[plack-app-gruntmaster.git] / lib / Plack / App / Gruntmaster.pm

package Plack::App::Gruntmaster;

use 5.014000;
use strict;
our $VERSION = '5999.000_001';

use CSS::Minifier::XS;
use Encode qw/encode decode/;
use File::Slurp qw/read_file/;
use JavaScript::Minifier::XS;
use JSON::MaybeXS qw/encode_json/;
use PerlX::Maybe;
use Scope::Upper qw/unwind SUB UP/;
use Web::Simple;

use Gruntmaster::Data;
use Plack::App::Gruntmaster::HTML;

use Email::Sender::Simple qw/sendmail/;
use Email::Simple;

use warnings NONFATAL => 'all';
no warnings 'illegalproto';

##################################################

use constant USER_REGEX => qr/^\w{2,20}$/a;

use constant CONTENT_TYPES => +{
	c => 'text/x-csrc',
	cpp => 'text/x-c++src',
	cs => 'text/x-csharp', # Used by GNOME. Not in mime.types.
	go => 'text/plain', # ?
	hs => 'text/x-haskell',
	java => 'text/x-java',
	pas => 'text/x-pascal',
	pl => 'text/x-perl',
	py => 'text/x-python',
	l => 'text/plain',
};

use constant FORMAT_EXTENSION => {
	C => 'c',
	CPP => 'cpp',
	GCCGO => 'go',
	GOLANG => 'go',
	HASKELL => 'hs',
	MONO => 'cs',
	JAVA => 'java',
	PASCAL => 'pas',
	PERL => 'pl',
	PYTHON => 'py',
	SBCL => 'l',
};

use constant NOT_FOUND => [404, ['X-Forever' => 1, 'Content-Type' => 'text/plain'], ['Not found']];
use constant FORBIDDEN => [401, ['Content-Type' => 'text/plain', 'WWW-Authenticate' => 'Basic realm="Gruntmaster 6000"'], ['Forbidden']];

sub development() { ($ENV{PLACK_ENV} // 'development') eq 'development' }

my ($env, $privacy);

sub db { $env->{'gruntmaster.dbic'} }

sub remote_user {
	my $user = $env->{'gruntmaster.user'};
	$user &&= db->user($user);
	$user
}

sub admin   { remote_user && remote_user->admin }
sub contest { db->contest ($_{contest}) }
sub problem { db->problem ($_{problem}) }
sub job     { db->job     ($_{job})     }
sub user    { db->user    ($_{user})    }

sub redirect { [301, ['X-Forever' => 1, 'Location' => $_[0]], []] }
sub reply    { [200, ['Content-Type' => 'text/plain'], \@_] }
sub response {
	my ($template, $title, $params, $maxage) = @_;
	unless ($params) {
		$params = $title;
		$title = 'No title';
	}
	$params->{time} = time;
	$params->{args} = {%_};
	bless {template => $template, title => $title, params => $params, maxage => ($maxage // 1)}, __PACKAGE__.'::Response'
}

sub forbid {
	my ($condition) = @_;
	$privacy = 'private' if $condition;
	return if !$condition || admin;
	unwind FORBIDDEN, SUB UP
}

sub dispatch_request{
	$env = $_[PSGI_ENV];
	$privacy = 'public';

	sub (GET) {
		sub (/css/:theme) {
			my $theme = $_{theme};
			return NOT_FOUND unless -e "css/themes/$theme.css";
			my $css = read_file "css/themes/$theme.css";
			$css .= read_file $_ for <css/*.css>;
			my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'text/css');
			[200, \@headers, [development ? $css : CSS::Minifier::XS::minify $css]]
		},

		sub (/js.js) {
			my $js;
			$js .= read_file $_ for <js/*.js>;
			my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'application/javascript');
			[200, \@headers, [development ? $js : JavaScript::Minifier::XS::minify $js]]
		},

		sub (/robots.txt) { NOT_FOUND },
		sub (/favicon.ico) { NOT_FOUND },

		sub (/src/:job) {
			return NOT_FOUND if !job;
			my $isowner = remote_user && remote_user->id eq job->rawowner;
			my $private = job->private || job->problem->private || job->contest && job->contest->is_running;
			forbid !$isowner && $private;
			my $privacy = $private ? 'private' : 'public';
			my @headers = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=604800", 'Content-Type' => CONTENT_TYPES->{job->format});
			push @headers, (Vary => 'Authorization') if $private;
			[200, \@headers, [job->source]]
		},

		sub (?:contest=) {
			return NOT_FOUND if !contest;
			forbid contest->is_pending;
			response_filter { return shift }
		},

		sub (?:problem=) {
			return NOT_FOUND if !problem;
			forbid problem->is_private;
			response_filter { return shift }
		},

		sub (?:format~) {
			my $format = lc ($_{format} // '');
			response_filter {
				my ($r) = @_;
				return $r if ref $r ne 'Plack::App::Gruntmaster::Response';
				my @hdrs = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=$r->{maxage}");
				push @hdrs, Vary => 'Authorization' if $privacy eq 'private';
				return [200, ['Content-Type' => 'application/json', @hdrs], [encode_json $r->{params}]] if $format eq 'json';
				my $ret = render $r->{template}, 'en', title => $r->{title}, %{$r->{params}};
				[200, ['Content-Type' => 'text/html', @hdrs], [encode 'UTF-8', $ret]]
			},
		},

		sub (/st/:contest) {
			response st => 'Standings', {
				st => [ contest->standings ],
				problems => [
					map { [$_->id, $_->name] }
					sort { $a->value <=> $b->value }
					map { $_->problem } contest->contest_problems],
			}, 10
		},

		sub (/ed/:contest) {
			forbid contest->is_running;
			response ed => 'Editorial of ' . contest->name, db->problem_list(contest => $_{contest}, solution => 1);
		},

		sub (/login) {
			forbid !remote_user;

			my $return = $env->{HTTP_REFERER} // '/';
			[303, ['Set-Cookie' => "username=".remote_user->id, Location => $return], []]
		},

		sub (/ct/:contest/log/st) { redirect "/st/$_{contest}" },

		sub (/us/)                                        { response us => 'Users', {us => db->user_list} },
		sub (/ct/  + ?:owner~)                            { response ct => 'Contests', db->contest_list(%_) },
		sub (/log/ + ?:contest~&:owner~&:page~&:problem~&:private~) {
			forbid $_{private};
			response log => 'Job list', {%{db->job_list(%_)}, maybe contest => $_{contest},}
		},
		sub (/pb/  + ?:owner~&:contest~&:private~)                  {
			forbid $_{private};
			response pb => 'Problems', {%{db->problem_list(%_)}, maybe contest => $_{contest}}
		},

		sub (/us/:user)    { response us_entry => user->name, db->user_entry($_{user}) },
		sub (/ct/:contest) { response ct_entry => contest->name, db->contest_entry($_{contest}) },
		sub (/log/:job)    {
			forbid job->private;
			response log_entry => "Job  $_{job}", db->job_entry($_{job})
		},
		sub (/pb/:problem + ?contest~) {
			my (undef, undef, $contest) = @_;
			$_{contest} = $contest;
			return NOT_FOUND if !contest && !problem->is_in_archive || contest && !db->contest_problems->find($_{contest}, $_{problem});
			forbid problem->is_private;
			if (contest && contest->is_running) {
				forbid !remote_user;
				$privacy = 'private';
			}
			response pb_entry => problem->name, {%{db->problem_entry($_{problem}, $_{contest}, remote_user && remote_user->id)}, maybe contest => $_{contest}};
		},
		sub (/sol/:problem) {
			forbid !problem->is_in_archive;
			response sol => 'Solution of ' . problem->name, {solution => db->problem($_{problem})->solution};
		},

		sub (/) { redispatch_to '/index' },
		sub (/favicon.ico) { redirect '/static/favicon.ico' },
		sub (/:article) { [200, ['Content-Type' => 'text/html', 'Cache-Control' => 'public, max-age=60', 'X-Forever' => 1], [render_article $_{article}, 'en']] }
	},

	sub (POST) {
		sub (/action/register + %:username=&:password=&:confirm_password=&:name=&:email=&:phone=&:town=&:university=&:country=&:level=) {
			return reply 'Parameter too long' if grep { length > 200 } values %_;
			return reply 'Bad username. Allowed characters are letters, digits and underscores, and the username must be between 2 and 20 characters long.' unless $_{username} =~ USER_REGEX;
			return reply 'Username already in use' if db->user($_{username});
			return reply 'The two passwords do not match' unless $_{password} eq $_{confirm_password};

			db->users->create({id => $_{username}, name => $_{name}, email => $_{email}, phone => $_{phone}, town => $_{town}, university => $_{university}, country => $_{country}, level => $_{level}});
			db->user($_{username})->set_passphrase($_{password});

			purge '/us/';
			reply 'Registered successfully';
		},

		sub (/action/passwd + %:password=&:new_password=&:confirm_new_password=) {
			forbid !remote_user;
			return reply 'Incorrect password' unless remote_user->check_passphrase($_{password});
			return reply 'The two passwords do not match' unless $_{new_password} eq $_{confirm_new_password};
			remote_user->set_passphrase($_{new_password});
			reply 'Password changed successfully';
		},

		sub (/action/submit + %:problem=&:contest~&:prog_format=&:source_code~ + *prog~) {
			my (undef, undef, $prog) = @_;
			forbid !remote_user;
			return reply 'This contest has finished' if contest && contest->is_finished;
			return reply 'This contest has not yet started' if !admin && contest && contest->is_pending;
			return reply 'This problem does not belong to this contest' if !contest && !problem->is_in_archive || contest && !db->contest_problems->find($_{contest}, $_{problem});
			return reply 'Maximum source size is 10KB' if ($prog ? $prog->size : length $_{source_code}) > 10 * 1024;
			return reply 'You must wait 30 seconds between jobs' if !admin && time <= remote_user->lastjob + 30;
			remote_user->update({lastjob => time});

			my $source = $prog ? read_file $prog->path : $_{source_code};
			unlink $prog->path if $prog;
			my $private = (problem->private && !$_{contest}) ? 1 : 0;
			$private = 1 if contest && contest->is_pending;
			my $newjob = db->jobs->create({
				maybe contest => $_{contest},
				private => $private,
				date => time,
				extension => FORMAT_EXTENSION->{$_{prog_format}},
				format => $_{prog_format},
				problem => $_{problem},
				source => $source,
				owner => remote_user->id,
			});

			purge '/log/';
			[303, [Location => '/log/' . $newjob->id], []]
		},

		sub (/action/request-reset + %:username=) {
			return reply 'Password resets are disabled' unless $ENV{GRUNTMASTER_RESET_FROM};
			my $user = db->user($_{username});
			return reply 'No such user' unless $user;
			my $token = join ':', $user->make_reset_hmac;
			my $body = <<EOF;
Someone has requested a password reset for your account.

To reset your password, please submit the reset password form on the
website using the following information:

Username: $_{username}
Password: <your new password>
Reset token: $token

The token is valid for 24 hours.
EOF
			my $email = Email::Simple->create(
				header => [
					From    => $ENV{GRUNTMASTER_RESET_FROM},
					To      => $user->email,
					Subject => 'Password reset token',
				],
				body => $body,
			);

			my $ok = 0;
			eval {
				sendmail $email;
				$ok = 1;
			};
			return reply 'Email sent' if $ok;
			reply "Failure sending email: $@";
		},

		sub (/action/reset + %:username=&:password=&:token=) {
			my $user = db->user($_{username});
			return reply 'No such user' unless $user;
			my ($token, $exp) = split ':', $_{token};
			return reply 'Reset token is expired' if time >= $exp;
			return reply 'Bad reset token' unless $user->make_reset_hmac($exp) eq $token;
			$user->set_passphrase($_{password});
			reply 'Password reset successfully';
		},
	}
}


1;
__END__
Commit	Line	Data
7dc32473 MG	1	package Plack::App::Gruntmaster;
	2
	3	use 5.014000;
	4	use strict;
7dc32473 MG	5	our $VERSION = '5999.000_001';
7dc32473 MG	6
e03e380b	7	use CSS::Minifier::XS;
3b69df7a	8	use Encode qw/encode decode/;
f34254b8	9	use File::Slurp qw/read_file/;
e03e380b	10	use JavaScript::Minifier::XS;
3b69df7a	11	use JSON::MaybeXS qw/encode_json/;
594d53ba MG	12	use PerlX::Maybe;
594d53ba MG	13	use Scope::Upper qw/unwind SUB UP/;
3b69df7a	14	use Web::Simple;
594d53ba MG	15
594d53ba MG	16	use Gruntmaster::Data;
3b69df7a MG	17	use Plack::App::Gruntmaster::HTML;
3b69df7a MG	18
3c434a02 MG	19	use Email::Sender::Simple qw/sendmail/;
	20	use Email::Simple;
	21
3b69df7a MG	22	use warnings NONFATAL => 'all';
3b69df7a MG	23	no warnings 'illegalproto';
f34254b8	24
594d53ba MG	25	##################################################
594d53ba MG	26
594d53ba MG	27	use constant USER_REGEX => qr/^\w{2,20}$/a;
594d53ba MG	28
e03e380b MG	29	use constant CONTENT_TYPES => +{
	30	c => 'text/x-csrc',
	31	cpp => 'text/x-c++src',
	32	cs => 'text/x-csharp', # Used by GNOME. Not in mime.types.
a5e355d6 MG	33	go => 'text/plain', # ?
a5e355d6 MG	34	hs => 'text/x-haskell',
e03e380b MG	35	java => 'text/x-java',
	36	pas => 'text/x-pascal',
	37	pl => 'text/x-perl',
	38	py => 'text/x-python',
76454bde	39	l => 'text/plain',
e03e380b	40	};
594d53ba MG	41
	42	use constant FORMAT_EXTENSION => {
	43	C => 'c',
	44	CPP => 'cpp',
a5e355d6 MG	45	GCCGO => 'go',
	46	GOLANG => 'go',
	47	HASKELL => 'hs',
594d53ba MG	48	MONO => 'cs',
	49	JAVA => 'java',
	50	PASCAL => 'pas',
	51	PERL => 'pl',
	52	PYTHON => 'py',
e6d1bcd4	53	SBCL => 'l',
594d53ba MG	54	};
594d53ba MG	55
3ef32174	56	use constant NOT_FOUND => [404, ['X-Forever' => 1, 'Content-Type' => 'text/plain'], ['Not found']];
3b69df7a	57	use constant FORBIDDEN => [401, ['Content-Type' => 'text/plain', 'WWW-Authenticate' => 'Basic realm="Gruntmaster 6000"'], ['Forbidden']];
594d53ba	58
1bb102ef MG	59	sub development() { ($ENV{PLACK_ENV} // 'development') eq 'development' }
1bb102ef MG	60
c039d63e	61	my ($env, $privacy);
594d53ba MG	62
	63	sub db { $env->{'gruntmaster.dbic'} }
	64
	65	sub remote_user {
	66	my $user = $env->{'gruntmaster.user'};
	67	$user &&= db->user($user);
	68	$user
	69	}
	70
3b69df7a	71	sub admin { remote_user && remote_user->admin }
594d53ba MG	72	sub contest { db->contest ($_{contest}) }
	73	sub problem { db->problem ($_{problem}) }
	74	sub job { db->job ($_{job}) }
	75	sub user { db->user ($_{user}) }
	76
	77	sub redirect { [301, ['X-Forever' => 1, 'Location' => $_[0]], []] }
	78	sub reply { [200, ['Content-Type' => 'text/plain'], \@_] }
	79	sub response {
c039d63e	80	my ($template, $title, $params, $maxage) = @_;
594d53ba MG	81	unless ($params) {
	82	$params = $title;
	83	$title = 'No title';
	84	}
9a4806b3	85	$params->{time} = time;
39e2d01a	86	$params->{args} = {%_};
c039d63e	87	bless {template => $template, title => $title, params => $params, maxage => ($maxage // 1)}, __PACKAGE__.'::Response'
594d53ba	88	}
3b69df7a	89
c039d63e MG	90	sub forbid {
	91	my ($condition) = @_;
	92	$privacy = 'private' if $condition;
	93	return if !$condition \|\| admin;
594d53ba MG	94	unwind FORBIDDEN, SUB UP
594d53ba MG	95	}
31d70015	96
594d53ba MG	97	sub dispatch_request{
594d53ba MG	98	$env = $_[PSGI_ENV];
c039d63e MG	99	$privacy = 'public';
c039d63e MG	100
594d53ba MG	101	sub (GET) {
	102	sub (/css/:theme) {
	103	my $theme = $_{theme};
	104	return NOT_FOUND unless -e "css/themes/$theme.css";
	105	my $css = read_file "css/themes/$theme.css";
	106	$css .= read_file $_ for <css/*.css>;
	107	my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'text/css');
1bb102ef	108	[200, \@headers, [development ? $css : CSS::Minifier::XS::minify $css]]
594d53ba MG	109	},
	110
	111	sub (/js.js) {
	112	my $js;
	113	$js .= read_file $_ for <js/*.js>;
	114	my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'application/javascript');
1bb102ef	115	[200, \@headers, [development ? $js : JavaScript::Minifier::XS::minify $js]]
594d53ba MG	116	},
594d53ba MG	117
3ef32174 MG	118	sub (/robots.txt) { NOT_FOUND },
	119	sub (/favicon.ico) { NOT_FOUND },
	120
594d53ba MG	121	sub (/src/:job) {
594d53ba MG	122	return NOT_FOUND if !job;
c22928ed	123	my $isowner = remote_user && remote_user->id eq job->rawowner;
e547b147 MG	124	my $private = job->private \|\| job->problem->private \|\| job->contest && job->contest->is_running;
	125	forbid !$isowner && $private;
	126	my $privacy = $private ? 'private' : 'public';
	127	my @headers = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=604800", 'Content-Type' => CONTENT_TYPES->{job->format});
	128	push @headers, (Vary => 'Authorization') if $private;
594d53ba MG	129	[200, \@headers, [job->source]]
	130	},
	131
	132	sub (?:contest=) {
	133	return NOT_FOUND if !contest;
	134	forbid contest->is_pending;
	135	response_filter { return shift }
	136	},
	137
	138	sub (?:problem=) {
	139	return NOT_FOUND if !problem;
	140	forbid problem->is_private;
	141	response_filter { return shift }
	142	},
	143
d3892d73	144	sub (?:format~) {
feaa8f5a	145	my $format = lc ($_{format} // '');
594d53ba MG	146	response_filter {
	147	my ($r) = @_;
	148	return $r if ref $r ne 'Plack::App::Gruntmaster::Response';
c039d63e	149	my @hdrs = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=$r->{maxage}");
be6551aa	150	push @hdrs, Vary => 'Authorization' if $privacy eq 'private';
c039d63e	151	return [200, ['Content-Type' => 'application/json', @hdrs], [encode_json $r->{params}]] if $format eq 'json';
3b69df7a	152	my $ret = render $r->{template}, 'en', title => $r->{title}, %{$r->{params}};
c039d63e	153	[200, ['Content-Type' => 'text/html', @hdrs], [encode 'UTF-8', $ret]]
594d53ba MG	154	},
	155	},
	156
594d53ba MG	157	sub (/st/:contest) {
594d53ba MG	158	response st => 'Standings', {
7468a6a7	159	st => [ contest->standings ],
ebca729d MG	160	problems => [
	161	map { [$_->id, $_->name] }
	162	sort { $a->value <=> $b->value }
	163	map { $_->problem } contest->contest_problems],
c039d63e	164	}, 10
594d53ba MG	165	},
594d53ba MG	166
645cfb7d MG	167	sub (/ed/:contest) {
	168	forbid contest->is_running;
	169	response ed => 'Editorial of ' . contest->name, db->problem_list(contest => $_{contest}, solution => 1);
	170	},
	171
462db4aa MG	172	sub (/login) {
	173	forbid !remote_user;
	174
4f3b70b7 MG	175	my $return = $env->{HTTP_REFERER} // '/';
4f3b70b7 MG	176	[303, ['Set-Cookie' => "username=".remote_user->id, Location => $return], []]
462db4aa MG	177	},
462db4aa MG	178
594d53ba MG	179	sub (/ct/:contest/log/st) { redirect "/st/$_{contest}" },
	180
	181	sub (/us/) { response us => 'Users', {us => db->user_list} },
	182	sub (/ct/ + ?:owner~) { response ct => 'Contests', db->contest_list(%_) },
b8a0fa71 MG	183	sub (/log/ + ?:contest~&:owner~&:page~&:problem~&:private~) {
b8a0fa71 MG	184	forbid $_{private};
39e2d01a	185	response log => 'Job list', {%{db->job_list(%_)}, maybe contest => $_{contest},}
b8a0fa71	186	},
87ffd88b	187	sub (/pb/ + ?:owner~&:contest~&:private~) {
b8a0fa71 MG	188	forbid $_{private};
	189	response pb => 'Problems', {%{db->problem_list(%_)}, maybe contest => $_{contest}}
	190	},
594d53ba MG	191
	192	sub (/us/:user) { response us_entry => user->name, db->user_entry($_{user}) },
	193	sub (/ct/:contest) { response ct_entry => contest->name, db->contest_entry($_{contest}) },
28e89d6c MG	194	sub (/log/:job) {
	195	forbid job->private;
	196	response log_entry => "Job $_{job}", db->job_entry($_{job})
	197	},
84ca7535 MG	198	sub (/pb/:problem + ?contest~) {
	199	my (undef, undef, $contest) = @_;
	200	$_{contest} = $contest;
594d53ba MG	201	return NOT_FOUND if !contest && !problem->is_in_archive \|\| contest && !db->contest_problems->find($_{contest}, $_{problem});
594d53ba MG	202	forbid problem->is_private;
5b76a57d MG	203	if (contest && contest->is_running) {
	204	forbid !remote_user;
	205	$privacy = 'private';
	206	}
33ea2780	207	response pb_entry => problem->name, {%{db->problem_entry($_{problem}, $_{contest}, remote_user && remote_user->id)}, maybe contest => $_{contest}};
594d53ba	208	},
e4d5bdf5 MG	209	sub (/sol/:problem) {
	210	forbid !problem->is_in_archive;
	211	response sol => 'Solution of ' . problem->name, {solution => db->problem($_{problem})->solution};
	212	},
594d53ba MG	213
594d53ba MG	214	sub (/) { redispatch_to '/index' },
cb0122d7	215	sub (/favicon.ico) { redirect '/static/favicon.ico' },
c039d63e	216	sub (/:article) { [200, ['Content-Type' => 'text/html', 'Cache-Control' => 'public, max-age=60', 'X-Forever' => 1], [render_article $_{article}, 'en']] }
594d53ba MG	217	},
	218
	219	sub (POST) {
ca0c7ea2	220	sub (/action/register + %:username=&:password=&:confirm_password=&:name=&:email=&:phone=&:town=&:university=&:country=&:level=) {
594d53ba MG	221	return reply 'Parameter too long' if grep { length > 200 } values %_;
	222	return reply 'Bad username. Allowed characters are letters, digits and underscores, and the username must be between 2 and 20 characters long.' unless $_{username} =~ USER_REGEX;
	223	return reply 'Username already in use' if db->user($_{username});
	224	return reply 'The two passwords do not match' unless $_{password} eq $_{confirm_password};
	225
ca0c7ea2	226	db->users->create({id => $_{username}, name => $_{name}, email => $_{email}, phone => $_{phone}, town => $_{town}, university => $_{university}, country => $_{country}, level => $_{level}});
594d53ba MG	227	db->user($_{username})->set_passphrase($_{password});
594d53ba MG	228
c039d63e	229	purge '/us/';
594d53ba MG	230	reply 'Registered successfully';
	231	},
	232
	233	sub (/action/passwd + %:password=&:new_password=&:confirm_new_password=) {
	234	forbid !remote_user;
	235	return reply 'Incorrect password' unless remote_user->check_passphrase($_{password});
	236	return reply 'The two passwords do not match' unless $_{new_password} eq $_{confirm_new_password};
	237	remote_user->set_passphrase($_{new_password});
	238	reply 'Password changed successfully';
	239	},
	240
08794667 MG	241	sub (/action/submit + %:problem=&:contest~&:prog_format=&:source_code~ + *prog~) {
08794667 MG	242	my (undef, undef, $prog) = @_;
594d53ba	243	forbid !remote_user;
3b69df7a MG	244	return reply 'This contest has finished' if contest && contest->is_finished;
3b69df7a MG	245	return reply 'This contest has not yet started' if !admin && contest && contest->is_pending;
31f5eb01	246	return reply 'This problem does not belong to this contest' if !contest && !problem->is_in_archive \|\| contest && !db->contest_problems->find($_{contest}, $_{problem});
08794667	247	return reply 'Maximum source size is 10KB' if ($prog ? $prog->size : length $_{source_code}) > 10 * 1024;
594d53ba MG	248	return reply 'You must wait 30 seconds between jobs' if !admin && time <= remote_user->lastjob + 30;
	249	remote_user->update({lastjob => time});
	250
08794667 MG	251	my $source = $prog ? read_file $prog->path : $_{source_code};
08794667 MG	252	unlink $prog->path if $prog;
cb6adaff	253	my $private = (problem->private && !$_{contest}) ? 1 : 0;
b2597e87	254	$private = 1 if contest && contest->is_pending;
31dc8096	255	my $newjob = db->jobs->create({
594d53ba	256	maybe contest => $_{contest},
cb6adaff	257	private => $private,
594d53ba MG	258	date => time,
	259	extension => FORMAT_EXTENSION->{$_{prog_format}},
	260	format => $_{prog_format},
	261	problem => $_{problem},
08794667	262	source => $source,
594d53ba MG	263	owner => remote_user->id,
	264	});
	265
c039d63e	266	purge '/log/';
31dc8096	267	[303, [Location => '/log/' . $newjob->id], []]
3c434a02 MG	268	},
	269
	270	sub (/action/request-reset + %:username=) {
	271	return reply 'Password resets are disabled' unless $ENV{GRUNTMASTER_RESET_FROM};
	272	my $user = db->user($_{username});
	273	return reply 'No such user' unless $user;
	274	my $token = join ':', $user->make_reset_hmac;
	275	my $body = <<EOF;
	276	Someone has requested a password reset for your account.
	277
	278	To reset your password, please submit the reset password form on the
	279	website using the following information:
	280
	281	Username: $_{username}
	282	Password: <your new password>
	283	Reset token: $token
410e4ed9 MG	284
410e4ed9 MG	285	The token is valid for 24 hours.
3c434a02 MG	286	EOF
	287	my $email = Email::Simple->create(
	288	header => [
	289	From => $ENV{GRUNTMASTER_RESET_FROM},
	290	To => $user->email,
	291	Subject => 'Password reset token',
	292	],
	293	body => $body,
	294	);
	295
	296	my $ok = 0;
	297	eval {
	298	sendmail $email;
	299	$ok = 1;
	300	};
	301	return reply 'Email sent' if $ok;
	302	reply "Failure sending email: $@";
	303	},
	304
	305	sub (/action/reset + %:username=&:password=&:token=) {
	306	my $user = db->user($_{username});
	307	return reply 'No such user' unless $user;
	308	my ($token, $exp) = split ':', $_{token};
62f12c1f	309	return reply 'Reset token is expired' if time >= $exp;
3c434a02 MG	310	return reply 'Bad reset token' unless $user->make_reset_hmac($exp) eq $token;
	311	$user->set_passphrase($_{password});
	312	reply 'Password reset successfully';
	313	},
594d53ba	314	}
7dc32473 MG	315	}
7dc32473 MG	316
594d53ba	317
7dc32473 MG	318	1;
7dc32473 MG	319	__END__