public function testUserNameCollision() { $salt = time(); // Test users should not exist $this->assertNull(UsersDAO::FindByUsername('A' . $salt)); $this->assertNull(UsersDAO::FindByUsername('A' . $salt . '1')); $this->assertNull(UsersDAO::FindByUsername('A' . $salt . '2')); // Create collision $c = new SessionController(); $c->LoginViaGoogle('A' . $salt . '@isp1.com'); $c->LoginViaGoogle('A' . $salt . '@isp2.com'); $c->LoginViaGoogle('A' . $salt . '@isp3.com'); $this->assertNotNull(UsersDAO::FindByUsername('A' . $salt)); $this->assertNotNull(UsersDAO::FindByUsername('A' . $salt . '1')); $this->assertNotNull(UsersDAO::FindByUsername('A' . $salt . '2')); }
/** * Resolves the target user for the API. If a username is provided in * the request, then we use that one. Otherwise, we use currently logged-in * user. * * Request must be authenticated before this function is called. * * @param Request $r * @return Users * @throws InvalidDatabaseOperationException * @throws NotFoundException */ protected static function resolveTargetUser(Request $r) { // By default use current user $user = $r['current_user']; if (!is_null($r['username'])) { Validators::isStringNonEmpty($r['username'], 'username'); try { $user = UsersDAO::FindByUsername($r['username']); if (is_null($user)) { throw new InvalidParameterException('parameterNotFound', 'Username'); } } catch (ApiException $e) { throw $e; } catch (Exception $e) { throw new InvalidDatabaseOperationException($e); } } return $user; }
/** * If no username provided: Gets the top N users who have solved more problems * If username provided: Gets rank for username provided * * @param Request $r * @return string * @throws InvalidDatabaseOperationException */ public static function apiRankByProblemsSolved(Request $r) { Validators::isNumber($r['offset'], 'offset', false); Validators::isNumber($r['rowcount'], 'rowcount', false); $r['user'] = null; if (!is_null($r['username'])) { Validators::isStringNonEmpty($r['username'], 'username'); try { $r['user'] = UsersDAO::FindByUsername($r['username']); if (is_null($r['user'])) { throw new NotFoundException('userNotExist'); } } catch (ApiException $e) { throw $e; } catch (Exception $e) { throw new InvalidDatabaseOperationException($e); } } // Defaults for offset and rowcount if (null == $r['offset']) { $r['offset'] = 0; } if (null == $r['rowcount']) { $r['rowcount'] = 100; } return self::getRankByProblemsSolved($r); }
private static function getUniqueUsernameFromEmail($s_Email) { $idx = strpos($s_Email, '@'); $username = substr($s_Email, 0, $idx); try { Validators::isValidUsername($username, 'username'); } catch (InvalidParameterException $e) { // How can we know whats wrong with the username? // Things that could go wrong: // generated email is too short $username = '******'; } $suffix = ''; for (;;) { // Maybe we can bring all records from db // with prefix $username, beacuse this: $userexists = UsersDAO::FindByUsername($username . $suffix); // will query db every single time probably. if (empty($userexists)) { break; } if (empty($suffix)) { $suffix = 1; } else { $suffix++; } } return $username . $suffix; }
/** * Verifies a user and returns its DAO * * @param Users $user * @return type */ public static function verifyUser(Users $user) { UserController::apiVerifyEmail(new Request(array('id' => $user->getVerificationId()))); // Get user from db again to pick up verification changes return UsersDAO::FindByUsername($user->getUsername()); }
/** * Admin can verify users only with username */ public function testUsernameVerificationByAdmin() { // User to be verified $user = UserFactory::createUser(null, null, null, false); // Admin will verify $user $admin = UserFactory::createAdminUser(); // Call api using admin $response = UserController::apiVerifyEmail(new Request(array('auth_token' => $this->login($admin), 'usernameOrEmail' => $user->getUsername()))); // Get user from db again to pick up verification changes $userdb = UsersDAO::FindByUsername($user->getUsername()); $this->assertEquals(1, $userdb->getVerified()); $this->assertEquals('ok', $response['status']); }
public static function apiArbitrateRequest(Request $r) { $result = array("status" => "ok"); if (is_null($r["resolution"])) { throw new InvalidParameterException("invalidParameters"); } // user must be admin of contest to arbitrate security $current_ses = SessionController::getCurrentSession($r); try { $r["contest"] = ContestsDAO::getByAlias($r["contest_alias"]); } catch (Exception $e) { throw new NotFoundException($e); } if (is_null($r["contest"])) { throw new NotFoundException("contestNotFound"); } $r["target_user"] = UsersDAO::FindByUsername($r["username"]); $request = ContestUserRequestDAO::getByPK($r["target_user"]->user_id, $r["contest"]->contest_id); if (is_null($request)) { throw new InvalidParameterException("userNotInListOfRequests"); } if ($r["resolution"] === "false") { // "false" casts to true. $resolution = false; } else { $resolution = (bool) $r["resolution"]; } $request->setAccepted($resolution); $request->setExtraNote($r["note"]); $request->setLastUpdate(gmdate('Y-m-d H:i:s')); ContestUserRequestDAO::save($request); // Save this action in the history $history = new ContestUserRequestHistory(); $history->user_id = $request->user_id; $history->contest_id = $request->user_id; $history->time = $request->last_update; $history->admin_id = $current_ses["id"]; $history->accepted = $request->accepted; ContestUserRequestHistoryDAO::save($history); self::$log->info("Arbitrated contest for user, new accepted user_id=" . $r["target_user"]->user_id . ", state=" . $resolution); return $result; }
public static function apiArbitrateRequest(Request $r) { $result = array('status' => 'ok'); if (is_null($r['resolution'])) { throw new InvalidParameterException('invalidParameters'); } // user must be admin of contest to arbitrate security $current_ses = SessionController::getCurrentSession($r); try { $r['contest'] = ContestsDAO::getByAlias($r['contest_alias']); } catch (Exception $e) { throw new NotFoundException($e); } if (is_null($r['contest'])) { throw new NotFoundException('contestNotFound'); } $r['target_user'] = UsersDAO::FindByUsername($r['username']); $request = ContestUserRequestDAO::getByPK($r['target_user']->user_id, $r['contest']->contest_id); if (is_null($request)) { throw new InvalidParameterException('userNotInListOfRequests'); } if ($r['resolution'] === 'false') { // "false" casts to true. $resolution = false; } else { $resolution = (bool) $r['resolution']; } $request->setAccepted($resolution); $request->setExtraNote($r['note']); $request->setLastUpdate(gmdate('Y-m-d H:i:s')); ContestUserRequestDAO::save($request); // Save this action in the history $history = new ContestUserRequestHistory(); $history->user_id = $request->user_id; $history->contest_id = $request->user_id; $history->time = $request->last_update; $history->admin_id = $current_ses['id']; $history->accepted = $request->accepted; ContestUserRequestHistoryDAO::save($history); self::$log->info('Arbitrated contest for user, new accepted user_id=' . $r['target_user']->user_id . ', state=' . $resolution); return $result; }
/** * Entry point for Problem runs API * * @param Request $r * @throws InvalidFilesystemOperationException * @throws InvalidDatabaseOperationException */ public static function apiRuns(Request $r) { // Get user self::authenticateRequest($r); // Validate request self::validateRuns($r); $response = array(); if ($r['show_all']) { if (!Authorization::CanEditProblem($r['current_user_id'], $r['problem'])) { throw new ForbiddenAccessException(); } if (!is_null($r['username'])) { try { $r['user'] = UsersDAO::FindByUsername($r['username']); } catch (Exception $e) { throw new NotFoundException('userNotFound'); } } try { $runs = RunsDAO::GetAllRuns(null, $r['status'], $r['verdict'], $r['problem']->problem_id, $r['language'], !is_null($r['user']) ? $r['user']->user_id : null, $r['offset'], $r['rowcount']); $result = array(); foreach ($runs as $run) { $run['time'] = (int) $run['time']; $run['score'] = round((double) $run['score'], 4); if ($run['contest_score'] != null) { $run['contest_score'] = round((double) $run['contest_score'], 2); } array_push($result, $run); } $response['runs'] = $result; } catch (Exception $e) { // Operation failed in the data layer throw new InvalidDatabaseOperationException($e); } } else { $keyrun = new Runs(array('user_id' => $r['current_user_id'], 'problem_id' => $r['problem']->getProblemId())); // Get all the available runs try { $runs_array = RunsDAO::search($keyrun); // Create array of relevant columns for list of runs $relevant_columns = array('guid', 'language', 'status', 'verdict', 'runtime', 'penalty', 'memory', 'score', 'contest_score', 'time', 'submit_delay'); // Add each filtered run to an array $response['runs'] = array(); if (count($runs_array) >= 0) { $runs_filtered_array = array(); foreach ($runs_array as $run) { $filtered = $run->asFilteredArray($relevant_columns); $filtered['time'] = strtotime($filtered['time']); $filtered['username'] = $r['current_user']->username; $filtered['alias'] = $r['problem']->alias; array_push($response['runs'], $filtered); } } } catch (Exception $e) { // Operation failed in the data layer throw new InvalidDatabaseOperationException($e); } } $response['status'] = 'ok'; return $response; }