cassiopc / boca Goto Github PK
View Code? Open in Web Editor NEWAutomatically exported from code.google.com/p/boca
License: GNU General Public License v3.0
Automatically exported from code.google.com/p/boca
License: GNU General Public License v3.0
The incorrect IP is obtained for all users when BOCA runs behind a reverse proxy (e.g., Traefik).
The problem occurs because in the part of the code in which the user IP is obtained only the environment variable REMOTE_ADDR
is taken into account. It's important to keep in mind that running BOCA with a reverse proxy, REMOTE_ADDR
will be always the proxy's IP (even though users have logged in from different machines), thus BOCA will show the same IP for all users.
https://github.com/cassiopc/boca/blob/master/src/globals.php#L258-L259
This issue allows to bypass the MultiLogins
option set to 'No' when using BOCA + reverse proxy (that means that the same user account could be potentially used to log in from different machines).
git clone --branch test_fix_getip_proxy https://github.com/rlaiola/boca.git
cd boca
# Launch application (it may take a while)
docker compose up -d
# Open a web browser and visit the URL http://localhost/boca.
# First, create and activate a BOCA contest (user: system | password: boca).
# Then, login as admin (user: admin | password: boca).
# Visit the users' page to see that the admin IP is 192.168.0.100
# To stop the application:
docker compose down
Hi
I'm interested on working on different clients to publish information about the
contest - following the rules of the Tournament - and it would be helpful to
have a Message Bus, where my clients could connect to have real time event
notifications for important events, like when a problem was solved, when the
contest was stopped and so on.
I'm willing to help with the implementation details. But i would like to
discuss first if is a good idea before starting to code anything.
Thanks
Original issue reported on code.google.com by [email protected]
on 8 Jul 2013 at 5:07
The User Interface (UI) shows the user full name instead of the username.
The problem occurs in the following files:
https://github.com/cassiopc/boca/blob/master/src/admin/header.php#L65
https://github.com/cassiopc/boca/blob/master/src/judge/header.php#L69
https://github.com/cassiopc/boca/blob/master/src/score/header.php#L51
https://github.com/cassiopc/boca/blob/master/src/staff/header.php#L54
https://github.com/cassiopc/boca/blob/master/src/system/header.php#L51
https://github.com/cassiopc/boca/blob/master/src/team/header.php#L54
git clone --branch test_master https://github.com/rlaiola/boca.git
cd boca
# Launch application (it may take a while)
docker compose up -d
# Open a web browser and visit the URL http://localhost:8000/boca.
# First, create and activate a BOCA contest (user: system | password: boca).
# Then, login as admin (user: admin | password: boca).
# To stop the application:
docker compose down
If the autojudge is started before a contest is created and activated, it is necessary to kill the process and restart it in order to have the runs of that contest judged. The problem also happens if one creates and activates yet another contest, jail (autojudge) will not judge runs of the just activated contest until it is restarted.
The problem occurs because in the autojudge code the variable that holds the active contest is set here...
https://github.com/cassiopc/boca/blob/master/src/private/autojudging.php#L82
but it's never updated inside the infinite loop. Thus the autojudge gets stuck here...
https://github.com/cassiopc/boca/blob/master/src/private/autojudging.php#L87-L96
This seems to be an unexpected behavior (at least from a contest creator perspective) and, more importantly, it requires human intervention to make it work (that is, autojudge needs to be restarted) every single time another contest is activated. Although creating and activating different contests on the same host machine might not be a frequent use case, this imposes a caveat.
In order to demonstrate the problem, a dockerized version of BOCA is used.
Open a Terminal window and make sure Docker Desktop/CE is up and running;
Download/save the docker-compose.yml file and place it in the shell current directory (~/Downloads in the example);
docker-compose.yml
version: '3.8'
services:
# web app
boca-web:
image: ghcr.io/joaofazolo/boca-docker/boca-web:1.1.0
depends_on:
- boca-db
restart: unless-stopped
environment:
# database configuration
# privileged user password
- BOCA_DB_SUPER_PASSWORD=dAm0HAiC
ports:
- 8000:80
# online judge
boca-jail:
image: ghcr.io/joaofazolo/boca-docker/boca-jail:1.1.0
depends_on:
- boca-db
restart: unless-stopped
# database
boca-db:
image: postgres:14-alpine
environment:
# database configuration
# privileged user password
- POSTGRES_PASSWORD=dAm0HAiC
Then, run:
docker-compose -f docker-compose.yml up -d
NOTE: In this example the autojudge (downloads-boca-jail-1) is started alongside the web service (downloads-boca-web-1). Therefore, $activecontest=DBGetActiveContest();
will be set to 0
(Fake contest) as soon as autojudge is up and running (and before a new contest is created via the web interface).
Open a Web browser, visit localhost:8000/boca and log in with the credentials Name: system | Password: boca
;
Click on the 'Contest' menu (top/left) and select 'new' in the ComboBox;
Leave the form as it is, click on the button 'Send' (confirm it) and then on 'Activate' (confirm it). You will be automatically logged out;
NOTE: The id (Contest number) of this contest is 1
, which is different from the value of the aforementioned $activecontest
variable at the autojudge.
Log in with the credentials Name: admin | Password: boca
;
Click on the 'Problems' menu and fill in the form with the information below. Download the problem file from here and choose it in the 'Choose File' button. Click on the 'Send' button and confirm ('OK'). The new problem must appear in the list;
Number: 1
Short Name (usually a letter, no spaces): abacaxi
Problem package (ZIP): abacaxi.zip
Color name: green
Color (RGB HTML format): 00FF00
Click on the 'Users' menu and fill in the form with the information below. Click on the 'Send' button and confirm ('OK'). The new user must appear in the list. After that, just log out;
User Site Number: 1
User Number: 2000
Username: topcoder
ICPC ID:
Type: Team
Enabled: Yes
MultiLogins (local teams should be set to No): No
User Full Name:
User Description:
User IP:
Password: boca
Retype Password: boca
Allow password change: No
Admin (this user) Password: boca
Next, log in with the credentials Name: topcoder | Password: boca
. Once the contest starts, click on the 'Runs' menu and fill in the form with the information below. It doesn't really matter the source code file, just pick a file, click on the 'Send' button and confirm ('OK'). The new run must appear in the list. After that, just log out;
Problem: abacaxi
Language: C
Source code: teste.c
Log in once again with the credentials Name: admin | Password: boca
and click on the 'Runs' menu. Although the autojudge is up and running, it will not judge the submitted run due to the problem described above;
In order to 'fix' that it is necessary to restart the autojudge. In this example, this is achieved restarting the container with the command below (change the container name accordingly):
docker restart downloads-boca-jail-1
Just reload the current web page (that is 'Runs' logged in as admin
), click on the run number and you will be able to see that it was judged by the autojudge;
To stop the application (considering that the shell is in the same directory):
docker-compose -f docker-compose.yml down
A saida do programa sera mais ou menos assim:
1 16 é um numero perfeito, e sua raiz é 4.
Lembrando que para fazer isso, a magica esta nos numero impares, caso a soma
dos mesmo seja igual ao numero digitado.
EX:
1+3+5+7 = 16.
Original issue reported on code.google.com by [email protected]
on 1 Mar 2013 at 7:00
Teams (users) cannot log in from different Web browsers (User Agents) when BOCA runs behind a reverse proxy (e.g., Traefik), which allows for a custom URL like inf.university.br/boca, even though the MultiLogins
option is set to 'Yes'.
The problem occurs because in the part of the code in which the User Agent is considered the usermultilogin
flag is not taken into account. It's important to keep in mind that running BOCA with a reverse proxy, all User IPs will be always the same (actually, they will have the proxy's IP).
https://github.com/cassiopc/boca/blob/master/src/flog.php#L166-L189
This issue does not allow using BOCA + reverse proxy to host remote programing contests, in which even the team members are non-collocated (considering all of them would be able to log in with the same account credentials).
In order to rapidly demonstrate the problem, a dockerized version of BOCA is used.
docker-compose.yml
version: '3'
services:
traefik:
image: "traefik:v2.6"
container_name: "traefik"
command:
#- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
ports:
- "80:80"
- "8080:8080"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
boca-web:
image: ghcr.io/joaofazolo/boca-docker/boca-web:1.0.0
privileged: true
restart: unless-stopped
depends_on:
- boca-postgres
environment:
# Database configuration
- DB_HOST=boca-postgres
- DB_PORT=5432
- DB_NAME=bocadb
# unprivileged boca user
- DB_USER=bocauser
- DB_PASSWORD=dAm0HAiC
# privileged boca user
- DB_SUPER_USER=bocauser
- DB_SUPER_PASSWORD=dAm0HAiC
# initial password that is used by the admin user (web app)
# If not set, the default value is 'boca'
- BOCA_PASSWORD=boca
# secret key to be used in HTTP headers
# MUST set it with any random large enough sequence
- BOCA_KEY=GG56KFJtNDBGjJprR6ex
labels:
- "traefik.enable=true"
- "traefik.http.routers.boca.rule=Host(`localhost`) && PathPrefix(`/boca`)"
- "traefik.http.routers.boca.entrypoints=web"
- "traefik.http.services.boca.loadbalancer.server.port=80"
boca-jail:
image: ghcr.io/joaofazolo/boca-docker/boca-jail:1.0.0
privileged: true
restart: unless-stopped
depends_on:
- boca-postgres
environment:
# Database configuration
- DB_HOST=boca-postgres
- DB_PORT=5432
- DB_NAME=bocadb
# unprivileged boca user
- DB_USER=bocauser
- DB_PASSWORD=dAm0HAiC
- PASSWD=dAm0HAiC
boca-postgres:
image: postgres
container_name: boca-postgres
restart: unless-stopped
environment:
# Database configuration
# privileged boca user
POSTGRES_USER: bocauser
POSTGRES_PASSWORD: dAm0HAiC
Open a Terminal window and make sure Docker Desktop/CE is up and running;
Download/save the file docker-compose.yml and place it in the shell current directory (~/Downloads in the example). Then, run:
docker-compose -f docker-compose.yml up -d
Name: system | Password: boca
;Name: admin | Password: boca
; User Site Number: 1
User Number: 2000
Username: topcoder
ICPC ID:
Type: Team
Enabled: Yes
MultiLogins (local teams should be set to No): Yes
User Full Name:
User Description:
User IP:
Password: boca
Retype Password: boca
Allow password change: No
Admin (this user) Password: boca
In order to reproduce the problem, it is necessary to log in using 2 different User Agents (Web browsers) using the credentials Name: topcoder | Password: boca
;
To stop the application (considering that the shell is in the same directory):
docker-compose -f docker-compose.yml down
Hi,
I'm really interestedin contributing to your project developing new features. Please let me know if you need some help with that.
Best Regards!
Is there an initiative to have a Dockerfile or a Vagrantfile to easly provide a BOCA installation?
"safeexec.c" isn't compatible with mono .NET framework
The problem is due to this code snippet (since commit 17da397):
https://github.com/cassiopc/boca/blob/master/src/optionlower.php#L32-L35
Wouldn't it make more sense to prevent teams to update their password using the admin's UI? I mean, setting the "Allow password change: No" option in /boca/admin/user.php
Team users cannot change their password even if the admin user sets this option to "Yes".
Thanks!
Maybe it would be best to order runs with recent runs first and place the submission form as the first item on that page. That way teams with a lot of submissions won't need to scroll to submit.
Hi
I'm interested on working on different clients to publish information about the
contest - following the rules of the Tournament - and it would be helpful
having a API to query all the information of the contest. For simplicity I
recommend an REST API.
I'm willing to help with the implementations details. But i would like to
discuss first if is a good idea before starting to code anything.
Thanks
Original issue reported on code.google.com by [email protected]
on 8 Jul 2013 at 5:00
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.