1 package Plack
::App
::Gruntmaster
;
5 our $VERSION = '5999.000_001';
8 use Encode qw
/encode decode/;
9 use File
::Slurp qw
/read_file/;
10 use JavaScript
::Minifier
::XS
;
11 use JSON
::MaybeXS qw
/encode_json/;
13 use Scope
::Upper qw
/unwind SUB UP/;
16 use Gruntmaster
::Data
;
17 use Plack
::App
::Gruntmaster
::HTML
;
19 use Email
::Sender
::Simple qw
/sendmail/;
22 use warnings NONFATAL
=> 'all';
23 no warnings
'illegalproto';
25 ##################################################
27 use constant USER_REGEX
=> qr/^\w{2,20}$/a;
29 use constant CONTENT_TYPES
=> +{
31 cpp
=> 'text/x-c++src',
32 cs
=> 'text/x-csharp', # Used by GNOME. Not in mime.types.
33 go
=> 'text/plain', # ?
34 hs
=> 'text/x-haskell',
35 java
=> 'text/x-java',
36 pas
=> 'text/x-pascal',
38 py
=> 'text/x-python',
42 use constant FORMAT_EXTENSION
=> {
56 use constant NOT_FOUND
=> [404, ['X-Forever' => 1, 'Content-Type' => 'text/plain'], ['Not found']];
57 use constant FORBIDDEN
=> [401, ['Content-Type' => 'text/plain', 'WWW-Authenticate' => 'Basic realm="Gruntmaster 6000"'], ['Forbidden']];
59 sub development
() { ($ENV{PLACK_ENV
} // 'development') eq 'development' }
63 sub db
{ $env->{'gruntmaster.dbic'} }
66 my $user = $env->{'gruntmaster.user'};
67 $user &&= db
->user($user);
71 sub admin
{ remote_user
&& remote_user
->admin }
72 sub contest
{ db
->contest ($_{contest
}) }
73 sub problem
{ db
->problem ($_{problem
}) }
74 sub job
{ db
->job ($_{job
}) }
75 sub user
{ db
->user ($_{user
}) }
77 sub redirect
{ [301, ['X-Forever' => 1, 'Location' => $_[0]], []] }
78 sub reply
{ [200, ['Content-Type' => 'text/plain; charset=utf-8'], \
@_] }
80 my ($template, $title, $params, $maxage) = @_;
85 $params->{time} = time;
86 $params->{args
} = {%_};
87 bless {template
=> $template, title
=> $title, params
=> $params, maxage
=> ($maxage // 1)}, __PACKAGE__
.'::Response'
92 $privacy = 'private' if $condition;
93 return if !$condition || admin
;
94 unwind FORBIDDEN
, SUB UP
103 my $theme = $_{theme
};
104 return NOT_FOUND
unless -e
"css/themes/$theme.css";
105 my $css = read_file
"css/themes/$theme.css";
106 $css .= read_file
$_ for <css
/*.css
>;
107 my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'text/css; charset=utf-8');
108 [200, \
@headers, [development ?
$css : CSS
::Minifier
::XS
::minify
$css]]
113 $js .= read_file
$_ for <js
/*.js
>;
114 my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'application/javascript; charset=utf-8');
115 [200, \
@headers, [development ?
$js : JavaScript
::Minifier
::XS
::minify
$js]]
118 sub (/robots
.txt
) { NOT_FOUND
},
119 sub (/favicon
.ico
) { NOT_FOUND
},
122 return NOT_FOUND
if !job
;
123 my $isowner = remote_user
&& remote_user
->id eq job
->rawowner;
124 my $private = job
->private || job
->problem->private || job
->contest && job
->contest->is_running;
125 forbid
!$isowner && $private;
126 my $privacy = $private ?
'private' : 'public';
127 my @headers = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=604800", 'Content-Type' => CONTENT_TYPES
->{job
->extension});
128 push @headers, (Vary
=> 'Authorization') if $private;
129 [200, \
@headers, [job
->source]]
133 return NOT_FOUND
if !contest
;
134 forbid contest
->is_pending;
135 response_filter
{ return shift }
139 return NOT_FOUND
if !problem
;
140 forbid problem
->is_private;
141 response_filter
{ return shift }
145 my $format = lc ($_{format
} // '');
148 return $r if ref $r ne 'Plack::App::Gruntmaster::Response';
149 my @hdrs = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=$r->{maxage}");
150 push @hdrs, Vary
=> 'Authorization' if $privacy eq 'private';
151 return [200, ['Content-Type' => 'application/json; charset=utf-8', @hdrs], [encode_json
$r->{params
}]] if $format eq 'json';
152 my $ret = render
$r->{template
}, 'en', title
=> $r->{title
}, %{$r->{params
}};
153 [200, ['Content-Type' => 'text/html; charset=utf-8', @hdrs], [encode
'UTF-8', $ret]]
158 response st
=> 'Standings', {
159 st
=> [ contest
->standings ],
161 map { [$_->id, $_->name] }
162 sort { $a->value <=> $b->value }
163 map { $_->problem } contest
->contest_problems],
168 forbid
!contest
->is_finished;
169 response ed
=> 'Editorial of ' . contest
->name, db
->problem_list(contest
=> $_{contest
}, solution
=> 1);
175 my $return = $env->{HTTP_REFERER
} // '/';
176 [303, ['Set-Cookie' => "username=".remote_user
->id, Location
=> $return], []]
179 sub (/ct/:contest
/log/st
) { redirect
"/st/$_{contest}" },
181 sub (/us/) { response us
=> 'Users', {us
=> db
->user_list} },
182 sub (/ct/ + ?
:owner
~) { response ct
=> 'Contests', db
->contest_list(%_) },
183 sub (/log/ + ?
:contest
~&:owner
~&:page
~&:problem
~&:private
~) {
185 response
log => 'Job list', {%{db
->job_list(%_)}, maybe contest
=> $_{contest
},}
187 sub (/pb/ + ?
:owner
~&:contest
~&:private
~) {
189 response pb
=> 'Problems', {%{db
->problem_list(%_)}, maybe contest
=> $_{contest
}}
192 sub (/us/:user
) { response us_entry
=> user
->name, db
->user_entry($_{user
}) },
193 sub (/ct/:contest
) { response ct_entry
=> contest
->name, db
->contest_entry($_{contest
}) },
196 response log_entry
=> "Job $_{job}", db
->job_entry($_{job
})
198 sub (/pb/:problem
+ ?contest
~) {
199 my (undef, undef, $contest) = @_;
200 $_{contest
} = $contest;
201 return NOT_FOUND
if !contest
&& !problem
->is_in_archive || contest
&& !db
->contest_problems->find($_{contest
}, $_{problem
});
202 forbid problem
->is_private;
203 if (contest
&& contest
->is_running) {
205 $privacy = 'private';
207 response pb_entry
=> problem
->name, {%{db
->problem_entry($_{problem
}, $_{contest
}, remote_user
&& remote_user
->id)}, maybe contest
=> $_{contest
}};
209 sub (/sol/:problem
) {
210 forbid
!problem
->is_in_archive;
211 response sol
=> 'Solution of ' . problem
->name, {solution
=> db
->problem($_{problem
})->solution};
214 sub (/) { redispatch_to '/index
' },
215 sub (/favicon.ico) { redirect '/static
/favicon
.ico
' },
216 sub (/:article) { [200, ['Content
-Type
' => 'text
/html
; charset
=utf
-8', 'Cache
-Control
' => 'public
, max
-age
=60', 'X
-Forever
' => 1], [render_article $_{article}, 'en
']] }
220 sub (/action/register + %:username=&:password=&:confirm_password=&:name=&:email=&:phone=&:town=&:university=&:country=&:level=) {
221 return reply 'Parameter too long
' if grep { length > 200 } values %_;
222 return reply 'Bad username
. Allowed characters are letters
, digits
and underscores
, and the username must be between
2 and 20 characters long
.' unless $_{username} =~ USER_REGEX;
223 return reply 'Username already
in use' if db->user($_{username});
224 return reply 'The two passwords
do not match
' unless $_{password} eq $_{confirm_password};
226 db->users->create({id => $_{username}, name => $_{name}, email => $_{email}, phone => $_{phone}, town => $_{town}, university => $_{university}, country => $_{country}, level => $_{level}});
227 db->user($_{username})->set_passphrase($_{password});
229 reply 'Registered successfully
';
232 sub (/action/passwd + %:password=&:new_password=&:confirm_new_password=) {
234 return reply 'Incorrect password
' unless remote_user->check_passphrase($_{password});
235 return reply 'The two passwords
do not match
' unless $_{new_password} eq $_{confirm_new_password};
236 remote_user->set_passphrase($_{new_password});
237 reply 'Password changed successfully
';
240 sub (/action/submit + %:problem=&:contest~&:prog_format=&:source_code~ + *prog~) {
241 my (undef, undef, $prog) = @_;
243 return reply 'This contest has finished
' if contest && contest->is_finished;
244 return reply 'This contest has
not yet started
' if !admin && contest && contest->is_pending;
245 return reply 'This problem does
not belong to this contest
' if !contest && !problem->is_in_archive || contest && !db->contest_problems->find($_{contest}, $_{problem});
246 return reply 'Maximum source size is
10KB
' if ($prog ? $prog->size : length $_{source_code}) > 10 * 1024;
247 return reply 'You must
wait 30 seconds between jobs
' if !admin && time <= remote_user->lastjob + 30;
248 remote_user->update({lastjob => time});
250 my $source = $prog ? read_file $prog->path : $_{source_code};
251 unlink $prog->path if $prog;
252 my $private = (problem->private && !$_{contest}) ? 1 : 0;
253 $private = 1 if contest && contest->is_pending;
254 my $newjob = db->jobs->create({
255 maybe contest => $_{contest},
258 extension => FORMAT_EXTENSION->{$_{prog_format}},
259 format => $_{prog_format},
260 problem => $_{problem},
262 owner => remote_user->id,
265 [303, [Location => '/log/' . $newjob->id], []]
268 sub (/action/request-reset + %:username=) {
269 return reply 'Password resets are disabled
' unless $ENV{GRUNTMASTER_RESET_FROM};
270 my $user = db->user($_{username});
271 return reply 'No such user
' unless $user;
272 my $token = join ':', $user->make_reset_hmac;
274 Someone has requested a password reset for your account.
276 To reset your password, please submit the reset password form on the
277 website using the following information:
279 Username: $_{username}
280 Password: <your new password>
283 The token is valid for 24 hours.
285 my $email = Email
::Simple
->create(
287 From
=> $ENV{GRUNTMASTER_RESET_FROM
},
289 Subject
=> 'Password reset token',
299 return reply
'Email sent' if $ok;
300 reply
"Failure sending email: $@";
303 sub (/action/reset + %:username
=&:password
=&:token
=) {
304 my $user = db
->user($_{username
});
305 return reply
'No such user' unless $user;
306 my ($token, $exp) = split ':', $_{token
};
307 return reply
'Reset token is expired' if time >= $exp;
308 return reply
'Bad reset token' unless $user->make_reset_hmac($exp) eq $token;
309 $user->set_passphrase($_{password
});
310 reply
'Password reset successfully';