1 package Plack
::App
::Gruntmaster
;
5 our $VERSION = '5999.000_001';
8 use Encode qw
/encode decode/;
9 use File
::Slurp qw
/read_file/;
10 use JavaScript
::Minifier
::XS
;
11 use JSON
::MaybeXS qw
/encode_json/;
13 use Scope
::Upper qw
/unwind SUB UP/;
16 use Gruntmaster
::Data
;
17 use Plack
::App
::Gruntmaster
::HTML
;
19 use Email
::Sender
::Simple qw
/sendmail/;
22 use warnings NONFATAL
=> 'all';
23 no warnings
'illegalproto';
25 ##################################################
27 use constant USER_REGEX
=> qr/^\w{2,20}$/a;
29 use constant CONTENT_TYPES
=> +{
31 cpp
=> 'text/x-c++src',
32 cs
=> 'text/x-csharp', # Used by GNOME. Not in mime.types.
33 go
=> 'text/plain', # ?
34 hs
=> 'text/x-haskell',
35 java
=> 'text/x-java',
36 pas
=> 'text/x-pascal',
38 py
=> 'text/x-python',
42 use constant FORMAT_EXTENSION
=> {
56 use constant NOT_FOUND
=> [404, ['Content-Type' => 'text/plain'], ['Not found']];
57 use constant FORBIDDEN
=> [401, ['Content-Type' => 'text/plain', 'WWW-Authenticate' => 'Basic realm="Gruntmaster 6000"'], ['Forbidden']];
59 sub development
() { ($ENV{PLACK_ENV
} // 'development') eq 'development' }
63 sub db
{ $env->{'gruntmaster.dbic'} }
66 my $user = $env->{'gruntmaster.user'};
67 $user &&= db
->user($user);
71 sub admin
{ remote_user
&& remote_user
->admin }
72 sub contest
{ db
->contest ($_{contest
}) }
73 sub problem
{ db
->problem ($_{problem
}) }
74 sub job
{ db
->job ($_{job
}) }
75 sub user
{ db
->user ($_{user
}) }
77 sub redirect
{ [301, ['X-Forever' => 1, 'Location' => $_[0]], []] }
78 sub reply
{ [200, ['Content-Type' => 'text/plain'], \
@_] }
80 my ($template, $title, $params, $maxage) = @_;
85 $params->{time} = time;
86 $params->{args
} = {%_};
87 bless {template
=> $template, title
=> $title, params
=> $params, maxage
=> ($maxage // 1)}, __PACKAGE__
.'::Response'
92 $privacy = 'private' if $condition;
93 return if !$condition || admin
;
94 unwind FORBIDDEN
, SUB UP
103 my $theme = $_{theme
};
104 return NOT_FOUND
unless -e
"css/themes/$theme.css";
105 my $css = read_file
"css/themes/$theme.css";
106 $css .= read_file
$_ for <css
/*.css
>;
107 my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'text/css');
108 [200, \
@headers, [development ?
$css : CSS
::Minifier
::XS
::minify
$css]]
113 $js .= read_file
$_ for <js
/*.js
>;
114 my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'application/javascript');
115 [200, \
@headers, [development ?
$js : JavaScript
::Minifier
::XS
::minify
$js]]
119 return NOT_FOUND
if !job
;
120 my $isowner = remote_user
&& remote_user
->id eq job
->rawowner;
121 my $private = job
->private || job
->problem->private || job
->contest && job
->contest->is_running;
122 forbid
!$isowner && $private;
123 my $privacy = $private ?
'private' : 'public';
124 my @headers = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=604800", 'Content-Type' => CONTENT_TYPES
->{job
->format});
125 push @headers, (Vary
=> 'Authorization') if $private;
126 [200, \
@headers, [job
->source]]
130 return NOT_FOUND
if !contest
;
131 forbid contest
->is_pending;
132 response_filter
{ return shift }
136 return NOT_FOUND
if !problem
;
137 forbid problem
->is_private;
138 response_filter
{ return shift }
142 my $format = lc ($_{format
} // '');
145 return $r if ref $r ne 'Plack::App::Gruntmaster::Response';
146 my @hdrs = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=$r->{maxage}");
147 push @hdrs, Vary
=> 'Authorization' if $privacy eq 'private';
148 return [200, ['Content-Type' => 'application/json', @hdrs], [encode_json
$r->{params
}]] if $format eq 'json';
149 my $ret = render
$r->{template
}, 'en', title
=> $r->{title
}, %{$r->{params
}};
150 [200, ['Content-Type' => 'text/html', @hdrs], [encode
'UTF-8', $ret]]
155 response st
=> 'Standings', {
156 st
=> [ contest
->standings ],
158 map { [$_->id, $_->name] }
159 sort { $a->value <=> $b->value }
160 map { $_->problem } contest
->contest_problems],
165 forbid contest
->is_running;
166 response ed
=> 'Editorial of ' . contest
->name, db
->problem_list(contest
=> $_{contest
}, solution
=> 1);
172 my $return = $env->{HTTP_REFERER
} // '/';
173 [303, ['Set-Cookie' => "username=".remote_user
->id, Location
=> $return], []]
176 sub (/ct/:contest
/log/st
) { redirect
"/st/$_{contest}" },
178 sub (/us/) { response us
=> 'Users', {us
=> db
->user_list} },
179 sub (/ct/ + ?
:owner
~) { response ct
=> 'Contests', db
->contest_list(%_) },
180 sub (/log/ + ?
:contest
~&:owner
~&:page
~&:problem
~&:private
~) {
182 response
log => 'Job list', {%{db
->job_list(%_)}, maybe contest
=> $_{contest
},}
184 sub (/pb/ + ?
:owner
~&:contest
~&:private
~) {
186 response pb
=> 'Problems', {%{db
->problem_list(%_)}, maybe contest
=> $_{contest
}}
189 sub (/us/:user
) { response us_entry
=> user
->name, db
->user_entry($_{user
}) },
190 sub (/ct/:contest
) { response ct_entry
=> contest
->name, db
->contest_entry($_{contest
}) },
193 response log_entry
=> "Job $_{job}", db
->job_entry($_{job
})
195 sub (/pb/:problem
+ ?contest
~) {
196 my (undef, undef, $contest) = @_;
197 $_{contest
} = $contest;
198 return NOT_FOUND
if !contest
&& !problem
->is_in_archive || contest
&& !db
->contest_problems->find($_{contest
}, $_{problem
});
199 forbid problem
->is_private;
200 if (contest
&& contest
->is_running) {
202 $privacy = 'private';
204 response pb_entry
=> problem
->name, {%{db
->problem_entry($_{problem
}, $_{contest
}, remote_user
&& remote_user
->id)}, maybe contest
=> $_{contest
}};
206 sub (/sol/:problem
) {
207 forbid
!problem
->is_in_archive;
208 response sol
=> 'Solution of ' . problem
->name, {solution
=> db
->problem($_{problem
})->solution};
211 sub (/) { redispatch_to '/index
' },
212 sub (/favicon.ico) { redirect '/static
/favicon
.ico
' },
213 sub (/:article) { [200, ['Content
-Type
' => 'text
/html
', 'Cache
-Control
' => 'public
, max
-age
=60', 'X
-Forever
' => 1], [render_article $_{article}, 'en
']] }
217 sub (/action/register + %:username=&:password=&:confirm_password=&:name=&:email=&:phone=&:town=&:university=&:country=&:level=) {
218 return reply 'Parameter too long
' if grep { length > 200 } values %_;
219 return reply 'Bad username
. Allowed characters are letters
, digits
and underscores
, and the username must be between
2 and 20 characters long
.' unless $_{username} =~ USER_REGEX;
220 return reply 'Username already
in use' if db->user($_{username});
221 return reply 'The two passwords
do not match
' unless $_{password} eq $_{confirm_password};
223 db->users->create({id => $_{username}, name => $_{name}, email => $_{email}, phone => $_{phone}, town => $_{town}, university => $_{university}, country => $_{country}, level => $_{level}});
224 db->user($_{username})->set_passphrase($_{password});
227 reply 'Registered successfully
';
230 sub (/action/passwd + %:password=&:new_password=&:confirm_new_password=) {
232 return reply 'Incorrect password
' unless remote_user->check_passphrase($_{password});
233 return reply 'The two passwords
do not match
' unless $_{new_password} eq $_{confirm_new_password};
234 remote_user->set_passphrase($_{new_password});
235 reply 'Password changed successfully
';
238 sub (/action/submit + %:problem=&:contest~&:prog_format=&:source_code~ + *prog~) {
239 my (undef, undef, $prog) = @_;
241 return reply 'This contest has finished
' if contest && contest->is_finished;
242 return reply 'This contest has
not yet started
' if !admin && contest && contest->is_pending;
243 return reply 'This problem does
not belong to this contest
' if !contest && !problem->is_in_archive || contest && !db->contest_problems->find($_{contest}, $_{problem});
244 return reply 'Maximum source size is
10KB
' if ($prog ? $prog->size : length $_{source_code}) > 10 * 1024;
245 return reply 'You must
wait 30 seconds between jobs
' if !admin && time <= remote_user->lastjob + 30;
246 remote_user->update({lastjob => time});
248 my $source = $prog ? read_file $prog->path : $_{source_code};
249 unlink $prog->path if $prog;
250 my $private = (problem->private && !$_{contest}) ? 1 : 0;
251 $private = 1 if contest && contest->is_pending;
252 my $newjob = db->jobs->create({
253 maybe contest => $_{contest},
256 extension => FORMAT_EXTENSION->{$_{prog_format}},
257 format => $_{prog_format},
258 problem => $_{problem},
260 owner => remote_user->id,
264 [303, [Location => '/log/' . $newjob->id], []]
267 sub (/action/request-reset + %:username=) {
268 return reply 'Password resets are disabled
' unless $ENV{GRUNTMASTER_RESET_FROM};
269 my $user = db->user($_{username});
270 return reply 'No such user
' unless $user;
271 my $token = join ':', $user->make_reset_hmac;
273 Someone has requested a password reset for your account.
275 To reset your password, please submit the reset password form on the
276 website using the following information:
278 Username: $_{username}
279 Password: <your new password>
282 The token is valid for 24 hours.
284 my $email = Email
::Simple
->create(
286 From
=> $ENV{GRUNTMASTER_RESET_FROM
},
288 Subject
=> 'Password reset token',
298 return reply
'Email sent' if $ok;
299 reply
"Failure sending email: $@";
302 sub (/action/reset + %:username
=&:password
=&:token
=) {
303 my $user = db
->user($_{username
});
304 return reply
'No such user' unless $user;
305 my ($token, $exp) = split ':', $_{token
};
306 return reply
'Reset token is expired' if time >= $exp;
307 return reply
'Bad reset token' unless $user->make_reset_hmac($exp) eq $token;
308 $user->set_passphrase($_{password
});
309 reply
'Password reset successfully';