aljaz/CTFd
1
0
Fork 0
mirror of https://github.com/aljazceru/CTFd.git synced 2025-12-17 14:04:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Version 1.1 CTFd (#514)

Browse Source 
* Bootstrap v4 (#490)
* Upgrading original theme to use Bootstrap v4 and overall improve use of utility classes
* Fixing graph issues. Colors per team & cleaner hover
* The solves tab now shows relative time instead of absolute time
* Redesign admin theme
* Updating modals and changing form name from desc to description
* Moving CSS config from Pages to Config page
* Adding IP address count to statistics
* Move control of certain modals (files, flags, tags, hints) to challenges page
* Expanding size of config page
* Combining statistics and graphs pages
* Moving percentage solved to the statistics page instead of the admin challenges page

* Rename Keys.key_type to Keys.type (#459) (#478)

* Rename keys.key_type to keys.type (#459)
* Fixing previous migration to not be worried about key_type v type

* Fixing loading of challenge type plugins

* Switching from Handlebars to Nunjucks (#491)

* Switching from Handlebars to Nunjucks
* Allow admins to unlock hints before CTF begins and test that this is not allowed for regular users

* Authed only (#492)

* Adding authed_only decorator and adding next to url_for

* Adding a basic preview to hints (#494)

* Hints have a preview now for creating and updating hints. HTML and markdown are still allowed.

* Ezq (#495)

* Adding ezq as a simple wrapper around bootstrap modals

* Use tabs not spaces and remove gray background on inputs

* Adding title & draft to Pages. Making page preview open a new tab (#497)

* Adding title & draft to Pages.
* Making page preview open a new tab instead of render in the existing tab
* Draft pages cannot be seen without a preview

* Update check (#499)

* Add update_check function
* Notify user that a CTFd update is available in the admin panel
* Adding update_check tests

* Ratelimit (#500)

* Implementing a ratelimit function 
* Fix error page formatting
* Add rate limiting tests
* Rate limit authentication functions and rate limit admin send email function

* Load user solves before we load challenges to avoid unstyled buttons (#502)

* Add a challenge preview (#503)

* Adding a challenge preview to the admin panel
* Change /admin/chals/<int:chalid> to /admin/chal/<int:chalid>

* Adding codecov (#504)

* Test coverage at https://codecov.io/gh/CTFd/CTFd

* Sendmail improvements (#505)

* Add get_smtp timeout, add sendmail error messages
* Adding more error handling to sendmail

* Adding Flask-Script (#507)

* Pause ctf (#508)

* Implement CTF pausing
* Test CTF pausing

* Fix loading challenges for users (#510)

* Fix loading challenges for users
* Temporarily switch themes in test

* Pause help text (#509)

* Adding pause help text

* Pages authed (#511)

* Adding authentication options to pages
* Adding tests for accessing pages while draft & auth_required

* Merging master into 1.1 (#513)

* Name the core theme and remove the original theme
This commit is contained in:
Kevin Chung
2017-12-11 06:42:07 -05:00
committed by GitHub
parent 4c0ae9f3b5
commit 3af98b17d5
230 changed files with 5829 additions and 4242 deletions
Download Patch File Download Diff File Expand all files Collapse all files

119
tests/test_utils.py
View File

@@ -7,9 +7,11 @@ from CTFd.utils import get_config, set_config, override_template, sendmail, veri
from CTFd.utils import register_plugin_script, register_plugin_stylesheet
from CTFd.utils import base64encode, base64decode
from CTFd.utils import check_email_format
from CTFd.utils import update_check
from freezegun import freeze_time
from mock import patch
from mock import patch, Mock
import json
import requests
import six
@@ -300,7 +302,7 @@ def test_ctf_ended():
def test_register_plugin_script():
'''Test that register_plugin_script adds script paths to the original theme'''
'''Test that register_plugin_script adds script paths to the core theme'''
app = create_ctfd()
with app.app_context():
register_plugin_script('/fake/script/path.js')
@@ -314,7 +316,7 @@ def test_register_plugin_script():
def test_register_plugin_stylesheet():
'''Test that register_plugin_stylesheet adds stylesheet paths to the original theme'''
'''Test that register_plugin_stylesheet adds stylesheet paths to the core theme'''
app = create_ctfd()
with app.app_context():
register_plugin_script('/fake/stylesheet/path.css')
@@ -370,3 +372,114 @@ def test_check_email_format():
assert check_email_format(invalid_email) is False
except AssertionError:
print(invalid_email, 'did not pass validation')
def test_update_check_is_called():
"""Update checks happen on start"""
app = create_ctfd()
with app.app_context():
assert get_config('version_latest') is None
@patch.object(requests, 'get')
def test_update_check_identifies_update(fake_get_request):
"""Update checks properly identify new versions"""
app = create_ctfd()
with app.app_context():
app.config['UPDATE_CHECK'] = True
fake_response = Mock()
fake_get_request.return_value = fake_response
fake_response.json = lambda: {
u'resource': {
u'html_url': u'https://github.com/CTFd/CTFd/releases/tag/9.9.9',
u'download_url': u'https://api.github.com/repos/CTFd/CTFd/zipball/9.9.9',
u'published_at': u'Wed, 25 Oct 2017 19:39:42 -0000',
u'tag': u'9.9.9',
u'prerelease': False,
u'id': 6,
u'latest': True
}
}
update_check()
assert get_config('version_latest') == 'https://github.com/CTFd/CTFd/releases/tag/9.9.9'
destroy_ctfd(app)
def test_update_check_notifies_user():
"""If an update is available, admin users are notified in the panel"""
app = create_ctfd()
with app.app_context():
app.config['UPDATE_CHECK'] = True
set_config('version_latest', 'https://github.com/CTFd/CTFd/releases/tag/9.9.9')
client = login_as_user(app, name="admin", password="password")
r = client.get('/admin/config')
assert r.status_code == 200
response = r.get_data(as_text=True)
assert 'https://github.com/CTFd/CTFd/releases/tag/9.9.9' in response
destroy_ctfd(app)
@patch.object(requests, 'get')
def test_update_check_ignores_downgrades(fake_get_request):
"""Update checks do nothing on old or same versions"""
app = create_ctfd()
with app.app_context():
app.config['UPDATE_CHECK'] = True
fake_response = Mock()
fake_get_request.return_value = fake_response
fake_response.json = lambda: {
u'resource': {
u'html_url': u'https://github.com/CTFd/CTFd/releases/tag/0.0.1',
u'download_url': u'https://api.github.com/repos/CTFd/CTFd/zipball/0.0.1',
u'published_at': u'Wed, 25 Oct 2017 19:39:42 -0000',
u'tag': u'0.0.1',
u'prerelease': False,
u'id': 6,
u'latest': True
}
}
update_check()
assert get_config('version_latest') is None
fake_response = Mock()
fake_get_request.return_value = fake_response
fake_response.json = lambda: {
u'resource': {
u'html_url': u'https://github.com/CTFd/CTFd/releases/tag/{}'.format(app.VERSION),
u'download_url': u'https://api.github.com/repos/CTFd/CTFd/zipball/{}'.format(app.VERSION),
u'published_at': u'Wed, 25 Oct 2017 19:39:42 -0000',
u'tag': u'{}'.format(app.VERSION),
u'prerelease': False,
u'id': 6,
u'latest': True
}
}
update_check()
assert get_config('version_latest') is None
destroy_ctfd(app)
def test_ratelimit_on_auth():
"""Test that ratelimiting function works properly"""
app = create_ctfd()
with app.app_context():
register_user(app)
with app.test_client() as client:
r = client.get('/login')
with client.session_transaction() as sess:
data = {
"name": "user",
"password": "wrong_password",
"nonce": sess.get('nonce')
}
for x in range(10):
r = client.post('/login', data=data)
assert r.status_code == 200
for x in range(5):
r = client.post('/login', data=data)
assert r.status_code == 429
destroy_ctfd(app)