aljaz/CTFd
1
0
Fork 0
mirror of https://github.com/aljazceru/CTFd.git synced 2025-12-18 22:44:24 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add userName and userEmail to init objects in base.html (#2082)

Browse Source 
* Add `userName` and `userEmail` to the CTFd init object in `base.html`
* Closes #2066
This commit is contained in:
Kevin Chung
2022-04-08 15:14:57 -04:00
committed by GitHub
parent e526d60a6d
commit 0c6e28315c
3 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CTFd/themes/admin/templates/base.html
View File

@@ -17,6 +17,8 @@
'csrfNonce': "{{ Session.nonce }}", 'csrfNonce': "{{ Session.nonce }}",
'userMode': "{{ get_config('user_mode') }}", 'userMode': "{{ get_config('user_mode') }}",
'userId': {{ id if (id is defined) else 0 }}, 'userId': {{ id if (id is defined) else 0 }},
'userName': "{{ User.name }}",
'userEmail': "{{ User.email }}",
'start': {{ get_config("start") | tojson }}, 'start': {{ get_config("start") | tojson }},
'end': {{ get_config("end") | tojson }}, 'end': {{ get_config("end") | tojson }},
} }

2
CTFd/themes/core/templates/base.html
View File

@@ -18,6 +18,8 @@
'csrfNonce': "{{ Session.nonce }}", 'csrfNonce': "{{ Session.nonce }}",
'userMode': "{{ Configs.user_mode }}", 'userMode': "{{ Configs.user_mode }}",
'userId': {{ Session.id }}, 'userId': {{ Session.id }},
'userName': "{{ User.name }}",
'userEmail': "{{ User.email }}",
'start': {{ Configs.start | tojson }}, 'start': {{ Configs.start | tojson }},
'end': {{ Configs.end | tojson }}, 'end': {{ Configs.end | tojson }},
'theme_settings': {{ Configs.theme_settings | tojson }} 'theme_settings': {{ Configs.theme_settings | tojson }}

12
tests/users/test_users.py
View File

@@ -61,6 +61,10 @@ def test_hidden_user_visibility():
r = client.get("/users") r = client.get("/users")
response = r.get_data(as_text=True) response = r.get_data(as_text=True)
# Only search in body content
body_start = response.find("<body>")
body_end = response.find("</body>")
response = response[body_start:body_end]
assert user_name not in response assert user_name not in response
r = client.get("/api/v1/users") r = client.get("/api/v1/users")
@@ -71,6 +75,10 @@ def test_hidden_user_visibility():
r = client.get("/scoreboard") r = client.get("/scoreboard")
response = r.get_data(as_text=True) response = r.get_data(as_text=True)
# Only search in body content
body_start = response.find("<body>")
body_end = response.find("</body>")
response = response[body_start:body_end]
assert user_name not in response assert user_name not in response
r = client.get("/api/v1/scoreboard") r = client.get("/api/v1/scoreboard")
@@ -85,6 +93,10 @@ def test_hidden_user_visibility():
r = client.get("/users") r = client.get("/users")
response = r.get_data(as_text=True) response = r.get_data(as_text=True)
# Only search in body content
body_start = response.find("<body>")
body_end = response.find("</body>")
response = response[body_start:body_end]
assert user_name in response assert user_name in response
r = client.get("/api/v1/users") r = client.get("/api/v1/users")