Always allow users to view their own sources

[plack-app-gruntmaster.git] / lib / Plack / App / Gruntmaster.pm

diff --git a/lib/Plack/App/Gruntmaster.pm b/lib/Plack/App/Gruntmaster.pm
index 7f9c21f4803c61f6bf46adf9bd3363065e5d1c33..77a8828aab25fc687a9876ee9169cd5a68612ed5 100644 (file)
--- a/lib/Plack/App/Gruntmaster.pm
+++ b/lib/Plack/App/Gruntmaster.pm
@@ -113,7 +113,8 @@ sub dispatch_request{
 
                sub (/src/:job) {
                        return NOT_FOUND if !job;
-                       forbid job->private || job->problem->private || job->contest && job->contest->is_running;
+                       my $isowner = remote_user && remote_user->id eq job->rawowner;
+                       forbid !$isowner && (job->private || job->problem->private || job->contest && job->contest->is_running);
                        my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => CONTENT_TYPES->{job->format});
                        [200, \@headers, [job->source]]
                },
@@ -152,6 +153,11 @@ sub dispatch_request{
                        }, 10
                },
 
+               sub (/ed/:contest) {
+                       forbid contest->is_running;
+                       response ed => 'Editorial of ' . contest->name, db->problem_list(contest => $_{contest}, solution => 1);
+               },
+
                sub (/login) {
                        forbid !remote_user;
 
@@ -195,17 +201,18 @@ sub dispatch_request{
                },
 
                sub (/) { redispatch_to '/index' },
+               sub (/favicon.ico) { redirect '/static/favicon.ico' },
                sub (/:article) { [200, ['Content-Type' => 'text/html', 'Cache-Control' => 'public, max-age=60', 'X-Forever' => 1], [render_article $_{article}, 'en']] }
        },
 
        sub (POST) {
-               sub (/action/register + %:username=&:password=&:confirm_password=&:name=&:email=&:phone=&:town=&:university=&:level=) {
+               sub (/action/register + %:username=&:password=&:confirm_password=&:name=&:email=&:phone=&:town=&:university=&:country=&:level=) {
                        return reply 'Parameter too long' if grep { length > 200 } values %_;
                        return reply 'Bad username. Allowed characters are letters, digits and underscores, and the username must be between 2 and 20 characters long.' unless $_{username} =~ USER_REGEX;
                        return reply 'Username already in use' if db->user($_{username});
                        return reply 'The two passwords do not match' unless $_{password} eq $_{confirm_password};
 
-                       db->users->create({id => $_{username}, name => $_{name}, email => $_{email}, phone => $_{phone}, town => $_{town}, university => $_{university}, level => $_{level}});
+                       db->users->create({id => $_{username}, name => $_{name}, email => $_{email}, phone => $_{phone}, town => $_{town}, university => $_{university}, country => $_{country}, level => $_{level}});
                        db->user($_{username})->set_passphrase($_{password});
 
                        purge '/us/';