Skip to content

Commit

Permalink
Allow guests for exporting users which will exclude email
Browse files Browse the repository at this point in the history
  • Loading branch information
@fushar
fushar committed Aug 3, 2024
1 parent 24398fd commit b6707be
Show file tree
Hide file tree
Showing 6 changed files with 44 additions and 13 deletions.
11 changes: 8 additions & 3 deletions ...ds/judgels-server-app/src/integTest/java/judgels/jophiel/api/UserApiIntegrationTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,9 +54,14 @@ void create_get_export_users() {
assertThat(response.getLastSessionTimesMap()).doesNotContainKeys(nani.getJid());

String exportedCsv = userClient.exportUsers(adminToken, List.of("nani", "nano", "bogus"));
assertThat(exportedCsv).isEqualTo(String.format("jid,username,email\n"
+ "%s,nani,[email protected]\n"
+ "%s,nano,[email protected]\n", nani.getJid(), nano.getJid()));
assertThat(exportedCsv).isEqualTo(String.format("username,jid,email\n"
+ "nani,%s,[email protected]\n"
+ "nano,%s,[email protected]\n", nani.getJid(), nano.getJid()));

exportedCsv = userClient.exportUsers(List.of("nani", "nano", "bogus"));
assertThat(exportedCsv).isEqualTo(String.format("username,jid\n"
+ "nani,%s\n"
+ "nano,%s\n", nani.getJid(), nano.getJid()));
}

@Test
Expand Down
7 changes: 3 additions & 4 deletions ...-server-app/src/integTest/java/judgels/jophiel/api/UserApiPermissionIntegrationTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,7 @@ void get_users() {

@Test
void export_users() {
assertPermitted(exportUsers(adminToken));
assertForbidden(exportUsers(userToken));
assertPermitted(exportUsers());
}

@Test
Expand All @@ -61,8 +60,8 @@ private ThrowingCallable getUsers(String token) {
return () -> userClient.getUsers(token);
}

private ThrowingCallable exportUsers(String token) {
return () -> userClient.exportUsers(token, List.of());
private ThrowingCallable exportUsers() {
return () -> userClient.exportUsers(List.of());
}

private ThrowingCallable upsertUsers(String token) {
Expand Down
5 changes: 5 additions & 0 deletions ...ls-server-app/src/main/java/judgels/jerahmeel/hibernate/StatsUserProblemHibernateDao.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -162,6 +162,11 @@ public long selectCountTriedByUserJid(String userJid) {
.count();
}

@Override
public long selectTotalScoreByUserJid(String userJid) {
return 0;
}

@Override
public Map<String, Long> selectCountsVerdictByUserJid(String userJid) {
CriteriaBuilder cb = currentSession().getCriteriaBuilder();
Expand Down
1 change: 1 addition & 0 deletions ...s/judgels-server-app/src/main/java/judgels/jerahmeel/persistence/StatsUserProblemDao.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,5 +17,6 @@ public interface StatsUserProblemDao extends Dao<StatsUserProblemModel> {
Map<String, Long> selectCountsAcceptedByProblemJids(Collection<String> problemJids);
Map<String, Long> selectCountsTriedByProblemJids(Collection<String> problemJids);
long selectCountTriedByUserJid(String userJid);
long selectTotalScoreByUserJid(String userJid);
Map<String, Long> selectCountsVerdictByUserJid(String userJid);
}
29 changes: 23 additions & 6 deletions judgels-backends/judgels-server-app/src/main/java/judgels/jophiel/user/UserResource.java
View file
Original file line number Diff line number Diff line change
@@ -1,20 +1,22 @@
package judgels.jophiel.user;

import static com.google.common.base.Preconditions.checkArgument;
import static javax.ws.rs.core.HttpHeaders.AUTHORIZATION;
import static javax.ws.rs.core.MediaType.APPLICATION_JSON;
import static javax.ws.rs.core.MediaType.TEXT_PLAIN;
import static judgels.service.ServiceUtils.checkAllowed;
import static judgels.service.ServiceUtils.checkFound;

import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Lists;
import io.dropwizard.hibernate.UnitOfWork;
import java.io.IOException;
import java.io.StringWriter;
import java.time.Instant;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import javax.inject.Inject;
import javax.ws.rs.Consumes;
Expand Down Expand Up @@ -91,13 +93,15 @@ public User createUser(
@Produces(TEXT_PLAIN)
@UnitOfWork(readOnly = true)
public String exportUsers(
@HeaderParam(AUTHORIZATION) AuthHeader authHeader,
@HeaderParam(AUTHORIZATION) Optional<AuthHeader> authHeader,
List<String> usernames) {

String actorJid = actorChecker.check(authHeader);
checkAllowed(roleChecker.canAdminister(actorJid));
boolean canAdminister = roleChecker.canAdminister(actorJid);

checkArgument(usernames.size() <= 100, "Cannot get more than 100 users.");

Map<String, User> usersMap = userStore.getUsersByUsername(ImmutableSet.copyOf(usernames));
Map<String, User> usersMap = userStore.getUsersByUsername(Set.copyOf(usernames));
List<User> users = usernames.stream()
.filter(usersMap::containsKey)
.map(usersMap::get)
Expand All @@ -106,9 +110,22 @@ public String exportUsers(
StringWriter csv = new StringWriter();
CSVWriter writer = new CSVWriter(csv);

writer.writeNext(new String[]{"jid", "username", "email"}, false);
List<String> header = new ArrayList<>();
header.add("username");
header.add("jid");
if (canAdminister) {
header.add("email");
}

writer.writeNext(header.toArray(new String[0]), false);
for (User user : users) {
writer.writeNext(new String[]{user.getJid(), user.getUsername(), user.getEmail()}, false);
List<String> row = new ArrayList<>();
row.add(user.getUsername());
row.add(user.getJid());
if (canAdminister) {
row.add(user.getEmail());
}
writer.writeNext(row.toArray(new String[0]), false);
}
return csv.toString();
}
Expand Down
4 changes: 4 additions & 0 deletions judgels-backends/judgels-server-feign/src/main/java/judgels/jophiel/UserClient.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,10 @@ public interface UserClient {
@Headers("Authorization: Bearer {token}")
User getMyself(@Param("token") String token);

@RequestLine("POST /api/v2/users/batch-get")
@Headers("Content-Type: application/json")
String exportUsers(List<String> usernames);

@RequestLine("POST /api/v2/users/batch-get")
@Headers({"Authorization: Bearer {token}", "Content-Type: application/json"})
String exportUsers(@Param("token") String token, List<String> usernames);
Expand Down

0 comments on commit b6707be

Please sign in to comment.