Merge remote-tracking branch 'origin/master' into flowr

# Conflicts: # app/assets/javascripts/editor/evaluation.js # app/assets/javascripts/editor/participantsupport.js # app/views/exercises/_editor_output.html.slim # config/code_ocean.yml.example # config/routes.rb
2018-11-28 13:14:21 +01:00
parent ebea8da341 5d13ee0e56
commit b9dce854c4
500 changed files with 12187 additions and 3430 deletions
--- a/config/application.rb
+++ b/config/application.rb
@@ -1,4 +1,4 @@
-require File.expand_path('../boot', __FILE__)
+require_relative 'boot'

 require 'rails/all'

@@ -8,9 +8,13 @@ Bundler.require(*Rails.groups)

 module CodeOcean
  class Application < Rails::Application
+    # Initialize configuration defaults
+    config.load_defaults 5.2
+
    # Settings in config/environments/* take precedence over those specified here.
-    # Application configuration should go into files in config/initializers
-    # -- all .rb files in that directory are automatically loaded.
+    # Application configuration can go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded after loading
+    # the framework and any gems in your application.

    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
@@ -21,23 +25,8 @@ module CodeOcean
    # config.i18n.default_locale = :de
    config.i18n.available_locales = [:de, :en]

-    # Do not swallow errors in after_commit/after_rollback callbacks.
-    config.active_record.raise_in_transactional_callbacks = true
-
    config.autoload_paths << Rails.root.join('lib')
    config.eager_load_paths << Rails.root.join('lib')
    config.assets.precompile += %w( markdown-buttons.png )
-
-    #config.active_record.schema_format = :sql
-
-    case (RUBY_ENGINE)
-      when 'ruby'
-        # ...
-        #this is enabled in prod for testing
-        config.middleware.use ActiveRecord::ConnectionAdapters::ConnectionManagement
-      when 'jruby'
-        # plattform specific
-        java.lang.Class.for_name('javax.crypto.JceSecurity').get_declared_field('isRestricted').tap{|f| f.accessible = true; f.set nil, false}
-    end
  end
 end
--- a/config/boot.rb
+++ b/config/boot.rb
@@ -1,3 +1,4 @@
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)

 require 'bundler/setup' # Set up gems listed in the Gemfile.
+require 'bootsnap/setup' # Speed up boot time by caching expensive operations.
--- a/config/cable.yml
+++ b/config/cable.yml
@@ -0,0 +1,10 @@
+development:
+  adapter: async
+
+test:
+  adapter: async
+
+production:
+  adapter: redis
+  url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+  channel_prefix: code_ocean_production
--- a/config/deploy.rb
+++ b/config/deploy.rb
@@ -19,7 +19,6 @@ namespace :deploy do
  after :compile_assets, :copy_vendor_assets do
    on roles(fetch(:assets_roles)) do
      within release_path do
-        execute :cp, '-r', 'vendor/assets/images/', 'public/assets/'
        execute :cp, '-r', 'vendor/assets/javascripts/ace', 'public/assets/'
      end
    end
--- a/config/environment.rb
+++ b/config/environment.rb
@@ -1,5 +1,8 @@
 # Load the Rails application.
-require File.expand_path('../application', __FILE__)
+require_relative 'application'
+
+# LTI 1.x uses OAuth 1.0
+OAUTH_10_SUPPORT = true

 # Initialize the Rails application.
 Rails.application.initialize!
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -1,4 +1,6 @@
 Rails.application.configure do
+  # Verifies that versions and hashed value of the package contents in the project's package.json
+  config.webpacker.check_yarn_integrity = true
  # Settings specified here will take precedence over those in config/application.rb.

  config.web_console.whitelisted_ips = '192.168.0.0/16'  
@@ -11,21 +13,41 @@ Rails.application.configure do
  # Do not eager load code on boot.
  config.eager_load = false

-  # Show full error reports and disable caching.
-  config.consider_all_requests_local       = true
-  config.action_controller.perform_caching = false
-  
-  config.action_mailer.perform_deliveries = false
+  # Show full error reports.
+  config.consider_all_requests_local = true
+
+  # Enable/disable caching. By default caching is disabled.
+  # Run rails dev:cache to toggle caching.
+  if Rails.root.join('tmp', 'caching-dev.txt').exist?
+    config.action_controller.perform_caching = true
+
+    config.cache_store = :memory_store
+    config.public_file_server.headers = {
+      'Cache-Control' => "public, max-age=#{2.days.to_i}"
+    }
+  else
+    config.action_controller.perform_caching = false
+
+    config.cache_store = :null_store
+  end
+
+  # Store uploaded files on the local file system (see config/storage.yml for options)
+  config.active_storage.service = :local

  # Don't care if the mailer can't send.
  config.action_mailer.raise_delivery_errors = false

+  config.action_mailer.perform_caching = false
+
  # Print deprecation notices to the Rails logger.
  config.active_support.deprecation = :log

  # Raise an error on page load if there are pending migrations.
  config.active_record.migration_error = :page_load

+  # Highlight code that triggered database queries in logs.
+  config.active_record.verbose_query_logs = true
+
  # Debug mode disables concatenation and preprocessing of assets.
  # This option may cause significant delays in view rendering with a large
  # number of complex assets.
@@ -48,6 +70,9 @@ Rails.application.configure do

  BetterErrors::Middleware.allow_ip! ENV['TRUSTED_IP'] if ENV['TRUSTED_IP']

-  # Delete middleware in order to allow concurrent requests.
-  config.middleware.delete(Rack::Lock)
+  # Use an evented file watcher to asynchronously detect changes in source code,
+  # routes, locales, etc. This feature depends on the listen gem and might not
+  # work within a Vagrant environment.
+  # config.file_watcher = ActiveSupport::EventedFileUpdateChecker
+  config.file_watcher = ActiveSupport::FileUpdateChecker
 end
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -1,4 +1,6 @@
 Rails.application.configure do
+  # Verifies that versions and hashed value of the package contents in the project's package.json
+  config.webpacker.check_yarn_integrity = false
  # Settings specified here will take precedence over those in config/application.rb.

  # Code is not reloaded between requests.
@@ -14,18 +16,17 @@ Rails.application.configure do
  config.consider_all_requests_local       = false
  config.action_controller.perform_caching = true

-  # Enable Rack::Cache to put a simple HTTP cache in front of your application
-  # Add `rack-cache` to your Gemfile before enabling this.
-  # For large-scale production use, consider using a caching reverse proxy like
-  # NGINX, varnish or squid.
-  # config.action_dispatch.rack_cache = true
+  # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
+  # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
+  # config.require_master_key = true

  # Disable serving static files from the `/public` folder by default since
  # Apache or NGINX already handles this.
-  config.serve_static_files = ENV['RAILS_SERVE_STATIC_FILES'].present?
+  config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?

  # Compress JavaScripts and CSS.
-  config.assets.js_compressor = :uglifier
+  config.assets.js_compressor = Uglifier.new(harmony: true)
+  # config.assets.js_compressor = :uglifier
  # config.assets.css_compressor = :sass

  # Do not fallback to assets pipeline if a precompiled asset is missed.
@@ -37,10 +38,21 @@ Rails.application.configure do

  # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb

+  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+  # config.action_controller.asset_host = 'http://assets.example.com'
+
  # Specifies the header that your server uses for sending files.
  # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX

+  # Store uploaded files on the local file system (see config/storage.yml for options)
+  config.active_storage.service = :local
+
+  # Mount Action Cable outside main process or domain
+  # config.action_cable.mount_path = nil
+  # config.action_cable.url = 'wss://example.com/cable'
+  # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
+
  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
  # config.force_ssl = true

@@ -49,16 +61,16 @@ Rails.application.configure do
  config.log_level = :error

  # Prepend all log lines with the following tags.
-  # config.log_tags = [ :subdomain, :uuid ]
-
-  # Use a different logger for distributed setups.
-  # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
+  # config.log_tags = [ :subdomain, :uuid, :request_id ]

  # Use a different cache store in production.
  # config.cache_store = :mem_cache_store

-  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
-  # config.action_controller.asset_host = 'http://assets.example.com'
+  # Use a real queuing backend for Active Job (and separate queues per environment)
+  # config.active_job.queue_adapter     = :resque
+  # config.active_job.queue_name_prefix = "code_ocean_#{Rails.env}"
+
+  config.action_mailer.perform_caching = false

  # Ignore bad email addresses and do not raise email delivery errors.
  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
@@ -74,6 +86,16 @@ Rails.application.configure do
  # Use default logging formatter so that PID and timestamp are not suppressed.
  config.log_formatter = ::Logger::Formatter.new

+  # Use a different logger for distributed setups.
+  # require 'syslog/logger'
+  # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name')
+
+  if ENV["RAILS_LOG_TO_STDOUT"].present?
+    logger           = ActiveSupport::Logger.new(STDOUT)
+    logger.formatter = config.log_formatter
+    config.logger    = ActiveSupport::TaggedLogging.new(logger)
+  end
+
  # Do not dump schema after migrations.
  config.active_record.dump_schema_after_migration = false
 end
--- a/config/environments/test.rb
+++ b/config/environments/test.rb
@@ -12,9 +12,11 @@ Rails.application.configure do
  # preloads Rails for running tests, you may have to set it to true.
  config.eager_load = false

-  # Configure static file server for tests with Cache-Control for performance.
-  config.serve_static_files   = true
-  config.static_cache_control = 'public, max-age=3600'
+  # Configure public file server for tests with Cache-Control for performance.
+  config.public_file_server.enabled = true
+  config.public_file_server.headers = {
+    'Cache-Control' => "public, max-age=#{1.hour.to_i}"
+  }

  # Show full error reports and disable caching.
  config.consider_all_requests_local       = true
@@ -26,6 +28,11 @@ Rails.application.configure do
  # Disable request forgery protection in test environment.
  config.action_controller.allow_forgery_protection = false

+  # Store uploaded files on the local file system in a temporary directory
+  config.active_storage.service = :test
+
+  config.action_mailer.perform_caching = false
+
  # Tell Action Mailer not to deliver emails to the real world.
  # The :test delivery method accumulates sent emails in the
  # ActionMailer::Base.deliveries array.
--- a/config/initializers/application_controller_renderer.rb
+++ b/config/initializers/application_controller_renderer.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+# ActiveSupport::Reloader.to_prepare do
+#   ApplicationController.renderer.defaults.merge!(
+#     http_host: 'example.org',
+#     https: false
+#   )
+# end
--- a/config/initializers/assets.rb
+++ b/config/initializers/assets.rb
@@ -1,12 +1,17 @@
 # Be sure to restart your server when you modify this file.

-# Version of your assets, change this if you want to expire all your assets.
-Rails.application.config.assets.version = '1.0'
+Rails.application.config.tap do |config|

-# Add additional assets to the asset load path
-# Rails.application.config.assets.paths << Emoji.images_path
+  # Version of your assets, change this if you want to expire all your assets.
+  config.assets.version = '1.0'

-# Precompile additional assets.
-# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
-# Rails.application.config.assets.precompile += %w( search.js )
-Rails.application.config.assets.precompile += %w( markdown-buttons.png )
+  # Add additional assets to the asset load path.
+  # config.assets.paths << Emoji.images_path
+  # Add Yarn node_modules folder to the asset load path.
+  config.assets.paths << Rails.root.join('node_modules')
+
+  # Precompile additional assets.
+  # application.js, application.css, and all non-JS/CSS in the app/assets
+  # folder are already added.
+  # config.assets.precompile += %w( admin.js admin.css )
+end
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@@ -0,0 +1,25 @@
+# Be sure to restart your server when you modify this file.
+
+# Define an application-wide content security policy
+# For further information see the following documentation
+# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
+
+# Rails.application.config.content_security_policy do |policy|
+#   policy.default_src :self, :https
+#   policy.font_src    :self, :https, :data
+#   policy.img_src     :self, :https, :data
+#   policy.object_src  :none
+#   policy.script_src  :self, :https
+#   policy.style_src   :self, :https
+
+#   # Specify URI for violation reports
+#   # policy.report_uri "/csp-violation-report-endpoint"
+# end
+
+# If you are using UJS then enable automatic nonce generation
+# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) }
+
+# Report CSP violations to a specified URI
+# For further information see the following documentation:
+# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only
+# Rails.application.config.content_security_policy_report_only = true
--- a/config/initializers/cookies_serializer.rb
+++ b/config/initializers/cookies_serializer.rb
@@ -1,3 +1,5 @@
 # Be sure to restart your server when you modify this file.

+# Specify a serializer for the signed and encrypted cookie jars.
+# Valid options are :json, :marshal, and :hybrid.
 Rails.application.config.action_dispatch.cookies_serializer = :json
--- a/config/initializers/docker.rb
+++ b/config/initializers/docker.rb
@@ -1,6 +1,8 @@
 DockerClient.initialize_environment unless Rails.env.test? && `which docker`.blank?

-if ActiveRecord::Base.connection.tables.present? && DockerContainerPool.config[:active]
+if !Rake.application.top_level_tasks.to_s.include?('db:') &&
+    ApplicationRecord.connection.tables.present? &&
+    DockerContainerPool.config[:active]
  DockerContainerPool.start_refill_task
  at_exit { DockerContainerPool.clean_up }
 end
--- a/config/initializers/wrap_parameters.rb
+++ b/config/initializers/wrap_parameters.rb
@@ -5,10 +5,10 @@

 # Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
 ActiveSupport.on_load(:action_controller) do
-  wrap_parameters format: [:json] if respond_to?(:wrap_parameters)
+  wrap_parameters format: [:json]
 end

 # To enable root element in JSON for ActiveRecord objects.
 # ActiveSupport.on_load(:active_record) do
-#  self.include_root_in_json = true
+#   self.include_root_in_json = true
 # end
--- a/config/puma.rb
+++ b/config/puma.rb
@@ -0,0 +1,34 @@
+# Puma can serve each request in a thread from an internal thread pool.
+# The `threads` method setting takes two numbers: a minimum and maximum.
+# Any libraries that use thread pools should be configured to match
+# the maximum value specified for Puma. Default is set to 5 threads for minimum
+# and maximum; this matches the default thread size of Active Record.
+#
+threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+threads threads_count, threads_count
+
+# Specifies the `port` that Puma will listen on to receive requests; default is 3000.
+#
+port        ENV.fetch("PORT") { 3000 }
+
+# Specifies the `environment` that Puma will run in.
+#
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+# Specifies the number of `workers` to boot in clustered mode.
+# Workers are forked webserver processes. If using threads and workers together
+# the concurrency of the application would be max `threads` * `workers`.
+# Workers do not work on JRuby or Windows (both of which do not support
+# processes).
+#
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+
+# Use the `preload_app!` method when specifying a `workers` number.
+# This directive tells Puma to first boot the application and load code
+# before forking the application. This takes advantage of Copy On Write
+# process behavior so workers use less memory.
+#
+# preload_app!
+
+# Allow puma to be restarted by `rails restart` command.
+plugin :tmp_restart
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -28,7 +28,7 @@ Rails.application.routes.draw do
  delete '/comment_by_id', to: 'comments#destroy_by_id'
  put '/comments', to: 'comments#update'

-  resources :subscriptions do
+  resources :subscriptions, only: [:create, :destroy] do
    member do
      get :unsubscribe, to: 'subscriptions#destroy'
    end
@@ -67,7 +67,7 @@ Rails.application.routes.draw do
      get :statistics
    end

-    resources :errors, only: [:create, :index, :show]
+    resources :errors, only: [:create, :index, :show], controller: 'code_ocean/errors'
    resources :hints
  end

--- a/config/secrets.yml.example
+++ b/config/secrets.yml.example
@@ -5,18 +5,28 @@

 # Make sure the secret is at least 30 characters and all random,
 # no regular words or you'll be exposed to dictionary attacks.
-# You can use `rake secret` to generate a secure secret key.
+# You can use `rails secret` to generate a secure secret key.

 # Make sure the secrets in this file are kept private
 # if you're sharing your code publicly.

+# Shared secrets are available across all environments.
+
+# shared:
+#   api_key: a1B2c3D4e5F6
+
+# Environmental secrets are only available for that specific environment.
+
 development:
  secret_key_base: CHANGE_ME

 test:
  secret_key_base: CHANGE_ME

-# Do not keep production secrets in the repository,
-# instead read values from the environment.
+# Do not keep production secrets in the unencrypted secrets file.
+# Instead, either read values from the environment.
+# Or, use `bin/rails secrets:setup` to configure encrypted secrets
+# and move the `production:` environment over there.
+
 production:
  secret_key_base: CHANGE_ME
--- a/config/spring.rb
+++ b/config/spring.rb
@@ -0,0 +1,6 @@
+%w(
+  .ruby-version
+  .rbenv-vars
+  tmp/restart.txt
+  tmp/caching-dev.txt
+).each { |path| Spring.watch(path) }
--- a/config/storage.yml
+++ b/config/storage.yml
@@ -0,0 +1,34 @@
+test:
+  service: Disk
+  root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+  service: Disk
+  root: <%= Rails.root.join("storage") %>
+
+# Use rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+#   service: S3
+#   access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+#   secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+#   region: us-east-1
+#   bucket: your_own_bucket
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+#   service: GCS
+#   project: your_project
+#   credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+#   bucket: your_own_bucket
+
+# Use rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+#   service: AzureStorage
+#   storage_account_name: your_account_name
+#   storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+#   container: your_container_name
+
+# mirror:
+#   service: Mirror
+#   primary: local
+#   mirrors: [ amazon, google, microsoft ]
--- a/config/webpack/development.js
+++ b/config/webpack/development.js
@@ -0,0 +1,5 @@
+process.env.NODE_ENV = process.env.NODE_ENV || 'development';
+
+const environment = require('./environment');
+
+module.exports = environment;
--- a/config/webpack/environment.js
+++ b/config/webpack/environment.js
@@ -0,0 +1,33 @@
+/*
+./config/webpack/environment.js
+Info for this file can be found
+github.com/rails/webpacker/blob/master/docs/webpack.md
+*/
+
+const { environment } = require('@rails/webpacker');
+const merge = require('webpack-merge');
+const webpack = require('webpack');
+
+// Add an additional plugin of your choosing : ProvidePlugin
+environment.plugins.prepend('Provide', new webpack.ProvidePlugin({
+        $: 'jquery',
+        JQuery: 'jquery',
+        jquery: 'jquery',
+        'window.Tether': "tether",
+        Popper: ['popper.js', 'default'], // for Bootstrap 4
+        _: 'underscore',
+        vis: 'vis',
+        hljs: 'highlight.js',
+    })
+);
+
+const envConfig = module.exports = environment;
+const aliasConfig = module.exports = {
+    resolve: {
+        alias: {
+            jquery: 'jquery/src/jquery',
+        }
+    }
+};
+
+module.exports = merge(envConfig.toWebpackConfig(), aliasConfig);
--- a/config/webpack/production.js
+++ b/config/webpack/production.js
@@ -0,0 +1,5 @@
+process.env.NODE_ENV = process.env.NODE_ENV || 'production';
+
+const environment = require('./environment');
+
+module.exports = environment;
--- a/config/webpack/test.js
+++ b/config/webpack/test.js
@@ -0,0 +1,5 @@
+process.env.NODE_ENV = process.env.NODE_ENV || 'development';
+
+const environment = require('./environment');
+
+module.exports = environment;
--- a/config/webpacker.yml
+++ b/config/webpacker.yml
@@ -0,0 +1,70 @@
+# Note: You must restart bin/webpack-dev-server for changes to take effect
+
+default: &default
+  source_path: app/javascript
+  source_entry_path: packs
+  public_output_path: packs
+  cache_path: tmp/cache/webpacker
+
+  # Additional paths webpack should lookup modules
+  # ['app/assets', 'engine/foo/app/assets']
+  resolved_paths: []
+
+  # Reload manifest.json on all requests so we reload latest compiled packs
+  cache_manifest: false
+
+  extensions:
+    - .js
+    - .sass
+    - .scss
+    - .css
+    - .module.sass
+    - .module.scss
+    - .module.css
+    - .png
+    - .svg
+    - .gif
+    - .jpeg
+    - .jpg
+
+development:
+  <<: *default
+  compile: true
+
+  # Reference: https://webpack.js.org/configuration/dev-server/
+  dev_server:
+    https: false
+    host: 0.0.0.0
+    port: 3035
+    public: 0.0.0.0:3035
+    hmr: false
+    # Inline should be set to true if using HMR
+    inline: true
+    overlay: true
+    compress: true
+    disable_host_check: true
+    use_local_ip: false
+    quiet: false
+    headers:
+      'Access-Control-Allow-Origin': '*'
+    watch_options:
+      ignored: /node_modules/
+      # File Watcher might not work inside Vagrant
+      poll: true
+
+
+test:
+  <<: *default
+  compile: true
+
+  # Compile test packs to a separate directory
+  public_output_path: packs-test
+
+production:
+  <<: *default
+
+  # Production depends on precompilation of packs prior to booting for performance.
+  compile: false
+
+  # Cache manifest.json for performance
+  cache_manifest: true