feat(web): add problem permissions

This commit is contained in:
Baoshuo Ren 2022-03-17 21:52:10 +08:00
parent 7fb7583574
commit 3a7e52fac1
Signed by: baoshuo
GPG Key ID: 00CB9680AB29F51A
5 changed files with 34 additions and 10 deletions

View File

@ -450,6 +450,7 @@ UNLOCK TABLES;
CREATE TABLE `problems` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`title` text NOT NULL,
`uploader` varchar(20) COLLATE utf8mb4_unicode_ci NOT NULL,
`is_hidden` tinyint(1) NOT NULL DEFAULT '0',
`submission_requirement` text,
`hackable` tinyint(1) NOT NULL DEFAULT '0',
@ -618,6 +619,7 @@ CREATE TABLE `user_info` (
`usergroup` char(1) NOT NULL DEFAULT 'U',
`username` varchar(20) COLLATE utf8mb4_unicode_ci NOT NULL,
`realname` varchar(30) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '',
`usertype` varchar(50) NOT NULL DEFAULT 'student',
`email` varchar(50) NOT NULL,
`password` char(32) NOT NULL,
`svn_password` char(10) NOT NULL,

View File

@ -7,10 +7,10 @@
becomeMsgPage(UOJLocale::get('need login'));
}
if (isSuperUser($myUser)) {
if (isSuperUser($myUser) || isProblemManager($myUser) || isProblemUploader($myUser)) {
$new_problem_form = new UOJForm('new_problem');
$new_problem_form->handle = function() {
DB::query("insert into problems (title, is_hidden, submission_requirement) values ('New Problem', 1, '{}')");
DB::query("insert into problems (title, uploader, is_hidden, submission_requirement) values ('New Problem', '{$myUser['username']}', 1, '{}')");
$id = DB::insert_id();
DB::query("insert into problems_contents (id, statement, statement_md) values ($id, '', '')");
dataNewProblem($id);
@ -189,7 +189,7 @@ $('#input-show_submit_mode').click(function() {
echo '</table>';
echo '</div>';
if (isSuperUser($myUser)) {
if (isSuperUser($myUser) || isProblemManager($myUser) || isProblemUploader($myUser)) {
$new_problem_form->printHTML();
}

View File

@ -122,6 +122,8 @@
$options = array(
'banneduser' => '设为封禁用户',
'normaluser' => '设为普通用户',
'problem_uploader' => '设为题目上传者',
'problem_manager' => '设为题目管理员',
'superuser' => '设为超级用户'
);
$user_form->addSelect('op_type', $options, '操作类型', '');
@ -132,9 +134,19 @@
switch ($_POST['op_type']) {
case 'banneduser':
DB::update("update user_info set usergroup = 'B' where username = '{$username}'");
DB::update("update user_info set usertype = 'banned' where username = '{$username}'");
break;
case 'normaluser':
DB::update("update user_info set usergroup = 'U' where username = '{$username}'");
DB::update("update user_info set usertype = 'student' where username = '{$username}'");
break;
case 'problem_uploader':
DB::update("update user_info set usergroup = 'U' where username = '{$username}'");
DB::update("update user_info set usertype = 'problem_uploader' where username = '{$username}'");
break;
case 'problem_manager':
DB::update("update user_info set usergroup = 'U' where username = '{$username}'");
DB::update("update user_info set usertype = 'problem_manager' where username = '{$username}'");
break;
case 'superuser':
DB::update("update user_info set usergroup = 'S' where username = '{$username}'");

View File

@ -4,20 +4,23 @@ function hasProblemPermission($user, $problem) {
if ($user == null) {
return false;
}
if (isSuperUser($user)) {
if (isSuperUser($user) || isProblemManager($user)) {
return true;
}
if ($problem['uploader'] == $user['username']) {
return true;
}
return DB::selectFirst("select * from problems_permissions where username = '{$user['username']}' and problem_id = {$problem['id']}") != null;
}
function hasViewPermission($str,$user,$problem,$submission) {
if ($str=='ALL') {
function hasViewPermission($str, $user, $problem, $submission) {
if ($str == 'ALL') {
return true;
}
if ($str=='ALL_AFTER_AC') {
if ($str == 'ALL_AFTER_AC') {
return hasAC($user,$problem);
}
if ($str=='SELF') {
return $submission['submitter']==$user['username'];
if ($str == 'SELF') {
return $submission['submitter'] == $user['username'];
}
return false;
}

View File

@ -129,6 +129,13 @@ function blog_name_decode($name) {
return $name;
}
function isProblemUploader($user) {
return $user != null && $user['usertype'] == 'problem_uploader';
}
function isProblemManager($user) {
return $user != null && $user['usertype'] == 'problem_manager';
}
function isSuperUser($user) {
return $user != null && $user['usergroup'] == 'S';
}