mirror of
https://github.com/aljazceru/CTFd.git
synced 2025-12-18 14:34:21 +01:00
Cleaning some challenge endpoints (#382)
* Cleaning some challenge endpoints * Adding test for /chals/solves
This commit is contained in:
Kevin Chung
@@ -144,9 +144,21 @@ def solves_per_chal():
|
|||||||
if not utils.user_can_view_challenges():
|
if not utils.user_can_view_challenges():
|
||||||
return redirect(url_for('auth.login', next=request.path))
|
return redirect(url_for('auth.login', next=request.path))
|
||||||
|
|
||||||
solves_sub = db.session.query(Solves.chalid, db.func.count(Solves.chalid).label('solves')).join(Teams, Solves.teamid == Teams.id).filter(Teams.banned == False).group_by(Solves.chalid).subquery()
|
solves_sub = db.session.query(
|
||||||
solves = db.session.query(solves_sub.columns.chalid, solves_sub.columns.solves, Challenges.name) \
|
Solves.chalid,
|
||||||
.join(Challenges, solves_sub.columns.chalid == Challenges.id).all()
|
db.func.count(Solves.chalid).label('solves')
|
||||||
|
)\
|
||||||
|
.join(Teams, Solves.teamid == Teams.id) \
|
||||||
|
.filter(Teams.banned == False) \
|
||||||
|
.group_by(Solves.chalid).subquery()
|
||||||
|
|
||||||
|
solves = db.session.query(
|
||||||
|
solves_sub.columns.chalid,
|
||||||
|
solves_sub.columns.solves,
|
||||||
|
Challenges.name
|
||||||
|
) \
|
||||||
|
.join(Challenges, solves_sub.columns.chalid == Challenges.id).all()
|
||||||
|
|
||||||
json = {}
|
json = {}
|
||||||
if utils.hide_scores():
|
if utils.hide_scores():
|
||||||
for chal, count, name in solves:
|
for chal, count, name in solves:
|
||||||
@@ -174,18 +186,23 @@ def solves(teamid=None):
|
|||||||
else:
|
else:
|
||||||
return redirect(url_for('auth.login', next='solves'))
|
return redirect(url_for('auth.login', next='solves'))
|
||||||
else:
|
else:
|
||||||
solves = Solves.query.filter_by(teamid=teamid)
|
if utils.hide_scores():
|
||||||
awards = Awards.query.filter_by(teamid=teamid)
|
# Use empty values to hide scores
|
||||||
|
solves = []
|
||||||
|
awards = []
|
||||||
|
else:
|
||||||
|
solves = Solves.query.filter_by(teamid=teamid)
|
||||||
|
awards = Awards.query.filter_by(teamid=teamid)
|
||||||
|
|
||||||
freeze = utils.get_config('freeze')
|
freeze = utils.get_config('freeze')
|
||||||
if freeze:
|
if freeze:
|
||||||
freeze = utils.unix_time_to_utc(freeze)
|
freeze = utils.unix_time_to_utc(freeze)
|
||||||
if teamid != session.get('id'):
|
if teamid != session.get('id'):
|
||||||
solves = solves.filter(Solves.date < freeze)
|
solves = solves.filter(Solves.date < freeze)
|
||||||
awards = awards.filter(Awards.date < freeze)
|
awards = awards.filter(Awards.date < freeze)
|
||||||
|
|
||||||
solves = solves.all()
|
solves = solves.all()
|
||||||
awards = awards.all()
|
awards = awards.all()
|
||||||
db.session.close()
|
db.session.close()
|
||||||
json = {'solves': []}
|
json = {'solves': []}
|
||||||
for solve in solves:
|
for solve in solves:
|
||||||
@@ -224,10 +241,19 @@ def attempts():
|
|||||||
return jsonify(json)
|
return jsonify(json)
|
||||||
|
|
||||||
|
|
||||||
@challenges.route('/fails/<int:teamid>', methods=['GET'])
|
@challenges.route('/fails')
|
||||||
def fails(teamid):
|
@challenges.route('/fails/<int:teamid>')
|
||||||
fails = WrongKeys.query.filter_by(teamid=teamid).count()
|
def fails(teamid=None):
|
||||||
solves = Solves.query.filter_by(teamid=teamid).count()
|
if teamid is None:
|
||||||
|
fails = WrongKeys.query.filter_by(teamid=session['id']).count()
|
||||||
|
solves = Solves.query.filter_by(teamid=session['id']).count()
|
||||||
|
else:
|
||||||
|
if utils.hide_scores():
|
||||||
|
fails = 0
|
||||||
|
solves = 0
|
||||||
|
else:
|
||||||
|
fails = WrongKeys.query.filter_by(teamid=teamid).count()
|
||||||
|
solves = Solves.query.filter_by(teamid=teamid).count()
|
||||||
db.session.close()
|
db.session.close()
|
||||||
json = {'fails': str(fails), 'solves': str(solves)}
|
json = {'fails': str(fails), 'solves': str(solves)}
|
||||||
return jsonify(json)
|
return jsonify(json)
|
||||||
|
|||||||
@@ -45,6 +45,44 @@ def test_viewing_challenges():
|
|||||||
destroy_ctfd(app)
|
destroy_ctfd(app)
|
||||||
|
|
||||||
|
|
||||||
|
def test_chals_solves():
|
||||||
|
'''Test that the /chals/solves endpoint works properly'''
|
||||||
|
app = create_ctfd()
|
||||||
|
with app.app_context():
|
||||||
|
# Generate 5 users
|
||||||
|
for c in range(1, 6):
|
||||||
|
name = "user{}".format(c)
|
||||||
|
email = "user{}@ctfd.io".format(c)
|
||||||
|
register_user(app, name=name, email=email, password="password")
|
||||||
|
|
||||||
|
# Generate 5 challenges
|
||||||
|
for c in range(5):
|
||||||
|
chal1 = gen_challenge(app.db, value=100)
|
||||||
|
|
||||||
|
user_ids = list(range(2, 7))
|
||||||
|
chal_ids = list(range(1, 6))
|
||||||
|
for u in user_ids:
|
||||||
|
for c in chal_ids:
|
||||||
|
gen_solve(app.db, teamid=u, chalid=c)
|
||||||
|
chal_ids.pop()
|
||||||
|
|
||||||
|
client = login_as_user(app, name="user1")
|
||||||
|
|
||||||
|
with client.session_transaction() as sess:
|
||||||
|
r = client.get('/chals/solves')
|
||||||
|
output = r.get_data(as_text=True)
|
||||||
|
saved = json.loads('''{
|
||||||
|
"1": 5,
|
||||||
|
"2": 4,
|
||||||
|
"3": 3,
|
||||||
|
"4": 2,
|
||||||
|
"5": 1
|
||||||
|
}
|
||||||
|
''')
|
||||||
|
received = json.loads(output)
|
||||||
|
assert saved == received
|
||||||
|
|
||||||
|
|
||||||
def test_submitting_correct_flag():
|
def test_submitting_correct_flag():
|
||||||
"""Test that correct flags are correct"""
|
"""Test that correct flags are correct"""
|
||||||
app = create_ctfd()
|
app = create_ctfd()
|
||||||
|
|||||||
Reference in New Issue
Block a user