diff options
author | mc1824@student.uni-lj.si <mc1824@student.uni-lj.si@5cf9fbd1-b2bc-434c-b4b7-e852f4f63414> | 2015-07-18 10:00:47 +0000 |
---|---|---|
committer | mc1824@student.uni-lj.si <mc1824@student.uni-lj.si@5cf9fbd1-b2bc-434c-b4b7-e852f4f63414> | 2015-07-18 10:00:47 +0000 |
commit | 0a9381178c8f0db5b37f7714bd936560ef28ae40 (patch) | |
tree | 966b655632f54b3d568a6f12c9335caaaf57bf31 /kpov_judge/web | |
parent | 81470e6cf0cd9993bbb7b40d1b1930656dfaac3d (diff) |
Fix some potentially unwanted behavior in website
git-svn-id: https://svn.lusy.fri.uni-lj.si/kpov-public-svn/kpov-public@300 5cf9fbd1-b2bc-434c-b4b7-e852f4f63414
Diffstat (limited to 'kpov_judge/web')
-rwxr-xr-x | kpov_judge/web/kpov_judge/kpov_judge.py | 167 |
1 files changed, 77 insertions, 90 deletions
diff --git a/kpov_judge/web/kpov_judge/kpov_judge.py b/kpov_judge/web/kpov_judge/kpov_judge.py index aadec65..3242c9d 100755 --- a/kpov_judge/web/kpov_judge/kpov_judge.py +++ b/kpov_judge/web/kpov_judge/kpov_judge.py @@ -35,59 +35,47 @@ def before_request(): user = app.config['USERNAME'] password = app.config['PASSWORD'] g.db.authenticate(user, password) - except Exception, e: - # raise e - #no auth or auth config? - pass + except Exception as e: + raise e #no auth or auth config? @app.route('/') def root(): student_id = flask.app.request.environ.get('REMOTE_USER', 'Nobody') # env = flask.app.request.environ - tasks = g.db.tasks.find(dict(), {'task_id':1, }).sort('task_id') + tasks = g.db.tasks.find({}, {'task_id': 1}).sort('task_id') if tasks is not None: task_list = [i['task_id'] for i in tasks] else: task_list = [] return render_template('index.html', student_id=student_id, tasks=task_list) -@app.route('/kpov_judge/') -def auth_greeting(): - student_id = flask.app.request.environ.get('REMOTE_USER', 'Nobody') - return "To je past!" + str(flask.app.request.__dict__) - def results_post(task_id, results): student_id = flask.app.request.environ.get('REMOTE_USER', 'Nobody') db = g.db params = db.task_params.find_one({'task_id': task_id, 'student_id': student_id}) - if params is None: - params = dict() - else: - params = params['params'] + if params is None: + # params = {} + #else: + # params = params['params'] + return {'result': 0, 'hints': ['task not found'], status: 'NOT OK'} # no such task user_params = json.loads(flask.app.request.form['params']) meta = db.task_params_meta.find_one({'task_id': task_id}) if meta is None: - meta = dict() + meta = {} else: meta = meta['params'] for param_name, param_meta in meta.iteritems(): if param_meta.get('w', False) and param_name in user_params: - params[param_name] = user_params[param_name] - task_check_source = db.task_checkers.find_one({'task_id':task_id}) - hints = [] - if task_check_source is None: - task_check_source = dummy_checker - else: - task_check_source = task_check_source['source'] + params[param_name] = user_params[param_name] + task_check_source = task_source(task_id) try: task_check_code = compile(task_check_source, 'checker.py', 'exec') exec(task_check_code) res, hints = task_check(results, params) - except Exception, e: - hints += ["Checker crashed: " + str(e)] + except Exception as e: + hints = ["Checker crashed: " + str(e)] res = 0 - # flask.app.logger.error(str(e)) - if (type(res) is int and res > 0): + if isinstance(res, int) and res > 0: res_status = 'OK' else: res_status = 'NOT OK' @@ -99,69 +87,66 @@ def results_dict(task_id): db = g.db try: entry = db.results.find_one( - {'$query': {'task_id': task_id, 'student_id': student_id}, - '$orderby': {'time': -1}}, + {'$query': {'task_id': task_id, 'student_id': student_id}, # vsi uporabniki brez nastavljenega REMOTE_USER (i.e. Apache basic auth) imajo skupne rezultate, napaka? + '$orderby': {'time': -1}}, {'result': 1, 'status': 1, 'hints': 1, '_id': 0}) if entry is None: return {'result': 'Naloga ni bila nikdar ocenjena', 'status': 'NOT OK'} return entry - except Exception, e: + except Exception as e: return {'Error': str(e)} - # flask.app.logger.error(str(e)) - return {'result':"Mama! Zakaj si me zapustila? Sedaj se bom razstrelil."} -@app.route('/tasks/<task_id>/results.json', methods=['GET', 'POST']) +@app.route('/tasks/<int:task_id>/results.json', methods=['GET', 'POST']) def results_json(task_id): if flask.app.request.method == 'POST': - results_post(task_id, json.loads(flask.app.request.form['results'])) + return results_post(task_id, json.loads(flask.app.request.form['results'])) return json.dumps(results_dict(task_id)) -@app.route('/tasks/<task_id>/<lang>/results.html', methods=['GET']) +@app.route('/tasks/<int:task_id>/<lang>/results.html') def results_html(task_id, lang): return render_template('results.html', results=results_dict(task_id)) def public_meta(db, task_id): - shown = dict() + shown = {} try: meta = db.task_params_meta.find_one({'task_id': task_id})['params'] for k, v in meta.iteritems(): try: if v['public']: shown[k] = v - except: + except Exception: pass - except: + except Exception: shown = dummy_meta return shown -@app.route('/tasks/<task_id>/task.py', methods=['GET']) +@app.route('/tasks/<int:task_id>/task.py') def task_source(task_id): db = g.db try: task_str = db.tasks.find_one({'task_id': task_id})['source'] - except: + except Exception: return dummy_task return task_str -@app.route('/tasks/<task_id>/task.html', methods=['GET', 'POST']) +@app.route('/tasks/<int:task_id>/task.html') def task_html(task_id): return render_template('task.html', task=task_source(task_id)) def get_params(task_id, student_id, db): try: meta = db.task_params_meta.find_one({'task_id': task_id})['params'] - except: - return {'mama': 'ZAKVAJ?'}, {'mama':{'public': True}} + except Exception: + return {'mama': 'ZAKVAJ?'}, {'mama': {'public': True}} params = db.task_params.find_one({'task_id': task_id, 'student_id': student_id}) - s = "" if params is None: try: - gen_params_source = db.gen_params.find_one({'task_id':task_id})['source'] + gen_params_source = db.gen_params.find_one({'task_id': task_id})['source'] gen_params_code = compile(gen_params_source, 'generator.py', 'exec') exec(gen_params_code) params = gen_params(student_id, meta) - db.task_params.update({'task_id':task_id, 'student_id':student_id}, + db.task_params.update({'task_id': task_id, 'student_id': student_id}, {'$set': {'params': params}}, upsert=True) params = gen_params(student_id, meta) for computer in db.computers_meta.find({'task_id': task_id}): @@ -169,114 +154,116 @@ def get_params(task_id, student_id, db): name = computer.pop('name') del computer['_id'] del computer['task_id'] - except: + except Exception: pass db.student_computers.update({'task_id': task_id, 'student_id': student_id, 'name': name}, {'$set': computer}, upsert=True) - except Exception, e: - meta = {'crash':{'public': True}} + except Exception as e: + meta = {'crash': {'public': True}} params = {'crash': "Parameter creator crashed or missing:\n{}".format( traceback.format_exc())} else: params = params['params'] return params, meta - -@app.route('/tasks/<task_id>/', methods = ['GET']) + +@app.route('/tasks/<int:task_id>/') def task_lang_redirect(task_id): - return redirect(url_for('task_greeting', task_id = task_id, - lang=app.config['DEFAULT_LANG'])) + return redirect(url_for('task_greeting', task_id=task_id, lang=app.config['DEFAULT_LANG'])) -@app.route('/tasks/<task_id>/<lang>/howto/', methods = ['GET']) +@app.route('/tasks/<int:task_id>/<lang>/howto/') def task_howto(task_id, lang): db = g.db - return db.howtos.find({'task_id': task_id, 'lang':lang})[0].get('text', '') + return db.howtos.find({'task_id': task_id, 'lang': lang})[0].get('text', '') -@app.route('/tasks/<task_id>/<lang>/images/<fname>', methods = ['GET']) +@app.route('/tasks/<int:task_id>/<lang>/images/<fname>') def task_image(task_id, lang, fname): db = g.db - return db.howto_images.find({'task_id': task_id, 'fname':fname})[0].get('data', '') + return db.howto_images.find({'task_id': task_id, 'fname': fname})[0].get('data', '') -@app.route('/tasks/<task_id>/<lang>/', methods = ['GET']) +@app.route('/tasks/<int:task_id>/<lang>/') def task_greeting(task_id, lang): student_id = flask.app.request.environ.get('REMOTE_USER', 'Nobody') db = g.db # generate the parameters as soon as the student visits params, meta = get_params(task_id, student_id, db) + instr_ok = True try: instructions = db.task_instructions.find({'task_id': task_id})[0] instructions = instructions.get(lang, app.config['DEFAULT_LANG']) - except: + except Exception: try: instructions = instructions.values()[0] - except Exception, e: + except Exception as e: instructions = str(e) - try: - public_params = dict() - for k, v in meta.iteritems(): - if v.get('public', False): - public_params[k] = params.get(k, "???") - instructions = instructions.format(**public_params) - except Exception, e: - instructions = str(e) - computer_list = db.student_computers.find({'task_id':task_id, 'student_id': student_id}) + instr_ok = False + if instr_ok: + try: + public_params = {} + for k, v in meta.iteritems(): + if v.get('public', False): + public_params[k] = params.get(k, "???") + instructions = instructions.format(**public_params) + except Exception as e: + instructions = str(e) + computer_list = db.student_computers.find({'task_id': task_id, 'student_id': student_id}) if request.args.get('narediStack', 'false') == 'true': - #db.student_tasks.update({'task_id':task_id, 'student_id': student_id}, {'$set': {'create_openstack': True}}, upsert = True) + #db.student_tasks.update({'task_id': task_id, 'student_id': student_id}, {'$set': {'create_openstack': True}}, upsert = True) openstackCreated = False # Spremeni na True, ko odkomentiras zgornjo vrstico. else: - if db.student_tasks.find({'task_id':task_id, 'student_id': student_id, 'openstack_created': True}).count() > 0: + if db.student_tasks.find({'task_id': task_id, 'student_id': student_id, 'openstack_created': True}).count() > 0: openstackCreated = True - elif db.student_tasks.find({'task_id':task_id, 'student_id': student_id, 'create_openstack': True}).count() > 0: + elif db.student_tasks.find({'task_id': task_id, 'student_id': student_id, 'create_openstack': True}).count() > 0: openstackCreated = True else: openstackCreated = False - return render_template('task_greeting.html', computers = computer_list, lang=lang, openstack = openstackCreated, instructions=instructions) + return render_template('task_greeting.html', computers=computer_list, lang=lang, openstack=openstackCreated, instructions=instructions) -@app.route('/tasks/<task_id>/params.json', methods=['GET', 'POST']) +@app.route('/tasks/<int:task_id>/params.json', methods=['GET', 'POST']) def params_json(task_id): student_id = flask.app.request.environ.get('REMOTE_USER', 'Nobody') - db = g.db + db = g.db params, meta = get_params(task_id, student_id, db) - shown_params = dict() - for name, param in params.iteritems(): - if meta.get(name, {'public': False})['public']: - shown_params[name] = param + shown_params = {} if flask.app.request.method == 'POST': - shown_params = dict() try: new_params = json.loads(flask.app.request.form['params']) - except: - new_params = dict() + except Exception: + new_params = {} for name in params.iteritems(): - if meta.get(name, {'w': False})['w'] and k in new_params: + if meta.get(name, {'w': False}).get('w', False) and k in new_params: params[name] = new_params[name] if meta.get(name, {'public': False})['public']: shown_params[name] = params[name] - db.task_params.update({'task_id':task_id, 'student_id':student_id}, {'$set': {'params': params}}, upsert=True) + db.task_params.update({'task_id': task_id, 'student_id': student_id}, {'$set': {'params': params}}) + else: + for name, param in params.iteritems(): + if meta.get(name, {'public': False})['public']: + shown_params[name] = param return json.dumps(shown_params) -@app.route('/tasks/<task_id>/<lang>/params.html', methods=['GET', 'POST']) +@app.route('/tasks/<int:task_id>/<lang>/params.html', methods=['GET', 'POST']) def params_html(task_id, lang): student_id = flask.app.request.environ.get('REMOTE_USER', 'Nobody') - db = g.db + db = g.db params, meta = get_params(task_id, student_id, db) - shown_params = dict() + shown_params = {} for name, meta_param in meta.iteritems(): if meta_param.get('public', False): shown_params[name] = params.get(name, '') if flask.app.request.method == 'POST': form = flask.app.request.form - new_params = dict() + new_params = {} for k, v in meta.iteritems(): if v.get('w', False): params[k] = flask.app.request.form[k] if v.get('public', False): shown_params[name] = params.get(name, '') - db.task_params.update({'task_id':task_id, 'student_id':student_id}, {'$set': {'params': params}}, upsert=True) - return render_template('params.html', params=shown_params, params_meta = meta) + db.task_params.update({'task_id': task_id, 'student_id': student_id}, {'$set': {'params': params}}) + return render_template('params.html', params=shown_params, params_meta=meta) -@app.route('/tasks/<task_id>/params_meta.json', methods=['GET']) +@app.route('/tasks/<int:task_id>/params_meta.json') def params_meta(task_id): db = g.db return json.dumps(public_meta(db, task_id)) |