|
|
require 'csv'
|
|
|
|
|
|
class UserAdminController < ApplicationController
|
|
|
|
|
|
include MailHelperMethods
|
|
|
|
|
|
before_action :admin_authorization
|
|
|
|
|
|
def index
|
|
|
@user_count = User.count
|
|
|
@users = User.all
|
|
|
@hidden_columns = ['hashed_password', 'salt', 'created_at', 'updated_at']
|
|
|
@contests = Contest.enabled
|
|
|
end
|
|
|
|
|
|
def active
|
|
|
sessions = ActiveRecord::SessionStore::Session.where("updated_at >= ?", 60.minutes.ago)
|
|
|
@users = []
|
|
|
sessions.each do |session|
|
|
|
if session.data[:user_id]
|
|
|
@users << User.find(session.data[:user_id])
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def show
|
|
|
@user = User.find(params[:id])
|
|
|
end
|
|
|
|
|
|
def new
|
|
|
@user = User.new
|
|
|
end
|
|
|
|
|
|
def create
|
|
|
@user = User.new(user_params)
|
|
|
@user.activated = true
|
|
|
if @user.save
|
|
|
flash[:notice] = 'User was successfully created.'
|
|
|
redirect_to :action => 'index'
|
|
|
else
|
|
|
render :action => 'new'
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def clear_last_ip
|
|
|
@user = User.find(params[:id])
|
|
|
@user.last_ip = nil
|
|
|
@user.save
|
|
|
redirect_to action: 'index', page: params[:page]
|
|
|
end
|
|
|
|
|
|
def create_from_list
|
|
|
lines = params[:user_list]
|
|
|
|
|
|
|
|
|
res = User.create_from_list(lines)
|
|
|
error_logins = res[:error_logins]
|
|
|
error_msg = res[:first_error]
|
|
|
ok_user = res[:created_users]
|
|
|
|
|
|
|
|
|
#add to group
|
|
|
if params[:add_to_group]
|
|
|
group = Group.find_by(id: params[:group_id])&.add_users_skip_existing(ok_user)
|
|
|
end
|
|
|
|
|
|
# show flash
|
|
|
if ok_user.count > 0
|
|
|
flash[:success] = "#{ok_user.count} user(s) was created or updated successfully"
|
|
|
end
|
|
|
if error_logins.size > 0
|
|
|
flash[:error] = "Following user(s) failed to be created: " + error_note.join(', ') + ". The error of the first failed one are: " + error_msg;
|
|
|
end
|
|
|
redirect_to :action => 'index'
|
|
|
end
|
|
|
|
|
|
def edit
|
|
|
@user = User.find(params[:id])
|
|
|
end
|
|
|
|
|
|
def update
|
|
|
@user = User.find(params[:id])
|
|
|
if @user.update_attributes(user_params)
|
|
|
flash[:notice] = 'User was successfully updated.'
|
|
|
redirect_to :action => 'show', :id => @user
|
|
|
else
|
|
|
render :action => 'edit'
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def destroy
|
|
|
User.find(params[:id]).destroy
|
|
|
redirect_to :action => 'index'
|
|
|
end
|
|
|
|
|
|
def user_stat
|
|
|
if params[:commit] == 'download csv'
|
|
|
@problems = Problem.all
|
|
|
else
|
|
|
@problems = Problem.available_problems
|
|
|
end
|
|
|
@users = User.includes(:contests, :contest_stat).where(enabled: true)
|
|
|
@scorearray = Array.new
|
|
|
@users.each do |u|
|
|
|
ustat = Array.new
|
|
|
ustat[0] = u
|
|
|
@problems.each do |p|
|
|
|
sub = Submission.find_last_by_user_and_problem(u.id,p.id)
|
|
|
if (sub!=nil) and (sub.points!=nil) and p and p.full_score
|
|
|
ustat << [(sub.points.to_f*100/p.full_score).round, (sub.points>=p.full_score)]
|
|
|
else
|
|
|
ustat << [0,false]
|
|
|
end
|
|
|
end
|
|
|
@scorearray << ustat
|
|
|
end
|
|
|
if params[:commit] == 'download csv' then
|
|
|
csv = gen_csv_from_scorearray(@scorearray,@problems)
|
|
|
send_data csv, filename: 'last_score.csv'
|
|
|
else
|
|
|
render template: 'user_admin/user_stat'
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def user_stat_max
|
|
|
if params[:commit] == 'download csv'
|
|
|
@problems = Problem.all
|
|
|
else
|
|
|
@problems = Problem.available_problems
|
|
|
end
|
|
|
@users = User.includes(:contests).includes(:contest_stat).all
|
|
|
@scorearray = Array.new
|
|
|
#set up range from param
|
|
|
since_id = params.fetch(:since_id, 0).to_i
|
|
|
until_id = params.fetch(:until_id, 0).to_i
|
|
|
@users.each do |u|
|
|
|
ustat = Array.new
|
|
|
ustat[0] = u
|
|
|
@problems.each do |p|
|
|
|
max_points = 0
|
|
|
Submission.find_in_range_by_user_and_problem(u.id,p.id,since_id,until_id).each do |sub|
|
|
|
max_points = sub.points if sub and sub.points and (sub.points > max_points)
|
|
|
end
|
|
|
ustat << [(max_points.to_f*100/p.full_score).round, (max_points>=p.full_score)]
|
|
|
end
|
|
|
@scorearray << ustat
|
|
|
end
|
|
|
|
|
|
if params[:commit] == 'download csv' then
|
|
|
csv = gen_csv_from_scorearray(@scorearray,@problems)
|
|
|
send_data csv, filename: 'max_score.csv'
|
|
|
else
|
|
|
render template: 'user_admin/user_stat'
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def import
|
|
|
if params[:file]==''
|
|
|
flash[:notice] = 'Error importing no file'
|
|
|
redirect_to :action => 'index' and return
|
|
|
end
|
|
|
import_from_file(params[:file])
|
|
|
end
|
|
|
|
|
|
def random_all_passwords
|
|
|
users = User.all
|
|
|
@prefix = params[:prefix] || ''
|
|
|
@non_admin_users = User.find_non_admin_with_prefix(@prefix)
|
|
|
@changed = false
|
|
|
if params[:commit] == 'Go ahead'
|
|
|
@non_admin_users.each do |user|
|
|
|
password = random_password
|
|
|
user.password = password
|
|
|
user.password_confirmation = password
|
|
|
user.save
|
|
|
end
|
|
|
@changed = true
|
|
|
end
|
|
|
end
|
|
|
|
|
|
# contest management
|
|
|
|
|
|
def contests
|
|
|
@contest, @users = find_contest_and_user_from_contest_id(params[:id])
|
|
|
@contests = Contest.enabled
|
|
|
end
|
|
|
|
|
|
def assign_from_list
|
|
|
contest_id = params[:users_contest_id]
|
|
|
org_contest, users = find_contest_and_user_from_contest_id(contest_id)
|
|
|
contest = Contest.find(params[:new_contest][:id])
|
|
|
if !contest
|
|
|
flash[:notice] = 'Error: no contest'
|
|
|
redirect_to :action => 'contests', :id =>contest_id
|
|
|
end
|
|
|
|
|
|
note = []
|
|
|
users.each do |u|
|
|
|
u.contests = [contest]
|
|
|
note << u.login
|
|
|
end
|
|
|
flash[:notice] = 'User(s) ' + note.join(', ') +
|
|
|
" were successfully reassigned to #{contest.title}."
|
|
|
redirect_to :action => 'contests', :id =>contest.id
|
|
|
end
|
|
|
|
|
|
def add_to_contest
|
|
|
user = User.find(params[:id])
|
|
|
contest = Contest.find(params[:contest_id])
|
|
|
if user and contest
|
|
|
user.contests << contest
|
|
|
end
|
|
|
redirect_to :action => 'index'
|
|
|
end
|
|
|
|
|
|
def remove_from_contest
|
|
|
user = User.find(params[:id])
|
|
|
contest = Contest.find(params[:contest_id])
|
|
|
if user and contest
|
|
|
user.contests.delete(contest)
|
|
|
end
|
|
|
redirect_to :action => 'index'
|
|
|
end
|
|
|
|
|
|
def contest_management
|
|
|
end
|
|
|
|
|
|
def manage_contest
|
|
|
contest = Contest.find(params[:contest][:id])
|
|
|
if !contest
|
|
|
flash[:notice] = 'You did not choose the contest.'
|
|
|
redirect_to :action => 'contest_management' and return
|
|
|
end
|
|
|
|
|
|
operation = params[:operation]
|
|
|
|
|
|
if not ['add','remove','assign'].include? operation
|
|
|
flash[:notice] = 'You did not choose the operation to perform.'
|
|
|
redirect_to :action => 'contest_management' and return
|
|
|
end
|
|
|
|
|
|
lines = params[:login_list]
|
|
|
if !lines or lines.blank?
|
|
|
flash[:notice] = 'You entered an empty list.'
|
|
|
redirect_to :action => 'contest_management' and return
|
|
|
end
|
|
|
|
|
|
note = []
|
|
|
users = []
|
|
|
lines.split("\n").each do |line|
|
|
|
user = User.find_by_login(line.chomp)
|
|
|
if user
|
|
|
if operation=='add'
|
|
|
if ! user.contests.include? contest
|
|
|
user.contests << contest
|
|
|
end
|
|
|
elsif operation=='remove'
|
|
|
user.contests.delete(contest)
|
|
|
else
|
|
|
user.contests = [contest]
|
|
|
end
|
|
|
|
|
|
if params[:reset_timer]
|
|
|
user.contest_stat.forced_logout = true
|
|
|
user.contest_stat.reset_timer_and_save
|
|
|
end
|
|
|
|
|
|
if params[:notification_emails]
|
|
|
send_contest_update_notification_email(user, contest)
|
|
|
end
|
|
|
|
|
|
note << user.login
|
|
|
users << user
|
|
|
end
|
|
|
end
|
|
|
|
|
|
if params[:reset_timer]
|
|
|
logout_users(users)
|
|
|
end
|
|
|
|
|
|
flash[:notice] = 'User(s) ' + note.join(', ') +
|
|
|
' were successfully modified. '
|
|
|
redirect_to :action => 'contest_management'
|
|
|
end
|
|
|
|
|
|
# admin management
|
|
|
|
|
|
def admin
|
|
|
@admins = Role.where(name: 'admin').take.users
|
|
|
@tas = Role.where(name: 'ta').take.users
|
|
|
end
|
|
|
|
|
|
def modify_role
|
|
|
user = User.find_by_login(params[:login])
|
|
|
role = Role.find_by_name(params[:role])
|
|
|
unless user && role
|
|
|
flash[:error] = 'Unknown user or role'
|
|
|
redirect_to admin_user_admin_index_path
|
|
|
return
|
|
|
end
|
|
|
if params[:commit] == 'Grant'
|
|
|
#grant role
|
|
|
user.roles << role
|
|
|
flash[:notice] = "User '#{user.login}' has been granted the role '#{role.name}'"
|
|
|
else
|
|
|
#revoke role
|
|
|
if user.login == 'root' && role.name == 'admin'
|
|
|
flash[:error] = 'You cannot revoke admisnistrator permission from root.'
|
|
|
redirect_to admin_user_admin_index_path
|
|
|
return
|
|
|
end
|
|
|
user.roles.delete(role)
|
|
|
flash[:notice] = "The role '#{role.name}' has been revoked from User '#{user.login}'"
|
|
|
end
|
|
|
redirect_to admin_user_admin_index_path
|
|
|
end
|
|
|
|
|
|
# mass mailing
|
|
|
|
|
|
def mass_mailing
|
|
|
end
|
|
|
|
|
|
def bulk_mail
|
|
|
lines = params[:login_list]
|
|
|
if !lines or lines.blank?
|
|
|
flash[:notice] = 'You entered an empty list.'
|
|
|
redirect_to :action => 'mass_mailing' and return
|
|
|
end
|
|
|
|
|
|
mail_subject = params[:subject]
|
|
|
if !mail_subject or mail_subject.blank?
|
|
|
flash[:notice] = 'You entered an empty mail subject.'
|
|
|
redirect_to :action => 'mass_mailing' and return
|
|
|
end
|
|
|
|
|
|
mail_body = params[:email_body]
|
|
|
if !mail_body or mail_body.blank?
|
|
|
flash[:notice] = 'You entered an empty mail body.'
|
|
|
redirect_to :action => 'mass_mailing' and return
|
|
|
end
|
|
|
|
|
|
note = []
|
|
|
users = []
|
|
|
lines.split("\n").each do |line|
|
|
|
user = User.find_by_login(line.chomp)
|
|
|
if user
|
|
|
send_mail(user.email, mail_subject, mail_body)
|
|
|
note << user.login
|
|
|
end
|
|
|
end
|
|
|
|
|
|
flash[:notice] = 'User(s) ' + note.join(', ') +
|
|
|
' were successfully modified. '
|
|
|
redirect_to :action => 'mass_mailing'
|
|
|
end
|
|
|
|
|
|
#bulk manage
|
|
|
def bulk_manage
|
|
|
|
|
|
begin
|
|
|
if params[:filter_group]
|
|
|
@users = Group.find_by(id: params[:filter_group_id]).users
|
|
|
else
|
|
|
@users = User.all
|
|
|
end
|
|
|
@users = @users.where('(login REGEXP ?) OR (remark REGEXP ?)',params[:regex],params[:regex]) unless params[:regex].blank?
|
|
|
@users.count if @users #test the sql
|
|
|
rescue Exception
|
|
|
flash[:error] = 'Regular Expression is malformed'
|
|
|
@users = nil
|
|
|
end
|
|
|
|
|
|
if params[:commit]
|
|
|
@action = {}
|
|
|
@action[:set_enable] = params[:enabled]
|
|
|
@action[:enabled] = params[:enable] == "1"
|
|
|
@action[:gen_password] = params[:gen_password]
|
|
|
@action[:add_group] = params[:add_group]
|
|
|
@action[:group_name] = params[:group_name]
|
|
|
end
|
|
|
|
|
|
if params[:commit] == "Perform"
|
|
|
if @action[:set_enable]
|
|
|
@users.update_all(enabled: @action[:enabled])
|
|
|
end
|
|
|
if @action[:gen_password]
|
|
|
@users.each do |u|
|
|
|
password = random_password
|
|
|
u.password = password
|
|
|
u.password_confirmation = password
|
|
|
u.save
|
|
|
end
|
|
|
end
|
|
|
if @action[:add_group] and @action[:group_name]
|
|
|
@group = Group.find(@action[:group_name])
|
|
|
ok = []
|
|
|
failed = []
|
|
|
@users.each do |user|
|
|
|
begin
|
|
|
@group.users << user
|
|
|
ok << user.login
|
|
|
rescue => e
|
|
|
failed << user.login
|
|
|
end
|
|
|
end
|
|
|
flash[:success] = "The following users are added to the 'group #{@group.name}': " + ok.join(', ') if ok.count > 0
|
|
|
flash[:alert] = "The following users are already in the 'group #{@group.name}': " + failed.join(', ') if failed.count > 0
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
|
|
|
protected
|
|
|
|
|
|
def random_password(length=5)
|
|
|
chars = 'abcdefghijkmnopqrstuvwxyz23456789'
|
|
|
newpass = ""
|
|
|
length.times { newpass << chars[rand(chars.size-1)] }
|
|
|
return newpass
|
|
|
end
|
|
|
|
|
|
def import_from_file(f)
|
|
|
data_hash = YAML.load(f)
|
|
|
@import_log = ""
|
|
|
|
|
|
country_data = data_hash[:countries]
|
|
|
site_data = data_hash[:sites]
|
|
|
user_data = data_hash[:users]
|
|
|
|
|
|
# import country
|
|
|
countries = {}
|
|
|
country_data.each_pair do |id,country|
|
|
|
c = Country.find_by_name(country[:name])
|
|
|
if c!=nil
|
|
|
countries[id] = c
|
|
|
@import_log << "Found #{country[:name]}\n"
|
|
|
else
|
|
|
countries[id] = Country.new(:name => country[:name])
|
|
|
countries[id].save
|
|
|
@import_log << "Created #{country[:name]}\n"
|
|
|
end
|
|
|
end
|
|
|
|
|
|
# import sites
|
|
|
sites = {}
|
|
|
site_data.each_pair do |id,site|
|
|
|
s = Site.find_by_name(site[:name])
|
|
|
if s!=nil
|
|
|
@import_log << "Found #{site[:name]}\n"
|
|
|
else
|
|
|
s = Site.new(:name => site[:name])
|
|
|
@import_log << "Created #{site[:name]}\n"
|
|
|
end
|
|
|
s.password = site[:password]
|
|
|
s.country = countries[site[:country_id]]
|
|
|
s.save
|
|
|
sites[id] = s
|
|
|
end
|
|
|
|
|
|
# import users
|
|
|
user_data.each_pair do |id,user|
|
|
|
u = User.find_by_login(user[:login])
|
|
|
if u!=nil
|
|
|
@import_log << "Found #{user[:login]}\n"
|
|
|
else
|
|
|
u = User.new(:login => user[:login])
|
|
|
@import_log << "Created #{user[:login]}\n"
|
|
|
end
|
|
|
u.full_name = user[:name]
|
|
|
u.password = user[:password]
|
|
|
u.country = countries[user[:country_id]]
|
|
|
u.site = sites[user[:site_id]]
|
|
|
u.activated = true
|
|
|
u.email = "empty-#{u.login}@none.com"
|
|
|
if not u.save
|
|
|
@import_log << "Errors\n"
|
|
|
u.errors.each { |attr,msg| @import_log << "#{attr} - #{msg}\n" }
|
|
|
end
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
def logout_users(users)
|
|
|
users.each do |user|
|
|
|
contest_stat = user.contest_stat(true)
|
|
|
if contest_stat and !contest_stat.forced_logout
|
|
|
contest_stat.forced_logout = true
|
|
|
contest_stat.save
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
|
|
|
def send_contest_update_notification_email(user, contest)
|
|
|
contest_title_name = GraderConfiguration['contest.name']
|
|
|
contest_name = contest.name
|
|
|
mail_subject = t('contest.notification.email_subject', {
|
|
|
:contest_title_name => contest_title_name,
|
|
|
:contest_name => contest_name })
|
|
|
mail_body = t('contest.notification.email_body', {
|
|
|
:full_name => user.full_name,
|
|
|
:contest_title_name => contest_title_name,
|
|
|
:contest_name => contest.name,
|
|
|
})
|
|
|
|
|
|
logger.info mail_body
|
|
|
send_mail(user.email, mail_subject, mail_body)
|
|
|
end
|
|
|
|
|
|
def find_contest_and_user_from_contest_id(id)
|
|
|
if id!='none'
|
|
|
@contest = Contest.find(id)
|
|
|
else
|
|
|
@contest = nil
|
|
|
end
|
|
|
if @contest
|
|
|
@users = @contest.users
|
|
|
else
|
|
|
@users = User.find_users_with_no_contest
|
|
|
end
|
|
|
return [@contest, @users]
|
|
|
end
|
|
|
|
|
|
def gen_csv_from_scorearray(scorearray,problem)
|
|
|
CSV.generate do |csv|
|
|
|
#add header
|
|
|
header = ['User','Name', 'Activated?', 'Logged in', 'Contest']
|
|
|
problem.each { |p| header << p.name }
|
|
|
header += ['Total','Passed']
|
|
|
csv << header
|
|
|
#add data
|
|
|
scorearray.each do |sc|
|
|
|
total = num_passed = 0
|
|
|
row = Array.new
|
|
|
sc.each_index do |i|
|
|
|
if i == 0
|
|
|
row << sc[i].login
|
|
|
row << sc[i].full_name
|
|
|
row << sc[i].activated
|
|
|
row << (sc[i].try(:contest_stat).try(:started_at).nil? ? 'no' : 'yes')
|
|
|
row << sc[i].contests.collect {|c| c.name}.join(', ')
|
|
|
else
|
|
|
row << sc[i][0]
|
|
|
total += sc[i][0]
|
|
|
num_passed += 1 if sc[i][1]
|
|
|
end
|
|
|
end
|
|
|
row << total
|
|
|
row << num_passed
|
|
|
csv << row
|
|
|
end
|
|
|
end
|
|
|
end
|
|
|
|
|
|
private
|
|
|
def user_params
|
|
|
params.require(:user).permit(:login,:password,:password_confirmation,:email, :alias, :full_name,:remark)
|
|
|
end
|
|
|
end
|
|
|
|
