htwkmooc/codeocean
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,420 Commits 2 Branches 0 Tags
f23a1a95badd5b243c9f4aed1fafdf14dd1cc838
Commit Graph

830 Commits

Author SHA1 Message Date
Sebastian Serth
9c3392b324 Add consumer-based RfC Visibility settings 
This setting will be useful to increase data protection, where users might not be allowed to see RfCs from other contexts.
 2023-02-20 23:47:06 +01:00
Sebastian Serth
40c7a50834 Directly use ActiveRecord object instead of ID 
This change will improve the performance by reducing unnecessary SELECT queries.
 2023-02-18 19:28:26 +01:00
Sebastian Serth
6465404ebe Set sentry context after logging in 2023-02-18 19:27:46 +01:00
Sebastian Serth
9c3ec3c7ff Refactor submission scoring and testing 
* Properly cancel code execution if running is prohibited
* Correctly monitor duration with Sentry
* Align methods with running submissions
 2023-02-17 18:13:48 +01:00
Sebastian Serth
a1ec4579fe Properly cancel code execution if running is prohibited 2023-02-17 18:13:48 +01:00
Sebastian Serth
326b5fce51 Allow assigning tips during exercise create 
Fixes CODEOCEAN-H6
 2023-02-16 11:23:52 +01:00
Sebastian Serth
e9cf79085a Refactor listing files to be independent of exiting runners 
Previously, we were always fetching files, even if not required (e.g., for score runs). Now, we reduce the number of file listings and use a dedicated callback.
 2023-02-16 10:50:01 +01:00
Sebastian Serth
91c2e14fe8 Fix error handling during Runner::Connection close 
Closes CODEOCEAN-HQ
 2023-02-16 10:47:28 +01:00
Sebastian Serth
596a04b9da Handle ReadTimeouts for LTI consumer properly 2023-02-16 10:12:05 +01:00
Sebastian Serth
04504973ba Adjust Sentry's user context 2023-02-03 00:16:52 +01:00
Sebastian Serth
234a4fe02b Deny /implement without execution environment 
Also, fix a smaller typo in the locales
 2023-01-20 23:53:08 +01:00
Sebastian Serth
2679f5fa56 Allow random selection for ProxyExercise 2023-01-20 21:02:20 +01:00
Sebastian Serth
fcc6d69982 Fix percentage value display for remote score 2023-01-12 18:50:50 +01:00
Sebastian Serth
87771b905a Fix rubocop offenses 2023-01-11 23:57:29 +01:00
Sebastian Serth
6a942ccf50 Capture exception for Scoring 
Previously, an exception was caused by the tubesock gem but not sent to Sentry. This caused errors not to bubble up correctly but rather kill the current thread, leaving the user with a generic "WebSocket connection not established" message.

Probably, this should be removed when updating the WebSocket implementation.
 2022-12-23 13:04:34 +01:00
Sebastian Serth
7cd61acbce I18n: Automatically choose locale through HTTP header 2022-12-20 10:26:32 +01:00
Sebastian Serth
8a6e0a8366 Catch empty files_json during conversion 2022-12-19 16:11:35 +01:00
Sebastian Serth
17356c3045 Allow redirect to main CodeOcean host 
When a file cannot be retrieved any longer, we send a redirect to the previous locations. As we usually enable a different render host, Rails sees this redirect as a redirect to another host (from the render host to the main CodeOcean host).
 2022-12-19 16:06:47 +01:00
Sebastian Serth
bec235c8d6 Fix XML parsing with invalid LTI response 
An invalid XML response may be returned if the LTI provider is unavailable and cannot handle our request. We decided against logging in Sentry as this affects a third party functionality we cannot fix ourselves.
Fixes CODEOCEAN-G2
 2022-12-07 23:00:21 +01:00
Sebastian Serth
bc5baed05e Use exec_query for custom SQL execution 
Also align how we use query Postgres from controllers.

The change is mainly due to regular (but not reproducible) issues with the `intervalstyle` defaulting to `postgres` (instead of `iso8601`) and thereby causing issues. We're just experimenting to see whether this change resolves the issue.
 2022-12-06 22:41:00 +01:00
Sebastian Serth
9977e1614b Allow external redirect for render host and LTI 
We only use the `launch_presentation_return_url` provided to the @provider, in order to prevent using an open redirect.
 2022-12-05 22:38:13 +01:00
Sebastian Serth
b7a3fd4586 Refactor exercise statistics to use convert times in Ruby 2022-12-05 21:59:34 +01:00
dependabot[bot]
90b30e2bf7 Upgrade to Rails 7.0 and apply new framework defaults 
* Remove `send_stream` method pulled in before upgrading Rails
* Remove spring, it is no longer included by default for new apps
* Remove deprecated options from environments
* Remove old asset paths and workarounds no longer needed
* Remove unnecessary `OAUTH_10_SUPPORT` const, LTI still uses OAuth 1.0
* Dump schema with new defaults (and specify precision for timestamps where needed)
 2022-12-04 15:21:59 +01:00
Sebastian Serth
574e99eddd Fix rubocop offenses - Requires Ruby 3.1+ 2022-11-25 11:10:06 +01:00
Sebastian Serth
dfbf06274c Specify class for html_escape 2022-11-24 17:16:18 +01:00
Sebastian Serth
ab688e09c0 Execute SQL statement in ping controller 2022-11-21 14:52:11 +01:00
Sebastian Serth
25707478ea Require user for Community Solution 
Fixes CODEOCEAN-F7
 2022-11-21 10:48:08 +01:00
Sebastian Serth
b6cecf53aa Pundit: Skip authorization in case of errors 
Fixes CODEOCEAN-F3
 2022-11-17 21:37:45 +01:00
Sebastian Serth
b2af4e0663 Check submission and exercise files when filtering downloads 2022-11-17 20:47:33 +01:00
Sebastian Serth
591f776f69 Close WebSocket connection normally 
With Tubesock, we need to send a close frame ourselves. Otherwise, some browsers might display a warning.
 2022-11-16 23:16:49 +01:00
Sebastian Serth
0950e626ba Convert message data to string before slicing 
Fixes CODEOCEAN-F1
 2022-11-16 19:53:19 +01:00
Sebastian Serth
55d7fb2f9a Download file: Return after rendering NotAuthorized Error 
Fixes CODEOCEAN-ET
 2022-11-14 18:21:35 +01:00
Sebastian Serth
d50e6d30e9 List Files: Catch more Runner::Errors 2022-11-14 13:51:04 +01:00
Sebastian Serth
60f8d9809b Catch error in LiveStreams Controller to avoid concurrency issue 2022-11-10 12:00:56 +01:00
Sebastian Serth
de024d9360 Set Content-Type to fixed value for send_runner_file 2022-11-04 16:52:49 +01:00
Sebastian Serth
4f0b8c3c42 Reduce usage of @current_user (use helper instead) 2022-11-02 12:27:38 +01:00
Sebastian Serth
58548555a5 Shell: Add file system browser to retrieve arbitrary files 2022-10-29 18:49:18 +02:00
Sebastian Serth
60078701f5 Editor: Allow file retrieval after code run 2022-10-29 18:49:18 +02:00
Sebastian Serth
eefe3faa13 Re-apply default group when external user signs out 2022-10-27 17:06:04 +02:00
Sebastian Serth
f45fad71dd Add early return support for authentication 2022-10-27 16:14:18 +02:00
Sebastian Serth
dd1f4b0ac8 Merge pull request #939 from openHPI/refactor_proforma_import_export 
Refactor Proforma Import/Export
 2022-10-26 17:58:48 +02:00
Sebastian Serth
c75f52f2c8 Fix Rubocop offenses 2022-10-24 12:28:50 +02:00
Sebastian Serth
df384ebf0d Disallow protected upload paths for non-native files 
Fixes CODEOCEAN-E0
 2022-10-06 00:11:27 +02:00
Sebastian Serth
61e3cfcac5 Handle deleted files in CodeOcean::FilesController 
Fixes CODEOCEAN-E2
 2022-10-06 00:10:52 +02:00
Sebastian Serth
f7515362a1 Set Content-Type to fixed value for all download actions 2022-10-05 21:46:17 +02:00
Sebastian Serth
42688ed1c9 Prefer authentication token for session if present 2022-10-05 21:34:19 +02:00
Sebastian Serth
2d95a737f6 Assume failed code execution if no status was received 2022-10-04 16:08:10 +02:00
Sebastian Serth
b8b7cd99bd SubmissionsController: Allow JS to be "rendered" 
We skip verifying the authenticity token for the action, to prevent raising a `ActionController::InvalidCrossOriginRequest` exception.
 2022-10-04 16:06:59 +02:00
Sebastian Serth
ca13ea03c8 SubmissionsController: Send Content-Length if possible 2022-10-04 16:06:59 +02:00
Sebastian Serth
c3daa51c8c SubmissionsController: Remove outdated ActionController::Live mixin 
The mixin was previously used for Server-Sent-Events, which were removed from CodeOcean a long time ago.
After the mixin is removed, we can also fix the cookie send mechanism (this was erroneous with the mixin).
 2022-10-04 16:06:58 +02:00