Don't allow admins to submit to invalid exercises

app/policies/activity_policy.rb

@@ -58,6 +58,7 @@ def media?
   def submit?
     return false if record.removed?
     return false if user.blank?
+    return false if record.not_valid?
     return true if user.admin?
     return true if record.ok?
 

test/controllers/submissions_controller_test.rb

@@ -486,4 +486,24 @@ def expected_score_string(*args)
 
     assert_response :ok
   end
+
+  test 'should not be able to submit to invalid exercise' do
+    attrs = generate_attr_hash
+    exercise = Exercise.find(attrs[:exercise_id])
+    exercise.update!(status: :not_valid)
+
+    sign_in create(:staff)
+    create_request(attr_hash: attrs)
+
+    assert_response :unprocessable_entity
+  end
+
+  test 'should not be able to submit to valid exercise' do
+    attrs = generate_attr_hash
+
+    sign_in create(:staff)
+    create_request(attr_hash: attrs)
+
+    assert_response :success
+  end
 end

test/system/activities_test.rb

@@ -68,4 +68,11 @@ class ActivitiesTest < ApplicationSystemTestCase
 
     assert_text '`<script>alert("😀\\n")</script>\\n\n\\0`'
   end
+
+  test 'should not be able to submit to invalid exercise' do
+    @instance.update!(status: :not_valid)
+    visit exercise_path(id: @instance.id)
+
+    assert_no_selector '#editor-process-btn'
+  end
 end