aljaz/CTFd
1
0
Fork 0
mirror of https://github.com/aljazceru/CTFd.git synced 2025-12-17 05:54:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
CTFd/tests/users/test_settings.py
Kevin Chung 8de9819bd4 3.3.0 (#1833) 
# 3.3.0 / UNRELEASED

**General**

- Don't require a team for viewing challenges if Challenge visibility is set to public
- Add a `THEME_FALLBACK` config to help develop themes. See **Themes** section for details.

**API**

- Implement a faster `/api/v1/scoreboard` endpoint in Teams Mode
- Add the `solves` item to both `/api/v1/challenges` and `/api/v1/challenges/[challenge_id]` to more easily determine how many solves a challenge has
- Add the `solved_by_me` item to both `/api/v1/challenges` and `/api/v1/challenges/[challenge_id]` to more easily determine if the current account has solved the challenge
- Prevent admins from deleting themselves through `DELETE /api/v1/users/[user_id]`
- Add length checking to some sensitive fields in the Pages and Challenges schemas
- Fix issue where `PATCH /api/v1/users[user_id]` returned a list instead of a dict
- Fix exception that occured on demoting admins through `PATCH /api/v1/users[user_id]`
- Add `team_id` to `GET /api/v1/users` to determine if a user is already in a team

**Themes**

- Add a `THEME_FALLBACK` config to help develop themes.
  - `THEME_FALLBACK` will configure CTFd to try to find missing theme files in the default built-in `core` theme.
  - This makes it easier to develop themes or use incomplete themes.
- Allow for one theme to reference and inherit from another theme through approaches like `{% extends "core/page.html" %}`
- Allow for the automatic date rendering format to be overridden by specifying a `data-time-format` attribute.
- Add styling for the `<blockquote>` element.
- Fix scoreboard table identifier to switch between User/Team depending on configured user mode
- Switch to using Bootstrap's scss in `core/main.scss` to allow using Bootstrap variables
- Consolidate Jinja error handlers into a single function and better handle issues where error templates can't be found

**Plugins**

- Set plugin migration version after successful migrations
- Fix issue where Page URLs injected into the navbar were relative instead of absolute

**Admin Panel**

- Add User standings as well as Teams standings to the admin scoreboard when in Teams Mode
- Add a UI for adding members to a team from the team's admin page
- Add ability for admins to disable public team creation
- Link directly to users who submitted something in the submissions page if the CTF is in Teams Mode
- Fix Challenge Requirements interface in Admin Panel to not allow empty/null requirements to be added
- Fixed an issue where config times (start, end, freeze times) could not be removed
- Fix an exception that occurred when demoting an Admin user
- Adds a temporary hack for re-enabling Javascript snippets in Flag editor templates. (See #1779)

**Deployment**

- Install `python3-dev` instead of `python-dev` in apt
- Bump lxml to 4.6.2
- Bump pip-compile to 5.4.0

**Miscellaneous**

- Cache Docker builds more by copying and installing Python dependencies before copying CTFd
- Change the default emails slightly and rework confirmation email page to make some recommendations clearer
- Use `examplectf.com` as testing/development domain instead of `ctfd.io`
- Fixes issue where user's name and email would not appear in logs properly
- Add more linting by also linting with `flake8-comprehensions` and `flake8-bugbear`
2021-03-18 18:08:46 -04:00

102 lines
3.2 KiB
Python
Raw Permalink Blame History

#!/usr/bin/env python
# -*- coding: utf-8 -*-
from CTFd.models import Users
from CTFd.utils.crypto import verify_password
from tests.helpers import create_ctfd, destroy_ctfd, login_as_user, register_user
def test_user_set_profile():
"""Test that a user can set and remove their information in their profile"""
app = create_ctfd()
with app.app_context():
register_user(app)
client = login_as_user(app)
data = {
"name": "user",
"email": "user@examplectf.com",
"confirm": "",
"password": "",
"affiliation": "affiliation_test",
"website": "https://examplectf.com",
"country": "US",
}
r = client.patch("/api/v1/users/me", json=data)
assert r.status_code == 200
user = Users.query.filter_by(id=2).first()
assert user.affiliation == data["affiliation"]
assert user.website == data["website"]
assert user.country == data["country"]
r = client.get("/settings")
resp = r.get_data(as_text=True)
for _k, v in data.items():
assert v in resp
data = {
"name": "user",
"email": "user@examplectf.com",
"confirm": "",
"password": "",
"affiliation": "",
"website": "",
"country": "",
}
r = client.patch("/api/v1/users/me", json=data)
assert r.status_code == 200
user = Users.query.filter_by(id=2).first()
assert user.affiliation == data["affiliation"]
assert user.website == data["website"]
assert user.country == data["country"]
destroy_ctfd(app)
def test_user_can_change_password():
"""Test that a user can change their password and is prompted properly"""
app = create_ctfd()
with app.app_context():
register_user(app)
client = login_as_user(app)
data = {
"name": "user",
"email": "user@examplectf.com",
"confirm": "",
"password": "new_password",
"affiliation": "",
"website": "",
"country": "",
}
r = client.patch("/api/v1/users/me", json=data)
user = Users.query.filter_by(id=2).first()
assert verify_password(data["password"], user.password) is False
assert r.status_code == 400
assert r.get_json() == {
"errors": {"confirm": ["Please confirm your current password"]},
"success": False,
}
data["confirm"] = "wrong_password"
r = client.patch("/api/v1/users/me", json=data)
user = Users.query.filter_by(id=2).first()
assert verify_password(data["password"], user.password) is False
assert r.status_code == 400
assert r.get_json() == {
"errors": {"confirm": ["Your previous password is incorrect"]},
"success": False,
}
data["confirm"] = "password"
r = client.patch("/api/v1/users/me", json=data)
assert r.status_code == 200
user = Users.query.filter_by(id=2).first()
assert verify_password(data["password"], user.password) is True
destroy_ctfd(app)
Reference in New Issue View Git Blame Copy Permalink