cafe-grader-web

Commit r406:b2fd7182e3dc public

parent | child
Description:
fix authen pop3 bugs and redundant code
Commit status:
[Not Reviewed]
References:
java
Diff options:
Raw Diff | Patch Diff | Download Diff | Show whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r406:b2fd7182e3dc - - 1 file changed: 2 inserted, 13 deleted

Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -1,197 +1,186
1 require 'digest/sha1'
1 require 'digest/sha1'
2 require 'net/pop'
2 require 'net/pop'
3 + require 'net/https'
4 + require 'net/http'
3 require 'json'
5 require 'json'
4
6
5 class User < ActiveRecord::Base
7 class User < ActiveRecord::Base
6
8
7 has_and_belongs_to_many :roles
9 has_and_belongs_to_many :roles
8
10
9 has_many :test_requests, :order => "submitted_at DESC"
11 has_many :test_requests, :order => "submitted_at DESC"
10
12
11 has_many :messages,
13 has_many :messages,
12 :class_name => "Message",
14 :class_name => "Message",
13 :foreign_key => "sender_id",
15 :foreign_key => "sender_id",
14 :order => 'created_at DESC'
16 :order => 'created_at DESC'
15
17
16 has_many :replied_messages,
18 has_many :replied_messages,
17 :class_name => "Message",
19 :class_name => "Message",
18 :foreign_key => "receiver_id",
20 :foreign_key => "receiver_id",
19 :order => 'created_at DESC'
21 :order => 'created_at DESC'
20
22
21 has_one :contest_stat, :class_name => "UserContestStat", :dependent => :destroy
23 has_one :contest_stat, :class_name => "UserContestStat", :dependent => :destroy
22
24
23 belongs_to :site
25 belongs_to :site
24 belongs_to :country
26 belongs_to :country
25
27
26 has_and_belongs_to_many :contests, :uniq => true, :order => 'name'
28 has_and_belongs_to_many :contests, :uniq => true, :order => 'name'
27
29
28 scope :activated_users, :conditions => {:activated => true}
30 scope :activated_users, :conditions => {:activated => true}
29
31
30 validates_presence_of :login
32 validates_presence_of :login
31 validates_uniqueness_of :login
33 validates_uniqueness_of :login
32 validates_format_of :login, :with => /^[\_A-Za-z0-9]+$/
34 validates_format_of :login, :with => /^[\_A-Za-z0-9]+$/
33 validates_length_of :login, :within => 3..30
35 validates_length_of :login, :within => 3..30
34
36
35 validates_presence_of :full_name
37 validates_presence_of :full_name
36 validates_length_of :full_name, :minimum => 1
38 validates_length_of :full_name, :minimum => 1
37
39
38 validates_presence_of :password, :if => :password_required?
40 validates_presence_of :password, :if => :password_required?
39 validates_length_of :password, :within => 4..20, :if => :password_required?
41 validates_length_of :password, :within => 4..20, :if => :password_required?
40 validates_confirmation_of :password, :if => :password_required?
42 validates_confirmation_of :password, :if => :password_required?
41
43
42 validates_format_of :email,
44 validates_format_of :email,
43 :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i,
45 :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i,
44 :if => :email_validation?
46 :if => :email_validation?
45 validate :uniqueness_of_email_from_activated_users,
47 validate :uniqueness_of_email_from_activated_users,
46 :if => :email_validation?
48 :if => :email_validation?
47 validate :enough_time_interval_between_same_email_registrations,
49 validate :enough_time_interval_between_same_email_registrations,
48 :if => :email_validation?
50 :if => :email_validation?
49
51
50 # these are for ytopc
52 # these are for ytopc
51 # disable for now
53 # disable for now
52 #validates_presence_of :province
54 #validates_presence_of :province
53
55
54 attr_accessor :password
56 attr_accessor :password
55
57
56 before_save :encrypt_new_password
58 before_save :encrypt_new_password
57 before_save :assign_default_site
59 before_save :assign_default_site
58 before_save :assign_default_contest
60 before_save :assign_default_contest
59
61
60 # this is for will_paginate
62 # this is for will_paginate
61 cattr_reader :per_page
63 cattr_reader :per_page
62 @@per_page = 50
64 @@per_page = 50
63
65
64 def self.authenticate(login, password)
66 def self.authenticate(login, password)
65 user = find_by_login(login)
67 user = find_by_login(login)
66 if user
68 if user
67 return user if user.authenticated?(password)
69 return user if user.authenticated?(password)
68 if user.authenticated_by_cucas?(password) or user.authenticated_by_pop3?(password)
70 if user.authenticated_by_cucas?(password) or user.authenticated_by_pop3?(password)
69 user.password = password
71 user.password = password
70 user.save
72 user.save
71 return user
73 return user
72 end
74 end
73 end
75 end
74 end
76 end
75
77
76 def authenticated?(password)
78 def authenticated?(password)
77 if self.activated
79 if self.activated
78 hashed_password == User.encrypt(password,self.salt)
80 hashed_password == User.encrypt(password,self.salt)
79 else
81 else
80 false
82 false
81 end
83 end
82 end
84 end
83
85
84 def authenticated_by_pop3?(password)
86 def authenticated_by_pop3?(password)
85 Net::POP3.enable_ssl
87 Net::POP3.enable_ssl
86 pop = Net::POP3.new('pops.it.chula.ac.th')
88 pop = Net::POP3.new('pops.it.chula.ac.th')
87 authen = true
89 authen = true
88 begin
90 begin
89 - pop.start(login, password) # (1)
90 - pop.finish
91 - return true
92 - rescue
93 - return false
94 - end
95 - end
96 -
97 - def authenticated_by_pop3?(password)
98 - Net::POP3.enable_ssl
99 - pop = Net::POP3.new('pops.it.chula.ac.th')
100 - authen = true
101 - begin
102 pop.start(login, password)
91 pop.start(login, password)
103 pop.finish
92 pop.finish
104 return true
93 return true
105 rescue
94 rescue
106 return false
95 return false
107 end
96 end
108 end
97 end
109
98
110 def authenticated_by_cucas?(password)
99 def authenticated_by_cucas?(password)
111 url = URI.parse('https://www.cas.chula.ac.th/cas/api/?q=studentAuthenticate')
100 url = URI.parse('https://www.cas.chula.ac.th/cas/api/?q=studentAuthenticate')
112 appid = '41508763e340d5858c00f8c1a0f5a2bb'
101 appid = '41508763e340d5858c00f8c1a0f5a2bb'
113 appsecret ='d9cbb5863091dbe186fded85722a1e31'
102 appsecret ='d9cbb5863091dbe186fded85722a1e31'
114 post_args = {
103 post_args = {
115 'appid' => appid,
104 'appid' => appid,
116 'appsecret' => appsecret,
105 'appsecret' => appsecret,
117 'username' => login,
106 'username' => login,
118 'password' => password
107 'password' => password
119 }
108 }
120
109
121 #simple call
110 #simple call
122 begin
111 begin
123 resp = Net::HTTP.post_form(url, post_args)
112 resp = Net::HTTP.post_form(url, post_args)
124 result = JSON.parse resp.body
113 result = JSON.parse resp.body
125 return true if result["type"] == "beanStudent"
114 return true if result["type"] == "beanStudent"
126 rescue
115 rescue
127 return false
116 return false
128 end
117 end
129 return false
118 return false
130 end
119 end
131
120
132 def admin?
121 def admin?
133 self.roles.detect {|r| r.name == 'admin' }
122 self.roles.detect {|r| r.name == 'admin' }
134 end
123 end
135
124
136 def email_for_editing
125 def email_for_editing
137 if self.email==nil
126 if self.email==nil
138 "(unknown)"
127 "(unknown)"
139 elsif self.email==''
128 elsif self.email==''
140 "(blank)"
129 "(blank)"
141 else
130 else
142 self.email
131 self.email
143 end
132 end
144 end
133 end
145
134
146 def email_for_editing=(e)
135 def email_for_editing=(e)
147 self.email=e
136 self.email=e
148 end
137 end
149
138
150 def alias_for_editing
139 def alias_for_editing
151 if self.alias==nil
140 if self.alias==nil
152 "(unknown)"
141 "(unknown)"
153 elsif self.alias==''
142 elsif self.alias==''
154 "(blank)"
143 "(blank)"
155 else
144 else
156 self.alias
145 self.alias
157 end
146 end
158 end
147 end
159
148
160 def alias_for_editing=(e)
149 def alias_for_editing=(e)
161 self.alias=e
150 self.alias=e
162 end
151 end
163
152
164 def activation_key
153 def activation_key
165 if self.hashed_password==nil
154 if self.hashed_password==nil
166 encrypt_new_password
155 encrypt_new_password
167 end
156 end
168 Digest::SHA1.hexdigest(self.hashed_password)[0..7]
157 Digest::SHA1.hexdigest(self.hashed_password)[0..7]
169 end
158 end
170
159
171 def verify_activation_key(key)
160 def verify_activation_key(key)
172 key == activation_key
161 key == activation_key
173 end
162 end
174
163
175 def self.random_password(length=5)
164 def self.random_password(length=5)
176 chars = 'abcdefghjkmnopqrstuvwxyz'
165 chars = 'abcdefghjkmnopqrstuvwxyz'
177 password = ''
166 password = ''
178 length.times { password << chars[rand(chars.length - 1)] }
167 length.times { password << chars[rand(chars.length - 1)] }
179 password
168 password
180 end
169 end
181
170
182 def self.find_non_admin_with_prefix(prefix='')
171 def self.find_non_admin_with_prefix(prefix='')
183 users = User.find(:all)
172 users = User.find(:all)
184 return users.find_all { |u| !(u.admin?) and u.login.index(prefix)==0 }
173 return users.find_all { |u| !(u.admin?) and u.login.index(prefix)==0 }
185 end
174 end
186
175
187 # Contest information
176 # Contest information
188
177
189 def self.find_users_with_no_contest()
178 def self.find_users_with_no_contest()
190 users = User.find(:all)
179 users = User.find(:all)
191 return users.find_all { |u| u.contests.length == 0 }
180 return users.find_all { |u| u.contests.length == 0 }
192 end
181 end
193
182
194
183
195 def contest_time_left
184 def contest_time_left
196 if GraderConfiguration.contest_mode?
185 if GraderConfiguration.contest_mode?
197 return nil if site==nil
186 return nil if site==nil
You need to be logged in to leave comments. Login now