aljaz/CTFd
1
0
Fork 0
mirror of https://github.com/aljazceru/CTFd.git synced 2026-01-31 20:04:28 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,071 Commits 18 Branches 43 Tags
406c8c076c692dbe41de969257d5cc02bcc86e77
Commit Graph

1071 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jordan Bertasso
406c8c076c Fix typo under Admin Config > Accounts > Team Disbanding (#1973) 
Changed `capatins` to `captains`
 2021-08-08 01:03:48 -04:00
Kevin Chung
94c4441aae Set THEME_FALLBACK to default to true (#1971) 
* CTFd now has the `THEME_FALLBACK` option enabled by default. This allows users to provide incomplete themes. Missing theme files will be provided from the built-in core theme
* Closes #1967
 2021-08-05 01:04:05 -04:00
Kevin Chung
e4e511fa6f Simplify view.html in provided challenge types to support core-beta (#1969) 
* Simplify view.html in the provided challenge plugins to better support the eventual core-beta theme
 2021-08-03 12:06:59 -04:00
Kevin Chung
630fbe4dab Add 3.4.0 CHANGELOG as unreleased (#1970) 2021-08-02 15:08:50 -04:00
Kevin Chung
c77a1c2d1f Add connection_info to Challenges model (#1965) 
* Closes #1964 
* Adds connection_info to Challenges
 2021-07-30 13:13:16 -04:00
Kevin Chung
27d862ab29 Challenge Topics (#1966) 
* Closes #1897 
* Adds Topics to Challenges where Topics are admin-only visible tags about challenges
* Adds `/api/v1/topics` and `/api/v1/challenges/[challenge_id]/topics` to API 
* Challenge comments have been moved into a modal
 2021-07-30 00:03:16 -04:00
Kevin Chung
22a0c0b007 Add a decorator for redirecting users if their profile isn't complete (#1933) 
* Redirect users and teams whose profiles are incomplete to complete their profile
* Closes #1926
 2021-07-29 02:11:54 -04:00
Kevin Chung
0dbe008011 Small fixes from making CSV examples (#1963) 
* Closes #1958
 2021-07-27 17:03:27 -04:00
Kevin Chung
0ba70aa92d Improved CSV exports (#1960) 
* Closes #1940
* Create Scoreboard CSV export with support for custom fields
* Create Users CSV export with support for custom fields
* Create Teams CSV export with support for custom fields
 2021-07-26 02:20:54 -04:00
Kevin Chung
995ef0a6e2 Bump pybluemonday to 0.0.7 (#1959) 
* Bump pybluemonday to 0.0.7
 2021-07-24 20:17:16 -04:00
Kevin Chung
fd2846a93d Add update scoreboard and challenge board functions to window global (#1957) 
* Closes #1841
* Adds update scoreboard and challenge board functions to window global
* This is a stop gap measure before we start using CTFd.js more heavily
 2021-07-23 15:33:38 -04:00
Kevin Chung
bff71c6169 Make user mode easier to change without having to reset accounts (#1956) 
* Closes #1889 
* Makes user mode easier to change without having to reset accounts. Submissions are still required to be deleted.
 2021-07-23 15:07:00 -04:00
Kevin Chung
4e15eeea57 Fix simple css issue (#1955) 2021-07-23 11:44:02 -04:00
Kevin Chung
00bef80475 Rework requirements UI and officially support anonymized challenges (#1954) 
* Rework Requirements UI to make it easier to bulk set requirements
* Officially support anonymized challenges
* Closes #1825
 2021-07-22 01:17:06 -04:00
Kevin Chung
f8f32042f8 WIP: Add registration password (#1946) 
* Closes #1895 
* Add a registration password to account creation (ignoring SSO or API based account creation)
 2021-07-18 05:21:14 -04:00
Allen Guan
fabdb291e2 fix #1949 not add time to all place (#1951) 2021-07-18 04:14:09 -04:00
Kevin Chung
13e36f8947 Only allow team members to be promoted to captain (#1943) 
* Only allow team members to be promoted to captain
 2021-07-17 17:00:47 -04:00
Allen Guan
551efe2417 Add time to export filename (#1949) 
* Add time to export filename
 2021-07-17 16:12:47 -04:00
Kevin Chung
327d280702 Add text to make it clearer what each user mode is (#1950) 
* Closes #1935 
* Add text to make it clearer what each user mode is during setup
 2021-07-17 15:44:23 -04:00
Kevin Chung
1447d14b6b Mark 3.3.1 (#1948) 
# 3.3.1 / 2021-07-15

**Security**

- Fixes an issue where users could join teams without knowing the team password or having a team invite
 2021-07-15 13:46:21 -04:00
Kevin Chung
58dfe15fe6 Validate that a user can't patch their team id (#1947) 
* Prevent users from PATCH'ing their team id
 2021-07-15 12:11:30 -04:00
Kevin Chung
dbc0a7569f Hide token type in user settings (#1945) 
* Works on #1891 
* Hides token type from user settings because it's currently unused
 2021-07-12 01:15:01 -04:00
Kevin Bayer
38b977368c Send title of Page to view (#1944) 
* Add ability to use page title from template
 2021-07-11 23:41:25 -04:00
Kevin Chung
671c62cdef Create SECURITY.md (#1942) 
Closes #1941
 2021-07-09 13:05:11 -04:00
Kevin Chung
989529e072 Fix issue where admins can't load a user's admin panel page when in teams mode (#1934) 
* Closes #1932
 2021-07-02 01:10:41 -04:00
Kevin Chung
8c564681bb Add a fix for receiving non-string Config values (#1931) 
* Properly receive non-string config values (None, bool, integers, etc) in /api/v1/config
* Closes #1928 
* Fix the response schema for `PATCH /api/v1/configs/<config_key>` in error situations

Overall we weren't particularly strict before and we should try to stay a little lax so we don't break anything.
 2021-07-01 22:00:57 -04:00
Kevin Chung
61507bb12a Add CSV importing feature (#1922) 
* Closes #1888 
* Adds code to import CSVs for challenges, users, and teams
 2021-06-26 18:04:14 -04:00
Kevin Chung
31e8261bad Add a way to access the challenge plugin class from the Challenges model (#1925) 
* Add a way to access the challenge plugin class from the Challenges model
   * Allows templates to access the plugin class more easily
   * Allows plugins to access the plugin class without having to load the class explicitly
* Closes #1879
 2021-06-26 15:03:18 -04:00
Kevin Chung
ff6e093fa6 Clean up label for num_teams (#1923) 2021-06-26 00:24:05 -04:00
Ife Lawal
08ff0f2ed6 Show length error when Configs provided are too long (#1920) 
* Show an error when a config is too long
 2021-06-26 00:04:36 -04:00
Chris Frohoff
dd05f57b6a Limit total number of teams (#1867) 
* Adds support for a total teams limit
 2021-06-25 23:00:40 -04:00
Kevin Chung
df27d0e7a9 Flip value and initial for dynamic challenges to better support ctfcli (#1921) 
* Makes the initial value for a dynamic challenge provided by the `initial` argument instead of the `value` argument. This makes it easier to support ctfcli. Refer to https://github.com/CTFd/ctfcli/issues/13. 
* Closes #1875
 2021-06-18 19:13:55 -04:00
Kevin Chung
614f086540 Allow Page editor to write HTML directly (#1915) 
* Works on #1493 
* Adds a new column for Pages to specify format
* Separate out `build_html` into `build_html` and `build_markdown`
* Add config variables into pages: `ctf_name`, `ctf_description`, `ctf_start`, `ctf_end`, `ctf_freeze`
  * The time variables are represented as ISO8601 timestamps
 2021-06-17 10:33:01 -04:00
Kevin Chung
b875738b13 Show the team's score & place when viewing a team member (#1918) 
* Closes #1881 
* Show the team's score & place when viewing a team member
 2021-06-17 01:36:55 -04:00
Kevin Chung
1063521394 Bump all the JS dependencies from dependabot (#1919) 
* Bump ssri from 6.0.1 to 6.0.2 (#1870)

Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/npm/ssri/releases)
- [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md)
- [Commits](https://github.com/npm/ssri/compare/v6.0.1...v6.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kevin Chung <kchung@ctfd.io>

* Bump lodash from 4.17.20 to 4.17.21 (#1884)

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.20...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump hosted-git-info from 2.8.8 to 2.8.9 (#1885)

Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump codemirror from 5.42.2 to 5.58.2 (#1886)

Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.42.2 to 5.58.2.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.42.2...5.58.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump browserslist from 4.14.3 to 4.16.6 (#1894)

Bumps [browserslist](https://github.com/browserslist/browserslist) from 4.14.3 to 4.16.6.
- [Release notes](https://github.com/browserslist/browserslist/releases)
- [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md)
- [Commits](https://github.com/browserslist/browserslist/compare/4.14.3...4.16.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump postcss from 7.0.34 to 7.0.36 (#1917)

Bumps [postcss](https://github.com/postcss/postcss) from 7.0.34 to 7.0.36.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/7.0.34...7.0.36)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Run yarn build

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-17 00:48:00 -04:00
Connor Nelson
1dafc62fda Sort challenges by id (#1914) 
* Sort challenges by ID as well as value in `/api/v1/challenges` to better standardize API output
 2021-06-16 11:54:31 -04:00
Kevin Chung
241f5e49fa Show a team member's individual score in the admin panel (#1912) 
* Show a team member's individual score in the admin panel
 2021-06-15 15:21:46 -04:00
Kevin Chung
021e151946 Switch python-geoacumen to python-geoacumen-city (#1911) 
* Closes #1872 
* IP Addresses in the Admin Panel will now show the city of the IP address as well as the country
 2021-06-11 17:30:27 -04:00
dependabot[bot]
ef6a5f8d64 Bump pydantic from 1.5.1 to 1.6.2 (#1890) 
* Bump pydantic from 1.5.1 to 1.6.2

Bumps [pydantic](https://github.com/samuelcolvin/pydantic) from 1.5.1 to 1.6.2.
- [Release notes](https://github.com/samuelcolvin/pydantic/releases)
- [Changelog](https://github.com/samuelcolvin/pydantic/blob/master/HISTORY.md)
- [Commits](https://github.com/samuelcolvin/pydantic/compare/v1.5.1...v1.6.2)

Signed-off-by: dependabot[bot] <support@github.com>

* Update requirements.txt

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kevin Chung <kchung@ctfd.io>
Co-authored-by: Kevin Chung <kchung@nyu.edu>
 2021-06-11 15:37:10 -04:00
Kevin Chung
2f3409d887 Add fix for MLC configs in config.ini (#1909) 2021-06-11 14:57:19 -04:00
Kevin Chung
3cb67a97ec Bump pybluemonday version to 0.0.6 and allow HTML comments in sanitized output (#1908) 
* Bump pybluemonday version to 0.0.6 
* Allow HTML comments in sanitized output
* Closes #1906
 2021-06-11 10:21:03 -04:00
Ife Lawal
c31916057f Confirmed REST API does delete directories in s3 bucket. The local filesystem didn't though and that was updated. Closes #1758 (#1876) 
- Deleting uploads under the Filesystem upload provider will now delete the parent folder as well as the target file
- Closes #1758
 2021-06-06 23:21:38 -04:00
Kevin Chung
1195454258 Handle edge case where users have a null password (#1902) 
* Handle an edge case where users try to login but were logged in through an authentication provider
 2021-06-01 12:46:54 -04:00
Kevin Chung
20460c861d Widen the challenge creation form to make it easier to show longer challenge types (#1901) 2021-06-01 08:58:23 -04:00
Kevin Chung
bdc58ef911 Beta challenge sorting interface (#1900) 
* Add a beta way to sort challenges in the core theme through `window.BETA_sortChallenges()`
 2021-05-30 17:47:25 -04:00
Mike Merrill
8646f2384c Update geoip.py (#1896) 
Added error handling in case `IP_ADDR_LOOKUP.get(addr)` fails.
 2021-05-28 11:03:56 -04:00
Ife Lawal
f00e69d619 Ctftime test context #928 (#1866) 
Works on #928
 2021-04-26 14:31:19 -04:00
Ife Lawal
03e546e9f0 Pydantic documentation Fixes #1829 (#1871) 
- Improved the `sqlalchemy_to_pydantic` function to accept additional schema fields on top of the SQLAlchemy model fields
- Added the solves and solved_by_me fields to the Swagger documentation (Closes #1829)
 2021-04-26 14:00:04 -04:00
Kevin Chung
21af356642 Bump pybluemonday version (#1869) 
* Bump version of pybluemonday
 2021-04-20 12:54:31 -04:00
Frank
345706d762 ping database with python instead of mysql client (#1862) 
* Replaces `mysqladmin ping` with a custom script
* Closes #725
 2021-04-17 21:29:15 -04:00