/** * Validate requests for grader apis * * @param Request $r * @throws ForbiddenAccessException */ private static function validateRequest(Request $r) { self::authenticateRequest($r); if (!Authorization::IsSystemAdmin($r['current_user_id'])) { throw new ForbiddenAccessException(); } }
/** * * @param Request $r * @return array * @throws ForbiddenAccessException */ public static function apiGenerateOmiUsers(Request $r) { self::authenticateRequest($r); $response = array(); $is_system_admin = Authorization::IsSystemAdmin($r['current_user_id']); if ($r['contest_type'] == 'OMI') { if (!$is_system_admin) { throw new ForbiddenAccessException(); } // Arreglo de estados de MX $keys = array('OMI2015-AGU' => 4, 'OMI2015-BCN' => 4, 'OMI2015-BCS' => 4, 'OMI2015-CAM' => 4, 'OMI2015-COA' => 4, 'OMI2015-COL' => 4, 'OMI2015-CHP' => 4, 'OMI2015-CHH' => 8, 'OMI2015-DIF' => 4, 'OMI2015-DUR' => 4, 'OMI2015-GUA' => 4, 'OMI2015-GRO' => 4, 'OMI2015-HID' => 4, 'OMI2015-JAL' => 4, 'OMI2015-MEX' => 4, 'OMI2015-MIC' => 4, 'OMI2015-MOR' => 4, 'OMI2015-NAY' => 4, 'OMI2015-NLE' => 4, 'OMI2015-OAX' => 4, 'OMI2015-PUE' => 4, 'OMI2015-QUE' => 4, 'OMI2015-ROO' => 4, 'OMI2015-SLP' => 4, 'OMI2015-SIN' => 4, 'OMI2015-SON' => 4, 'OMI2015-TAB' => 4, 'OMI2015-TAM' => 4, 'OMI2015-TLA' => 4, 'OMI2015-VER' => 4, 'OMI2015-YUC' => 4, 'OMI2015-ZAC' => 4, 'OMI2015-INV' => 4); } elseif ($r['contest_type'] == 'OMIPS') { if ($r['current_user']->getUsername() != 'andreasantillana' && !$is_system_admin) { throw new ForbiddenAccessException(); } $keys = array('OMIPS2015-P' => 25, 'OMIPS2015-S' => 25); } elseif ($r['contest_type'] == 'ORIG') { if ($r['current_user']->getUsername() != 'kuko.coder' && !$is_system_admin) { throw new ForbiddenAccessException(); } $keys = array('ORIG1516-CEL' => 38, 'ORIG1516-DHI' => 15, 'ORIG1516-GTO' => 14, 'ORIG1516-IRA' => 37, 'ORIG1516-PEN' => 22, 'ORIG1516-LEO' => 43, 'ORIG1516-SLP' => 14, 'ORIG1516-SLV' => 14, 'ORIG1516-URI' => 17, 'ORIG1516-VDS' => 15); } elseif ($r['contest_type'] == 'OMIAGS') { if ($r['current_user']->getUsername() != 'andreasantillana' && !$is_system_admin) { throw new ForbiddenAccessException(); } $keys = array('OMIAGS' => 35); } elseif ($r['contest_type'] == 'OSI') { if ($r['current_user']->getUsername() != 'cope_quintana' && !$is_system_admin) { throw new ForbiddenAccessException(); } $keys = array('OSI16' => 120); } elseif ($r['contest_type'] == 'UNAMFC') { if ($r['current_user']->getUsername() != 'manuelalcantara52' && $r['current_user']->getUsername() != 'manuel52' && !$is_system_admin) { throw new ForbiddenAccessException(); } $keys = array('UNAMFC15' => 30); } elseif ($r['contest_type'] == 'OVI') { if ($r['current_user']->getUsername() != 'covi.academico' && !$is_system_admin) { throw new ForbiddenAccessException(); } $keys = array('OVI15' => 200); } else { throw new InvalidParameterException('parameterNotInExpectedSet', 'contest_type', array('bad_elements' => $r['contest_type'], 'expected_set' => 'OMI, OMIAGS, ORIG, OSI, OVI')); } self::$permissionKey = $r['permission_key'] = self::randomString(32); foreach ($keys as $k => $n) { $digits = floor(log10($n) + 1); for ($i = 1; $i <= $n; $i++) { $username = $k . '-' . str_pad($i, $digits, '0', STR_PAD_LEFT); $password = self::randomString(8); if (self::omiPrepareUser($r, $username, $password)) { $response[$username] = $password; } // Add user to contest if needed if (!is_null($r['contest_alias'])) { $addUserRequest = new Request(); $addUserRequest['auth_token'] = $r['auth_token']; $addUserRequest['usernameOrEmail'] = $username; $addUserRequest['contest_alias'] = $r['contest_alias']; ContestController::apiAddUser($addUserRequest); } } } return $response; }
/** * Validator for List API * * @param Request $r * @throws ForbiddenAccessException * @throws InvalidDatabaseOperationException * @throws NotFoundException */ private static function validateList(Request $r) { // Defaults for offset and rowcount if (!isset($r['offset'])) { $r['offset'] = 0; } if (!isset($r['rowcount'])) { $r['rowcount'] = 100; } if (!Authorization::IsSystemAdmin($r['current_user_id'])) { throw new ForbiddenAccessException('userNotAllowed'); } Validators::isNumber($r['offset'], 'offset', false); Validators::isNumber($r['rowcount'], 'rowcount', false); Validators::isInEnum($r['status'], 'status', array('new', 'waiting', 'compiling', 'running', 'ready'), false); Validators::isInEnum($r['verdict'], 'verdict', array('AC', 'PA', 'WA', 'TLE', 'MLE', 'OLE', 'RTE', 'RFE', 'CE', 'JE', 'NO-AC'), false); // Check filter by problem, is optional if (!is_null($r['problem_alias'])) { Validators::isStringNonEmpty($r['problem_alias'], 'problem'); try { $r['problem'] = ProblemsDAO::getByAlias($r['problem_alias']); } catch (Exception $e) { // Operation failed in the data layer throw new InvalidDatabaseOperationException($e); } if (is_null($r['problem'])) { throw new NotFoundException('problemNotFound'); } } Validators::isInEnum($r['language'], 'language', array('c', 'cpp', 'cpp11', 'java', 'py', 'rb', 'pl', 'cs', 'pas', 'kp', 'kj', 'cat', 'hs'), false); // Get user if we have something in username if (!is_null($r['username'])) { try { $r['user'] = UserController::resolveUser($r['username']); } catch (NotFoundException $e) { // If not found, simply ignore it $r['username'] = null; $r['user'] = null; } } }
public static function getCurrentSession(Request $r) { $authToken = $r['auth_token']; if (is_null($authToken)) { return array('valid' => false, 'id' => null, 'name' => null, 'username' => null, 'email' => null, 'email_md5' => null, 'auth_token' => null, 'is_admin' => false, 'login_url' => '/login/'); } $vo_CurrentUser = AuthTokensDAO::getUserByToken($authToken); if (is_null($vo_CurrentUser)) { // Means user has auth token, but at // does not exist in DB return array('valid' => false, 'id' => null, 'name' => null, 'username' => null, 'email' => null, 'email_md5' => null, 'auth_token' => null, 'is_admin' => false, 'login_url' => '/login/'); } // Get email via his id $vo_Email = EmailsDAO::getByPK($vo_CurrentUser->getMainEmailId()); $_SESSION['omegaup_user'] = array('name' => $vo_CurrentUser->getUsername(), 'email' => !is_null($vo_Email) ? $vo_Email->getEmail() : ''); return array('valid' => true, 'id' => $vo_CurrentUser->getUserId(), 'name' => $vo_CurrentUser->getName(), 'email' => !is_null($vo_Email) ? $vo_Email->getEmail() : '', 'email_md5' => !is_null($vo_Email) ? md5($vo_Email->getEmail()) : '', 'user' => $vo_CurrentUser, 'username' => $vo_CurrentUser->getUsername(), 'auth_token' => $authToken, 'is_email_verified' => $vo_CurrentUser->getVerified(), 'is_admin' => Authorization::IsSystemAdmin($vo_CurrentUser->getUserId()), 'private_contests_count' => ContestsDAO::getPrivateContestsCount($vo_CurrentUser), 'private_problems_count' => ProblemsDAO::getPrivateCount($vo_CurrentUser), 'needs_basic_info' => $vo_CurrentUser->getPassword() == null); }
/** * Validator for List API * * @param Request $r * @throws ForbiddenAccessException * @throws InvalidDatabaseOperationException * @throws NotFoundException */ private static function validateList(Request $r) { // Defaults for offset and rowcount if (!isset($r["offset"])) { $r["offset"] = 0; } if (!isset($r["rowcount"])) { $r["rowcount"] = 100; } if (!Authorization::IsSystemAdmin($r["current_user_id"])) { throw new ForbiddenAccessException("userNotAllowed"); } Validators::isNumber($r["offset"], "offset", false); Validators::isNumber($r["rowcount"], "rowcount", false); Validators::isInEnum($r["status"], "status", array('new', 'waiting', 'compiling', 'running', 'ready'), false); Validators::isInEnum($r["verdict"], "verdict", array("AC", "PA", "WA", "TLE", "MLE", "OLE", "RTE", "RFE", "CE", "JE", "NO-AC"), false); // Check filter by problem, is optional if (!is_null($r["problem_alias"])) { Validators::isStringNonEmpty($r["problem_alias"], "problem"); try { $r["problem"] = ProblemsDAO::getByAlias($r["problem_alias"]); } catch (Exception $e) { // Operation failed in the data layer throw new InvalidDatabaseOperationException($e); } if (is_null($r["problem"])) { throw new NotFoundException("problemNotFound"); } } Validators::isInEnum($r["language"], "language", array('c', 'cpp', 'cpp11', 'java', 'py', 'rb', 'pl', 'cs', 'pas', 'kp', 'kj', 'cat', 'hs'), false); // Get user if we have something in username if (!is_null($r["username"])) { try { $r["user"] = UserController::resolveUser($r["username"]); } catch (NotFoundException $e) { // If not found, simply ignore it $r["username"] = null; $r["user"] = null; } } }
/** * Given a contest_alias, sets the recommended flag on/off. * Only omegaUp admins can call this API. * * @param Request $r * @return array */ public static function apiSetRecommended(Request $r) { self::authenticateRequest($r); if (!Authorization::IsSystemAdmin($r['current_user_id'])) { throw new ForbiddenAccessException('userNotAllowed'); } // Validate & get contest_alias try { $r['contest'] = ContestsDAO::getByAlias($r['contest_alias']); } catch (Exception $e) { throw new InvalidDatabaseOperationException($e); } if (is_null($r['contest'])) { throw new NotFoundException('contestNotFound'); } // Validate value param Validators::isInEnum($r['value'], 'value', array('0', '1')); $r['contest']->recommended = $r['value']; try { ContestsDAO::save($r['contest']); } catch (Exception $e) { throw new InvalidDatabaseOperationException($e); } return array('status' => 'ok'); }
/** * Given a contest_alias and user_id, returns the role of the user within * the context of a contest. * * @param Request $r * @return array */ public static function apiRole(Request $r) { try { if ($r['contest_alias'] == 'all-events') { self::authenticateRequest($r); if (Authorization::IsSystemAdmin($r['current_user_id'])) { return array('status' => 'ok', 'admin' => true); } } self::validateDetails($r); return array('status' => 'ok', 'admin' => $r['contest_admin']); } catch (Exception $e) { self::$log->error("Error getting role: " . $e); return array('status' => 'error', 'admin' => false); } }
/** * * Gets a list of problems where current user is the owner * * @param Request $r */ public static function apiMyList(Request $r) { self::authenticateRequest($r); self::validateList($r); $response = array(); $response['results'] = array(); try { $problems = null; if (Authorization::IsSystemAdmin($r['current_user_id'])) { $problems = ProblemsDAO::getAll(null, null, 'problem_id', 'DESC'); } else { $problem_mask = new Problems(array('author_id' => $r['current_user_id'])); $problems = ProblemsDAO::search($problem_mask, 'problem_id', 'DESC', $r['offset'], $r['rowcount']); } foreach ($problems as $problem) { $problemArray = $problem->asArray(); $problemArray['tags'] = ProblemsDAO::getTagsForProblem($problem, false); array_push($response['results'], $problemArray); } } catch (Exception $e) { throw new InvalidDatabaseOperationException($e); } $response['status'] = 'ok'; return $response; }
/** * * @param Request $r * @return array * @throws ForbiddenAccessException */ public static function apiGenerateOmiUsers(Request $r) { self::authenticateRequest($r); $response = array(); if ($r["contest_type"] == "OMI") { if (!Authorization::IsSystemAdmin($r["current_user_id"])) { throw new ForbiddenAccessException(); } // Arreglo de estados de MX $keys = array("OMI2015-AGU" => 4, "OMI2015-BCN" => 4, "OMI2015-BCS" => 4, "OMI2015-CAM" => 4, "OMI2015-COA" => 4, "OMI2015-COL" => 4, "OMI2015-CHP" => 4, "OMI2015-CHH" => 8, "OMI2015-DIF" => 4, "OMI2015-DUR" => 4, "OMI2015-GUA" => 4, "OMI2015-GRO" => 4, "OMI2015-HID" => 4, "OMI2015-JAL" => 4, "OMI2015-MEX" => 4, "OMI2015-MIC" => 4, "OMI2015-MOR" => 4, "OMI2015-NAY" => 4, "OMI2015-NLE" => 4, "OMI2015-OAX" => 4, "OMI2015-PUE" => 4, "OMI2015-QUE" => 4, "OMI2015-ROO" => 4, "OMI2015-SLP" => 4, "OMI2015-SIN" => 4, "OMI2015-SON" => 4, "OMI2015-TAB" => 4, "OMI2015-TAM" => 4, "OMI2015-TLA" => 4, "OMI2015-VER" => 4, "OMI2015-YUC" => 4, "OMI2015-ZAC" => 4, "OMI2015-INV" => 4); } else { if ($r["contest_type"] == "OMIPS") { if (!Authorization::IsSystemAdmin($r["current_user_id"])) { throw new ForbiddenAccessException(); } $keys = array("OMIPS2015-P" => 25, "OMIPS2015-S" => 25); } else { if ($r["contest_type"] == "ORIG") { if (!($r["current_user"]->getUsername() == "kuko.coder" || Authorization::IsSystemAdmin($r["current_user_id"]))) { throw new ForbiddenAccessException(); } $keys = array("ORIG1516-CEL" => 38, "ORIG1516-DHI" => 15, "ORIG1516-GTO" => 14, "ORIG1516-IRA" => 37, "ORIG1516-PEN" => 22, "ORIG1516-LEO" => 43, "ORIG1516-SLP" => 14, "ORIG1516-SLV" => 14, "ORIG1516-URI" => 17, "ORIG1516-VDS" => 15); } else { if ($r["contest_type"] == "OMIAGS") { if (!($r["current_user"]->getUsername() == "andreasantillana" || Authorization::IsSystemAdmin($r["current_user_id"]))) { throw new ForbiddenAccessException(); } $keys = array("OMIAGS" => 35); } else { if ($r["contest_type"] == "OSI") { if (!($r["current_user"]->getUsername() == "cope_quintana" || Authorization::IsSystemAdmin($r["current_user_id"]))) { throw new ForbiddenAccessException(); } $keys = array("OSI16" => 120); } else { if ($r["contest_type"] == "UNAMFC") { if (!($r["current_user"]->getUsername() == "manuelalcantara52" || $r["current_user"]->getUsername() == "manuel52" || Authorization::IsSystemAdmin($r["current_user_id"]))) { throw new ForbiddenAccessException(); } $keys = array("UNAMFC15" => 30); } else { if ($r["contest_type"] == "OVI") { if (!($r["current_user"]->getUsername() == "covi.academico" || Authorization::IsSystemAdmin($r["current_user_id"]))) { throw new ForbiddenAccessException(); } $keys = array("OVI15" => 200); } else { throw new InvalidParameterException("parameterNotInExpectedSet", "contest_type", array("bad_elements" => $r["contest_type"], "expected_set" => "OMI, OMIAGS, ORIG, OSI, OVI")); } } } } } } } self::$permissionKey = $r['permission_key'] = self::randomString(32); foreach ($keys as $k => $n) { $digits = floor(log10($n) + 1); for ($i = 1; $i <= $n; $i++) { $username = $k . "-" . str_pad($i, $digits, '0', STR_PAD_LEFT); $password = self::randomString(8); if (self::omiPrepareUser($r, $username, $password)) { $response[$username] = $password; } // Add user to contest if needed if (!is_null($r["contest_alias"])) { $addUserRequest = new Request(); $addUserRequest["auth_token"] = $r["auth_token"]; $addUserRequest["usernameOrEmail"] = $username; $addUserRequest["contest_alias"] = $r["contest_alias"]; ContestController::apiAddUser($addUserRequest); } } } return $response; }
/** * Forza un refresh de la tabla User_Rank. SysAdmin only. * * @param Request $r * @return array * @throws UnauthorizedException */ public static function apiRefreshUserRank(Request $r) { self::authenticateRequest($r); if (!Authorization::IsSystemAdmin($r['current_user_id'])) { throw new UnauthorizedException(); } // Actualizar tabla User_Rank try { UserRankDAO::refreshUserRank(); } catch (Exception $ex) { throw new InvalidDatabaseOperationException($ex); } // Borrar todos los ranks cacheados self::deleteProblemsSolvedRankCacheList(); return array('status' => 'ok'); }
public static function IsGroupAdmin($user_id, Groups $group) { if (is_null($group)) { return false; } if ($group->owner_id === $user_id) { return true; } return Authorization::IsSystemAdmin($user_id); }
/** * * Gets a list of problems where current user is the owner * * @param Request $r */ public static function apiMyList(Request $r) { self::authenticateRequest($r); self::validateList($r); $response = array(); $response["results"] = array(); try { $problems = NULL; if (Authorization::IsSystemAdmin($r["current_user_id"])) { $problems = ProblemsDAO::getAll(NULL, NULL, "problem_id", 'DESC'); } else { $problem_mask = new Problems(array("author_id" => $r["current_user_id"])); $problems = ProblemsDAO::search($problem_mask, "problem_id", 'DESC', $r["offset"], $r["rowcount"]); } foreach ($problems as $problem) { $problemArray = $problem->asArray(); $problemArray['tags'] = ProblemsDAO::getTagsForProblem($problem, false); array_push($response["results"], $problemArray); } } catch (Exception $e) { throw new InvalidDatabaseOperationException($e); } $response["status"] = "ok"; return $response; }