mirror of
https://github.com/aljazceru/CTFd.git
synced 2025-12-17 14:04:20 +01:00
Reorder code and fix tests
This commit is contained in:
Kevin Chung
@@ -164,6 +164,27 @@ def init_request_processors(app):
|
|||||||
else:
|
else:
|
||||||
return redirect(url_for("views.setup"))
|
return redirect(url_for("views.setup"))
|
||||||
|
|
||||||
|
@app.before_request
|
||||||
|
def tracker():
|
||||||
|
if request.endpoint == "views.themes":
|
||||||
|
return
|
||||||
|
|
||||||
|
if authed():
|
||||||
|
track = Tracking.query.filter_by(ip=get_ip(), user_id=session["id"]).first()
|
||||||
|
if not track:
|
||||||
|
visit = Tracking(ip=get_ip(), user_id=session["id"])
|
||||||
|
db.session.add(visit)
|
||||||
|
else:
|
||||||
|
track.date = datetime.datetime.utcnow()
|
||||||
|
|
||||||
|
try:
|
||||||
|
db.session.commit()
|
||||||
|
except (InvalidRequestError, IntegrityError):
|
||||||
|
db.session.rollback()
|
||||||
|
logout_user()
|
||||||
|
|
||||||
|
db.session.close()
|
||||||
|
|
||||||
@app.before_request
|
@app.before_request
|
||||||
def banned():
|
def banned():
|
||||||
if request.endpoint == "views.themes":
|
if request.endpoint == "views.themes":
|
||||||
@@ -190,27 +211,6 @@ def init_request_processors(app):
|
|||||||
403,
|
403,
|
||||||
)
|
)
|
||||||
|
|
||||||
@app.before_request
|
|
||||||
def tracker():
|
|
||||||
if request.endpoint == "views.themes":
|
|
||||||
return
|
|
||||||
|
|
||||||
if authed():
|
|
||||||
track = Tracking.query.filter_by(ip=get_ip(), user_id=session["id"]).first()
|
|
||||||
if not track:
|
|
||||||
visit = Tracking(ip=get_ip(), user_id=session["id"])
|
|
||||||
db.session.add(visit)
|
|
||||||
else:
|
|
||||||
track.date = datetime.datetime.utcnow()
|
|
||||||
|
|
||||||
try:
|
|
||||||
db.session.commit()
|
|
||||||
except (InvalidRequestError, IntegrityError):
|
|
||||||
db.session.rollback()
|
|
||||||
logout_user()
|
|
||||||
|
|
||||||
db.session.close()
|
|
||||||
|
|
||||||
@app.before_request
|
@app.before_request
|
||||||
def tokens():
|
def tokens():
|
||||||
token = request.headers.get("Authorization")
|
token = request.headers.get("Authorization")
|
||||||
|
|||||||
@@ -59,28 +59,31 @@ def test_hidden_teams_visibility():
|
|||||||
register_user(app)
|
register_user(app)
|
||||||
with login_as_user(app) as client:
|
with login_as_user(app) as client:
|
||||||
user = Users.query.filter_by(id=2).first()
|
user = Users.query.filter_by(id=2).first()
|
||||||
|
user_id = user.id
|
||||||
team = gen_team(app.db, name="visible_team", hidden=True)
|
team = gen_team(app.db, name="visible_team", hidden=True)
|
||||||
|
team_id = team.id
|
||||||
|
team_name = team.name
|
||||||
team.members.append(user)
|
team.members.append(user)
|
||||||
user.team_id = team.id
|
user.team_id = team.id
|
||||||
app.db.session.commit()
|
app.db.session.commit()
|
||||||
|
|
||||||
r = client.get("/teams")
|
r = client.get("/teams")
|
||||||
response = r.get_data(as_text=True)
|
response = r.get_data(as_text=True)
|
||||||
assert team.name not in response
|
assert team_name not in response
|
||||||
|
|
||||||
r = client.get("/api/v1/teams")
|
r = client.get("/api/v1/teams")
|
||||||
response = r.get_json()
|
response = r.get_json()
|
||||||
assert team.name not in response
|
assert team_name not in response
|
||||||
|
|
||||||
gen_award(app.db, user.id, team_id=team.id)
|
gen_award(app.db, user_id, team_id=team_id)
|
||||||
|
|
||||||
r = client.get("/scoreboard")
|
r = client.get("/scoreboard")
|
||||||
response = r.get_data(as_text=True)
|
response = r.get_data(as_text=True)
|
||||||
assert team.name not in response
|
assert team_name not in response
|
||||||
|
|
||||||
r = client.get("/api/v1/scoreboard")
|
r = client.get("/api/v1/scoreboard")
|
||||||
response = r.get_json()
|
response = r.get_json()
|
||||||
assert team.name not in response
|
assert team_name not in response
|
||||||
|
|
||||||
# Team should re-appear after disabling hiding
|
# Team should re-appear after disabling hiding
|
||||||
# Use an API call to cause a cache clear
|
# Use an API call to cause a cache clear
|
||||||
@@ -90,15 +93,15 @@ def test_hidden_teams_visibility():
|
|||||||
|
|
||||||
r = client.get("/teams")
|
r = client.get("/teams")
|
||||||
response = r.get_data(as_text=True)
|
response = r.get_data(as_text=True)
|
||||||
assert team.name in response
|
assert team_name in response
|
||||||
|
|
||||||
r = client.get("/api/v1/teams")
|
r = client.get("/api/v1/teams")
|
||||||
response = r.get_data(as_text=True)
|
response = r.get_data(as_text=True)
|
||||||
assert team.name in response
|
assert team_name in response
|
||||||
|
|
||||||
r = client.get("/api/v1/scoreboard")
|
r = client.get("/api/v1/scoreboard")
|
||||||
response = r.get_data(as_text=True)
|
response = r.get_data(as_text=True)
|
||||||
assert team.name in response
|
assert team_name in response
|
||||||
destroy_ctfd(app)
|
destroy_ctfd(app)
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -48,6 +48,7 @@ def test_hidden_user_visibility():
|
|||||||
|
|
||||||
with login_as_user(app, name="hidden_user") as client:
|
with login_as_user(app, name="hidden_user") as client:
|
||||||
user = Users.query.filter_by(id=2).first()
|
user = Users.query.filter_by(id=2).first()
|
||||||
|
user_id = user.id
|
||||||
user_name = user.name
|
user_name = user.name
|
||||||
user.hidden = True
|
user.hidden = True
|
||||||
app.db.session.commit()
|
app.db.session.commit()
|
||||||
@@ -60,7 +61,7 @@ def test_hidden_user_visibility():
|
|||||||
response = r.get_json()
|
response = r.get_json()
|
||||||
assert user_name not in response
|
assert user_name not in response
|
||||||
|
|
||||||
gen_award(app.db, user.id)
|
gen_award(app.db, user_id)
|
||||||
|
|
||||||
r = client.get("/scoreboard")
|
r = client.get("/scoreboard")
|
||||||
response = r.get_data(as_text=True)
|
response = r.get_data(as_text=True)
|
||||||
|
|||||||
Reference in New Issue
Block a user