From a57544db1d096a566fa3da09cf29fdca523b50b7 Mon Sep 17 00:00:00 2001 From: virusdefender <1670873886@qq.com> Date: Tue, 22 Sep 2015 16:17:53 +0800 Subject: [PATCH 1/7] =?UTF-8?q?=E5=8F=AA=E6=9C=89=E7=AE=A1=E7=90=86?= =?UTF-8?q?=E5=91=98=E6=89=8D=E8=83=BD=E6=9F=A5=E7=9C=8B=E6=89=80=E6=9C=89?= =?UTF-8?q?=E4=BA=BA=E7=9A=84=E6=8F=90=E4=BA=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- submission/views.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submission/views.py b/submission/views.py index c0487e51..05dbd1ed 100644 --- a/submission/views.py +++ b/submission/views.py @@ -162,7 +162,7 @@ def my_submission_list_page(request, page=1): 我的所有提交的列表页 """ # 显示所有人的提交 这是管理员的调试功能 - show_all = request.GET.get("show_all", False) == "true" + show_all = request.GET.get("show_all", False) == "true" and request.user.admin_type == SUPER_ADMIN if show_all: submissions = Submission.objects.filter(contest_id__isnull=True) else: From 172d45eb78092f8a2f229af7e2a7eb3c4201042d Mon Sep 17 00:00:00 2001 From: virusdefender <1670873886@qq.com> Date: Tue, 22 Sep 2015 16:18:32 +0800 Subject: [PATCH 2/7] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E5=88=A4=E6=96=AD?= =?UTF-8?q?=E7=AE=A1=E7=90=86=E5=91=98=E6=9D=83=E9=99=90=E7=9A=84=20decora?= =?UTF-8?q?tor?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- account/decorators.py | 29 ++++++++++++++++++++++++++--- 1 file changed, 26 insertions(+), 3 deletions(-) diff --git a/account/decorators.py b/account/decorators.py index 4113dd01..1181c6a5 100644 --- a/account/decorators.py +++ b/account/decorators.py @@ -4,7 +4,7 @@ from django.http import HttpResponse, HttpResponseRedirect from django.shortcuts import render from utils.shortcuts import error_response, error_page -from .models import User +from .models import User, SUPER_ADMIN def login_required(func): @@ -12,7 +12,10 @@ def login_required(func): def check(*args, **kwargs): # 在class based views 里面,args 有两个元素,一个是self, 第二个才是request, # 在function based views 里面,args 只有request 一个参数 - request = args[-1] + if len(args) == 2: + request = args[-1] + else: + request = args[0] if request.user.is_authenticated(): return func(*args, **kwargs) if request.is_ajax(): @@ -25,7 +28,10 @@ def login_required(func): def admin_required(func): @wraps(func) def check(*args, **kwargs): - request = args[-1] + if len(args) == 2: + request = args[-1] + else: + request = args[0] if request.user.is_authenticated() and request.user.admin_type: return func(*args, **kwargs) if request.is_ajax(): @@ -33,3 +39,20 @@ def admin_required(func): else: return error_page(request, u"需要管理员权限,如果没有登录,请先登录") return check + + +def super_admin_required(func): + @wraps(func) + def check(*args, **kwargs): + if len(args) == 2: + request = args[-1] + else: + request = args[0] + if request.user.is_authenticated() and request.user.admin_type == SUPER_ADMIN: + return func(*args, **kwargs) + if request.is_ajax(): + return error_response(u"需要超级管理员权限") + else: + return error_page(request, u"需要超级管理员权限") + + return check \ No newline at end of file From 707e38ac79e0260a60c7a8d1b23a2282fc924797 Mon Sep 17 00:00:00 2001 From: virusdefender <1670873886@qq.com> Date: Tue, 22 Sep 2015 16:19:08 +0800 Subject: [PATCH 3/7] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E9=83=A8=E5=88=86?= =?UTF-8?q?=E6=B3=A8=E9=87=8A=EF=BC=8C=E4=BF=AE=E8=A1=A5=E9=83=A8=E5=88=86?= =?UTF-8?q?=E6=B2=A1=E6=9C=89=E5=88=A4=E6=96=AD=E6=9D=83=E9=99=90=E7=9A=84?= =?UTF-8?q?=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- problem/decorators.py | 28 ++++++++++++++++++++++++++ problem/views.py | 46 ++++++++++++++++++++++++++++++++----------- 2 files changed, 62 insertions(+), 12 deletions(-) create mode 100644 problem/decorators.py diff --git a/problem/decorators.py b/problem/decorators.py new file mode 100644 index 00000000..762c54a7 --- /dev/null +++ b/problem/decorators.py @@ -0,0 +1,28 @@ +# coding=utf-8 +from functools import wraps + +from account.models import SUPER_ADMIN +from utils.shortcuts import error_response +from .models import Problem + + +def check_user_problem_permission(func): + @wraps(func) + def check(*args, **kwargs): + # 在class based views 里面,args 有两个元素,一个是self, 第二个才是request, + # 在function based views 里面,args 只有request 一个参数 + if len(args) == 2: + request = args[-1] + else: + request = args[0] + + # 这是在后台使用的url middleware 已经确保用户是登录状态的了 + if request.user.admin_type == SUPER_ADMIN: + return func(*args, **kwargs) + try: + Problem.objects.get(id=request.data.get("problem_id", -1), created_by=request.user) + except Problem.DoesNotExist: + return error_response(u"问题不存在") + return func(*args, **kwargs) + + return check diff --git a/problem/views.py b/problem/views.py index dbe125ad..8dc42d63 100644 --- a/problem/views.py +++ b/problem/views.py @@ -4,6 +4,7 @@ import re import os import hashlib import json +import logging from django.shortcuts import render from django.db.models import Q, Count @@ -13,19 +14,23 @@ from rest_framework.views import APIView from django.conf import settings - -from announcement.models import Announcement +from account.models import SUPER_ADMIN +from account.decorators import super_admin_required from utils.shortcuts import (serializer_invalid_response, error_response, success_response, paginate, rand_str, error_page) from .serizalizers import (CreateProblemSerializer, EditProblemSerializer, ProblemSerializer, ProblemTagSerializer, CreateProblemTagSerializer) from .models import Problem, ProblemTag -import logging +from .decorators import check_user_problem_permission + logger = logging.getLogger("app_info") def problem_page(request, problem_id): + """ + 前台题目详情页 + """ try: problem = Problem.objects.get(id=problem_id, visible=True) except Problem.DoesNotExist: @@ -34,11 +39,15 @@ def problem_page(request, problem_id): class ProblemTagAdminAPIView(APIView): + """ + 获取所有标签的列表 + """ def get(self, request): return success_response(ProblemTagSerializer(ProblemTag.objects.all(), many=True).data) class ProblemAdminAPIView(APIView): + @super_admin_required def post(self, request): """ 题目发布json api接口 @@ -72,6 +81,7 @@ class ProblemAdminAPIView(APIView): else: return serializer_invalid_response(serializer) + @check_user_problem_permission def put(self, request): """ 题目编辑json api接口 @@ -82,11 +92,7 @@ class ProblemAdminAPIView(APIView): serializer = EditProblemSerializer(data=request.data) if serializer.is_valid(): data = serializer.data - try: - problem = Problem.objects.get(id=data["id"]) - except Problem.DoesNotExist: - return error_response(u"该题目不存在!") - + problem = Problem.objects.get(id=data["id"]) problem.title = data["title"] problem.description = data["description"] problem.input_description = data["input_description"] @@ -123,23 +129,36 @@ class ProblemAdminAPIView(APIView): problem_id = request.GET.get("problem_id", None) if problem_id: try: + # 普通管理员只能获取自己创建的题目 + # 超级管理员可以获取全部的题目 problem = Problem.objects.get(id=problem_id) + if request.user.admin_type != SUPER_ADMIN: + problem = problem.get(created_by=request.user) return success_response(ProblemSerializer(problem).data) except Problem.DoesNotExist: return error_response(u"题目不存在") - problem = Problem.objects.all().order_by("-create_time") + + # 获取问题列表 + problems = Problem.objects.all().order_by("-create_time") + + if request.user.admin_type != SUPER_ADMIN: + problems = problems.filter(created_by=request.user) + visible = request.GET.get("visible", None) if visible: - problem = problem.filter(visible=(visible == "true")) + problems = problems.filter(visible=(visible == "true")) keyword = request.GET.get("keyword", None) if keyword: - problem = problem.filter(Q(title__contains=keyword) | + problems = problems.filter(Q(title__contains=keyword) | Q(description__contains=keyword)) - return paginate(request, problem, ProblemSerializer) + return paginate(request, problems, ProblemSerializer) class TestCaseUploadAPIView(APIView): + """ + 上传题目的测试用例 + """ def _is_legal_test_case_file_name(self, file_name): # 正整数开头的 .in 或者.out 结尾的 regex = r"^[1-9]\d*\.(in|out)$" @@ -237,6 +256,9 @@ class TestCaseUploadAPIView(APIView): def problem_list_page(request, page=1): + """ + 前台的问题列表 + """ # 正常情况 problems = Problem.objects.filter(visible=True) From 389c1905a6f4dd1a75c3e4d6ed901ad332cb1188 Mon Sep 17 00:00:00 2001 From: virusdefender <1670873886@qq.com> Date: Tue, 22 Sep 2015 16:19:40 +0800 Subject: [PATCH 4/7] =?UTF-8?q?=E4=BF=AE=E8=A1=A5=E9=83=A8=E5=88=86?= =?UTF-8?q?=E6=B2=A1=E6=9C=89=E5=88=A4=E6=96=AD=E6=AF=94=E8=B5=9B=E6=9D=83?= =?UTF-8?q?=E9=99=90=E7=9A=84=E9=97=AE=E9=A2=98=EF=BC=9B=E5=A2=9E=E5=8A=A0?= =?UTF-8?q?=E6=AF=94=E8=B5=9B=E8=B0=83=E8=AF=95=E6=A8=A1=E5=BC=8F=E7=9A=84?= =?UTF-8?q?=E9=A1=B5=E9=9D=A2=E6=8F=90=E7=A4=BA?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- contest/views.py | 60 ++++++++++++-------- template/src/oj/contest/contest_problem.html | 4 +- 2 files changed, 37 insertions(+), 27 deletions(-) diff --git a/contest/views.py b/contest/views.py index 1869bb5f..8e0a2ac4 100644 --- a/contest/views.py +++ b/contest/views.py @@ -16,7 +16,7 @@ from utils.shortcuts import (serializer_invalid_response, error_response, from account.models import SUPER_ADMIN, User from account.decorators import login_required from group.models import Group -from .models import Contest, ContestProblem, ContestSubmission +from .models import Contest, ContestProblem, ContestSubmission, CONTEST_ENDED, CONTEST_NOT_START, CONTEST_UNDERWAY from .models import GROUP_CONTEST, PUBLIC_CONTEST, PASSWORD_PROTECTED_CONTEST from .decorators import check_user_contest_permission from .serializers import (CreateContestSerializer, ContestSerializer, EditContestSerializer, @@ -45,10 +45,10 @@ class ContestAdminAPIView(APIView): if data["contest_type"] in [PUBLIC_CONTEST, PASSWORD_PROTECTED_CONTEST]: if request.user.admin_type != SUPER_ADMIN: return error_response(u"只有超级管理员才可创建公开赛") + if data["contest_type"] == PASSWORD_PROTECTED_CONTEST: if not data["password"]: return error_response(u"此比赛为有密码的公开赛,密码不可为空") - # 没有密码的公开赛 没有密码的小组赛 elif data["contest_type"] == GROUP_CONTEST: if request.user.admin_type == SUPER_ADMIN: @@ -58,7 +58,7 @@ class ContestAdminAPIView(APIView): if not groups.count(): return error_response(u"请至少选择一个小组") if data["start_time"] >= data["end_time"]: - return error_response(u"比赛的开始时间不能晚于或等于比赛结束的时间") + return error_response(u"比赛的开始时间必须早于比赛结束的时间") try: contest = Contest.objects.create(title=data["title"], description=data["description"], mode=data["mode"], contest_type=data["contest_type"], @@ -86,7 +86,10 @@ class ContestAdminAPIView(APIView): data = serializer.data groups = [] try: + # 超级管理员可以编辑所有的 contest = Contest.objects.get(id=data["id"]) + if request.user.admin_type != SUPER_ADMIN: + contest = contest.get(created_by=request.user) except Contest.DoesNotExist: return error_response(u"该比赛不存在!") try: @@ -109,9 +112,8 @@ class ContestAdminAPIView(APIView): if not groups.count(): return error_response(u"请至少选择一个小组") if data["start_time"] >= data["end_time"]: - return error_response(u"比赛的开始时间不能晚于或等于比赛结束的时间") - if request.user.admin_type != SUPER_ADMIN and request.user != contest.created_by: - return error_response(u"你无权修改该比赛!") + return error_response(u"比赛的开始时间必须早于比赛结束的时间") + contest.title = data["title"] contest.description = data["description"] contest.mode = data["mode"] @@ -163,6 +165,8 @@ class ContestProblemAdminAPIView(APIView): data = serializer.data try: contest = Contest.objects.get(id=data["contest_id"]) + if request.user.admin_type != SUPER_ADMIN: + contest = contest.get(created_by=request.user) except Contest.DoesNotExist: return error_response(u"比赛不存在") contest_problem = ContestProblem.objects.create(title=data["title"], @@ -199,7 +203,7 @@ class ContestProblemAdminAPIView(APIView): return error_response(u"该比赛题目不存在!") contest = Contest.objects.get(id=contest_problem.contest_id) if request.user.admin_type != SUPER_ADMIN and contest.created_by != request.user: - return error_response(u"你无权修改该题目!") + return error_response(u"比赛不存在") contest_problem.title = data["title"] contest_problem.description = data["description"] contest_problem.input_description = data["input_description"] @@ -227,29 +231,27 @@ class ContestProblemAdminAPIView(APIView): if contest_problem_id: try: contest_problem = ContestProblem.objects.get(id=contest_problem_id) + if request.user.admin_type != SUPER_ADMIN: + contest_problem = contest_problem.get(created_by=request.user) return success_response(ContestProblemSerializer(contest_problem).data) except ContestProblem.DoesNotExist: return error_response(u"比赛题目不存在") - if request.user.admin_type == SUPER_ADMIN: - contest_problem = ContestProblem.objects.all().order_by("sort_index") - else: - contest_problem = ContestProblem.objects.filter(created_by=request.user).order_by("sort_index") + + contest_problems = ContestProblem.objects.all().order_by("sort_index") + if request.user.admin_type != SUPER_ADMIN: + contest_problems = contest_problems.filter(created_by=request.user).order_by("sort_index") visible = request.GET.get("visible", None) if visible: - contest_problem = contest_problem.filter(visible=(visible == "true")) + contest_problems = contest_problems.filter(visible=(visible == "true")) keyword = request.GET.get("keyword", None) if keyword: - contest_problem = contest_problem.filter(Q(title__contains=keyword) | + contest_problems = contest_problems.filter(Q(title__contains=keyword) | Q(description__contains=keyword)) contest_id = request.GET.get("contest_id", None) if contest_id: - try: - contest = Contest.objects.get(id=contest_id) - except Contest.DoesNotExist: - return error_response(u"该比赛不存在!") - contest_problem = contest_problem.filter(contest=contest).order_by("sort_index") + contest_problem = contest_problems.filter(contest__id=contest_id).order_by("sort_index") - return paginate(request, contest_problem, ContestProblemSerializer) + return paginate(request, contest_problems, ContestProblemSerializer) class ContestPasswordVerifyAPIView(APIView): @@ -306,12 +308,23 @@ def contest_problem_page(request, contest_id, contest_problem_id): pass # 已经结束 - if contest.status == -1: + if contest.status == CONTEST_ENDED: show_warning = True warning = u"比赛已经结束" + elif contest.status == CONTEST_NOT_START: + show_warning = True + warning = u"比赛没有开始,您是管理员,可以提交和测试题目,但是目前的提交不会计入排名。" + + show_submit_code_area = False + if contest.status == CONTEST_UNDERWAY: + show_submit_code_area = True + if request.user.admin_type == SUPER_ADMIN or request.user == contest.created_by: + show_submit_code_area = True + return render(request, "oj/contest/contest_problem.html", {"contest_problem": contest_problem, "contest": contest, "samples": json.loads(contest_problem.samples), - "show_warning": show_warning, "warning": warning}) + "show_warning": show_warning, "warning": warning, + "show_submit_code_area": show_submit_code_area}) @check_user_contest_permission @@ -319,10 +332,7 @@ def contest_problems_list_page(request, contest_id): """ 比赛所有题目的列表页 """ - try: - contest = Contest.objects.get(id=contest_id) - except Contest.DoesNotExist: - return error_page(request, u"比赛不存在") + contest = Contest.objects.get(id=contest_id) contest_problems = ContestProblem.objects.filter(contest=contest).order_by("sort_index") submissions = ContestSubmission.objects.filter(user=request.user, contest=contest) state = {} diff --git a/template/src/oj/contest/contest_problem.html b/template/src/oj/contest/contest_problem.html index 64cff29a..0b07c566 100644 --- a/template/src/oj/contest/contest_problem.html +++ b/template/src/oj/contest/contest_problem.html @@ -60,7 +60,7 @@
>M
+ """) + parser.close() + print(parser.getHtml()) From 5c334a4ed3fff3399cce66eace02f83e34ce99d0 Mon Sep 17 00:00:00 2001 From: virusdefender <1670873886@qq.com> Date: Tue, 22 Sep 2015 18:52:15 +0800 Subject: [PATCH 7/7] add oj text logo --- oj/__init__.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/oj/__init__.py b/oj/__init__.py index e69de29b..c19c0794 100644 --- a/oj/__init__.py +++ b/oj/__init__.py @@ -0,0 +1,9 @@ +""" + ___ _ _ __ _ _ _ + /___\ _ __ | |(_) _ __ ___ \ \ _ _ __| | __ _ ___ | |__ _ _ __ _ __| | _ _ + // //| '_ \ | || || '_ \ / _ \ \ \| | | | / _` | / _` | / _ \ | '_ \ | | | | / _` | / _` || | | | +/ \_// | | | || || || | | || __/ /\_/ /| |_| || (_| || (_| || __/ | |_) || |_| | | (_| || (_| || |_| | +\___/ |_| |_||_||_||_| |_| \___| \___/ \__,_| \__,_| \__, | \___| |_.__/ \__, | \__, | \__,_| \__,_| + |___/ |___/ |_| +https://github.com/QingdaoU/OnlineJudge +""" \ No newline at end of file