JohnHammond
/
CTFd
mirror of https://github.com/JohnHammond/CTFd.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
CTFd/tests/helpers.py

458 lines
12 KiB
Python
Raw Normal View History

2.3.0 (#1248) 2.3.0 / 2020-02-17 ================== **General** * During setup, admins can register their email address with the CTFd LLC newsletter for news and updates * Fix editting hints from the admin panel * Allow admins to insert HTML code directly into the header and footer (end of body tag) of pages. This replaces and supercedes the custom CSS feature. * The `views.custom_css` route has been removed. * Admins can now customize the content of outgoing emails and inject certain variables into email content. * The `manage.py` script can now manipulate the CTFd Configs table via the `get_config` and `set_config` commands. (e.g. `python manage.py get_config ctf_theme` and `python manage.py set_config ctf_theme core`) **Themes** * Themes should now reference the `theme_header` and `theme_footer` configs instead of the `views.custom_css` endpoint to allow for user customizations. See the `base.html` file of the core theme. **Plugins** * Make `ezq` functions available to `CTFd.js` under `CTFd.ui.ezq` **Miscellaneous** * Python imports sorted with `isort` and import order enforced * Black formatter running on a majority of Python code
2020-02-17 07:17:25 +00:00
import datetime
import gc
import random
import string
import uuid
from collections import namedtuple
import requests
import six
Require CSRF-Token header on state changing API requests, require CSRF nonces on more than just POSTs, replace usage of fetch() with custom CTFd.fetch() implementation (#827) * Require CSRF-Token header on state changing API requests * Require CSRF nonces on more than just POSTs, * Replace usage of `fetch()` with custom `CTFd.fetch()` implementation
2019-01-11 03:38:37 +00:00
from flask.testing import FlaskClient
2.3.0 (#1248) 2.3.0 / 2020-02-17 ================== **General** * During setup, admins can register their email address with the CTFd LLC newsletter for news and updates * Fix editting hints from the admin panel * Allow admins to insert HTML code directly into the header and footer (end of body tag) of pages. This replaces and supercedes the custom CSS feature. * The `views.custom_css` route has been removed. * Admins can now customize the content of outgoing emails and inject certain variables into email content. * The `manage.py` script can now manipulate the CTFd Configs table via the `get_config` and `set_config` commands. (e.g. `python manage.py get_config ctf_theme` and `python manage.py set_config ctf_theme core`) **Themes** * Themes should now reference the `theme_header` and `theme_footer` configs instead of the `views.custom_css` endpoint to allow for user customizations. See the `base.html` file of the core theme. **Plugins** * Make `ezq` functions available to `CTFd.js` under `CTFd.ui.ezq` **Miscellaneous** * Python imports sorted with `isort` and import order enforced * Black formatter running on a majority of Python code
2020-02-17 07:17:25 +00:00
from mock import Mock, patch
from sqlalchemy.engine.url import make_url
from sqlalchemy_utils import drop_database
Require CSRF-Token header on state changing API requests, require CSRF nonces on more than just POSTs, replace usage of fetch() with custom CTFd.fetch() implementation (#827) * Require CSRF-Token header on state changing API requests * Require CSRF nonces on more than just POSTs, * Replace usage of `fetch()` with custom `CTFd.fetch()` implementation
2019-01-11 03:38:37 +00:00
from werkzeug.datastructures import Headers
2.3.0 (#1248) 2.3.0 / 2020-02-17 ================== **General** * During setup, admins can register their email address with the CTFd LLC newsletter for news and updates * Fix editting hints from the admin panel * Allow admins to insert HTML code directly into the header and footer (end of body tag) of pages. This replaces and supercedes the custom CSS feature. * The `views.custom_css` route has been removed. * Admins can now customize the content of outgoing emails and inject certain variables into email content. * The `manage.py` script can now manipulate the CTFd Configs table via the `get_config` and `set_config` commands. (e.g. `python manage.py get_config ctf_theme` and `python manage.py set_config ctf_theme core`) **Themes** * Themes should now reference the `theme_header` and `theme_footer` configs instead of the `views.custom_css` endpoint to allow for user customizations. See the `base.html` file of the core theme. **Plugins** * Make `ezq` functions available to `CTFd.js` under `CTFd.ui.ezq` **Miscellaneous** * Python imports sorted with `isort` and import order enforced * Black formatter running on a majority of Python code
2020-02-17 07:17:25 +00:00
Starting to write tests test_index test_register_user test_user_isnt_admin
2017-01-07 07:44:27 +00:00
from CTFd import create_app
2.3.0 (#1248) 2.3.0 / 2020-02-17 ================== **General** * During setup, admins can register their email address with the CTFd LLC newsletter for news and updates * Fix editting hints from the admin panel * Allow admins to insert HTML code directly into the header and footer (end of body tag) of pages. This replaces and supercedes the custom CSS feature. * The `views.custom_css` route has been removed. * Admins can now customize the content of outgoing emails and inject certain variables into email content. * The `manage.py` script can now manipulate the CTFd Configs table via the `get_config` and `set_config` commands. (e.g. `python manage.py get_config ctf_theme` and `python manage.py set_config ctf_theme core`) **Themes** * Themes should now reference the `theme_header` and `theme_footer` configs instead of the `views.custom_css` endpoint to allow for user customizations. See the `base.html` file of the core theme. **Plugins** * Make `ezq` functions available to `CTFd.js` under `CTFd.ui.ezq` **Miscellaneous** * Python imports sorted with `isort` and import order enforced * Black formatter running on a majority of Python code
2020-02-17 07:17:25 +00:00
from CTFd.cache import cache, clear_standings
Properly check SAFE_MODE and allow plugins to be loaded from tests optionally
2018-11-25 18:51:33 +00:00
from CTFd.config import TestingConfig
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
from CTFd.models import (
Awards,
ChallengeFiles,
2.3.0 (#1248) 2.3.0 / 2020-02-17 ================== **General** * During setup, admins can register their email address with the CTFd LLC newsletter for news and updates * Fix editting hints from the admin panel * Allow admins to insert HTML code directly into the header and footer (end of body tag) of pages. This replaces and supercedes the custom CSS feature. * The `views.custom_css` route has been removed. * Admins can now customize the content of outgoing emails and inject certain variables into email content. * The `manage.py` script can now manipulate the CTFd Configs table via the `get_config` and `set_config` commands. (e.g. `python manage.py get_config ctf_theme` and `python manage.py set_config ctf_theme core`) **Themes** * Themes should now reference the `theme_header` and `theme_footer` configs instead of the `views.custom_css` endpoint to allow for user customizations. See the `base.html` file of the core theme. **Plugins** * Make `ezq` functions available to `CTFd.js` under `CTFd.ui.ezq` **Miscellaneous** * Python imports sorted with `isort` and import order enforced * Black formatter running on a majority of Python code
2020-02-17 07:17:25 +00:00
Challenges,
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
Fails,
Files,
Flags,
Hints,
Notifications,
PageFiles,
2.3.0 (#1248) 2.3.0 / 2020-02-17 ================== **General** * During setup, admins can register their email address with the CTFd LLC newsletter for news and updates * Fix editting hints from the admin panel * Allow admins to insert HTML code directly into the header and footer (end of body tag) of pages. This replaces and supercedes the custom CSS feature. * The `views.custom_css` route has been removed. * Admins can now customize the content of outgoing emails and inject certain variables into email content. * The `manage.py` script can now manipulate the CTFd Configs table via the `get_config` and `set_config` commands. (e.g. `python manage.py get_config ctf_theme` and `python manage.py set_config ctf_theme core`) **Themes** * Themes should now reference the `theme_header` and `theme_footer` configs instead of the `views.custom_css` endpoint to allow for user customizations. See the `base.html` file of the core theme. **Plugins** * Make `ezq` functions available to `CTFd.js` under `CTFd.ui.ezq` **Miscellaneous** * Python imports sorted with `isort` and import order enforced * Black formatter running on a majority of Python code
2020-02-17 07:17:25 +00:00
Pages,
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
Solves,
Tags,
Teams,
2.3.0 (#1248) 2.3.0 / 2020-02-17 ================== **General** * During setup, admins can register their email address with the CTFd LLC newsletter for news and updates * Fix editting hints from the admin panel * Allow admins to insert HTML code directly into the header and footer (end of body tag) of pages. This replaces and supercedes the custom CSS feature. * The `views.custom_css` route has been removed. * Admins can now customize the content of outgoing emails and inject certain variables into email content. * The `manage.py` script can now manipulate the CTFd Configs table via the `get_config` and `set_config` commands. (e.g. `python manage.py get_config ctf_theme` and `python manage.py set_config ctf_theme core`) **Themes** * Themes should now reference the `theme_header` and `theme_footer` configs instead of the `views.custom_css` endpoint to allow for user customizations. See the `base.html` file of the core theme. **Plugins** * Make `ezq` functions available to `CTFd.js` under `CTFd.ui.ezq` **Miscellaneous** * Python imports sorted with `isort` and import order enforced * Black formatter running on a majority of Python code
2020-02-17 07:17:25 +00:00
Tokens,
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
Tracking,
Unlocks,
Users,
)
Fixing unlocking hints for challenges with unicode names (#383) * Fixing unlocking hints for challenges with unicode names * Add tests for unlocking hints with no cost
2017-09-09 04:17:48 +00:00
if six.PY2:
2.1.0 (#957) https://github.com/CTFd/CTFd/milestone/6
2019-04-17 05:36:30 +00:00
text_type = unicode # noqa: F821
Fixing unlocking hints for challenges with unicode names (#383) * Fixing unlocking hints for challenges with unicode names * Add tests for unlocking hints with no cost
2017-09-09 04:17:48 +00:00
binary_type = str
else:
text_type = str
binary_type = bytes
Starting to write tests test_index test_register_user test_user_isnt_admin
2017-01-07 07:44:27 +00:00
Latest set of changes (#190) * PEP 8 compliance (#183) * Group imports: standard library, third party, local * Remove unnecessary spaces * Comments should start with a # and a single space * Adding tests for GETs on user facing pages * Adding more user facing tests 51% test coverage * Fixes #182 * Cleaning up Pages Fixes a bug with CSS updating
2017-01-10 08:35:48 +00:00
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
FakeRequest = namedtuple("FakeRequest", ["form"])
Mark 2.0.0 (#757) * Update CHANGELOG * Update README * Upgrade migration script to port visibility settings * Add message about visibility settings and port over visibility settings * Close #758 * Add tests for dynamic value challenges
2018-11-27 01:32:04 +00:00
Require CSRF-Token header on state changing API requests, require CSRF nonces on more than just POSTs, replace usage of fetch() with custom CTFd.fetch() implementation (#827) * Require CSRF-Token header on state changing API requests * Require CSRF nonces on more than just POSTs, * Replace usage of `fetch()` with custom `CTFd.fetch()` implementation
2019-01-11 03:38:37 +00:00
class CTFdTestClient(FlaskClient):
def open(self, *args, **kwargs):
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
if kwargs.get("json") is not None:
Require CSRF-Token header on state changing API requests, require CSRF nonces on more than just POSTs, replace usage of fetch() with custom CTFd.fetch() implementation (#827) * Require CSRF-Token header on state changing API requests * Require CSRF nonces on more than just POSTs, * Replace usage of `fetch()` with custom `CTFd.fetch()` implementation
2019-01-11 03:38:37 +00:00
with self.session_transaction() as sess:
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
api_key_headers = Headers({"CSRF-Token": sess.get("nonce")})
headers = kwargs.pop("headers", Headers())
2.2.0 (#1188) 2.2.0 / 2019-12-22 ================== ## Notice 2.2.0 focuses on updating the front end of CTFd to use more modern programming practices and changes some aspects of core CTFd design. If your current installation is using a custom theme or custom plugin with ***any*** kind of JavaScript, it is likely that you will need to upgrade that theme/plugin to be useable with v2.2.0. **General** * Team size limits can now be enforced from the configuration panel * Access tokens functionality for API usage * Admins can now choose how to deliver their notifications * Toast (new default) * Alert * Background * Sound On / Sound Off * There is now a notification counter showing how many unread notifications were received * Setup has been redesigned to have multiple steps * Added Description * Added Start time and End time, * Added MajorLeagueCyber integration * Added Theme and color selection * Fixes issue where updating dynamic challenges could change the value to an incorrect value * Properly use a less restrictive regex to validate email addresses * Bump Python dependencies to latest working versions * Admins can now give awards to team members from the team's admin panel page **API** * Team member removals (`DELETE /api/v1/teams/[team_id]/members`) from the admin panel will now delete the removed members's Submissions, Awards, Unlocks **Admin Panel** * Admins can now user a color input box to specify a theme color which is injected as part of the CSS configuration. Theme developers can use this CSS value to change colors and styles accordingly. * Challenge updates will now alert you if the challenge doesn't have a flag * Challenge entry now allows you to upload files and enter simple flags from the initial challenge creation page **Themes** * Significant JavaScript and CSS rewrite to use ES6, Webpack, yarn, and babel * Theme asset specially generated URLs * Static theme assets are now loaded with either .dev.extension or .min.extension depending on production or development (i.e. debug server) * Static theme assets are also given a `d` GET parameter that changes per server start. Used to bust browser caches. * Use `defer` for script tags to not block page rendering * Only show the MajorLeagueCyber button if configured in configuration * The admin panel now links to https://help.ctfd.io/ in the top right * Create an `ezToast()` function to use [Bootstrap's toasts](https://getbootstrap.com/docs/4.3/components/toasts/) * The user-facing navbar now features icons * Awards shown on a user's profile can now have award icons * The default MarkdownIt render created by CTFd will now open links in new tabs * Country flags can now be shown on the user pages **Deployment** * Switch `Dockerfile` from `python:2.7-alpine` to `python:3.7-alpine` * Add `SERVER_SENT_EVENTS` config value to control whether Notifications are enabled * Challenge ID is now recorded in the submission log **Plugins** * Add an endpoint parameter to `register_plugin_assets_directory()` and `register_plugin_asset()` to control what endpoint Flask uses for the added route **Miscellaneous** * `CTFd.utils.email.sendmail()` now allows the caller to specify subject as an argument * The subject allows for injecting custom variable via the new `CTFd.utils.formatters.safe_format()` function * Admin user information is now error checked during setup * Added yarn to the toolchain and the yarn dev, yarn build, yarn verify, and yarn clean scripts * Prevent old CTFd imports from being imported
2019-12-23 04:17:34 +00:00
if isinstance(headers, dict):
headers = Headers(headers)
Require CSRF-Token header on state changing API requests, require CSRF nonces on more than just POSTs, replace usage of fetch() with custom CTFd.fetch() implementation (#827) * Require CSRF-Token header on state changing API requests * Require CSRF nonces on more than just POSTs, * Replace usage of `fetch()` with custom `CTFd.fetch()` implementation
2019-01-11 03:38:37 +00:00
headers.extend(api_key_headers)
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
kwargs["headers"] = headers
Require CSRF-Token header on state changing API requests, require CSRF nonces on more than just POSTs, replace usage of fetch() with custom CTFd.fetch() implementation (#827) * Require CSRF-Token header on state changing API requests * Require CSRF nonces on more than just POSTs, * Replace usage of `fetch()` with custom `CTFd.fetch()` implementation
2019-01-11 03:38:37 +00:00
return super(CTFdTestClient, self).open(*args, **kwargs)
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
def create_ctfd(
ctf_name="CTFd",
2.2.0 (#1188) 2.2.0 / 2019-12-22 ================== ## Notice 2.2.0 focuses on updating the front end of CTFd to use more modern programming practices and changes some aspects of core CTFd design. If your current installation is using a custom theme or custom plugin with ***any*** kind of JavaScript, it is likely that you will need to upgrade that theme/plugin to be useable with v2.2.0. **General** * Team size limits can now be enforced from the configuration panel * Access tokens functionality for API usage * Admins can now choose how to deliver their notifications * Toast (new default) * Alert * Background * Sound On / Sound Off * There is now a notification counter showing how many unread notifications were received * Setup has been redesigned to have multiple steps * Added Description * Added Start time and End time, * Added MajorLeagueCyber integration * Added Theme and color selection * Fixes issue where updating dynamic challenges could change the value to an incorrect value * Properly use a less restrictive regex to validate email addresses * Bump Python dependencies to latest working versions * Admins can now give awards to team members from the team's admin panel page **API** * Team member removals (`DELETE /api/v1/teams/[team_id]/members`) from the admin panel will now delete the removed members's Submissions, Awards, Unlocks **Admin Panel** * Admins can now user a color input box to specify a theme color which is injected as part of the CSS configuration. Theme developers can use this CSS value to change colors and styles accordingly. * Challenge updates will now alert you if the challenge doesn't have a flag * Challenge entry now allows you to upload files and enter simple flags from the initial challenge creation page **Themes** * Significant JavaScript and CSS rewrite to use ES6, Webpack, yarn, and babel * Theme asset specially generated URLs * Static theme assets are now loaded with either .dev.extension or .min.extension depending on production or development (i.e. debug server) * Static theme assets are also given a `d` GET parameter that changes per server start. Used to bust browser caches. * Use `defer` for script tags to not block page rendering * Only show the MajorLeagueCyber button if configured in configuration * The admin panel now links to https://help.ctfd.io/ in the top right * Create an `ezToast()` function to use [Bootstrap's toasts](https://getbootstrap.com/docs/4.3/components/toasts/) * The user-facing navbar now features icons * Awards shown on a user's profile can now have award icons * The default MarkdownIt render created by CTFd will now open links in new tabs * Country flags can now be shown on the user pages **Deployment** * Switch `Dockerfile` from `python:2.7-alpine` to `python:3.7-alpine` * Add `SERVER_SENT_EVENTS` config value to control whether Notifications are enabled * Challenge ID is now recorded in the submission log **Plugins** * Add an endpoint parameter to `register_plugin_assets_directory()` and `register_plugin_asset()` to control what endpoint Flask uses for the added route **Miscellaneous** * `CTFd.utils.email.sendmail()` now allows the caller to specify subject as an argument * The subject allows for injecting custom variable via the new `CTFd.utils.formatters.safe_format()` function * Admin user information is now error checked during setup * Added yarn to the toolchain and the yarn dev, yarn build, yarn verify, and yarn clean scripts * Prevent old CTFd imports from being imported
2019-12-23 04:17:34 +00:00
ctf_description="CTF description",
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
name="admin",
email="admin@ctfd.io",
password="password",
user_mode="users",
setup=True,
enable_plugins=False,
application_root="/",
config=TestingConfig,
):
Properly check SAFE_MODE and allow plugins to be loaded from tests optionally
2018-11-25 18:51:33 +00:00
if enable_plugins:
2.1.0 (#957) https://github.com/CTFd/CTFd/milestone/6
2019-04-17 05:36:30 +00:00
config.SAFE_MODE = False
Fix subdirectory deployments in a generic manner (#802) * Fix subdirectory deployments in a generic manner by modifying`request.path` to combine both `request.script_root` and `request.path` and also creating a request preprocessor to redirect users into the true CTFd app. Without this sessions will be invalid because sessions will be set to a subdirectory. * Add a test for testing subdirectory deployments and the customized CTFdRequest object. * Fix `TestingConfig.SAFE_MODE` getting stuck in between tests. * Order AWS keys properly in travis.yml * Redirect to `request.full_path` instead of just `request.path`
2018-12-16 18:18:08 +00:00
else:
2.1.0 (#957) https://github.com/CTFd/CTFd/milestone/6
2019-04-17 05:36:30 +00:00
config.SAFE_MODE = True
Fix subdirectory deployments in a generic manner (#802) * Fix subdirectory deployments in a generic manner by modifying`request.path` to combine both `request.script_root` and `request.path` and also creating a request preprocessor to redirect users into the true CTFd app. Without this sessions will be invalid because sessions will be set to a subdirectory. * Add a test for testing subdirectory deployments and the customized CTFdRequest object. * Fix `TestingConfig.SAFE_MODE` getting stuck in between tests. * Order AWS keys properly in travis.yml * Redirect to `request.full_path` instead of just `request.path`
2018-12-16 18:18:08 +00:00
2.1.0 (#957) https://github.com/CTFd/CTFd/milestone/6
2019-04-17 05:36:30 +00:00
config.APPLICATION_ROOT = application_root
url = make_url(config.SQLALCHEMY_DATABASE_URI)
if url.database:
url.database = str(uuid.uuid4())
config.SQLALCHEMY_DATABASE_URI = str(url)
Properly check SAFE_MODE and allow plugins to be loaded from tests optionally
2018-11-25 18:51:33 +00:00
2.1.0 (#957) https://github.com/CTFd/CTFd/milestone/6
2019-04-17 05:36:30 +00:00
app = create_app(config)
Require CSRF-Token header on state changing API requests, require CSRF nonces on more than just POSTs, replace usage of fetch() with custom CTFd.fetch() implementation (#827) * Require CSRF-Token header on state changing API requests * Require CSRF nonces on more than just POSTs, * Replace usage of `fetch()` with custom `CTFd.fetch()` implementation
2019-01-11 03:38:37 +00:00
app.test_client_class = CTFdTestClient
Starting to write tests test_index test_register_user test_user_isnt_admin
2017-01-07 07:44:27 +00:00
Fixes unstyled Setup UI (#291) * Changing /static to /themes * Adding test to make sure setup behavior works
2017-06-18 22:54:20 +00:00
if setup:
2.2.0 (#1188) 2.2.0 / 2019-12-22 ================== ## Notice 2.2.0 focuses on updating the front end of CTFd to use more modern programming practices and changes some aspects of core CTFd design. If your current installation is using a custom theme or custom plugin with ***any*** kind of JavaScript, it is likely that you will need to upgrade that theme/plugin to be useable with v2.2.0. **General** * Team size limits can now be enforced from the configuration panel * Access tokens functionality for API usage * Admins can now choose how to deliver their notifications * Toast (new default) * Alert * Background * Sound On / Sound Off * There is now a notification counter showing how many unread notifications were received * Setup has been redesigned to have multiple steps * Added Description * Added Start time and End time, * Added MajorLeagueCyber integration * Added Theme and color selection * Fixes issue where updating dynamic challenges could change the value to an incorrect value * Properly use a less restrictive regex to validate email addresses * Bump Python dependencies to latest working versions * Admins can now give awards to team members from the team's admin panel page **API** * Team member removals (`DELETE /api/v1/teams/[team_id]/members`) from the admin panel will now delete the removed members's Submissions, Awards, Unlocks **Admin Panel** * Admins can now user a color input box to specify a theme color which is injected as part of the CSS configuration. Theme developers can use this CSS value to change colors and styles accordingly. * Challenge updates will now alert you if the challenge doesn't have a flag * Challenge entry now allows you to upload files and enter simple flags from the initial challenge creation page **Themes** * Significant JavaScript and CSS rewrite to use ES6, Webpack, yarn, and babel * Theme asset specially generated URLs * Static theme assets are now loaded with either .dev.extension or .min.extension depending on production or development (i.e. debug server) * Static theme assets are also given a `d` GET parameter that changes per server start. Used to bust browser caches. * Use `defer` for script tags to not block page rendering * Only show the MajorLeagueCyber button if configured in configuration * The admin panel now links to https://help.ctfd.io/ in the top right * Create an `ezToast()` function to use [Bootstrap's toasts](https://getbootstrap.com/docs/4.3/components/toasts/) * The user-facing navbar now features icons * Awards shown on a user's profile can now have award icons * The default MarkdownIt render created by CTFd will now open links in new tabs * Country flags can now be shown on the user pages **Deployment** * Switch `Dockerfile` from `python:2.7-alpine` to `python:3.7-alpine` * Add `SERVER_SENT_EVENTS` config value to control whether Notifications are enabled * Challenge ID is now recorded in the submission log **Plugins** * Add an endpoint parameter to `register_plugin_assets_directory()` and `register_plugin_asset()` to control what endpoint Flask uses for the added route **Miscellaneous** * `CTFd.utils.email.sendmail()` now allows the caller to specify subject as an argument * The subject allows for injecting custom variable via the new `CTFd.utils.formatters.safe_format()` function * Admin user information is now error checked during setup * Added yarn to the toolchain and the yarn dev, yarn build, yarn verify, and yarn clean scripts * Prevent old CTFd imports from being imported
2019-12-23 04:17:34 +00:00
app = setup_ctfd(
app,
ctf_name=ctf_name,
ctf_description=ctf_description,
name=name,
email=email,
password=password,
2.3.0 (#1248) 2.3.0 / 2020-02-17 ================== **General** * During setup, admins can register their email address with the CTFd LLC newsletter for news and updates * Fix editting hints from the admin panel * Allow admins to insert HTML code directly into the header and footer (end of body tag) of pages. This replaces and supercedes the custom CSS feature. * The `views.custom_css` route has been removed. * Admins can now customize the content of outgoing emails and inject certain variables into email content. * The `manage.py` script can now manipulate the CTFd Configs table via the `get_config` and `set_config` commands. (e.g. `python manage.py get_config ctf_theme` and `python manage.py set_config ctf_theme core`) **Themes** * Themes should now reference the `theme_header` and `theme_footer` configs instead of the `views.custom_css` endpoint to allow for user customizations. See the `base.html` file of the core theme. **Plugins** * Make `ezq` functions available to `CTFd.js` under `CTFd.ui.ezq` **Miscellaneous** * Python imports sorted with `isort` and import order enforced * Black formatter running on a majority of Python code
2020-02-17 07:17:25 +00:00
user_mode=user_mode,
2.2.0 (#1188) 2.2.0 / 2019-12-22 ================== ## Notice 2.2.0 focuses on updating the front end of CTFd to use more modern programming practices and changes some aspects of core CTFd design. If your current installation is using a custom theme or custom plugin with ***any*** kind of JavaScript, it is likely that you will need to upgrade that theme/plugin to be useable with v2.2.0. **General** * Team size limits can now be enforced from the configuration panel * Access tokens functionality for API usage * Admins can now choose how to deliver their notifications * Toast (new default) * Alert * Background * Sound On / Sound Off * There is now a notification counter showing how many unread notifications were received * Setup has been redesigned to have multiple steps * Added Description * Added Start time and End time, * Added MajorLeagueCyber integration * Added Theme and color selection * Fixes issue where updating dynamic challenges could change the value to an incorrect value * Properly use a less restrictive regex to validate email addresses * Bump Python dependencies to latest working versions * Admins can now give awards to team members from the team's admin panel page **API** * Team member removals (`DELETE /api/v1/teams/[team_id]/members`) from the admin panel will now delete the removed members's Submissions, Awards, Unlocks **Admin Panel** * Admins can now user a color input box to specify a theme color which is injected as part of the CSS configuration. Theme developers can use this CSS value to change colors and styles accordingly. * Challenge updates will now alert you if the challenge doesn't have a flag * Challenge entry now allows you to upload files and enter simple flags from the initial challenge creation page **Themes** * Significant JavaScript and CSS rewrite to use ES6, Webpack, yarn, and babel * Theme asset specially generated URLs * Static theme assets are now loaded with either .dev.extension or .min.extension depending on production or development (i.e. debug server) * Static theme assets are also given a `d` GET parameter that changes per server start. Used to bust browser caches. * Use `defer` for script tags to not block page rendering * Only show the MajorLeagueCyber button if configured in configuration * The admin panel now links to https://help.ctfd.io/ in the top right * Create an `ezToast()` function to use [Bootstrap's toasts](https://getbootstrap.com/docs/4.3/components/toasts/) * The user-facing navbar now features icons * Awards shown on a user's profile can now have award icons * The default MarkdownIt render created by CTFd will now open links in new tabs * Country flags can now be shown on the user pages **Deployment** * Switch `Dockerfile` from `python:2.7-alpine` to `python:3.7-alpine` * Add `SERVER_SENT_EVENTS` config value to control whether Notifications are enabled * Challenge ID is now recorded in the submission log **Plugins** * Add an endpoint parameter to `register_plugin_assets_directory()` and `register_plugin_asset()` to control what endpoint Flask uses for the added route **Miscellaneous** * `CTFd.utils.email.sendmail()` now allows the caller to specify subject as an argument * The subject allows for injecting custom variable via the new `CTFd.utils.formatters.safe_format()` function * Admin user information is now error checked during setup * Added yarn to the toolchain and the yarn dev, yarn build, yarn verify, and yarn clean scripts * Prevent old CTFd imports from being imported
2019-12-23 04:17:34 +00:00
)
Adding functions to register plugin assets (#397) * Adds functions to register plugin assets
2017-09-30 01:22:10 +00:00
return app
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
def setup_ctfd(
app,
ctf_name="CTFd",
2.2.0 (#1188) 2.2.0 / 2019-12-22 ================== ## Notice 2.2.0 focuses on updating the front end of CTFd to use more modern programming practices and changes some aspects of core CTFd design. If your current installation is using a custom theme or custom plugin with ***any*** kind of JavaScript, it is likely that you will need to upgrade that theme/plugin to be useable with v2.2.0. **General** * Team size limits can now be enforced from the configuration panel * Access tokens functionality for API usage * Admins can now choose how to deliver their notifications * Toast (new default) * Alert * Background * Sound On / Sound Off * There is now a notification counter showing how many unread notifications were received * Setup has been redesigned to have multiple steps * Added Description * Added Start time and End time, * Added MajorLeagueCyber integration * Added Theme and color selection * Fixes issue where updating dynamic challenges could change the value to an incorrect value * Properly use a less restrictive regex to validate email addresses * Bump Python dependencies to latest working versions * Admins can now give awards to team members from the team's admin panel page **API** * Team member removals (`DELETE /api/v1/teams/[team_id]/members`) from the admin panel will now delete the removed members's Submissions, Awards, Unlocks **Admin Panel** * Admins can now user a color input box to specify a theme color which is injected as part of the CSS configuration. Theme developers can use this CSS value to change colors and styles accordingly. * Challenge updates will now alert you if the challenge doesn't have a flag * Challenge entry now allows you to upload files and enter simple flags from the initial challenge creation page **Themes** * Significant JavaScript and CSS rewrite to use ES6, Webpack, yarn, and babel * Theme asset specially generated URLs * Static theme assets are now loaded with either .dev.extension or .min.extension depending on production or development (i.e. debug server) * Static theme assets are also given a `d` GET parameter that changes per server start. Used to bust browser caches. * Use `defer` for script tags to not block page rendering * Only show the MajorLeagueCyber button if configured in configuration * The admin panel now links to https://help.ctfd.io/ in the top right * Create an `ezToast()` function to use [Bootstrap's toasts](https://getbootstrap.com/docs/4.3/components/toasts/) * The user-facing navbar now features icons * Awards shown on a user's profile can now have award icons * The default MarkdownIt render created by CTFd will now open links in new tabs * Country flags can now be shown on the user pages **Deployment** * Switch `Dockerfile` from `python:2.7-alpine` to `python:3.7-alpine` * Add `SERVER_SENT_EVENTS` config value to control whether Notifications are enabled * Challenge ID is now recorded in the submission log **Plugins** * Add an endpoint parameter to `register_plugin_assets_directory()` and `register_plugin_asset()` to control what endpoint Flask uses for the added route **Miscellaneous** * `CTFd.utils.email.sendmail()` now allows the caller to specify subject as an argument * The subject allows for injecting custom variable via the new `CTFd.utils.formatters.safe_format()` function * Admin user information is now error checked during setup * Added yarn to the toolchain and the yarn dev, yarn build, yarn verify, and yarn clean scripts * Prevent old CTFd imports from being imported
2019-12-23 04:17:34 +00:00
ctf_description="CTF description",
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
name="admin",
email="admin@ctfd.io",
password="password",
user_mode="users",
):
Adding functions to register plugin assets (#397) * Adds functions to register plugin assets
2017-09-30 01:22:10 +00:00
with app.app_context():
with app.test_client() as client:
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
client.get("/setup") # Populate session with nonce
Adding functions to register plugin assets (#397) * Adds functions to register plugin assets
2017-09-30 01:22:10 +00:00
with client.session_transaction() as sess:
data = {
"ctf_name": ctf_name,
2.2.0 (#1188) 2.2.0 / 2019-12-22 ================== ## Notice 2.2.0 focuses on updating the front end of CTFd to use more modern programming practices and changes some aspects of core CTFd design. If your current installation is using a custom theme or custom plugin with ***any*** kind of JavaScript, it is likely that you will need to upgrade that theme/plugin to be useable with v2.2.0. **General** * Team size limits can now be enforced from the configuration panel * Access tokens functionality for API usage * Admins can now choose how to deliver their notifications * Toast (new default) * Alert * Background * Sound On / Sound Off * There is now a notification counter showing how many unread notifications were received * Setup has been redesigned to have multiple steps * Added Description * Added Start time and End time, * Added MajorLeagueCyber integration * Added Theme and color selection * Fixes issue where updating dynamic challenges could change the value to an incorrect value * Properly use a less restrictive regex to validate email addresses * Bump Python dependencies to latest working versions * Admins can now give awards to team members from the team's admin panel page **API** * Team member removals (`DELETE /api/v1/teams/[team_id]/members`) from the admin panel will now delete the removed members's Submissions, Awards, Unlocks **Admin Panel** * Admins can now user a color input box to specify a theme color which is injected as part of the CSS configuration. Theme developers can use this CSS value to change colors and styles accordingly. * Challenge updates will now alert you if the challenge doesn't have a flag * Challenge entry now allows you to upload files and enter simple flags from the initial challenge creation page **Themes** * Significant JavaScript and CSS rewrite to use ES6, Webpack, yarn, and babel * Theme asset specially generated URLs * Static theme assets are now loaded with either .dev.extension or .min.extension depending on production or development (i.e. debug server) * Static theme assets are also given a `d` GET parameter that changes per server start. Used to bust browser caches. * Use `defer` for script tags to not block page rendering * Only show the MajorLeagueCyber button if configured in configuration * The admin panel now links to https://help.ctfd.io/ in the top right * Create an `ezToast()` function to use [Bootstrap's toasts](https://getbootstrap.com/docs/4.3/components/toasts/) * The user-facing navbar now features icons * Awards shown on a user's profile can now have award icons * The default MarkdownIt render created by CTFd will now open links in new tabs * Country flags can now be shown on the user pages **Deployment** * Switch `Dockerfile` from `python:2.7-alpine` to `python:3.7-alpine` * Add `SERVER_SENT_EVENTS` config value to control whether Notifications are enabled * Challenge ID is now recorded in the submission log **Plugins** * Add an endpoint parameter to `register_plugin_assets_directory()` and `register_plugin_asset()` to control what endpoint Flask uses for the added route **Miscellaneous** * `CTFd.utils.email.sendmail()` now allows the caller to specify subject as an argument * The subject allows for injecting custom variable via the new `CTFd.utils.formatters.safe_format()` function * Admin user information is now error checked during setup * Added yarn to the toolchain and the yarn dev, yarn build, yarn verify, and yarn clean scripts * Prevent old CTFd imports from being imported
2019-12-23 04:17:34 +00:00
"ctf_description": ctf_description,
Adding functions to register plugin assets (#397) * Adds functions to register plugin assets
2017-09-30 01:22:10 +00:00
"name": name,
"email": email,
"password": password,
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
"user_mode": user_mode,
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
"nonce": sess.get("nonce"),
Adding functions to register plugin assets (#397) * Adds functions to register plugin assets
2017-09-30 01:22:10 +00:00
}
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
client.post("/setup", data=data)
Starting to write tests test_index test_register_user test_user_isnt_admin
2017-01-07 07:44:27 +00:00
return app
Fixing large ip solves (#307) * Switching to using strings to store IP addresses because of the issues with storing them properly, Fixes #302, Fixes $306 * Only runs migrations when using a real database because SQlite is too inflexible to support migrations properly * Removes calls to the ip helper functions but they can remain in case someone needs them in a plugin.
2017-07-08 21:53:14 +00:00
def destroy_ctfd(app):
Adopting a challenge type layout from deckar01 (#399) * Adopting a challenge type layout from deckar01 * Move standard challenge modals into the plugin * Migration to change challenge type id to a string * Travis testing now builds with MySQL, SQLite, and Postgres * Rework get_standings to use the row ID instead of the saved time because of differences in database time precision
2017-10-06 01:39:28 +00:00
with app.app_context():
Update requirements (#406) * Updating to use dataset and datafreeze * Use a new datafreeze serializer to get around Python 3 issues. * Update requirements.txt * Add simple test for export_ctf()
2017-10-08 01:29:03 +00:00
gc.collect() # Garbage collect (necessary in the case of dataset freezes to clean database connections)
Version 1.1 CTFd (#514) * Bootstrap v4 (#490) * Upgrading original theme to use Bootstrap v4 and overall improve use of utility classes * Fixing graph issues. Colors per team & cleaner hover * The solves tab now shows relative time instead of absolute time * Redesign admin theme * Updating modals and changing form name from desc to description * Moving CSS config from Pages to Config page * Adding IP address count to statistics * Move control of certain modals (files, flags, tags, hints) to challenges page * Expanding size of config page * Combining statistics and graphs pages * Moving percentage solved to the statistics page instead of the admin challenges page * Rename Keys.key_type to Keys.type (#459) (#478) * Rename keys.key_type to keys.type (#459) * Fixing previous migration to not be worried about key_type v type * Fixing loading of challenge type plugins * Switching from Handlebars to Nunjucks (#491) * Switching from Handlebars to Nunjucks * Allow admins to unlock hints before CTF begins and test that this is not allowed for regular users * Authed only (#492) * Adding authed_only decorator and adding next to url_for * Adding a basic preview to hints (#494) * Hints have a preview now for creating and updating hints. HTML and markdown are still allowed. * Ezq (#495) * Adding ezq as a simple wrapper around bootstrap modals * Use tabs not spaces and remove gray background on inputs * Adding title & draft to Pages. Making page preview open a new tab (#497) * Adding title & draft to Pages. * Making page preview open a new tab instead of render in the existing tab * Draft pages cannot be seen without a preview * Update check (#499) * Add update_check function * Notify user that a CTFd update is available in the admin panel * Adding update_check tests * Ratelimit (#500) * Implementing a ratelimit function * Fix error page formatting * Add rate limiting tests * Rate limit authentication functions and rate limit admin send email function * Load user solves before we load challenges to avoid unstyled buttons (#502) * Add a challenge preview (#503) * Adding a challenge preview to the admin panel * Change /admin/chals/<int:chalid> to /admin/chal/<int:chalid> * Adding codecov (#504) * Test coverage at https://codecov.io/gh/CTFd/CTFd * Sendmail improvements (#505) * Add get_smtp timeout, add sendmail error messages * Adding more error handling to sendmail * Adding Flask-Script (#507) * Pause ctf (#508) * Implement CTF pausing * Test CTF pausing * Fix loading challenges for users (#510) * Fix loading challenges for users * Temporarily switch themes in test * Pause help text (#509) * Adding pause help text * Pages authed (#511) * Adding authentication options to pages * Adding tests for accessing pages while draft & auth_required * Merging master into 1.1 (#513) * Name the core theme and remove the original theme
2017-12-11 11:42:07 +00:00
cache.clear()
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
drop_database(app.config["SQLALCHEMY_DATABASE_URI"])
Fixing large ip solves (#307) * Switching to using strings to store IP addresses because of the issues with storing them properly, Fixes #302, Fixes $306 * Only runs migrations when using a real database because SQlite is too inflexible to support migrations properly * Removes calls to the ip helper functions but they can remain in case someone needs them in a plugin.
2017-07-08 21:53:14 +00:00
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
def register_user(
app, name="user", email="user@ctfd.io", password="password", raise_for_error=True
):
Starting to write tests test_index test_register_user test_user_isnt_admin
2017-01-07 07:44:27 +00:00
with app.app_context():
with app.test_client() as client:
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
client.get("/register")
Starting to write tests test_index test_register_user test_user_isnt_admin
2017-01-07 07:44:27 +00:00
with client.session_transaction() as sess:
data = {
"name": name,
"email": email,
"password": password,
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
"nonce": sess.get("nonce"),
Starting to write tests test_index test_register_user test_user_isnt_admin
2017-01-07 07:44:27 +00:00
}
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
client.post("/register", data=data)
Update admin notification UI and allow for deleting notifications (#803) * Show notification titles on the notification list page * Allow for deleting notifications * Update notification UI in admin panel * Make /api/v1/notifications/<id> accessible to all * Default `login_as_user()` and `register_user()` to fail on invalid credentials
2018-12-15 04:23:02 +00:00
if raise_for_error:
with client.session_transaction() as sess:
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
assert sess["id"]
assert sess["name"] == name
assert sess["email"]
assert sess["nonce"]
Starting to write tests test_index test_register_user test_user_isnt_admin
2017-01-07 07:44:27 +00:00
Fix creating users from the admin panel while name changes disabled (#862) * Fix creating users from the admin panel while name changes are disabled; clean up user & team schema validators * Closes #832 * Coerce /api/v1/teams/<team_id> to /api/v1/teams/<int:team_id>
2019-01-31 06:18:46 +00:00
def register_team(app, name="team", password="password", raise_for_error=True):
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
with app.app_context():
with app.test_client() as client:
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
client.get("/team")
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
with client.session_transaction() as sess:
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
data = {"name": name, "password": password, "nonce": sess.get("nonce")}
r = client.post("/teams/new", data=data)
Fix creating users from the admin panel while name changes disabled (#862) * Fix creating users from the admin panel while name changes are disabled; clean up user & team schema validators * Closes #832 * Coerce /api/v1/teams/<team_id> to /api/v1/teams/<int:team_id>
2019-01-31 06:18:46 +00:00
if raise_for_error:
assert r.status_code == 302
return client
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
Update admin notification UI and allow for deleting notifications (#803) * Show notification titles on the notification list page * Allow for deleting notifications * Update notification UI in admin panel * Make /api/v1/notifications/<id> accessible to all * Default `login_as_user()` and `register_user()` to fail on invalid credentials
2018-12-15 04:23:02 +00:00
def login_as_user(app, name="user", password="password", raise_for_error=True):
Starting to write tests test_index test_register_user test_user_isnt_admin
2017-01-07 07:44:27 +00:00
with app.app_context():
with app.test_client() as client:
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
client.get("/login")
Starting to write tests test_index test_register_user test_user_isnt_admin
2017-01-07 07:44:27 +00:00
with client.session_transaction() as sess:
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
data = {"name": name, "password": password, "nonce": sess.get("nonce")}
client.post("/login", data=data)
Update admin notification UI and allow for deleting notifications (#803) * Show notification titles on the notification list page * Allow for deleting notifications * Update notification UI in admin panel * Make /api/v1/notifications/<id> accessible to all * Default `login_as_user()` and `register_user()` to fail on invalid credentials
2018-12-15 04:23:02 +00:00
if raise_for_error:
with client.session_transaction() as sess:
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
assert sess["id"]
assert sess["name"]
assert sess["email"]
assert sess["nonce"]
Plugins enhanced utils (#231) * Updating utils functions to be monkey patchable * Also fixing a team email update issue * Adding more tests
2017-03-23 00:00:45 +00:00
return client
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
def login_with_mlc(
app,
name="user",
scope="profile%20team",
email="user@ctfd.io",
oauth_id=1337,
team_name="TestTeam",
team_oauth_id=1234,
raise_for_error=True,
):
with app.test_client() as client, patch.object(
requests, "get"
) as fake_get_request, patch.object(requests, "post") as fake_post_request:
client.get("/login")
Block new user registration if registering via MLC (#840) * Block new user registration if registering via MLC * Allow login with MLC while registration is disabled
2019-01-19 21:00:29 +00:00
with client.session_transaction() as sess:
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
nonce = sess["nonce"]
Block new user registration if registering via MLC (#840) * Block new user registration if registering via MLC * Allow login with MLC while registration is disabled
2019-01-19 21:00:29 +00:00
redirect_url = "{endpoint}?response_type=code&client_id={client_id}&scope={scope}&state={state}".format(
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
endpoint=app.config["OAUTH_AUTHORIZATION_ENDPOINT"],
client_id=app.config["OAUTH_CLIENT_ID"],
Block new user registration if registering via MLC (#840) * Block new user registration if registering via MLC * Allow login with MLC while registration is disabled
2019-01-19 21:00:29 +00:00
scope=scope,
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
state=nonce,
Block new user registration if registering via MLC (#840) * Block new user registration if registering via MLC * Allow login with MLC while registration is disabled
2019-01-19 21:00:29 +00:00
)
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
r = client.get("/oauth", follow_redirects=False)
Block new user registration if registering via MLC (#840) * Block new user registration if registering via MLC * Allow login with MLC while registration is disabled
2019-01-19 21:00:29 +00:00
assert r.location == redirect_url
fake_post_response = Mock()
fake_post_request.return_value = fake_post_response
fake_post_response.status_code = 200
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
fake_post_response.json = lambda: {"access_token": "fake_mlc_access_token"}
Block new user registration if registering via MLC (#840) * Block new user registration if registering via MLC * Allow login with MLC while registration is disabled
2019-01-19 21:00:29 +00:00
fake_get_response = Mock()
fake_get_request.return_value = fake_get_response
fake_get_response.status_code = 200
fake_get_response.json = lambda: {
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
"id": oauth_id,
"name": name,
"email": email,
"team": {"id": team_oauth_id, "name": team_name},
Block new user registration if registering via MLC (#840) * Block new user registration if registering via MLC * Allow login with MLC while registration is disabled
2019-01-19 21:00:29 +00:00
}
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
client.get(
"/redirect?code={code}&state={state}".format(
code="mlc_test_code", state=nonce
),
follow_redirects=False,
)
Block new user registration if registering via MLC (#840) * Block new user registration if registering via MLC * Allow login with MLC while registration is disabled
2019-01-19 21:00:29 +00:00
if raise_for_error:
with client.session_transaction() as sess:
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
assert sess["id"]
assert sess["name"]
assert sess["email"]
assert sess["nonce"]
Block new user registration if registering via MLC (#840) * Block new user registration if registering via MLC * Allow login with MLC while registration is disabled
2019-01-19 21:00:29 +00:00
return client
Fixing scoring logic (#320) * fix inconsistent scoring: take awards into account in user.place() (#319) * Adding tests
2017-07-18 02:18:23 +00:00
def get_scores(user):
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
r = user.get("/api/v1/scoreboard")
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
scores = r.get_json()
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
return scores["data"]
Fixing scoring logic (#320) * fix inconsistent scoring: take awards into account in user.place() (#319) * Adding tests
2017-07-18 02:18:23 +00:00
Adds ondelete='CASCADE' to some models. (#979) * Fixes `populate.py` to assign captains to teams. * Adds `ondelete='CASCADE'` to most ForeignKeys in models * Closes #794 * Test reset in team mode to test removing teams with captains * Test deleting users/teams with awards to test cascading deletion * `gen_team()` test helper now creates users for the team and assigns the first one as captain * Added `Challenges.flags` relationship and moved the `Flags.challenge` relationship to a backref on `Challenges`
2019-05-04 06:08:26 +00:00
def random_string(n=5):
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
return "".join(
random.choice(string.ascii_letters + string.digits) for _ in range(n)
)
Adds ondelete='CASCADE' to some models. (#979) * Fixes `populate.py` to assign captains to teams. * Adds `ondelete='CASCADE'` to most ForeignKeys in models * Closes #794 * Test reset in team mode to test removing teams with captains * Test deleting users/teams with awards to test cascading deletion * `gen_team()` test helper now creates users for the team and assigns the first one as captain * Added `Challenges.flags` relationship and moved the `Flags.challenge` relationship to a backref on `Challenges`
2019-05-04 06:08:26 +00:00
Flaky redis events tests (#1072) * Fix flaky redis tests * Add a random integer helper for tests
2019-07-30 07:25:29 +00:00
def random_int(start=2147483647, stop=None, step=1):
return random.randrange(start, stop, step)
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
def gen_challenge(
db,
name="chal_name",
description="chal_description",
value=100,
category="chal_category",
type="standard",
state="visible",
**kwargs
):
chal = Challenges(
name=name,
description=description,
value=value,
category=category,
type=type,
state=state,
**kwargs
)
Plugins enhanced utils (#231) * Updating utils functions to be monkey patchable * Also fixing a team email update issue * Adding more tests
2017-03-23 00:00:45 +00:00
db.session.add(chal)
db.session.commit()
return chal
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
def gen_award(db, user_id, team_id=None, name="award_name", value=100):
award = Awards(user_id=user_id, team_id=team_id, name=name, value=value)
Preventing Hints from being unlocked after the end of a CTF (#439) * Preventing Hints from being unlocked after the end of a CTF unless challenges can be viewed
2017-11-08 07:13:07 +00:00
award.date = datetime.datetime.utcnow()
Plugins enhanced utils (#231) * Updating utils functions to be monkey patchable * Also fixing a team email update issue * Adding more tests
2017-03-23 00:00:45 +00:00
db.session.add(award)
db.session.commit()
Improve caching (#1014) * Cache get place code for users and teams. * Fix score changing test helpers to clear standings cache when generating a score changing row * `utils._get_config` will now return `KeyError` instead of None. * Separate `/api/v1/[users,teams]/[me,id]/[solves,fails,awards]` into seperate API endpoints * Install `Flask-DebugToolbar` in development Main goals covered in #1012
2019-06-15 06:07:24 +00:00
clear_standings()
Plugins enhanced utils (#231) * Updating utils functions to be monkey patchable * Also fixing a team email update issue * Adding more tests
2017-03-23 00:00:45 +00:00
return award
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
def gen_tag(db, challenge_id, value="tag_tag", **kwargs):
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
tag = Tags(challenge_id=challenge_id, value=value, **kwargs)
Plugins enhanced utils (#231) * Updating utils functions to be monkey patchable * Also fixing a team email update issue * Adding more tests
2017-03-23 00:00:45 +00:00
db.session.add(tag)
db.session.commit()
return tag
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
def gen_file(db, location, challenge_id=None, page_id=None):
if challenge_id:
f = ChallengeFiles(challenge_id=challenge_id, location=location)
elif page_id:
f = PageFiles(page_id=page_id, location=location)
else:
f = Files(location=location)
Bootstrap beta 3, Regression fixes, bugfixes (#543) * Upgrade to Bootstrap v4 beta 3 * Fix incorrect FontAwesome5 icon * Fixing regressions & code quality issues. Files, Tags & Hints now appear in the admin challenge preview. Fixed color issues with file buttons and badges. Pass script_root into challenge type plugin. * Fixing incorrect FontAwesome5 icon * Fix test for /admin/chals/<chalid> * Expand test to include tags, hints, files
2018-01-08 01:50:01 +00:00
db.session.add(f)
db.session.commit()
return f
Plugins enhanced utils (#231) * Updating utils functions to be monkey patchable * Also fixing a team email update issue * Adding more tests
2017-03-23 00:00:45 +00:00
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
def gen_flag(db, challenge_id, content="flag", type="static", data=None, **kwargs):
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
flag = Flags(challenge_id=challenge_id, content=content, type=type, **kwargs)
1.2.0 (#627) * Changing to a new plugin oriented challenge type plugin and fixing extra width on admin chal description * Add window.challenge.submit, renderSubmissionResponse, and csrf_nonce * Update admin side renderer calls * Updating to Flask 1.0 and adding files for flask run * Adding a preliminary case-insensitive key * Adding case insensitive keys * Adding CTF Logo * Reducing the amount of team information shown on the main page * Add better base64 helpers * Switch from button to badge * Rudimentary solve checking from admin panel * Refine admin chals solves view & fix PEP8 * Compare base64 encoded data with bytestring * Removing need to urlencode/urldecode in base64 wrappers * Adding decorator documentation * Randomly order tests & add test for case_insensitive flags * Add regex flag case_insensitive test * Add tests for /admin/chal/1/solves and ctf_logo
2018-05-03 22:04:39 +00:00
if data:
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
flag.data = data
db.session.add(flag)
Plugins enhanced utils (#231) * Updating utils functions to be monkey patchable * Also fixing a team email update issue * Adding more tests
2017-03-23 00:00:45 +00:00
db.session.commit()
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
return flag
Plugins enhanced utils (#231) * Updating utils functions to be monkey patchable * Also fixing a team email update issue * Adding more tests
2017-03-23 00:00:45 +00:00
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
def gen_user(db, name="user_name", email="user@ctfd.io", password="password", **kwargs):
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
user = Users(name=name, email=email, password=password, **kwargs)
db.session.add(user)
db.session.commit()
return user
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
def gen_team(
db,
name="team_name",
email="team@ctfd.io",
password="password",
member_count=4,
**kwargs
):
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
team = Teams(name=name, email=email, password=password, **kwargs)
Adds ondelete='CASCADE' to some models. (#979) * Fixes `populate.py` to assign captains to teams. * Adds `ondelete='CASCADE'` to most ForeignKeys in models * Closes #794 * Test reset in team mode to test removing teams with captains * Test deleting users/teams with awards to test cascading deletion * `gen_team()` test helper now creates users for the team and assigns the first one as captain * Added `Challenges.flags` relationship and moved the `Flags.challenge` relationship to a backref on `Challenges`
2019-05-04 06:08:26 +00:00
for i in range(member_count):
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
name = "user-{}-{}".format(random_string(), str(i))
user = gen_user(db, name=name, email=name + "@ctfd.io", team_id=team.id)
Adds ondelete='CASCADE' to some models. (#979) * Fixes `populate.py` to assign captains to teams. * Adds `ondelete='CASCADE'` to most ForeignKeys in models * Closes #794 * Test reset in team mode to test removing teams with captains * Test deleting users/teams with awards to test cascading deletion * `gen_team()` test helper now creates users for the team and assigns the first one as captain * Added `Challenges.flags` relationship and moved the `Flags.challenge` relationship to a backref on `Challenges`
2019-05-04 06:08:26 +00:00
if i == 0:
team.captain_id = user.id
team.members.append(user)
Plugins enhanced utils (#231) * Updating utils functions to be monkey patchable * Also fixing a team email update issue * Adding more tests
2017-03-23 00:00:45 +00:00
db.session.add(team)
db.session.commit()
return team
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
def gen_hint(
db, challenge_id, content="This is a hint", cost=0, type="standard", **kwargs
):
hint = Hints(
challenge_id=challenge_id, content=content, cost=cost, type=type, **kwargs
)
Users should always be able to get their score, even if banned (#333) * Users should always be able to get their score, even if banned * Fixing scoring logic when users haven't solved problems * Hide None descriptions for awards
2017-08-06 23:33:02 +00:00
db.session.add(hint)
db.session.commit()
return hint
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
def gen_unlock(db, user_id, team_id=None, target=None, type="hints"):
unlock = Unlocks(user_id=user_id, team_id=team_id, target=target, type=type)
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
db.session.add(unlock)
db.session.commit()
return unlock
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
def gen_solve(
db,
user_id,
team_id=None,
challenge_id=None,
ip="127.0.0.1",
provided="rightkey",
**kwargs
):
solve = Solves(
user_id=user_id,
team_id=team_id,
challenge_id=challenge_id,
ip=ip,
provided=provided,
**kwargs
)
Top ten endpoint honors users with the same name (#379) * Make the /top/10 endpoint honor users with the same name
2017-09-08 03:29:41 +00:00
solve.date = datetime.datetime.utcnow()
Plugins enhanced utils (#231) * Updating utils functions to be monkey patchable * Also fixing a team email update issue * Adding more tests
2017-03-23 00:00:45 +00:00
db.session.add(solve)
db.session.commit()
Improve caching (#1014) * Cache get place code for users and teams. * Fix score changing test helpers to clear standings cache when generating a score changing row * `utils._get_config` will now return `KeyError` instead of None. * Separate `/api/v1/[users,teams]/[me,id]/[solves,fails,awards]` into seperate API endpoints * Install `Flask-DebugToolbar` in development Main goals covered in #1012
2019-06-15 06:07:24 +00:00
clear_standings()
Plugins enhanced utils (#231) * Updating utils functions to be monkey patchable * Also fixing a team email update issue * Adding more tests
2017-03-23 00:00:45 +00:00
return solve
General fixes and PEP8 enforcement (#258) * Fixing index page links when you deploy on a subdirectory * Updating travis for pep8 * autopep8 with just formatting changes
2017-05-12 04:34:20 +00:00
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
def gen_fail(
db,
user_id,
team_id=None,
challenge_id=None,
ip="127.0.0.1",
provided="wrongkey",
**kwargs
):
fail = Fails(
user_id=user_id,
team_id=team_id,
challenge_id=challenge_id,
ip=ip,
provided=provided,
**kwargs
)
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
fail.date = datetime.datetime.utcnow()
db.session.add(fail)
Plugins enhanced utils (#231) * Updating utils functions to be monkey patchable * Also fixing a team email update issue * Adding more tests
2017-03-23 00:00:45 +00:00
db.session.commit()
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
return fail
Plugins enhanced utils (#231) * Updating utils functions to be monkey patchable * Also fixing a team email update issue * Adding more tests
2017-03-23 00:00:45 +00:00
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
def gen_tracking(db, user_id=None, ip="127.0.0.1", **kwargs):
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
tracking = Tracking(ip=ip, user_id=user_id, **kwargs)
Plugins enhanced utils (#231) * Updating utils functions to be monkey patchable * Also fixing a team email update issue * Adding more tests
2017-03-23 00:00:45 +00:00
db.session.add(tracking)
db.session.commit()
General fixes and PEP8 enforcement (#258) * Fixing index page links when you deploy on a subdirectory * Updating travis for pep8 * autopep8 with just formatting changes
2017-05-12 04:34:20 +00:00
return tracking
Pages functionality improved (#267) * Pages now support Markdown * Pages now have a preview tab * Adding a media library to Pages
2017-06-03 18:25:31 +00:00
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
def gen_page(db, title, route, content, draft=False, auth_required=False, **kwargs):
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
page = Pages(
title=title,
route=route,
content=content,
draft=draft,
auth_required=auth_required,
**kwargs
)
Pages functionality improved (#267) * Pages now support Markdown * Pages now have a preview tab * Adding a media library to Pages
2017-06-03 18:25:31 +00:00
db.session.add(page)
db.session.commit()
return page
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
def gen_notification(db, title="title", content="content"):
2.0.0 (#741) * Fix user and admin panel user/team graphs * Closes #682 * Unify login and logout under specific functions * Closes #659 * Rename Challenges.hidden to Challenges.state * Start to clean up API and front end integration starting with profile updating * Slightly cleaner code * Clean API to respond with success, data, and status codes * Simpler COUNTRIES_LIST and update profile to use COUNTRIES_LIST * Lookup country code in users page. Update front end calls to get API data properly * Fix some API endpoints and fix JS to process new responses * Update config.py to support new values * Closes #635 * Update some code to handle user types, add email domain whitelisting * Write a logging wrapper * Use logging wrapper for submissions * Close #656 * Break up config.html to make it easier to maintain * Fix logging, domain_whitelist, and config * Improving views.py, starting to add Announcements * Starting announcements front end * Make it easier to see large images, clean up some more REST API differences * Closes #668 * Update Proxyfix config to REVERSE_PROXY * Add announcements front end * Move creation/edit modals into seperate files. Start moving user updating into their admin profile pages. * Update font-awesome to 5.4.1 * Switch to user-edit icon * Update the update_check function to send up more anonymous data for statistics purposes. * Start work on #640 * Add the user action modals and update API to fix responses * Fix admin teams page * Add challenge requirements * Implement anonymous locked challenges * Team editting from admin panel * Switch from simple cache to filesystem cache * Implements a Cache backed server side session (#658) and fixes Users editting endpoint * Add our messaging for docs * Closes #700 * Remove invalid import * Move challenge enditting around a whole lot and probably break a bunch of things * Show challenge names in prerequisites instead of challenge IDs * Closes #661 * Change user templates to use url_for * Remove extra function * Rewrite admin panel to use url_for * Fix events to work under subdirectories * Start cleaning up config panel * Fix filesystem uploader; deprecate view_challenges_unregistered, view_scoreboard_if_authed, prevent_registration, view_after_ctf; implement new visibility decorators * Remove workshop mode, fix some glitches with the new visibility settings * Fix ctf_logo on core theme * Fix setup errors * Removing default from get_config b/c of memoization issues and getting some tests working * Relax email regex validation rule (#693) * Update to pycodestyle and fix new lint errors * Add a ctf_id to update_check * Change challenge plugin layout. Rename mailgun configs to be more descriptive (Closes #702) * Detect if people try to set routes with '/' to simplify #690 * Closes #690 * Clean up some code * Clean up challenge submit to rate limit * Fix js version compatability issue * Close some TODOs * Hide challenges if not authenticated * Make set_config reset the cache for those config values * Return 404 on empty challenges for /api/v1/<challenge_id>/solves * Fix setting boolean configs * Properly change account config settings * Move datetimes to isoformat (Closes #703) * Remove all .isoformat() calls because it isn't UTC aware (ends in Z). Switch to isoformat function & filter * Make /v1/submissions endpoint work for admin submission creation * Make oauth_id unique for Users and Teams * Move challenge submission endpoint and implement mark solved. Fix some isoformat issues. * Only show team's missing challenges if in team mode * Adding support for Hints & Unlocks * Update challenge submission url * Fix encoding functions in Python3 * Fix hexencode in Python3 * Added functional tests for challenges API for non-admin users (#705) * Set hint default type to be standard * Fix some JS issues. Closes #704 * Implement session.regenerate on top of the CachingSessionInterface * Challenge challenge attempt responses from numbers to strings * Fix password updating for UserSchema * Remove leftover challenge submission code * Remove old migrations :(, resolve challenge requirements not loading correctly, move migration functions * Added functional tests for challenges/hints/admin API (#710) * Fix helpers and re-add JSONLite * Install MySQL 5.7 * Try more mysql * Update password for mysql * Fixing issuse in Users.get_solves * Add new import/export code * Switch to CTFdSerializer for Python 3 * Re-implement import exports and add a very flaky test * Redesign submissions API response * Get export to roundtrip in tests * Int score b/c Decimal is not JSON serializeable * Remove unused route methods * Fix POST /api/v1/configs and start adding admin tests * Add user_id and team_id to top/10 * Fix admin creating Teams * Fix Team website validation * Change admins_only to reply with a 403 if the request is JSON * Organize admin tests and fix authed_only to return 403 on unauthed * Adding check_account_visibility, check_score_visibility for /api/v1/teams/<team_id>/(solves|awards|fails) * Fix teams/me endpoints again * Fix users/me endpoints to return 403 if unauthed * Fix Python 3 config API * Add fetch and promise polyfills. (#712) * Add exec to docker-entrypoint.sh (#713) * Display import_ctf Exceptions via repr (#651) - Wraps exceptions on `/admin/import` returned to users in a `repr()`, making debugging easier. * Add error messages to the admin panel, fix schemas for users, start working on UI for imports/exports * Make unauthed challenge submission attempt return 403 instead of 302, Fix user deletion, fix associated tests, remove TODOs * Remove old means of creating solves * Remove most of the content from teams.js and users.js * Remove extra code from /challenges.js * Fix POST'ing & PATCH'ing pages * Make (users|teams)/fails return only count to users. Fix public score graphs to factor in awards * Fix admin side scoregraphs. Fix Awardschemas for admins * Add requirements to db migration * Adding some team decorators * Fix require_team_mode decorator * Make verified emails decorator return 403 on JSON requests * Redo initial revision * Add SQLiteJSON back * Adding ratelimit to /redirect and removing POST from /oauth * Fix PATCH tags * Actually fix PATCH tags * Simplify 500.html * Added tests for challenges, awards, files, flags, hints ... (#723) * Added tests for challenges, awards, files, flags, hints, notifications, pages, submissions, tags * Fix user data validation functions, Fix hidden challenges and include test * Add a locked state to attempt * OAuth teams get verified, use logging functions in redirect route * Removing extra print call * Update requirements.txt * Fix possible AttributeError * Start work on #716 * Closes #717 * Fix issue patching teams * Rename .j2 to .html, implement preview for challenges if admin * Move admin/challenge.html to admin/challenges/challenge.html * Remove old modals * Add Reset CTF button (#639) * Add Reset link to config.html * Delete Tracking * files handler should return a 404 on files it cant find * Denote official teams (#729), make scoregraph fill to zero * Remove old javascript files, make some challenge elements refresh by reloading * Fix team editting modals to work more reliably * Fix rendering of CTF paused * Remove hide_scores funtion and roll it into scores visibility * Log to stdout/stderr by default (#719) * Fix user searching * Remove searching for users/teams by country * Add badges to admin team and user pages, implement user banning (#643) * Remove shell.py, clean up admin team.html, add tests for banned users, teams * Start cleaning up dynamic_challenges to meet new challenge type plugin format * Remove POST method from teams.public * Add credentials: 'same-origin' to all fetch calls (#734) * Add challenge preview, add challenge deletion, fix file deletions when deleting challenges * Fix imports UI (#735) * Show prerequisites before adding a blank one (#738), Refresh all challenges after a submission (#739) * Admins can see hidden challenges * Fix some UI elements, fix loading location hash, set version to be 2.0.0 * Clean up some challenge plugin pages * Add default for flag type * Fix Python3 bytes/str issues * Add in MLC urls and support user mode for oauth * Fix seeing user graphs when scores are hidden, clean up setup.html, add links to MLC oauth * Add state parameter support * Use URLSafeTimedSerializer wrapper for sending token based emails * setting APPLICATION_ROOT from env var (#732) * Rearrange config.py and update README * Updating README
2018-11-20 04:16:14 +00:00
notif = Notifications(title=title, content=content)
db.session.add(notif)
db.session.commit()
Adds ondelete='CASCADE' to some models. (#979) * Fixes `populate.py` to assign captains to teams. * Adds `ondelete='CASCADE'` to most ForeignKeys in models * Closes #794 * Test reset in team mode to test removing teams with captains * Test deleting users/teams with awards to test cascading deletion * `gen_team()` test helper now creates users for the team and assigns the first one as captain * Added `Challenges.flags` relationship and moved the `Flags.challenge` relationship to a backref on `Challenges`
2019-05-04 06:08:26 +00:00
2.2.0 (#1188) 2.2.0 / 2019-12-22 ================== ## Notice 2.2.0 focuses on updating the front end of CTFd to use more modern programming practices and changes some aspects of core CTFd design. If your current installation is using a custom theme or custom plugin with ***any*** kind of JavaScript, it is likely that you will need to upgrade that theme/plugin to be useable with v2.2.0. **General** * Team size limits can now be enforced from the configuration panel * Access tokens functionality for API usage * Admins can now choose how to deliver their notifications * Toast (new default) * Alert * Background * Sound On / Sound Off * There is now a notification counter showing how many unread notifications were received * Setup has been redesigned to have multiple steps * Added Description * Added Start time and End time, * Added MajorLeagueCyber integration * Added Theme and color selection * Fixes issue where updating dynamic challenges could change the value to an incorrect value * Properly use a less restrictive regex to validate email addresses * Bump Python dependencies to latest working versions * Admins can now give awards to team members from the team's admin panel page **API** * Team member removals (`DELETE /api/v1/teams/[team_id]/members`) from the admin panel will now delete the removed members's Submissions, Awards, Unlocks **Admin Panel** * Admins can now user a color input box to specify a theme color which is injected as part of the CSS configuration. Theme developers can use this CSS value to change colors and styles accordingly. * Challenge updates will now alert you if the challenge doesn't have a flag * Challenge entry now allows you to upload files and enter simple flags from the initial challenge creation page **Themes** * Significant JavaScript and CSS rewrite to use ES6, Webpack, yarn, and babel * Theme asset specially generated URLs * Static theme assets are now loaded with either .dev.extension or .min.extension depending on production or development (i.e. debug server) * Static theme assets are also given a `d` GET parameter that changes per server start. Used to bust browser caches. * Use `defer` for script tags to not block page rendering * Only show the MajorLeagueCyber button if configured in configuration * The admin panel now links to https://help.ctfd.io/ in the top right * Create an `ezToast()` function to use [Bootstrap's toasts](https://getbootstrap.com/docs/4.3/components/toasts/) * The user-facing navbar now features icons * Awards shown on a user's profile can now have award icons * The default MarkdownIt render created by CTFd will now open links in new tabs * Country flags can now be shown on the user pages **Deployment** * Switch `Dockerfile` from `python:2.7-alpine` to `python:3.7-alpine` * Add `SERVER_SENT_EVENTS` config value to control whether Notifications are enabled * Challenge ID is now recorded in the submission log **Plugins** * Add an endpoint parameter to `register_plugin_assets_directory()` and `register_plugin_asset()` to control what endpoint Flask uses for the added route **Miscellaneous** * `CTFd.utils.email.sendmail()` now allows the caller to specify subject as an argument * The subject allows for injecting custom variable via the new `CTFd.utils.formatters.safe_format()` function * Admin user information is now error checked during setup * Added yarn to the toolchain and the yarn dev, yarn build, yarn verify, and yarn clean scripts * Prevent old CTFd imports from being imported
2019-12-23 04:17:34 +00:00
def gen_token(db, type="user", user_id=None, expiration=None):
token = Tokens(type=type, user_id=user_id, expiration=expiration)
db.session.add(token)
db.session.commit()
return token
Adds ondelete='CASCADE' to some models. (#979) * Fixes `populate.py` to assign captains to teams. * Adds `ondelete='CASCADE'` to most ForeignKeys in models * Closes #794 * Test reset in team mode to test removing teams with captains * Test deleting users/teams with awards to test cascading deletion * `gen_team()` test helper now creates users for the team and assigns the first one as captain * Added `Challenges.flags` relationship and moved the `Flags.challenge` relationship to a backref on `Challenges`
2019-05-04 06:08:26 +00:00
def simulate_user_activity(db, user):
gen_tracking(db, user_id=user.id)
gen_award(db, user_id=user.id)
challenge = gen_challenge(db)
flag = gen_flag(db, challenge_id=challenge.id)
hint = gen_hint(db, challenge_id=challenge.id)
for _ in range(5):
gen_fail(db, user_id=user.id, challenge_id=challenge.id)
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/**/*'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty.
2019-05-12 01:09:37 +00:00
gen_unlock(db, user_id=user.id, target=hint.id, type="hints")
Adds ondelete='CASCADE' to some models. (#979) * Fixes `populate.py` to assign captains to teams. * Adds `ondelete='CASCADE'` to most ForeignKeys in models * Closes #794 * Test reset in team mode to test removing teams with captains * Test deleting users/teams with awards to test cascading deletion * `gen_team()` test helper now creates users for the team and assigns the first one as captain * Added `Challenges.flags` relationship and moved the `Flags.challenge` relationship to a backref on `Challenges`
2019-05-04 06:08:26 +00:00
gen_solve(db, user_id=user.id, challenge_id=challenge.id, provided=flag.content)