Description:
merge
Commit status:
[Not Reviewed]
References:
Diff options:
Comments:
0 Commit comments
0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Author
-
r838:f3c1c942cc51 - - 2 files changed: 5 inserted, 3 deleted
| @@ -1,134 +1,133 | |||||
|
|
1 | require 'ipaddr' |
|
1 | require 'ipaddr' |
|
|
2 |
|
2 | ||
|
|
3 | class ApplicationController < ActionController::Base |
|
3 | class ApplicationController < ActionController::Base |
|
|
4 | protect_from_forgery |
|
4 | protect_from_forgery |
|
|
5 |
|
5 | ||
|
|
6 | before_action :current_user |
|
6 | before_action :current_user |
|
|
7 |
|
7 | ||
|
|
8 | SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode' |
|
8 | SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode' |
|
|
9 | MULTIPLE_IP_LOGIN_CONF_KEY = 'right.multiple_ip_login' |
|
9 | MULTIPLE_IP_LOGIN_CONF_KEY = 'right.multiple_ip_login' |
|
|
10 | WHITELIST_IGNORE_CONF_KEY = 'right.whitelist_ignore' |
|
10 | WHITELIST_IGNORE_CONF_KEY = 'right.whitelist_ignore' |
|
|
11 | WHITELIST_IP_CONF_KEY = 'right.whitelist_ip' |
|
11 | WHITELIST_IP_CONF_KEY = 'right.whitelist_ip' |
|
|
12 |
|
12 | ||
|
|
13 | #report and redirect for unauthorized activities |
|
13 | #report and redirect for unauthorized activities |
|
|
14 | def unauthorized_redirect(notice = 'You are not authorized to view the page you requested') |
|
14 | def unauthorized_redirect(notice = 'You are not authorized to view the page you requested') |
|
|
15 | flash[:notice] = notice |
|
15 | flash[:notice] = notice |
|
|
16 | redirect_to login_main_path |
|
16 | redirect_to login_main_path |
|
|
17 | end |
|
17 | end |
|
|
18 |
|
18 | ||
|
|
19 | # Returns the current logged-in user (if any). |
|
19 | # Returns the current logged-in user (if any). |
|
|
20 | def current_user |
|
20 | def current_user |
|
|
21 | return nil unless session[:user_id] |
|
21 | return nil unless session[:user_id] |
|
|
22 | @current_user ||= User.find(session[:user_id]) |
|
22 | @current_user ||= User.find(session[:user_id]) |
|
|
23 | end |
|
23 | end |
|
|
24 |
|
24 | ||
|
|
25 | def admin_authorization |
|
25 | def admin_authorization |
|
|
26 | return false unless check_valid_login |
|
26 | return false unless check_valid_login |
|
|
27 | user = User.includes(:roles).find(session[:user_id]) |
|
27 | user = User.includes(:roles).find(session[:user_id]) |
|
|
28 | unless user.admin? |
|
28 | unless user.admin? |
|
|
29 | unauthorized_redirect |
|
29 | unauthorized_redirect |
|
|
30 | return false |
|
30 | return false |
|
|
31 | end |
|
31 | end |
|
|
32 | return true |
|
32 | return true |
|
|
33 | end |
|
33 | end |
|
|
34 |
|
34 | ||
|
|
35 | def authorization_by_roles(allowed_roles) |
|
35 | def authorization_by_roles(allowed_roles) |
|
|
36 | return false unless check_valid_login |
|
36 | return false unless check_valid_login |
|
|
37 | - user = User.find(session[:user_id]) |
|
37 | + unless @current_user.roles.detect { |role| allowed_roles.member?(role.name) } |
|
|
38 | - unless user.roles.detect { |role| allowed_roles.member?(role.name) } |
|
||
|
|
39 | unauthorized_redirect |
|
38 | unauthorized_redirect |
|
|
40 | return false |
|
39 | return false |
|
|
41 | end |
|
40 | end |
|
|
42 | end |
|
41 | end |
|
|
43 |
|
42 | ||
|
|
44 | def testcase_authorization |
|
43 | def testcase_authorization |
|
|
45 | #admin always has privileged |
|
44 | #admin always has privileged |
|
|
46 | if @current_user.admin? |
|
45 | if @current_user.admin? |
|
|
47 | return true |
|
46 | return true |
|
|
48 | end |
|
47 | end |
|
|
49 |
|
48 | ||
|
|
50 | unauthorized_redirect unless GraderConfiguration["right.view_testcase"] |
|
49 | unauthorized_redirect unless GraderConfiguration["right.view_testcase"] |
|
|
51 | end |
|
50 | end |
|
|
52 |
|
51 | ||
|
|
53 |
|
52 | ||
|
|
54 | protected |
|
53 | protected |
|
|
55 |
|
54 | ||
|
|
56 | #redirect to root (and also force logout) |
|
55 | #redirect to root (and also force logout) |
|
|
57 | #if the user is not logged_in or the system is in "ADMIN ONLY" mode |
|
56 | #if the user is not logged_in or the system is in "ADMIN ONLY" mode |
|
|
58 | def check_valid_login |
|
57 | def check_valid_login |
|
|
59 | #check if logged in |
|
58 | #check if logged in |
|
|
60 | unless session[:user_id] |
|
59 | unless session[:user_id] |
|
|
61 | if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY] |
|
60 | if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY] |
|
|
62 | unauthorized_redirect('You need to login but you cannot log in at this time') |
|
61 | unauthorized_redirect('You need to login but you cannot log in at this time') |
|
|
63 | else |
|
62 | else |
|
|
64 | unauthorized_redirect('You need to login') |
|
63 | unauthorized_redirect('You need to login') |
|
|
65 | end |
|
64 | end |
|
|
66 | return false |
|
65 | return false |
|
|
67 | end |
|
66 | end |
|
|
68 |
|
67 | ||
|
|
69 | # check if run in single user mode |
|
68 | # check if run in single user mode |
|
|
70 | if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY] |
|
69 | if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY] |
|
|
71 | if @current_user==nil || (!@current_user.admin?) |
|
70 | if @current_user==nil || (!@current_user.admin?) |
|
|
72 | unauthorized_redirect('You cannot log in at this time') |
|
71 | unauthorized_redirect('You cannot log in at this time') |
|
|
73 | return false |
|
72 | return false |
|
|
74 | end |
|
73 | end |
|
|
75 | end |
|
74 | end |
|
|
76 |
|
75 | ||
|
|
77 | # check if the user is enabled |
|
76 | # check if the user is enabled |
|
|
78 | unless @current_user.enabled? || @current_user.admin? |
|
77 | unless @current_user.enabled? || @current_user.admin? |
|
|
79 | unauthorized_redirect 'Your account is disabled' |
|
78 | unauthorized_redirect 'Your account is disabled' |
|
|
80 | return false |
|
79 | return false |
|
|
81 | end |
|
80 | end |
|
|
82 |
|
81 | ||
|
|
83 | # check if user ip is allowed |
|
82 | # check if user ip is allowed |
|
|
84 | unless @current_user.admin? || GraderConfiguration[WHITELIST_IGNORE_CONF_KEY] |
|
83 | unless @current_user.admin? || GraderConfiguration[WHITELIST_IGNORE_CONF_KEY] |
|
|
85 | unless is_request_ip_allowed? |
|
84 | unless is_request_ip_allowed? |
|
|
86 | unauthorized_redirect 'Your IP is not allowed to login at this time.' |
|
85 | unauthorized_redirect 'Your IP is not allowed to login at this time.' |
|
|
87 | return false |
|
86 | return false |
|
|
88 | end |
|
87 | end |
|
|
89 | end |
|
88 | end |
|
|
90 |
|
89 | ||
|
|
91 | if GraderConfiguration.multicontests? |
|
90 | if GraderConfiguration.multicontests? |
|
|
92 | return true if @current_user.admin? |
|
91 | return true if @current_user.admin? |
|
|
93 | begin |
|
92 | begin |
|
|
94 | if @current_user.contest_stat(true).forced_logout |
|
93 | if @current_user.contest_stat(true).forced_logout |
|
|
95 | flash[:notice] = 'You have been automatically logged out.' |
|
94 | flash[:notice] = 'You have been automatically logged out.' |
|
|
96 | redirect_to :controller => 'main', :action => 'index' |
|
95 | redirect_to :controller => 'main', :action => 'index' |
|
|
97 | end |
|
96 | end |
|
|
98 | rescue |
|
97 | rescue |
|
|
99 | end |
|
98 | end |
|
|
100 | end |
|
99 | end |
|
|
101 | return true |
|
100 | return true |
|
|
102 | end |
|
101 | end |
|
|
103 |
|
102 | ||
|
|
104 | #redirect to root (and also force logout) |
|
103 | #redirect to root (and also force logout) |
|
|
105 | #if the user use different ip from the previous connection |
|
104 | #if the user use different ip from the previous connection |
|
|
106 | # only applicable when MULTIPLE_IP_LOGIN options is false only |
|
105 | # only applicable when MULTIPLE_IP_LOGIN options is false only |
|
|
107 | def authenticate_by_ip_address |
|
106 | def authenticate_by_ip_address |
|
|
108 | #this assume that we have already authenticate normally |
|
107 | #this assume that we have already authenticate normally |
|
|
109 | unless GraderConfiguration[MULTIPLE_IP_LOGIN_CONF_KEY] |
|
108 | unless GraderConfiguration[MULTIPLE_IP_LOGIN_CONF_KEY] |
|
|
110 | user = User.find(session[:user_id]) |
|
109 | user = User.find(session[:user_id]) |
|
|
111 | if (!user.admin? && user.last_ip && user.last_ip != request.remote_ip) |
|
110 | if (!user.admin? && user.last_ip && user.last_ip != request.remote_ip) |
|
|
112 | flash[:notice] = "You cannot use the system from #{request.remote_ip}. Your last ip is #{user.last_ip}" |
|
111 | flash[:notice] = "You cannot use the system from #{request.remote_ip}. Your last ip is #{user.last_ip}" |
|
|
113 | redirect_to :controller => 'main', :action => 'login' |
|
112 | redirect_to :controller => 'main', :action => 'login' |
|
|
114 | return false |
|
113 | return false |
|
|
115 | end |
|
114 | end |
|
|
116 | unless user.last_ip |
|
115 | unless user.last_ip |
|
|
117 | user.last_ip = request.remote_ip |
|
116 | user.last_ip = request.remote_ip |
|
|
118 | user.save |
|
117 | user.save |
|
|
119 | end |
|
118 | end |
|
|
120 | end |
|
119 | end |
|
|
121 | return true |
|
120 | return true |
|
|
122 | end |
|
121 | end |
|
|
123 |
|
122 | ||
|
|
124 | def authorization |
|
123 | def authorization |
|
|
125 | return false unless check_valid_login |
|
124 | return false unless check_valid_login |
|
|
126 | user = User.find(session[:user_id]) |
|
125 | user = User.find(session[:user_id]) |
|
|
127 | unless user.roles.detect { |role| |
|
126 | unless user.roles.detect { |role| |
|
|
128 | role.rights.detect{ |right| |
|
127 | role.rights.detect{ |right| |
|
|
129 | right.controller == self.class.controller_name and |
|
128 | right.controller == self.class.controller_name and |
|
|
130 | (right.action == 'all' || right.action == action_name) |
|
129 | (right.action == 'all' || right.action == action_name) |
|
|
131 | } |
|
130 | } |
|
|
132 | } |
|
131 | } |
|
|
133 | flash[:notice] = 'You are not authorized to view the page you requested' |
|
132 | flash[:notice] = 'You are not authorized to view the page you requested' |
|
|
134 | #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login') |
|
133 | #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login') |
| @@ -1,99 +1,102 | |||||
|
|
1 | class ProblemsController < ApplicationController |
|
1 | class ProblemsController < ApplicationController |
|
|
2 |
|
2 | ||
|
|
3 | - before_action :admin_authorization |
|
3 | + before_action :admin_authorization, except: [:stat] |
|
|
|
4 | + before_action only: [:stat] do | ||
|
|
|
5 | + authorization_by_roles(['admin','ta']) | ||
|
|
|
6 | + end | ||
|
|
4 |
|
7 | ||
|
|
5 | in_place_edit_for :problem, :name |
|
8 | in_place_edit_for :problem, :name |
|
|
6 | in_place_edit_for :problem, :full_name |
|
9 | in_place_edit_for :problem, :full_name |
|
|
7 | in_place_edit_for :problem, :full_score |
|
10 | in_place_edit_for :problem, :full_score |
|
|
8 |
|
11 | ||
|
|
9 | def index |
|
12 | def index |
|
|
10 | @problems = Problem.order(date_added: :desc) |
|
13 | @problems = Problem.order(date_added: :desc) |
|
|
11 | end |
|
14 | end |
|
|
12 |
|
15 | ||
|
|
13 |
|
16 | ||
|
|
14 | def show |
|
17 | def show |
|
|
15 | @problem = Problem.find(params[:id]) |
|
18 | @problem = Problem.find(params[:id]) |
|
|
16 | end |
|
19 | end |
|
|
17 |
|
20 | ||
|
|
18 | def new |
|
21 | def new |
|
|
19 | @problem = Problem.new |
|
22 | @problem = Problem.new |
|
|
20 | @description = nil |
|
23 | @description = nil |
|
|
21 | end |
|
24 | end |
|
|
22 |
|
25 | ||
|
|
23 | def create |
|
26 | def create |
|
|
24 | @problem = Problem.new(problem_params) |
|
27 | @problem = Problem.new(problem_params) |
|
|
25 | @description = Description.new(description_params) |
|
28 | @description = Description.new(description_params) |
|
|
26 | if @description.body!='' |
|
29 | if @description.body!='' |
|
|
27 | if !@description.save |
|
30 | if !@description.save |
|
|
28 | render :action => new and return |
|
31 | render :action => new and return |
|
|
29 | end |
|
32 | end |
|
|
30 | else |
|
33 | else |
|
|
31 | @description = nil |
|
34 | @description = nil |
|
|
32 | end |
|
35 | end |
|
|
33 | @problem.description = @description |
|
36 | @problem.description = @description |
|
|
34 | if @problem.save |
|
37 | if @problem.save |
|
|
35 | flash[:notice] = 'Problem was successfully created.' |
|
38 | flash[:notice] = 'Problem was successfully created.' |
|
|
36 | redirect_to action: :index |
|
39 | redirect_to action: :index |
|
|
37 | else |
|
40 | else |
|
|
38 | render :action => 'new' |
|
41 | render :action => 'new' |
|
|
39 | end |
|
42 | end |
|
|
40 | end |
|
43 | end |
|
|
41 |
|
44 | ||
|
|
42 | def quick_create |
|
45 | def quick_create |
|
|
43 | @problem = Problem.new(problem_params) |
|
46 | @problem = Problem.new(problem_params) |
|
|
44 | @problem.full_name = @problem.name if @problem.full_name == '' |
|
47 | @problem.full_name = @problem.name if @problem.full_name == '' |
|
|
45 | @problem.full_score = 100 |
|
48 | @problem.full_score = 100 |
|
|
46 | @problem.available = false |
|
49 | @problem.available = false |
|
|
47 | @problem.test_allowed = true |
|
50 | @problem.test_allowed = true |
|
|
48 | @problem.output_only = false |
|
51 | @problem.output_only = false |
|
|
49 | @problem.date_added = Time.new |
|
52 | @problem.date_added = Time.new |
|
|
50 | if @problem.save |
|
53 | if @problem.save |
|
|
51 | flash[:notice] = 'Problem was successfully created.' |
|
54 | flash[:notice] = 'Problem was successfully created.' |
|
|
52 | redirect_to action: :index |
|
55 | redirect_to action: :index |
|
|
53 | else |
|
56 | else |
|
|
54 | flash[:notice] = 'Error saving problem' |
|
57 | flash[:notice] = 'Error saving problem' |
|
|
55 | redirect_to action: :index |
|
58 | redirect_to action: :index |
|
|
56 | end |
|
59 | end |
|
|
57 | end |
|
60 | end |
|
|
58 |
|
61 | ||
|
|
59 | def edit |
|
62 | def edit |
|
|
60 | @problem = Problem.find(params[:id]) |
|
63 | @problem = Problem.find(params[:id]) |
|
|
61 | @description = @problem.description |
|
64 | @description = @problem.description |
|
|
62 | end |
|
65 | end |
|
|
63 |
|
66 | ||
|
|
64 | def update |
|
67 | def update |
|
|
65 | @problem = Problem.find(params[:id]) |
|
68 | @problem = Problem.find(params[:id]) |
|
|
66 | @description = @problem.description |
|
69 | @description = @problem.description |
|
|
67 | if @description.nil? and params[:description][:body]!='' |
|
70 | if @description.nil? and params[:description][:body]!='' |
|
|
68 | @description = Description.new(description_params) |
|
71 | @description = Description.new(description_params) |
|
|
69 | if !@description.save |
|
72 | if !@description.save |
|
|
70 | flash[:notice] = 'Error saving description' |
|
73 | flash[:notice] = 'Error saving description' |
|
|
71 | render :action => 'edit' and return |
|
74 | render :action => 'edit' and return |
|
|
72 | end |
|
75 | end |
|
|
73 | @problem.description = @description |
|
76 | @problem.description = @description |
|
|
74 | elsif @description |
|
77 | elsif @description |
|
|
75 | if !@description.update_attributes(description_params) |
|
78 | if !@description.update_attributes(description_params) |
|
|
76 | flash[:notice] = 'Error saving description' |
|
79 | flash[:notice] = 'Error saving description' |
|
|
77 | render :action => 'edit' and return |
|
80 | render :action => 'edit' and return |
|
|
78 | end |
|
81 | end |
|
|
79 | end |
|
82 | end |
|
|
80 | if params[:file] and params[:file].content_type != 'application/pdf' |
|
83 | if params[:file] and params[:file].content_type != 'application/pdf' |
|
|
81 | flash[:notice] = 'Error: Uploaded file is not PDF' |
|
84 | flash[:notice] = 'Error: Uploaded file is not PDF' |
|
|
82 | render :action => 'edit' and return |
|
85 | render :action => 'edit' and return |
|
|
83 | end |
|
86 | end |
|
|
84 | if @problem.update_attributes(problem_params) |
|
87 | if @problem.update_attributes(problem_params) |
|
|
85 | flash[:notice] = 'Problem was successfully updated.' |
|
88 | flash[:notice] = 'Problem was successfully updated.' |
|
|
86 | unless params[:file] == nil or params[:file] == '' |
|
89 | unless params[:file] == nil or params[:file] == '' |
|
|
87 | flash[:notice] = 'Problem was successfully updated and a new PDF file is uploaded.' |
|
90 | flash[:notice] = 'Problem was successfully updated and a new PDF file is uploaded.' |
|
|
88 | out_dirname = "#{Problem.download_file_basedir}/#{@problem.id}" |
|
91 | out_dirname = "#{Problem.download_file_basedir}/#{@problem.id}" |
|
|
89 | if not FileTest.exists? out_dirname |
|
92 | if not FileTest.exists? out_dirname |
|
|
90 | Dir.mkdir out_dirname |
|
93 | Dir.mkdir out_dirname |
|
|
91 | end |
|
94 | end |
|
|
92 |
|
95 | ||
|
|
93 | out_filename = "#{out_dirname}/#{@problem.name}.pdf" |
|
96 | out_filename = "#{out_dirname}/#{@problem.name}.pdf" |
|
|
94 | if FileTest.exists? out_filename |
|
97 | if FileTest.exists? out_filename |
|
|
95 | File.delete out_filename |
|
98 | File.delete out_filename |
|
|
96 | end |
|
99 | end |
|
|
97 |
|
100 | ||
|
|
98 | File.open(out_filename,"wb") do |file| |
|
101 | File.open(out_filename,"wb") do |file| |
|
|
99 | file.write(params[:file].read) |
|
102 | file.write(params[:file].read) |
You need to be logged in to leave comments.
Login now