def test_not_admin_view_details_with_contests(self): """Test if non-admin can view details when there are contests""" # during the contest, only contest owner/coowner can view detail # 1. judge/subjudge can view all contest detail (as a contest owner/coowner) submissions = Submission.objects.filter(problem=self.contest_problem) submissions = submissions.exclude(user=self.admin) for submission in submissions: can_show = show_detail(submission, self.judge) self.assertEqual(can_show, True) for submission in submissions: can_show = show_detail(submission, self.subjudge) self.assertEqual(can_show, True) # on the other hand, other details can't be seen for submission in self.submissionComplement(submissions): can_show = show_detail(submission, self.judge) self.assertEqual(can_show, False) for submission in self.submissionComplement(submissions): can_show = show_detail(submission, self.subjudge) self.assertEqual(can_show, False) # 2. user can't see any detail submissions = Submission.objects.all() for submission in submissions: can_show = show_detail(submission, self.user) self.assertEqual(can_show, False)
def view_code(request, sid): try: submission = Submission.objects.get(id=sid) filename = '%s.%s' % (sid, get_extension(submission.language)) if show_detail(submission, request.user): f = open('%s%s' % (CodeSubmitForm.SUBMIT_PATH, filename), 'r') code = f.read() f.close() codesubmitform = CodeSubmitForm( initial={ 'code': code, 'pid': submission.problem.id, 'language': submission.language }) problem_name = str(submission.problem) return render_index(request, 'users/submit.html', { 'form': codesubmitform, 'problem_name': problem_name }) else: logger.warning('User %s attempt to view detail of SID %s' % (request.user, sid)) raise PermissionDenied( "You don't have permission to view detail of SID %s" % sid) except Submission.DoesNotExist: logger.warning('SID %s Not Found!' % sid) raise Http404('SID %s Not Found!' % sid) except IOError: logger.warning('File %s Not Found!' % filename) raise Http404('File %s Not Found!' % filename)
def error_message(request, sid): try: submission = Submission.objects.get(id=sid) error_msg = submission.error_msg if show_detail(submission, request.user): return render_index(request, 'status/errorMessage.html', {'error_message': error_msg}) else: logger.warning('User %s attempt to view detail of SID %s' % (request.user, sid)) raise PermissionDenied("You don't have permission to view detail of SID %s" % sid) except Submission.DoesNotExist: logger.warning('SID %s Not Found!' % sid) raise Http404('SID %s Not Found!' % sid)
def test_not_admin_view_details_without_contests(self): """Test if non-admin can view details when there are no contests""" # delete all contests Contest.objects.all().delete() # all submissions exclude admin's all_submissions = Submission.objects.all().exclude(user=self.admin) all_problems = Problem.objects.all() # 1. one can see his own detail for submission in all_submissions: can_show = show_detail(submission, submission.user) self.assertEqual(can_show, True) # 2. problem owner can see all detail in his problem for problem in all_problems: submissions = all_submissions.filter(problem=problem) user = User.objects.get(username=problem.owner_id) for submission in submissions: can_show = show_detail(submission, user) self.assertEqual(can_show, True) # 3. team member can see all detail when submitted as team # create a team with subjudge as leader and user as member team = Team.objects.create(team_name='test_team', leader=self.subjudge) TeamMember.objects.create(team=team, member=self.user) # both subjudge and user submit as team subjudge_submission = Submission.objects.create( problem=self.admin_problem, user=self.subjudge, team=team) user_submission = Submission.objects.create( problem=self.admin_problem, user=self.user, team=team) # can see each others' detail can_show = show_detail(subjudge_submission, self.user) self.assertEqual(can_show, True) can_show = show_detail(user_submission, self.subjudge) self.assertEqual(can_show, True)
def error_message(request, sid): try: submission = Submission.objects.get(id=sid) error_msg = submission.error_msg if show_detail(submission, request.user): return render_index(request, 'status/errorMessage.html', {'error_message': error_msg}) else: logger.warning('User %s attempt to view detail of SID %s' % (request.user, sid)) raise PermissionDenied( "You don't have permission to view detail of SID %s" % sid) except Submission.DoesNotExist: logger.warning('SID %s Not Found!' % sid) raise Http404('SID %s Not Found!' % sid)
def view_code(request, sid): try: submission = Submission.objects.get(id=sid) filename = '%s.%s' % (sid, get_extension(submission.language)) if show_detail(submission, request.user): f = open('%s%s' % (CodeSubmitForm.SUBMIT_PATH, filename), 'r') code = f.read() f.close() codesubmitform = CodeSubmitForm( initial={'code': code, 'pid': submission.problem.id, 'language': submission.language}) problem_name = str(submission.problem) return render_index(request, 'users/submit.html', {'form': codesubmitform, 'problem_name': problem_name}) else: logger.warning('User %s attempt to view detail of SID %s' % (request.user, sid)) raise PermissionDenied("You don't have permission to view detail of SID %s" % sid) except Submission.DoesNotExist: logger.warning('SID %s Not Found!' % sid) raise Http404('SID %s Not Found!' % sid) except IOError: logger.warning('File %s Not Found!' % filename) raise Http404('File %s Not Found!' % filename)
def test_admin_view_details(self): """Test if admin can view everyone's details""" submissions = Submission.objects.all() for submission in submissions: can_show = show_detail(submission, self.admin) self.assertEqual(can_show, True)