]>
Commit | Line | Data |
---|---|---|
7dc32473 MG |
1 | package Plack::App::Gruntmaster; |
2 | ||
3 | use 5.014000; | |
4 | use strict; | |
7dc32473 MG |
5 | our $VERSION = '5999.000_001'; |
6 | ||
e03e380b | 7 | use CSS::Minifier::XS; |
3b69df7a | 8 | use Encode qw/encode decode/; |
f34254b8 | 9 | use File::Slurp qw/read_file/; |
e03e380b | 10 | use JavaScript::Minifier::XS; |
3b69df7a | 11 | use JSON::MaybeXS qw/encode_json/; |
594d53ba MG |
12 | use PerlX::Maybe; |
13 | use Scope::Upper qw/unwind SUB UP/; | |
3b69df7a | 14 | use Web::Simple; |
594d53ba MG |
15 | |
16 | use Gruntmaster::Data; | |
3b69df7a MG |
17 | use Plack::App::Gruntmaster::HTML; |
18 | ||
3c434a02 MG |
19 | use Email::Sender::Simple qw/sendmail/; |
20 | use Email::Simple; | |
21 | ||
3b69df7a MG |
22 | use warnings NONFATAL => 'all'; |
23 | no warnings 'illegalproto'; | |
f34254b8 | 24 | |
594d53ba MG |
25 | ################################################## |
26 | ||
594d53ba MG |
27 | use constant USER_REGEX => qr/^\w{2,20}$/a; |
28 | ||
e03e380b MG |
29 | use constant CONTENT_TYPES => +{ |
30 | c => 'text/x-csrc', | |
31 | cpp => 'text/x-c++src', | |
32 | cs => 'text/x-csharp', # Used by GNOME. Not in mime.types. | |
a5e355d6 MG |
33 | go => 'text/plain', # ? |
34 | hs => 'text/x-haskell', | |
e03e380b MG |
35 | java => 'text/x-java', |
36 | pas => 'text/x-pascal', | |
37 | pl => 'text/x-perl', | |
38 | py => 'text/x-python', | |
76454bde | 39 | l => 'text/plain', |
e03e380b | 40 | }; |
594d53ba MG |
41 | |
42 | use constant FORMAT_EXTENSION => { | |
43 | C => 'c', | |
44 | CPP => 'cpp', | |
a5e355d6 MG |
45 | GCCGO => 'go', |
46 | GOLANG => 'go', | |
47 | HASKELL => 'hs', | |
594d53ba MG |
48 | MONO => 'cs', |
49 | JAVA => 'java', | |
50 | PASCAL => 'pas', | |
51 | PERL => 'pl', | |
52 | PYTHON => 'py', | |
e6d1bcd4 | 53 | SBCL => 'l', |
594d53ba MG |
54 | }; |
55 | ||
3ef32174 | 56 | use constant NOT_FOUND => [404, ['X-Forever' => 1, 'Content-Type' => 'text/plain'], ['Not found']]; |
3b69df7a | 57 | use constant FORBIDDEN => [401, ['Content-Type' => 'text/plain', 'WWW-Authenticate' => 'Basic realm="Gruntmaster 6000"'], ['Forbidden']]; |
594d53ba | 58 | |
1bb102ef MG |
59 | sub development() { ($ENV{PLACK_ENV} // 'development') eq 'development' } |
60 | ||
c039d63e | 61 | my ($env, $privacy); |
594d53ba MG |
62 | |
63 | sub db { $env->{'gruntmaster.dbic'} } | |
64 | ||
65 | sub remote_user { | |
66 | my $user = $env->{'gruntmaster.user'}; | |
67 | $user &&= db->user($user); | |
68 | $user | |
69 | } | |
70 | ||
3b69df7a | 71 | sub admin { remote_user && remote_user->admin } |
594d53ba MG |
72 | sub contest { db->contest ($_{contest}) } |
73 | sub problem { db->problem ($_{problem}) } | |
74 | sub job { db->job ($_{job}) } | |
75 | sub user { db->user ($_{user}) } | |
76 | ||
77 | sub redirect { [301, ['X-Forever' => 1, 'Location' => $_[0]], []] } | |
69c01de9 | 78 | sub reply { [200, ['Content-Type' => 'text/plain; charset=utf-8'], \@_] } |
594d53ba | 79 | sub response { |
c039d63e | 80 | my ($template, $title, $params, $maxage) = @_; |
594d53ba MG |
81 | unless ($params) { |
82 | $params = $title; | |
83 | $title = 'No title'; | |
84 | } | |
9a4806b3 | 85 | $params->{time} = time; |
39e2d01a | 86 | $params->{args} = {%_}; |
c039d63e | 87 | bless {template => $template, title => $title, params => $params, maxage => ($maxage // 1)}, __PACKAGE__.'::Response' |
594d53ba | 88 | } |
3b69df7a | 89 | |
c039d63e MG |
90 | sub forbid { |
91 | my ($condition) = @_; | |
92 | $privacy = 'private' if $condition; | |
93 | return if !$condition || admin; | |
594d53ba MG |
94 | unwind FORBIDDEN, SUB UP |
95 | } | |
31d70015 | 96 | |
594d53ba MG |
97 | sub dispatch_request{ |
98 | $env = $_[PSGI_ENV]; | |
c039d63e MG |
99 | $privacy = 'public'; |
100 | ||
594d53ba MG |
101 | sub (GET) { |
102 | sub (/css/:theme) { | |
103 | my $theme = $_{theme}; | |
104 | return NOT_FOUND unless -e "css/themes/$theme.css"; | |
105 | my $css = read_file "css/themes/$theme.css"; | |
106 | $css .= read_file $_ for <css/*.css>; | |
69c01de9 | 107 | my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'text/css; charset=utf-8'); |
1bb102ef | 108 | [200, \@headers, [development ? $css : CSS::Minifier::XS::minify $css]] |
594d53ba MG |
109 | }, |
110 | ||
111 | sub (/js.js) { | |
112 | my $js; | |
113 | $js .= read_file $_ for <js/*.js>; | |
69c01de9 | 114 | my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'application/javascript; charset=utf-8'); |
1bb102ef | 115 | [200, \@headers, [development ? $js : JavaScript::Minifier::XS::minify $js]] |
594d53ba MG |
116 | }, |
117 | ||
3ef32174 MG |
118 | sub (/robots.txt) { NOT_FOUND }, |
119 | sub (/favicon.ico) { NOT_FOUND }, | |
120 | ||
594d53ba MG |
121 | sub (/src/:job) { |
122 | return NOT_FOUND if !job; | |
c22928ed | 123 | my $isowner = remote_user && remote_user->id eq job->rawowner; |
e547b147 MG |
124 | my $private = job->private || job->problem->private || job->contest && job->contest->is_running; |
125 | forbid !$isowner && $private; | |
126 | my $privacy = $private ? 'private' : 'public'; | |
127 | my @headers = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=604800", 'Content-Type' => CONTENT_TYPES->{job->format}); | |
128 | push @headers, (Vary => 'Authorization') if $private; | |
594d53ba MG |
129 | [200, \@headers, [job->source]] |
130 | }, | |
131 | ||
132 | sub (?:contest=) { | |
133 | return NOT_FOUND if !contest; | |
134 | forbid contest->is_pending; | |
135 | response_filter { return shift } | |
136 | }, | |
137 | ||
138 | sub (?:problem=) { | |
139 | return NOT_FOUND if !problem; | |
140 | forbid problem->is_private; | |
141 | response_filter { return shift } | |
142 | }, | |
143 | ||
d3892d73 | 144 | sub (?:format~) { |
feaa8f5a | 145 | my $format = lc ($_{format} // ''); |
594d53ba MG |
146 | response_filter { |
147 | my ($r) = @_; | |
148 | return $r if ref $r ne 'Plack::App::Gruntmaster::Response'; | |
c039d63e | 149 | my @hdrs = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=$r->{maxage}"); |
be6551aa | 150 | push @hdrs, Vary => 'Authorization' if $privacy eq 'private'; |
69c01de9 | 151 | return [200, ['Content-Type' => 'application/json; charset=utf-8', @hdrs], [encode_json $r->{params}]] if $format eq 'json'; |
3b69df7a | 152 | my $ret = render $r->{template}, 'en', title => $r->{title}, %{$r->{params}}; |
69c01de9 | 153 | [200, ['Content-Type' => 'text/html; charset=utf-8', @hdrs], [encode 'UTF-8', $ret]] |
594d53ba MG |
154 | }, |
155 | }, | |
156 | ||
594d53ba MG |
157 | sub (/st/:contest) { |
158 | response st => 'Standings', { | |
7468a6a7 | 159 | st => [ contest->standings ], |
ebca729d MG |
160 | problems => [ |
161 | map { [$_->id, $_->name] } | |
162 | sort { $a->value <=> $b->value } | |
163 | map { $_->problem } contest->contest_problems], | |
c039d63e | 164 | }, 10 |
594d53ba MG |
165 | }, |
166 | ||
645cfb7d MG |
167 | sub (/ed/:contest) { |
168 | forbid contest->is_running; | |
169 | response ed => 'Editorial of ' . contest->name, db->problem_list(contest => $_{contest}, solution => 1); | |
170 | }, | |
171 | ||
462db4aa MG |
172 | sub (/login) { |
173 | forbid !remote_user; | |
174 | ||
4f3b70b7 MG |
175 | my $return = $env->{HTTP_REFERER} // '/'; |
176 | [303, ['Set-Cookie' => "username=".remote_user->id, Location => $return], []] | |
462db4aa MG |
177 | }, |
178 | ||
594d53ba MG |
179 | sub (/ct/:contest/log/st) { redirect "/st/$_{contest}" }, |
180 | ||
181 | sub (/us/) { response us => 'Users', {us => db->user_list} }, | |
182 | sub (/ct/ + ?:owner~) { response ct => 'Contests', db->contest_list(%_) }, | |
b8a0fa71 MG |
183 | sub (/log/ + ?:contest~&:owner~&:page~&:problem~&:private~) { |
184 | forbid $_{private}; | |
39e2d01a | 185 | response log => 'Job list', {%{db->job_list(%_)}, maybe contest => $_{contest},} |
b8a0fa71 | 186 | }, |
87ffd88b | 187 | sub (/pb/ + ?:owner~&:contest~&:private~) { |
b8a0fa71 MG |
188 | forbid $_{private}; |
189 | response pb => 'Problems', {%{db->problem_list(%_)}, maybe contest => $_{contest}} | |
190 | }, | |
594d53ba MG |
191 | |
192 | sub (/us/:user) { response us_entry => user->name, db->user_entry($_{user}) }, | |
193 | sub (/ct/:contest) { response ct_entry => contest->name, db->contest_entry($_{contest}) }, | |
28e89d6c MG |
194 | sub (/log/:job) { |
195 | forbid job->private; | |
196 | response log_entry => "Job $_{job}", db->job_entry($_{job}) | |
197 | }, | |
84ca7535 MG |
198 | sub (/pb/:problem + ?contest~) { |
199 | my (undef, undef, $contest) = @_; | |
200 | $_{contest} = $contest; | |
594d53ba MG |
201 | return NOT_FOUND if !contest && !problem->is_in_archive || contest && !db->contest_problems->find($_{contest}, $_{problem}); |
202 | forbid problem->is_private; | |
5b76a57d MG |
203 | if (contest && contest->is_running) { |
204 | forbid !remote_user; | |
205 | $privacy = 'private'; | |
206 | } | |
33ea2780 | 207 | response pb_entry => problem->name, {%{db->problem_entry($_{problem}, $_{contest}, remote_user && remote_user->id)}, maybe contest => $_{contest}}; |
594d53ba | 208 | }, |
e4d5bdf5 MG |
209 | sub (/sol/:problem) { |
210 | forbid !problem->is_in_archive; | |
211 | response sol => 'Solution of ' . problem->name, {solution => db->problem($_{problem})->solution}; | |
212 | }, | |
594d53ba MG |
213 | |
214 | sub (/) { redispatch_to '/index' }, | |
cb0122d7 | 215 | sub (/favicon.ico) { redirect '/static/favicon.ico' }, |
69c01de9 | 216 | sub (/:article) { [200, ['Content-Type' => 'text/html; charset=utf-8', 'Cache-Control' => 'public, max-age=60', 'X-Forever' => 1], [render_article $_{article}, 'en']] } |
594d53ba MG |
217 | }, |
218 | ||
219 | sub (POST) { | |
ca0c7ea2 | 220 | sub (/action/register + %:username=&:password=&:confirm_password=&:name=&:email=&:phone=&:town=&:university=&:country=&:level=) { |
594d53ba MG |
221 | return reply 'Parameter too long' if grep { length > 200 } values %_; |
222 | return reply 'Bad username. Allowed characters are letters, digits and underscores, and the username must be between 2 and 20 characters long.' unless $_{username} =~ USER_REGEX; | |
223 | return reply 'Username already in use' if db->user($_{username}); | |
224 | return reply 'The two passwords do not match' unless $_{password} eq $_{confirm_password}; | |
225 | ||
ca0c7ea2 | 226 | db->users->create({id => $_{username}, name => $_{name}, email => $_{email}, phone => $_{phone}, town => $_{town}, university => $_{university}, country => $_{country}, level => $_{level}}); |
594d53ba MG |
227 | db->user($_{username})->set_passphrase($_{password}); |
228 | ||
229 | reply 'Registered successfully'; | |
230 | }, | |
231 | ||
232 | sub (/action/passwd + %:password=&:new_password=&:confirm_new_password=) { | |
233 | forbid !remote_user; | |
234 | return reply 'Incorrect password' unless remote_user->check_passphrase($_{password}); | |
235 | return reply 'The two passwords do not match' unless $_{new_password} eq $_{confirm_new_password}; | |
236 | remote_user->set_passphrase($_{new_password}); | |
237 | reply 'Password changed successfully'; | |
238 | }, | |
239 | ||
08794667 MG |
240 | sub (/action/submit + %:problem=&:contest~&:prog_format=&:source_code~ + *prog~) { |
241 | my (undef, undef, $prog) = @_; | |
594d53ba | 242 | forbid !remote_user; |
3b69df7a MG |
243 | return reply 'This contest has finished' if contest && contest->is_finished; |
244 | return reply 'This contest has not yet started' if !admin && contest && contest->is_pending; | |
31f5eb01 | 245 | return reply 'This problem does not belong to this contest' if !contest && !problem->is_in_archive || contest && !db->contest_problems->find($_{contest}, $_{problem}); |
08794667 | 246 | return reply 'Maximum source size is 10KB' if ($prog ? $prog->size : length $_{source_code}) > 10 * 1024; |
594d53ba MG |
247 | return reply 'You must wait 30 seconds between jobs' if !admin && time <= remote_user->lastjob + 30; |
248 | remote_user->update({lastjob => time}); | |
249 | ||
08794667 MG |
250 | my $source = $prog ? read_file $prog->path : $_{source_code}; |
251 | unlink $prog->path if $prog; | |
cb6adaff | 252 | my $private = (problem->private && !$_{contest}) ? 1 : 0; |
b2597e87 | 253 | $private = 1 if contest && contest->is_pending; |
31dc8096 | 254 | my $newjob = db->jobs->create({ |
594d53ba | 255 | maybe contest => $_{contest}, |
cb6adaff | 256 | private => $private, |
594d53ba MG |
257 | date => time, |
258 | extension => FORMAT_EXTENSION->{$_{prog_format}}, | |
259 | format => $_{prog_format}, | |
260 | problem => $_{problem}, | |
08794667 | 261 | source => $source, |
594d53ba MG |
262 | owner => remote_user->id, |
263 | }); | |
264 | ||
31dc8096 | 265 | [303, [Location => '/log/' . $newjob->id], []] |
3c434a02 MG |
266 | }, |
267 | ||
268 | sub (/action/request-reset + %:username=) { | |
269 | return reply 'Password resets are disabled' unless $ENV{GRUNTMASTER_RESET_FROM}; | |
270 | my $user = db->user($_{username}); | |
271 | return reply 'No such user' unless $user; | |
272 | my $token = join ':', $user->make_reset_hmac; | |
273 | my $body = <<EOF; | |
274 | Someone has requested a password reset for your account. | |
275 | ||
276 | To reset your password, please submit the reset password form on the | |
277 | website using the following information: | |
278 | ||
279 | Username: $_{username} | |
280 | Password: <your new password> | |
281 | Reset token: $token | |
410e4ed9 MG |
282 | |
283 | The token is valid for 24 hours. | |
3c434a02 MG |
284 | EOF |
285 | my $email = Email::Simple->create( | |
286 | header => [ | |
287 | From => $ENV{GRUNTMASTER_RESET_FROM}, | |
288 | To => $user->email, | |
289 | Subject => 'Password reset token', | |
290 | ], | |
291 | body => $body, | |
292 | ); | |
293 | ||
294 | my $ok = 0; | |
295 | eval { | |
296 | sendmail $email; | |
297 | $ok = 1; | |
298 | }; | |
299 | return reply 'Email sent' if $ok; | |
300 | reply "Failure sending email: $@"; | |
301 | }, | |
302 | ||
303 | sub (/action/reset + %:username=&:password=&:token=) { | |
304 | my $user = db->user($_{username}); | |
305 | return reply 'No such user' unless $user; | |
306 | my ($token, $exp) = split ':', $_{token}; | |
62f12c1f | 307 | return reply 'Reset token is expired' if time >= $exp; |
3c434a02 MG |
308 | return reply 'Bad reset token' unless $user->make_reset_hmac($exp) eq $token; |
309 | $user->set_passphrase($_{password}); | |
310 | reply 'Password reset successfully'; | |
311 | }, | |
594d53ba | 312 | } |
7dc32473 MG |
313 | } |
314 | ||
594d53ba | 315 | |
7dc32473 MG |
316 | 1; |
317 | __END__ |