cafe-grader-web

Commit r233:ebadb70a03ab public

parent | child
Description:
added admin users management
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Show whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r233:ebadb70a03ab - - 3 files changed: 61 inserted, 0 deleted

Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -0,0 +1,25
1 + %h1 Administrators
2 +
3 + %table
4 + %tr
5 + %th #
6 + %th Login
7 + %th Full name
8 + %th
9 + - @admins.each_with_index do |user, i|
10 + %tr
11 + %td= i+1
12 + %td= user.login
13 + %td= user.full_name
14 + %td
15 + - if user.login!='root'
16 + = link_to '[revoke]', :action => 'revoke_admin', :id => user.id
17 + %hr
18 +
19 + - form_tag :action => 'grant_admin' do
20 + Grant admin permission to:
21 + = text_field_tag 'login'
22 + = submit_tag 'Grant'
23 +
24 + %hr/
25 + = link_to '[go back to index]', :action => 'index'
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -1,224 +1,259
1 1 class UserAdminController < ApplicationController
2 2
3 3 before_filter :admin_authorization
4 4
5 5 def index
6 6 list
7 7 render :action => 'list'
8 8 end
9 9
10 10 # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html)
11 11 verify :method => :post, :only => [ :destroy,
12 12 :create, :create_from_list,
13 13 :update ],
14 14 :redirect_to => { :action => :list }
15 15
16 16 def list
17 17 @users = User.find(:all)
18 18 @hidden_columns = ['hashed_password', 'salt', 'created_at', 'updated_at']
19 19 end
20 20
21 21 def active
22 22 sessions = ActiveRecord::SessionStore::Session.find(:all, :conditions => ["updated_at >= ?", 60.minutes.ago])
23 23 @users = []
24 24 sessions.each do |session|
25 25 if session.data[:user_id]
26 26 @users << User.find(session.data[:user_id])
27 27 end
28 28 end
29 29 end
30 30
31 31 def show
32 32 @user = User.find(params[:id])
33 33 end
34 34
35 35 def new
36 36 @user = User.new
37 37 end
38 38
39 39 def create
40 40 @user = User.new(params[:user])
41 41 @user.activated = true
42 42 if @user.save
43 43 flash[:notice] = 'User was successfully created.'
44 44 redirect_to :action => 'list'
45 45 else
46 46 render :action => 'new'
47 47 end
48 48 end
49 49
50 50 def create_from_list
51 51 lines = params[:user_list]
52 52
53 53 note = []
54 54
55 55 lines.split("\n").each do |line|
56 56 items = line.chomp.split(',')
57 57 if items.length>=2
58 58 login = items[0]
59 59 full_name = items[1]
60 60
61 61 added_random_password = false
62 62 if items.length>=3
63 63 password = items[2]
64 64 user_alias = (items.length>=4) ? items[3] : login
65 65 else
66 66 password = random_password
67 67 user_alias = (items.length>=4) ? items[3] : login
68 68 added_random_password = true
69 69 end
70 70
71 71 user = User.new({:login => login,
72 72 :full_name => full_name,
73 73 :password => password,
74 74 :password_confirmation => password,
75 75 :alias => user_alias})
76 76 user.activated = true
77 77 user.save
78 78
79 79 if added_random_password
80 80 note << "'#{login}' (+)"
81 81 else
82 82 note << login
83 83 end
84 84 end
85 85 end
86 86 flash[:notice] = 'User(s) ' + note.join(', ') +
87 87 ' were successfully created. ' +
88 88 '( (+) - created with random passwords.)'
89 89 redirect_to :action => 'list'
90 90 end
91 91
92 92 def edit
93 93 @user = User.find(params[:id])
94 94 end
95 95
96 96 def update
97 97 @user = User.find(params[:id])
98 98 if @user.update_attributes(params[:user])
99 99 flash[:notice] = 'User was successfully updated.'
100 100 redirect_to :action => 'show', :id => @user
101 101 else
102 102 render :action => 'edit'
103 103 end
104 104 end
105 105
106 106 def destroy
107 107 User.find(params[:id]).destroy
108 108 redirect_to :action => 'list'
109 109 end
110 110
111 111 def user_stat
112 112 @problems = Problem.find_available_problems
113 113 @users = User.find(:all)
114 114 @scorearray = Array.new
115 115 @users.each do |u|
116 116 ustat = Array.new
117 117 ustat[0] = u
118 118 @problems.each do |p|
119 119 sub = Submission.find_last_by_user_and_problem(u.id,p.id)
120 120 if (sub!=nil) and (sub.points!=nil)
121 121 ustat << [(sub.points.to_f*100/p.full_score).round, (sub.points>=p.full_score)]
122 122 else
123 123 ustat << [0,false]
124 124 end
125 125 end
126 126 @scorearray << ustat
127 127 end
128 128 end
129 129
130 130 def import
131 131 if params[:file]==''
132 132 flash[:notice] = 'Error importing no file'
133 133 redirect_to :action => 'list' and return
134 134 end
135 135 import_from_file(params[:file])
136 136 end
137 137
138 138 def random_all_passwords
139 139 users = User.find(:all)
140 140 @prefix = params[:prefix] || ''
141 141 @non_admin_users = User.find_non_admin_with_prefix(@prefix)
142 142 @changed = false
143 143 if request.request_method == :post
144 144 @non_admin_users.each do |user|
145 145 password = random_password
146 146 user.password = password
147 147 user.password_confirmation = password
148 148 user.save
149 149 end
150 150 @changed = true
151 151 end
152 152 end
153 153
154 + # admin management
155 +
156 + def admin
157 + @admins = User.find(:all).find_all {|user| user.admin? }
158 + end
159 +
160 + def grant_admin
161 + login = params[:login]
162 + user = User.find_by_login(login)
163 + if user!=nil
164 + admin_role = Role.find_by_name('admin')
165 + user.roles << admin_role
166 + else
167 + flash[:notice] = 'Unknown user'
168 + end
169 + flash[:notice] = 'User added as admins'
170 + redirect_to :action => 'admin'
171 + end
172 +
173 + def revoke_admin
174 + user = User.find(params[:id])
175 + if user==nil
176 + flash[:notice] = 'Unknown user'
177 + redirect_to :action => 'admin' and return
178 + elsif user.login == 'root'
179 + flash[:notice] = 'You cannot revoke admisnistrator permission from root.'
180 + redirect_to :action => 'admin' and return
181 + end
182 +
183 + admin_role = Role.find_by_name('admin')
184 + user.roles.delete(admin_role)
185 + flash[:notice] = 'User permission revoked'
186 + redirect_to :action => 'admin'
187 + end
188 +
154 189 protected
155 190
156 191 def random_password(length=5)
157 192 chars = 'abcdefghijkmnopqrstuvwxyz23456789'
158 193 newpass = ""
159 194 length.times { newpass << chars[rand(chars.size-1)] }
160 195 return newpass
161 196 end
162 197
163 198 def import_from_file(f)
164 199 data_hash = YAML.load(f)
165 200 @import_log = ""
166 201
167 202 country_data = data_hash[:countries]
168 203 site_data = data_hash[:sites]
169 204 user_data = data_hash[:users]
170 205
171 206 # import country
172 207 countries = {}
173 208 country_data.each_pair do |id,country|
174 209 c = Country.find_by_name(country[:name])
175 210 if c!=nil
176 211 countries[id] = c
177 212 @import_log << "Found #{country[:name]}\n"
178 213 else
179 214 countries[id] = Country.new(:name => country[:name])
180 215 countries[id].save
181 216 @import_log << "Created #{country[:name]}\n"
182 217 end
183 218 end
184 219
185 220 # import sites
186 221 sites = {}
187 222 site_data.each_pair do |id,site|
188 223 s = Site.find_by_name(site[:name])
189 224 if s!=nil
190 225 @import_log << "Found #{site[:name]}\n"
191 226 else
192 227 s = Site.new(:name => site[:name])
193 228 @import_log << "Created #{site[:name]}\n"
194 229 end
195 230 s.password = site[:password]
196 231 s.country = countries[site[:country_id]]
197 232 s.save
198 233 sites[id] = s
199 234 end
200 235
201 236 # import users
202 237 user_data.each_pair do |id,user|
203 238 u = User.find_by_login(user[:login])
204 239 if u!=nil
205 240 @import_log << "Found #{user[:login]}\n"
206 241 else
207 242 u = User.new(:login => user[:login])
208 243 @import_log << "Created #{user[:login]}\n"
209 244 end
210 245 u.full_name = user[:name]
211 246 u.password = user[:password]
212 247 u.country = countries[user[:country_id]]
213 248 u.site = sites[user[:site_id]]
214 249 u.activated = true
215 250 u.email = "empty-#{u.login}@none.com"
216 251 if not u.save
217 252 @import_log << "Errors\n"
218 253 u.errors.each { |attr,msg| @import_log << "#{attr} - #{msg}\n" }
219 254 end
220 255 end
221 256
222 257 end
223 258
224 259 end
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -1,64 +1,65
1 1 <h1>Listing users</h1>
2 2
3 3 <div class="submitbox">
4 4 <b>Quick add</b>
5 5 <% form_tag :action => 'create' do %>
6 6 <table border="0">
7 7 <tr>
8 8 <td><label for="user_login">Login</label></td>
9 9 <td><label for="user_full_name">Full name</label></td>
10 10 <td><label for="user_password">Password</label></td>
11 11 <td><label for="user_password_confirmation">Confirm</label></td>
12 12 <td><label for="user_email">Email</label></td>
13 13 </tr>
14 14 <tr>
15 15 <td><%= text_field 'user', 'login', :size => 10 %></td>
16 16 <td><%= text_field 'user', 'full_name', :size => 30 %></td>
17 17 <td><%= password_field 'user', 'password', :size => 10 %></td>
18 18 <td><%= password_field 'user', 'password_confirmation', :size => 10 %></td>
19 19 <td><%= text_field 'user', 'email', :size => 15 %></td>
20 20 <td><%= submit_tag "Create" %></td>
21 21 </tr></table>
22 22 <% end %>
23 23 <br/>
24 24 <b>Import from site management</b>
25 25 <% form_tag({:action => 'import'}, :multipart => true) do %>
26 26 File: <%= file_field_tag 'file' %> <%= submit_tag 'Import' %>
27 27 <% end %>
28 28 <br/>
29 29 <b>What else: </b>
30 30 <%= link_to '[New user]', :action => 'new' %>
31 31 <%= link_to '[New list of users]', :action => 'new_list' %>
32 + <%= link_to '[View administrators]', :action => 'admin' %>
32 33 <%= link_to '[Random passwords]', :action => 'random_all_passwords' %>
33 34 <%= link_to '[View active users]', :action => 'active' %>
34 35
35 36 </div>
36 37
37 38 <table>
38 39 <tr>
39 40 <% for column in User.content_columns %>
40 41 <% if !@hidden_columns.index(column.name) %>
41 42 <th><%= column.human_name %></th>
42 43 <% end %>
43 44 <% end %>
44 45 </tr>
45 46
46 47 <% for user in @users %>
47 48 <tr>
48 49 <% for column in User.content_columns %>
49 50 <% if !@hidden_columns.index(column.name) %>
50 51 <td><%=h user.send(column.name) %></td>
51 52 <% end %>
52 53 <% end %>
53 54 <td><%= link_to 'Show', :action => 'show', :id => user %></td>
54 55 <td><%= link_to 'Edit', :action => 'edit', :id => user %></td>
55 56 <td><%= link_to 'Destroy', { :action => 'destroy', :id => user }, :confirm => 'Are you sure?', :method => :post %></td>
56 57 </tr>
57 58 <% end %>
58 59 </table>
59 60
60 61
61 62 <br />
62 63
63 64 <%= link_to 'New user', :action => 'new' %>
64 65 <%= link_to 'New list of users', :action => 'new_list' %>
You need to be logged in to leave comments. Login now