Commit 1697444c authored by Robert Czechowski's avatar Robert Czechowski
Browse files

Allow not logged in users to participate in contests with contest secret even...

Allow not logged in users to participate in contests with contest secret even if the contest has limited time
parent 7a5f4d84
Pipeline #1021 passed with stage
in 4 minutes and 6 seconds
......@@ -373,7 +373,8 @@ pub fn show_contest<T: MedalConnection>(conn: &T, contest_id: i32, session_token
let constraints = check_contest_constraints(&session, &contest);
let is_qualified = check_contest_qualification(conn, &session, &contest).unwrap_or(true);
let can_start = session.is_logged_in() && constraints.contest_running && constraints.grade_matching && is_qualified;
let can_start = constraints.contest_running && constraints.grade_matching && is_qualified
&& (session.is_logged_in() || contest.secret.is_some() && !contest.requires_login.unwrap_or(false));
let has_duration = contest.duration > 0;
data.insert("constraints".to_string(), to_json(&constraints));
......@@ -541,7 +542,7 @@ pub fn start_contest<T: MedalConnection>(conn: &T, contest_id: i32, session_toke
let contest = conn.get_contest_by_id(contest_id);
// Check logged in or open contest
if contest.duration != 0 && !session.is_logged_in() {
if contest.duration != 0 && !session.is_logged_in() && (contest.requires_login.unwrap_or(false) || contest.secret.is_none()) {
return Err(MedalError::AccessDenied);
}
......
......@@ -1432,6 +1432,7 @@ pub fn start_server<C>(conn: C, config: Config) -> iron::error::HttpResult<iron:
contestresults: get "/contest/:contestid/result/" => contestresults::<C>,
contestresults_download: get "/contest/:contestid/result/download" => contestresults_download::<C>,
contest_post: post "/contest/:contestid" => contest_post::<C>,
contest_post_secret: post "/contest/:contestid/:secret" => contest_post::<C>, // just ignoring the secret
login: get "/login" => login::<C>,
login_post: post "/login" => login_post::<C>,
login_code_post: post "/clogin" => login_code_post::<C>,
......
......@@ -108,9 +108,9 @@
<p>
<form action="" method="post">
<input type="hidden" name="csrf_token" value="{{csrf_token}}">
{{#if secret_field}}<input {{#if secret_field_prefill}}type="hidden"{{/if}} name="secret" value="{{secret_field_prefill}}" placeholder="Wettbewerbspasswort">{{/if}}
{{#if secret_field}}<input {{#if secret_field_prefill}}type="hidden"{{/if}} name="secret" value="{{secret_field_prefill}}" placeholder="Wettbewerbspasswort">{{#if secret_field_prefill}}{{else}}<br>&nbsp;<br>{{/if}}{{/if}}
{{#if secret_wrong}}Das eingegeben Passwort ist nicht korrekt.{{/if}}
<input class="button is-warning is-medium" type="submit" value="{{#if contest.duration}}⏱ &nbsp; {{/if}}Jetzt starten! {{#if contest.duration}}({{contest.duration}} min){{/if}}" style="font-weight:bold;">
<input class="button is-warning is-medium" type="submit" value="{{#if contest.duration}}⏱ &nbsp; {{/if}}{{#if secret_field_prefill}}{{else}}🔒 &nbsp;{{/if}}Jetzt starten! {{#if contest.duration}}({{contest.duration}} min){{/if}}" style="font-weight:bold;">
</form>
</p>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment