]>
Commit | Line | Data |
---|---|---|
7dc32473 MG |
1 | package Plack::App::Gruntmaster; |
2 | ||
3 | use 5.014000; | |
4 | use strict; | |
7dc32473 MG |
5 | our $VERSION = '5999.000_001'; |
6 | ||
e03e380b | 7 | use CSS::Minifier::XS; |
3b69df7a | 8 | use Encode qw/encode decode/; |
f34254b8 | 9 | use File::Slurp qw/read_file/; |
e03e380b | 10 | use JavaScript::Minifier::XS; |
3b69df7a | 11 | use JSON::MaybeXS qw/encode_json/; |
594d53ba MG |
12 | use PerlX::Maybe; |
13 | use Scope::Upper qw/unwind SUB UP/; | |
3b69df7a | 14 | use Web::Simple; |
594d53ba MG |
15 | |
16 | use Gruntmaster::Data; | |
3b69df7a MG |
17 | use Plack::App::Gruntmaster::HTML; |
18 | ||
3c434a02 MG |
19 | use Email::Sender::Simple qw/sendmail/; |
20 | use Email::Simple; | |
21 | ||
3b69df7a MG |
22 | use warnings NONFATAL => 'all'; |
23 | no warnings 'illegalproto'; | |
f34254b8 | 24 | |
594d53ba MG |
25 | ################################################## |
26 | ||
594d53ba MG |
27 | use constant USER_REGEX => qr/^\w{2,20}$/a; |
28 | ||
e03e380b MG |
29 | use constant CONTENT_TYPES => +{ |
30 | c => 'text/x-csrc', | |
31 | cpp => 'text/x-c++src', | |
32 | cs => 'text/x-csharp', # Used by GNOME. Not in mime.types. | |
a5e355d6 MG |
33 | go => 'text/plain', # ? |
34 | hs => 'text/x-haskell', | |
e03e380b MG |
35 | java => 'text/x-java', |
36 | pas => 'text/x-pascal', | |
37 | pl => 'text/x-perl', | |
38 | py => 'text/x-python', | |
76454bde | 39 | l => 'text/plain', |
e03e380b | 40 | }; |
594d53ba MG |
41 | |
42 | use constant FORMAT_EXTENSION => { | |
43 | C => 'c', | |
44 | CPP => 'cpp', | |
a5e355d6 MG |
45 | GCCGO => 'go', |
46 | GOLANG => 'go', | |
47 | HASKELL => 'hs', | |
594d53ba MG |
48 | MONO => 'cs', |
49 | JAVA => 'java', | |
50 | PASCAL => 'pas', | |
51 | PERL => 'pl', | |
52 | PYTHON => 'py', | |
e6d1bcd4 | 53 | SBCL => 'l', |
594d53ba MG |
54 | }; |
55 | ||
e03e380b | 56 | use constant NOT_FOUND => [404, ['Content-Type' => 'text/plain'], ['Not found']]; |
3b69df7a | 57 | use constant FORBIDDEN => [401, ['Content-Type' => 'text/plain', 'WWW-Authenticate' => 'Basic realm="Gruntmaster 6000"'], ['Forbidden']]; |
594d53ba | 58 | |
1bb102ef MG |
59 | sub development() { ($ENV{PLACK_ENV} // 'development') eq 'development' } |
60 | ||
c039d63e | 61 | my ($env, $privacy); |
594d53ba MG |
62 | |
63 | sub db { $env->{'gruntmaster.dbic'} } | |
64 | ||
65 | sub remote_user { | |
66 | my $user = $env->{'gruntmaster.user'}; | |
67 | $user &&= db->user($user); | |
68 | $user | |
69 | } | |
70 | ||
3b69df7a | 71 | sub admin { remote_user && remote_user->admin } |
594d53ba MG |
72 | sub contest { db->contest ($_{contest}) } |
73 | sub problem { db->problem ($_{problem}) } | |
74 | sub job { db->job ($_{job}) } | |
75 | sub user { db->user ($_{user}) } | |
76 | ||
77 | sub redirect { [301, ['X-Forever' => 1, 'Location' => $_[0]], []] } | |
78 | sub reply { [200, ['Content-Type' => 'text/plain'], \@_] } | |
79 | sub response { | |
c039d63e | 80 | my ($template, $title, $params, $maxage) = @_; |
594d53ba MG |
81 | unless ($params) { |
82 | $params = $title; | |
83 | $title = 'No title'; | |
84 | } | |
9a4806b3 | 85 | $params->{time} = time; |
39e2d01a | 86 | $params->{args} = {%_}; |
c039d63e | 87 | bless {template => $template, title => $title, params => $params, maxage => ($maxage // 1)}, __PACKAGE__.'::Response' |
594d53ba | 88 | } |
3b69df7a | 89 | |
c039d63e MG |
90 | sub forbid { |
91 | my ($condition) = @_; | |
92 | $privacy = 'private' if $condition; | |
93 | return if !$condition || admin; | |
594d53ba MG |
94 | unwind FORBIDDEN, SUB UP |
95 | } | |
31d70015 | 96 | |
594d53ba MG |
97 | sub dispatch_request{ |
98 | $env = $_[PSGI_ENV]; | |
c039d63e MG |
99 | $privacy = 'public'; |
100 | ||
594d53ba MG |
101 | sub (GET) { |
102 | sub (/css/:theme) { | |
103 | my $theme = $_{theme}; | |
104 | return NOT_FOUND unless -e "css/themes/$theme.css"; | |
105 | my $css = read_file "css/themes/$theme.css"; | |
106 | $css .= read_file $_ for <css/*.css>; | |
107 | my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'text/css'); | |
1bb102ef | 108 | [200, \@headers, [development ? $css : CSS::Minifier::XS::minify $css]] |
594d53ba MG |
109 | }, |
110 | ||
111 | sub (/js.js) { | |
112 | my $js; | |
113 | $js .= read_file $_ for <js/*.js>; | |
114 | my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'application/javascript'); | |
1bb102ef | 115 | [200, \@headers, [development ? $js : JavaScript::Minifier::XS::minify $js]] |
594d53ba MG |
116 | }, |
117 | ||
118 | sub (/src/:job) { | |
119 | return NOT_FOUND if !job; | |
c22928ed | 120 | my $isowner = remote_user && remote_user->id eq job->rawowner; |
e547b147 MG |
121 | my $private = job->private || job->problem->private || job->contest && job->contest->is_running; |
122 | forbid !$isowner && $private; | |
123 | my $privacy = $private ? 'private' : 'public'; | |
124 | my @headers = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=604800", 'Content-Type' => CONTENT_TYPES->{job->format}); | |
125 | push @headers, (Vary => 'Authorization') if $private; | |
594d53ba MG |
126 | [200, \@headers, [job->source]] |
127 | }, | |
128 | ||
129 | sub (?:contest=) { | |
130 | return NOT_FOUND if !contest; | |
131 | forbid contest->is_pending; | |
132 | response_filter { return shift } | |
133 | }, | |
134 | ||
135 | sub (?:problem=) { | |
136 | return NOT_FOUND if !problem; | |
137 | forbid problem->is_private; | |
138 | response_filter { return shift } | |
139 | }, | |
140 | ||
d3892d73 | 141 | sub (?:format~) { |
feaa8f5a | 142 | my $format = lc ($_{format} // ''); |
594d53ba MG |
143 | response_filter { |
144 | my ($r) = @_; | |
145 | return $r if ref $r ne 'Plack::App::Gruntmaster::Response'; | |
c039d63e | 146 | my @hdrs = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=$r->{maxage}"); |
be6551aa | 147 | push @hdrs, Vary => 'Authorization' if $privacy eq 'private'; |
c039d63e | 148 | return [200, ['Content-Type' => 'application/json', @hdrs], [encode_json $r->{params}]] if $format eq 'json'; |
3b69df7a | 149 | my $ret = render $r->{template}, 'en', title => $r->{title}, %{$r->{params}}; |
c039d63e | 150 | [200, ['Content-Type' => 'text/html', @hdrs], [encode 'UTF-8', $ret]] |
594d53ba MG |
151 | }, |
152 | }, | |
153 | ||
594d53ba MG |
154 | sub (/st/:contest) { |
155 | response st => 'Standings', { | |
7468a6a7 | 156 | st => [ contest->standings ], |
ebca729d MG |
157 | problems => [ |
158 | map { [$_->id, $_->name] } | |
159 | sort { $a->value <=> $b->value } | |
160 | map { $_->problem } contest->contest_problems], | |
c039d63e | 161 | }, 10 |
594d53ba MG |
162 | }, |
163 | ||
645cfb7d MG |
164 | sub (/ed/:contest) { |
165 | forbid contest->is_running; | |
166 | response ed => 'Editorial of ' . contest->name, db->problem_list(contest => $_{contest}, solution => 1); | |
167 | }, | |
168 | ||
462db4aa MG |
169 | sub (/login) { |
170 | forbid !remote_user; | |
171 | ||
4f3b70b7 MG |
172 | my $return = $env->{HTTP_REFERER} // '/'; |
173 | [303, ['Set-Cookie' => "username=".remote_user->id, Location => $return], []] | |
462db4aa MG |
174 | }, |
175 | ||
594d53ba MG |
176 | sub (/ct/:contest/log/st) { redirect "/st/$_{contest}" }, |
177 | ||
178 | sub (/us/) { response us => 'Users', {us => db->user_list} }, | |
179 | sub (/ct/ + ?:owner~) { response ct => 'Contests', db->contest_list(%_) }, | |
b8a0fa71 MG |
180 | sub (/log/ + ?:contest~&:owner~&:page~&:problem~&:private~) { |
181 | forbid $_{private}; | |
39e2d01a | 182 | response log => 'Job list', {%{db->job_list(%_)}, maybe contest => $_{contest},} |
b8a0fa71 | 183 | }, |
87ffd88b | 184 | sub (/pb/ + ?:owner~&:contest~&:private~) { |
b8a0fa71 MG |
185 | forbid $_{private}; |
186 | response pb => 'Problems', {%{db->problem_list(%_)}, maybe contest => $_{contest}} | |
187 | }, | |
594d53ba MG |
188 | |
189 | sub (/us/:user) { response us_entry => user->name, db->user_entry($_{user}) }, | |
190 | sub (/ct/:contest) { response ct_entry => contest->name, db->contest_entry($_{contest}) }, | |
28e89d6c MG |
191 | sub (/log/:job) { |
192 | forbid job->private; | |
193 | response log_entry => "Job $_{job}", db->job_entry($_{job}) | |
194 | }, | |
84ca7535 MG |
195 | sub (/pb/:problem + ?contest~) { |
196 | my (undef, undef, $contest) = @_; | |
197 | $_{contest} = $contest; | |
594d53ba MG |
198 | return NOT_FOUND if !contest && !problem->is_in_archive || contest && !db->contest_problems->find($_{contest}, $_{problem}); |
199 | forbid problem->is_private; | |
5b76a57d MG |
200 | if (contest && contest->is_running) { |
201 | forbid !remote_user; | |
202 | $privacy = 'private'; | |
203 | } | |
33ea2780 | 204 | response pb_entry => problem->name, {%{db->problem_entry($_{problem}, $_{contest}, remote_user && remote_user->id)}, maybe contest => $_{contest}}; |
594d53ba | 205 | }, |
e4d5bdf5 MG |
206 | sub (/sol/:problem) { |
207 | forbid !problem->is_in_archive; | |
208 | response sol => 'Solution of ' . problem->name, {solution => db->problem($_{problem})->solution}; | |
209 | }, | |
594d53ba MG |
210 | |
211 | sub (/) { redispatch_to '/index' }, | |
cb0122d7 | 212 | sub (/favicon.ico) { redirect '/static/favicon.ico' }, |
c039d63e | 213 | sub (/:article) { [200, ['Content-Type' => 'text/html', 'Cache-Control' => 'public, max-age=60', 'X-Forever' => 1], [render_article $_{article}, 'en']] } |
594d53ba MG |
214 | }, |
215 | ||
216 | sub (POST) { | |
ca0c7ea2 | 217 | sub (/action/register + %:username=&:password=&:confirm_password=&:name=&:email=&:phone=&:town=&:university=&:country=&:level=) { |
594d53ba MG |
218 | return reply 'Parameter too long' if grep { length > 200 } values %_; |
219 | return reply 'Bad username. Allowed characters are letters, digits and underscores, and the username must be between 2 and 20 characters long.' unless $_{username} =~ USER_REGEX; | |
220 | return reply 'Username already in use' if db->user($_{username}); | |
221 | return reply 'The two passwords do not match' unless $_{password} eq $_{confirm_password}; | |
222 | ||
ca0c7ea2 | 223 | db->users->create({id => $_{username}, name => $_{name}, email => $_{email}, phone => $_{phone}, town => $_{town}, university => $_{university}, country => $_{country}, level => $_{level}}); |
594d53ba MG |
224 | db->user($_{username})->set_passphrase($_{password}); |
225 | ||
c039d63e | 226 | purge '/us/'; |
594d53ba MG |
227 | reply 'Registered successfully'; |
228 | }, | |
229 | ||
230 | sub (/action/passwd + %:password=&:new_password=&:confirm_new_password=) { | |
231 | forbid !remote_user; | |
232 | return reply 'Incorrect password' unless remote_user->check_passphrase($_{password}); | |
233 | return reply 'The two passwords do not match' unless $_{new_password} eq $_{confirm_new_password}; | |
234 | remote_user->set_passphrase($_{new_password}); | |
235 | reply 'Password changed successfully'; | |
236 | }, | |
237 | ||
08794667 MG |
238 | sub (/action/submit + %:problem=&:contest~&:prog_format=&:source_code~ + *prog~) { |
239 | my (undef, undef, $prog) = @_; | |
594d53ba | 240 | forbid !remote_user; |
3b69df7a MG |
241 | return reply 'This contest has finished' if contest && contest->is_finished; |
242 | return reply 'This contest has not yet started' if !admin && contest && contest->is_pending; | |
31f5eb01 | 243 | return reply 'This problem does not belong to this contest' if !contest && !problem->is_in_archive || contest && !db->contest_problems->find($_{contest}, $_{problem}); |
08794667 | 244 | return reply 'Maximum source size is 10KB' if ($prog ? $prog->size : length $_{source_code}) > 10 * 1024; |
594d53ba MG |
245 | return reply 'You must wait 30 seconds between jobs' if !admin && time <= remote_user->lastjob + 30; |
246 | remote_user->update({lastjob => time}); | |
247 | ||
08794667 MG |
248 | my $source = $prog ? read_file $prog->path : $_{source_code}; |
249 | unlink $prog->path if $prog; | |
cb6adaff | 250 | my $private = (problem->private && !$_{contest}) ? 1 : 0; |
b2597e87 | 251 | $private = 1 if contest && contest->is_pending; |
31dc8096 | 252 | my $newjob = db->jobs->create({ |
594d53ba | 253 | maybe contest => $_{contest}, |
cb6adaff | 254 | private => $private, |
594d53ba MG |
255 | date => time, |
256 | extension => FORMAT_EXTENSION->{$_{prog_format}}, | |
257 | format => $_{prog_format}, | |
258 | problem => $_{problem}, | |
08794667 | 259 | source => $source, |
594d53ba MG |
260 | owner => remote_user->id, |
261 | }); | |
262 | ||
c039d63e | 263 | purge '/log/'; |
31dc8096 | 264 | [303, [Location => '/log/' . $newjob->id], []] |
3c434a02 MG |
265 | }, |
266 | ||
267 | sub (/action/request-reset + %:username=) { | |
268 | return reply 'Password resets are disabled' unless $ENV{GRUNTMASTER_RESET_FROM}; | |
269 | my $user = db->user($_{username}); | |
270 | return reply 'No such user' unless $user; | |
271 | my $token = join ':', $user->make_reset_hmac; | |
272 | my $body = <<EOF; | |
273 | Someone has requested a password reset for your account. | |
274 | ||
275 | To reset your password, please submit the reset password form on the | |
276 | website using the following information: | |
277 | ||
278 | Username: $_{username} | |
279 | Password: <your new password> | |
280 | Reset token: $token | |
281 | EOF | |
282 | my $email = Email::Simple->create( | |
283 | header => [ | |
284 | From => $ENV{GRUNTMASTER_RESET_FROM}, | |
285 | To => $user->email, | |
286 | Subject => 'Password reset token', | |
287 | ], | |
288 | body => $body, | |
289 | ); | |
290 | ||
291 | my $ok = 0; | |
292 | eval { | |
293 | sendmail $email; | |
294 | $ok = 1; | |
295 | }; | |
296 | return reply 'Email sent' if $ok; | |
297 | reply "Failure sending email: $@"; | |
298 | }, | |
299 | ||
300 | sub (/action/reset + %:username=&:password=&:token=) { | |
301 | my $user = db->user($_{username}); | |
302 | return reply 'No such user' unless $user; | |
303 | my ($token, $exp) = split ':', $_{token}; | |
62f12c1f | 304 | return reply 'Reset token is expired' if time >= $exp; |
3c434a02 MG |
305 | return reply 'Bad reset token' unless $user->make_reset_hmac($exp) eq $token; |
306 | $user->set_passphrase($_{password}); | |
307 | reply 'Password reset successfully'; | |
308 | }, | |
594d53ba | 309 | } |
7dc32473 MG |
310 | } |
311 | ||
594d53ba | 312 | |
7dc32473 MG |
313 | 1; |
314 | __END__ |