aljaz/CTFd
1
0
Fork 0
mirror of https://github.com/aljazceru/CTFd.git synced 2025-12-17 05:54:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
22c132358ef15e89b93af84326962ab1c53cb029
CTFd/tests/test_plugin_utils.py
Kevin Chung 22c132358e 2.3.0 (#1248) 
2.3.0 / 2020-02-17
==================

**General**
* During setup, admins can register their email address with the CTFd LLC newsletter for news and updates
* Fix editting hints from the admin panel
* Allow admins to insert HTML code directly into the header and footer (end of body tag) of pages. This replaces and supercedes the custom CSS feature.
    * The `views.custom_css` route has been removed.
* Admins can now customize the content of outgoing emails and inject certain variables into email content.
* The `manage.py` script can now manipulate the CTFd Configs table via the `get_config` and `set_config` commands. (e.g. `python manage.py get_config ctf_theme` and `python manage.py set_config ctf_theme core`)

**Themes**
* Themes should now reference the `theme_header` and `theme_footer` configs instead of the `views.custom_css` endpoint to allow for user customizations. See the `base.html` file of the core theme.

**Plugins**
* Make `ezq` functions available to `CTFd.js` under `CTFd.ui.ezq`

**Miscellaneous**
* Python imports sorted with `isort` and import order enforced
* Black formatter running on a majority of Python code
2020-02-17 02:17:25 -05:00

205 lines
7.3 KiB
Python
Raw Blame History

#!/usr/bin/env python
# -*- coding: utf-8 -*-
from CTFd.plugins import (
bypass_csrf_protection,
get_admin_plugin_menu_bar,
get_user_page_menu_bar,
override_template,
register_admin_plugin_menu_bar,
register_admin_plugin_script,
register_admin_plugin_stylesheet,
register_plugin_asset,
register_plugin_assets_directory,
register_plugin_script,
register_user_page_menu_bar,
)
from tests.helpers import create_ctfd, destroy_ctfd, login_as_user, setup_ctfd
def test_register_plugin_asset():
"""Test that plugin asset registration works"""
app = create_ctfd(setup=False)
register_plugin_asset(app, asset_path="/plugins/__init__.py")
app = setup_ctfd(app)
with app.app_context():
with app.test_client() as client:
r = client.get("/plugins/__init__.py")
assert len(r.get_data(as_text=True)) > 0
assert r.status_code == 200
destroy_ctfd(app)
def test_register_plugin_assets_directory():
"""Test that plugin asset directory registration works"""
app = create_ctfd(setup=False)
register_plugin_assets_directory(app, base_path="/plugins/")
app = setup_ctfd(app)
with app.app_context():
with app.test_client() as client:
r = client.get("/plugins/__init__.py")
assert len(r.get_data(as_text=True)) > 0
assert r.status_code == 200
r = client.get("/plugins/challenges/__init__.py")
assert len(r.get_data(as_text=True)) > 0
assert r.status_code == 200
destroy_ctfd(app)
def test_override_template():
"""Does override_template work properly for regular themes when used from a plugin"""
app = create_ctfd()
with app.app_context():
override_template("login.html", "LOGIN OVERRIDE")
with app.test_client() as client:
r = client.get("/login")
assert r.status_code == 200
output = r.get_data(as_text=True)
assert "LOGIN OVERRIDE" in output
destroy_ctfd(app)
def test_admin_override_template():
"""Does override_template work properly for the admin panel when used from a plugin"""
app = create_ctfd()
with app.app_context():
override_template("admin/users/user.html", "ADMIN USER OVERRIDE")
client = login_as_user(app, name="admin", password="password")
r = client.get("/admin/users/1")
assert r.status_code == 200
output = r.get_data(as_text=True)
assert "ADMIN USER OVERRIDE" in output
destroy_ctfd(app)
def test_register_plugin_script():
"""Test that register_plugin_script adds script paths to the core theme when used from a plugin"""
app = create_ctfd()
with app.app_context():
register_plugin_script("/fake/script/path.js")
register_plugin_script("http://ctfd.io/fake/script/path.js")
with app.test_client() as client:
r = client.get("/")
output = r.get_data(as_text=True)
assert "/fake/script/path.js" in output
assert "http://ctfd.io/fake/script/path.js" in output
destroy_ctfd(app)
def test_register_plugin_stylesheet():
"""Test that register_plugin_stylesheet adds stylesheet paths to the core theme when used from a plugin"""
app = create_ctfd()
with app.app_context():
register_plugin_script("/fake/stylesheet/path.css")
register_plugin_script("http://ctfd.io/fake/stylesheet/path.css")
with app.test_client() as client:
r = client.get("/")
output = r.get_data(as_text=True)
assert "/fake/stylesheet/path.css" in output
assert "http://ctfd.io/fake/stylesheet/path.css" in output
destroy_ctfd(app)
def test_register_admin_plugin_script():
"""Test that register_admin_plugin_script adds script paths to the admin theme when used from a plugin"""
app = create_ctfd()
with app.app_context():
register_admin_plugin_script("/fake/script/path.js")
register_admin_plugin_script("http://ctfd.io/fake/script/path.js")
with login_as_user(app, name="admin") as client:
r = client.get("/admin/statistics")
output = r.get_data(as_text=True)
assert "/fake/script/path.js" in output
assert "http://ctfd.io/fake/script/path.js" in output
destroy_ctfd(app)
def test_register_admin_plugin_stylesheet():
"""Test that register_admin_plugin_stylesheet adds stylesheet paths to the admin theme when used from a plugin"""
app = create_ctfd()
with app.app_context():
register_admin_plugin_stylesheet("/fake/stylesheet/path.css")
register_admin_plugin_stylesheet("http://ctfd.io/fake/stylesheet/path.css")
with login_as_user(app, name="admin") as client:
r = client.get("/admin/statistics")
output = r.get_data(as_text=True)
assert "/fake/stylesheet/path.css" in output
assert "http://ctfd.io/fake/stylesheet/path.css" in output
destroy_ctfd(app)
def test_register_admin_plugin_menu_bar():
"""
Test that register_admin_plugin_menu_bar() properly inserts into HTML and get_admin_plugin_menu_bar()
returns the proper list.
"""
app = create_ctfd()
with app.app_context():
register_admin_plugin_menu_bar(
title="test_admin_plugin_name", route="/test_plugin"
)
client = login_as_user(app, name="admin", password="password")
r = client.get("/admin/statistics")
output = r.get_data(as_text=True)
assert "/test_plugin" in output
assert "test_admin_plugin_name" in output
menu_item = get_admin_plugin_menu_bar()[0]
assert menu_item.title == "test_admin_plugin_name"
assert menu_item.route == "/test_plugin"
destroy_ctfd(app)
def test_register_user_page_menu_bar():
"""
Test that the register_user_page_menu_bar() properly inserts into HTML and get_user_page_menu_bar() returns the
proper list.
"""
app = create_ctfd()
with app.app_context():
register_user_page_menu_bar(
title="test_user_menu_link", route="/test_user_href"
)
with app.test_client() as client:
r = client.get("/")
output = r.get_data(as_text=True)
assert "/test_user_href" in output
assert "test_user_menu_link" in output
menu_item = get_user_page_menu_bar()[0]
assert menu_item.title == "test_user_menu_link"
assert menu_item.route == "/test_user_href"
destroy_ctfd(app)
def test_bypass_csrf_protection():
"""
Test that the bypass_csrf_protection decorator functions properly
"""
app = create_ctfd()
with app.app_context():
with app.test_client() as client:
r = client.post("/login")
output = r.get_data(as_text=True)
assert r.status_code == 403
def bypass_csrf_protection_test_route():
return "Success", 200
# Hijack an existing route to avoid any kind of hacks to create a test route
app.view_functions["auth.login"] = bypass_csrf_protection(
bypass_csrf_protection_test_route
)
with app.test_client() as client:
r = client.post("/login")
output = r.get_data(as_text=True)
assert r.status_code == 200
assert output == "Success"
destroy_ctfd(app)
Reference in New Issue View Git Blame Copy Permalink