diff --git a/app/controllers/graders_controller.rb b/app/controllers/graders_controller.rb
--- a/app/controllers/graders_controller.rb
+++ b/app/controllers/graders_controller.rb
@@ -2,13 +2,20 @@
 
   before_filter :admin_authorization, except: [ :submission ]
   before_filter(only: [:submission]) {
+    #check if authenticated
     return false unless authenticate
 
-    if GraderConfiguration["right.user_view_submission"]
-      return true;
+    #admin always has privileged
+    if @current_user.admin?
+      return true
     end
 
-    admin_authorization
+    if GraderConfiguration["right.user_view_submission"] and Submission.find(params[:id]).problem.available?
+      return true
+    else
+      unauthorized_redirect
+      return false
+    end
   }
 
   verify :method => :post, :only => ['clear_all', 
@@ -33,6 +40,7 @@
     @last_test_request = TestRequest.find(:first,
                                           :order => 'created_at DESC')
     @submission = Submission.order("id desc").limit(20)
+    @backlog_submission = Submission.where('graded_at is null')
   end
 
   def clear
@@ -86,6 +94,9 @@
     @formatted_code = formatter.format(lexer.lex(@submission.source))
     @css_style = Rouge::Themes::ThankfulEyes.render(scope: '.highlight')
 
+    user = User.find(session[:user_id])
+    SubmissionViewLog.create(user_id: session[:user_id],submission_id: @submission.id) unless user.admin?
+
   end
 
   # various grader controls