htwkmooc/codeocean
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,844 Commits 2 Branches 0 Tags
87771b905ad2a89a1236c5cbfb6cc44ea3ea6c3d
Commit Graph

767 Commits

Author SHA1 Message Date
Sebastian Serth
87771b905a Fix rubocop offenses 2023-01-11 23:57:29 +01:00
Sebastian Serth
6a942ccf50 Capture exception for Scoring 
Previously, an exception was caused by the tubesock gem but not sent to Sentry. This caused errors not to bubble up correctly but rather kill the current thread, leaving the user with a generic "WebSocket connection not established" message.

Probably, this should be removed when updating the WebSocket implementation.
 2022-12-23 13:04:34 +01:00
Sebastian Serth
7cd61acbce I18n: Automatically choose locale through HTTP header 2022-12-20 10:26:32 +01:00
Sebastian Serth
8a6e0a8366 Catch empty files_json during conversion 2022-12-19 16:11:35 +01:00
Sebastian Serth
17356c3045 Allow redirect to main CodeOcean host 
When a file cannot be retrieved any longer, we send a redirect to the previous locations. As we usually enable a different render host, Rails sees this redirect as a redirect to another host (from the render host to the main CodeOcean host).
 2022-12-19 16:06:47 +01:00
Sebastian Serth
bec235c8d6 Fix XML parsing with invalid LTI response 
An invalid XML response may be returned if the LTI provider is unavailable and cannot handle our request. We decided against logging in Sentry as this affects a third party functionality we cannot fix ourselves.
Fixes CODEOCEAN-G2
 2022-12-07 23:00:21 +01:00
Sebastian Serth
bc5baed05e Use exec_query for custom SQL execution 
Also align how we use query Postgres from controllers.

The change is mainly due to regular (but not reproducible) issues with the `intervalstyle` defaulting to `postgres` (instead of `iso8601`) and thereby causing issues. We're just experimenting to see whether this change resolves the issue.
 2022-12-06 22:41:00 +01:00
Sebastian Serth
9977e1614b Allow external redirect for render host and LTI 
We only use the `launch_presentation_return_url` provided to the @provider, in order to prevent using an open redirect.
 2022-12-05 22:38:13 +01:00
Sebastian Serth
b7a3fd4586 Refactor exercise statistics to use convert times in Ruby 2022-12-05 21:59:34 +01:00
dependabot[bot]
90b30e2bf7 Upgrade to Rails 7.0 and apply new framework defaults 
* Remove `send_stream` method pulled in before upgrading Rails
* Remove spring, it is no longer included by default for new apps
* Remove deprecated options from environments
* Remove old asset paths and workarounds no longer needed
* Remove unnecessary `OAUTH_10_SUPPORT` const, LTI still uses OAuth 1.0
* Dump schema with new defaults (and specify precision for timestamps where needed)
 2022-12-04 15:21:59 +01:00
Sebastian Serth
574e99eddd Fix rubocop offenses - Requires Ruby 3.1+ 2022-11-25 11:10:06 +01:00
Sebastian Serth
dfbf06274c Specify class for html_escape 2022-11-24 17:16:18 +01:00
Sebastian Serth
ab688e09c0 Execute SQL statement in ping controller 2022-11-21 14:52:11 +01:00
Sebastian Serth
25707478ea Require user for Community Solution 
Fixes CODEOCEAN-F7
 2022-11-21 10:48:08 +01:00
Sebastian Serth
b6cecf53aa Pundit: Skip authorization in case of errors 
Fixes CODEOCEAN-F3
 2022-11-17 21:37:45 +01:00
Sebastian Serth
b2af4e0663 Check submission and exercise files when filtering downloads 2022-11-17 20:47:33 +01:00
Sebastian Serth
591f776f69 Close WebSocket connection normally 
With Tubesock, we need to send a close frame ourselves. Otherwise, some browsers might display a warning.
 2022-11-16 23:16:49 +01:00
Sebastian Serth
0950e626ba Convert message data to string before slicing 
Fixes CODEOCEAN-F1
 2022-11-16 19:53:19 +01:00
Sebastian Serth
55d7fb2f9a Download file: Return after rendering NotAuthorized Error 
Fixes CODEOCEAN-ET
 2022-11-14 18:21:35 +01:00
Sebastian Serth
d50e6d30e9 List Files: Catch more Runner::Errors 2022-11-14 13:51:04 +01:00
Sebastian Serth
60f8d9809b Catch error in LiveStreams Controller to avoid concurrency issue 2022-11-10 12:00:56 +01:00
Sebastian Serth
de024d9360 Set Content-Type to fixed value for send_runner_file 2022-11-04 16:52:49 +01:00
Sebastian Serth
4f0b8c3c42 Reduce usage of @current_user (use helper instead) 2022-11-02 12:27:38 +01:00
Sebastian Serth
58548555a5 Shell: Add file system browser to retrieve arbitrary files 2022-10-29 18:49:18 +02:00
Sebastian Serth
60078701f5 Editor: Allow file retrieval after code run 2022-10-29 18:49:18 +02:00
Sebastian Serth
eefe3faa13 Re-apply default group when external user signs out 2022-10-27 17:06:04 +02:00
Sebastian Serth
f45fad71dd Add early return support for authentication 2022-10-27 16:14:18 +02:00
Sebastian Serth
dd1f4b0ac8 Merge pull request #939 from openHPI/refactor_proforma_import_export 
Refactor Proforma Import/Export
 2022-10-26 17:58:48 +02:00
Sebastian Serth
c75f52f2c8 Fix Rubocop offenses 2022-10-24 12:28:50 +02:00
Sebastian Serth
df384ebf0d Disallow protected upload paths for non-native files 
Fixes CODEOCEAN-E0
 2022-10-06 00:11:27 +02:00
Sebastian Serth
61e3cfcac5 Handle deleted files in CodeOcean::FilesController 
Fixes CODEOCEAN-E2
 2022-10-06 00:10:52 +02:00
Sebastian Serth
f7515362a1 Set Content-Type to fixed value for all download actions 2022-10-05 21:46:17 +02:00
Sebastian Serth
42688ed1c9 Prefer authentication token for session if present 2022-10-05 21:34:19 +02:00
Sebastian Serth
2d95a737f6 Assume failed code execution if no status was received 2022-10-04 16:08:10 +02:00
Sebastian Serth
b8b7cd99bd SubmissionsController: Allow JS to be "rendered" 
We skip verifying the authenticity token for the action, to prevent raising a `ActionController::InvalidCrossOriginRequest` exception.
 2022-10-04 16:06:59 +02:00
Sebastian Serth
ca13ea03c8 SubmissionsController: Send Content-Length if possible 2022-10-04 16:06:59 +02:00
Sebastian Serth
c3daa51c8c SubmissionsController: Remove outdated ActionController::Live mixin 
The mixin was previously used for Server-Sent-Events, which were removed from CodeOcean a long time ago.
After the mixin is removed, we can also fix the cookie send mechanism (this was erroneous with the mixin).
 2022-10-04 16:06:58 +02:00
Sebastian Serth
f53c6cb3ee Shell: Add toggle to execute command as root 2022-10-04 16:06:58 +02:00
Sebastian Serth
3263d4f838 Respect subpath for (render_)protected_upload_path 2022-09-28 11:06:15 +02:00
Sebastian Serth
f73917313d Add reminder about path validation for protected download and render 2022-09-25 01:12:48 +02:00
Sebastian Serth
eb188dcd71 Add privilegedExecution flag to database and Poseidon Strategy 2022-09-24 22:32:41 +02:00
Karol
b866221353 rename route 2022-09-24 21:08:18 +02:00
Sebastian Serth
16c00ec136 Add support for signed URLs used by the render_file function 2022-09-23 21:35:22 +02:00
Sebastian Serth
5881795d5f Memorize config options instead of reading them from file over and over again 2022-09-23 21:35:22 +02:00
Sebastian Serth
0e7c38657f Allow teachers to access internal users and manage them in their study groups 2022-09-22 19:24:26 +02:00
Sebastian Serth
ac3dc8d30f Allow platform admins and internal users to switch their current study group 2022-09-22 19:24:26 +02:00
Sebastian Serth
4d2fe22daf Allow assignment of study groups for internal users 2022-09-22 19:24:26 +02:00
Sebastian Serth
02c65af034 Update scope query for new teacher definition 2022-09-22 19:24:26 +02:00
Sebastian Serth
936c11e31f Refactor authentication token for new study-group-based authorization 2022-09-22 19:24:26 +02:00
Sebastian Serth
9c9f45ff77 Redefine user roles with their role in a study group 2022-09-22 19:24:26 +02:00