[plack-app-gruntmaster.git] / lib / Plack / App / Gruntmaster.pm

package Plack::App::Gruntmaster;

use 5.014000;
use strict;
our $VERSION = '5999.000_001';

use CSS::Minifier::XS;
use Encode qw/encode decode/;
use File::Slurp qw/read_file/;
use JavaScript::Minifier::XS;
use JSON::MaybeXS qw/encode_json/;
use PerlX::Maybe;
use Scope::Upper qw/unwind SUB UP/;
use Web::Simple;

use Gruntmaster::Data;
use Plack::App::Gruntmaster::HTML;

use Email::Sender::Simple qw/sendmail/;
use Email::Simple;

use warnings NONFATAL => 'all';
no warnings 'illegalproto';

##################################################

use constant USER_REGEX => qr/^\w{2,20}$/a;

use constant CONTENT_TYPES => +{
	c => 'text/x-csrc',
	cpp => 'text/x-c++src',
	cs => 'text/x-csharp', # Used by GNOME. Not in mime.types.
	go => 'text/plain', # ?
	hs => 'text/x-haskell',
	java => 'text/x-java',
	pas => 'text/x-pascal',
	pl => 'text/x-perl',
	py => 'text/x-python',
	l => 'text/plain',
};

use constant FORMAT_EXTENSION => {
	C => 'c',
	CPP => 'cpp',
	GCCGO => 'go',
	GOLANG => 'go',
	HASKELL => 'hs',
	MONO => 'cs',
	JAVA => 'java',
	PASCAL => 'pas',
	PERL => 'pl',
	PYTHON => 'py',
	SBCL => 'l',
};

use constant NOT_FOUND => [404, ['Content-Type' => 'text/plain'], ['Not found']];
use constant FORBIDDEN => [401, ['Content-Type' => 'text/plain', 'WWW-Authenticate' => 'Basic realm="Gruntmaster 6000"'], ['Forbidden']];

sub development() { ($ENV{PLACK_ENV} // 'development') eq 'development' }

my ($env, $privacy);

sub db { $env->{'gruntmaster.dbic'} }

sub remote_user {
	my $user = $env->{'gruntmaster.user'};
	$user &&= db->user($user);
	$user
}

sub admin   { remote_user && remote_user->admin }
sub contest { db->contest ($_{contest}) }
sub problem { db->problem ($_{problem}) }
sub job     { db->job     ($_{job})     }
sub user    { db->user    ($_{user})    }

sub redirect { [301, ['X-Forever' => 1, 'Location' => $_[0]], []] }
sub reply    { [200, ['Content-Type' => 'text/plain'], \@_] }
sub response {
	my ($template, $title, $params, $maxage) = @_;
	unless ($params) {
		$params = $title;
		$title = 'No title';
	}
	$params->{time} = time;
	$params->{args} = {%_};
	bless {template => $template, title => $title, params => $params, maxage => ($maxage // 1)}, __PACKAGE__.'::Response'
}

sub forbid {
	my ($condition) = @_;
	$privacy = 'private' if $condition;
	return if !$condition || admin;
	unwind FORBIDDEN, SUB UP
}

sub dispatch_request{
	$env = $_[PSGI_ENV];
	$privacy = 'public';

	sub (GET) {
		sub (/css/:theme) {
			my $theme = $_{theme};
			return NOT_FOUND unless -e "css/themes/$theme.css";
			my $css = read_file "css/themes/$theme.css";
			$css .= read_file $_ for <css/*.css>;
			my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'text/css');
			[200, \@headers, [development ? $css : CSS::Minifier::XS::minify $css]]
		},

		sub (/js.js) {
			my $js;
			$js .= read_file $_ for <js/*.js>;
			my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'application/javascript');
			[200, \@headers, [development ? $js : JavaScript::Minifier::XS::minify $js]]
		},

		sub (/src/:job) {
			return NOT_FOUND if !job;
			my $isowner = remote_user && remote_user->id eq job->rawowner;
			my $private = job->private || job->problem->private || job->contest && job->contest->is_running;
			forbid !$isowner && $private;
			my $privacy = $private ? 'private' : 'public';
			my @headers = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=604800", 'Content-Type' => CONTENT_TYPES->{job->format});
			push @headers, (Vary => 'Authorization') if $private;
			[200, \@headers, [job->source]]
		},

		sub (?:contest=) {
			return NOT_FOUND if !contest;
			forbid contest->is_pending;
			response_filter { return shift }
		},

		sub (?:problem=) {
			return NOT_FOUND if !problem;
			forbid problem->is_private;
			response_filter { return shift }
		},

		sub (?:format~) {
			my $format = lc ($_{format} // '');
			response_filter {
				my ($r) = @_;
				return $r if ref $r ne 'Plack::App::Gruntmaster::Response';
				my @hdrs = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=$r->{maxage}");
				push @hdrs, Vary => 'Authorization' if $privacy eq 'private';
				return [200, ['Content-Type' => 'application/json', @hdrs], [encode_json $r->{params}]] if $format eq 'json';
				my $ret = render $r->{template}, 'en', title => $r->{title}, %{$r->{params}};
				[200, ['Content-Type' => 'text/html', @hdrs], [encode 'UTF-8', $ret]]
			},
		},

		sub (/st/:contest) {
			response st => 'Standings', {
				st => [ contest->standings ],
				problems => [
					map { [$_->id, $_->name] }
					sort { $a->value <=> $b->value }
					map { $_->problem } contest->contest_problems],
			}, 10
		},

		sub (/ed/:contest) {
			forbid contest->is_running;
			my $pblist = db->problem_list(contest => $_{contest}, solution => 1);
			response ed => 'Editorial of ' . contest->name, {%$pblist, editorial => contest->editorial};
		},

		sub (/login) {
			forbid !remote_user;

			my $return = $env->{HTTP_REFERER} // '/';
			[303, ['Set-Cookie' => "username=".remote_user->id, Location => $return], []]
		},

		sub (/ct/:contest/log/st) { redirect "/st/$_{contest}" },

		sub (/us/)                                        { response us => 'Users', {us => db->user_list} },
		sub (/ct/  + ?:owner~)                            { response ct => 'Contests', db->contest_list(%_) },
		sub (/log/ + ?:contest~&:owner~&:page~&:problem~&:private~) {
			forbid $_{private};
			response log => 'Job list', {%{db->job_list(%_)}, maybe contest => $_{contest},}
		},
		sub (/pb/  + ?:owner~&:contest~&:private~)                  {
			forbid $_{private};
			response pb => 'Problems', {%{db->problem_list(%_)}, maybe contest => $_{contest}}
		},

		sub (/us/:user)    { response us_entry => user->name, db->user_entry($_{user}) },
		sub (/ct/:contest) { response ct_entry => contest->name, db->contest_entry($_{contest}) },
		sub (/log/:job)    {
			forbid job->private;
			response log_entry => "Job  $_{job}", db->job_entry($_{job})
		},
		sub (/pb/:problem + ?contest~) {
			my (undef, undef, $contest) = @_;
			$_{contest} = $contest;
			return NOT_FOUND if !contest && !problem->is_in_archive || contest && !db->contest_problems->find($_{contest}, $_{problem});
			forbid problem->is_private;
			if (contest && contest->is_running) {
				forbid !remote_user;
				$privacy = 'private';
			}
			response pb_entry => problem->name, {%{db->problem_entry($_{problem}, $_{contest}, remote_user && remote_user->id)}, maybe contest => $_{contest}};
		},
		sub (/sol/:problem) {
			forbid !problem->is_in_archive;
			response sol => 'Solution of ' . problem->name, {solution => db->problem($_{problem})->solution};
		},

		sub (/) { redispatch_to '/index' },
		sub (/favicon.ico) { redirect '/static/favicon.ico' },
		sub (/:article) { [200, ['Content-Type' => 'text/html', 'Cache-Control' => 'public, max-age=60', 'X-Forever' => 1], [render_article $_{article}, 'en']] }
	},

	sub (POST) {
		sub (/action/register + %:username=&:password=&:confirm_password=&:name=&:email=&:phone=&:town=&:university=&:country=&:level=) {
			return reply 'Parameter too long' if grep { length > 200 } values %_;
			return reply 'Bad username. Allowed characters are letters, digits and underscores, and the username must be between 2 and 20 characters long.' unless $_{username} =~ USER_REGEX;
			return reply 'Username already in use' if db->user($_{username});
			return reply 'The two passwords do not match' unless $_{password} eq $_{confirm_password};

			db->users->create({id => $_{username}, name => $_{name}, email => $_{email}, phone => $_{phone}, town => $_{town}, university => $_{university}, country => $_{country}, level => $_{level}});
			db->user($_{username})->set_passphrase($_{password});

			purge '/us/';
			reply 'Registered successfully';
		},

		sub (/action/passwd + %:password=&:new_password=&:confirm_new_password=) {
			forbid !remote_user;
			return reply 'Incorrect password' unless remote_user->check_passphrase($_{password});
			return reply 'The two passwords do not match' unless $_{new_password} eq $_{confirm_new_password};
			remote_user->set_passphrase($_{new_password});
			reply 'Password changed successfully';
		},

		sub (/action/submit + %:problem=&:contest~&:prog_format=&:source_code~ + *prog~) {
			my (undef, undef, $prog) = @_;
			forbid !remote_user;
			return reply 'This contest has finished' if contest && contest->is_finished;
			return reply 'This contest has not yet started' if !admin && contest && contest->is_pending;
			return reply 'This problem does not belong to this contest' if !contest && !problem->is_in_archive || contest && !db->contest_problems->find($_{contest}, $_{problem});
			return reply 'Maximum source size is 10KB' if ($prog ? $prog->size : length $_{source_code}) > 10 * 1024;
			return reply 'You must wait 30 seconds between jobs' if !admin && time <= remote_user->lastjob + 30;
			remote_user->update({lastjob => time});

			my $source = $prog ? read_file $prog->path : $_{source_code};
			unlink $prog->path if $prog;
			my $private = (problem->private && !$_{contest}) ? 1 : 0;
			$private = 1 if contest && contest->is_pending;
			my $newjob = db->jobs->create({
				maybe contest => $_{contest},
				private => $private,
				date => time,
				extension => FORMAT_EXTENSION->{$_{prog_format}},
				format => $_{prog_format},
				problem => $_{problem},
				source => $source,
				owner => remote_user->id,
			});

			purge '/log/';
			[303, [Location => '/log/' . $newjob->id], []]
		},

		sub (/action/request-reset + %:username=) {
			return reply 'Password resets are disabled' unless $ENV{GRUNTMASTER_RESET_FROM};
			my $user = db->user($_{username});
			return reply 'No such user' unless $user;
			my $token = join ':', $user->make_reset_hmac;
			my $body = <<EOF;
Someone has requested a password reset for your account.

To reset your password, please submit the reset password form on the
website using the following information:

Username: $_{username}
Password: <your new password>
Reset token: $token

The token is valid for 24 hours.
EOF
			my $email = Email::Simple->create(
				header => [
					From    => $ENV{GRUNTMASTER_RESET_FROM},
					To      => $user->email,
					Subject => 'Password reset token',
				],
				body => $body,
			);

			my $ok = 0;
			eval {
				sendmail $email;
				$ok = 1;
			};
			return reply 'Email sent' if $ok;
			reply "Failure sending email: $@";
		},

		sub (/action/reset + %:username=&:password=&:token=) {
			my $user = db->user($_{username});
			return reply 'No such user' unless $user;
			my ($token, $exp) = split ':', $_{token};
			return reply 'Reset token is expired' if time >= $exp;
			return reply 'Bad reset token' unless $user->make_reset_hmac($exp) eq $token;
			$user->set_passphrase($_{password});
			reply 'Password reset successfully';
		},
	}
}


1;
__END__
Commit	Line	Data
7dc32473 MG	1	package Plack::App::Gruntmaster;
	2
	3	use 5.014000;
	4	use strict;
7dc32473 MG	5	our $VERSION = '5999.000_001';
7dc32473 MG	6
e03e380b	7	use CSS::Minifier::XS;
3b69df7a	8	use Encode qw/encode decode/;
f34254b8	9	use File::Slurp qw/read_file/;
e03e380b	10	use JavaScript::Minifier::XS;
3b69df7a	11	use JSON::MaybeXS qw/encode_json/;
594d53ba MG	12	use PerlX::Maybe;
594d53ba MG	13	use Scope::Upper qw/unwind SUB UP/;
3b69df7a	14	use Web::Simple;
594d53ba MG	15
594d53ba MG	16	use Gruntmaster::Data;
3b69df7a MG	17	use Plack::App::Gruntmaster::HTML;
3b69df7a MG	18
3c434a02 MG	19	use Email::Sender::Simple qw/sendmail/;
	20	use Email::Simple;
	21
3b69df7a MG	22	use warnings NONFATAL => 'all';
3b69df7a MG	23	no warnings 'illegalproto';
f34254b8	24
594d53ba MG	25	##################################################
594d53ba MG	26
594d53ba MG	27	use constant USER_REGEX => qr/^\w{2,20}$/a;
594d53ba MG	28
e03e380b MG	29	use constant CONTENT_TYPES => +{
	30	c => 'text/x-csrc',
	31	cpp => 'text/x-c++src',
	32	cs => 'text/x-csharp', # Used by GNOME. Not in mime.types.
a5e355d6 MG	33	go => 'text/plain', # ?
a5e355d6 MG	34	hs => 'text/x-haskell',
e03e380b MG	35	java => 'text/x-java',
	36	pas => 'text/x-pascal',
	37	pl => 'text/x-perl',
	38	py => 'text/x-python',
76454bde	39	l => 'text/plain',
e03e380b	40	};
594d53ba MG	41
	42	use constant FORMAT_EXTENSION => {
	43	C => 'c',
	44	CPP => 'cpp',
a5e355d6 MG	45	GCCGO => 'go',
	46	GOLANG => 'go',
	47	HASKELL => 'hs',
594d53ba MG	48	MONO => 'cs',
	49	JAVA => 'java',
	50	PASCAL => 'pas',
	51	PERL => 'pl',
	52	PYTHON => 'py',
e6d1bcd4	53	SBCL => 'l',
594d53ba MG	54	};
594d53ba MG	55
e03e380b	56	use constant NOT_FOUND => [404, ['Content-Type' => 'text/plain'], ['Not found']];
3b69df7a	57	use constant FORBIDDEN => [401, ['Content-Type' => 'text/plain', 'WWW-Authenticate' => 'Basic realm="Gruntmaster 6000"'], ['Forbidden']];
594d53ba	58
1bb102ef MG	59	sub development() { ($ENV{PLACK_ENV} // 'development') eq 'development' }
1bb102ef MG	60
c039d63e	61	my ($env, $privacy);
594d53ba MG	62
	63	sub db { $env->{'gruntmaster.dbic'} }
	64
	65	sub remote_user {
	66	my $user = $env->{'gruntmaster.user'};
	67	$user &&= db->user($user);
	68	$user
	69	}
	70
3b69df7a	71	sub admin { remote_user && remote_user->admin }
594d53ba MG	72	sub contest { db->contest ($_{contest}) }
	73	sub problem { db->problem ($_{problem}) }
	74	sub job { db->job ($_{job}) }
	75	sub user { db->user ($_{user}) }
	76
	77	sub redirect { [301, ['X-Forever' => 1, 'Location' => $_[0]], []] }
	78	sub reply { [200, ['Content-Type' => 'text/plain'], \@_] }
	79	sub response {
c039d63e	80	my ($template, $title, $params, $maxage) = @_;
594d53ba MG	81	unless ($params) {
	82	$params = $title;
	83	$title = 'No title';
	84	}
9a4806b3	85	$params->{time} = time;
39e2d01a	86	$params->{args} = {%_};
c039d63e	87	bless {template => $template, title => $title, params => $params, maxage => ($maxage // 1)}, __PACKAGE__.'::Response'
594d53ba	88	}
3b69df7a	89
c039d63e MG	90	sub forbid {
	91	my ($condition) = @_;
	92	$privacy = 'private' if $condition;
	93	return if !$condition \|\| admin;
594d53ba MG	94	unwind FORBIDDEN, SUB UP
594d53ba MG	95	}
31d70015	96
594d53ba MG	97	sub dispatch_request{
594d53ba MG	98	$env = $_[PSGI_ENV];
c039d63e MG	99	$privacy = 'public';
c039d63e MG	100
594d53ba MG	101	sub (GET) {
	102	sub (/css/:theme) {
	103	my $theme = $_{theme};
	104	return NOT_FOUND unless -e "css/themes/$theme.css";
	105	my $css = read_file "css/themes/$theme.css";
	106	$css .= read_file $_ for <css/*.css>;
	107	my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'text/css');
1bb102ef	108	[200, \@headers, [development ? $css : CSS::Minifier::XS::minify $css]]
594d53ba MG	109	},
	110
	111	sub (/js.js) {
	112	my $js;
	113	$js .= read_file $_ for <js/*.js>;
	114	my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'application/javascript');
1bb102ef	115	[200, \@headers, [development ? $js : JavaScript::Minifier::XS::minify $js]]
594d53ba MG	116	},
	117
	118	sub (/src/:job) {
	119	return NOT_FOUND if !job;
c22928ed	120	my $isowner = remote_user && remote_user->id eq job->rawowner;
e547b147 MG	121	my $private = job->private \|\| job->problem->private \|\| job->contest && job->contest->is_running;
	122	forbid !$isowner && $private;
	123	my $privacy = $private ? 'private' : 'public';
	124	my @headers = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=604800", 'Content-Type' => CONTENT_TYPES->{job->format});
	125	push @headers, (Vary => 'Authorization') if $private;
594d53ba MG	126	[200, \@headers, [job->source]]
	127	},
	128
	129	sub (?:contest=) {
	130	return NOT_FOUND if !contest;
	131	forbid contest->is_pending;
	132	response_filter { return shift }
	133	},
	134
	135	sub (?:problem=) {
	136	return NOT_FOUND if !problem;
	137	forbid problem->is_private;
	138	response_filter { return shift }
	139	},
	140
d3892d73	141	sub (?:format~) {
feaa8f5a	142	my $format = lc ($_{format} // '');
594d53ba MG	143	response_filter {
	144	my ($r) = @_;
	145	return $r if ref $r ne 'Plack::App::Gruntmaster::Response';
c039d63e	146	my @hdrs = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=$r->{maxage}");
be6551aa	147	push @hdrs, Vary => 'Authorization' if $privacy eq 'private';
c039d63e	148	return [200, ['Content-Type' => 'application/json', @hdrs], [encode_json $r->{params}]] if $format eq 'json';
3b69df7a	149	my $ret = render $r->{template}, 'en', title => $r->{title}, %{$r->{params}};
c039d63e	150	[200, ['Content-Type' => 'text/html', @hdrs], [encode 'UTF-8', $ret]]
594d53ba MG	151	},
	152	},
	153
594d53ba MG	154	sub (/st/:contest) {
594d53ba MG	155	response st => 'Standings', {
7468a6a7	156	st => [ contest->standings ],
ebca729d MG	157	problems => [
	158	map { [$_->id, $_->name] }
	159	sort { $a->value <=> $b->value }
	160	map { $_->problem } contest->contest_problems],
c039d63e	161	}, 10
594d53ba MG	162	},
594d53ba MG	163
645cfb7d MG	164	sub (/ed/:contest) {
645cfb7d MG	165	forbid contest->is_running;
00c887ce MG	166	my $pblist = db->problem_list(contest => $_{contest}, solution => 1);
00c887ce MG	167	response ed => 'Editorial of ' . contest->name, {%$pblist, editorial => contest->editorial};
645cfb7d MG	168	},
645cfb7d MG	169
462db4aa MG	170	sub (/login) {
	171	forbid !remote_user;
	172
4f3b70b7 MG	173	my $return = $env->{HTTP_REFERER} // '/';
4f3b70b7 MG	174	[303, ['Set-Cookie' => "username=".remote_user->id, Location => $return], []]
462db4aa MG	175	},
462db4aa MG	176
594d53ba MG	177	sub (/ct/:contest/log/st) { redirect "/st/$_{contest}" },
	178
	179	sub (/us/) { response us => 'Users', {us => db->user_list} },
	180	sub (/ct/ + ?:owner~) { response ct => 'Contests', db->contest_list(%_) },
b8a0fa71 MG	181	sub (/log/ + ?:contest~&:owner~&:page~&:problem~&:private~) {
b8a0fa71 MG	182	forbid $_{private};
39e2d01a	183	response log => 'Job list', {%{db->job_list(%_)}, maybe contest => $_{contest},}
b8a0fa71	184	},
87ffd88b	185	sub (/pb/ + ?:owner~&:contest~&:private~) {
b8a0fa71 MG	186	forbid $_{private};
	187	response pb => 'Problems', {%{db->problem_list(%_)}, maybe contest => $_{contest}}
	188	},
594d53ba MG	189
	190	sub (/us/:user) { response us_entry => user->name, db->user_entry($_{user}) },
	191	sub (/ct/:contest) { response ct_entry => contest->name, db->contest_entry($_{contest}) },
28e89d6c MG	192	sub (/log/:job) {
	193	forbid job->private;
	194	response log_entry => "Job $_{job}", db->job_entry($_{job})
	195	},
84ca7535 MG	196	sub (/pb/:problem + ?contest~) {
	197	my (undef, undef, $contest) = @_;
	198	$_{contest} = $contest;
594d53ba MG	199	return NOT_FOUND if !contest && !problem->is_in_archive \|\| contest && !db->contest_problems->find($_{contest}, $_{problem});
594d53ba MG	200	forbid problem->is_private;
5b76a57d MG	201	if (contest && contest->is_running) {
	202	forbid !remote_user;
	203	$privacy = 'private';
	204	}
33ea2780	205	response pb_entry => problem->name, {%{db->problem_entry($_{problem}, $_{contest}, remote_user && remote_user->id)}, maybe contest => $_{contest}};
594d53ba	206	},
e4d5bdf5 MG	207	sub (/sol/:problem) {
	208	forbid !problem->is_in_archive;
	209	response sol => 'Solution of ' . problem->name, {solution => db->problem($_{problem})->solution};
	210	},
594d53ba MG	211
594d53ba MG	212	sub (/) { redispatch_to '/index' },
cb0122d7	213	sub (/favicon.ico) { redirect '/static/favicon.ico' },
c039d63e	214	sub (/:article) { [200, ['Content-Type' => 'text/html', 'Cache-Control' => 'public, max-age=60', 'X-Forever' => 1], [render_article $_{article}, 'en']] }
594d53ba MG	215	},
	216
	217	sub (POST) {
ca0c7ea2	218	sub (/action/register + %:username=&:password=&:confirm_password=&:name=&:email=&:phone=&:town=&:university=&:country=&:level=) {
594d53ba MG	219	return reply 'Parameter too long' if grep { length > 200 } values %_;
	220	return reply 'Bad username. Allowed characters are letters, digits and underscores, and the username must be between 2 and 20 characters long.' unless $_{username} =~ USER_REGEX;
	221	return reply 'Username already in use' if db->user($_{username});
	222	return reply 'The two passwords do not match' unless $_{password} eq $_{confirm_password};
	223
ca0c7ea2	224	db->users->create({id => $_{username}, name => $_{name}, email => $_{email}, phone => $_{phone}, town => $_{town}, university => $_{university}, country => $_{country}, level => $_{level}});
594d53ba MG	225	db->user($_{username})->set_passphrase($_{password});
594d53ba MG	226
c039d63e	227	purge '/us/';
594d53ba MG	228	reply 'Registered successfully';
	229	},
	230
	231	sub (/action/passwd + %:password=&:new_password=&:confirm_new_password=) {
	232	forbid !remote_user;
	233	return reply 'Incorrect password' unless remote_user->check_passphrase($_{password});
	234	return reply 'The two passwords do not match' unless $_{new_password} eq $_{confirm_new_password};
	235	remote_user->set_passphrase($_{new_password});
	236	reply 'Password changed successfully';
	237	},
	238
08794667 MG	239	sub (/action/submit + %:problem=&:contest~&:prog_format=&:source_code~ + *prog~) {
08794667 MG	240	my (undef, undef, $prog) = @_;
594d53ba	241	forbid !remote_user;
3b69df7a MG	242	return reply 'This contest has finished' if contest && contest->is_finished;
3b69df7a MG	243	return reply 'This contest has not yet started' if !admin && contest && contest->is_pending;
31f5eb01	244	return reply 'This problem does not belong to this contest' if !contest && !problem->is_in_archive \|\| contest && !db->contest_problems->find($_{contest}, $_{problem});
08794667	245	return reply 'Maximum source size is 10KB' if ($prog ? $prog->size : length $_{source_code}) > 10 * 1024;
594d53ba MG	246	return reply 'You must wait 30 seconds between jobs' if !admin && time <= remote_user->lastjob + 30;
	247	remote_user->update({lastjob => time});
	248
08794667 MG	249	my $source = $prog ? read_file $prog->path : $_{source_code};
08794667 MG	250	unlink $prog->path if $prog;
cb6adaff	251	my $private = (problem->private && !$_{contest}) ? 1 : 0;
b2597e87	252	$private = 1 if contest && contest->is_pending;
31dc8096	253	my $newjob = db->jobs->create({
594d53ba	254	maybe contest => $_{contest},
cb6adaff	255	private => $private,
594d53ba MG	256	date => time,
	257	extension => FORMAT_EXTENSION->{$_{prog_format}},
	258	format => $_{prog_format},
	259	problem => $_{problem},
08794667	260	source => $source,
594d53ba MG	261	owner => remote_user->id,
	262	});
	263
c039d63e	264	purge '/log/';
31dc8096	265	[303, [Location => '/log/' . $newjob->id], []]
3c434a02 MG	266	},
	267
	268	sub (/action/request-reset + %:username=) {
	269	return reply 'Password resets are disabled' unless $ENV{GRUNTMASTER_RESET_FROM};
	270	my $user = db->user($_{username});
	271	return reply 'No such user' unless $user;
	272	my $token = join ':', $user->make_reset_hmac;
	273	my $body = <<EOF;
	274	Someone has requested a password reset for your account.
	275
	276	To reset your password, please submit the reset password form on the
	277	website using the following information:
	278
	279	Username: $_{username}
	280	Password: <your new password>
	281	Reset token: $token
410e4ed9 MG	282
410e4ed9 MG	283	The token is valid for 24 hours.
3c434a02 MG	284	EOF
	285	my $email = Email::Simple->create(
	286	header => [
	287	From => $ENV{GRUNTMASTER_RESET_FROM},
	288	To => $user->email,
	289	Subject => 'Password reset token',
	290	],
	291	body => $body,
	292	);
	293
	294	my $ok = 0;
	295	eval {
	296	sendmail $email;
	297	$ok = 1;
	298	};
	299	return reply 'Email sent' if $ok;
	300	reply "Failure sending email: $@";
	301	},
	302
	303	sub (/action/reset + %:username=&:password=&:token=) {
	304	my $user = db->user($_{username});
	305	return reply 'No such user' unless $user;
	306	my ($token, $exp) = split ':', $_{token};
62f12c1f	307	return reply 'Reset token is expired' if time >= $exp;
3c434a02 MG	308	return reply 'Bad reset token' unless $user->make_reset_hmac($exp) eq $token;
	309	$user->set_passphrase($_{password});
	310	reply 'Password reset successfully';
	311	},
594d53ba	312	}
7dc32473 MG	313	}
7dc32473 MG	314
594d53ba	315
7dc32473 MG	316	1;
7dc32473 MG	317	__END__