|
38 | + max_points = sub.points if sub and sub.points and (sub.points > max_points) | |
|
|
39 | + end | |
|
|
40 | + ustat << [(max_points.to_f*100/p.full_score).round, (max_points>=p.full_score)] | |
|
|
41 | + end | |
|
|
42 | + @scorearray << ustat | |
|
|
43 | + end | |
|
|
44 | + | |
|
|
45 | + if params[:commit] == 'download csv' then | |
|
|
46 | + csv = gen_csv_from_scorearray(@scorearray,@problems) | |
|
|
47 | + send_data csv, filename: 'max_score.csv' | |
|
|
48 | + else | |
|
|
49 | + render template: 'user_admin/user_stat' | |
|
|
50 | + end | |
|
|
51 | + | |
|
|
52 | + end | |
|
|
53 | + | |
|
|
15 | 54 | def score |
|
|
16 | 55 | if params[:commit] == 'download csv' |
|
|
17 | 56 | @problems = Problem.all |
| @@ -51,10 +51,12 | |||
|
|
51 | 51 | #report |
|
|
52 | 52 | get 'report/problem_hof(/:id)', to: 'report#problem_hof', as: 'report_problem_hof' |
|
|
53 | 53 | get "report/login" |
|
|
54 | + get 'report/max_score', to: 'report#max_score', as: 'report_max_score' | |
|
|
54 | 55 | |
|
|
55 | 56 | #grader |
|
|
56 | 57 | get 'graders/list', to: 'graders#list', as: 'grader_list' |
|
|
57 | 58 | |
|
|
59 | + | |
|
|
58 | 60 | match 'heartbeat/:id/edit' => 'heartbeat#edit' |
|
|
59 | 61 | |
|
|
60 | 62 | # See how all your routes lay out with "rake routes" |
You need to be logged in to leave comments.
Login now