Fix paste visibility rules and messages

Author: nygrenh

app/controllers/solutions_controller.rb

@@ -16,7 +16,7 @@ def show
       authorize! :read, @solution
     rescue CanCan::AccessDenied
       if current_user.guest?
-        return respond_access_denied('Please log in to view the model solution.')
+        raise CanCan::AccessDenied
       elsif current_user.teacher?(@organization) || current_user.assistant?(@course)
         return respond_access_denied("You can't see model solutions until organization is verified by administrator")
       else

app/controllers/submissions_controller.rb

@@ -30,6 +30,10 @@ def index
   end
 
   def show
+    if current_user.guest?
+      raise CanCan::AccessDenied
+    end
+
     @course ||= @submission.course
     @exercise ||= @submission.exercise
     @organization = @course.organization
@@ -310,14 +314,30 @@ def index_json_datatables
     end
 
     def check_access!
+      paste_visible = @submission.paste_visible_for?(current_user)
       paste_visibility = @course.paste_visibility || 'open'
       case paste_visibility
       when 'protected'
-        respond_access_denied unless can?(:teach, @course) || @submission.user_id.to_s == current_user.id.to_s || (@submission.public? && @submission.exercise.completed_by?(current_user))
+        respond_access_denied unless can?(:teach, @course) || @submission.user_id.to_s == current_user.id.to_s || paste_visible
       when 'no-tests-public'
         respond_access_denied unless can?(:teach, @course) || @submission.created_at > 2.hours.ago || @submission.user_id.to_s == current_user.id.to_s
       else
-        respond_access_denied unless can?(:teach, @course) || @submission.user_id.to_s == current_user.id.to_s || (@submission.public? && @submission.created_at > 2.hours.ago)
+        return if can?(:teach, @course) || @submission.user_id.to_s == current_user.id.to_s
+        if @submission.created_at < 2.hours.ago
+          return
+        else
+          unless paste_visible
+            if @submission.exercise && !@submission.exercise.completed_by?(current_user)
+              respond_access_denied("You cannot see this paste because you haven't completed this exercise.")
+              return
+            else
+              respond_access_denied("You cannot see this paste because it was created over 2 hours ago.")
+            end
+            return
+          end
+        end
+
+        respond_access_denied("You cannot see this paste because all tests passed.") unless paste_visible
       end
     end
 end

app/models/submission.rb

@@ -343,8 +343,10 @@ def self.eager_load_exercises(submissions)
     end
   end
 
-  def public?
-    paste_available && !all_tests_passed
+  def paste_visible_for?(user)
+    return false unless paste_available
+    return true if exercise && exercise.completed_by?(user)
+    !all_tests_passed
   end
 
   def readable_by?(user)

app/views/files/index.html.erb

@@ -1,5 +1,5 @@
 <h1><%= @title %>
-    <% if @submission.public? and current_user.administrator? %>
+    <% if @submission.paste_visible_for?(current_user) and current_user.administrator? %>
     - <span class="error"> This submission is public</span>
     <% end %>
 </h1>