From 596ea83142b33f598a530d75190869a77f615991 Mon Sep 17 00:00:00 2001 From: taoky Date: Fri, 8 Sep 2023 02:38:59 +0800 Subject: [PATCH 1/5] Add suspicious related fields for users --- frontend/templates/admin_user.html | 12 ++++++++++++ server/user/interface.py | 23 +++++++++++++++++++---- server/user/models.py | 4 ++++ 3 files changed, 35 insertions(+), 4 deletions(-) diff --git a/frontend/templates/admin_user.html b/frontend/templates/admin_user.html index 1edeec7..8ee5c7f 100644 --- a/frontend/templates/admin_user.html +++ b/frontend/templates/admin_user.html @@ -73,6 +73,14 @@

正在创建

+
+ + +
+
+ + +
@@ -103,6 +111,8 @@

正在创建

专业
校区
了解比赛的渠道
+
标记为第一阶段封禁
+
第一阶段封禁原因
@@ -123,6 +133,8 @@

正在创建

{{ obj.major }} {{ obj.campus }} {{ obj.aff }} + TrueFalse + {{ obj.suspicious_reason }} diff --git a/server/user/interface.py b/server/user/interface.py index 058375b..f776dcc 100644 --- a/server/user/interface.py +++ b/server/user/interface.py @@ -37,10 +37,11 @@ class User: json_fields = ('pk', 'is_staff', 'group', 'profile_ok', 'display_name', 'nickname', 'name', 'sno', 'tel', 'email', 'gender', 'qq', 'website', 'school', - 'grade', 'major', 'campus', 'aff', 'token', 'token_short', 'code') + 'grade', 'major', 'campus', 'aff', 'token', 'token_short', 'code', + 'suspicious', 'suspicious_reason') update_fields = ('group', 'nickname', 'name', 'sno', 'tel', 'email', 'gender', 'qq', 'website', 'school', 'grade', 'major', 'campus', - 'aff') + 'aff', 'suspicous', 'suspicious_reason') groups = { 'noscore': '不计分', 'ustc': '中国科学技术大学', @@ -187,6 +188,8 @@ def update(self, **kwargs): User.test_permission(self._context, 'user.full') if 'group' in kwargs and kwargs['group'] != self.group: User.test_permission(self._context, 'user.full') + if 'suspicious' in kwargs or 'suspicious_reason' in kwargs: + User.test_permission(self._context, 'user.full') if self._context.user.pk != self.pk: User.test_permission(self._context, 'user.full') old = self._json_all @@ -199,7 +202,7 @@ def _update(self, **kwargs): for k, v in kwargs.items(): if k in {'group', 'nickname', 'name', 'sno', 'tel', 'email', 'gender', 'qq', 'website', 'school', 'grade', 'major', 'campus', - 'aff'}: + 'aff', 'suspicious', 'suspicious_reason'}: v = v or None try: v is None or self._validators[k](v) @@ -217,7 +220,7 @@ def _update(self, **kwargs): **{k: getattr(self._obj, k) for k in { 'user', 'group', 'nickname', 'name', 'sno', 'tel', 'email', 'gender', 'qq', 'website', 'school', 'grade', 'major', 'campus', - 'aff', 'token', + 'aff', 'token', 'suspicious', 'suspicious_reason' }}, ) @@ -411,3 +414,15 @@ def code(self): return None token = self._obj.token return f'{self.pk}-{int(sha256(token.encode()).hexdigest(), 16)%10000:04}' + + @property + def suspicious(self): + if self._context.user.pk != self.pk: + User.test_permission(self._context) + return self._obj.suspicious + + @property + def suspicious_reason(self): + if self._context.user.pk != self.pk: + User.test_permission(self._context) + return self._obj.suspicious_reason diff --git a/server/user/models.py b/server/user/models.py index 75e464d..8706a01 100644 --- a/server/user/models.py +++ b/server/user/models.py @@ -18,6 +18,8 @@ class User(models.Model): campus = models.TextField(null=True) aff = models.TextField(null=True) token = models.TextField() + suspicious = models.BooleanField(default=False) + suspicious_reason = models.TextField(null=True) class Meta: default_permissions = () @@ -59,6 +61,8 @@ class UserLog(models.Model): campus = models.TextField(null=True) aff = models.TextField(null=True) token = models.TextField() + suspicious = models.BooleanField(default=False) + suspicious_reason = models.TextField(null=True) class Meta: default_permissions = () From e83f5622a389e1d89b6c9dba78453fae27d7b0b0 Mon Sep 17 00:00:00 2001 From: taoky Date: Fri, 8 Sep 2023 02:44:03 +0800 Subject: [PATCH 2/5] Add migrations for suspicious fields --- ...picious_user_suspicious_reason_and_more.py | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 server/user/migrations/0013_user_suspicious_user_suspicious_reason_and_more.py diff --git a/server/user/migrations/0013_user_suspicious_user_suspicious_reason_and_more.py b/server/user/migrations/0013_user_suspicious_user_suspicious_reason_and_more.py new file mode 100644 index 0000000..7aec777 --- /dev/null +++ b/server/user/migrations/0013_user_suspicious_user_suspicious_reason_and_more.py @@ -0,0 +1,32 @@ +# Generated by Django 4.2.4 on 2023-09-07 18:43 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("user", "0012_add_groups"), + ] + + operations = [ + migrations.AddField( + model_name="user", + name="suspicious", + field=models.BooleanField(default=False), + ), + migrations.AddField( + model_name="user", + name="suspicious_reason", + field=models.TextField(null=True), + ), + migrations.AddField( + model_name="userlog", + name="suspicious", + field=models.BooleanField(default=False), + ), + migrations.AddField( + model_name="userlog", + name="suspicious_reason", + field=models.TextField(null=True), + ), + ] From 9b3324db1dd97beadf84c60ed8910be7d036ef25 Mon Sep 17 00:00:00 2001 From: taoky Date: Fri, 8 Sep 2023 16:20:21 +0800 Subject: [PATCH 3/5] Add suspicious_ddl --- frontend/templates/admin_user.html | 10 +++++++-- frontend/templates/hub.html | 6 +++++ server/user/interface.py | 17 +++++++++----- ...r_suspicious_ddl_userlog_suspicious_ddl.py | 22 +++++++++++++++++++ server/user/models.py | 2 ++ 5 files changed, 50 insertions(+), 7 deletions(-) create mode 100644 server/user/migrations/0014_user_suspicious_ddl_userlog_suspicious_ddl.py diff --git a/frontend/templates/admin_user.html b/frontend/templates/admin_user.html index 8ee5c7f..20dca3d 100644 --- a/frontend/templates/admin_user.html +++ b/frontend/templates/admin_user.html @@ -74,13 +74,17 @@

正在创建

- +
- +
+
+ + +
@@ -113,6 +117,7 @@

正在创建

了解比赛的渠道
标记为第一阶段封禁
第一阶段封禁原因
+
第一阶段封禁联系截止时间
@@ -135,6 +140,7 @@

正在创建

{{ obj.aff }} TrueFalse {{ obj.suspicious_reason }} + {{ obj.suspicious_ddl }} diff --git a/frontend/templates/hub.html b/frontend/templates/hub.html index c2728c2..c832c94 100644 --- a/frontend/templates/hub.html +++ b/frontend/templates/hub.html @@ -26,6 +26,12 @@ {{ new Date(announcement.time).toLocaleString() }} 查看所有公告
+
+ 经裁判组检查,你的账号有以下疑似违规行为:{{ user.suspicious_reason }}。 + 你的账号将会在 {{ user.suspicious_ddl }} 被封禁。 + 如果你有异议,请尽快联系 hackergame@ustclug.org, + 提供你的 Token 以及申诉理由。在封禁之前,你仍可正常参加比赛。 +
diff --git a/server/user/interface.py b/server/user/interface.py index f776dcc..3cff19d 100644 --- a/server/user/interface.py +++ b/server/user/interface.py @@ -38,10 +38,10 @@ class User: 'display_name', 'nickname', 'name', 'sno', 'tel', 'email', 'gender', 'qq', 'website', 'school', 'grade', 'major', 'campus', 'aff', 'token', 'token_short', 'code', - 'suspicious', 'suspicious_reason') + 'suspicious', 'suspicious_reason', 'suspicious_ddl') update_fields = ('group', 'nickname', 'name', 'sno', 'tel', 'email', 'gender', 'qq', 'website', 'school', 'grade', 'major', 'campus', - 'aff', 'suspicous', 'suspicious_reason') + 'aff', 'suspicous', 'suspicious_reason', 'suspicious_ddl') groups = { 'noscore': '不计分', 'ustc': '中国科学技术大学', @@ -188,7 +188,8 @@ def update(self, **kwargs): User.test_permission(self._context, 'user.full') if 'group' in kwargs and kwargs['group'] != self.group: User.test_permission(self._context, 'user.full') - if 'suspicious' in kwargs or 'suspicious_reason' in kwargs: + if 'suspicious' in kwargs or 'suspicious_reason' in kwargs \ + or 'suspicious_ddl' in kwargs: User.test_permission(self._context, 'user.full') if self._context.user.pk != self.pk: User.test_permission(self._context, 'user.full') @@ -202,7 +203,7 @@ def _update(self, **kwargs): for k, v in kwargs.items(): if k in {'group', 'nickname', 'name', 'sno', 'tel', 'email', 'gender', 'qq', 'website', 'school', 'grade', 'major', 'campus', - 'aff', 'suspicious', 'suspicious_reason'}: + 'aff', 'suspicious', 'suspicious_reason', 'suspicious_ddl'}: v = v or None try: v is None or self._validators[k](v) @@ -220,7 +221,7 @@ def _update(self, **kwargs): **{k: getattr(self._obj, k) for k in { 'user', 'group', 'nickname', 'name', 'sno', 'tel', 'email', 'gender', 'qq', 'website', 'school', 'grade', 'major', 'campus', - 'aff', 'token', 'suspicious', 'suspicious_reason' + 'aff', 'token', 'suspicious', 'suspicious_reason', 'suspicious_ddl' }}, ) @@ -426,3 +427,9 @@ def suspicious_reason(self): if self._context.user.pk != self.pk: User.test_permission(self._context) return self._obj.suspicious_reason + + @property + def suspicious_ddl(self): + if self._context.user.pk != self.pk: + User.test_permission(self._context) + return self._obj.suspicious_ddl diff --git a/server/user/migrations/0014_user_suspicious_ddl_userlog_suspicious_ddl.py b/server/user/migrations/0014_user_suspicious_ddl_userlog_suspicious_ddl.py new file mode 100644 index 0000000..263d8e3 --- /dev/null +++ b/server/user/migrations/0014_user_suspicious_ddl_userlog_suspicious_ddl.py @@ -0,0 +1,22 @@ +# Generated by Django 4.2.4 on 2023-09-08 08:20 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("user", "0013_user_suspicious_user_suspicious_reason_and_more"), + ] + + operations = [ + migrations.AddField( + model_name="user", + name="suspicious_ddl", + field=models.DateTimeField(null=True), + ), + migrations.AddField( + model_name="userlog", + name="suspicious_ddl", + field=models.DateTimeField(null=True), + ), + ] diff --git a/server/user/models.py b/server/user/models.py index 8706a01..12bd219 100644 --- a/server/user/models.py +++ b/server/user/models.py @@ -20,6 +20,7 @@ class User(models.Model): token = models.TextField() suspicious = models.BooleanField(default=False) suspicious_reason = models.TextField(null=True) + suspicious_ddl = models.DateTimeField(null=True) class Meta: default_permissions = () @@ -63,6 +64,7 @@ class UserLog(models.Model): token = models.TextField() suspicious = models.BooleanField(default=False) suspicious_reason = models.TextField(null=True) + suspicious_ddl = models.DateTimeField(null=True) class Meta: default_permissions = () From df15d64846471c086d343a35cf7b841291648697 Mon Sep 17 00:00:00 2001 From: taoky Date: Fri, 8 Sep 2023 19:49:32 +0800 Subject: [PATCH 4/5] suspicious tested locally --- frontend/templates/admin_user.html | 4 +++- frontend/templates/hub.html | 2 +- server/user/interface.py | 21 ++++++++++++--------- 3 files changed, 16 insertions(+), 11 deletions(-) diff --git a/frontend/templates/admin_user.html b/frontend/templates/admin_user.html index 20dca3d..7bc467d 100644 --- a/frontend/templates/admin_user.html +++ b/frontend/templates/admin_user.html @@ -83,7 +83,9 @@

正在创建

- + +
格式错误!
+
本地时间: {{ new Date(opened.suspicious_ddl).toLocaleString() }}
UTC 时间: {{ new Date(opened.suspicious_ddl).toJSON() }}
diff --git a/frontend/templates/hub.html b/frontend/templates/hub.html index c832c94..96f8ae7 100644 --- a/frontend/templates/hub.html +++ b/frontend/templates/hub.html @@ -28,7 +28,7 @@
经裁判组检查,你的账号有以下疑似违规行为:{{ user.suspicious_reason }}。 - 你的账号将会在 {{ user.suspicious_ddl }} 被封禁。 + 你的账号将会在 {{ new Date(user.suspicious_ddl).toLocaleString() }} 之后被封禁。 如果你有异议,请尽快联系 hackergame@ustclug.org, 提供你的 Token 以及申诉理由。在封禁之前,你仍可正常参加比赛。
diff --git a/server/user/interface.py b/server/user/interface.py index 3cff19d..42042c4 100644 --- a/server/user/interface.py +++ b/server/user/interface.py @@ -41,7 +41,7 @@ class User: 'suspicious', 'suspicious_reason', 'suspicious_ddl') update_fields = ('group', 'nickname', 'name', 'sno', 'tel', 'email', 'gender', 'qq', 'website', 'school', 'grade', 'major', 'campus', - 'aff', 'suspicous', 'suspicious_reason', 'suspicious_ddl') + 'aff', 'suspicious', 'suspicious_reason', 'suspicious_ddl') groups = { 'noscore': '不计分', 'ustc': '中国科学技术大学', @@ -104,6 +104,9 @@ class User: 'major': RegexValidator(r'^.{1,15}$', '专业格式错误'), 'campus': RegexValidator(r'^.{1,15}$', '校区格式错误'), 'aff': RegexValidator(r'^.{1,100}$', '了解比赛的渠道格式错误'), + 'suspicious': lambda x: isinstance(x, bool), + 'suspicious_reason': None, + 'suspicious_ddl': None, } _private_key = OpenSSL.crypto.load_privatekey( OpenSSL.crypto.FILETYPE_PEM, settings.PRIVATE_KEY) @@ -186,10 +189,10 @@ def update(self, **kwargs): server.trigger.interface.Trigger.test_can_update_profile(self._context) except server.trigger.interface.TriggerIsOff: User.test_permission(self._context, 'user.full') - if 'group' in kwargs and kwargs['group'] != self.group: - User.test_permission(self._context, 'user.full') - if 'suspicious' in kwargs or 'suspicious_reason' in kwargs \ - or 'suspicious_ddl' in kwargs: + if ('group' in kwargs and kwargs['group'] != self.group) or \ + ('suspicious' in kwargs and kwargs['suspicious'] != self.suspicious) or \ + ('suspicious_reason' in kwargs and kwargs['suspicious_reason'] != self.suspicious_reason) or \ + ('suspicious_ddl' in kwargs and kwargs['suspicious_ddl'] != self.suspicious_ddl): User.test_permission(self._context, 'user.full') if self._context.user.pk != self.pk: User.test_permission(self._context, 'user.full') @@ -206,7 +209,7 @@ def _update(self, **kwargs): 'aff', 'suspicious', 'suspicious_reason', 'suspicious_ddl'}: v = v or None try: - v is None or self._validators[k](v) + v is None or (self._validators[k] and self._validators[k](v)) except ValidationError as e: raise WrongFormat(e.message) setattr(self._obj, k, v) @@ -419,17 +422,17 @@ def code(self): @property def suspicious(self): if self._context.user.pk != self.pk: - User.test_permission(self._context) + User.test_permission(self._context, 'user.full') return self._obj.suspicious @property def suspicious_reason(self): if self._context.user.pk != self.pk: - User.test_permission(self._context) + User.test_permission(self._context, 'user.full') return self._obj.suspicious_reason @property def suspicious_ddl(self): if self._context.user.pk != self.pk: - User.test_permission(self._context) + User.test_permission(self._context, 'user.full') return self._obj.suspicious_ddl From 0f3786a88e83772cddb94f71979673a7a78b88e1 Mon Sep 17 00:00:00 2001 From: taoky Date: Fri, 8 Sep 2023 21:09:44 +0800 Subject: [PATCH 5/5] Add docs about auth providers --- frontend/auth_providers/README.md | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 frontend/auth_providers/README.md diff --git a/frontend/auth_providers/README.md b/frontend/auth_providers/README.md new file mode 100644 index 0000000..98ece3d --- /dev/null +++ b/frontend/auth_providers/README.md @@ -0,0 +1,11 @@ +# 登录方式 + +## 对协办单位的登录方式要求 + +新的设计为协办单位至少提供一种用户认证的接入方式: + +- Yale CAS(推荐) +- OAuth2(推荐) +- 基于 HTTP POST JSON 的邮件接口(见 [external.py](./external.py)) + +尽管代码仍然支持,我们计划尽量避免使用直接 SMTP 发信的方式,因为往年的经验表明邮件的到达率问题非常大。