htwkmooc/codeocean
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,496 Commits 2 Branches 0 Tags
16c00ec13671af0ce2bddf3ef9c29109c8c7a28d
Commit Graph

2015 Commits

Author SHA1 Message Date
Sebastian Serth
16c00ec136 Add support for signed URLs used by the render_file function 2022-09-23 21:35:22 +02:00
Sebastian Serth
5881795d5f Memorize config options instead of reading them from file over and over again 2022-09-23 21:35:22 +02:00
Sebastian Serth
0e7c38657f Allow teachers to access internal users and manage them in their study groups 2022-09-22 19:24:26 +02:00
Sebastian Serth
ac3dc8d30f Allow platform admins and internal users to switch their current study group 2022-09-22 19:24:26 +02:00
Janis Vaneylen
2e3480a068 Display study_groups in the show view of internal and external users 2022-09-22 19:24:26 +02:00
Sebastian Serth
4d2fe22daf Allow assignment of study groups for internal users 2022-09-22 19:24:26 +02:00
Janis Vaneylen
998a12e6bc Adjust filter for platform_admin user search and update views 2022-09-22 19:24:26 +02:00
Sebastian Serth
02c65af034 Update scope query for new teacher definition 2022-09-22 19:24:26 +02:00
Sebastian Serth
964048927a Updated teacher_in_study_group? method to check for common teacher role 2022-09-22 19:24:26 +02:00
Sebastian Serth
936c11e31f Refactor authentication token for new study-group-based authorization 2022-09-22 19:24:26 +02:00
Sebastian Serth
cb1b163b30 Always create a default study group for new consumers 2022-09-22 19:24:26 +02:00
Sebastian Serth
9c9f45ff77 Redefine user roles with their role in a study group 2022-09-22 19:24:26 +02:00
Sebastian Serth
04ed45ea73 Migrate database and models for study-group-based authorization 2022-09-22 19:24:26 +02:00
Sebastian Serth
fa6527b4ed Refactor exercises_controller.rb to reduce code duplication 2022-09-22 19:24:26 +02:00
Sebastian Serth
bf13cfc712 Delete outdated search_policy.rb 2022-09-22 19:24:26 +02:00
Sebastian Serth
664110f8f1 Show all study groups per consumer 2022-09-22 19:24:26 +02:00
Sebastian Serth
3869785ddd User: Allow removing the consumer filter 2022-09-22 19:24:26 +02:00
Sebastian Serth
2f622174fa Handle undefined this.websocket when stopping code 
Fixes CODEOCEAN-CJ
 2022-09-22 19:24:26 +02:00
Sebastian Serth
bbb791471b Remove AWS study 2022-09-21 18:57:12 +02:00
Sebastian Serth
03cc71ccbc Update ExecutionEnvironment statistics and sync message 2022-09-14 12:19:59 +02:00
Sebastian Serth
d02a1eae81 Validate password strength for internal users 2022-09-14 12:19:25 +02:00
Sebastian Serth
f1aa004284 Use controller method for 404 responses 2022-09-14 01:01:14 +02:00
Sebastian Serth
80419db868 [CSP] Prevent use of unsafe-inline for links 
* Also update all <a> tags in locals
 2022-09-07 21:42:07 +02:00
Sebastian Serth
9e08f3a6a8 Enable Subresource Integrity 2022-09-06 11:21:37 +02:00
Sebastian Serth
b0130b8fae Remove overwrite for X-Frame-Options 
* With current third-party-cookies being blocked by modern
browsers, CodeOcean won't work in an iFrame anyway.
 2022-09-06 11:21:37 +02:00
Sebastian Serth
5b73f4df6f Refactor render_file method 
* We simplify the send_data call,
* ensure to set the correct header, and
* prevent our custom MIME type detection
 2022-09-06 11:21:33 +02:00
Sebastian Serth
b6d8c7175b Disallow any external resources for :render_file 2022-09-06 11:20:57 +02:00
Sebastian Serth
a2bb2844b4 Add a Content Security Policy 2022-09-06 11:20:57 +02:00
Sebastian Serth
0a16f589e9 Use X-Sendfile to transmit native files and handle file uploads 2022-09-06 01:21:40 +02:00
Sebastian Serth
dccc60b7ca Remove renderWebsocketOutput and use printWebsocketOutput instead 
* The `render` command is not used much
* Originally added with commit 898074be3f
* The `#render` anchor (see findOrCreateRenderElement) was the "Render" button above the editor, nothing was rendered at all if executing code and otherwise it would be included _within_ the button.
 2022-09-04 23:12:46 +02:00
Sebastian Serth
e5d8db2796 Return propper error for anonymous users in exercises_controller 
* not_authorized_for_exercise was not checking for a current_user

Fixes CODEOCEAN-C4
 2022-09-04 19:13:08 +02:00
Sebastian Serth
1581d658ea Simplify user search for external teachers 2022-09-04 19:03:15 +02:00
Sebastian Serth
fbe80ac557 Ensure min-height for left and right sidebar in editor 2022-09-04 11:48:53 +02:00
Sebastian Serth
22cd202e9d Refactor reject_illegal_file_attributes check 
* Improve readability of method
* Add a new check for the author of a submission
 2022-09-04 11:42:36 +02:00
Sebastian Serth
b67daedfc9 Remove dead code from ProxyExercise 2022-09-04 00:05:38 +02:00
Sebastian Serth
49f4f0e6c5 Refactor exercise_controller and move more checks to policy 
* We introduce a custom handler for Pundit::NotAuthorizedError
 2022-09-04 00:05:13 +02:00
Sebastian Serth
0de213b8c7 Pagedown: Use default sanitizer for preview 2022-09-03 22:50:30 +02:00
Sebastian Serth
e00d1772ca Disallow markup for RfC emails 2022-09-02 18:14:14 +02:00
Sebastian Serth
9050f02b7a Add additional test case for new CodeOcean::File#read method 2022-09-02 17:52:24 +02:00
Janis Vaneylen
b6837e9539 Refactor validity of token authentication 2022-09-02 16:56:19 +02:00
Janis Vaneylen
e77223e628 Refactor send_thank_you_note method and according specs 2022-09-02 16:56:19 +02:00
Sebastian Serth
60dc8c3b7e Apply line-based coloring for output 2022-09-02 16:56:18 +02:00
Sebastian Serth
ffd7a0351a Improve display of images for code output 2022-08-25 20:13:22 +02:00
Sebastian Serth
4de77ca3f5 Improve get_quantiles method for exercise 2022-08-25 18:14:23 +02:00
Sebastian Serth
bdebcf319e Allow access to user statistics for teachers 
Fixes CODEOCEAN-BV
 2022-08-25 18:14:10 +02:00
Sebastian Serth
b3f9a1ec90 Allow line breaks in feedback texts 2022-08-25 00:31:32 +02:00
Sebastian Serth
6dcccd324b Show feedback without rendering Markdown 
* We do not instruct learners how to write Markdown, this might yield to an unexpected rendering
 2022-08-25 00:23:08 +02:00
Sebastian Serth
35dd745a29 Use final submission for exercise feedback 
* Also, check for required permission
 2022-08-24 23:56:34 +02:00
Sebastian Serth
f4d350577a Fix exercise search for teachers 2022-08-24 23:39:42 +02:00
Sebastian Serth
7da08d2990 Fix typo for working_time_query 2022-08-24 23:29:49 +02:00