cafe-grader-web

Commit r485:b530a9de9711 public

parent | child
Description:
remove authenticate by pop3 and cucas
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Ignore whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r485:b530a9de9711 - - 1 file changed: 0 inserted, 47 deleted

Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,319 +1,272
1 1 require 'digest/sha1'
2 2 require 'net/pop'
3 3 require 'net/https'
4 4 require 'net/http'
5 5 require 'json'
6 6
7 7 class User < ActiveRecord::Base
8 8
9 9 has_and_belongs_to_many :roles
10 10
11 11 has_many :test_requests, :order => "submitted_at DESC"
12 12
13 13 has_many :messages,
14 14 :class_name => "Message",
15 15 :foreign_key => "sender_id",
16 16 :order => 'created_at DESC'
17 17
18 18 has_many :replied_messages,
19 19 :class_name => "Message",
20 20 :foreign_key => "receiver_id",
21 21 :order => 'created_at DESC'
22 22
23 23 has_one :contest_stat, :class_name => "UserContestStat", :dependent => :destroy
24 24
25 25 belongs_to :site
26 26 belongs_to :country
27 27
28 28 has_and_belongs_to_many :contests, :uniq => true, :order => 'name'
29 29
30 30 scope :activated_users, :conditions => {:activated => true}
31 31
32 32 validates_presence_of :login
33 33 validates_uniqueness_of :login
34 34 validates_format_of :login, :with => /^[\_A-Za-z0-9]+$/
35 35 validates_length_of :login, :within => 3..30
36 36
37 37 validates_presence_of :full_name
38 38 validates_length_of :full_name, :minimum => 1
39 39
40 40 validates_presence_of :password, :if => :password_required?
41 41 validates_length_of :password, :within => 4..20, :if => :password_required?
42 42 validates_confirmation_of :password, :if => :password_required?
43 43
44 44 validates_format_of :email,
45 45 :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i,
46 46 :if => :email_validation?
47 47 validate :uniqueness_of_email_from_activated_users,
48 48 :if => :email_validation?
49 49 validate :enough_time_interval_between_same_email_registrations,
50 50 :if => :email_validation?
51 51
52 52 # these are for ytopc
53 53 # disable for now
54 54 #validates_presence_of :province
55 55
56 56 attr_accessor :password
57 57
58 58 before_save :encrypt_new_password
59 59 before_save :assign_default_site
60 60 before_save :assign_default_contest
61 61
62 62 # this is for will_paginate
63 63 cattr_reader :per_page
64 64 @@per_page = 50
65 65
66 66 def self.authenticate(login, password)
67 67 user = find_by_login(login)
68 68 if user
69 69 return user if user.authenticated?(password)
70 - if user.authenticated_by_cucas?(password) or user.authenticated_by_pop3?(password)
71 - user.password = password
72 - user.save
73 - return user
74 - end
75 70 end
76 71 end
77 72
78 73 def authenticated?(password)
79 74 if self.activated
80 75 hashed_password == User.encrypt(password,self.salt)
81 76 else
82 77 false
83 78 end
84 79 end
85 80
86 - def authenticated_by_pop3?(password)
87 - Net::POP3.enable_ssl
88 - pop = Net::POP3.new('pops.it.chula.ac.th')
89 - authen = true
90 - begin
91 - pop.start(login, password)
92 - pop.finish
93 - return true
94 - rescue
95 - return false
96 - end
97 - end
98 -
99 - def authenticated_by_cucas?(password)
100 - url = URI.parse('https://www.cas.chula.ac.th/cas/api/?q=studentAuthenticate')
101 - appid = '41508763e340d5858c00f8c1a0f5a2bb'
102 - appsecret ='d9cbb5863091dbe186fded85722a1e31'
103 - post_args = {
104 - 'appid' => appid,
105 - 'appsecret' => appsecret,
106 - 'username' => login,
107 - 'password' => password
108 - }
109 -
110 - #simple call
111 - begin
112 - http = Net::HTTP.new('www.cas.chula.ac.th', 443)
113 - http.use_ssl = true
114 - result = [ ]
115 - http.start do |http|
116 - req = Net::HTTP::Post.new('/cas/api/?q=studentAuthenticate')
117 - param = "appid=#{appid}&appsecret=#{appsecret}&username=#{login}&password=#{password}"
118 - resp = http.request(req,param)
119 - result = JSON.parse resp.body
120 - end
121 - return true if result["type"] == "beanStudent"
122 - rescue
123 - return false
124 - end
125 - return false
126 - end
127 -
128 81 def admin?
129 82 self.roles.detect {|r| r.name == 'admin' }
130 83 end
131 84
132 85 def email_for_editing
133 86 if self.email==nil
134 87 "(unknown)"
135 88 elsif self.email==''
136 89 "(blank)"
137 90 else
138 91 self.email
139 92 end
140 93 end
141 94
142 95 def email_for_editing=(e)
143 96 self.email=e
144 97 end
145 98
146 99 def alias_for_editing
147 100 if self.alias==nil
148 101 "(unknown)"
149 102 elsif self.alias==''
150 103 "(blank)"
151 104 else
152 105 self.alias
153 106 end
154 107 end
155 108
156 109 def alias_for_editing=(e)
157 110 self.alias=e
158 111 end
159 112
160 113 def activation_key
161 114 if self.hashed_password==nil
162 115 encrypt_new_password
163 116 end
164 117 Digest::SHA1.hexdigest(self.hashed_password)[0..7]
165 118 end
166 119
167 120 def verify_activation_key(key)
168 121 key == activation_key
169 122 end
170 123
171 124 def self.random_password(length=5)
172 125 chars = 'abcdefghjkmnopqrstuvwxyz'
173 126 password = ''
174 127 length.times { password << chars[rand(chars.length - 1)] }
175 128 password
176 129 end
177 130
178 131 def self.find_non_admin_with_prefix(prefix='')
179 132 users = User.find(:all)
180 133 return users.find_all { |u| !(u.admin?) and u.login.index(prefix)==0 }
181 134 end
182 135
183 136 # Contest information
184 137
185 138 def self.find_users_with_no_contest()
186 139 users = User.find(:all)
187 140 return users.find_all { |u| u.contests.length == 0 }
188 141 end
189 142
190 143
191 144 def contest_time_left
192 145 if GraderConfiguration.contest_mode?
193 146 return nil if site==nil
194 147 return site.time_left
195 148 elsif GraderConfiguration.indv_contest_mode?
196 149 time_limit = GraderConfiguration.contest_time_limit
197 150 if time_limit == nil
198 151 return nil
199 152 end
200 153 if contest_stat==nil or contest_stat.started_at==nil
201 154 return (Time.now.gmtime + time_limit) - Time.now.gmtime
202 155 else
203 156 finish_time = contest_stat.started_at + time_limit
204 157 current_time = Time.now.gmtime
205 158 if current_time > finish_time
206 159 return 0
207 160 else
208 161 return finish_time - current_time
209 162 end
210 163 end
211 164 else
212 165 return nil
213 166 end
214 167 end
215 168
216 169 def contest_finished?
217 170 if GraderConfiguration.contest_mode?
218 171 return false if site==nil
219 172 return site.finished?
220 173 elsif GraderConfiguration.indv_contest_mode?
221 174 return false if self.contest_stat(true)==nil
222 175 return contest_time_left == 0
223 176 else
224 177 return false
225 178 end
226 179 end
227 180
228 181 def contest_started?
229 182 if GraderConfiguration.indv_contest_mode?
230 183 stat = self.contest_stat
231 184 return ((stat != nil) and (stat.started_at != nil))
232 185 elsif GraderConfiguration.contest_mode?
233 186 return true if site==nil
234 187 return site.started
235 188 else
236 189 return true
237 190 end
238 191 end
239 192
240 193 def update_start_time
241 194 stat = self.contest_stat
242 195 if stat == nil or stat.started_at == nil
243 196 stat ||= UserContestStat.new(:user => self)
244 197 stat.started_at = Time.now.gmtime
245 198 stat.save
246 199 end
247 200 end
248 201
249 202 def problem_in_user_contests?(problem)
250 203 problem_contests = problem.contests.all
251 204
252 205 if problem_contests.length == 0 # this is public contest
253 206 return true
254 207 end
255 208
256 209 contests.each do |contest|
257 210 if problem_contests.find {|c| c.id == contest.id }
258 211 return true
259 212 end
260 213 end
261 214 return false
262 215 end
263 216
264 217 def available_problems_group_by_contests
265 218 contest_problems = []
266 219 pin = {}
267 220 contests.enabled.each do |contest|
268 221 available_problems = contest.problems.available
269 222 contest_problems << {
270 223 :contest => contest,
271 224 :problems => available_problems
272 225 }
273 226 available_problems.each {|p| pin[p.id] = true}
274 227 end
275 228 other_avaiable_problems = Problem.available.find_all {|p| pin[p.id]==nil and p.contests.length==0}
276 229 contest_problems << {
277 230 :contest => nil,
278 231 :problems => other_avaiable_problems
279 232 }
280 233 return contest_problems
281 234 end
282 235
283 236 def available_problems
284 237 if not GraderConfiguration.multicontests?
285 238 return Problem.find_available_problems
286 239 else
287 240 contest_problems = []
288 241 pin = {}
289 242 contests.enabled.each do |contest|
290 243 contest.problems.available.each do |problem|
291 244 if not pin.has_key? problem.id
292 245 contest_problems << problem
293 246 end
294 247 pin[problem.id] = true
295 248 end
296 249 end
297 250 other_avaiable_problems = Problem.available.find_all {|p| pin[p.id]==nil and p.contests.length==0}
298 251 return contest_problems + other_avaiable_problems
299 252 end
300 253 end
301 254
302 255 def can_view_problem?(problem)
303 256 if not GraderConfiguration.multicontests?
304 257 return problem.available
305 258 else
306 259 return problem_in_user_contests? problem
307 260 end
308 261 end
309 262
310 263 protected
311 264 def encrypt_new_password
312 265 return if password.blank?
313 266 self.salt = (10+rand(90)).to_s
314 267 self.hashed_password = User.encrypt(self.password,self.salt)
315 268 end
316 269
317 270 def assign_default_site
318 271 # have to catch error when migrating (because self.site is not available).
319 272 begin
You need to be logged in to leave comments. Login now