Make private sources Cache-Control: private and Vary: Authorization

[gruntmaster-page.git] / lib / Plack / App / Gruntmaster.pm

diff --git a/lib/Plack/App/Gruntmaster.pm b/lib/Plack/App/Gruntmaster.pm
index 9775b960c10d729d96c7984f5661dcf8f6e99073..6bc1f79eccc2a3179300a2f60e4856bf1cf9f25b 100644 (file)
--- a/lib/Plack/App/Gruntmaster.pm
+++ b/lib/Plack/App/Gruntmaster.pm
@@ -79,6 +79,7 @@ sub response {
                $title = 'No title';
        }
        $params->{time} = time;
+       $params->{args} = {%_};
        bless {template => $template, title => $title, params => $params, maxage => ($maxage // 1)}, __PACKAGE__.'::Response'
 }
 
@@ -112,8 +113,12 @@ sub dispatch_request{
 
                sub (/src/:job) {
                        return NOT_FOUND if !job;
-                       forbid job->private || job->problem->private || job->contest && job->contest->private;
-                       my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => CONTENT_TYPES->{job->format});
+                       my $isowner = remote_user && remote_user->id eq job->rawowner;
+                       my $private = job->private || job->problem->private || job->contest && job->contest->is_running;
+                       forbid !$isowner && $private;
+                       my $privacy = $private ? 'private' : 'public';
+                       my @headers = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=604800", 'Content-Type' => CONTENT_TYPES->{job->format});
+                       push @headers, (Vary => 'Authorization') if $private;
                        [200, \@headers, [job->source]]
                },
 
@@ -135,6 +140,7 @@ sub dispatch_request{
                                my ($r) = @_;
                                return $r if ref $r ne 'Plack::App::Gruntmaster::Response';
                                my @hdrs = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=$r->{maxage}");
+                               push @hdrs, Vary => 'Authorization' if $privacy eq 'private';
                                return [200, ['Content-Type' => 'application/json', @hdrs], [encode_json $r->{params}]] if $format eq 'json';
                                my $ret = render $r->{template}, 'en', title => $r->{title}, %{$r->{params}};
                                [200, ['Content-Type' => 'text/html', @hdrs], [encode 'UTF-8', $ret]]
@@ -144,10 +150,18 @@ sub dispatch_request{
                sub (/st/:contest) {
                        response st => 'Standings', {
                                st => [ contest->standings ],
-                               problems => [map { $_->problem } contest->contest_problems],
+                               problems => [
+                                       map { [$_->id, $_->name] }
+                                       sort { $a->value <=> $b->value }
+                                       map { $_->problem } contest->contest_problems],
                        }, 10
                },
 
+               sub (/ed/:contest) {
+                       forbid contest->is_running;
+                       response ed => 'Editorial of ' . contest->name, db->problem_list(contest => $_{contest}, solution => 1);
+               },
+
                sub (/login) {
                        forbid !remote_user;
 
@@ -161,7 +175,7 @@ sub dispatch_request{
                sub (/ct/  + ?:owner~)                            { response ct => 'Contests', db->contest_list(%_) },
                sub (/log/ + ?:contest~&:owner~&:page~&:problem~&:private~) {
                        forbid $_{private};
-                       response log => 'Job list', {%{db->job_list(%_)}, maybe contest => $_{contest}}
+                       response log => 'Job list', {%{db->job_list(%_)}, maybe contest => $_{contest},}
                },
                sub (/pb/  + ?:owner~&:contest~&:private~)                  {
                        forbid $_{private};
@@ -179,7 +193,11 @@ sub dispatch_request{
                        $_{contest} = $contest;
                        return NOT_FOUND if !contest && !problem->is_in_archive || contest && !db->contest_problems->find($_{contest}, $_{problem});
                        forbid problem->is_private;
-                       response pb_entry => problem->name, db->problem_entry($_{problem}, $_{contest}, remote_user && remote_user->id);
+                       if (contest && contest->is_running) {
+                               forbid !remote_user;
+                               $privacy = 'private';
+                       }
+                       response pb_entry => problem->name, {%{db->problem_entry($_{problem}, $_{contest}, remote_user && remote_user->id)}, maybe contest => $_{contest}};
                },
                sub (/sol/:problem) {
                        forbid !problem->is_in_archive;
@@ -187,17 +205,18 @@ sub dispatch_request{
                },
 
                sub (/) { redispatch_to '/index' },
+               sub (/favicon.ico) { redirect '/static/favicon.ico' },
                sub (/:article) { [200, ['Content-Type' => 'text/html', 'Cache-Control' => 'public, max-age=60', 'X-Forever' => 1], [render_article $_{article}, 'en']] }
        },
 
        sub (POST) {
-               sub (/action/register + %:username=&:password=&:confirm_password=&:name=&:email=&:phone=&:town=&:university=&:level=) {
+               sub (/action/register + %:username=&:password=&:confirm_password=&:name=&:email=&:phone=&:town=&:university=&:country=&:level=) {
                        return reply 'Parameter too long' if grep { length > 200 } values %_;
                        return reply 'Bad username. Allowed characters are letters, digits and underscores, and the username must be between 2 and 20 characters long.' unless $_{username} =~ USER_REGEX;
                        return reply 'Username already in use' if db->user($_{username});
                        return reply 'The two passwords do not match' unless $_{password} eq $_{confirm_password};
 
-                       db->users->create({id => $_{username}, name => $_{name}, email => $_{email}, phone => $_{phone}, town => $_{town}, university => $_{university}, level => $_{level}});
+                       db->users->create({id => $_{username}, name => $_{name}, email => $_{email}, phone => $_{phone}, town => $_{town}, university => $_{university}, country => $_{country}, level => $_{level}});
                        db->user($_{username})->set_passphrase($_{password});
 
                        purge '/us/';
@@ -217,15 +236,17 @@ sub dispatch_request{
                        forbid !remote_user;
                        return reply 'This contest has finished' if contest && contest->is_finished;
                        return reply 'This contest has not yet started' if !admin && contest && contest->is_pending;
+                       return reply 'This problem does not belong to this contest' if !contest && !problem->is_in_archive || contest && !db->contest_problems->find($_{contest}, $_{problem});
                        return reply 'Maximum source size is 10KB' if ($prog ? $prog->size : length $_{source_code}) > 10 * 1024;
                        return reply 'You must wait 30 seconds between jobs' if !admin && time <= remote_user->lastjob + 30;
                        remote_user->update({lastjob => time});
 
                        my $source = $prog ? read_file $prog->path : $_{source_code};
                        unlink $prog->path if $prog;
+                       my $private = (problem->private && !$_{contest}) ? 1 : 0;
                        my $newjob = db->jobs->create({
                                maybe contest => $_{contest},
-                               maybe private => problem->private,
+                               private => $private,
                                date => time,
                                extension => FORMAT_EXTENSION->{$_{prog_format}},
                                format => $_{prog_format},