From 52becebbdbc992428b25a3e11e7f7c0b49b8bc23 Mon Sep 17 00:00:00 2001
From: CodeKevin <kevin@codekevin.com>
Date: Sat, 24 Jan 2015 19:40:52 -0500
Subject: [PATCH] Adding team emailing

Untested since I don't have a mail server on my dev environment
---
 CTFd/admin.py              | 14 ++++++++++++--
 CTFd/utils.py              |  2 ++
 templates/admin/hosts.html | 16 ++++++++++++++++
 templates/admin/teams.html | 31 +++++++++++++++++++++++++++----
 4 files changed, 57 insertions(+), 6 deletions(-)

diff --git a/CTFd/admin.py b/CTFd/admin.py
index d426edf6..3530ba14 100644
--- a/CTFd/admin.py
+++ b/CTFd/admin.py
@@ -1,5 +1,5 @@
 from flask import render_template, request, redirect, abort, jsonify, url_for, session
-from CTFd.utils import sha512, is_safe_url, authed, admins_only, is_admin, unix_time, unix_time_millis, get_config, set_config, get_digitalocean
+from CTFd.utils import sha512, is_safe_url, authed, admins_only, is_admin, unix_time, unix_time_millis, get_config, set_config, get_digitalocean, sendmail
 from CTFd.models import db, Teams, Solves, Challenges, WrongKeys, Keys, Tags, Files, Tracking, Pages, Config
 from itsdangerous import TimedSerializer, BadTimeSignature
 from werkzeug.utils import secure_filename
@@ -158,7 +158,6 @@ def init_admin(app):
     @app.route('/admin/chals', methods=['POST', 'GET'])
     @admins_only
     def admin_chals():
-        # if authed():
         if request.method == 'POST':
             chals = Challenges.query.add_columns('id', 'name', 'value', 'description', 'category').order_by(Challenges.value).all()
             
@@ -314,6 +313,17 @@ def init_admin(app):
                 db.session.close()
                 return jsonify({'data':['success']})
 
+    @app.route('/admin/team/<teamid>/mail', methods=['POST'])
+    @admins_only
+    def email_user(teamid):
+        message = request.form.get('msg', None)
+        team = Teams.query.filter(Teams.id == teamid).first()
+        if message and team:
+            if sendmail(team.email, message):
+                return "1"
+        return "0"
+
+
     @app.route('/admin/team/<teamid>/ban', methods=['POST'])
     @admins_only
     def ban(teamid):
diff --git a/CTFd/utils.py b/CTFd/utils.py
index 3daedb54..62023005 100644
--- a/CTFd/utils.py
+++ b/CTFd/utils.py
@@ -19,6 +19,8 @@ def init_utils(app):
     app.jinja_env.filters['long2ip'] = long2ip
     app.jinja_env.globals.update(pages=pages)
     app.jinja_env.globals.update(can_register=can_register)
+    app.jinja_env.globals.update(mailserver=mailserver)
+
 
 def pages():
     pages = Pages.query.filter(Pages.route!="index").all()
diff --git a/templates/admin/hosts.html b/templates/admin/hosts.html
index 8223ef57..4955dca2 100644
--- a/templates/admin/hosts.html
+++ b/templates/admin/hosts.html
@@ -1,6 +1,13 @@
 {% extends "admin/base.html" %}
 
 {% block content %}
+<div id="create-droplet-modal" class="reveal-modal" data-reveal>
+    <h2 class="text-center">Create Droplet</h2>
+
+    <p>Finally, if your modal summons another Reveal modal, the plugin will handle that for you gracefully.</p>
+    <a class="close-reveal-modal">&#215;</a>
+</div>
+
 <div class="row">
     <br>
     <h1>Hosts</h1>
@@ -28,6 +35,8 @@
                 </td>
                 <td><b>Disk</b>
                 </td>
+                <td><b>Settings</b>
+                </td>
             </tr>
         </thead>
         <tbody>
@@ -39,10 +48,17 @@
                 <td>{{ host.ip_address }}</td>
                 <td>{{ host.memory }} <sub>MB</sub></td>
                 <td>{{ host.disk }} <sub>GB</sub></td>
+                <td>
+                    <span>
+                        <i class="fa fa-pencil-square-o"></i>
+                        <i class="fa fa-times"></i>
+                    </span>
+                </td>
             </tr>
         {% endfor %}
         </tbody>
     </table>
+    <a href="#" data-reveal-id="create-droplet-modal" class="radius button">Create New Host</a>
 </div>
 {% endblock %}
 
diff --git a/templates/admin/teams.html b/templates/admin/teams.html
index ece10440..51963236 100644
--- a/templates/admin/teams.html
+++ b/templates/admin/teams.html
@@ -16,6 +16,17 @@
                 <button type="button" id="delete-user" class="button success radius">Yes</button>
             </div>
         </form>
+        <a class="close-reveal-modal">&#215;</a>
+    </div>
+    <div id="email-user" class="reveal-modal" data-reveal>
+        <h2 class="text-center">Email User</h2>
+        <form method="POST">
+            <input type="hidden" name="id">
+            <input type="hidden" name="nonce" value="{{ nonce }}">
+            <textarea name="msg" placeholder="Enter your message here" rows="15"></textarea>
+            <input type="submit" class="radius button" value="Send Message"></button></a>
+        </form>
+        <a class="close-reveal-modal">&#215;</a>
     </div>
     <div id="user" class="reveal-modal" data-reveal>
         <h2 class="text-center">Edit User</h2>
@@ -84,7 +95,7 @@
             {% for team in teams %}
             <tr name="{{ team.id }}">
                 <td class="team-id">{{ team.id }}</td>
-                <td class="team-name"><a href="/team/{{ team.id }}">{{ team.name }}</a>
+                <td class="team-name"><a href="/admin/team/{{ team.id }}">{{ team.name }}</a>
                 </td>
                 <td class="team-email">{{ team.email }}</td>
                 <td class="team-website"><a href="{{ team.website }}">{% if team.website %}{{ team.website }}{% endif %}</a>
@@ -95,7 +106,7 @@
                 </td>
                 <td><span>
                     <i class="fa fa-pencil-square-o"></i>
-                    <i class="fa fa-envelope"></i>
+                    {% if mailserver() %}<i class="fa fa-envelope"></i>{% endif %}
                     <i class="fa fa-times"></i>
                 </span>
                 </td>
@@ -168,7 +179,7 @@ $('.fa-pencil-square-o').click(function(){
     var country = elem.find('.team-country').text().trim();
 
     load_update_modal(id, name, email, website, affiliation, country);
-})
+});
 
 function load_confirm_modal(id, name){
     var modal = $('#confirm')
@@ -183,7 +194,19 @@ $('.fa-times').click(function(){
     var id = elem.find('.team-id').text().trim();
     var name = elem.find('.team-name').text().trim();
     load_confirm_modal(id, name)
-})
+});
 
+function load_email_modal(id){
+    var modal = $('#email-user')
+    modal.find('input[name=id]').val(id)
+    $('#email-user form').attr('action', '/admin/team/'+id+'/mail');
+    $('#email-user').foundation('reveal', 'open');
+}
+
+$('.fa-envelope').click(function(){
+    var elem = $(this).parent().parent().parent();
+    var id = elem.find('.team-id').text().trim();
+    load_email_modal(id);
+});
 </script>
 {% endblock %}
\ No newline at end of file