From 72269ddd7137a3aa65530c0bd94e44a0e809da87 Mon Sep 17 00:00:00 2001 From: Ihsan Ullah Date: Wed, 16 Aug 2023 16:28:07 +0500 Subject: [PATCH 1/6] do not allow users to rerun all submissions if submissions are more than 200. Only super admin can rerun in this case. --- src/apps/api/views/competitions.py | 15 +++++++++++++++ .../competitions/detail/submission_manager.tag | 3 +++ 2 files changed, 18 insertions(+) diff --git a/src/apps/api/views/competitions.py b/src/apps/api/views/competitions.py index 8fcb69a4b..b082a8997 100644 --- a/src/apps/api/views/competitions.py +++ b/src/apps/api/views/competitions.py @@ -583,13 +583,28 @@ def manually_migrate(self, request, pk): @action(detail=True, url_name='rerun_submissions') def rerun_submissions(self, request, pk): + + # Limit for rerunning submissions + RERUN_SUBMISSION_LIMIT = 200 + phase = self.get_object() comp = phase.competition + + # error when user is not super user or admin of the competition if request.user not in comp.all_organizers and not request.user.is_superuser: raise PermissionDenied('You do not have permission to re-run submissions') + + # Get submissions submissions = phase.submissions.all() + + # error when user is not super user and submissions crosses the limit + if not request.user.is_superuser and len(submissions) >= RERUN_SUBMISSION_LIMIT: + raise PermissionDenied('You have too many submissions, Contact us on `info@codalab.org` to request a rerun.') + + # rerun all submissions for submission in submissions: submission.re_run() + rerun_count = len(submissions) return Response({"count": rerun_count}) diff --git a/src/static/riot/competitions/detail/submission_manager.tag b/src/static/riot/competitions/detail/submission_manager.tag index 057cd089b..7b9aa43d7 100644 --- a/src/static/riot/competitions/detail/submission_manager.tag +++ b/src/static/riot/competitions/detail/submission_manager.tag @@ -284,6 +284,9 @@ toastr.success(`Rerunning ${response.count} submissions`) self.update_submissions() }) + .fail(function (response) { + toastr.error(response.responseJSON.detail) + }) } } self.filter = function () { From 5b638eacb42adf566877eebc8147b0580a58dde2 Mon Sep 17 00:00:00 2001 From: Ihsan Ullah Date: Wed, 16 Aug 2023 19:02:21 +0500 Subject: [PATCH 2/6] additional conditions added for queue owner and organizer --- src/apps/api/views/competitions.py | 63 ++++++++++++++++++++++++------ 1 file changed, 52 insertions(+), 11 deletions(-) diff --git a/src/apps/api/views/competitions.py b/src/apps/api/views/competitions.py index b082a8997..b2449c07b 100644 --- a/src/apps/api/views/competitions.py +++ b/src/apps/api/views/competitions.py @@ -585,28 +585,69 @@ def manually_migrate(self, request, pk): def rerun_submissions(self, request, pk): # Limit for rerunning submissions - RERUN_SUBMISSION_LIMIT = 200 + RERUN_SUBMISSION_LIMIT = 30 phase = self.get_object() comp = phase.competition - # error when user is not super user or admin of the competition - if request.user not in comp.all_organizers and not request.user.is_superuser: - raise PermissionDenied('You do not have permission to re-run submissions') - # Get submissions submissions = phase.submissions.all() + can_re_run_submissions = False + error_message = "" + + # Super admin can rerun without any restrictions + if request.user.is_superuser: + can_re_run_submissions = True + + # competition admin can run only if + elif request.user in comp.all_organizers: + + # submissions are in limit + if len(submissions) <= RERUN_SUBMISSION_LIMIT: + can_re_run_submissions = True + + # submissions are not in limit + else: + # Codabemch public queue + if comp.queue is None: + can_re_run_submissions = False + error_message = f"You cannot rerun more than {RERUN_SUBMISSION_LIMIT} submissions on Codabench public queue! Contact us on `info@codalab.org` to request a rerun." + + # Other queue where user is not owner and not organizer + elif request.user != comp.queue.owner and request.user not in comp.queue.organizers.all(): + can_re_run_submissions = False + error_message = f"You cannot rerun more than {RERUN_SUBMISSION_LIMIT} submissions on a queue which is not yours! Contact us on `info@codalab.org` to request a rerun." + + # User can rerun submissions where he is owner or organizer + else: + can_re_run_submissions = True + + else: + can_re_run_submissions = False + error_message = 'You do not have permission to re-run submissions' + + # error when user is not super user or admin of the competition + if can_re_run_submissions: + # rerun all submissions + # for submission in submissions: + # submission.re_run() + rerun_count = len(submissions) + return Response({"count": rerun_count}) + else: + raise PermissionDenied(error_message) + + + + + + + # error when user is not super user and submissions crosses the limit if not request.user.is_superuser and len(submissions) >= RERUN_SUBMISSION_LIMIT: raise PermissionDenied('You have too many submissions, Contact us on `info@codalab.org` to request a rerun.') - # rerun all submissions - for submission in submissions: - submission.re_run() - - rerun_count = len(submissions) - return Response({"count": rerun_count}) + @swagger_auto_schema(responses={200: PhaseResultsSerializer}) @action(detail=True, methods=['GET']) From bd3beddc871925dfc1073e170534f94ccbe66990 Mon Sep 17 00:00:00 2001 From: Ihsan Ullah Date: Wed, 16 Aug 2023 19:07:28 +0500 Subject: [PATCH 3/6] empty lines removed --- src/apps/api/views/competitions.py | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/src/apps/api/views/competitions.py b/src/apps/api/views/competitions.py index b2449c07b..6902a8296 100644 --- a/src/apps/api/views/competitions.py +++ b/src/apps/api/views/competitions.py @@ -637,18 +637,6 @@ def rerun_submissions(self, request, pk): else: raise PermissionDenied(error_message) - - - - - - - # error when user is not super user and submissions crosses the limit - if not request.user.is_superuser and len(submissions) >= RERUN_SUBMISSION_LIMIT: - raise PermissionDenied('You have too many submissions, Contact us on `info@codalab.org` to request a rerun.') - - - @swagger_auto_schema(responses={200: PhaseResultsSerializer}) @action(detail=True, methods=['GET']) def get_leaderboard(self, request, pk): From 66d66b4cae07cc601a2db20e2a8add1ec0ea5e5b Mon Sep 17 00:00:00 2001 From: Ihsan Ullah Date: Wed, 16 Aug 2023 19:22:39 +0500 Subject: [PATCH 4/6] rerun code uncommented --- src/apps/api/views/competitions.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/apps/api/views/competitions.py b/src/apps/api/views/competitions.py index 6902a8296..5602204a0 100644 --- a/src/apps/api/views/competitions.py +++ b/src/apps/api/views/competitions.py @@ -630,8 +630,8 @@ def rerun_submissions(self, request, pk): # error when user is not super user or admin of the competition if can_re_run_submissions: # rerun all submissions - # for submission in submissions: - # submission.re_run() + for submission in submissions: + submission.re_run() rerun_count = len(submissions) return Response({"count": rerun_count}) else: From 0e1511e975e80d145ea77b779d8f1a7e9eb4279b Mon Sep 17 00:00:00 2001 From: Ihsan Ullah Date: Mon, 18 Sep 2023 21:25:50 +0500 Subject: [PATCH 5/6] env variable added --- .env_sample | 8 ++++++++ src/apps/api/views/competitions.py | 10 ++++------ src/settings/base.py | 7 +++++++ 3 files changed, 19 insertions(+), 6 deletions(-) diff --git a/.env_sample b/.env_sample index ce6916ef1..84a0888dc 100644 --- a/.env_sample +++ b/.env_sample @@ -59,6 +59,14 @@ AWS_STORAGE_PRIVATE_BUCKET_NAME=private AWS_S3_ENDPOINT_URL=http://minio:9000/ AWS_QUERYSTRING_AUTH=False +# ----------------------------------------------------------------------------- +# Limit for re-running submission +# This is used to limit users to rerun submissions +# on default queue when number of submissions are < RERUN_SUBMISSION_LIMIT +# ----------------------------------------------------------------------------- +RERUN_SUBMISSION_LIMIT=30 + + # # S3 storage example # STORAGE_TYPE=s3 # AWS_ACCESS_KEY_ID=12312312312312312331223 diff --git a/src/apps/api/views/competitions.py b/src/apps/api/views/competitions.py index 5602204a0..a68052f5b 100644 --- a/src/apps/api/views/competitions.py +++ b/src/apps/api/views/competitions.py @@ -38,6 +38,7 @@ from api.permissions import IsOrganizerOrCollaborator from datetime import datetime from django.db import transaction +from django.conf import settings class CompetitionViewSet(ModelViewSet): @@ -584,9 +585,6 @@ def manually_migrate(self, request, pk): @action(detail=True, url_name='rerun_submissions') def rerun_submissions(self, request, pk): - # Limit for rerunning submissions - RERUN_SUBMISSION_LIMIT = 30 - phase = self.get_object() comp = phase.competition @@ -604,7 +602,7 @@ def rerun_submissions(self, request, pk): elif request.user in comp.all_organizers: # submissions are in limit - if len(submissions) <= RERUN_SUBMISSION_LIMIT: + if len(submissions) <= settings.RERUN_SUBMISSION_LIMIT: can_re_run_submissions = True # submissions are not in limit @@ -612,12 +610,12 @@ def rerun_submissions(self, request, pk): # Codabemch public queue if comp.queue is None: can_re_run_submissions = False - error_message = f"You cannot rerun more than {RERUN_SUBMISSION_LIMIT} submissions on Codabench public queue! Contact us on `info@codalab.org` to request a rerun." + error_message = f"You cannot rerun more than {settings.RERUN_SUBMISSION_LIMIT} submissions on Codabench public queue! Contact us on `info@codalab.org` to request a rerun." # Other queue where user is not owner and not organizer elif request.user != comp.queue.owner and request.user not in comp.queue.organizers.all(): can_re_run_submissions = False - error_message = f"You cannot rerun more than {RERUN_SUBMISSION_LIMIT} submissions on a queue which is not yours! Contact us on `info@codalab.org` to request a rerun." + error_message = f"You cannot rerun more than {settings.RERUN_SUBMISSION_LIMIT} submissions on a queue which is not yours! Contact us on `info@codalab.org` to request a rerun." # User can rerun submissions where he is owner or organizer else: diff --git a/src/settings/base.py b/src/settings/base.py index 1366a0cc8..b0751758e 100644 --- a/src/settings/base.py +++ b/src/settings/base.py @@ -447,3 +447,10 @@ # Django-Su (User impersonation) SU_LOGIN_CALLBACK = 'profiles.admin.su_login_callback' AJAX_LOOKUP_CHANNELS = {'django_su': dict(model='profiles.User', search_field='username')} + +# ============================================================================= +# Limit for re-running submission +# This is used to limit users to rerun submissions +# on default queue when number of submissions are < RERUN_SUBMISSION_LIMIT +# ============================================================================= +RERUN_SUBMISSION_LIMIT = os.environ.get('RERUN_SUBMISSION_LIMIT', 30) From 9b0d3ad3c9af3e986cabd92e521594bd4827582e Mon Sep 17 00:00:00 2001 From: dtuantran Date: Tue, 19 Sep 2023 16:01:44 +0200 Subject: [PATCH 6/6] cast str to int --- src/apps/api/views/competitions.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/apps/api/views/competitions.py b/src/apps/api/views/competitions.py index a68052f5b..095eb7c9b 100644 --- a/src/apps/api/views/competitions.py +++ b/src/apps/api/views/competitions.py @@ -602,7 +602,7 @@ def rerun_submissions(self, request, pk): elif request.user in comp.all_organizers: # submissions are in limit - if len(submissions) <= settings.RERUN_SUBMISSION_LIMIT: + if len(submissions) <= int(settings.RERUN_SUBMISSION_LIMIT): can_re_run_submissions = True # submissions are not in limit