Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
bwinf
medal
Commits
3da8ac81
Commit
3da8ac81
authored
Jun 22, 2020
by
Robert Czechowski
Browse files
OAuth: Set and update is_admin on OAuth login. Fixes
#93
parent
435bbd50
Pipeline
#685
failed with stages
in 8 minutes and 57 seconds
Changes
8
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
src/core.rs
View file @
3da8ac81
...
...
@@ -585,9 +585,9 @@ pub fn save_submission<T: MedalConnection>(conn: &T, task_id: i32, session_token
let
left_secs
=
i64
::
from
(
c
.duration
)
*
60
-
passed_secs
;
if
c
.duration
>
0
&&
left_secs
<
-
10
{
return
Err
(
MedalError
::
AccessDenied
)
// Contest over
// TODO: Nicer message!
return
Err
(
MedalError
::
AccessDenied
)
;
// Contest over
// TODO: Nicer message!
}
}
}
...
...
@@ -1067,7 +1067,8 @@ pub fn edit_profile<T: MedalConnection>(conn: &T, session_token: &str, user_id:
Ok
(
result
)
}
pub
fn
teacher_infos
<
T
:
MedalConnection
>
(
conn
:
&
T
,
session_token
:
&
str
,
teacher_page
:
Option
<&
str
>
)
->
MedalValueResult
{
pub
fn
teacher_infos
<
T
:
MedalConnection
>
(
conn
:
&
T
,
session_token
:
&
str
,
teacher_page
:
Option
<&
str
>
)
->
MedalValueResult
{
let
session
=
conn
.get_session
(
&
session_token
)
.ensure_logged_in
()
.ok_or
(
MedalError
::
NotLoggedIn
)
?
;
if
!
session
.is_teacher
{
return
Err
(
MedalError
::
AccessDenied
);
...
...
@@ -1085,8 +1086,10 @@ pub fn teacher_infos<T: MedalConnection>(conn: &T, session_token: &str, teacher_
pub
fn
admin_index
<
T
:
MedalConnection
>
(
conn
:
&
T
,
session_token
:
&
str
)
->
MedalValueResult
{
conn
.get_session
(
&
session_token
)
.ensure_logged_in
()
.ok_or
(
MedalError
::
NotLoggedIn
)
?
.ensure_admin
()
.ok_or
(
MedalError
::
AccessDenied
)
?
;
.ensure_logged_in
()
.ok_or
(
MedalError
::
NotLoggedIn
)
?
.ensure_admin
()
.ok_or
(
MedalError
::
AccessDenied
)
?
;
let
data
=
json_val
::
Map
::
new
();
Ok
((
"admin"
.to_string
(),
data
))
...
...
@@ -1102,8 +1105,10 @@ pub fn admin_search_users<T: MedalConnection>(conn: &T, session_token: &str,
->
MedalValueResult
{
conn
.get_session
(
&
session_token
)
.ensure_logged_in
()
.ok_or
(
MedalError
::
NotLoggedIn
)
?
.ensure_admin
()
.ok_or
(
MedalError
::
AccessDenied
)
?
;
.ensure_logged_in
()
.ok_or
(
MedalError
::
NotLoggedIn
)
?
.ensure_admin
()
.ok_or
(
MedalError
::
AccessDenied
)
?
;
let
mut
data
=
json_val
::
Map
::
new
();
...
...
@@ -1113,7 +1118,7 @@ pub fn admin_search_users<T: MedalConnection>(conn: &T, session_token: &str,
if
users
.len
()
>=
30
{
data
.insert
(
"more_users"
.to_string
(),
to_json
(
&
true
));
}
}
,
}
Err
(
groups
)
=>
{
data
.insert
(
"groups"
.to_string
(),
to_json
(
&
groups
));
if
groups
.len
()
>=
30
{
...
...
@@ -1127,8 +1132,10 @@ pub fn admin_search_users<T: MedalConnection>(conn: &T, session_token: &str,
pub
fn
admin_show_user
<
T
:
MedalConnection
>
(
conn
:
&
T
,
user_id
:
i32
,
session_token
:
&
str
)
->
MedalValueResult
{
let
session
=
conn
.get_session
(
&
session_token
)
.ensure_logged_in
()
.ok_or
(
MedalError
::
NotLoggedIn
)
?
.ensure_admin
()
.ok_or
(
MedalError
::
AccessDenied
)
?
;
.ensure_logged_in
()
.ok_or
(
MedalError
::
NotLoggedIn
)
?
.ensure_admin
()
.ok_or
(
MedalError
::
AccessDenied
)
?
;
let
mut
data
=
json_val
::
Map
::
new
();
...
...
@@ -1167,8 +1174,10 @@ pub fn admin_delete_user<T: MedalConnection>(conn: &T, user_id: i32, session_tok
pub
fn
admin_show_group
<
T
:
MedalConnection
>
(
conn
:
&
T
,
group_id
:
i32
,
session_token
:
&
str
)
->
MedalValueResult
{
conn
.get_session
(
&
session_token
)
.ensure_logged_in
()
.ok_or
(
MedalError
::
NotLoggedIn
)
?
.ensure_admin
()
.ok_or
(
MedalError
::
AccessDenied
)
?
;
.ensure_logged_in
()
.ok_or
(
MedalError
::
NotLoggedIn
)
?
.ensure_admin
()
.ok_or
(
MedalError
::
AccessDenied
)
?
;
let
group
=
conn
.get_group_complete
(
group_id
)
.unwrap
();
// TODO handle error
...
...
@@ -1251,14 +1260,14 @@ pub fn login_oauth<T: MedalConnection>(conn: &T, user_data: ForeignUserData, oau
&
oauth_provider_id
,
&
user_data
.foreign_id
,
user_data
.foreign_type
!=
UserType
::
User
,
user_data
.foreign_type
==
UserType
::
Admin
,
&
user_data
.firstname
,
&
user_data
.lastname
,
match
user_data
.sex
{
UserSex
::
Male
=>
Some
(
1
),
UserSex
::
Female
=>
Some
(
2
),
UserSex
::
Unknown
=>
Some
(
0
),
})
{
})
{
Ok
(
session_token
)
=>
Ok
(
session_token
),
Err
(())
=>
{
let
mut
data
=
json_val
::
Map
::
new
();
...
...
src/db_conn.base.rs
View file @
3da8ac81
...
...
@@ -442,7 +442,7 @@ impl MedalConnection for Connection {
//TODO: use session
fn
login_foreign
(
&
self
,
_session
:
Option
<&
str
>
,
provider_id
:
&
str
,
foreign_id
:
&
str
,
is_teacher
:
bool
,
firstname
:
&
str
,
lastname
:
&
str
,
sex
:
Option
<
i32
>
)
is_admin
:
bool
,
firstname
:
&
str
,
lastname
:
&
str
,
sex
:
Option
<
i32
>
)
->
Result
<
String
,
()
>
{
let
session_token
=
helpers
::
make_session_token
();
...
...
@@ -457,18 +457,18 @@ impl MedalConnection for Connection {
Ok
(
Some
(
id
))
=>
{
let
query
=
"UPDATE session
SET session_token = $1, csrf_token = $2, last_login = $3, last_activity = $3,
is_teacher = $4, firstname = $
5
, lastname = $
6
, sex = $
7
WHERE id = $
8
"
;
self
.execute
(
query
,
&
[
&
session_token
,
&
csrf_token
,
&
now
,
&
is_teacher
,
&
firstname
,
&
lastname
,
&
sex
,
&
id
])
.unwrap
();
is_teacher = $4,
is_admin = $5,
firstname = $
6
, lastname = $
7
, sex = $
8
WHERE id = $
9
"
;
self
.execute
(
query
,
&
[
&
session_token
,
&
csrf_token
,
&
now
,
&
is_teacher
,
&
is_admin
,
&
firstname
,
&
lastname
,
&
sex
,
&
id
])
.unwrap
();
Ok
(
session_token
)
}
// Add!
_
=>
{
let
query
=
"INSERT INTO session (session_token, csrf_token, last_login, last_activity,
permanent_login, grade, sex, is_teacher, oauth_foreign_id,
permanent_login, grade, sex, is_teacher,
is_admin,
oauth_foreign_id,
oauth_provider, firstname, lastname)
VALUES ($1, $2, $3, $3, $4, $5, $6, $7, $8, $9, $10, $11)"
;
VALUES ($1, $2, $3, $3, $4, $5, $6, $7, $8, $9, $10, $11
, $12
)"
;
self
.execute
(
query
,
&
[
&
session_token
,
&
csrf_token
,
...
...
@@ -477,6 +477,7 @@ impl MedalConnection for Connection {
&
(
if
is_teacher
{
255
}
else
{
0
}),
&
sex
,
&
is_teacher
,
&
is_admin
,
&
foreign_id
,
&
provider_id
,
&
firstname
,
...
...
src/db_conn.rs
View file @
3da8ac81
...
...
@@ -33,7 +33,7 @@ pub trait MedalConnection {
fn
login
(
&
self
,
session
:
Option
<&
str
>
,
username
:
&
str
,
password
:
&
str
)
->
Result
<
String
,
()
>
;
fn
login_with_code
(
&
self
,
session
:
Option
<&
str
>
,
logincode
:
&
str
)
->
Result
<
String
,
()
>
;
fn
login_foreign
(
&
self
,
session
:
Option
<&
str
>
,
provider_id
:
&
str
,
foreign_id
:
&
str
,
is_teacher
:
bool
,
firstname
:
&
str
,
lastname
:
&
str
,
sex
:
Option
<
i32
>
)
is_admin
:
bool
,
firstname
:
&
str
,
lastname
:
&
str
,
sex
:
Option
<
i32
>
)
->
Result
<
String
,
()
>
;
fn
create_user_with_groupcode
(
&
self
,
session
:
Option
<&
str
>
,
groupcode
:
&
str
)
->
Result
<
String
,
()
>
;
fn
create_group_with_users
(
&
self
,
group
:
Group
);
...
...
src/db_conn_postgres.rs
View file @
3da8ac81
...
...
@@ -552,7 +552,7 @@ impl MedalConnection for Connection {
//TODO: use session
fn
login_foreign
(
&
self
,
_session
:
Option
<&
str
>
,
provider_id
:
&
str
,
foreign_id
:
&
str
,
is_teacher
:
bool
,
firstname
:
&
str
,
lastname
:
&
str
,
sex
:
Option
<
i32
>
)
is_admin
:
bool
,
firstname
:
&
str
,
lastname
:
&
str
,
sex
:
Option
<
i32
>
)
->
Result
<
String
,
()
>
{
let
session_token
=
helpers
::
make_session_token
();
...
...
@@ -567,18 +567,28 @@ impl MedalConnection for Connection {
Ok
(
Some
(
id
))
=>
{
let
query
=
"UPDATE session
SET session_token = $1, csrf_token = $2, last_login = $3, last_activity = $3,
is_teacher = $4, firstname = $5, lastname = $6, sex = $7
WHERE id = $8"
;
self
.execute
(
query
,
&
[
&
session_token
,
&
csrf_token
,
&
now
,
&
is_teacher
,
&
firstname
,
&
lastname
,
&
sex
,
&
id
])
.unwrap
();
is_teacher = $4, is_admin = $5, firstname = $6, lastname = $7, sex = $8
WHERE id = $9"
;
self
.execute
(
query
,
&
[
&
session_token
,
&
csrf_token
,
&
now
,
&
is_teacher
,
&
is_admin
,
&
firstname
,
&
lastname
,
&
sex
,
&
id
])
.unwrap
();
Ok
(
session_token
)
}
// Add!
_
=>
{
let
query
=
"INSERT INTO session (session_token, csrf_token, last_login, last_activity,
permanent_login, grade, sex, is_teacher, oauth_foreign_id,
permanent_login, grade, sex, is_teacher,
is_admin,
oauth_foreign_id,
oauth_provider, firstname, lastname)
VALUES ($1, $2, $3, $3, $4, $5, $6, $7, $8, $9, $10, $11)"
;
VALUES ($1, $2, $3, $3, $4, $5, $6, $7, $8, $9, $10, $11
, $12
)"
;
self
.execute
(
query
,
&
[
&
session_token
,
&
csrf_token
,
...
...
@@ -587,6 +597,7 @@ impl MedalConnection for Connection {
&
(
if
is_teacher
{
255
}
else
{
0
}),
&
sex
,
&
is_teacher
,
&
is_admin
,
&
foreign_id
,
&
provider_id
,
&
firstname
,
...
...
src/db_conn_sqlite_new.rs
View file @
3da8ac81
...
...
@@ -552,7 +552,7 @@ impl MedalConnection for Connection {
//TODO: use session
fn
login_foreign
(
&
self
,
_session
:
Option
<&
str
>
,
provider_id
:
&
str
,
foreign_id
:
&
str
,
is_teacher
:
bool
,
firstname
:
&
str
,
lastname
:
&
str
,
sex
:
Option
<
i32
>
)
is_admin
:
bool
,
firstname
:
&
str
,
lastname
:
&
str
,
sex
:
Option
<
i32
>
)
->
Result
<
String
,
()
>
{
let
session_token
=
helpers
::
make_session_token
();
...
...
@@ -567,18 +567,28 @@ impl MedalConnection for Connection {
Ok
(
Some
(
id
))
=>
{
let
query
=
"UPDATE session
SET session_token = ?1, csrf_token = ?2, last_login = ?3, last_activity = ?3,
is_teacher = ?4, firstname = ?5, lastname = ?6, sex = ?7
WHERE id = ?8"
;
self
.execute
(
query
,
&
[
&
session_token
,
&
csrf_token
,
&
now
,
&
is_teacher
,
&
firstname
,
&
lastname
,
&
sex
,
&
id
])
.unwrap
();
is_teacher = ?4, is_admin = ?5, firstname = ?6, lastname = ?7, sex = ?8
WHERE id = ?9"
;
self
.execute
(
query
,
&
[
&
session_token
,
&
csrf_token
,
&
now
,
&
is_teacher
,
&
is_admin
,
&
firstname
,
&
lastname
,
&
sex
,
&
id
])
.unwrap
();
Ok
(
session_token
)
}
// Add!
_
=>
{
let
query
=
"INSERT INTO session (session_token, csrf_token, last_login, last_activity,
permanent_login, grade, sex, is_teacher, oauth_foreign_id,
permanent_login, grade, sex, is_teacher,
is_admin,
oauth_foreign_id,
oauth_provider, firstname, lastname)
VALUES (?1, ?2, ?3, ?3, ?4, ?5, ?6, ?7, ?8, ?9, ?10, ?11)"
;
VALUES (?1, ?2, ?3, ?3, ?4, ?5, ?6, ?7, ?8, ?9, ?10, ?11
, ?12
)"
;
self
.execute
(
query
,
&
[
&
session_token
,
&
csrf_token
,
...
...
@@ -587,6 +597,7 @@ impl MedalConnection for Connection {
&
(
if
is_teacher
{
255
}
else
{
0
}),
&
sex
,
&
is_teacher
,
&
is_admin
,
&
foreign_id
,
&
provider_id
,
&
firstname
,
...
...
src/db_objects.rs
View file @
3da8ac81
...
...
@@ -276,13 +276,9 @@ impl SessionUser {
(
self
.password
.is_some
()
||
self
.logincode
.is_some
()
||
self
.oauth_foreign_id
.is_some
())
&&
self
.is_alive
()
}
pub
fn
is_teacher
(
&
self
)
->
bool
{
self
.is_teacher
}
pub
fn
is_teacher
(
&
self
)
->
bool
{
self
.is_teacher
}
pub
fn
is_admin
(
&
self
)
->
bool
{
self
.is_admin
==
Some
(
true
)
}
pub
fn
is_admin
(
&
self
)
->
bool
{
self
.is_admin
==
Some
(
true
)
}
pub
fn
ensure_alive
(
self
)
->
Option
<
Self
>
{
if
self
.is_alive
()
{
...
...
src/main.rs
View file @
3da8ac81
...
...
@@ -147,12 +147,12 @@ fn add_admin_user<C>(conn: &mut C, resetpw: bool)
print!
(
"'{}', "
,
&
password
);
let
logincode
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.filter
(|
x
|
{
let
x
=
*
x
;
!
(
x
==
'l'
||
x
==
'I'
||
x
==
'1'
||
x
==
'O'
||
x
==
'o'
||
x
==
'0'
)
})
.take
(
8
)
.collect
();
.filter
(|
x
|
{
let
x
=
*
x
;
!
(
x
==
'l'
||
x
==
'I'
||
x
==
'1'
||
x
==
'O'
||
x
==
'o'
||
x
==
'0'
)
})
.take
(
8
)
.collect
();
let
logincode
=
format!
(
"a{}"
,
logincode
);
print!
(
" logincode:'{}' …"
,
&
logincode
);
...
...
src/webfw_iron.rs
View file @
3da8ac81
...
...
@@ -891,7 +891,8 @@ fn teacherinfos<C>(req: &mut Request) -> IronResult<Response>
let
config
=
req
.get
::
<
Read
<
SharedConfiguration
>>
()
.unwrap
();
let
(
template
,
data
)
=
with_conn!
[
core
::
teacher_infos
,
C
,
req
,
&
session_token
,
config
.teacher_page
.as_ref
()
.map
(|
x
|
&**
x
)]
.aug
(
req
)
?
;
let
(
template
,
data
)
=
with_conn!
[
core
::
teacher_infos
,
C
,
req
,
&
session_token
,
config
.teacher_page
.as_ref
()
.map
(|
x
|
&**
x
)]
.aug
(
req
)
?
;
// .as_ref().map(|x| &**x) can be written as .as_deref() since rust 1.40
let
mut
resp
=
Response
::
new
();
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment