/**
* Validate requests for grader apis
*
* @param Request $r
* @throws ForbiddenAccessException
*/
private static function validateRequest(Request $r)
{
self::authenticateRequest($r);
if (!Authorization::IsSystemAdmin($r['current_user_id'])) {
throw new ForbiddenAccessException();
}
}
/**
*
* @param Request $r
* @return array
* @throws ForbiddenAccessException
*/
public static function apiGenerateOmiUsers(Request $r)
{
self::authenticateRequest($r);
$response = array();
$is_system_admin = Authorization::IsSystemAdmin($r['current_user_id']);
if ($r['contest_type'] == 'OMI') {
if (!$is_system_admin) {
throw new ForbiddenAccessException();
}
// Arreglo de estados de MX
$keys = array('OMI2015-AGU' => 4, 'OMI2015-BCN' => 4, 'OMI2015-BCS' => 4, 'OMI2015-CAM' => 4, 'OMI2015-COA' => 4, 'OMI2015-COL' => 4, 'OMI2015-CHP' => 4, 'OMI2015-CHH' => 8, 'OMI2015-DIF' => 4, 'OMI2015-DUR' => 4, 'OMI2015-GUA' => 4, 'OMI2015-GRO' => 4, 'OMI2015-HID' => 4, 'OMI2015-JAL' => 4, 'OMI2015-MEX' => 4, 'OMI2015-MIC' => 4, 'OMI2015-MOR' => 4, 'OMI2015-NAY' => 4, 'OMI2015-NLE' => 4, 'OMI2015-OAX' => 4, 'OMI2015-PUE' => 4, 'OMI2015-QUE' => 4, 'OMI2015-ROO' => 4, 'OMI2015-SLP' => 4, 'OMI2015-SIN' => 4, 'OMI2015-SON' => 4, 'OMI2015-TAB' => 4, 'OMI2015-TAM' => 4, 'OMI2015-TLA' => 4, 'OMI2015-VER' => 4, 'OMI2015-YUC' => 4, 'OMI2015-ZAC' => 4, 'OMI2015-INV' => 4);
} elseif ($r['contest_type'] == 'OMIPS') {
if ($r['current_user']->getUsername() != 'andreasantillana' && !$is_system_admin) {
throw new ForbiddenAccessException();
}
$keys = array('OMIPS2015-P' => 25, 'OMIPS2015-S' => 25);
} elseif ($r['contest_type'] == 'ORIG') {
if ($r['current_user']->getUsername() != 'kuko.coder' && !$is_system_admin) {
throw new ForbiddenAccessException();
}
$keys = array('ORIG1516-CEL' => 38, 'ORIG1516-DHI' => 15, 'ORIG1516-GTO' => 14, 'ORIG1516-IRA' => 37, 'ORIG1516-PEN' => 22, 'ORIG1516-LEO' => 43, 'ORIG1516-SLP' => 14, 'ORIG1516-SLV' => 14, 'ORIG1516-URI' => 17, 'ORIG1516-VDS' => 15);
} elseif ($r['contest_type'] == 'OMIAGS') {
if ($r['current_user']->getUsername() != 'andreasantillana' && !$is_system_admin) {
throw new ForbiddenAccessException();
}
$keys = array('OMIAGS' => 35);
} elseif ($r['contest_type'] == 'OSI') {
if ($r['current_user']->getUsername() != 'cope_quintana' && !$is_system_admin) {
throw new ForbiddenAccessException();
}
$keys = array('OSI16' => 120);
} elseif ($r['contest_type'] == 'UNAMFC') {
if ($r['current_user']->getUsername() != 'manuelalcantara52' && $r['current_user']->getUsername() != 'manuel52' && !$is_system_admin) {
throw new ForbiddenAccessException();
}
$keys = array('UNAMFC15' => 30);
} elseif ($r['contest_type'] == 'OVI') {
if ($r['current_user']->getUsername() != 'covi.academico' && !$is_system_admin) {
throw new ForbiddenAccessException();
}
$keys = array('OVI15' => 200);
} else {
throw new InvalidParameterException('parameterNotInExpectedSet', 'contest_type', array('bad_elements' => $r['contest_type'], 'expected_set' => 'OMI, OMIAGS, ORIG, OSI, OVI'));
}
self::$permissionKey = $r['permission_key'] = self::randomString(32);
foreach ($keys as $k => $n) {
$digits = floor(log10($n) + 1);
for ($i = 1; $i <= $n; $i++) {
$username = $k . '-' . str_pad($i, $digits, '0', STR_PAD_LEFT);
$password = self::randomString(8);
if (self::omiPrepareUser($r, $username, $password)) {
$response[$username] = $password;
}
// Add user to contest if needed
if (!is_null($r['contest_alias'])) {
$addUserRequest = new Request();
$addUserRequest['auth_token'] = $r['auth_token'];
$addUserRequest['usernameOrEmail'] = $username;
$addUserRequest['contest_alias'] = $r['contest_alias'];
ContestController::apiAddUser($addUserRequest);
}
}
}
return $response;
}
/**
* Validator for List API
*
* @param Request $r
* @throws ForbiddenAccessException
* @throws InvalidDatabaseOperationException
* @throws NotFoundException
*/
private static function validateList(Request $r)
{
// Defaults for offset and rowcount
if (!isset($r['offset'])) {
$r['offset'] = 0;
}
if (!isset($r['rowcount'])) {
$r['rowcount'] = 100;
}
if (!Authorization::IsSystemAdmin($r['current_user_id'])) {
throw new ForbiddenAccessException('userNotAllowed');
}
Validators::isNumber($r['offset'], 'offset', false);
Validators::isNumber($r['rowcount'], 'rowcount', false);
Validators::isInEnum($r['status'], 'status', array('new', 'waiting', 'compiling', 'running', 'ready'), false);
Validators::isInEnum($r['verdict'], 'verdict', array('AC', 'PA', 'WA', 'TLE', 'MLE', 'OLE', 'RTE', 'RFE', 'CE', 'JE', 'NO-AC'), false);
// Check filter by problem, is optional
if (!is_null($r['problem_alias'])) {
Validators::isStringNonEmpty($r['problem_alias'], 'problem');
try {
$r['problem'] = ProblemsDAO::getByAlias($r['problem_alias']);
} catch (Exception $e) {
// Operation failed in the data layer
throw new InvalidDatabaseOperationException($e);
}
if (is_null($r['problem'])) {
throw new NotFoundException('problemNotFound');
}
}
Validators::isInEnum($r['language'], 'language', array('c', 'cpp', 'cpp11', 'java', 'py', 'rb', 'pl', 'cs', 'pas', 'kp', 'kj', 'cat', 'hs'), false);
// Get user if we have something in username
if (!is_null($r['username'])) {
try {
$r['user'] = UserController::resolveUser($r['username']);
} catch (NotFoundException $e) {
// If not found, simply ignore it
$r['username'] = null;
$r['user'] = null;
}
}
}
public static function getCurrentSession(Request $r)
{
$authToken = $r['auth_token'];
if (is_null($authToken)) {
return array('valid' => false, 'id' => null, 'name' => null, 'username' => null, 'email' => null, 'email_md5' => null, 'auth_token' => null, 'is_admin' => false, 'login_url' => '/login/');
}
$vo_CurrentUser = AuthTokensDAO::getUserByToken($authToken);
if (is_null($vo_CurrentUser)) {
// Means user has auth token, but at
// does not exist in DB
return array('valid' => false, 'id' => null, 'name' => null, 'username' => null, 'email' => null, 'email_md5' => null, 'auth_token' => null, 'is_admin' => false, 'login_url' => '/login/');
}
// Get email via his id
$vo_Email = EmailsDAO::getByPK($vo_CurrentUser->getMainEmailId());
$_SESSION['omegaup_user'] = array('name' => $vo_CurrentUser->getUsername(), 'email' => !is_null($vo_Email) ? $vo_Email->getEmail() : '');
return array('valid' => true, 'id' => $vo_CurrentUser->getUserId(), 'name' => $vo_CurrentUser->getName(), 'email' => !is_null($vo_Email) ? $vo_Email->getEmail() : '', 'email_md5' => !is_null($vo_Email) ? md5($vo_Email->getEmail()) : '', 'user' => $vo_CurrentUser, 'username' => $vo_CurrentUser->getUsername(), 'auth_token' => $authToken, 'is_email_verified' => $vo_CurrentUser->getVerified(), 'is_admin' => Authorization::IsSystemAdmin($vo_CurrentUser->getUserId()), 'private_contests_count' => ContestsDAO::getPrivateContestsCount($vo_CurrentUser), 'private_problems_count' => ProblemsDAO::getPrivateCount($vo_CurrentUser), 'needs_basic_info' => $vo_CurrentUser->getPassword() == null);
}
/**
* Validator for List API
*
* @param Request $r
* @throws ForbiddenAccessException
* @throws InvalidDatabaseOperationException
* @throws NotFoundException
*/
private static function validateList(Request $r)
{
// Defaults for offset and rowcount
if (!isset($r["offset"])) {
$r["offset"] = 0;
}
if (!isset($r["rowcount"])) {
$r["rowcount"] = 100;
}
if (!Authorization::IsSystemAdmin($r["current_user_id"])) {
throw new ForbiddenAccessException("userNotAllowed");
}
Validators::isNumber($r["offset"], "offset", false);
Validators::isNumber($r["rowcount"], "rowcount", false);
Validators::isInEnum($r["status"], "status", array('new', 'waiting', 'compiling', 'running', 'ready'), false);
Validators::isInEnum($r["verdict"], "verdict", array("AC", "PA", "WA", "TLE", "MLE", "OLE", "RTE", "RFE", "CE", "JE", "NO-AC"), false);
// Check filter by problem, is optional
if (!is_null($r["problem_alias"])) {
Validators::isStringNonEmpty($r["problem_alias"], "problem");
try {
$r["problem"] = ProblemsDAO::getByAlias($r["problem_alias"]);
} catch (Exception $e) {
// Operation failed in the data layer
throw new InvalidDatabaseOperationException($e);
}
if (is_null($r["problem"])) {
throw new NotFoundException("problemNotFound");
}
}
Validators::isInEnum($r["language"], "language", array('c', 'cpp', 'cpp11', 'java', 'py', 'rb', 'pl', 'cs', 'pas', 'kp', 'kj', 'cat', 'hs'), false);
// Get user if we have something in username
if (!is_null($r["username"])) {
try {
$r["user"] = UserController::resolveUser($r["username"]);
} catch (NotFoundException $e) {
// If not found, simply ignore it
$r["username"] = null;
$r["user"] = null;
}
}
}
/**
* Given a contest_alias, sets the recommended flag on/off.
* Only omegaUp admins can call this API.
*
* @param Request $r
* @return array
*/
public static function apiSetRecommended(Request $r)
{
self::authenticateRequest($r);
if (!Authorization::IsSystemAdmin($r['current_user_id'])) {
throw new ForbiddenAccessException('userNotAllowed');
}
// Validate & get contest_alias
try {
$r['contest'] = ContestsDAO::getByAlias($r['contest_alias']);
} catch (Exception $e) {
throw new InvalidDatabaseOperationException($e);
}
if (is_null($r['contest'])) {
throw new NotFoundException('contestNotFound');
}
// Validate value param
Validators::isInEnum($r['value'], 'value', array('0', '1'));
$r['contest']->recommended = $r['value'];
try {
ContestsDAO::save($r['contest']);
} catch (Exception $e) {
throw new InvalidDatabaseOperationException($e);
}
return array('status' => 'ok');
}
/**
* Given a contest_alias and user_id, returns the role of the user within
* the context of a contest.
*
* @param Request $r
* @return array
*/
public static function apiRole(Request $r)
{
try {
if ($r['contest_alias'] == 'all-events') {
self::authenticateRequest($r);
if (Authorization::IsSystemAdmin($r['current_user_id'])) {
return array('status' => 'ok', 'admin' => true);
}
}
self::validateDetails($r);
return array('status' => 'ok', 'admin' => $r['contest_admin']);
} catch (Exception $e) {
self::$log->error("Error getting role: " . $e);
return array('status' => 'error', 'admin' => false);
}
}
/**
*
* Gets a list of problems where current user is the owner
*
* @param Request $r
*/
public static function apiMyList(Request $r)
{
self::authenticateRequest($r);
self::validateList($r);
$response = array();
$response['results'] = array();
try {
$problems = null;
if (Authorization::IsSystemAdmin($r['current_user_id'])) {
$problems = ProblemsDAO::getAll(null, null, 'problem_id', 'DESC');
} else {
$problem_mask = new Problems(array('author_id' => $r['current_user_id']));
$problems = ProblemsDAO::search($problem_mask, 'problem_id', 'DESC', $r['offset'], $r['rowcount']);
}
foreach ($problems as $problem) {
$problemArray = $problem->asArray();
$problemArray['tags'] = ProblemsDAO::getTagsForProblem($problem, false);
array_push($response['results'], $problemArray);
}
} catch (Exception $e) {
throw new InvalidDatabaseOperationException($e);
}
$response['status'] = 'ok';
return $response;
}
/**
*
* @param Request $r
* @return array
* @throws ForbiddenAccessException
*/
public static function apiGenerateOmiUsers(Request $r)
{
self::authenticateRequest($r);
$response = array();
if ($r["contest_type"] == "OMI") {
if (!Authorization::IsSystemAdmin($r["current_user_id"])) {
throw new ForbiddenAccessException();
}
// Arreglo de estados de MX
$keys = array("OMI2015-AGU" => 4, "OMI2015-BCN" => 4, "OMI2015-BCS" => 4, "OMI2015-CAM" => 4, "OMI2015-COA" => 4, "OMI2015-COL" => 4, "OMI2015-CHP" => 4, "OMI2015-CHH" => 8, "OMI2015-DIF" => 4, "OMI2015-DUR" => 4, "OMI2015-GUA" => 4, "OMI2015-GRO" => 4, "OMI2015-HID" => 4, "OMI2015-JAL" => 4, "OMI2015-MEX" => 4, "OMI2015-MIC" => 4, "OMI2015-MOR" => 4, "OMI2015-NAY" => 4, "OMI2015-NLE" => 4, "OMI2015-OAX" => 4, "OMI2015-PUE" => 4, "OMI2015-QUE" => 4, "OMI2015-ROO" => 4, "OMI2015-SLP" => 4, "OMI2015-SIN" => 4, "OMI2015-SON" => 4, "OMI2015-TAB" => 4, "OMI2015-TAM" => 4, "OMI2015-TLA" => 4, "OMI2015-VER" => 4, "OMI2015-YUC" => 4, "OMI2015-ZAC" => 4, "OMI2015-INV" => 4);
} else {
if ($r["contest_type"] == "OMIPS") {
if (!Authorization::IsSystemAdmin($r["current_user_id"])) {
throw new ForbiddenAccessException();
}
$keys = array("OMIPS2015-P" => 25, "OMIPS2015-S" => 25);
} else {
if ($r["contest_type"] == "ORIG") {
if (!($r["current_user"]->getUsername() == "kuko.coder" || Authorization::IsSystemAdmin($r["current_user_id"]))) {
throw new ForbiddenAccessException();
}
$keys = array("ORIG1516-CEL" => 38, "ORIG1516-DHI" => 15, "ORIG1516-GTO" => 14, "ORIG1516-IRA" => 37, "ORIG1516-PEN" => 22, "ORIG1516-LEO" => 43, "ORIG1516-SLP" => 14, "ORIG1516-SLV" => 14, "ORIG1516-URI" => 17, "ORIG1516-VDS" => 15);
} else {
if ($r["contest_type"] == "OMIAGS") {
if (!($r["current_user"]->getUsername() == "andreasantillana" || Authorization::IsSystemAdmin($r["current_user_id"]))) {
throw new ForbiddenAccessException();
}
$keys = array("OMIAGS" => 35);
} else {
if ($r["contest_type"] == "OSI") {
if (!($r["current_user"]->getUsername() == "cope_quintana" || Authorization::IsSystemAdmin($r["current_user_id"]))) {
throw new ForbiddenAccessException();
}
$keys = array("OSI16" => 120);
} else {
if ($r["contest_type"] == "UNAMFC") {
if (!($r["current_user"]->getUsername() == "manuelalcantara52" || $r["current_user"]->getUsername() == "manuel52" || Authorization::IsSystemAdmin($r["current_user_id"]))) {
throw new ForbiddenAccessException();
}
$keys = array("UNAMFC15" => 30);
} else {
if ($r["contest_type"] == "OVI") {
if (!($r["current_user"]->getUsername() == "covi.academico" || Authorization::IsSystemAdmin($r["current_user_id"]))) {
throw new ForbiddenAccessException();
}
$keys = array("OVI15" => 200);
} else {
throw new InvalidParameterException("parameterNotInExpectedSet", "contest_type", array("bad_elements" => $r["contest_type"], "expected_set" => "OMI, OMIAGS, ORIG, OSI, OVI"));
}
}
}
}
}
}
}
self::$permissionKey = $r['permission_key'] = self::randomString(32);
foreach ($keys as $k => $n) {
$digits = floor(log10($n) + 1);
for ($i = 1; $i <= $n; $i++) {
$username = $k . "-" . str_pad($i, $digits, '0', STR_PAD_LEFT);
$password = self::randomString(8);
if (self::omiPrepareUser($r, $username, $password)) {
$response[$username] = $password;
}
// Add user to contest if needed
if (!is_null($r["contest_alias"])) {
$addUserRequest = new Request();
$addUserRequest["auth_token"] = $r["auth_token"];
$addUserRequest["usernameOrEmail"] = $username;
$addUserRequest["contest_alias"] = $r["contest_alias"];
ContestController::apiAddUser($addUserRequest);
}
}
}
return $response;
}
/**
* Forza un refresh de la tabla User_Rank. SysAdmin only.
*
* @param Request $r
* @return array
* @throws UnauthorizedException
*/
public static function apiRefreshUserRank(Request $r)
{
self::authenticateRequest($r);
if (!Authorization::IsSystemAdmin($r['current_user_id'])) {
throw new UnauthorizedException();
}
// Actualizar tabla User_Rank
try {
UserRankDAO::refreshUserRank();
} catch (Exception $ex) {
throw new InvalidDatabaseOperationException($ex);
}
// Borrar todos los ranks cacheados
self::deleteProblemsSolvedRankCacheList();
return array('status' => 'ok');
}
public static function IsGroupAdmin($user_id, Groups $group)
{
if (is_null($group)) {
return false;
}
if ($group->owner_id === $user_id) {
return true;
}
return Authorization::IsSystemAdmin($user_id);
}
/**
*
* Gets a list of problems where current user is the owner
*
* @param Request $r
*/
public static function apiMyList(Request $r)
{
self::authenticateRequest($r);
self::validateList($r);
$response = array();
$response["results"] = array();
try {
$problems = NULL;
if (Authorization::IsSystemAdmin($r["current_user_id"])) {
$problems = ProblemsDAO::getAll(NULL, NULL, "problem_id", 'DESC');
} else {
$problem_mask = new Problems(array("author_id" => $r["current_user_id"]));
$problems = ProblemsDAO::search($problem_mask, "problem_id", 'DESC', $r["offset"], $r["rowcount"]);
}
foreach ($problems as $problem) {
$problemArray = $problem->asArray();
$problemArray['tags'] = ProblemsDAO::getTagsForProblem($problem, false);
array_push($response["results"], $problemArray);
}
} catch (Exception $e) {
throw new InvalidDatabaseOperationException($e);
}
$response["status"] = "ok";
return $response;
}
