Merge branch 'master' into leaderboard

Author: RichDom2185

.credo.exs

@@ -83,7 +83,7 @@
         {Credo.Check.Readability.ModuleNames},
         {Credo.Check.Readability.ParenthesesOnZeroArityDefs},
         {Credo.Check.Readability.ParenthesesInCondition},
-        {Credo.Check.Readability.PredicateFunctionNames},
+        {Credo.Check.Readability.PredicateFunctionNames, exit_status: 0},
         {Credo.Check.Readability.PreferImplicitTry},
         {Credo.Check.Readability.RedundantBlankLines},
         {Credo.Check.Readability.StringSigils},

.github/workflows/cd.yml

@@ -21,12 +21,12 @@ on:
 jobs:
   ci:
     name: Build release
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     env:
       MIX_ENV: prod
       GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      ELIXIR_VERSION: 1.13.4
-      OTP_VERSION: 25.3.2
+      ELIXIR_VERSION: 1.18.3
+      OTP_VERSION: 27.3.3
     steps:
       - uses: rlespinasse/github-slug-action@v3.x
       - uses: actions/checkout@v4

.github/workflows/ci.yml

@@ -19,15 +19,15 @@ on:
 jobs:
   ci:
     name: Run CI
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     env:
       MIX_ENV: test
       GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      ELIXIR_VERSION: 1.13.4
-      OTP_VERSION: 25.3.2
+      ELIXIR_VERSION: 1.18.3
+      OTP_VERSION: 27.3.3
     services:
       postgres:
-        image: postgres:14.2
+        image: postgres:17.4
         env:
           POSTGRES_USER: postgres
           POSTGRES_PASSWORD: postgres

README.md

@@ -14,12 +14,22 @@ Cadet is the web application powering Source Academy.
 
 ### System requirements
 
-1. Elixir 1.13.3+ (current version: 1.13.4)
-2. Erlang/OTP 23.2.1+ (current version: 25.3.2)
-3. PostgreSQL 12+ (tested to be working up to 14.5)
+1. Elixir 1.18+ (current version: 1.18.3)
+2. Erlang/OTP 27+ (current version: 27.3.3)
+3. PostgreSQL 12+ (tested to be working up to 17)
 
 It is probably okay to use a different version of PostgreSQL or Erlang/OTP, but using a different version of Elixir may result in differences in e.g. `mix format`.
 
+> ## Setting up PostgreSQL
+>
+> The simplest way to get started is to use Docker. Simply [install Docker](https://docs.docker.com/get-docker/) and run the following command:
+> 
+> ```bash
+> $ docker run --name sa-backend-db -e POSTGRES_HOST_AUTH_METHOD=trust -e -p 5432:5432 -d postgres
+> ```
+>
+> This configures PostgreSQL on port 5432. You can then connect to the database using `localhost:5432` as the host and `postgres` as the username. Note: `-e POSTGRES_HOST_AUTH_METHOD=trust` is used to disable password authentication for local development; since we are only accesing the database locally from our own machine, it is safe to do so.
+
 ### Setting up your local development environment
 
 1. Set up the development secrets (replace the values appropriately)
@@ -29,8 +39,6 @@ It is probably okay to use a different version of PostgreSQL or Erlang/OTP, but
    $ vim config/dev.secrets.exs
    ```
 
-   - To use NUSNET authentication, specify the NUS ADFS OAuth2 URL. (Ask for it.) Note that the frontend will supply the ADFS client ID and redirect URL (so you will need that too, but not here).
-
 2. Install Elixir dependencies
 
    ```bash
@@ -49,19 +57,6 @@ It is probably okay to use a different version of PostgreSQL or Erlang/OTP, but
    $ mix ecto.setup
    ```
 
-   If you encounter error message about invalid password for the user "postgres".
-   You should reset the "postgres" password:
-
-   ```bash
-   $ sudo -u postgres psql -c "ALTER USER postgres PASSWORD 'postgres';"
-   ```
-
-   and restart postgres service:
-
-   ```bash
-   $ sudo service postgresql restart
-   ```
-
    By default, the database is populated with 10 students and 5 assessments. Each student will have a submission to the corresponding submission. This can be changed in `priv/repo/seeds.exs` with the variables `number_of_students`, `number_of_assessments` and `number_of_questions`. Save the changes and run:
 
    ```bash

config/config.exs

@@ -25,7 +25,9 @@ config :cadet, Cadet.Jobs.Scheduler,
     # Compute rolling leaderboard every 2 hours
     {"0 */2 * * *", {Cadet.Assessments, :update_rolling_contest_leaderboards, []}},
     # Collate contest entries that close in the previous day at 00:01
-    {"1 0 * * *", {Cadet.Assessments, :update_final_contest_entries, []}}
+    {"1 0 * * *", {Cadet.Assessments, :update_final_contest_entries, []}},
+    # Clean up expired exchange tokens at 00:01
+    {"1 0 * * *", {Cadet.TokenExchange, :delete_expired, []}}
   ]
 
 # Configures the endpoint

config/dev.secrets.exs.example

@@ -36,6 +36,8 @@ config :cadet,
     #    %{
     #      assertion_extractor: Cadet.Auth.Providers.NusstuAssertionExtractor,
     #      client_redirect_url: "http://cadet.frontend:8000/login/callback"
+    #      vscode_redirect_url_prefix: "vscode://source-academy.source-academy/sso",
+    #      client_post_exchange_redirect_url: "http://cadet.frontend:8000/login/vscode_callback",
     #    }},
 
     "test" =>

lib/cadet/assessments/assessments.ex

@@ -1068,7 +1068,7 @@ defmodule Cadet.Assessments do
         raw_answer,
         force_submit
       ) do
-    with {:ok, team} <- find_team(question.assessment.id, cr_id),
+    with {:ok, _team} <- find_team(question.assessment.id, cr_id),
          {:ok, submission} <- find_or_create_submission(cr, question.assessment),
          {:status, true} <- {:status, force_submit or submission.status != :submitted},
          {:ok, _answer} <- insert_or_update_answer(submission, question, raw_answer, cr_id) do
@@ -1182,7 +1182,7 @@ defmodule Cadet.Assessments do
 
       # Begin autograding job
       GradingJob.force_grade_individual_submission(updated_submission)
-      update_xp_bonus(submission)
+      update_xp_bonus(updated_submission)
 
       {:ok, nil}
     else
@@ -1421,6 +1421,8 @@ defmodule Cadet.Assessments do
         |> Submission.changeset(%{is_grading_published: true})
         |> Repo.update()
 
+        update_xp_bonus(submission)
+
         Notifications.write_notification_when_published(
           submission.id,
           :published_grading
@@ -1620,23 +1622,18 @@ defmodule Cadet.Assessments do
         Answer
         |> where(submission_id: ^submission_id)
         |> order_by(:question_id)
-        |> group_by([a], a.id)
         |> select([a], %{
-          # grouping by submission, so s.xp_bonus will be the same, but we need an
-          # aggregate function
-          total_xp: sum(a.xp) + sum(a.xp_adjustment)
+          total_xp: a.xp + a.xp_adjustment
         })
 
       total =
         ans_xp
         |> subquery
         |> select([a], %{
-          total_xp: sum(a.total_xp)
+          total_xp: coalesce(sum(a.total_xp), 0)
         })
         |> Repo.one()
 
-      xp = decimal_to_integer(total.total_xp)
-
       cur_time =
         if submission.submitted_at == nil do
           Timex.now()
@@ -1645,7 +1642,7 @@ defmodule Cadet.Assessments do
         end
 
       xp_bonus =
-        if xp <= 0 do
+        if total.total_xp <= 0 do
           0
         else
           if Timex.before?(cur_time, Timex.shift(assessment.open_at, hours: early_hours)) do
@@ -3006,7 +3003,7 @@ defmodule Cadet.Assessments do
 
   def has_last_modified_answer?(
         question = %Question{},
-        cr = %CourseRegistration{id: cr_id},
+        cr = %CourseRegistration{id: _cr_id},
         last_modified_at,
         force_submit
       ) do
@@ -3017,15 +3014,6 @@ defmodule Cadet.Assessments do
     else
       {:status, _} ->
         {:error, {:forbidden, "Assessment submission already finalised"}}
-
-      {:error, :race_condition} ->
-        {:error, {:internal_server_error, "Please try again later."}}
-
-      {:error, :invalid_vote} ->
-        {:error, {:bad_request, "Invalid vote! Vote is not saved."}}
-
-      _ ->
-        {:error, {:bad_request, "Missing or invalid parameter(s)"}}
     end
   end
 

lib/cadet/code_exchange.ex

@@ -0,0 +1,60 @@
+defmodule Cadet.TokenExchange do
+  @moduledoc """
+  The TokenExchange entity stores short-lived codes to be exchanged for long-lived auth tokens.
+  """
+  use Cadet, :model
+
+  import Ecto.Query
+
+  alias Cadet.Repo
+  alias Cadet.Accounts.User
+
+  @primary_key {:code, :string, []}
+  schema "token_exchange" do
+    field(:generated_at, :utc_datetime_usec)
+    field(:expires_at, :utc_datetime_usec)
+
+    belongs_to(:user, User)
+
+    timestamps()
+  end
+
+  @required_fields ~w(code generated_at expires_at user_id)a
+
+  def get_by_code(code) do
+    case Repo.get_by(__MODULE__, code: code) do
+      nil ->
+        {:error, "Not found"}
+
+      struct ->
+        if Timex.before?(struct.expires_at, Timex.now()) do
+          {:error, "Expired"}
+        else
+          struct = Repo.preload(struct, :user)
+          Repo.delete(struct)
+          {:ok, struct}
+        end
+    end
+  end
+
+  def delete_expired do
+    now = Timex.now()
+
+    Repo.delete_all(from(c in __MODULE__, where: c.expires_at < ^now))
+  end
+
+  def changeset(struct, attrs) do
+    struct
+    |> cast(attrs, @required_fields)
+    |> validate_required(@required_fields)
+  end
+
+  def insert(attrs) do
+    changeset =
+      %__MODULE__{}
+      |> changeset(attrs)
+
+    changeset
+    |> Repo.insert()
+  end
+end

lib/cadet/devices/devices.ex

@@ -72,7 +72,11 @@ defmodule Cadet.Devices do
     with {:ok, device} <- maybe_insert_device(type, secret),
          {:ok, registration} <-
            %DeviceRegistration{}
-           |> DeviceRegistration.changeset(%{user_id: user_id, device_id: device.id, title: title})
+           |> DeviceRegistration.changeset(%{
+             user_id: user_id,
+             device_id: device.id,
+             title: title
+           })
            |> Repo.insert() do
       {:ok, registration |> Repo.preload(:device)}
     end

lib/cadet_web/admin_controllers/admin_assets_controller.ex

@@ -22,10 +22,15 @@ defmodule CadetWeb.AdminAssetsController do
 
     case Assets.delete_object(Courses.assets_prefix(course_reg.course), foldername, filename) do
       {:error, {status, message}} -> conn |> put_status(status) |> text(message)
-      _ -> conn |> put_status(204) |> text('')
+      _ -> conn |> put_status(204) |> text("")
     end
   end
 
+  # Ignore the dialyzer warning, just ctrl click the
+  # `Assets.upload_to_s3` function to see the type,
+  # it clearly returns a string URL
+  @dialyzer {:no_match, upload: 2}
+
   def upload(conn, %{
         "upload" => upload_params,
         "filename" => filename,
@@ -96,7 +101,9 @@ defmodule CadetWeb.AdminAssetsController do
     parameters do
       folderName(:path, :string, "Folder name", required: true)
 
-      fileName(:path, :string, "File path in folder, which may contain subfolders", required: true)
+      fileName(:path, :string, "File path in folder, which may contain subfolders",
+        required: true
+      )
     end
 
     security([%{JWT: []}])
@@ -115,7 +122,9 @@ defmodule CadetWeb.AdminAssetsController do
     parameters do
       folderName(:path, :string, "Folder name", required: true)
 
-      fileName(:path, :string, "File path in folder, which may contain subfolders", required: true)
+      fileName(:path, :string, "File path in folder, which may contain subfolders",
+        required: true
+      )
     end
 
     security([%{JWT: []}])

lib/cadet_web/admin_controllers/admin_courses_controller.ex

@@ -147,7 +147,11 @@ defmodule CadetWeb.AdminCoursesController do
           title("AdminSublanguage")
 
           properties do
-            chapter(:integer, "Chapter number from 1 to 4", required: true, minimum: 1, maximum: 4)
+            chapter(:integer, "Chapter number from 1 to 4",
+              required: true,
+              minimum: 1,
+              maximum: 4
+            )
 
             variant(Schema.ref(:SourceVariant), "Variant name", required: true)
           end

lib/cadet_web/admin_controllers/admin_grading_controller.ex

@@ -378,7 +378,9 @@ defmodule CadetWeb.AdminGradingController do
               required: true
             )
 
-            student(Schema.ref(:StudentInfo), "Student who created the submission", required: true)
+            student(Schema.ref(:StudentInfo), "Student who created the submission",
+              required: true
+            )
 
             unsubmittedBy(Schema.ref(:GraderInfo))
             unsubmittedAt(:string, "Last unsubmitted at", format: "date-time", required: false)

lib/cadet_web/admin_views/admin_assessments_view.ex

@@ -64,7 +64,9 @@ defmodule CadetWeb.AdminAssessmentsView do
   end
 
   def render("leaderboard.json", %{leaderboard: leaderboard}) do
-    render_many(leaderboard, CadetWeb.AdminAssessmentsView, "contestEntry.json", as: :contestEntry)
+    render_many(leaderboard, CadetWeb.AdminAssessmentsView, "contestEntry.json",
+      as: :contestEntry
+    )
   end
 
   def render("contestEntry.json", %{contestEntry: contestEntry}) do