X-Git-Url: http://git.ieval.ro/?p=plack-app-gruntmaster.git;a=blobdiff_plain;f=lib%2FPlack%2FApp%2FGruntmaster.pm;h=c9965d08a46894e02b5aa61cdbf89087c28d9000;hp=2b06c931ae56230e962a2a80df72ae5b086d4ec2;hb=6533844f1a2ec6b162b696c31a623a4dc8ee72bb;hpb=62f12c1f4fdbac52a49c5e50515282d02f38106e diff --git a/lib/Plack/App/Gruntmaster.pm b/lib/Plack/App/Gruntmaster.pm index 2b06c93..c9965d0 100644 --- a/lib/Plack/App/Gruntmaster.pm +++ b/lib/Plack/App/Gruntmaster.pm @@ -4,10 +4,8 @@ use 5.014000; use strict; our $VERSION = '5999.000_001'; -use CSS::Minifier::XS; use Encode qw/encode decode/; use File::Slurp qw/read_file/; -use JavaScript::Minifier::XS; use JSON::MaybeXS qw/encode_json/; use PerlX::Maybe; use Scope::Upper qw/unwind SUB UP/; @@ -36,6 +34,7 @@ use constant CONTENT_TYPES => +{ pas => 'text/x-pascal', pl => 'text/x-perl', py => 'text/x-python', + rb => 'application/x-ruby', l => 'text/plain', }; @@ -50,20 +49,18 @@ use constant FORMAT_EXTENSION => { PASCAL => 'pas', PERL => 'pl', PYTHON => 'py', + RUBY => 'rb', SBCL => 'l', }; -use constant NOT_FOUND => [404, ['Content-Type' => 'text/plain'], ['Not found']]; -use constant FORBIDDEN => [401, ['Content-Type' => 'text/plain', 'WWW-Authenticate' => 'Basic realm="Gruntmaster 6000"'], ['Forbidden']]; - -sub development() { ($ENV{PLACK_ENV} // 'development') eq 'development' } +use constant NOT_FOUND => [404, ['X-Forever' => 1, 'Content-Type' => 'text/plain'], ['Not found']]; my ($env, $privacy); sub db { $env->{'gruntmaster.dbic'} } sub remote_user { - my $user = $env->{'gruntmaster.user'}; + my $user = $env->{REMOTE_USER}; $user &&= db->user($user); $user } @@ -74,8 +71,8 @@ sub problem { db->problem ($_{problem}) } sub job { db->job ($_{job}) } sub user { db->user ($_{user}) } -sub redirect { [301, ['X-Forever' => 1, 'Location' => $_[0]], []] } -sub reply { [200, ['Content-Type' => 'text/plain'], \@_] } +sub redirect { [301, ['X-Forever' => 1, 'Cache-Control' => 'public, max-age=86400', 'Location' => $_[0]], []] } +sub reply { [200, ['Content-Type' => 'text/plain; charset=utf-8'], \@_] } sub response { my ($template, $title, $params, $maxage) = @_; unless ($params) { @@ -84,14 +81,14 @@ sub response { } $params->{time} = time; $params->{args} = {%_}; - bless {template => $template, title => $title, params => $params, maxage => ($maxage // 1)}, __PACKAGE__.'::Response' + bless {template => $template, title => $title, params => $params, maxage => ($maxage // 3600)}, __PACKAGE__.'::Response' } sub forbid { my ($condition) = @_; $privacy = 'private' if $condition; return if !$condition || admin; - unwind FORBIDDEN, SUB UP + unwind $env->{authcomplex}->unauthorized, SUB UP } sub dispatch_request{ @@ -99,21 +96,7 @@ sub dispatch_request{ $privacy = 'public'; sub (GET) { - sub (/css/:theme) { - my $theme = $_{theme}; - return NOT_FOUND unless -e "css/themes/$theme.css"; - my $css = read_file "css/themes/$theme.css"; - $css .= read_file $_ for ; - my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'text/css'); - [200, \@headers, [development ? $css : CSS::Minifier::XS::minify $css]] - }, - - sub (/js.js) { - my $js; - $js .= read_file $_ for ; - my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'application/javascript'); - [200, \@headers, [development ? $js : JavaScript::Minifier::XS::minify $js]] - }, + sub (/robots.txt) { NOT_FOUND }, sub (/src/:job) { return NOT_FOUND if !job; @@ -121,33 +104,22 @@ sub dispatch_request{ my $private = job->private || job->problem->private || job->contest && job->contest->is_running; forbid !$isowner && $private; my $privacy = $private ? 'private' : 'public'; - my @headers = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=604800", 'Content-Type' => CONTENT_TYPES->{job->format}); + my @headers = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=604800", 'Content-Type' => CONTENT_TYPES->{job->extension}); push @headers, (Vary => 'Authorization') if $private; [200, \@headers, [job->source]] }, - sub (?:contest=) { - return NOT_FOUND if !contest; - forbid contest->is_pending; - response_filter { return shift } - }, - - sub (?:problem=) { - return NOT_FOUND if !problem; - forbid problem->is_private; - response_filter { return shift } - }, - sub (?:format~) { my $format = lc ($_{format} // ''); response_filter { my ($r) = @_; return $r if ref $r ne 'Plack::App::Gruntmaster::Response'; - my @hdrs = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=$r->{maxage}"); - push @hdrs, Vary => 'Authorization' if $privacy eq 'private'; - return [200, ['Content-Type' => 'application/json', @hdrs], [encode_json $r->{params}]] if $format eq 'json'; - my $ret = render $r->{template}, 'en', title => $r->{title}, %{$r->{params}}; - [200, ['Content-Type' => 'text/html', @hdrs], [encode 'UTF-8', $ret]] + my $vary = 'X-Static'; + $vary .= ', Authorization' if $privacy eq 'private'; + my @hdrs = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=$r->{maxage}", Vary => $vary); + return [200, ['Content-Type' => 'application/json; charset=utf-8', @hdrs], [encode_json $r->{params}]] if $format eq 'json'; + my $ret = render $r->{template}, 'en', title => $r->{title}, %{$r->{params}}, maybe static => $env->{HTTP_X_STATIC} + 1; + [200, ['Content-Type' => 'text/html; charset=utf-8', @hdrs], [encode 'UTF-8', $ret]] }, }, @@ -162,93 +134,73 @@ sub dispatch_request{ }, sub (/ed/:contest) { - forbid contest->is_running; - response ed => 'Editorial of ' . contest->name, db->problem_list(contest => $_{contest}, solution => 1); + forbid !contest->is_finished; + my $pblist = db->problem_list(contest => $_{contest}, solution => 1); + response ed => 'Editorial of ' . contest->name, {%$pblist, editorial => contest->editorial}, contest->is_finished(time - 86400) ? 60 : (); }, sub (/login) { forbid !remote_user; - - my $return = $env->{HTTP_REFERER} // '/'; - [303, ['Set-Cookie' => "username=".remote_user->id, Location => $return], []] + [200, ['Content-Type' => 'text/plain; charset=UTF-8', 'Cache-Control' => 'private, max-age=300', Vary => 'Authorization'], [$env->{REMOTE_USER}]] }, sub (/ct/:contest/log/st) { redirect "/st/$_{contest}" }, sub (/us/) { response us => 'Users', {us => db->user_list} }, - sub (/ct/ + ?:owner~) { response ct => 'Contests', db->contest_list(%_) }, - sub (/log/ + ?:contest~&:owner~&:page~&:problem~&:private~) { + sub (/ct/ + ?:owner~) { response ct => 'Contests', db->contest_list(%_), 300 }, + sub (/log/ + ?:contest~&:owner~&:page~&:problem~&:private~&:result~) { forbid $_{private}; - response log => 'Job list', {%{db->job_list(%_)}, maybe contest => $_{contest},} + response log => 'Job list', db->job_list(%_), 5 }, sub (/pb/ + ?:owner~&:contest~&:private~) { forbid $_{private}; - response pb => 'Problems', {%{db->problem_list(%_)}, maybe contest => $_{contest}} + forbid contest && contest->is_pending; + response pb => 'Problems', db->problem_list(%_) }, sub (/us/:user) { response us_entry => user->name, db->user_entry($_{user}) }, - sub (/ct/:contest) { response ct_entry => contest->name, db->contest_entry($_{contest}) }, + sub (/ct/:contest) { response ct_entry => contest->name, db->contest_entry($_{contest}), 60 }, sub (/log/:job) { forbid job->private; - response log_entry => "Job $_{job}", db->job_entry($_{job}) + response log_entry => "Job $_{job}", db->job_entry($_{job}), 10 }, sub (/pb/:problem + ?contest~) { my (undef, undef, $contest) = @_; $_{contest} = $contest; - return NOT_FOUND if !contest && !problem->is_in_archive || contest && !db->contest_problems->find($_{contest}, $_{problem}); - forbid problem->is_private; - if (contest && contest->is_running) { + return NOT_FOUND if contest && !db->contest_problems->find($_{contest}, $_{problem}); + forbid problem->private && !contest; + if (contest) { + return redirect "/pb/$_{problem}" unless contest->is_running; forbid !remote_user; $privacy = 'private'; } - response pb_entry => problem->name, {%{db->problem_entry($_{problem}, $_{contest}, remote_user && remote_user->id)}, maybe contest => $_{contest}}; + response pb_entry => problem->name, db->problem_entry($_{problem}, $_{contest}, remote_user && remote_user->id), $_{contest} ? 10 : (); }, sub (/sol/:problem) { - forbid !problem->is_in_archive; + forbid problem->private; response sol => 'Solution of ' . problem->name, {solution => db->problem($_{problem})->solution}; }, sub (/) { redispatch_to '/index' }, sub (/favicon.ico) { redirect '/static/favicon.ico' }, - sub (/:article) { [200, ['Content-Type' => 'text/html', 'Cache-Control' => 'public, max-age=60', 'X-Forever' => 1], [render_article $_{article}, 'en']] } + sub (/:article) { [200, ['Content-Type' => 'text/html; charset=utf-8', 'Cache-Control' => 'public, max-age=3600', 'X-Forever' => 1, Vary => 'X-Static'], [render_article $_{article}, 'en', maybe static => $env->{HTTP_X_STATIC}]] } }, sub (POST) { - sub (/action/register + %:username=&:password=&:confirm_password=&:name=&:email=&:phone=&:town=&:university=&:country=&:level=) { - return reply 'Parameter too long' if grep { length > 200 } values %_; - return reply 'Bad username. Allowed characters are letters, digits and underscores, and the username must be between 2 and 20 characters long.' unless $_{username} =~ USER_REGEX; - return reply 'Username already in use' if db->user($_{username}); - return reply 'The two passwords do not match' unless $_{password} eq $_{confirm_password}; - - db->users->create({id => $_{username}, name => $_{name}, email => $_{email}, phone => $_{phone}, town => $_{town}, university => $_{university}, country => $_{country}, level => $_{level}}); - db->user($_{username})->set_passphrase($_{password}); - - purge '/us/'; - reply 'Registered successfully'; - }, - - sub (/action/passwd + %:password=&:new_password=&:confirm_new_password=) { - forbid !remote_user; - return reply 'Incorrect password' unless remote_user->check_passphrase($_{password}); - return reply 'The two passwords do not match' unless $_{new_password} eq $_{confirm_new_password}; - remote_user->set_passphrase($_{new_password}); - reply 'Password changed successfully'; - }, - sub (/action/submit + %:problem=&:contest~&:prog_format=&:source_code~ + *prog~) { my (undef, undef, $prog) = @_; forbid !remote_user; + my $private = (problem->private && !contest) ? 1 : 0; return reply 'This contest has finished' if contest && contest->is_finished; - return reply 'This contest has not yet started' if !admin && contest && contest->is_pending; - return reply 'This problem does not belong to this contest' if !contest && !problem->is_in_archive || contest && !db->contest_problems->find($_{contest}, $_{problem}); + return reply 'This contest has not yet started' if contest && contest->is_pending; + return reply 'This problem is private' if !admin && $private; + return reply 'This problem does not belong to this contest' if contest && !db->contest_problems->find($_{contest}, $_{problem}); return reply 'Maximum source size is 10KB' if ($prog ? $prog->size : length $_{source_code}) > 10 * 1024; return reply 'You must wait 30 seconds between jobs' if !admin && time <= remote_user->lastjob + 30; remote_user->update({lastjob => time}); my $source = $prog ? read_file $prog->path : $_{source_code}; unlink $prog->path if $prog; - my $private = (problem->private && !$_{contest}) ? 1 : 0; - $private = 1 if contest && contest->is_pending; my $newjob = db->jobs->create({ maybe contest => $_{contest}, private => $private, @@ -260,52 +212,8 @@ sub dispatch_request{ owner => remote_user->id, }); - purge '/log/'; [303, [Location => '/log/' . $newjob->id], []] }, - - sub (/action/request-reset + %:username=) { - return reply 'Password resets are disabled' unless $ENV{GRUNTMASTER_RESET_FROM}; - my $user = db->user($_{username}); - return reply 'No such user' unless $user; - my $token = join ':', $user->make_reset_hmac; - my $body = < -Reset token: $token -EOF - my $email = Email::Simple->create( - header => [ - From => $ENV{GRUNTMASTER_RESET_FROM}, - To => $user->email, - Subject => 'Password reset token', - ], - body => $body, - ); - - my $ok = 0; - eval { - sendmail $email; - $ok = 1; - }; - return reply 'Email sent' if $ok; - reply "Failure sending email: $@"; - }, - - sub (/action/reset + %:username=&:password=&:token=) { - my $user = db->user($_{username}); - return reply 'No such user' unless $user; - my ($token, $exp) = split ':', $_{token}; - return reply 'Reset token is expired' if time >= $exp; - return reply 'Bad reset token' unless $user->make_reset_hmac($exp) eq $token; - $user->set_passphrase($_{password}); - reply 'Password reset successfully'; - }, } }