From 32594de50ac988883d6086fee48fc64183abd2ae Mon Sep 17 00:00:00 2001
From: Leif Andersen <leif@leifandersen.net>
Date: Sun, 7 Aug 2016 22:24:03 -0400
Subject: [PATCH 1/7] Allow server to support configs that requires password
 from all users

---
 handin-server/main.rkt           | 98 +++++++++++++++++++++++++-------
 handin-server/private/config.rkt |  1 +
 2 files changed, 77 insertions(+), 22 deletions(-)

diff --git a/handin-server/main.rkt b/handin-server/main.rkt
index 8c93819..30a32bf 100644
--- a/handin-server/main.rkt
+++ b/handin-server/main.rkt
@@ -4,6 +4,7 @@
          racket/port
          openssl
          racket/file
+         racket/string
          "private/logger.rkt"
          "private/config.rkt"
          "private/lock.rkt"
@@ -477,6 +478,13 @@
   (or (member md5 passwords) ; very cheap search first
       (ormap good? passwords)))
 
+(define (has-password?/check-all raw md5 master passwords)
+  (for/fold ([good? #t])
+            ([r (in-list raw)]
+             [m (in-list md5)]
+             [p (in-list passwords)])
+    (and good? (has-password? r m (if master (list master p) (list p))))))
+
 ;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
 (define (handle-connection r r-safe w)
@@ -485,6 +493,11 @@
   (define data
     (make-alist 'protocol-data `((assignments . ,(box active-assignments)))))
   (define (perror fmt . args) (apply error 'handin-protocol fmt args))
+  (define group-auth (get-conf 'group-authentication))
+  (define only-create/update? #f)
+  (unless (or (eq? 'single group-auth)
+              (eq? 'multi group-auth))
+    (error "Invalid group-authentication configuration: ~a" group-auth))
   (let loop ()
     (set! msg (read r-safe))
     (case msg
@@ -492,29 +505,60 @@
       ;; getting information from the client
       [(set)
        (let* ([key (read r-safe)] [val (read r-safe)])
+         (define user-count #f)
          (unless (symbol? key) (perror "bad key value: ~e" key))
-         (unless (if (eq? 'user-fields key)
-                     (and (list? val)
-                          (- (length val) (length (get-conf 'user-fields)))
-                          (andmap string? val))
-                     (string? val))
+         (unless (cond
+                   [(eq? 'user-fields key)
+                    (and (list? val)
+                         (- (length val) (length (get-conf 'user-fields)))
+                         (andmap string? val))]
+                   [(and (eq? 'multi group-auth)
+                         (or (eq? 'username/s key)
+                             (eq? 'password key)))
+                    (if (string? val)
+                        (let ()
+                          (set! group-auth 'single)
+                          (set! only-create/update? #t))
+                        (and (list? val)
+                             (if user-count
+                                 (eq? user-count (length val))
+                                 (set! user-count (length val)))
+                             (andmap string? val)))]
+                   [else (string? val)])
            (perror "bad value for set: ~e" val))
          (when (a-ref data key #f) (perror "multiple values for ~e" key))
          (case key
            [(username/s)
             (unless (get-conf 'username-case-sensitive)
               (set! val (string-foldcase val)))
-            (let ([usernames
-                   ;; Username lists must always be sorted, and never empty
-                   ;; (regexp-split will not return an empty list)
-                   (sort (regexp-split #rx" *[+] *" val) string<?)])
-              (a-set! data 'usernames usernames)
-              (a-set! data 'user-datas (map get-user-data usernames)))]
+            (cond
+              [(eq? 'multi group-auth)
+               (define sorted-usernames (sort val string<?))
+               (a-set! data 'usernames sorted-usernames)
+               (a-set! data 'user-datas (map get-user-data sorted-usernames))
+               (a-set! data 'unsorted-usernames val)
+               (a-set! data 'unsorted-user-datas (map get-user-data val))
+               (set! val (string-join sorted-usernames "+"))]
+              [(eq? 'single group-auth)
+               (let ([usernames
+                      ;; Username lists must always be sorted, and never empty
+                      ;; (regexp-split will not return an empty list)
+                      (sort (regexp-split #rx" *[+] *" val) string<?)])
+                 (a-set! data 'usernames usernames)
+                 (a-set! data 'user-datas (map get-user-data usernames)))])]
            [(password new-password)
-            ;; empty passwords are left empty for change-user-info to re-use
-            ;; an existing password value
-            (when (eq? key 'password) (a-set! data 'raw-password val))
-            (unless (equal? "" val) (set! val (md5 val)))]
+            (cond
+              [(eq? 'multi group-auth)
+               (when (eq? key 'password)
+                 (a-set! data 'raw-password val))
+               (set! val
+                     (for/list ([i (in-list val)])
+                       (if (equal? "" i) "" (md5 i))))]
+              [(eq? 'single group-auth)
+               ;; empty passwords are left empty for change-user-info to re-use
+               ;; an existing password value
+               (when (eq? key 'password) (a-set! data 'raw-password val))
+               (unless (equal? "" val) (set! val (md5 val)))])]
            [(usernames user-datas raw-password assignments)
             ;; forbid setting these directly
             (perror "bad key for `set': ~e" key)])
@@ -540,14 +584,24 @@
            (apply error 'handin
                   (if username/s `("hangup (~a)" ,username/s) `("hangup")))))
        (let ([usernames  (a-ref data 'usernames #f)]
-             [user-datas (a-ref data 'user-datas #f)])
+             [user-datas (a-ref data 'user-datas #f)]
+             [unsorted-user-datas (a-ref data 'unsorted-user-datas #f)])
          (when (or (memq #f user-datas)
-                   (not (has-password?
-                         (a-ref data 'raw-password)
-                         (a-ref data 'password)
-                         (let ([mp (get-conf 'master-password)]
-                               [up (map car user-datas)])
-                           (if mp (cons mp up) up)))))
+                   (and (eq? group-auth 'single)
+                        (not (has-password?
+                              (a-ref data 'raw-password)
+                              (a-ref data 'password)
+                              (let ([mp (get-conf 'master-password)]
+                                    [up (map car user-datas)])
+                                (if mp (cons mp up) up)))))
+                   (and only-create/update?
+                        (not (eq? msg change-user-info)))
+                   (and (eq? group-auth 'multi)
+                        (not (has-password?/check-all
+                              (a-ref data 'raw-password)
+                              (a-ref data 'password)
+                              (get-conf 'master-password)
+                              (map car unsorted-user-datas)))))
            (log-line "failed login: ~a" (a-ref data 'username/s))
            (error* "bad username or password for ~a"
                    (a-ref data 'username/s)))
diff --git a/handin-server/private/config.rkt b/handin-server/private/config.rkt
index bdcc875..75d7365 100644
--- a/handin-server/private/config.rkt
+++ b/handin-server/private/config.rkt
@@ -94,6 +94,7 @@
     [(log-output)              (values #t                    id           )]
     [(log-file)                (values "log"                 path/false   )]
     [(web-log-file)            (values #f                    path/false   )]
+    [(group-authentication)    (values 'single               id           )]
     [(extra-fields)
      (values '(("Full Name" #f #f)
                ("ID#" #f #f)

From 26198b1bb86acfb437eb51a11a5e5ea8b8aa7c44 Mon Sep 17 00:00:00 2001
From: Leif Andersen <leif@leifandersen.net>
Date: Sun, 7 Aug 2016 22:24:47 -0400
Subject: [PATCH 2/7] Update gitignore

---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitignore b/.gitignore
index 38a4087..f15f789 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
 compiled/
 *~
+\#*

From 58b703792975ebd2086f1ccdf5c01acb297ace58 Mon Sep 17 00:00:00 2001
From: Leif Andersen <leif@leifandersen.net>
Date: Sun, 7 Aug 2016 22:36:46 -0400
Subject: [PATCH 3/7] Update docs for multi submit

---
 handin-server/scribblings/server-setup.scrbl | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/handin-server/scribblings/server-setup.scrbl b/handin-server/scribblings/server-setup.scrbl
index bacd2f9..4070644 100644
--- a/handin-server/scribblings/server-setup.scrbl
+++ b/handin-server/scribblings/server-setup.scrbl
@@ -164,6 +164,26 @@ This directory contains the following files and sub-directories:
     @filepath{users.rktd} file and fill in such information.  (The third
     element for such descriptors is ignored.)}
 
+ @item{@indexed-racket[group-authentication] --- indicates
+    the type of authentication required for group accounts.
+    The default value is @code{single}. Valid values are:
+
+    @itemlist[
+ @item{@code{single} --- Only one user most provide their
+      password to authenticate to the server. This means
+      that either student can submit or retrieve a group
+      file without the other.}
+ @item{@code{multi} --- Every user must provide their
+      password to authenticate to the server. This means
+      that all students must be present when submitting and
+      retrieving assignments. If this option is sent the
+      associated handin client must be modified to submit a
+      list for the @racket['username/s] and 
+      @racket['password] fields when submitting and
+      retrieving files. This can be done by modifying 
+      @filepath{client-gui.rkt} to have multiple user and
+      password fields in the submission dialog.}]}
+  
   @item{@indexed-racket[hook-file] --- a path (relative to handin
     server directory or absolute) that specifies a filename that
     contains a `hook' module.  This is useful as a general device for

From ce7f65dd97d614d8b67d57bfe6abfff520ab8a90 Mon Sep 17 00:00:00 2001
From: Leif Andersen <leif@leifandersen.net>
Date: Mon, 8 Aug 2016 09:14:11 -0600
Subject: [PATCH 4/7] handin-server/checker can now be used as a #lang

---
 handin-server/checker.rkt | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/handin-server/checker.rkt b/handin-server/checker.rkt
index 1de984e..581f861 100644
--- a/handin-server/checker.rkt
+++ b/handin-server/checker.rkt
@@ -770,3 +770,8 @@
          ((if (pair? proc) (car proc) handler) loc)))]
     [(null? uncovered) #f]
     [else (error* "bad checker: no coverage information for !all-covered")]))
+
+(module reader syntax/module-reader
+  handin-server/checker
+  #:read read
+  #:read-syntax read-syntax)

From bd8f0e1d6e69ab8d97cc8f7c80e30a78a36c857a Mon Sep 17 00:00:00 2001
From: Leif Andersen <leif@leifandersen.net>
Date: Sun, 4 Sep 2016 16:02:52 -0400
Subject: [PATCH 5/7] get-user-info should not work in multi mode

---
 handin-server/main.rkt | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/handin-server/main.rkt b/handin-server/main.rkt
index 30a32bf..a1d7ef7 100644
--- a/handin-server/main.rkt
+++ b/handin-server/main.rkt
@@ -419,12 +419,15 @@
   (define extra-fields (add-hidden-to-user-fields user-fields))
   (unless (= 1 (length usernames))
     (error* "cannot change a password for multiple users: ~a" usernames))
+  (unless (or (string? passwd)
+              (= 1 (length passwd)))
+    (error* "cannot change a password for multiple users: ~a" usernames))
   ;; the new data is the same as the old one for every empty string (includes
   ;; hidden fields)
   (let* ([username (car usernames)]
          [old-data (car user-datas)]
          [new-data (map (lambda (old new) (if (equal? "" new) old new))
-                        old-data (cons passwd extra-fields))])
+                        old-data (cons (car passwd) extra-fields))])
     (unless (or (get-conf 'allow-change-info)
                 (equal? (cdr new-data) (cdr old-data)))
       (error* "changing information not allowed: ~a" username))

From f17ddf71d5e6408421a5afde54f0b42df4f7a48c Mon Sep 17 00:00:00 2001
From: Leif Andersen <leif@leifandersen.net>
Date: Sun, 4 Sep 2016 16:10:47 -0400
Subject: [PATCH 6/7] new-password can be a list.

---
 handin-server/main.rkt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/handin-server/main.rkt b/handin-server/main.rkt
index a1d7ef7..7933048 100644
--- a/handin-server/main.rkt
+++ b/handin-server/main.rkt
@@ -517,7 +517,8 @@
                          (andmap string? val))]
                    [(and (eq? 'multi group-auth)
                          (or (eq? 'username/s key)
-                             (eq? 'password key)))
+                             (eq? 'password key)
+                             (eq? 'new-password key)))
                     (if (string? val)
                         (let ()
                           (set! group-auth 'single)

From 52e853504d858cec99ae4ff91a227515646cbcce Mon Sep 17 00:00:00 2001
From: Leif Andersen <leif@leifandersen.net>
Date: Thu, 8 Sep 2016 09:12:20 -0400
Subject: [PATCH 7/7] Should be able to pull with just one user

---
 handin-server/main.rkt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/handin-server/main.rkt b/handin-server/main.rkt
index 7933048..961a52b 100644
--- a/handin-server/main.rkt
+++ b/handin-server/main.rkt
@@ -599,7 +599,7 @@
                                     [up (map car user-datas)])
                                 (if mp (cons mp up) up)))))
                    (and only-create/update?
-                        (not (eq? msg change-user-info)))
+                        (eq? msg save-submission))
                    (and (eq? group-auth 'multi)
                         (not (has-password?/check-all
                               (a-ref data 'raw-password)