Previously, the filename was URL-encoded, thus each / was replaced with %2F. This caused issues with some Apache2 configuration, smartly mingling with the URL to either encode it a second time (resulting in %252F) or decoding it (generating a real /). However, for authenticated file downloads with the JWT, we hardly require a byte-by-byte matching. With these changes, the URL parameter is no longer URL-encoded, so that Apache2 won't break our implementation any longer.
Further, we use this opportunity to get rid of the unnecessary .json extension for those filename routes, simplifying the routes generated and doing some further cleanup.
Previously, the same runner could be used multiple times with different submissions simultaneously. This, however, yielded errors, for example when one submission time oud (causing the running to be deleted) while another submission was still executed.
Admin actions, such as the shell, can be still executed regardless of any other code execution.
Fixes CODEOCEAN-HG
FixesopenHPI/poseidon#423
When a file cannot be retrieved any longer, we send a redirect to the previous locations. As we usually enable a different render host, Rails sees this redirect as a redirect to another host (from the render host to the main CodeOcean host).
* Remove `send_stream` method pulled in before upgrading Rails
* Remove spring, it is no longer included by default for new apps
* Remove deprecated options from environments
* Remove old asset paths and workarounds no longer needed
* Remove unnecessary `OAUTH_10_SUPPORT` const, LTI still uses OAuth 1.0
* Dump schema with new defaults (and specify precision for timestamps where needed)