Properly check SAFE_MODE and allow plugins to be loaded from tests optionally

CTFd/__init__.py

@@ -189,7 +189,6 @@ def create_app(config='CTFd.config.Config'):
         app.register_error_handler(500, general_error)
         app.register_error_handler(502, gateway_error)
 
-        if app.config.get('SAFE_MODE', False):
         init_plugins(app)
 
         return app

CTFd/plugins/__init__.py

@@ -146,6 +146,7 @@ def init_plugins(app):
     :param app: A CTFd application
     :return:
     """
+    if app.config.get('SAFE_MODE', False) is False:
         modules = sorted(glob.glob(os.path.dirname(__file__) + "/*"))
         blacklist = {'__pycache__'}
         for module in modules:

tests/helpers.py

@@ -1,4 +1,5 @@
 from CTFd import create_app
+from CTFd.config import TestingConfig
 from CTFd.models import *
 from CTFd.cache import cache
 from sqlalchemy_utils import database_exists, create_database, drop_database
@@ -15,8 +16,11 @@ else:
     binary_type = bytes
 
 
-def create_ctfd(ctf_name="CTFd", name="admin", email="admin@ctfd.io", password="password", user_mode="users", setup=True):
-    app = create_app('CTFd.config.TestingConfig')
+def create_ctfd(ctf_name="CTFd", name="admin", email="admin@ctfd.io", password="password", user_mode="users", setup=True, enable_plugins=False):
+    if enable_plugins:
+        TestingConfig.SAFE_MODE = False
+
+    app = create_app(TestingConfig)
 
     if setup:
         app = setup_ctfd(app, ctf_name, name, email, password, user_mode)