Spring 2018 Mass Updates PR (#974)

* Remove disabled fields in create course user datum

* Add error flash if the user has javascript disabled warning them that some features may not be available.

* Add snippet to application view to make sure the alert is visible across the whole site.

* fix link and remove duplicate favicon file (#908)

* Major improvements to forms. This should make forms look more uniform and have expected behaviors across all forms.

* Finish implementation of better forms.

* change from UB repo to original repo (#938)

* workaround for null constraints in migrations that throw an error in SQLLite

* updated schema to match new migrations

* added missing dropped parameter to autogenerated course_user_datum

* Add feedback to embedded quiz form. Fix margin on autocomplete forms.

* Fix setup script regarding database and school templates (#928)

* revert to mysql, and properly comment unused section

* correct order of config initilization

* swap the initialization order of grading_deadline and end_at (#893)

* account for DST by offsetting difference in utc_offset (#939)

* reorder commands to go to page before drawing box (#944)

* create assessment config files and load them (#929)

* Merging Updates to Annotations (#945)

* Remove disabled fields in create course user datum (#877)

* removes a check that stops annotations with the same submission and problem number from being added

* removed annotation updates that expect there to be a single annotation for each submission and problem

* Untangled gradebook and annotations, so gradebook isn't affected by annotation scores and scores can take any value.

* Begun rollout of our Slack and updated logo

* Updated main url

* Fixed Add-To-Slack btn

* fixed annotation deletion also deleting score bug and added a note for instructors

* reverted db migration changes

* Added point deductions on annotations

* Problem and Score box now shows after update annotation

* Problem field shows in editAnnotation

* Worked on properly updating scores

* removes a check that stops annotations with the same submission and problem number from being added

* removed annotation updates that expect there to be a single annotation for each submission and problem

* Untangled gradebook and annotations, so gradebook isn't affected by annotation scores and scores can take any value.

* Begun rollout of our Slack and updated logo

* Updated main url

* Fixed Add-To-Slack btn

* fixed annotation deletion also deleting score bug and added a note for instructors

* Added point deductions on annotations

* reverted db migration changes

* Problem and Score box now shows after update annotation

* Problem field shows in editAnnotation

* Worked on properly updating scores

* Changed highlight color for lines > 80ch

* Code highlights now include all characters

* Added feature to minimize code annotations

* Changed minimize button to material-icon 'remove' in code anns.

* Annotations are now minimized by default

* Removed debugging print statements

* Removed more print statements

* Fixed no-click error, added checks for scores/gen probs

* removes a check that stops annotations with the same submission and problem number from being added

* removed annotation updates that expect there to be a single annotation for each submission and problem

* Untangled gradebook and annotations, so gradebook isn't affected by annotation scores and scores can take any value.

* Begun rollout of our Slack and updated logo

* Updated main url

* Fixed Add-To-Slack btn

* fixed annotation deletion also deleting score bug and added a note for instructors

* Added point deductions on annotations

* reverted db migration changes

* Problem and Score box now shows after update annotation

* Problem field shows in editAnnotation

* Worked on properly updating scores

* Untangled gradebook and annotations, so gradebook isn't affected by annotation scores and scores can take any value.

* Begun rollout of our Slack and updated logo

* Updated main url

* Fixed Add-To-Slack btn

* fixed annotation deletion also deleting score bug and added a note for instructors

* reverted db migration changes

* Added point deductions on annotations

* Worked on properly updating scores

* Changed highlight color for lines > 80ch

* Code highlights now include all characters

* Added feature to minimize code annotations

* Changed minimize button to material-icon 'remove' in code anns.

* Annotations are now minimized by default

* Removed debugging print statements

* Removed more print statements

* Fixed no-click error, added checks for scores/gen probs

* Removed minimize button in PDF anns

* Replaced submit button that was deleted during rebase

* shows colspec error messages if ill-formed (#943)

* decoupled annotations and gradebook again (#947)

* decoupled annotations and gradebook again

* brought back head :no_content

* move annotation box in front of pdf pages

* Devansh v2.1.0 patches (#950)

* bolded notice that annotations and gradebook are decoupled

* added annotation collapse and expand buttons

* Log and notify when handin exceptions occur (#878)

Integrating a few of cg2v's improvements:

When exceptions occur processing handins or autograde output, send the
exception to ExceptionNotifier and the course log. Otherwise, the only
notification in some cases goes to the student, who gets a bland
"submission failed" flash that they probably ignore.

* set_course should return after rendering 404 (#838)

Integrating one of cg2v's improvements:

After set_course renders the 404 page inline, it needs to immediately return
since any future exception will try to redirect or render triggering a double
render error

* Added automatic setting of the timezone based on the browsers timezone (#954)

* add error checking when saving attachment

* add errmsg for visiting unreleased assessment

* add logging ahd handling for attachments controller

* added error handling for groups controller methods

* Fixes for aud controller.

* Proper success flash styling

* remove unneeded transition on form labels

* add missing table header on schedulers page

* add error & success when destroying a scheduler.

* Add autograding error handling. Also, make the gradesheet redirect properly

* Extensions needed success flashes

* added error handling all across assessments controller

* fixed rescues

* added error handling in scoreboards controller

* add error message when set_score fails

* streamline attribute updating and error checking for scores

* add success flashes in attachments

also use COURSE_LOGGER instead of ASSESSMENT_LOGGER

* add error handling and messages in cud controller

* fix redirections for sudo

* fix redirection in authorize_user_for_course

* Autolab API V1 (#850)

* add doorkeeper to gemfile

* install and configure doorkeeper

* update database for doorkeeper

* add v1 base api controller

* add first version of courses api controller

* Finalize doorkeeper configuration:
  - protect applications index page with admin privilege
  - only allow authorization_code grants
  - use refresh tokens

* implement api error handling

* extend course index method with optional state param

* limit course attributes in response

* implement cud and course check for api routes

* add user auth_level to response

* implement assessment index endpoint

* implement user info endpoint

* add has_autograder field to assessment response

* Implement submissions index endpoint

* implement assessment problems endpoint

* fix type issue

* add custom 404 handler that returns json

* implement submission feedback endpoint

* prepare submission endpoint

* refactor handin helpers into separate helper

* refactor autograde helpers into separate helper

* switch to using more expressive error_codes/hashes

* fix return values

* set response to json always

* remove symbolize_keys hack

* initial testing framework

* add course index test

* add user info endpoint test

* add assessments test

* add failure cases to course test

* rename helpers to core

* move batch submission logic into autograde core

* add explanation for sendJob param

* minor syntax error fix

* make explicit autogradeSubmissions may raise errors

* handle errors from autogradeSubmissions

* give autogradeSubmissions a correct name

* update comment for handin handler function

* rename wrapper functions and add docs

* implement submit endpoint to allow submission over api

* implement assessment writeup endpoint

* use respond_with_hash in submit endpoint

* implement assessment handout endpoint

* configure scopes with doorkeeper

* set scope requirements for each action

* add rack-attack to gemfile

* initial rack-attack config

* throttle using user id instead of ip

* import doorkeeper views

* modify authorized applications page

* modify authorization page

* update rspec tests to include scopes

* add nonexistent course test

* make tests DRY with shared_context

* add assessment#submit endpoint tests

* handle cases where file param missing from submission

* More descriptive error messages for unexpected errors

* add roundtrip test for submission over api

* install webmock

* implement device flow routes

* implement rate limiting for device_flow routes

* create db tables

* add manage applications link to manage_autolab page

* remove non-null requirements on user id and resolved_at columns

* create activerecord model for device_flow_requests

* implement device_flow_init

* implement device_flow_authorize

* add field for access_code in device_flow table

* fix private method calling issue

* device_flow issues access_code instead of token

* implement device_flow activation pages and endpoints

* implement tests for device_flow api endpoints

* add column to record submitter application in submissions table

* update roundtrip test to test for submitted_by_app_id attribute

* store submitter app id during submission

* update submissions api controller to filter by submitter app_id

* implement mock for tango open

* rack-attack handle access_token not found

* fix activation page form bug

* add instructor and admin scopes

* add api-related links to user account page

* implement course#create route

* implement tests for course#create route

* fix getting message from error

* set assessment dates to make sure they can be submitted to in test cases

* create logger

* finish tango_mock

* use tango_mock in roundtrip test

* use tango_mock in assessment controller test

* extract vars used for handin-related tests into separate context

* run api tests in travis

* remove request_stubs after each test case

* allow all unstubbed network requests

* only count released asmts in test

* streamline responses on success

* add verification uri to device_flow_init response

* do not return handout and writeup with each assessment

* do not return visible_at with each assessment

* return error json for rate-limited responses

* create assessment#show path, and refactor assessment#index

* don't return error when handout or writeup non-existent

* add version number to footer

* streamline privilege checking

combine user privilege checking and client scope checking into one method

* add course_user_data index route

* add tests for course_user_data index route

* implement cud create route

* add tests for cud create route

* update cud test cases to use correct http method

* implement cud update route

* add tests for cud update route

* implement cud destroy route

only drops the student. CUD never deleted

* add tests for cud destroy route

* implement cud show route

* add tests for cud show route

* streamline data setting in cud routes

* add grade_policy to cud response

* modify error description for invalid scope

* allow periods in cud email param

* turn off browser autocomplete on the activation form

* fix activation page not returning after redirect

* update new authorization page icon

* set loggers in api_base

* handle disabled course

* clarify autograding failure message

* allow specifying start and end dates for course create

* better error messages for course create

* make course create route consistent with CRUD

* fix rate limit error response

* Statistics fix for excluding excused students. (#981)

* Statistics hotfix for excluding students.

* removed byebug_history and added to gitignoe

* remove facebook scripts loading on every page of autolab. (#973)

* fix regrade error handling (#986)

API v1 hotfix (fix regrade functions)

* TangoClient retry on certain network errors (#985)

* retry http ops in tango_client

* sleep between retries

* Add a way to visually run scheduler. This is nice to see if it makes errors and such. Fixes #956 (#982)

* Annotation Viewing Fixes (#960)

* only shows annotation when the grading deadline has passed or user is an instructor

* comments are important

* exact job email matching (#958)

* fix type on gradebook. This puts the proper has or have. Fixes #962. (#964)

* Added error handling to multiple controllers (#966)

* Added error-checking to annotations_controller

* Added error-handling to problems_controller

* Added error checking to courses_controller.rb

* Added error handling to submissions_controller

* Removed unnecessary error handling, fixed typos

* Removed unnecessary error handling in problems_controller

* Removed trivial error handling in courses_controller

* Removed trivial error checking in annotations_controller

* removed a few extraneous error handlers

* updated version number to 2.2.0

* nil + error hotfix from assessments_controller error handling

* null constraint workaround for sql

* cleaned up an extraneous error reporter

Author: devanshk

.gitignore

@@ -30,3 +30,4 @@ attachments/
 doc/
 out.txt
 .vscode/
+.byebug_history

.travis.yml

@@ -21,7 +21,7 @@ before_script:
 - RAILS_ENV=test bundle exec rake autolab:populate
 script:
 - RAILS_ENV=test CODECLIMATE_REPO_TOKEN=d37a8b9e09642cb73cfcf4ecfb4115fc3d6a55a7714110187ac59856ae4ab5ad
-  bundle exec rspec ./spec/features/
+  bundle exec rspec ./spec/features/ ./spec/api/v1/
 notifications:
   slack:
     secure: GXcycaSBFaOYI6Ge0vhqCYK1xxixwjASOMkV2bkfE6PNIGkDEEQdTpOkohPGoKuz2W9KCGrXC38sbu4npMtonz0/sISydG+g7V33XkLqPaW8oUcdYhwJyBUEB/Ds17U/FJ4IhT9oOrhl17Sm0rm92Mhu6O2eeZYAclGqJgZNLvg=

Gemfile

@@ -58,6 +58,12 @@ gem 'omniauth-facebook', '>=2.0.0'
 gem 'omniauth-google-oauth2', '>=0.2.5'
 gem 'omniauth-shibboleth', '>=1.1.2'
 
+# Autolab API OAuth Service
+gem 'doorkeeper'
+
+# For block and throttling abusive requests
+gem 'rack-attack'
+
 # Adds It also adds f.error_messages and f.error_message_on to form builders
 gem 'dynamic_form'
 
@@ -73,9 +79,14 @@ gem 'rack-test'
 gem 'capybara', group: [:development, :test]
 gem 'factory_girl_rails', group: [:development, :test]
 gem 'database_cleaner', group: [:development, :test]
+gem 'webmock', group: [:development, :test]
 gem 'codeclimate-test-reporter', group: :test, require: nil
 gem 'newrelic_rpm'
 
+# Automatic Time Zone Management
+gem 'browser-timezone-rails'
+gem 'js_cookie_rails'
+
 # Use ActiveModel has_secure_password
 # gem 'bcrypt', '~> 3.1.7'
 

Gemfile.lock

@@ -56,6 +56,10 @@ GEM
       sass (>= 3.3.4)
     bootstrap3-datetimepicker-rails (4.0.0)
       momentjs-rails (>= 2.8.1)
+    browser-timezone-rails (1.0.1)
+      js_cookie_rails
+      jstz-rails3-plus
+      rails (>= 3.1)
     builder (3.2.2)
     byebug (9.0.6)
     capybara (2.11.0)
@@ -76,6 +80,8 @@ GEM
       execjs
     coffee-script-source (1.12.2)
     concurrent-ruby (1.0.4)
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
     daemons (1.2.4)
     database_cleaner (1.5.3)
     debug_inspector (0.0.2)
@@ -88,6 +94,8 @@ GEM
       warden (~> 1.2.3)
     diff-lcs (1.2.5)
     docile (1.1.5)
+    doorkeeper (4.2.0)
+      railties (>= 4.2)
     dynamic_form (1.1.4)
     erubis (2.7.0)
     eventmachine (1.2.1)
@@ -104,6 +112,7 @@ GEM
       multipart-post (>= 1.2, < 3)
     globalid (0.3.7)
       activesupport (>= 4.1.0)
+    hashdiff (0.3.4)
     hashery (2.1.2)
     hashie (3.4.6)
     httparty (0.14.0)
@@ -116,7 +125,11 @@ GEM
       rails-dom-testing (>= 1, < 3)
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
+    js_cookie_rails (2.1.4)
+      railties (>= 3.1)
     json (1.8.3)
+    jstz-rails3-plus (1.0.5)
+      railties (>= 3.1)
     jwt (1.5.6)
     libv8 (3.16.14.17)
     loofah (2.0.3)
@@ -179,6 +192,8 @@ GEM
       ttfunk (~> 1.0.3)
     public_suffix (2.0.5)
     rack (1.6.5)
+    rack-attack (5.0.1)
+      rack
     rack-ssl-enforcer (0.2.9)
     rack-test (0.6.3)
       rack (>= 1.0)
@@ -238,6 +253,7 @@ GEM
     ruby-progressbar (1.8.1)
     ruby-rc4 (0.1.5)
     rubyzip (1.2.0)
+    safe_yaml (1.0.4)
     sass (3.4.23)
     sass-rails (5.0.6)
       railties (>= 4.0.0, < 6)
@@ -285,6 +301,10 @@ GEM
     unicode-display_width (1.1.2)
     warden (1.2.6)
       rack (>= 1.0)
+    webmock (3.0.1)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff
     xpath (2.0.0)
       nokogiri (~> 1.3)
     yard (0.9.8)
@@ -297,18 +317,21 @@ DEPENDENCIES
   binding_of_caller
   bootstrap-sass (~> 3.3.6)
   bootstrap3-datetimepicker-rails (~> 4.0.0)
+  browser-timezone-rails
   byebug (>= 3.5.1)
   capybara
   codeclimate-test-reporter
   coffee-rails (>= 4.0.0)
   database_cleaner
   devise (= 3.4.0)
+  doorkeeper
   dynamic_form
   exception_notification (>= 4.1.0)
   factory_girl_rails
   httparty
   jbuilder (>= 2.0)
   jquery-rails
+  js_cookie_rails
   materialize-sass
   momentjs-rails (>= 2.9.0)
   mysql2 (= 0.3.18)
@@ -320,6 +343,7 @@ DEPENDENCIES
   omniauth-shibboleth (>= 1.1.2)
   populator (>= 1.0.0)
   prawn (= 0.13.0)
+  rack-attack
   rack-ssl-enforcer
   rack-test
   rails (= 4.2.1)
@@ -337,4 +361,8 @@ DEPENDENCIES
   thin
   turbolinks
   uglifier (>= 1.3.0)
+  webmock
   yard
+
+BUNDLED WITH
+   1.15.4

app/assets/javascripts/application.js

@@ -17,3 +17,6 @@
 //= require app-level
 //= require materialize
 //= require materialize-sprockets
+//= require js.cookie
+//= require jstz
+//= require browser_timezone_rails/set_time_zone

app/assets/stylesheets/style.css.scss

@@ -414,12 +414,17 @@ div#footer .right {
   padding-top: 14px;
 }
 
-div#footer a {
+div#footer a,
+div#footer span.site_version {
   display: inline-block;
   padding: 12px;
   color: #666;
 }
 
+div#footer span.site_version {
+  float: right;
+}
+
 div#footer div.fb-like.fb_iframe_widget {
   vertical-align: top;
   margin-left: 8px;
@@ -709,6 +714,10 @@ a.collection-item {
   transition: none;
 }
 
+.input-field label {
+    transition: none;
+}
+
 .collection
 div.collection-item:hover {
   background-color: #ddd;
@@ -1076,6 +1085,18 @@ div.center {
   font-weight: 500;
 }
 
+#flash_alert.success,
+#flash_success.success,
+#flash_notice.success {
+  color: green;
+  padding: 10px;
+  margin-bottom: 0px;
+  border-radius: 3px;
+  border: 1px solid #eee;
+  border-left: 5px solid green;
+  font-weight: 500;
+}
+
 #flash_notice {
   color: #1b809e;
   border-left: 5px solid #1b809e;

app/controllers/annotations_controller.rb

@@ -27,6 +27,7 @@ def create
   action_auth_level :update, :course_assistant
   def update
     @annotation.update(annotation_params)
+
     respond_with(@course, @assessment, @submission, @annotation) do |format|
       format.json { render json: @annotation }
     end
@@ -36,6 +37,7 @@ def update
   action_auth_level :destroy, :course_assistant
   def destroy
     @annotation.destroy
+
     head :no_content
   end