Added option DMOJ_PRIVATE_SUBMISSION to hide source code #1582
Conversation
…ode even for users who solved the problem
Codecov Report
@@ Coverage Diff @@
## master #1582 +/- ##
==========================================
- Coverage 46.05% 46.04% -0.01%
==========================================
Files 213 213
Lines 12145 12149 +4
==========================================
+ Hits 5593 5594 +1
- Misses 6552 6555 +3
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Thanks for the PR! Considering this was rejected prior, I'm not sure it will be accepted this time, but the code around permissions has certainly cleaned up a bit so I think it's alright. See comment.
What you've done only affects template rendering, not actual access to the submission page. For example, going to the submission URL or through the API, the submission can still be accessed. You should modify the can_see_detail function of the Submission model and write some unit tests to verify it works here.
judge/jinja2/submission.py
Outdated
| @@ -15,6 +16,8 @@ def submission_layout(submission, profile_id, user, completed_problem_ids, edita | |||
| elif profile_id == submission.user_id: | |||
| can_view = True | |||
| elif submission.problem_id in completed_problem_ids: | |||
| can_view = submission.problem.is_public or submission.problem_id in tester_problem_ids | |||
| can_view = submission.problem_id in tester_problem_ids | |||
| if not private_submission: | |||
There was a problem hiding this comment.
Instead of passing the settings.DMOJ_PRIVATE_SUBMISSION into the context and then re-checking, you should check it here directly instead.
There was a problem hiding this comment.
Thank you for the reply.
I did it directly.
|
@Xyene says he's okay with merging, assuming this work. |
|
Totally forgot to mention this, can you change the name of this new setting and make it a string to allow for future changes. From Slack, a while back: Pretty much, set the current one in |
…type: str) which can be "all" | "all-solved" | "only-own"
|
I Understand that it would be useful to more users to provide three options. |
judge/jinja2/submission.py
Outdated
| can_view = can_view or submission.problem.is_public | ||
| elif settings.DMOJ_SUBMISSION_SOURCE_VISIBILITY == 'only-own': |
There was a problem hiding this comment.
I think we don't need this branch, since it's a no-op. On the other hand, it'd be good to have a new settings.DMOJ_SOURCE_VISIBILITY == 'all' branch at the top of this if/else tree return True.
There was a problem hiding this comment.
I agree.
I also worried about the line the most.
The purpose was to inform the existence of the branch in case somebody edits it in the future, but I know that it is two lines of unnecessary code.
Now that I wanted to match the branch order in the jinja2 and models source code, I think how about removing the 2 lines.
If you agree, I will only remove 2 unnecessary lines.
There was a problem hiding this comment.
I think it's better to remove these two lines. Your concern is totally valid but the proper solution is writing some unit tests.
There was a problem hiding this comment.
I understand.
Thank you for paying attention to the small suggestions and reviewing the code.
* Add option DMOJ_PRIVATE_SUBMISSION to hide source code; closes DMOJ/online-judge#836 (DMOJ/online-judge#1582) * Fix impossible to translate strings * Import latest Can I use... data * Add minor improvements to user data downloads * Use a subquery for problem filter and force a STRAIGHT_JOIN for subs * Reduce time complexity for chain of * in problem filter * Update English source .po files in updatemessages * Add problem visibility to APIProblemList * Make caniuse PR use reviewers instead of assignees * Pretty format caniuse.json This is so that diffs actually make sense. * Make translations PR use reviewers instead of assignees * Add comment for non-trivial submission saving logic * Ignore Vim's backups * Fix permissions on `0110_default_output_prefix_override` migration * Add contest curator and tester fields * Add migration for contest curator and tester * Add contest curator and tester to admin site * Add contest curator and tester to views * Add contest curator and tester to frontend * Add tests for contest curators and testers * Add `is_locked` to `submission_related` * Compute user_tester_ids without an inner join * Allow contest curators and authors to see submissions made in contest (DMOJ/online-judge#1672) To whomever implements DMOJ/online-judge#1509, I pity your soul. * Fix missing `distinct()` * Set submission contest object to None on contest submission delete * Remove unneeded `profile.update_contest()` call in `ProblemSubmit` * Fix `SubmissionMixin` `access_check()` method There's no testing quite like testing in prod. * Remove unused PrivateMessage model * Create initial revision on contest/problem clone * Convert contest and submission `is_locked` to `DateTimeField`s * Convert submission `was_rejudged` to a `DateTimeField` * Add migration to convert to datetimes * Refactor atomic revisions Use `revision.create_revision(atomic=True)` instead of explicity wrapping with ``transaction.atomic` * Consistently cache global submission stats Instead of using the problems visible to whatever user populating the cache, we simply cache stats all submissions on the site. * Fix attempt to fetch all submissions * Allow unlisted users to see contest rank; fixes DMOJ/online-judge#1607 * Fixing some error when update from dmoj (#66) * Fix lint * Add merged migartion * Make sure user can see their submissions in contest Co-authored-by: Hyun-Su, Mun <munhyunsu@gmail.com> Co-authored-by: Quantum <quantum2048@gmail.com> Co-authored-by: dmoj-build <build@dmoj.ca> Co-authored-by: Evan <evanzhang1028@hotmail.com> Co-authored-by: JoshuaTianYangLiu <josh.liu@student.tdsb.on.ca> Co-authored-by: Roger Fu <kiritofeng@users.noreply.github.com> Co-authored-by: kiritofeng <rogerjfu@hotmail.com>
I am using DMOJ as a university teaching tutor.
I want to prevent the students I teach from simply copy-pasting more efficient source code while looking at the answers other students have solved.
This Pull Request provides a private submission function as mentioned in #836.
Use the
DMOJ_PRIVATE_SUBMISSIONflag insettings.pyorlocal_setting.py.If
DMOJ_PRIVATE_SUBMISSION = True, only the source code submitted by the user can be checked in/submissions.