Merge pull request #41 from leoselig/master

Import exercise meta data from CodeHarbour
2016-03-01 13:03:12 +01:00
parent ed63a9dfd8 1c5cf0facb
commit ebdc5dcd6e
22 changed files with 341 additions and 2 deletions
--- a/app/controllers/code_harbor_links_controller.rb
+++ b/app/controllers/code_harbor_links_controller.rb
@ -0,0 +1,68 @@
+class CodeHarborLinksController < ApplicationController
+  include CommonBehavior
+  before_action :set_code_harbor_link, only: [:show, :edit, :update, :destroy]
+
+  def authorize!
+    authorize(@code_harbor_link || @code_harbor_links)
+  end
+  private :authorize!
+
+  # GET /code_harbor_links
+  # GET /code_harbor_links.json
+  def index
+    @code_harbor_links = CodeHarborLink.where(user_id: current_user.id).paginate(page: params[:page])
+    authorize!
+  end
+
+  # GET /code_harbor_links/1
+  # GET /code_harbor_links/1.json
+  def show
+    authorize!
+  end
+
+  # GET /code_harbor_links/new
+  def new
+    @code_harbor_link = CodeHarborLink.new
+    authorize!
+  end
+
+  # GET /code_harbor_links/1/edit
+  def edit
+    authorize!
+  end
+
+  # POST /code_harbor_links
+  # POST /code_harbor_links.json
+  def create
+    @code_harbor_link = CodeHarborLink.new(code_harbor_link_params)
+    @code_harbor_link.user = current_user
+    authorize!
+    create_and_respond(object: @code_harbor_link)
+  end
+
+  # PATCH/PUT /code_harbor_links/1
+  # PATCH/PUT /code_harbor_links/1.json
+  def update
+    update_and_respond(object: @code_harbor_link, params: code_harbor_link_params)
+    authorize!
+  end
+
+  # DELETE /code_harbor_links/1
+  # DELETE /code_harbor_links/1.json
+  def destroy
+    destroy_and_respond(object: @code_harbor_link)
+  end
+
+  private
+    # Use callbacks to share common setup or constraints between actions.
+    def set_code_harbor_link
+      @code_harbor_link = CodeHarborLink.find(params[:id])
+      @code_harbor_link.user = current_user
+      authorize!
+    end
+
+    # Never trust parameters from the scary internet, only allow the white list through.
+    def code_harbor_link_params
+      params.require(:code_harbor_link).permit(:oauth2token)
+    end
+end
--- a/app/controllers/exercises_controller.rb
+++ b/app/controllers/exercises_controller.rb
@ -11,6 +11,10 @@ class ExercisesController < ApplicationController
  before_action :set_file_types, only: [:create, :edit, :new, :update]
  before_action :set_teams, only: [:create, :edit, :new, :update]

+  skip_before_filter :verify_authenticity_token, only: [:import_proforma_xml]
+  skip_after_action :verify_authorized, only: [:import_proforma_xml]
+  skip_after_action :verify_policy_scoped, only: [:import_proforma_xml]
+
  def authorize!
    authorize(@exercise || @exercises)
  end
@ -62,6 +66,58 @@ class ExercisesController < ApplicationController
  def edit
  end

+  def import_proforma_xml
+    begin
+      user = user_for_oauth2_request()
+      exercise = Exercise.new
+      request_body = request.body.read
+      exercise.from_proforma_xml(request_body)
+      exercise.user = user
+      saved = exercise.save
+      if saved
+        render :text => 'SUCCESS', :status => 200
+      else
+        logger.info(exercise.errors.full_messages)
+        render :text => 'Invalid exercise', :status => 400
+      end
+    rescue => error
+      if error.class == Hash
+        render :text => error.message, :status => error.status
+      else
+        raise error
+        render :text => '', :status => 500
+      end
+    end
+  end
+
+  def user_for_oauth2_request
+    authorizationHeader = request.headers['Authorization']
+    if authorizationHeader == nil
+      raise ({status: 401, message: 'No Authorization header'})
+    end
+
+    oauth2Token = authorizationHeader.split(' ')[1]
+    if oauth2Token == nil || oauth2Token.size == 0
+      raise ({status: 401, message: 'No token in Authorization header'})
+    end
+
+    user = user_by_code_harbor_token(oauth2Token)
+    if user == nil
+      raise ({status: 401, message: 'Unknown OAuth2 token'})
+    end
+
+    return user
+  end
+  private :user_for_oauth2_request
+
+  def user_by_code_harbor_token(oauth2Token)
+    link = CodeHarborLink.where(:oauth2token => oauth2Token)[0]
+    if link != nil
+      return link.user
+    end
+  end
+  private :user_by_code_harbor_token
+
  def exercise_params
    params[:exercise].permit(:description, :execution_environment_id, :file_id, :instructions, :public, :hide_file_tree, :team_id, :title, files_attributes: file_attributes).merge(user_id: current_user.id, user_type: current_user.class.name)
  end