Giving config page more access (#279)

* Giving a plugin's config page more control
* Adding utils to base

This potentially opens some risk to malicious plugins but really a
plugin would already have this capability given that it can run
arbitrary Python code.

CTFd/admin/__init__.py

@@ -42,7 +42,7 @@ def admin_plugin_config(plugin):
     if request.method == 'GET':
         if plugin in utils.get_configurable_plugins():
             config = open(os.path.join(app.root_path, 'plugins', plugin, 'config.html')).read()
-            return render_template('admin/page.html', content=config)
+            return render_template_string(config)
         abort(404)
     elif request.method == 'POST':
         for k, v in request.form.items():

CTFd/templates/admin/base.html

@@ -78,6 +78,7 @@
 		<script src="{{ request.script_root }}/static/admin/js/vendor/marked.min.js"></script>
 		<script src="{{ request.script_root }}/static/admin/js/vendor/bootstrap.min.js"></script>
 		<script src="{{ request.script_root }}/static/admin/js/main.js"></script>
+		<script src="{{ request.script_root }}/static/admin/js/utils.js"></script>
 		{% block scripts %} {% endblock %}
 </body>