JohnHammond
/
CTFd
mirror of https://github.com/JohnHammond/CTFd.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Reorder code and fix tests

update-jquery-3.5.0
Kevin Chung 2020-04-29 18:41:18 -04:00
parent 7e3b1962c4
commit abd8aae84f
3 changed files with 34 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
CTFd/utils/initialization/__init__.py
View File

@ -164,6 +164,27 @@ def init_request_processors(app):
else:
return redirect(url_for("views.setup"))
@app.before_request
def tracker():
if request.endpoint == "views.themes":
return
if authed():
track = Tracking.query.filter_by(ip=get_ip(), user_id=session["id"]).first()
if not track:
visit = Tracking(ip=get_ip(), user_id=session["id"])
db.session.add(visit)
else:
track.date = datetime.datetime.utcnow()
try:
db.session.commit()
except (InvalidRequestError, IntegrityError):
db.session.rollback()
logout_user()
db.session.close()
@app.before_request
def banned():
if request.endpoint == "views.themes":
@ -190,27 +211,6 @@ def init_request_processors(app):
403,
)
@app.before_request
def tracker():
if request.endpoint == "views.themes":
return
if authed():
track = Tracking.query.filter_by(ip=get_ip(), user_id=session["id"]).first()
if not track:
visit = Tracking(ip=get_ip(), user_id=session["id"])
db.session.add(visit)
else:
track.date = datetime.datetime.utcnow()
try:
db.session.commit()
except (InvalidRequestError, IntegrityError):
db.session.rollback()
logout_user()
db.session.close()
@app.before_request
def tokens():
token = request.headers.get("Authorization")

19
tests/teams/test_teams.py
View File

@ -59,28 +59,31 @@ def test_hidden_teams_visibility():
register_user(app)
with login_as_user(app) as client:
user = Users.query.filter_by(id=2).first()
user_id = user.id
team = gen_team(app.db, name="visible_team", hidden=True)
team_id = team.id
team_name = team.name
team.members.append(user)
user.team_id = team.id
app.db.session.commit()
r = client.get("/teams")
response = r.get_data(as_text=True)
assert team.name not in response
assert team_name not in response
r = client.get("/api/v1/teams")
response = r.get_json()
assert team.name not in response
assert team_name not in response
gen_award(app.db, user.id, team_id=team.id)
gen_award(app.db, user_id, team_id=team_id)
r = client.get("/scoreboard")
response = r.get_data(as_text=True)
assert team.name not in response
assert team_name not in response
r = client.get("/api/v1/scoreboard")
response = r.get_json()
assert team.name not in response
assert team_name not in response
# Team should re-appear after disabling hiding
# Use an API call to cause a cache clear
@ -90,15 +93,15 @@ def test_hidden_teams_visibility():
r = client.get("/teams")
response = r.get_data(as_text=True)
assert team.name in response
assert team_name in response
r = client.get("/api/v1/teams")
response = r.get_data(as_text=True)
assert team.name in response
assert team_name in response
r = client.get("/api/v1/scoreboard")
response = r.get_data(as_text=True)
assert team.name in response
assert team_name in response
destroy_ctfd(app)

3
tests/users/test_users.py
View File

@ -48,6 +48,7 @@ def test_hidden_user_visibility():
with login_as_user(app, name="hidden_user") as client:
user = Users.query.filter_by(id=2).first()
user_id = user.id
user_name = user.name
user.hidden = True
app.db.session.commit()
@ -60,7 +61,7 @@ def test_hidden_user_visibility():
response = r.get_json()
assert user_name not in response
gen_award(app.db, user.id)
gen_award(app.db, user_id)
r = client.get("/scoreboard")
response = r.get_data(as_text=True)