Update miniapp_leaderboard.py

miniapp_leaderboard.py

@@ -19,7 +19,10 @@ HF_TOKEN = os.environ.get("HF_TOKEN") or os.environ.get("TOKEN") or os.environ.g
 LEADERBOARD_DATASET = (os.environ.get("LEADERBOARD_DATASET") or "").strip()
 MAX_ENTRIES = int(os.environ.get("MAX_ENTRIES", "500"))
 
-ENTRIES_PREFIX = "entries/"
+PENDING_PREFIX = "pending/"
+APPROVED_PREFIX = "approved/"
+
+OWNER_USERNAMES = {"ha251"}  # ✅ 只有这些用户名能看到审核区
 
 LEADERBOARD_COLUMNS = [
     "Model name",
@@ -35,6 +38,8 @@ LEADERBOARD_COLUMNS = [
     "Lifestyle",
     "Submitted at",
     "Submitter",
+    # 额外字段不会显示在表格，但会写入 payload：
+    # "Model API"
 ]
 
 NUMERIC_COLS = [
@@ -50,7 +55,7 @@ NUMERIC_COLS = [
     "Lifestyle",
 ]
 
-# ✅ 展示顺序：Model 最左，Avg 第二列
+# 显示顺序：Model 最左，Avg 第二列
 DISPLAY_ORDER = [
     "Model name",
     "Avg",
@@ -74,6 +79,7 @@ IN_SPACES = bool(
 )
 
 
+# ----------------- basic utils -----------------
 def _api() -> HfApi:
     return HfApi(token=HF_TOKEN)
 
@@ -115,7 +121,7 @@ def _ensure_dataset_readable() -> tuple[bool, str]:
         return False, "Cannot access the dataset repo. Check token permissions."
 
 
-def _list_entry_files() -> list[str]:
+def _list_json_files(prefix: str) -> list[str]:
     ok, _ = _ensure_dataset_readable()
     if not ok:
         return []
@@ -124,19 +130,14 @@ def _list_entry_files() -> list[str]:
         files = api.list_repo_files(repo_id=LEADERBOARD_DATASET, repo_type="dataset")
     except Exception:
         return []
-
-    entry_files = [f for f in files if f.startswith(ENTRIES_PREFIX) and f.endswith(".json")]
-    entry_files.sort(reverse=True)
-    return entry_files[:MAX_ENTRIES]
+    out = [f for f in files if f.startswith(prefix) and f.endswith(".json")]
+    out.sort(reverse=True)
+    return out[:MAX_ENTRIES]
 
 
-def _load_entries_df() -> pd.DataFrame:
-    ok, _ = _ensure_dataset_readable()
-    if not ok:
-        return _empty_df()
-
+def _load_entries_df(prefix: str, include_filename: bool = False) -> pd.DataFrame:
     rows: list[dict] = []
-    for filename in _list_entry_files():
+    for filename in _list_json_files(prefix):
         try:
             path = hf_hub_download(
                 repo_id=LEADERBOARD_DATASET,
@@ -146,19 +147,26 @@ def _load_entries_df() -> pd.DataFrame:
             )
             with open(path, "r", encoding="utf-8") as fp:
                 row = json.load(fp)
-                rows.append(row)
+            if include_filename:
+                row["_filename"] = filename
+            rows.append(row)
         except Exception:
             continue
 
     if not rows:
-        return _empty_df()
+        df = _empty_df()
+        if include_filename:
+            df["_filename"] = []
+        return df
 
     df = pd.DataFrame(rows)
     for c in LEADERBOARD_COLUMNS:
         if c not in df.columns:
             df[c] = ""
+    if include_filename and "_filename" not in df.columns:
+        df["_filename"] = ""
 
-    df = df[LEADERBOARD_COLUMNS]
+    df = df[LEADERBOARD_COLUMNS + (["_filename"] if include_filename else [])]
     for c in NUMERIC_COLS:
         df[c] = pd.to_numeric(df[c], errors="coerce")
 
@@ -176,6 +184,9 @@ def _parse_hf_created_at(created_at: str) -> datetime.datetime | None:
 
 
 def _check_user_eligibility(username: str) -> tuple[bool, str]:
+    """
+    - Must be older than ~30 days (>= 30 days)
+    """
     try:
         r = requests.get(f"https://huggingface.co/api/users/{username}/overview", timeout=10)
         r.raise_for_status()
@@ -189,24 +200,27 @@ def _check_user_eligibility(username: str) -> tuple[bool, str]:
         if dt.tzinfo is None:
             dt = dt.replace(tzinfo=datetime.timezone.utc)
         if (now - dt).days < 30:
-            return False, "Account must be older than 1 months to submit."
+            return False, "Account must be older than 30 days to submit."
         return True, ""
     except Exception:
         return False, "Cannot verify Hugging Face account. Please try again later."
 
 
-def _submitted_today(username: str) -> bool:
-    df = _load_entries_df()
-    if df.empty:
-        return False
+def _submitted_today_anywhere(username: str) -> bool:
     today = datetime.datetime.utcnow().date().isoformat()
-    user_rows = df[df["Submitter"].astype(str) == username]
-    if user_rows.empty:
-        return False
-    return any(str(v).startswith(today) for v in user_rows["Submitted at"].tolist())
+    for prefix in (PENDING_PREFIX, APPROVED_PREFIX):
+        df = _load_entries_df(prefix, include_filename=False)
+        if df.empty:
+            continue
+        user_rows = df[df["Submitter"].astype(str) == username]
+        if user_rows.empty:
+            continue
+        if any(str(v).startswith(today) for v in user_rows["Submitted at"].tolist()):
+            return True
+    return False
 
 
-# ---------- HTML Leaderboard ----------
+# ----------------- leaderboard HTML -----------------
 def _fmt_cell(v):
     if v is None or (isinstance(v, float) and pd.isna(v)):
         return ""
@@ -250,7 +264,6 @@ def _render_leaderboard_html(df: pd.DataFrame, sort_col: str, sort_dir: str) ->
                 tds.append(f'<td class="td num">{_html.escape(val)}</td>')
         trs.append("<tr class='tr'>" + "".join(tds) + "</tr>")
 
-    # ✅ 三层表头：Model 最左，Avg 第二列
     return f"""
     <div class="table-wrap">
       <div class="table-scroll">
@@ -291,7 +304,7 @@ def _render_leaderboard_html(df: pd.DataFrame, sort_col: str, sort_dir: str) ->
 
 
 def render_lb(search_text: str, sort_col: str, sort_dir: str) -> str:
-    df = _load_entries_df()
+    df = _load_entries_df(APPROVED_PREFIX, include_filename=False)
     df = _apply_search_and_sort(df, search_text, sort_col, sort_dir)
     return _render_leaderboard_html(df, sort_col, sort_dir)
 
@@ -305,8 +318,9 @@ def toggle_sort(clicked_col: str, current_col: str, current_dir: str):
     return clicked_col, "desc"
 
 
-# ---------- Submit ----------
+# ----------------- submit & approve -----------------
 def submit(
+    model_name: str,
     model_api: str,
     api_key: str,
     search_text: str,
@@ -317,11 +331,14 @@ def submit(
     if IN_SPACES and (profile is None or not getattr(profile, "username", None)):
         return "You must log in to submit.", render_lb(search_text, sort_col, sort_dir)
 
-    submitter = (getattr(profile, "username", None) if profile is not None else "local") or "anonymous"
+    submitter = getattr(profile, "username", None) or "anonymous"
 
+    model_name = (model_name or "").strip()
     model_api = (model_api or "").strip()
     api_key = (api_key or "").strip()
 
+    if not model_name:
+        return "Model name is required.", render_lb(search_text, sort_col, sort_dir)
     if not model_api:
         return "Model API URL is required.", render_lb(search_text, sort_col, sort_dir)
     if not _is_valid_http_url(model_api):
@@ -338,19 +355,16 @@ def submit(
         if not ok:
             return msg, render_lb(search_text, sort_col, sort_dir)
 
-    if _submitted_today(submitter):
+    if _submitted_today_anywhere(submitter):
         return "You have already submitted today. Please try again tomorrow.", render_lb(search_text, sort_col, sort_dir)
 
     now = datetime.datetime.utcnow().replace(microsecond=0).isoformat() + "Z"
     nonce = uuid.uuid4().hex[:8]
     safe_user = _slug(submitter)
-
-    host = urlparse(model_api).netloc or "unknown"
-    model_name = host
-
     safe_model = _slug(model_name)
-    path_in_repo = f"{ENTRIES_PREFIX}{now[:10]}/{now}-{safe_user}-{safe_model}-{nonce}.json"
+    path_in_repo = f"{PENDING_PREFIX}{now[:10]}/{now}-{safe_user}-{safe_model}-{nonce}.json"
 
+    # api_key collected but NOT stored
     payload = {
         "Model name": model_name,
         "Avg": None,
@@ -375,13 +389,95 @@ def submit(
         repo_type="dataset",
         path_or_fileobj=io.BytesIO(data),
         path_in_repo=path_in_repo,
-        commit_message=f"miniapp: submit {submitter}/{model_name}",
+        commit_message=f"miniapp: submit(pending) {submitter}/{model_name}",
         token=HF_TOKEN,
     )
 
-    return "Submitted successfully.", render_lb(search_text, sort_col, sort_dir)
+    return "Submitted. Waiting for owner approval.", render_lb(search_text, sort_col, sort_dir)
 
 
+def refresh_pending(profile: gr.OAuthProfile | None):
+    username = getattr(profile, "username", None) if profile else None
+    if username not in OWNER_USERNAMES:
+        # 非 owner：不返回任何 pending（且 UI 会隐藏）
+        return pd.DataFrame(columns=["Submitted at", "Submitter", "Model name", "Model API", "_filename"]), gr.update(
+            choices=[], value=None
+        )
+
+    df = _load_entries_df(PENDING_PREFIX, include_filename=True)
+    # pending 表显示更实用的列
+    view = df.copy()
+    cols = ["Submitted at", "Submitter", "Model name"]
+    if "Model API" in view.columns:
+        cols.append("Model API")
+    cols.append("_filename")
+    view = view[cols]
+
+    choices = view["_filename"].tolist() if not view.empty else []
+    return view, gr.update(choices=choices, value=(choices[0] if choices else None))
+
+
+def approve(pending_filename: str | None, profile: gr.OAuthProfile | None, search_text: str, sort_col: str, sort_dir: str):
+    username = getattr(profile, "username", None) if profile else None
+    if username not in OWNER_USERNAMES:
+        # 非 owner：不允许
+        pending_view, dd = refresh_pending(profile)
+        return "Not authorized.", pending_view, dd, render_lb(search_text, sort_col, sort_dir)
+
+    pending_filename = (pending_filename or "").strip()
+    if not pending_filename:
+        pending_view, dd = refresh_pending(profile)
+        return "Select a pending entry.", pending_view, dd, render_lb(search_text, sort_col, sort_dir)
+
+    api = _api()
+    try:
+        local_path = hf_hub_download(
+            repo_id=LEADERBOARD_DATASET,
+            repo_type="dataset",
+            filename=pending_filename,
+            token=HF_TOKEN,
+        )
+        with open(local_path, "r", encoding="utf-8") as fp:
+            payload = json.load(fp)
+    except Exception as e:
+        pending_view, dd = refresh_pending(profile)
+        return f"Failed to read pending file: {e}", pending_view, dd, render_lb(search_text, sort_col, sort_dir)
+
+    # move to approved/
+    base = pending_filename[len(PENDING_PREFIX) :] if pending_filename.startswith(PENDING_PREFIX) else pending_filename
+    approved_filename = f"{APPROVED_PREFIX}{base}"
+    data = (json.dumps(payload, ensure_ascii=False, indent=2) + "\n").encode("utf-8")
+
+    try:
+        api.upload_file(
+            repo_id=LEADERBOARD_DATASET,
+            repo_type="dataset",
+            path_or_fileobj=io.BytesIO(data),
+            path_in_repo=approved_filename,
+            commit_message=f"miniapp: approve {payload.get('Submitter','')}/{payload.get('Model name','')}",
+            token=HF_TOKEN,
+        )
+        api.delete_file(
+            repo_id=LEADERBOARD_DATASET,
+            repo_type="dataset",
+            path_in_repo=pending_filename,
+            commit_message=f"miniapp: remove pending {pending_filename}",
+            token=HF_TOKEN,
+        )
+    except Exception as e:
+        pending_view, dd = refresh_pending(profile)
+        return f"Approve failed: {e}", pending_view, dd, render_lb(search_text, sort_col, sort_dir)
+
+    pending_view, dd = refresh_pending(profile)
+    return "Approved and published.", pending_view, dd, render_lb(search_text, sort_col, sort_dir)
+
+
+def show_owner_panel(profile: gr.OAuthProfile | None):
+    username = getattr(profile, "username", None) if profile else None
+    return gr.update(visible=(username in OWNER_USERNAMES))
+
+
+# ----------------- UI -----------------
 CSS = r"""
 .gradio-container { max-width: 100% !important; }
 #page { padding: 16px; }
@@ -399,7 +495,7 @@ CSS = r"""
 }
 #searchbox textarea::placeholder, #searchbox input::placeholder { color: #9ca3af; }
 
-/* 容器 */
+/* table container */
 .table-wrap{
   width: 100%;
   border: 1px solid #e5e7eb !important;
@@ -408,21 +504,19 @@ CSS = r"""
 }
 .table-scroll{ width: 100%; overflow-x: auto; }
 
-/* ===== 关键：把所有黑边框强制变浅灰 ===== */
+/* HARD OVERRIDE borders to light gray */
 #lb_table {
   width: 100% !important;
   min-width: 1100px;
   border-collapse: collapse !important;
   border: 1px solid #e5e7eb !important;
 }
-#lb_table th,
-#lb_table td{
-  border: 1px solid #e5e7eb !important;   /* 覆盖所有黑线来源 */
+#lb_table th, #lb_table td {
+  border: 1px solid #e5e7eb !important;
   border-color: #e5e7eb !important;
 }
 
-/* 表头 */
-#lb_table thead th.th{
+th.th{
   font-family: ui-sans-serif, system-ui, -apple-system, Segoe UI, Roboto, Helvetica, Arial !important;
   font-weight: 600;
   font-size: 13px;
@@ -432,28 +526,26 @@ CSS = r"""
   background: #f9fafb !important;
   white-space: nowrap;
 }
-#lb_table thead tr.r3 th.th { background: #ffffff !important; }
-#lb_table th.left{ text-align:left !important; }
-#lb_table th.group{ color:#374151 !important; font-weight:600 !important; }
+thead tr.r3 th.th { background: #ffffff !important; }
+th.th.left{ text-align:left !important; }
+th.group{ color:#374151 !important; font-weight:600 !important; }
 
-/* body */
-#lb_table tbody td.td{
+td.td{
   font-family: ui-sans-serif, system-ui, -apple-system, Segoe UI, Roboto, Helvetica, Arial !important;
   font-size: 13px;
   color: #111827;
   padding: 10px 12px;
   background: #fff !important;
 }
-#lb_table td.num{ text-align:right !important; }
-#lb_table td.model{ text-align:left !important; min-width: 280px; }
-#lb_table tbody tr.tr:hover td.td{ background: #fafafa !important; }
+td.num{ text-align:right !important; }
+td.model{ text-align:left !important; min-width: 280px; }
+tr.tr:hover td.td{ background: #fafafa !important; }
 
-/* 可点击排序 */
-#lb_table th.clickable{ cursor:pointer; user-select:none; }
-#lb_table th.clickable:hover{ background:#f3f4f6 !important; }
+th.clickable{ cursor:pointer; user-select:none; }
+th.clickable:hover{ background:#f3f4f6 !important; }
 
-/* submit */
-#submit_card{
+/* cards */
+.card{
   width: 100%;
   border: 1px solid #e5e7eb !important;
   border-radius: 8px;
@@ -461,14 +553,9 @@ CSS = r"""
   background: #fff;
   margin-top: 14px;
 }
-#submit_card .hint{
-  margin: 0 0 10px 0;
-  color: #6b7280;
-  font-size: 13px;
-}
+.muted{ color: #6b7280; font-size: 13px; margin: 0 0 10px 0; }
 """
 
-
 with gr.Blocks(title=f"{APP_NAME} leaderboard") as demo:
     with gr.Column(elem_id="page"):
         with gr.Row(elem_id="topbar"):
@@ -483,13 +570,15 @@ with gr.Blocks(title=f"{APP_NAME} leaderboard") as demo:
                 )
                 refresh_btn = gr.Button("Refresh", scale=0)
 
+        # state for sorting
         sort_col = gr.State("Avg")
         sort_dir = gr.State("desc")
 
+        # leaderboard (approved only)
         lb_html = gr.HTML(value=render_lb("", "Avg", "desc"))
 
+        # click bridge
         clicked_col = gr.Textbox(visible=False, elem_id="clicked_col")
-
         gr.HTML(
             """
 <script>
@@ -508,7 +597,6 @@ with gr.Blocks(title=f"{APP_NAME} leaderboard") as demo:
       };
     });
   }
-
   const obs = new MutationObserver(()=>bindClicks());
   obs.observe(document.body, {subtree:true, childList:true});
   setTimeout(bindClicks, 250);
@@ -517,6 +605,7 @@ with gr.Blocks(title=f"{APP_NAME} leaderboard") as demo:
 """
         )
 
+        # search/refresh
         search_text.change(render_lb, inputs=[search_text, sort_col, sort_dir], outputs=[lb_html])
         refresh_btn.click(render_lb, inputs=[search_text, sort_col, sort_dir], outputs=[lb_html])
 
@@ -530,31 +619,93 @@ with gr.Blocks(title=f"{APP_NAME} leaderboard") as demo:
             outputs=[sort_col, sort_dir, lb_html],
         )
 
+        # submission card
         gr.HTML(
             """
-<div id="submit_card">
-  <div class="hint">
-    <b>Submission</b> — Submit <b>Model API URL</b> and <b>API key</b> only.
-    Requires login (Spaces). One submission per user per day. Account must be older than 1 months.
+<div class="card">
+  <div class="muted">
+    <b>Submission</b> — Submissions go to <b>pending</b> and will appear on the leaderboard only after <b>owner approval</b>.
+    Requires login (Spaces). One submission per user per day. Account must be older than 30 days.
     API key will <b>not</b> be stored.
   </div>
 </div>
 """
         )
 
+        # submit full-width
         with gr.Column():
             with gr.Row():
+                model_name = gr.Textbox(label="Model name", placeholder="e.g. my-model-v1", scale=2)
                 model_api = gr.Textbox(label="Model API URL", placeholder="https://...", scale=3)
-                api_key = gr.Textbox(label="API key", type="password", placeholder="Will not be stored", scale=2)
             with gr.Row():
-                gr.LoginButton()
-                submit_btn = gr.Button("Submit", variant="primary")
-            status = gr.Markdown()
+                api_key = gr.Textbox(label="API key", type="password", placeholder="Will not be stored", scale=3)
+                with gr.Column(scale=1):
+                    gr.LoginButton()
+                    submit_btn = gr.Button("Submit", variant="primary")
+            submit_status = gr.Markdown()
 
         submit_btn.click(
             submit,
-            inputs=[model_api, api_key, search_text, sort_col, sort_dir],
-            outputs=[status, lb_html],
+            inputs=[model_name, model_api, api_key, search_text, sort_col, sort_dir],
+            outputs=[submit_status, lb_html],
+        )
+
+        # Owner panel (hidden unless owner)
+        owner_panel = gr.Column(visible=False)
+        with owner_panel:
+            gr.HTML(
+                """
+<div class="card">
+  <div class="muted"><b>Owner review</b> — Visible only to owner accounts.</div>
+</div>
+"""
+            )
+            pending_refresh_btn = gr.Button("Refresh pending")
+            pending_df = gr.Dataframe(
+                label="Pending submissions",
+                interactive=False,
+                wrap=True,
+                value=pd.DataFrame(columns=["Submitted at", "Submitter", "Model name", "Model API", "_filename"]),
+            )
+            pending_pick = gr.Dropdown(label="Select a pending entry", choices=[], value=None)
+            approve_btn = gr.Button("Approve and publish", variant="primary")
+            approve_status = gr.Markdown()
+
+            pending_refresh_btn.click(
+                refresh_pending,
+                inputs=[gr.State(None)],  # placeholder, will be overridden by load/login binding below
+                outputs=[pending_df, pending_pick],
+            )
+
+        # IMPORTANT: use load/profile to control visibility + pending refresh
+        # In Gradio, we can wire OAuth profile by using a dummy fn that takes profile.
+        def _on_load(profile: gr.OAuthProfile | None, s: str, sc: str, sd: str):
+            # show owner panel?
+            vis = show_owner_panel(profile)
+            # also refresh pending if owner; else empty
+            pdf, pdd = refresh_pending(profile)
+            # keep leaderboard rendered (approved)
+            lb = render_lb(s, sc, sd)
+            return vis, pdf, pdd, lb
+
+        demo.load(
+            _on_load,
+            inputs=[gr.OAuthProfile(), search_text, sort_col, sort_dir],
+            outputs=[owner_panel, pending_df, pending_pick, lb_html],
+        )
+
+        # Approve wiring
+        approve_btn.click(
+            approve,
+            inputs=[pending_pick, gr.OAuthProfile(), search_text, sort_col, sort_dir],
+            outputs=[approve_status, pending_df, pending_pick, lb_html],
+        )
+
+        # Refresh pending button: needs profile too
+        pending_refresh_btn.click(
+            refresh_pending,
+            inputs=[gr.OAuthProfile()],
+            outputs=[pending_df, pending_pick],
         )
 
 demo.launch(css=CSS, ssr_mode=False)