Skip to content

Commit

Permalink
Merge branch 'main' into chore/update-eslint-and-node
Browse files Browse the repository at this point in the history
  • Loading branch information
jorg-vr committed Jul 12, 2024
2 parents eeb785a + fa2f65f commit 8c31f8c
Show file tree
Hide file tree
Showing 34 changed files with 428 additions and 257 deletions.
4 changes: 2 additions & 2 deletions Gemfile
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ gem 'ruby-saml', '~> 1.16.0'
# omniauth
gem 'omniauth-google-oauth2', '~> 1.1.2'
gem 'omniauth-oauth2', '~> 1.8.0'
gem 'omniauth_openid_connect', '~> 0.7.1'
gem 'omniauth_openid_connect', '~> 0.8.0'
gem 'omniauth-rails_csrf_protection', '~> 1.0.2'

# Json webtokens
Expand Down Expand Up @@ -132,7 +132,7 @@ gem 'memory_profiler', '~> 1.0.2'
gem 'rack-mini-profiler', '~> 3.3.1'
gem 'stackprof', '~> 0.2.26'

gem 'ddtrace', '~> 1.23.3'
gem 'datadog', '~> 2.1.0'

# Make sure filesystem changes only happen at the end of a transaction
gem 'after_commit_everywhere', '~> 1.4.0'
Expand Down
43 changes: 20 additions & 23 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ GEM
activerecord (>= 3.2, < 8.0)
rake (>= 10.4, < 14.0)
ast (2.4.2)
attr_required (1.0.1)
attr_required (1.0.2)
autoprefixer-rails (10.4.16.0)
execjs (~> 2)
base64 (0.2.0)
Expand Down Expand Up @@ -146,15 +146,12 @@ GEM
csv (3.3.0)
daemons (1.4.1)
dalli (3.2.8)
datadog-ci (0.8.3)
msgpack
date (3.3.4)
ddtrace (1.23.3)
datadog-ci (~> 0.8.1)
datadog (2.1.0)
debase-ruby_core_source (= 3.3.1)
libdatadog (~> 7.0.0.1.0)
libdatadog (~> 9.0.0.1.0)
libddwaf (~> 1.14.0.0.0)
msgpack
date (3.3.4)
debase-ruby_core_source (3.3.1)
delayed_job (4.1.11)
activesupport (>= 3.0, < 8.0)
Expand All @@ -179,6 +176,8 @@ GEM
multi_json
drb (2.2.1)
ed25519 (1.3.0)
email_validator (2.2.4)
activemodel
erubi (1.12.0)
exception_notification (4.5.0)
actionmailer (>= 5.2, < 8)
Expand All @@ -192,8 +191,9 @@ GEM
railties (>= 5.0.0)
faker (3.4.1)
i18n (>= 1.8.11, < 2)
faraday (2.9.0)
faraday (2.10.0)
faraday-net_http (>= 2.0, < 3.2)
logger
faraday-follow_redirects (0.3.0)
faraday (>= 1, < 3)
faraday-net_http (3.1.0)
Expand Down Expand Up @@ -261,7 +261,7 @@ GEM
childprocess (~> 5.0)
letter_opener (1.10.0)
launchy (>= 2.2, < 4)
libdatadog (7.0.0.1.0-x86_64-linux)
libdatadog (9.0.0.1.0-x86_64-linux)
libddwaf (1.14.0.0.0-x86_64-linux)
ffi (~> 1.0)
listen (3.9.0)
Expand Down Expand Up @@ -301,7 +301,7 @@ GEM
mysql2 (0.5.6)
net-http (0.4.1)
uri
net-imap (0.4.11)
net-imap (0.4.14)
date
net-protocol
net-pop (0.1.2)
Expand Down Expand Up @@ -338,20 +338,20 @@ GEM
omniauth-rails_csrf_protection (1.0.2)
actionpack (>= 4.2)
omniauth (~> 2.0)
omniauth_openid_connect (0.7.1)
omniauth_openid_connect (0.8.0)
omniauth (>= 1.9, < 3)
openid_connect (~> 2.2)
openid_connect (2.2.0)
openid_connect (2.3.0)
activemodel
attr_required (>= 1.0.0)
email_validator
faraday (~> 2.0)
faraday-follow_redirects
json-jwt (>= 1.16)
net-smtp
mail
rack-oauth2 (~> 2.2)
swd (~> 2.0)
tzinfo
validate_email
validate_url
webfinger (~> 2.0)
orm_adapter (0.5.0)
Expand All @@ -371,7 +371,7 @@ GEM
actionpack (>= 6.1)
psych (5.1.2)
stringio
public_suffix (5.0.5)
public_suffix (5.1.1)
puma (6.4.2)
nio4r (~> 2.0)
pundit (2.3.2)
Expand All @@ -380,7 +380,7 @@ GEM
rack (2.2.9)
rack-mini-profiler (3.3.1)
rack (>= 1.2.0)
rack-oauth2 (2.2.0)
rack-oauth2 (2.2.1)
activesupport
attr_required
faraday (~> 2.0)
Expand Down Expand Up @@ -520,7 +520,7 @@ GEM
stackprof (0.2.26)
stringio (3.1.0)
strscan (3.1.0)
swd (2.0.2)
swd (2.0.3)
activesupport (>= 3)
attr_required (>= 0.0.5)
faraday (~> 2.0)
Expand All @@ -533,9 +533,6 @@ GEM
concurrent-ruby (~> 1.0)
unicode-display_width (2.5.0)
uri (0.13.0)
validate_email (0.1.6)
activemodel (>= 3.0)
mail (>= 2.2.5)
validate_url (1.0.15)
activemodel (>= 3.0.0)
public_suffix
Expand All @@ -547,7 +544,7 @@ GEM
activemodel (>= 6.0.0)
bindex (>= 0.4.0)
railties (>= 6.0.0)
webfinger (2.1.2)
webfinger (2.1.3)
activesupport
faraday (~> 2.0)
faraday-follow_redirects
Expand Down Expand Up @@ -585,7 +582,7 @@ DEPENDENCIES
counter_culture (~> 3.7)
cssbundling-rails (~> 1.4.0)
dalli (~> 3.2.8)
ddtrace (~> 1.23.3)
datadog (~> 2.1.0)
delayed_job_active_record (~> 4.1.8)
delayed_job_web (~> 1.4.4)
devise (~> 4.9.4)
Expand Down Expand Up @@ -621,7 +618,7 @@ DEPENDENCIES
omniauth-google-oauth2 (~> 1.1.2)
omniauth-oauth2 (~> 1.8.0)
omniauth-rails_csrf_protection (~> 1.0.2)
omniauth_openid_connect (~> 0.7.1)
omniauth_openid_connect (~> 0.8.0)
premailer-rails (~> 1.12.0)
pretender (~> 0.5.0)
puma (~> 6.4.2)
Expand Down
39 changes: 25 additions & 14 deletions app/assets/javascripts/exercise.ts
Original file line number Diff line number Diff line change
Expand Up @@ -139,26 +139,36 @@ function initExerciseDescription(): void {
initCodeFragments();
}

async function initExerciseShow(exerciseId: number, programmingLanguage: string, loggedIn: boolean, editorShown: boolean, courseId: number, _deadline: string, baseSubmissionsUrl: string, boilerplate: string): Promise<void> {
async function initExerciseShow(options: {
exerciseId: number,
programmingLanguage: string,
loggedIn: boolean,
editorShown: boolean,
courseId: number,
deadline: string,
baseSubmissionsUrl: string,
boilerplate: string,
seriesId: number
}): Promise<void> {
let editor: EditorView;
let lastSubmission: string;
let lastTimeout: number;

async function init(): Promise<void> {
if (editorShown) {
if (options.editorShown) {
const editorReady = initEditor();
initDeadlineTimeout();
enableSubmissionTableLinks();
if (loggedIn) {
if (options.loggedIn) {
swapActionButtons();
}
await editorReady;
initRestoreBoilerplateButton(boilerplate);
initRestoreBoilerplateButton(options.boilerplate);
}

// submit source code if button is clicked on editor panel
document.getElementById("editor-process-btn")?.addEventListener("click", () => {
if (!loggedIn) return;
if (!options.loggedIn) return;
// test submitted source code
const source = editor.state.doc.toString();
disableSubmitButton();
Expand Down Expand Up @@ -193,7 +203,7 @@ async function initExerciseShow(exerciseId: number, programmingLanguage: string,
}

async function initEditor(): Promise<void> {
editor = await configureEditor(document.getElementById("editor-text"), programmingLanguage, enableSubmitButton);
editor = await configureEditor(document.getElementById("editor-text"), options.programmingLanguage, enableSubmitButton);
editor.focus();
// Make editor available globally
window.dodona.editor = editor;
Expand Down Expand Up @@ -226,8 +236,9 @@ async function initExerciseShow(exerciseId: number, programmingLanguage: string,
"body": JSON.stringify({
submission: {
code: code,
exercise_id: exerciseId,
course_id: courseId,
exercise_id: options.exerciseId,
course_id: options.courseId,
series_id: options.seriesId,
},
}),
"headers": {
Expand Down Expand Up @@ -275,7 +286,7 @@ async function initExerciseShow(exerciseId: number, programmingLanguage: string,
return;
}
event.preventDefault();
loadFeedback(baseSubmissionsUrl + element.dataset.submission_id, element.dataset.submission_id);
loadFeedback(options.baseSubmissionsUrl + element.dataset.submission_id, element.dataset.submission_id);
});
});
}
Expand Down Expand Up @@ -307,7 +318,7 @@ async function initExerciseShow(exerciseId: number, programmingLanguage: string,
(submissionRow.querySelector(".load-submission") as HTMLButtonElement).click();
} else if (document.getElementById("activity-feedback-link").classList.contains("active") &&
document.getElementById("activity-feedback-link").dataset.submission_id === lastSubmission) {
loadFeedback(baseSubmissionsUrl + lastSubmission, lastSubmission);
loadFeedback(options.baseSubmissionsUrl + lastSubmission, lastSubmission);
}
showFABStatus(status);
setTimeout(enableSubmitButton, 100);
Expand All @@ -318,7 +329,7 @@ async function initExerciseShow(exerciseId: number, programmingLanguage: string,
}

function enableSubmitButton(): void {
if (!loggedIn) {
if (!options.loggedIn) {
return;
}

Expand All @@ -329,7 +340,7 @@ async function initExerciseShow(exerciseId: number, programmingLanguage: string,
}

function disableSubmitButton(): void {
if (!loggedIn) {
if (!options.loggedIn) {
return;
}

Expand Down Expand Up @@ -428,12 +439,12 @@ async function initExerciseShow(exerciseId: number, programmingLanguage: string,
}

function initDeadlineTimeout(): void {
if (!_deadline) {
if (!options.deadline) {
return;
}
const deadlineWarningElement = document.getElementById("deadline-warning");
const deadlineInfoElement = document.getElementById("deadline-info");
const deadline = new Date(_deadline);
const deadline = new Date(options.deadline);
const infoDeadline = new Date(deadline.getTime() - (5 * 60 * 1000));

function showDeadlineAlerts(): void {
Expand Down
8 changes: 4 additions & 4 deletions app/controllers/activities_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ class ActivitiesController < ApplicationController

before_action :set_activity, only: %i[show description edit update media info]
before_action :set_course, only: %i[show edit update media info]
before_action :set_series, only: %i[show edit update info]
before_action :set_series, only: %i[show edit update media info]
before_action :ensure_trailing_slash, only: :show
before_action :set_lti_message, only: %i[show]
before_action :set_lti_provider, only: %i[show]
Expand Down Expand Up @@ -110,10 +110,10 @@ def show

# Double check if activity still exists within this course (And throw a 404 when it does not)
@course&.activities&.find(@activity.id) if current_user&.course_admin?(@course)

# We still need to check access because an unauthenticated user should be able to see public activities
raise Pundit::NotAuthorizedError, 'Not allowed' unless @activity.accessible?(current_user, @course)
raise Pundit::NotAuthorizedError, 'Not allowed' unless @activity.accessible?(current_user, course: @course, series: @series)

@series = Series.find_by(id: params[:series_id])
# Double check if activity still exists within this series, redirect to course activity if it does not
redirect_to helpers.activity_scoped_path(activity: @activity, course: @course) if @series&.activities&.exclude?(@activity)

Expand Down Expand Up @@ -199,7 +199,7 @@ def update
def media
if params.key?(:token)
raise Pundit::NotAuthorizedError, 'Not allowed' unless @activity.access_token == params[:token]
elsif !@activity.accessible?(current_user, @course)
elsif !@activity.accessible?(current_user, course: @course, series: @series)
raise Pundit::NotAuthorizedError, 'Not allowed'
end

Expand Down
4 changes: 4 additions & 0 deletions app/controllers/activity_read_states_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -45,8 +45,12 @@ def create
authorize ActivityReadState
args = permitted_attributes(ActivityReadState)
args[:user_id] = current_user.id
# check if user is member of course
course = Course.find(args[:course_id]) if args[:course_id].present?
args.delete(:course_id) if args[:course_id].present? && course.subscribed_members.exclude?(current_user)
# check if series is part of course
series = Series.find(args[:series_id]) if args[:series_id].present? && args[:course_id].present?
args.delete(:series_id) if args[:series_id].present? && course.series.exclude?(series)
read_state = ActivityReadState.new args
can_read = Pundit.policy!(current_user, read_state.activity).read?
if can_read && read_state.save
Expand Down
11 changes: 9 additions & 2 deletions app/controllers/submissions_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -95,8 +95,10 @@ def edit
format.html do
if @submission.course.nil?
redirect_to activity_url(@submission.exercise, anchor: 'submission-card', edit_submission: @submission)
else
elsif @submission.series.nil?
redirect_to course_activity_url(@submission.course, @submission.exercise, anchor: 'submission-card', edit_submission: @submission)
else
redirect_to course_series_activity_url(@submission.course, @submission.series, @submission.exercise, anchor: 'submission-card', edit_submission: @submission)
end
end
end
Expand All @@ -108,13 +110,18 @@ def create
para[:user_id] = current_user.id
para[:code].gsub!(/\r\n?/, "\n")
para[:evaluate] = true # immediately evaluate after create
# check if user is member of course
course = Course.find(para[:course_id]) if para[:course_id].present?
para.delete(:course_id) if para[:course_id].present? && course.subscribed_members.exclude?(current_user)
# check if series is part of course
series = Series.find(para[:series_id]) if para[:series_id].present? && para[:course_id].present?
para.delete(:series_id) if para[:series_id].present? && course.series.exclude?(series)

submission = Submission.new(para)
can_submit = true
if submission.exercise.present?
can_submit &&= Pundit.policy!(current_user, submission.exercise).submit?
can_submit &&= submission.exercise.accessible?(current_user, course)
can_submit &&= submission.exercise.accessible?(current_user, course: course, series: series)
end
if can_submit && submission.save
render json: { status: 'ok', id: submission.id, exercise_id: submission.exercise_id, course_id: submission.course_id, url: submission_url(submission, format: :json) }
Expand Down
Loading

0 comments on commit 8c31f8c

Please sign in to comment.