cafe-grader-web

Commit r539:c49187a88c77 public

parent | child
Description:
update heartbeat add try-to-login-from-other-ip loggin (by printing to stdout)
Commit status:
[Not Reviewed]
References:
java
Diff options:
Raw Diff | Patch Diff | Download Diff | Ignore whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r539:c49187a88c77 - - 2 files changed: 2 inserted, 1 deleted

Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -24,87 +24,88
24 return false
24 return false
25 end
25 end
26 end
26 end
27
27
28 protected
28 protected
29
29
30 def authenticate
30 def authenticate
31 unless session[:user_id]
31 unless session[:user_id]
32 flash[:notice] = 'You need to login'
32 flash[:notice] = 'You need to login'
33 if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY]
33 if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY]
34 flash[:notice] = 'You need to login but you cannot log in at this time'
34 flash[:notice] = 'You need to login but you cannot log in at this time'
35 end
35 end
36 redirect_to :controller => 'main', :action => 'login'
36 redirect_to :controller => 'main', :action => 'login'
37 return false
37 return false
38 end
38 end
39
39
40 # check if run in single user mode
40 # check if run in single user mode
41 if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY]
41 if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY]
42 user = User.find(session[:user_id])
42 user = User.find(session[:user_id])
43 if user==nil or (not user.admin?)
43 if user==nil or (not user.admin?)
44 flash[:notice] = 'You cannot log in at this time'
44 flash[:notice] = 'You cannot log in at this time'
45 redirect_to :controller => 'main', :action => 'login'
45 redirect_to :controller => 'main', :action => 'login'
46 return false
46 return false
47 end
47 end
48 return true
48 return true
49 end
49 end
50
50
51 if GraderConfiguration.multicontests?
51 if GraderConfiguration.multicontests?
52 user = User.find(session[:user_id])
52 user = User.find(session[:user_id])
53 return true if user.admin?
53 return true if user.admin?
54 begin
54 begin
55 if user.contest_stat(true).forced_logout
55 if user.contest_stat(true).forced_logout
56 flash[:notice] = 'You have been automatically logged out.'
56 flash[:notice] = 'You have been automatically logged out.'
57 redirect_to :controller => 'main', :action => 'index'
57 redirect_to :controller => 'main', :action => 'index'
58 end
58 end
59 rescue
59 rescue
60 end
60 end
61 end
61 end
62 return true
62 return true
63 end
63 end
64
64
65 def authenticate_by_ip_address
65 def authenticate_by_ip_address
66 #this assume that we have already authenticate normally
66 #this assume that we have already authenticate normally
67 unless GraderConfiguration[MULTIPLE_IP_LOGIN_CONF_KEY]
67 unless GraderConfiguration[MULTIPLE_IP_LOGIN_CONF_KEY]
68 user = User.find(session[:user_id])
68 user = User.find(session[:user_id])
69 if (not user.admin? and user.last_ip and user.last_ip != request.remote_ip)
69 if (not user.admin? and user.last_ip and user.last_ip != request.remote_ip)
70 flash[:notice] = "You cannot use the system from #{request.remote_ip}. Your last ip is #{user.last_ip}"
70 flash[:notice] = "You cannot use the system from #{request.remote_ip}. Your last ip is #{user.last_ip}"
71 redirect_to :controller => 'main', :action => 'login'
71 redirect_to :controller => 'main', :action => 'login'
72 + puts "CHEAT: user #{user.login} tried to login from '#{request.remote_ip}' while last ip is '#{user.last_ip}' at #{Time.zone.now}"
72 return false
73 return false
73 end
74 end
74 unless user.last_ip
75 unless user.last_ip
75 user.last_ip = request.remote_ip
76 user.last_ip = request.remote_ip
76 user.save
77 user.save
77 end
78 end
78 end
79 end
79 return true
80 return true
80 end
81 end
81
82
82 def authorization
83 def authorization
83 return false unless authenticate
84 return false unless authenticate
84 user = User.find(session[:user_id])
85 user = User.find(session[:user_id])
85 unless user.roles.detect { |role|
86 unless user.roles.detect { |role|
86 role.rights.detect{ |right|
87 role.rights.detect{ |right|
87 right.controller == self.class.controller_name and
88 right.controller == self.class.controller_name and
88 (right.action == 'all' or right.action == action_name)
89 (right.action == 'all' or right.action == action_name)
89 }
90 }
90 }
91 }
91 flash[:notice] = 'You are not authorized to view the page you requested'
92 flash[:notice] = 'You are not authorized to view the page you requested'
92 #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login')
93 #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login')
93 redirect_to :controller => 'main', :action => 'login'
94 redirect_to :controller => 'main', :action => 'login'
94 return false
95 return false
95 end
96 end
96 end
97 end
97
98
98 def verify_time_limit
99 def verify_time_limit
99 return true if session[:user_id]==nil
100 return true if session[:user_id]==nil
100 user = User.find(session[:user_id], :include => :site)
101 user = User.find(session[:user_id], :include => :site)
101 return true if user==nil or user.site == nil
102 return true if user==nil or user.site == nil
102 if user.contest_finished?
103 if user.contest_finished?
103 flash[:notice] = 'Error: the contest you are participating is over.'
104 flash[:notice] = 'Error: the contest you are participating is over.'
104 redirect_to :back
105 redirect_to :back
105 return false
106 return false
106 end
107 end
107 return true
108 return true
108 end
109 end
109
110
110 end
111 end
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,31 +1,31
1 class HeartbeatController < ApplicationController
1 class HeartbeatController < ApplicationController
2 before_filter :admin_authorization, :only => ['index']
2 before_filter :admin_authorization, :only => ['index']
3
3
4 def edit
4 def edit
5 @user = User.find_by_login(params[:id])
5 @user = User.find_by_login(params[:id])
6 unless @user
6 unless @user
7 render text: "LOGIN_NOT_FOUND"
7 render text: "LOGIN_NOT_FOUND"
8 return
8 return
9 end
9 end
10
10
11 #hb = HeartBeat.where(user_id: @user.id, ip_address: request.remote_ip).first
11 #hb = HeartBeat.where(user_id: @user.id, ip_address: request.remote_ip).first
12 #puts "status = #{params[:status]}"
12 #puts "status = #{params[:status]}"
13 #if hb
13 #if hb
14 # if params[:status]
14 # if params[:status]
15 # hb.status = params[:status]
15 # hb.status = params[:status]
16 # hb.save
16 # hb.save
17 # end
17 # end
18 # hb.touch
18 # hb.touch
19 #else
19 #else
20 # HeartBeat.creae(user_id: @user.id, ip_address: request.remote_ip)
20 # HeartBeat.creae(user_id: @user.id, ip_address: request.remote_ip)
21 #end
21 #end
22 HeartBeat.create(user_id: @user.id, ip_address: request.remote_ip, status: params[:status])
22 HeartBeat.create(user_id: @user.id, ip_address: request.remote_ip, status: params[:status])
23
23
24 render text: (GraderConfiguration['right.heartbeat_response'] || 'OK')
24 render text: (GraderConfiguration['right.heartbeat_response'] || 'OK')
25 end
25 end
26
26
27 def index
27 def index
28 @hb = HeartBeat.where("updated_at >= ?",Time.zone.now-2.hours).includes(:user).order(:user_id).all
28 @hb = HeartBeat.where("updated_at >= ?",Time.zone.now-2.hours).includes(:user).order(:user_id).all
29 - @num = HeartBeat.where("updated_at >= ?",Time.zone.now-5.minutes).count
29 + @num = HeartBeat.where("updated_at >= ?",Time.zone.now-5.minutes).count(:user_id,distinct: true)
30 end
30 end
31 end
31 end
You need to be logged in to leave comments. Login now