cafe-grader-web

Commit r407:b11b67ad58fb public

parent | child
Description:
fix cucas authen, the old code work on 2.1.2 but not 1.9.2
Commit status:
[Not Reviewed]
References:
java
Diff options:
Raw Diff | Patch Diff | Download Diff | Ignore whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r407:b11b67ad58fb - - 1 file changed: 9 inserted, 2 deleted

Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -16,194 +16,201
16 :order => 'created_at DESC'
16 :order => 'created_at DESC'
17
17
18 has_many :replied_messages,
18 has_many :replied_messages,
19 :class_name => "Message",
19 :class_name => "Message",
20 :foreign_key => "receiver_id",
20 :foreign_key => "receiver_id",
21 :order => 'created_at DESC'
21 :order => 'created_at DESC'
22
22
23 has_one :contest_stat, :class_name => "UserContestStat", :dependent => :destroy
23 has_one :contest_stat, :class_name => "UserContestStat", :dependent => :destroy
24
24
25 belongs_to :site
25 belongs_to :site
26 belongs_to :country
26 belongs_to :country
27
27
28 has_and_belongs_to_many :contests, :uniq => true, :order => 'name'
28 has_and_belongs_to_many :contests, :uniq => true, :order => 'name'
29
29
30 scope :activated_users, :conditions => {:activated => true}
30 scope :activated_users, :conditions => {:activated => true}
31
31
32 validates_presence_of :login
32 validates_presence_of :login
33 validates_uniqueness_of :login
33 validates_uniqueness_of :login
34 validates_format_of :login, :with => /^[\_A-Za-z0-9]+$/
34 validates_format_of :login, :with => /^[\_A-Za-z0-9]+$/
35 validates_length_of :login, :within => 3..30
35 validates_length_of :login, :within => 3..30
36
36
37 validates_presence_of :full_name
37 validates_presence_of :full_name
38 validates_length_of :full_name, :minimum => 1
38 validates_length_of :full_name, :minimum => 1
39
39
40 validates_presence_of :password, :if => :password_required?
40 validates_presence_of :password, :if => :password_required?
41 validates_length_of :password, :within => 4..20, :if => :password_required?
41 validates_length_of :password, :within => 4..20, :if => :password_required?
42 validates_confirmation_of :password, :if => :password_required?
42 validates_confirmation_of :password, :if => :password_required?
43
43
44 validates_format_of :email,
44 validates_format_of :email,
45 :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i,
45 :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i,
46 :if => :email_validation?
46 :if => :email_validation?
47 validate :uniqueness_of_email_from_activated_users,
47 validate :uniqueness_of_email_from_activated_users,
48 :if => :email_validation?
48 :if => :email_validation?
49 validate :enough_time_interval_between_same_email_registrations,
49 validate :enough_time_interval_between_same_email_registrations,
50 :if => :email_validation?
50 :if => :email_validation?
51
51
52 # these are for ytopc
52 # these are for ytopc
53 # disable for now
53 # disable for now
54 #validates_presence_of :province
54 #validates_presence_of :province
55
55
56 attr_accessor :password
56 attr_accessor :password
57
57
58 before_save :encrypt_new_password
58 before_save :encrypt_new_password
59 before_save :assign_default_site
59 before_save :assign_default_site
60 before_save :assign_default_contest
60 before_save :assign_default_contest
61
61
62 # this is for will_paginate
62 # this is for will_paginate
63 cattr_reader :per_page
63 cattr_reader :per_page
64 @@per_page = 50
64 @@per_page = 50
65
65
66 def self.authenticate(login, password)
66 def self.authenticate(login, password)
67 user = find_by_login(login)
67 user = find_by_login(login)
68 if user
68 if user
69 return user if user.authenticated?(password)
69 return user if user.authenticated?(password)
70 if user.authenticated_by_cucas?(password) or user.authenticated_by_pop3?(password)
70 if user.authenticated_by_cucas?(password) or user.authenticated_by_pop3?(password)
71 user.password = password
71 user.password = password
72 user.save
72 user.save
73 return user
73 return user
74 end
74 end
75 end
75 end
76 end
76 end
77
77
78 def authenticated?(password)
78 def authenticated?(password)
79 if self.activated
79 if self.activated
80 hashed_password == User.encrypt(password,self.salt)
80 hashed_password == User.encrypt(password,self.salt)
81 else
81 else
82 false
82 false
83 end
83 end
84 end
84 end
85
85
86 def authenticated_by_pop3?(password)
86 def authenticated_by_pop3?(password)
87 Net::POP3.enable_ssl
87 Net::POP3.enable_ssl
88 pop = Net::POP3.new('pops.it.chula.ac.th')
88 pop = Net::POP3.new('pops.it.chula.ac.th')
89 authen = true
89 authen = true
90 begin
90 begin
91 pop.start(login, password)
91 pop.start(login, password)
92 pop.finish
92 pop.finish
93 return true
93 return true
94 rescue
94 rescue
95 return false
95 return false
96 end
96 end
97 end
97 end
98
98
99 def authenticated_by_cucas?(password)
99 def authenticated_by_cucas?(password)
100 url = URI.parse('https://www.cas.chula.ac.th/cas/api/?q=studentAuthenticate')
100 url = URI.parse('https://www.cas.chula.ac.th/cas/api/?q=studentAuthenticate')
101 appid = '41508763e340d5858c00f8c1a0f5a2bb'
101 appid = '41508763e340d5858c00f8c1a0f5a2bb'
102 appsecret ='d9cbb5863091dbe186fded85722a1e31'
102 appsecret ='d9cbb5863091dbe186fded85722a1e31'
103 post_args = {
103 post_args = {
104 'appid' => appid,
104 'appid' => appid,
105 'appsecret' => appsecret,
105 'appsecret' => appsecret,
106 'username' => login,
106 'username' => login,
107 'password' => password
107 'password' => password
108 }
108 }
109
109
110 #simple call
110 #simple call
111 begin
111 begin
112 - resp = Net::HTTP.post_form(url, post_args)
112 + http = Net::HTTP.new('www.cas.chula.ac.th', 443)
113 - result = JSON.parse resp.body
113 + http.use_ssl = true
114 + result = [ ]
115 + http.start do |http|
116 + req = Net::HTTP::Post.new('/cas/api/?q=studentAuthenticate')
117 + param = "appid=#{appid}&appsecret=#{appsecret}&username=#{login}&password=#{password}"
118 + resp = http.request(req,param)
119 + result = JSON.parse resp.body
120 + end
114 return true if result["type"] == "beanStudent"
121 return true if result["type"] == "beanStudent"
115 rescue
122 rescue
116 return false
123 return false
117 end
124 end
118 return false
125 return false
119 end
126 end
120
127
121 def admin?
128 def admin?
122 self.roles.detect {|r| r.name == 'admin' }
129 self.roles.detect {|r| r.name == 'admin' }
123 end
130 end
124
131
125 def email_for_editing
132 def email_for_editing
126 if self.email==nil
133 if self.email==nil
127 "(unknown)"
134 "(unknown)"
128 elsif self.email==''
135 elsif self.email==''
129 "(blank)"
136 "(blank)"
130 else
137 else
131 self.email
138 self.email
132 end
139 end
133 end
140 end
134
141
135 def email_for_editing=(e)
142 def email_for_editing=(e)
136 self.email=e
143 self.email=e
137 end
144 end
138
145
139 def alias_for_editing
146 def alias_for_editing
140 if self.alias==nil
147 if self.alias==nil
141 "(unknown)"
148 "(unknown)"
142 elsif self.alias==''
149 elsif self.alias==''
143 "(blank)"
150 "(blank)"
144 else
151 else
145 self.alias
152 self.alias
146 end
153 end
147 end
154 end
148
155
149 def alias_for_editing=(e)
156 def alias_for_editing=(e)
150 self.alias=e
157 self.alias=e
151 end
158 end
152
159
153 def activation_key
160 def activation_key
154 if self.hashed_password==nil
161 if self.hashed_password==nil
155 encrypt_new_password
162 encrypt_new_password
156 end
163 end
157 Digest::SHA1.hexdigest(self.hashed_password)[0..7]
164 Digest::SHA1.hexdigest(self.hashed_password)[0..7]
158 end
165 end
159
166
160 def verify_activation_key(key)
167 def verify_activation_key(key)
161 key == activation_key
168 key == activation_key
162 end
169 end
163
170
164 def self.random_password(length=5)
171 def self.random_password(length=5)
165 chars = 'abcdefghjkmnopqrstuvwxyz'
172 chars = 'abcdefghjkmnopqrstuvwxyz'
166 password = ''
173 password = ''
167 length.times { password << chars[rand(chars.length - 1)] }
174 length.times { password << chars[rand(chars.length - 1)] }
168 password
175 password
169 end
176 end
170
177
171 def self.find_non_admin_with_prefix(prefix='')
178 def self.find_non_admin_with_prefix(prefix='')
172 users = User.find(:all)
179 users = User.find(:all)
173 return users.find_all { |u| !(u.admin?) and u.login.index(prefix)==0 }
180 return users.find_all { |u| !(u.admin?) and u.login.index(prefix)==0 }
174 end
181 end
175
182
176 # Contest information
183 # Contest information
177
184
178 def self.find_users_with_no_contest()
185 def self.find_users_with_no_contest()
179 users = User.find(:all)
186 users = User.find(:all)
180 return users.find_all { |u| u.contests.length == 0 }
187 return users.find_all { |u| u.contests.length == 0 }
181 end
188 end
182
189
183
190
184 def contest_time_left
191 def contest_time_left
185 if GraderConfiguration.contest_mode?
192 if GraderConfiguration.contest_mode?
186 return nil if site==nil
193 return nil if site==nil
187 return site.time_left
194 return site.time_left
188 elsif GraderConfiguration.indv_contest_mode?
195 elsif GraderConfiguration.indv_contest_mode?
189 time_limit = GraderConfiguration.contest_time_limit
196 time_limit = GraderConfiguration.contest_time_limit
190 if time_limit == nil
197 if time_limit == nil
191 return nil
198 return nil
192 end
199 end
193 if contest_stat==nil or contest_stat.started_at==nil
200 if contest_stat==nil or contest_stat.started_at==nil
194 return (Time.now.gmtime + time_limit) - Time.now.gmtime
201 return (Time.now.gmtime + time_limit) - Time.now.gmtime
195 else
202 else
196 finish_time = contest_stat.started_at + time_limit
203 finish_time = contest_stat.started_at + time_limit
197 current_time = Time.now.gmtime
204 current_time = Time.now.gmtime
198 if current_time > finish_time
205 if current_time > finish_time
199 return 0
206 return 0
200 else
207 else
201 return finish_time - current_time
208 return finish_time - current_time
202 end
209 end
203 end
210 end
204 else
211 else
205 return nil
212 return nil
206 end
213 end
207 end
214 end
208
215
209 def contest_finished?
216 def contest_finished?
You need to be logged in to leave comments. Login now