cafe-grader-web Commit - r526:f7b4a30e2f5d

cafe-grader-web

Commit `r526:f7b4a30e2f5d` public

parent | child

Description:

merge with algo-bm, take cheat report

Commit status:

[Not Reviewed]

References:

merge java

Diff options:

| | | |

Comments:

0 Commit comments 0 Inline Comments

Unresolved TODOs:

There are no unresolved TODOs

Add another comment

r526:f7b4a30e2f5d - Tue, 11 Aug 2015 11:28:41 - 12 files changed: 252 inserted, 6 deleted

app/views/report/cheat_report.html.haml created 644 ¶ +77

@@ -0,0 +1,77
	1	+ - content_for :header do
	2	+ = stylesheet_link_tag 'tablesorter-theme.cafe'
	3	+ = javascript_include_tag 'local_jquery'
	4	+
	5	+ %script{:type=>"text/javascript"}
	6	+ $(function () {
	7	+ $('#since_datetime').datetimepicker({ showButtonPanel: true, dateFormat: "yy-mm-dd", controlType: "slider"} );
	8	+ $('#until_datetime').datetimepicker({ showButtonPanel: true, dateFormat: "yy-mm-dd", controlType: "slider"} );
	9	+ $('#my_table').tablesorter({widthFixed: true, widgets: ['zebra']});
	10	+ $('#my_table2').tablesorter({widthFixed: true, widgets: ['zebra']});
	11	+ $('#sub_table').tablesorter({widthFixed: true, widgets: ['zebra']});
	12	+ });
	13	+
	14	+ %h1 Login status
	15	+
	16	+ =render partial: 'report_menu'
	17	+ =render partial: 'date_range', locals: {param_text: 'Login date range:', title: 'Query login stat in the range' }
	18	+
	19	+ %h2 Suspect
	20	+
	21	+ %table.tablesorter-cafe#my_table
	22	+ %thead
	23	+ %tr
	24	+ %th login
	25	+ %th full name
	26	+ %th login count
	27	+ %tbody
	28	+ - @ml.each do \|l\|
	29	+ %tr{class: cycle('info-even','info-odd')}
	30	+ %td= link_to l[:login], controller: 'users', action: 'profile', id: l[:id]
	31	+ %td= l[:full_name]
	32	+ %td= l[:count]
	33	+
	34	+
	35	+ %h2 Multiple Logins Report
	36	+ This section reports all logins record that have either multiple ip per login or multiple login per ip.
	37	+
	38	+ %table.tablesorter-cafe#my_table2
	39	+ %thead
	40	+ %tr
	41	+ %th login
	42	+ %th full name
	43	+ %th IP
	44	+ %th time
	45	+ %tbody
	46	+ - @mld.each do \|l\|
	47	+ %tr{class: cycle('info-even','info-odd')}
	48	+ %td= link_to l.user[:login], controller: 'users', action: 'profile', id: l[:user_id]
	49	+ %td= l.user[:full_name]
	50	+ %td= l[:ip_address]
	51	+ %td= l[:created_at]
	52	+
	53	+ %h2 Multiple IP Submissions Report
	54	+ This section reports all submission records that have USER_ID matchs ID that logins on multiple IP
	55	+ and that have IP_ADDRESS that has multiple ID logins
	56	+
	57	+ Be noted that when submission IP address is not available, this might exclude
	58	+ submissions that come from ID that login on multiple-login IP
	59	+
	60	+ %table.tablesorter-cafe#sub_table
	61	+ %thead
	62	+ %tr
	63	+ %th login
	64	+ %th full name
	65	+ %th IP
	66	+ %th problem
	67	+ %th Submission
	68	+ %th time
	69	+ %tbody
	70	+ - @subs.each do \|s\|
	71	+ %tr{class: cycle('info-even','info-odd')}
	72	+ %td= link_to s.user[:login], controller: 'users', action: 'profile', id: s[:user_id]
	73	+ %td= s.user[:full_name]
	74	+ %td= s[:ip_address]
	75	+ %td= s.problem.name
	76	+ %td= link_to(s.id, controller: 'graders' , action: 'submission', id: s.id)
	77	+ %td= s[:submitted_at]

db/migrate/20150503164846_change_userid_on_login.rb created 644 ¶ +9

@@ -0,0 +1,9
	1	+ class ChangeUseridOnLogin < ActiveRecord::Migration
	2	+ def up
	3	+ change_column :logins, :user_id, :integer
	4	+ end
	5	+
	6	+ def down
	7	+ change_column :logins, :user_id, :string
	8	+ end
	9	+ end

app/controllers/application_controller.rb ¶ +18

@@ -2,6 +2,7
2	protect_from_forgery	2	protect_from_forgery
3		3
4	SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode'	4	SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode'
		5	+ MULTIPLE_IP_LOGIN_CONF_KEY = 'right.multiple_ip_login'
5		6
6	def admin_authorization	7	def admin_authorization
7	return false unless authenticate	8	return false unless authenticate
@@ -61,6 +62,23
61	return true	62	return true
62	end	63	end
63		64
		65	+ def authenticate_by_ip_address
		66	+ #this assume that we have already authenticate normally
		67	+ unless GraderConfiguration[MULTIPLE_IP_LOGIN_CONF_KEY]
		68	+ user = User.find(session[:user_id])
		69	+ if (not user.admin? and user.last_ip and user.last_ip != request.remote_ip)
		70	+ flash[:notice] = "You cannot use the system from #{request.remote_ip}. Your last ip is #{user.last_ip}"
		71	+ redirect_to :controller => 'main', :action => 'login'
		72	+ return false
		73	+ end
		74	+ unless user.last_ip
		75	+ user.last_ip = request.remote_ip
		76	+ user.save
		77	+ end
		78	+ end
		79	+ return true
		80	+ end
		81	+
64	def authorization	82	def authorization
65	return false unless authenticate	83	return false unless authenticate
66	user = User.find(session[:user_id])	84	user = User.find(session[:user_id])

app/controllers/configurations_controller.rb ¶ +1

                 def update
                   @config = GraderConfiguration.find(params[:id])
+            +     User.clear_last_login if @config.key = 'multiple_ip_login' and @config.value == 'true' and params[:grader_configuration][:value] == 'false'
                   respond_to do |format|
                     if @config.update_attributes(params[:grader_configuration])
                       format.json { head :ok }

app/controllers/main_controller.rb ¶ +2

                 prepend_before_filter :reject_announcement_refresh_when_logged_out,
                                       :only => [:announcements]
+            +   before_filter :authenticate_by_ip_address, :only => [:list]
+            +
                 # COMMENTED OUT: filter in each action instead
                 # before_filter :verify_time_limit, :only => [:submit]

app/controllers/report_controller.rb ¶ +125 -1

@@ -1,6 +1,7
1	class ReportController < ApplicationController	1	class ReportController < ApplicationController
2		2
3	- before_filter :admin_authorization, only: [:login_stat,:submission_stat, :stuck]	3	+ before_filter :admin_authorization, only: [:login_stat,:submission_stat, :stuck, :cheat_report, :cheat_scruntinize]
		4	+
4	before_filter(only: [:problem_hof]) { \|c\|	5	before_filter(only: [:problem_hof]) { \|c\|
5	return false unless authenticate	6	return false unless authenticate
6		7
@@ -252,4 +253,127
252	end	253	end
253	end	254	end
254		255
		256	+ def cheat_report
		257	+ date_and_time = '%Y-%m-%d %H:%M'
		258	+ begin
		259	+ md = params[:since_datetime].match(/(\d+)-(\d+)-(\d+) (\d+):(\d+)/)
		260	+ @since_time = Time.zone.local(md[1].to_i,md[2].to_i,md[3].to_i,md[4].to_i,md[5].to_i)
		261	+ rescue
		262	+ @since_time = Time.zone.now.ago( 90.minutes)
		263	+ end
		264	+ begin
		265	+ md = params[:until_datetime].match(/(\d+)-(\d+)-(\d+) (\d+):(\d+)/)
		266	+ @until_time = Time.zone.local(md[1].to_i,md[2].to_i,md[3].to_i,md[4].to_i,md[5].to_i)
		267	+ rescue
		268	+ @until_time = Time.zone.now
		269	+ end
		270	+
		271	+ #multi login
		272	+ @ml = Login.joins(:user).where("logins.created_at >= ? and logins.created_at <= ?",@since_time,@until_time).select('users.login,count(distinct ip_address) as count,users.full_name').group("users.id").having("count > 1")
		273	+
		274	+ st = <<-SQL
		275	+ SELECT l2.*
		276	+ FROM logins l2 INNER JOIN
		277	+ (SELECT u.id,COUNT(DISTINCT ip_address) as count,u.login,u.full_name
		278	+ FROM logins l
		279	+ INNER JOIN users u ON l.user_id = u.id
		280	+ WHERE l.created_at >= '#{@since_time.in_time_zone("UTC")}' and l.created_at <= '#{@until_time.in_time_zone("UTC")}'
		281	+ GROUP BY u.id
		282	+ HAVING count > 1
		283	+ ) ml ON l2.user_id = ml.id
		284	+ WHERE l2.created_at >= '#{@since_time.in_time_zone("UTC")}' and l2.created_at <= '#{@until_time.in_time_zone("UTC")}'
		285	+ UNION
		286	+ SELECT l2.*
		287	+ FROM logins l2 INNER JOIN
		288	+ (SELECT l.ip_address,COUNT(DISTINCT u.id) as count
		289	+ FROM logins l
		290	+ INNER JOIN users u ON l.user_id = u.id
		291	+ WHERE l.created_at >= '#{@since_time.in_time_zone("UTC")}' and l.created_at <= '#{@until_time.in_time_zone("UTC")}'
		292	+ GROUP BY l.ip_address
		293	+ HAVING count > 1
		294	+ ) ml on ml.ip_address = l2.ip_address
		295	+ INNER JOIN users u ON l2.user_id = u.id
		296	+ WHERE l2.created_at >= '#{@since_time.in_time_zone("UTC")}' and l2.created_at <= '#{@until_time.in_time_zone("UTC")}'
		297	+ ORDER BY ip_address,created_at
		298	+ SQL
		299	+ @mld = Login.find_by_sql(st)
		300	+
		301	+ st = <<-SQL
		302	+ SELECT s.id,s.user_id,s.ip_address,s.submitted_at,s.problem_id
		303	+ FROM submissions s INNER JOIN
		304	+ (SELECT u.id,COUNT(DISTINCT ip_address) as count,u.login,u.full_name
		305	+ FROM logins l
		306	+ INNER JOIN users u ON l.user_id = u.id
		307	+ WHERE l.created_at >= ? and l.created_at <= ?
		308	+ GROUP BY u.id
		309	+ HAVING count > 1
		310	+ ) ml ON s.user_id = ml.id
		311	+ WHERE s.submitted_at >= ? and s.submitted_at <= ?
		312	+ UNION
		313	+ SELECT s.id,s.user_id,s.ip_address,s.submitted_at,s.problem_id
		314	+ FROM submissions s INNER JOIN
		315	+ (SELECT l.ip_address,COUNT(DISTINCT u.id) as count
		316	+ FROM logins l
		317	+ INNER JOIN users u ON l.user_id = u.id
		318	+ WHERE l.created_at >= ? and l.created_at <= ?
		319	+ GROUP BY l.ip_address
		320	+ HAVING count > 1
		321	+ ) ml on ml.ip_address = s.ip_address
		322	+ WHERE s.submitted_at >= ? and s.submitted_at <= ?
		323	+ ORDER BY ip_address,submitted_at
		324	+ SQL
		325	+ @subs = Submission.joins(:problem).find_by_sql([st,@since_time,@until_time,
		326	+ @since_time,@until_time,
		327	+ @since_time,@until_time,
		328	+ @since_time,@until_time])
		329	+
		330	+ end
		331	+
		332	+ def cheat_scruntinize
		333	+ #convert date & time
		334	+ date_and_time = '%Y-%m-%d %H:%M'
		335	+ begin
		336	+ md = params[:since_datetime].match(/(\d+)-(\d+)-(\d+) (\d+):(\d+)/)
		337	+ @since_time = Time.zone.local(md[1].to_i,md[2].to_i,md[3].to_i,md[4].to_i,md[5].to_i)
		338	+ rescue
		339	+ @since_time = Time.zone.now.ago( 90.minutes)
		340	+ end
		341	+ begin
		342	+ md = params[:until_datetime].match(/(\d+)-(\d+)-(\d+) (\d+):(\d+)/)
		343	+ @until_time = Time.zone.local(md[1].to_i,md[2].to_i,md[3].to_i,md[4].to_i,md[5].to_i)
		344	+ rescue
		345	+ @until_time = Time.zone.now
		346	+ end
		347	+
		348	+ #convert sid
		349	+ @sid = params[:SID].split(/[,\s]/) if params[:SID]
		350	+ unless @sid and @sid.size > 0
		351	+ return
		352	+ redirect_to actoin: :cheat_scruntinize
		353	+ flash[:notice] = 'Please enter at least 1 student id'
		354	+ end
		355	+ mark = Array.new(@sid.size,'?')
		356	+ condition = "(u.login = " + mark.join(' OR u.login = ') + ')'
		357	+
		358	+ @st = <<-SQL
		359	+ SELECT l.created_at as submitted_at ,-1 as id,u.login,u.full_name,l.ip_address,"" as problem_id,"" as points,l.user_id
		360	+ FROM logins l INNER JOIN users u on l.user_id = u.id
		361	+ WHERE l.created_at >= ? AND l.created_at <= ? AND #{condition}
		362	+ UNION
		363	+ SELECT s.submitted_at,s.id,u.login,u.full_name,s.ip_address,s.problem_id,s.points,s.user_id
		364	+ FROM submissions s INNER JOIN users u ON s.user_id = u.id
		365	+ WHERE s.submitted_at >= ? AND s.submitted_at <= ? AND #{condition}
		366	+ ORDER BY submitted_at
		367	+ SQL
		368	+
		369	+ p = [@st,@since_time,@until_time] + @sid + [@since_time,@until_time] + @sid
		370	+ @logs = Submission.joins(:problem).find_by_sql(p)
		371	+
		372	+
		373	+
		374	+
		375	+
		376	+ end
		377	+
		378	+
255	end	379	end

app/models/login.rb ¶ +2

               class Login < ActiveRecord::Base
+            +   belongs_to :user
+            +
                 attr_accessible :ip_address, :logged_in_at, :user_id
               end

app/models/user.rb ¶ +4

                   end
                 end
+            +   def self.clear_last_login
+            +     User.update_all(:last_ip => nil)
+            +   end
+            +
                 protected
                   def encrypt_new_password
                     return if password.blank?

app/views/report/_date_range.html.haml ¶ +2 -2

                     %tr
                       %td{style: 'width: 120px; font-weight: bold'}= param_text
                       %td{align: 'right'} since:
-            -         %td= text_field_tag 'since_datetime'
+            +         %td= text_field_tag 'since_datetime', @since_time
                     %tr
                       %td
                       %td{align: 'right'} until:
-            -         %td= text_field_tag 'until_datetime'
+            +         %td= text_field_tag 'until_datetime', @until_time
                     %tr
                       %td
                       %td

app/views/report/_report_menu.html.haml ¶ +2 -1

                 %br/
                 = link_to '[Hall of Fame]', :action => 'problem_hof'
                 = link_to '[Struggle]', :action => 'stuck'
-            -   = link_to '[Login]', :action => 'login_stat'
+            +   = link_to '[Cheat Detection]', :action => 'cheat_report'
+            +   = link_to '[Cheat Detail]', :action => 'cheat_scruntinize'
                 = link_to '[Multiple Login]', :action => 'multiple_login'

db/schema.rb ¶ +3 -2

               #
               # It's strongly recommended to check this file into your version control system.
-            - ActiveRecord::Schema.define(:version => 20150203153534) do
+            + ActiveRecord::Schema.define(:version => 20150618085823) do
                 create_table "announcements", :force => true do |t|
                   t.string   "author"
                 end
                 create_table "logins", :force => true do |t|
-            -     t.string   "user_id"
+            +     t.integer  "user_id"
                   t.string   "ip_address"
                   t.datetime "created_at", :null => false
                   t.datetime "updated_at", :null => false
                   t.string   "section"
                   t.boolean  "enabled",                       :default => true
                   t.string   "remark"
+            +     t.string   "last_ip"
                 end
                 add_index "users", ["login"], :name => "index_users_on_login", :unique => true

db/seeds.rb ¶ +7

                  },
                  {
+            +      :key => 'right.multiple_ip_login',
+            +      :value_type => 'boolean',
+            +      :default_value => 'true',
+            +      :description => 'When change from true to false, a user can login from the first IP they logged into afterward.'
+            +    },
+            +
+            +    {
                    :key => 'right.user_view_submission',
                    :value_type => 'boolean',
                    :default_value => 'false',

Write
Preview

You need to be logged in to leave comments. Login now

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository permissions settings

Sign in to your account

Author

r526:f7b4a30e2f5d - Tue, 11 Aug 2015 11:28:41 - 12 files changed: 252 inserted, 6 deleted

Sign in to your account

Commit r526:f7b4a30e2f5d public

Author

r526:f7b4a30e2f5d - Tue, 11 Aug 2015 11:28:41 - 12 files changed: 252 inserted, 6 deleted

Commit `r526:f7b4a30e2f5d` public