From e65d60bed16a6a4a5d0f73ca35b8b2d4afa506c8 Mon Sep 17 00:00:00 2001 From: Kevin Chung Date: Mon, 4 May 2020 03:44:02 -0400 Subject: [PATCH 1/3] Add function mass clear user/team sessions --- CTFd/cache/__init__.py | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/CTFd/cache/__init__.py b/CTFd/cache/__init__.py index 19d8047..9ea10e0 100644 --- a/CTFd/cache/__init__.py +++ b/CTFd/cache/__init__.py @@ -58,7 +58,19 @@ def clear_user_session(user_id): cache.delete_memoized(get_user_attrs, user_id=user_id) +def clear_all_user_sessions(): + from CTFd.utils.user import get_user_attrs + + cache.delete_memoized(get_user_attrs) + + def clear_team_session(team_id): from CTFd.utils.user import get_team_attrs cache.delete_memoized(get_team_attrs, team_id=team_id) + + +def clear_all_team_sessions(): + from CTFd.utils.user import get_team_attrs + + cache.delete_memoized(get_team_attrs) From 672798ece69c178de01fc3b887ca4da7cd77fb1e Mon Sep 17 00:00:00 2001 From: Kevin Chung Date: Mon, 4 May 2020 04:06:29 -0400 Subject: [PATCH 2/3] Add a test for clear_all_user_sessions --- tests/cache/test_cache.py | 43 ++++++++++++++++++++++++++++++++------- 1 file changed, 36 insertions(+), 7 deletions(-) diff --git a/tests/cache/test_cache.py b/tests/cache/test_cache.py index 16baea7..7b8ce42 100644 --- a/tests/cache/test_cache.py +++ b/tests/cache/test_cache.py @@ -1,6 +1,7 @@ #!/usr/bin/env python # -*- coding: utf-8 -*- +from CTFd.cache import clear_user_session, clear_all_user_sessions from CTFd.models import Users from CTFd.utils.user import is_admin, get_current_user from CTFd.utils.security.auth import login_user @@ -21,17 +22,45 @@ def test_clear_user_session(): assert user.type == "user" assert is_admin() is False - # Set the user's updated type - user = Users.query.filter_by(id=2).first() - user.type = "admin" - app.db.session.commit() + # Set the user's updated type + user = Users.query.filter_by(id=2).first() + user.type = "admin" + app.db.session.commit() - # The user's type should now be admin + # Should still return False because this is still cached + assert is_admin() is False + + clear_user_session(user_id=2) + + # Should now return True after clearing cache + assert is_admin() is True + destroy_ctfd(app) + + +def test_clear_all_user_sessions(): + app = create_ctfd() + with app.app_context(): + register_user(app) + + # Users by default should have a non-admin type user = Users.query.filter_by(id=2).first() with app.test_request_context("/"): login_user(user) user = get_current_user() assert user.id == 2 - assert user.type == "admin" + assert user.type == "user" + assert is_admin() is False + + # Set the user's updated type + user = Users.query.filter_by(id=2).first() + user.type = "admin" + app.db.session.commit() + + # Should still return False because this is still cached + assert is_admin() is False + + clear_all_user_sessions() + + # Should now return True after clearing cache assert is_admin() is True - destroy_ctfd(app) + destroy_ctfd(app) \ No newline at end of file From f0921f42f5bea473da30f481ceb02509a9e436f4 Mon Sep 17 00:00:00 2001 From: Kevin Chung Date: Mon, 4 May 2020 09:49:31 -0400 Subject: [PATCH 3/3] Run format --- tests/cache/test_cache.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/cache/test_cache.py b/tests/cache/test_cache.py index 7b8ce42..3efc924 100644 --- a/tests/cache/test_cache.py +++ b/tests/cache/test_cache.py @@ -63,4 +63,4 @@ def test_clear_all_user_sessions(): # Should now return True after clearing cache assert is_admin() is True - destroy_ctfd(app) \ No newline at end of file + destroy_ctfd(app)