cafe-grader-web

Commit r233:ebadb70a03ab public

parent | child
Description:
added admin users management
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Show whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r233:ebadb70a03ab - - 3 files changed: 61 inserted, 0 deleted

Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -0,0 +1,25
1 + %h1 Administrators
2 +
3 + %table
4 + %tr
5 + %th #
6 + %th Login
7 + %th Full name
8 + %th
9 + - @admins.each_with_index do |user, i|
10 + %tr
11 + %td= i+1
12 + %td= user.login
13 + %td= user.full_name
14 + %td
15 + - if user.login!='root'
16 + = link_to '[revoke]', :action => 'revoke_admin', :id => user.id
17 + %hr
18 +
19 + - form_tag :action => 'grant_admin' do
20 + Grant admin permission to:
21 + = text_field_tag 'login'
22 + = submit_tag 'Grant'
23 +
24 + %hr/
25 + = link_to '[go back to index]', :action => 'index'
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -1,224 +1,259
1 class UserAdminController < ApplicationController
1 class UserAdminController < ApplicationController
2
2
3 before_filter :admin_authorization
3 before_filter :admin_authorization
4
4
5 def index
5 def index
6 list
6 list
7 render :action => 'list'
7 render :action => 'list'
8 end
8 end
9
9
10 # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html)
10 # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html)
11 verify :method => :post, :only => [ :destroy,
11 verify :method => :post, :only => [ :destroy,
12 :create, :create_from_list,
12 :create, :create_from_list,
13 :update ],
13 :update ],
14 :redirect_to => { :action => :list }
14 :redirect_to => { :action => :list }
15
15
16 def list
16 def list
17 @users = User.find(:all)
17 @users = User.find(:all)
18 @hidden_columns = ['hashed_password', 'salt', 'created_at', 'updated_at']
18 @hidden_columns = ['hashed_password', 'salt', 'created_at', 'updated_at']
19 end
19 end
20
20
21 def active
21 def active
22 sessions = ActiveRecord::SessionStore::Session.find(:all, :conditions => ["updated_at >= ?", 60.minutes.ago])
22 sessions = ActiveRecord::SessionStore::Session.find(:all, :conditions => ["updated_at >= ?", 60.minutes.ago])
23 @users = []
23 @users = []
24 sessions.each do |session|
24 sessions.each do |session|
25 if session.data[:user_id]
25 if session.data[:user_id]
26 @users << User.find(session.data[:user_id])
26 @users << User.find(session.data[:user_id])
27 end
27 end
28 end
28 end
29 end
29 end
30
30
31 def show
31 def show
32 @user = User.find(params[:id])
32 @user = User.find(params[:id])
33 end
33 end
34
34
35 def new
35 def new
36 @user = User.new
36 @user = User.new
37 end
37 end
38
38
39 def create
39 def create
40 @user = User.new(params[:user])
40 @user = User.new(params[:user])
41 @user.activated = true
41 @user.activated = true
42 if @user.save
42 if @user.save
43 flash[:notice] = 'User was successfully created.'
43 flash[:notice] = 'User was successfully created.'
44 redirect_to :action => 'list'
44 redirect_to :action => 'list'
45 else
45 else
46 render :action => 'new'
46 render :action => 'new'
47 end
47 end
48 end
48 end
49
49
50 def create_from_list
50 def create_from_list
51 lines = params[:user_list]
51 lines = params[:user_list]
52
52
53 note = []
53 note = []
54
54
55 lines.split("\n").each do |line|
55 lines.split("\n").each do |line|
56 items = line.chomp.split(',')
56 items = line.chomp.split(',')
57 if items.length>=2
57 if items.length>=2
58 login = items[0]
58 login = items[0]
59 full_name = items[1]
59 full_name = items[1]
60
60
61 added_random_password = false
61 added_random_password = false
62 if items.length>=3
62 if items.length>=3
63 password = items[2]
63 password = items[2]
64 user_alias = (items.length>=4) ? items[3] : login
64 user_alias = (items.length>=4) ? items[3] : login
65 else
65 else
66 password = random_password
66 password = random_password
67 user_alias = (items.length>=4) ? items[3] : login
67 user_alias = (items.length>=4) ? items[3] : login
68 added_random_password = true
68 added_random_password = true
69 end
69 end
70
70
71 user = User.new({:login => login,
71 user = User.new({:login => login,
72 :full_name => full_name,
72 :full_name => full_name,
73 :password => password,
73 :password => password,
74 :password_confirmation => password,
74 :password_confirmation => password,
75 :alias => user_alias})
75 :alias => user_alias})
76 user.activated = true
76 user.activated = true
77 user.save
77 user.save
78
78
79 if added_random_password
79 if added_random_password
80 note << "'#{login}' (+)"
80 note << "'#{login}' (+)"
81 else
81 else
82 note << login
82 note << login
83 end
83 end
84 end
84 end
85 end
85 end
86 flash[:notice] = 'User(s) ' + note.join(', ') +
86 flash[:notice] = 'User(s) ' + note.join(', ') +
87 ' were successfully created. ' +
87 ' were successfully created. ' +
88 '( (+) - created with random passwords.)'
88 '( (+) - created with random passwords.)'
89 redirect_to :action => 'list'
89 redirect_to :action => 'list'
90 end
90 end
91
91
92 def edit
92 def edit
93 @user = User.find(params[:id])
93 @user = User.find(params[:id])
94 end
94 end
95
95
96 def update
96 def update
97 @user = User.find(params[:id])
97 @user = User.find(params[:id])
98 if @user.update_attributes(params[:user])
98 if @user.update_attributes(params[:user])
99 flash[:notice] = 'User was successfully updated.'
99 flash[:notice] = 'User was successfully updated.'
100 redirect_to :action => 'show', :id => @user
100 redirect_to :action => 'show', :id => @user
101 else
101 else
102 render :action => 'edit'
102 render :action => 'edit'
103 end
103 end
104 end
104 end
105
105
106 def destroy
106 def destroy
107 User.find(params[:id]).destroy
107 User.find(params[:id]).destroy
108 redirect_to :action => 'list'
108 redirect_to :action => 'list'
109 end
109 end
110
110
111 def user_stat
111 def user_stat
112 @problems = Problem.find_available_problems
112 @problems = Problem.find_available_problems
113 @users = User.find(:all)
113 @users = User.find(:all)
114 @scorearray = Array.new
114 @scorearray = Array.new
115 @users.each do |u|
115 @users.each do |u|
116 ustat = Array.new
116 ustat = Array.new
117 ustat[0] = u
117 ustat[0] = u
118 @problems.each do |p|
118 @problems.each do |p|
119 sub = Submission.find_last_by_user_and_problem(u.id,p.id)
119 sub = Submission.find_last_by_user_and_problem(u.id,p.id)
120 if (sub!=nil) and (sub.points!=nil)
120 if (sub!=nil) and (sub.points!=nil)
121 ustat << [(sub.points.to_f*100/p.full_score).round, (sub.points>=p.full_score)]
121 ustat << [(sub.points.to_f*100/p.full_score).round, (sub.points>=p.full_score)]
122 else
122 else
123 ustat << [0,false]
123 ustat << [0,false]
124 end
124 end
125 end
125 end
126 @scorearray << ustat
126 @scorearray << ustat
127 end
127 end
128 end
128 end
129
129
130 def import
130 def import
131 if params[:file]==''
131 if params[:file]==''
132 flash[:notice] = 'Error importing no file'
132 flash[:notice] = 'Error importing no file'
133 redirect_to :action => 'list' and return
133 redirect_to :action => 'list' and return
134 end
134 end
135 import_from_file(params[:file])
135 import_from_file(params[:file])
136 end
136 end
137
137
138 def random_all_passwords
138 def random_all_passwords
139 users = User.find(:all)
139 users = User.find(:all)
140 @prefix = params[:prefix] || ''
140 @prefix = params[:prefix] || ''
141 @non_admin_users = User.find_non_admin_with_prefix(@prefix)
141 @non_admin_users = User.find_non_admin_with_prefix(@prefix)
142 @changed = false
142 @changed = false
143 if request.request_method == :post
143 if request.request_method == :post
144 @non_admin_users.each do |user|
144 @non_admin_users.each do |user|
145 password = random_password
145 password = random_password
146 user.password = password
146 user.password = password
147 user.password_confirmation = password
147 user.password_confirmation = password
148 user.save
148 user.save
149 end
149 end
150 @changed = true
150 @changed = true
151 end
151 end
152 end
152 end
153
153
154 + # admin management
155 +
156 + def admin
157 + @admins = User.find(:all).find_all {|user| user.admin? }
158 + end
159 +
160 + def grant_admin
161 + login = params[:login]
162 + user = User.find_by_login(login)
163 + if user!=nil
164 + admin_role = Role.find_by_name('admin')
165 + user.roles << admin_role
166 + else
167 + flash[:notice] = 'Unknown user'
168 + end
169 + flash[:notice] = 'User added as admins'
170 + redirect_to :action => 'admin'
171 + end
172 +
173 + def revoke_admin
174 + user = User.find(params[:id])
175 + if user==nil
176 + flash[:notice] = 'Unknown user'
177 + redirect_to :action => 'admin' and return
178 + elsif user.login == 'root'
179 + flash[:notice] = 'You cannot revoke admisnistrator permission from root.'
180 + redirect_to :action => 'admin' and return
181 + end
182 +
183 + admin_role = Role.find_by_name('admin')
184 + user.roles.delete(admin_role)
185 + flash[:notice] = 'User permission revoked'
186 + redirect_to :action => 'admin'
187 + end
188 +
154 protected
189 protected
155
190
156 def random_password(length=5)
191 def random_password(length=5)
157 chars = 'abcdefghijkmnopqrstuvwxyz23456789'
192 chars = 'abcdefghijkmnopqrstuvwxyz23456789'
158 newpass = ""
193 newpass = ""
159 length.times { newpass << chars[rand(chars.size-1)] }
194 length.times { newpass << chars[rand(chars.size-1)] }
160 return newpass
195 return newpass
161 end
196 end
162
197
163 def import_from_file(f)
198 def import_from_file(f)
164 data_hash = YAML.load(f)
199 data_hash = YAML.load(f)
165 @import_log = ""
200 @import_log = ""
166
201
167 country_data = data_hash[:countries]
202 country_data = data_hash[:countries]
168 site_data = data_hash[:sites]
203 site_data = data_hash[:sites]
169 user_data = data_hash[:users]
204 user_data = data_hash[:users]
170
205
171 # import country
206 # import country
172 countries = {}
207 countries = {}
173 country_data.each_pair do |id,country|
208 country_data.each_pair do |id,country|
174 c = Country.find_by_name(country[:name])
209 c = Country.find_by_name(country[:name])
175 if c!=nil
210 if c!=nil
176 countries[id] = c
211 countries[id] = c
177 @import_log << "Found #{country[:name]}\n"
212 @import_log << "Found #{country[:name]}\n"
178 else
213 else
179 countries[id] = Country.new(:name => country[:name])
214 countries[id] = Country.new(:name => country[:name])
180 countries[id].save
215 countries[id].save
181 @import_log << "Created #{country[:name]}\n"
216 @import_log << "Created #{country[:name]}\n"
182 end
217 end
183 end
218 end
184
219
185 # import sites
220 # import sites
186 sites = {}
221 sites = {}
187 site_data.each_pair do |id,site|
222 site_data.each_pair do |id,site|
188 s = Site.find_by_name(site[:name])
223 s = Site.find_by_name(site[:name])
189 if s!=nil
224 if s!=nil
190 @import_log << "Found #{site[:name]}\n"
225 @import_log << "Found #{site[:name]}\n"
191 else
226 else
192 s = Site.new(:name => site[:name])
227 s = Site.new(:name => site[:name])
193 @import_log << "Created #{site[:name]}\n"
228 @import_log << "Created #{site[:name]}\n"
194 end
229 end
195 s.password = site[:password]
230 s.password = site[:password]
196 s.country = countries[site[:country_id]]
231 s.country = countries[site[:country_id]]
197 s.save
232 s.save
198 sites[id] = s
233 sites[id] = s
199 end
234 end
200
235
201 # import users
236 # import users
202 user_data.each_pair do |id,user|
237 user_data.each_pair do |id,user|
203 u = User.find_by_login(user[:login])
238 u = User.find_by_login(user[:login])
204 if u!=nil
239 if u!=nil
205 @import_log << "Found #{user[:login]}\n"
240 @import_log << "Found #{user[:login]}\n"
206 else
241 else
207 u = User.new(:login => user[:login])
242 u = User.new(:login => user[:login])
208 @import_log << "Created #{user[:login]}\n"
243 @import_log << "Created #{user[:login]}\n"
209 end
244 end
210 u.full_name = user[:name]
245 u.full_name = user[:name]
211 u.password = user[:password]
246 u.password = user[:password]
212 u.country = countries[user[:country_id]]
247 u.country = countries[user[:country_id]]
213 u.site = sites[user[:site_id]]
248 u.site = sites[user[:site_id]]
214 u.activated = true
249 u.activated = true
215 u.email = "empty-#{u.login}@none.com"
250 u.email = "empty-#{u.login}@none.com"
216 if not u.save
251 if not u.save
217 @import_log << "Errors\n"
252 @import_log << "Errors\n"
218 u.errors.each { |attr,msg| @import_log << "#{attr} - #{msg}\n" }
253 u.errors.each { |attr,msg| @import_log << "#{attr} - #{msg}\n" }
219 end
254 end
220 end
255 end
221
256
222 end
257 end
223
258
224 end
259 end
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -1,64 +1,65
1 <h1>Listing users</h1>
1 <h1>Listing users</h1>
2
2
3 <div class="submitbox">
3 <div class="submitbox">
4 <b>Quick add</b>
4 <b>Quick add</b>
5 <% form_tag :action => 'create' do %>
5 <% form_tag :action => 'create' do %>
6 <table border="0">
6 <table border="0">
7 <tr>
7 <tr>
8 <td><label for="user_login">Login</label></td>
8 <td><label for="user_login">Login</label></td>
9 <td><label for="user_full_name">Full name</label></td>
9 <td><label for="user_full_name">Full name</label></td>
10 <td><label for="user_password">Password</label></td>
10 <td><label for="user_password">Password</label></td>
11 <td><label for="user_password_confirmation">Confirm</label></td>
11 <td><label for="user_password_confirmation">Confirm</label></td>
12 <td><label for="user_email">Email</label></td>
12 <td><label for="user_email">Email</label></td>
13 </tr>
13 </tr>
14 <tr>
14 <tr>
15 <td><%= text_field 'user', 'login', :size => 10 %></td>
15 <td><%= text_field 'user', 'login', :size => 10 %></td>
16 <td><%= text_field 'user', 'full_name', :size => 30 %></td>
16 <td><%= text_field 'user', 'full_name', :size => 30 %></td>
17 <td><%= password_field 'user', 'password', :size => 10 %></td>
17 <td><%= password_field 'user', 'password', :size => 10 %></td>
18 <td><%= password_field 'user', 'password_confirmation', :size => 10 %></td>
18 <td><%= password_field 'user', 'password_confirmation', :size => 10 %></td>
19 <td><%= text_field 'user', 'email', :size => 15 %></td>
19 <td><%= text_field 'user', 'email', :size => 15 %></td>
20 <td><%= submit_tag "Create" %></td>
20 <td><%= submit_tag "Create" %></td>
21 </tr></table>
21 </tr></table>
22 <% end %>
22 <% end %>
23 <br/>
23 <br/>
24 <b>Import from site management</b>
24 <b>Import from site management</b>
25 <% form_tag({:action => 'import'}, :multipart => true) do %>
25 <% form_tag({:action => 'import'}, :multipart => true) do %>
26 File: <%= file_field_tag 'file' %> <%= submit_tag 'Import' %>
26 File: <%= file_field_tag 'file' %> <%= submit_tag 'Import' %>
27 <% end %>
27 <% end %>
28 <br/>
28 <br/>
29 <b>What else: </b>
29 <b>What else: </b>
30 <%= link_to '[New user]', :action => 'new' %>
30 <%= link_to '[New user]', :action => 'new' %>
31 <%= link_to '[New list of users]', :action => 'new_list' %>
31 <%= link_to '[New list of users]', :action => 'new_list' %>
32 + <%= link_to '[View administrators]', :action => 'admin' %>
32 <%= link_to '[Random passwords]', :action => 'random_all_passwords' %>
33 <%= link_to '[Random passwords]', :action => 'random_all_passwords' %>
33 <%= link_to '[View active users]', :action => 'active' %>
34 <%= link_to '[View active users]', :action => 'active' %>
34
35
35 </div>
36 </div>
36
37
37 <table>
38 <table>
38 <tr>
39 <tr>
39 <% for column in User.content_columns %>
40 <% for column in User.content_columns %>
40 <% if !@hidden_columns.index(column.name) %>
41 <% if !@hidden_columns.index(column.name) %>
41 <th><%= column.human_name %></th>
42 <th><%= column.human_name %></th>
42 <% end %>
43 <% end %>
43 <% end %>
44 <% end %>
44 </tr>
45 </tr>
45
46
46 <% for user in @users %>
47 <% for user in @users %>
47 <tr>
48 <tr>
48 <% for column in User.content_columns %>
49 <% for column in User.content_columns %>
49 <% if !@hidden_columns.index(column.name) %>
50 <% if !@hidden_columns.index(column.name) %>
50 <td><%=h user.send(column.name) %></td>
51 <td><%=h user.send(column.name) %></td>
51 <% end %>
52 <% end %>
52 <% end %>
53 <% end %>
53 <td><%= link_to 'Show', :action => 'show', :id => user %></td>
54 <td><%= link_to 'Show', :action => 'show', :id => user %></td>
54 <td><%= link_to 'Edit', :action => 'edit', :id => user %></td>
55 <td><%= link_to 'Edit', :action => 'edit', :id => user %></td>
55 <td><%= link_to 'Destroy', { :action => 'destroy', :id => user }, :confirm => 'Are you sure?', :method => :post %></td>
56 <td><%= link_to 'Destroy', { :action => 'destroy', :id => user }, :confirm => 'Are you sure?', :method => :post %></td>
56 </tr>
57 </tr>
57 <% end %>
58 <% end %>
58 </table>
59 </table>
59
60
60
61
61 <br />
62 <br />
62
63
63 <%= link_to 'New user', :action => 'new' %>
64 <%= link_to 'New user', :action => 'new' %>
64 <%= link_to 'New list of users', :action => 'new_list' %>
65 <%= link_to 'New list of users', :action => 'new_list' %>
You need to be logged in to leave comments. Login now