lkva/NDOJ
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Remove user script

Browse source
This commit is contained in:
cuom1999 2024-01-13 19:05:36 -06:00
parent e09008bcb7
commit 80b91435cf
8 changed files with 17 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
judge/admin/profile.py
View file

@ -71,7 +71,6 @@ class ProfileAdmin(VersionAdmin):
"is_banned_problem_voting", "is_banned_problem_voting",
"notes", "notes",
"is_totp_enabled", "is_totp_enabled",
"user_script",
"current_contest", "current_contest",
) )
readonly_fields = ("user",) readonly_fields = ("user",)
@ -160,15 +159,6 @@ class ProfileAdmin(VersionAdmin):
recalculate_points.short_description = _("Recalculate scores") recalculate_points.short_description = _("Recalculate scores")
def get_form(self, request, obj=None, **kwargs):
form = super(ProfileAdmin, self).get_form(request, obj, **kwargs)
if "user_script" in form.base_fields:
# form.base_fields['user_script'] does not exist when the user has only view permission on the model.
form.base_fields["user_script"].widget = AceWidget(
"javascript", request.profile.ace_theme
)
return form
class UserAdmin(OldUserAdmin): class UserAdmin(OldUserAdmin):
# Customize the fieldsets for adding and editing users # Customize the fieldsets for adding and editing users

1
judge/fixtures/demo.json
View file

@ -19,7 +19,6 @@
"rating": null, "rating": null,
"timezone": "America/Toronto", "timezone": "America/Toronto",
"user": 1, "user": 1,
"user_script": ""
}, },
"model": "judge.profile", "model": "judge.profile",
"pk": 1 "pk": 1

2
judge/forms.py
View file

@ -78,12 +78,10 @@ class ProfileForm(ModelForm):
"timezone", "timezone",
"language", "language",
"ace_theme", "ace_theme",
"user_script",
"profile_image", "profile_image",
"css_background", "css_background",
] ]
widgets = { widgets = {
"user_script": AceWidget(theme="github"),
"timezone": Select2Widget(attrs={"style": "width:200px"}), "timezone": Select2Widget(attrs={"style": "width:200px"}),
"language": Select2Widget(attrs={"style": "width:200px"}), "language": Select2Widget(attrs={"style": "width:200px"}),
"ace_theme": Select2Widget(attrs={"style": "width:200px"}), "ace_theme": Select2Widget(attrs={"style": "width:200px"}),

17
judge/migrations/0178_remove_user_script.py Normal file
View file

@ -0,0 +1,17 @@
# Generated by Django 3.2.18 on 2024-01-14 01:04
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("judge", "0177_test_formatter"),
]
operations = [
migrations.RemoveField(
model_name="profile",
name="user_script",
),
]

7
judge/models/profile.py
View file

@ -207,13 +207,6 @@ class Profile(models.Model):
default=False, default=False,
) )
rating = models.IntegerField(null=True, default=None, db_index=True) rating = models.IntegerField(null=True, default=None, db_index=True)
user_script = models.TextField(
verbose_name=_("user script"),
default="",
blank=True,
max_length=65536,
help_text=_("User-defined JavaScript for site customization."),
)
current_contest = models.OneToOneField( current_contest = models.OneToOneField(
"ContestParticipation", "ContestParticipation",
verbose_name=_("current contest"), verbose_name=_("current contest"),

1
judge/user_log.py
View file

@ -24,6 +24,5 @@ class LogUserAccessMiddleware(object):
updates["ip"] = request.META.get(settings.META_REMOTE_ADDRESS_KEY) updates["ip"] = request.META.get(settings.META_REMOTE_ADDRESS_KEY)
Profile.objects.filter(user_id=request.user.pk).update(**updates) Profile.objects.filter(user_id=request.user.pk).update(**updates)
cache.set(f"user_log_update_{request.user.id}", True, 120) cache.set(f"user_log_update_{request.user.id}", True, 120)
print("UPDATE", updates)
return response return response

5
templates/base.html
View file

@ -374,11 +374,6 @@
{{ misc_config.analytics|safe }} {{ misc_config.analytics|safe }}
{% endif %} {% endif %}
{# Don't run userscript since it may be malicious #}
{% if request.user.is_authenticated and request.profile.user_script and not request.user.is_impersonate %}
<script type="text/javascript">{{ request.profile.user_script|safe }}</script>
{% endif %}
<div id="extra_js"> <div id="extra_js">
{% block extra_js %}{% endblock %} {% block extra_js %}{% endblock %}
</div> </div>

11
templates/user/edit-profile.html
View file

@ -57,13 +57,6 @@
{% block js_media %} {% block js_media %}
{% include "timezone/media-js.html" %} {% include "timezone/media-js.html" %}
{{ form.media.js }} {{ form.media.js }}
<script type="text/javascript">
$(function () {
$('#ace_user_script').on('ace_load', function (e, editor) {
editor.getSession().setMode("ace/mode/javascript");
});
});
</script>
<script type="text/javascript"> <script type="text/javascript">
$(function () { $(function () {
$('#disable-2fa-button').click(function () { $('#disable-2fa-button').click(function () {
@ -177,10 +170,6 @@
{{ form.css_background }} {{ form.css_background }}
<div><i>{{form.css_background.help_text}}</i></div> <div><i>{{form.css_background.help_text}}</i></div>
<br><br> <br><br>
<div class="block-header">{{ _('User-script') }}:</div>
{{ form.user_script }}
<hr>
<input type="submit" style="float:right" value="{{ _('Update profile') }}"> <input type="submit" style="float:right" value="{{ _('Update profile') }}">
</form> </form>
</div> </div>