diff --git a/CTFd/themes/original/static/js/team.js b/CTFd/themes/original/static/js/team.js
index 0087bd70..5e531ef6 100644
--- a/CTFd/themes/original/static/js/team.js
+++ b/CTFd/themes/original/static/js/team.js
@@ -1,6 +1,5 @@
function teamid (){
- loc = window.location.pathname
- return loc.substring(loc.lastIndexOf('/')+1, loc.length);
+ return $('#team-id').attr('team-id');
}
function colorhash (x) {
diff --git a/CTFd/themes/original/templates/team.html b/CTFd/themes/original/templates/team.html
index 92f3da4a..28d278a4 100644
--- a/CTFd/themes/original/templates/team.html
+++ b/CTFd/themes/original/templates/team.html
@@ -6,7 +6,7 @@
{% block content %}
-
{{ team.name }}
+ {{ team.name }}
diff --git a/CTFd/views.py b/CTFd/views.py
index 915dc728..5f8bb91c 100644
--- a/CTFd/views.py
+++ b/CTFd/views.py
@@ -135,6 +135,33 @@ def teams(page):
return render_template('teams.html', teams=teams, team_pages=pages, curr_page=page)
+@views.route('/team', methods=['GET'])
+def private_team():
+ if utils.authed():
+ teamid = session['id']
+
+ freeze = utils.get_config('freeze')
+ user = Teams.query.filter_by(id=teamid).first_or_404()
+ solves = Solves.query.filter_by(teamid=teamid)
+ awards = Awards.query.filter_by(teamid=teamid)
+
+ place = user.place()
+ score = user.score()
+
+ if freeze:
+ freeze = utils.unix_time_to_utc(freeze)
+ if teamid != session.get('id'):
+ solves = solves.filter(Solves.date < freeze)
+ awards = awards.filter(Awards.date < freeze)
+
+ solves = solves.all()
+ awards = awards.all()
+
+ return render_template('team.html', solves=solves, awards=awards, team=user, score=score, place=place, score_frozen=utils.is_scoreboard_frozen())
+ else:
+ return redirect(url_for('auth.login'))
+
+
@views.route('/team/', methods=['GET', 'POST'])
def team(teamid):
if utils.get_config('view_scoreboard_if_utils.authed') and not utils.authed():
diff --git a/tests/user/test_user_facing.py b/tests/user/test_user_facing.py
index f352e00b..3fc9171d 100644
--- a/tests/user/test_user_facing.py
+++ b/tests/user/test_user_facing.py
@@ -174,6 +174,17 @@ def test_user_get_team_page():
destroy_ctfd(app)
+def test_user_get_private_team_page():
+ """Can a registered user load their private team page (/team)"""
+ app = create_ctfd()
+ with app.app_context():
+ register_user(app)
+ client = login_as_user(app)
+ r = client.get('/team')
+ assert r.status_code == 200
+ destroy_ctfd(app)
+
+
def test_user_get_profile():
"""Can a registered user load their private profile (/profile)"""
app = create_ctfd()