mirror of https://github.com/JohnHammond/CTFd.git
Admins can edit users from the admin interface
Kevin Chung
parent
7c7632301f
commit
a1f30547d2
|
|
@ -224,15 +224,41 @@ def init_admin(app):
|
|||
user = Teams.query.filter_by(id=teamid).first()
|
||||
solves = Solves.query.filter_by(teamid=teamid).all()
|
||||
addrs = Tracking.query.filter_by(team=teamid).group_by(Tracking.ip).all()
|
||||
db.session.close()
|
||||
|
||||
if request.method == 'GET':
|
||||
return render_template('admin/team.html', solves=solves, team=user, addrs=addrs)
|
||||
elif request.method == 'POST':
|
||||
json = {'solves':[]}
|
||||
for x in solves:
|
||||
json['solves'].append({'id':x.id, 'chal':x.chalid, 'team':x.teamid})
|
||||
return jsonify(json)
|
||||
name = request.form.get('name', None)
|
||||
password = request.form.get('password', None)
|
||||
email = request.form.get('email', None)
|
||||
website = request.form.get('website', None)
|
||||
affiliation = request.form.get('affiliation', None)
|
||||
country = request.form.get('country', None)
|
||||
|
||||
errors = []
|
||||
|
||||
name_used = Teams.query.filter(Teams.name == name).first()
|
||||
if name_used and int(name_used.id) != int(teamid):
|
||||
errors.append('That name is taken')
|
||||
|
||||
email_used = Teams.query.filter(Teams.email == email).first()
|
||||
if email_used and int(email_used.id) != int(teamid):
|
||||
errors.append('That email is taken')
|
||||
|
||||
if errors:
|
||||
db.session.close()
|
||||
return jsonify({'data':errors})
|
||||
else:
|
||||
user.name = name
|
||||
user.email = email
|
||||
if password:
|
||||
user.password = bcrypt_sha256(password)
|
||||
user.website = website
|
||||
user.affiliation = affiliation
|
||||
user.country = country
|
||||
db.session.commit()
|
||||
db.session.close()
|
||||
return jsonify({'data':['success']})
|
||||
|
||||
@app.route('/admin/team/<teamid>/ban', methods=['POST'])
|
||||
@admins_only
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
{% block content %}
|
||||
<div class="row">
|
||||
<p></p>
|
||||
<br>
|
||||
<table id="scoreboard">
|
||||
<thead>
|
||||
<tr>
|
||||
|
|
|
|||
|
|
@ -4,17 +4,90 @@
|
|||
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/c3/0.4.0/c3.min.css">
|
||||
|
||||
<div class="row">
|
||||
<p></p>
|
||||
<br>
|
||||
<div id="user" class="reveal-modal" data-reveal>
|
||||
<h2>Edit User</h2>
|
||||
<form method="POST" action="/admin/teams/">
|
||||
<div class="row">
|
||||
<input type="hidden" name="nonce" value="{{ nonce }}">
|
||||
<input type="hidden" name="id">
|
||||
<div class="large-12 columns">
|
||||
<label>Team Name
|
||||
<input type="text" name="name" placeholder="Enter new team name" />
|
||||
</label>
|
||||
</div>
|
||||
<div class="large-12 columns">
|
||||
<label>Email
|
||||
<input type="text" name="email" placeholder="Enter new email" />
|
||||
</label>
|
||||
</div>
|
||||
<div class="large-12 columns">
|
||||
<label>Password
|
||||
<input type="password" name="password" placeholder="Enter new password" />
|
||||
</label>
|
||||
</div>
|
||||
<div class="large-12 columns">
|
||||
<label>Website
|
||||
<input type="text" name="website" placeholder="Enter Website" />
|
||||
</label>
|
||||
</div>
|
||||
<div class="large-6 columns">
|
||||
<label>Affiliation
|
||||
<input type="text" name="affiliation" placeholder="Enter Affiliation" />
|
||||
</label>
|
||||
</div>
|
||||
<div class="large-6 columns">
|
||||
<label>Country
|
||||
<input type="text" name="country" placeholder="Enter Country" />
|
||||
</label>
|
||||
</div>
|
||||
<div id="results">
|
||||
|
||||
</div>
|
||||
<button id="update-user" class="radius" type="submit">Update</button>
|
||||
</div>
|
||||
</form>
|
||||
<a class="close-reveal-modal">×</a>
|
||||
</div>
|
||||
<table id="teamsboard">
|
||||
<thead>
|
||||
<tr>
|
||||
<td><b>ID</b>
|
||||
</td>
|
||||
<td><b>Team</b>
|
||||
</td>
|
||||
<td><b>Email</b>
|
||||
</td>
|
||||
<td><b>Website</b>
|
||||
</td>
|
||||
<td><b>Affiliation</b>
|
||||
</td>
|
||||
<td><b>Country</b>
|
||||
</td>
|
||||
<td><b>Settings</b>
|
||||
</td>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
{% for team in teams %}
|
||||
<tr><td><a href="/admin/team/{{ team.id }}">{{ team.name }}</a></td></tr>
|
||||
<tr name="{{ team.id }}">
|
||||
<td class="team-id">{{ team.id }}</td>
|
||||
<td class="team-name"><a href="/team/{{ team.id }}">{{ team.name }}</a>
|
||||
</td>
|
||||
<td class="team-email">{{ team.email }}</td>
|
||||
<td class="team-website"><a href="{{ team.website }}">{% if team.website %}{{ team.website }}{% endif %}</a>
|
||||
</td>
|
||||
<td class="team-affiliation"><span>{% if team.affiliation %}{{ team.affiliation }}{% endif %}</span>
|
||||
</td>
|
||||
<td class="team-country"><span>{% if team.country %}{{ team.country }}{% endif %}</span>
|
||||
</td>
|
||||
<td><span>
|
||||
<i class="fa fa-pencil-square-o"></i>
|
||||
<i class="fa fa-envelope"></i>
|
||||
<i class="fa fa-times"></i>
|
||||
</span>
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</tbody>
|
||||
</table>
|
||||
|
|
@ -22,4 +95,55 @@
|
|||
{% endblock %}
|
||||
|
||||
{% block scripts %}
|
||||
<script>
|
||||
|
||||
function load_modal(id, name, email, website, affiliation, country){
|
||||
var modal_form = $('#user form');
|
||||
|
||||
modal_form.find('input[name=name]').val(name)
|
||||
modal_form.find('input[name=id]').val(id)
|
||||
modal_form.find('input[name=email]').val(email)
|
||||
modal_form.find('input[name=website]').val(website)
|
||||
modal_form.find('input[name=affiliation]').val(affiliation)
|
||||
modal_form.find('input[name=country]').val(country)
|
||||
console.log(modal_form);
|
||||
$('#user form').attr('action', '/admin/team/'+id)
|
||||
$('#user').foundation('reveal', 'open');
|
||||
}
|
||||
|
||||
$('#update-user').click(function(e){
|
||||
e.preventDefault();
|
||||
var id = $('#user input[name="id"]').val()
|
||||
var user_data = $('#user form').serializeArray()
|
||||
$.post($('#user form').attr('action'), $('#user form').serialize(), function(data){
|
||||
var data = $.parseJSON(JSON.stringify(data))
|
||||
for (var i = 0; i < data['data'].length; i++) {
|
||||
if (data['data'][i] == 'success'){
|
||||
var row = $('tr[name='+id+']')
|
||||
row.find('.team-name').text( $.grep(user_data, function(e){ return e.name == 'name'; })[0]['value'] )
|
||||
row.find('.team-email').text( $.grep(user_data, function(e){ return e.name == 'email'; })[0]['value'] )
|
||||
row.find('.team-website').attr('href', $.grep(user_data, function(e){ return e.name == 'website'; })[0]['value'] )
|
||||
row.find('.team-affiliation').text( $.grep(user_data, function(e){ return e.name == 'affiliation'; })[0]['value'] )
|
||||
row.find('.team-country').text( $.grep(user_data, function(e){ return e.name == 'country'; })[0]['value'] )
|
||||
$('#user').foundation('reveal', 'close');
|
||||
}
|
||||
else{
|
||||
$('#results').append($('p').text( data['data'][i] ))
|
||||
}
|
||||
};
|
||||
})
|
||||
})
|
||||
|
||||
$('.fa-pencil-square-o').click(function(){
|
||||
var elem = $(this).parent().parent().parent();
|
||||
var id = elem.find('.team-id').text();
|
||||
var name = elem.find('.team-name').text();
|
||||
var email = elem.find('.team-email').text();
|
||||
var website = elem.find('.team-website').text();
|
||||
var affiliation = elem.find('.team-affiliation').text();
|
||||
var country = elem.find('.team-country').text();
|
||||
|
||||
load_modal(id, name, email, website, affiliation, country);
|
||||
})
|
||||
</script>
|
||||
{% endblock %}
|
||||
|
|
@ -4,9 +4,9 @@
|
|||
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/c3/0.4.0/c3.min.css">
|
||||
|
||||
<div class="row">
|
||||
<p></p>
|
||||
<br>
|
||||
<div id="score-graph"></div>
|
||||
<p></p>
|
||||
<br>
|
||||
|
||||
<table id="scoreboard">
|
||||
<thead>
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/c3/0.4.0/c3.min.css">
|
||||
|
||||
<div class="row">
|
||||
<p></p>
|
||||
<br>
|
||||
<table id="teamsboard">
|
||||
<thead>
|
||||
<tr>
|
||||
|
|
|
|||
Loading…
Reference in New Issue