codeocean

Author	SHA1	Message	Date
Sebastian Serth	b0130b8fae	Remove overwrite for X-Frame-Options * With current third-party-cookies being blocked by modern browsers, CodeOcean won't work in an iFrame anyway.	2022-09-06 11:21:37 +02:00
Sebastian Serth	5b73f4df6f	Refactor render_file method * We simplify the send_data call, * ensure to set the correct header, and * prevent our custom MIME type detection	2022-09-06 11:21:33 +02:00
Sebastian Serth	b6d8c7175b	Disallow any external resources for :render_file	2022-09-06 11:20:57 +02:00
Sebastian Serth	a2bb2844b4	Add a Content Security Policy	2022-09-06 11:20:57 +02:00
Sebastian Serth	0a16f589e9	Use X-Sendfile to transmit native files and handle file uploads	2022-09-06 01:21:40 +02:00
Sebastian Serth	dccc60b7ca	Remove `renderWebsocketOutput` and use `printWebsocketOutput` instead * The `render` command is not used much * Originally added with commit `898074be3f` * The `#render` anchor (see findOrCreateRenderElement) was the "Render" button above the editor, nothing was rendered at all if executing code and otherwise it would be included _within_ the button.	2022-09-04 23:12:46 +02:00
Sebastian Serth	e5d8db2796	Return propper error for anonymous users in exercises_controller * not_authorized_for_exercise was not checking for a current_user Fixes CODEOCEAN-C4	2022-09-04 19:13:08 +02:00
Sebastian Serth	1581d658ea	Simplify user search for external teachers	2022-09-04 19:03:15 +02:00
Sebastian Serth	fbe80ac557	Ensure min-height for left and right sidebar in editor	2022-09-04 11:48:53 +02:00
Sebastian Serth	22cd202e9d	Refactor reject_illegal_file_attributes check * Improve readability of method * Add a new check for the author of a submission	2022-09-04 11:42:36 +02:00
Sebastian Serth	b67daedfc9	Remove dead code from ProxyExercise	2022-09-04 00:05:38 +02:00
Sebastian Serth	49f4f0e6c5	Refactor exercise_controller and move more checks to policy * We introduce a custom handler for Pundit::NotAuthorizedError	2022-09-04 00:05:13 +02:00
Sebastian Serth	0de213b8c7	Pagedown: Use default sanitizer for preview	2022-09-03 22:50:30 +02:00
Sebastian Serth	e00d1772ca	Disallow markup for RfC emails	2022-09-02 18:14:14 +02:00
Sebastian Serth	9050f02b7a	Add additional test case for new CodeOcean::File#read method	2022-09-02 17:52:24 +02:00
Janis Vaneylen	b6837e9539	Refactor validity of token authentication	2022-09-02 16:56:19 +02:00
Janis Vaneylen	e77223e628	Refactor send_thank_you_note method and according specs	2022-09-02 16:56:19 +02:00
Sebastian Serth	60dc8c3b7e	Apply line-based coloring for output	2022-09-02 16:56:18 +02:00
Sebastian Serth	ffd7a0351a	Improve display of images for code output	2022-08-25 20:13:22 +02:00
Sebastian Serth	4de77ca3f5	Improve get_quantiles method for exercise	2022-08-25 18:14:23 +02:00
Sebastian Serth	bdebcf319e	Allow access to user statistics for teachers Fixes CODEOCEAN-BV	2022-08-25 18:14:10 +02:00
Sebastian Serth	b3f9a1ec90	Allow line breaks in feedback texts	2022-08-25 00:31:32 +02:00
Sebastian Serth	6dcccd324b	Show feedback without rendering Markdown * We do not instruct learners how to write Markdown, this might yield to an unexpected rendering	2022-08-25 00:23:08 +02:00
Sebastian Serth	35dd745a29	Use final submission for exercise feedback * Also, check for required permission	2022-08-24 23:56:34 +02:00
Sebastian Serth	f4d350577a	Fix exercise search for teachers	2022-08-24 23:39:42 +02:00
Sebastian Serth	7da08d2990	Fix typo for working_time_query	2022-08-24 23:29:49 +02:00
Sebastian Serth	309956e472	Remove NULL byte before saving strings	2022-08-24 13:06:53 +02:00
Sebastian Serth	c8c3a5bf95	Fix external user statistics for tags	2022-08-24 12:16:38 +02:00
Janis4411	e0c2c7b806	Hide score button if exercise has no tests We check for all teacher-defined assessments (linter and unit tests) to determine whether scoring should be possible	2022-08-22 17:51:57 +02:00
Sebastian Serth	6208d8b7ea	Fix study_group index page	2022-08-20 10:46:33 +02:00
Sebastian Serth	32413058d6	Add consumer ID to ransack filter	2022-08-20 10:41:02 +02:00
Sebastian Serth	166aa3cc6f	Remove Ransack from Exercise edit for tags * Also improve Ransack usage of attributes and associations	2022-08-20 01:33:00 +02:00
Sebastian Serth	83feb67dd5	Update find method for study group in RfC index	2022-08-20 00:58:12 +02:00
Sebastian Serth	c228850ae8	Update find method	2022-08-20 00:37:48 +02:00
Sebastian Serth	6927b57170	Update Study Group Dashboard and Statistics	2022-08-20 00:05:02 +02:00
Sebastian Serth	d762f976a8	Add new CodeOcean::File#read method * With a new method, we can simplify our code to handle differences between file.content and file.native_file.read	2022-08-19 22:42:55 +02:00
Sebastian Serth	a9aab612b6	Extract updating the user role from params	2022-08-18 21:44:26 +02:00
Sebastian Serth	acc07ffa5d	Disallow leading / in zip archives	2022-08-18 16:45:15 +02:00
Sebastian Serth	3248bd74d1	Fix authorization for communitySolutionsIndex	2022-08-18 16:28:10 +02:00
Sebastian Serth	145c4aa8d5	Refactor various ruby files * Insights based on brakeman report	2022-08-18 15:25:04 +02:00
Sebastian Serth	cb0f30768f	Change HTTP links to HTTPS	2022-08-17 01:29:27 +02:00
Sebastian Serth	01f6b0d16e	Reduce skip_before_action usage	2022-08-17 00:54:20 +02:00
Sebastian Serth	0e96bc79c4	Conditionally show file tree	2022-08-16 23:27:39 +02:00
Sebastian Serth	73b3b8a159	Hide border for disabled (unstyled) button btn-default is a non-bootstrap class	2022-08-16 18:28:57 +02:00
Sebastian Serth	b9357bb9c7	Fix warning message for sync_to_runner_management	2022-08-16 18:18:24 +02:00
Sebastian Serth	0b68f1309d	Fix FontAwesome class after FA v6 upgrade	2022-08-15 23:25:24 +02:00
Sebastian Serth	7d0c3aef4f	Show current submission for exercise statistics	2022-08-15 23:24:15 +02:00
Sebastian Serth	a56b61d4bc	Migrate sorttable to NPM package	2022-08-13 00:38:53 +02:00
Sebastian Serth	3ffff77fd1	Fix comment for bootstrap in application.js	2022-08-13 00:38:07 +02:00
Sebastian Serth	6dd64b2a74	Remove outdated URL polyfill	2022-08-13 00:37:21 +02:00

1 2 3 4 5 ...

1991 Commits