Add team attrs and cache banning SQL query

2020-04-29 20:33:51 -04:00 · 2020-04-29 20:33:51 -04:00 · 3f3109f589
parent 0d8b0ee966
commit 3f3109f589
5 changed files with 54 additions and 9 deletions
--- a/CTFd/constants/teams.py
+++ b/CTFd/constants/teams.py
@ -0,0 +1,20 @@
+from collections import namedtuple
+
+TeamAttrs = namedtuple(
+    "TeamAttrs",
+    [
+        "id",
+        "oauth_id",
+        "name",
+        "email",
+        "secret",
+        "website",
+        "affiliation",
+        "country",
+        "bracket",
+        "hidden",
+        "banned",
+        "captain_id",
+        "created",
+    ],
+)
--- a/CTFd/constants/users.py
+++ b/CTFd/constants/users.py
@ -19,4 +19,4 @@ UserAttrs = namedtuple(
        "team_id",
        "created",
    ],
-)
+)
--- a/CTFd/utils/initialization/init.py
+++ b/CTFd/utils/initialization/init.py
@ -38,7 +38,15 @@ from CTFd.utils.plugins import (
 )
 from CTFd.utils.security.auth import login_user, logout_user, lookup_user_token
 from CTFd.utils.security.csrf import generate_nonce
-from CTFd.utils.user import authed, get_current_team, get_current_user, get_ip, is_admin
+from CTFd.utils.user import (
+    authed,
+    get_current_team,
+    get_current_user,
+    get_current_user_attrs,
+    get_current_team_attrs,
+    get_ip,
+    is_admin,
+)


 def init_template_filters(app):
@ -191,8 +199,8 @@ def init_request_processors(app):
            return

        if authed():
-            user = get_current_user()
-            team = get_current_team()
+            user = get_current_user_attrs()
+            team = get_current_team_attrs()

            if user and user.banned:
                return (
--- a/CTFd/utils/user/init.py
+++ b/CTFd/utils/user/init.py
@ -6,6 +6,7 @@ from flask import request, session

 from CTFd.cache import cache
 from CTFd.constants.users import UserAttrs
+from CTFd.constants.teams import TeamAttrs
 from CTFd.models import Fails, Users, db, Teams
 from CTFd.utils import get_config

@ -33,7 +34,7 @@ def get_user_attrs(user_id):
        for field in UserAttrs._fields:
            d[field] = getattr(user, field)
        return UserAttrs(**d)
-    return user
+    return None


 def get_current_team():
@ -44,6 +45,25 @@ def get_current_team():
        return None


+def get_current_team_attrs():
+    if authed():
+        user = get_user_attrs(user_id=session["id"])
+        if user.team_id:
+            return get_team_attrs(team_id=user.team_id)
+    return None
+
+
+@cache.memoize()
+def get_team_attrs(team_id):
+    team = Teams.query.filter_by(id=team_id).first()
+    if team:
+        d = {}
+        for field in TeamAttrs._fields:
+            d[field] = getattr(user, field)
+        return TeamAttrs(**d)
+    return None
+
+
 def get_current_user_type(fallback=None):
    if authed():
        user = get_current_user_attrs()
--- a/serve.py
+++ b/serve.py
@ -18,10 +18,7 @@ if args.profile:
        "enabled": app.config["DEBUG"],
        "storage": {"engine": "sqlite"},
        "basicAuth": {"enabled": False},
-        "ignore": [
-	        "^/themes/.*",
-	        "^/events",
-	    ]
+        "ignore": ["^/themes/.*", "^/events"],
    }
    flask_profiler.init_app(app)
    app.config["DEBUG_TB_PROFILER_ENABLED"] = True