mirror of
https://github.com/aljazceru/CTFd.git
synced 2025-12-17 14:04:20 +01:00
9264e96428
# 3.1.0 / 2020-09-08 **General** - Loosen team password confirmation in team settings to also accept the team captain's password to make it easier to change the team password - Adds the ability to add custom user and team fields for registration/profile settings. - Improve Notifications pubsub events system to use a subscriber per server instead of a subscriber per browser. This should improve the reliability of CTFd at higher load and make it easier to deploy the Notifications system **Admin Panel** - Add a comments functionality for admins to discuss challenges, users, teams, pages - Adds a legal section in Configs where users can add a terms of service and privacy policy - Add a Custom Fields section in Configs where admins can add/edit custom user/team fields - Move user graphs into a modal for Admin Panel **API** - Add `/api/v1/comments` to manipulate and create comments **Themes** - Make scoreboard caching only cache the score table instead of the entire page. This is done by caching the specific template section. Refer to #1586, specifically the changes in `scoreboard.html`. - Add rel=noopener to external links to prevent tab napping attacks - Change the registration page to reference links to Terms of Service and Privacy Policy if specified in configuration **Miscellaneous** - Make team settings modal larger in the core theme - Update tests in Github Actions to properly test under MySQL and Postgres - Make gevent default in serve.py and add a `--disable-gevent` switch in serve.py - Add `tenacity` library for retrying logic - Add `pytest-sugar` for slightly prettier pytest output - Add a `listen()` method to `CTFd.utils.events.EventManager` and `CTFd.utils.events.RedisEventManager`. - This method should implement subscription for a CTFd worker to whatever underlying notification system there is. This should be implemented with gevent or a background thread. - The `subscribe()` method (which used to implement the functionality of the new `listen()` function) now only handles passing notifications from CTFd to the browser. This should also be implemented with gevent or a background thread.
61 lines
2.1 KiB
Python
61 lines
2.1 KiB
Python
#!/usr/bin/env python
|
|
# -*- coding: utf-8 -*-
|
|
|
|
from flask_caching import make_template_fragment_key
|
|
|
|
from CTFd.cache import clear_standings
|
|
from tests.helpers import (
|
|
create_ctfd,
|
|
destroy_ctfd,
|
|
gen_challenge,
|
|
gen_flag,
|
|
gen_solve,
|
|
login_as_user,
|
|
register_user,
|
|
)
|
|
|
|
|
|
def test_scoreboard_is_cached():
|
|
"""Test that /api/v1/scoreboard is properly cached and cleared"""
|
|
app = create_ctfd()
|
|
with app.app_context():
|
|
# create user1
|
|
register_user(app, name="user1", email="user1@ctfd.io")
|
|
|
|
# create challenge
|
|
chal = gen_challenge(app.db, value=100)
|
|
gen_flag(app.db, challenge_id=chal.id, content="flag")
|
|
chal_id = chal.id
|
|
|
|
# create a solve for the challenge for user1. (the id is 2 because of the admin)
|
|
gen_solve(app.db, user_id=2, challenge_id=chal_id)
|
|
|
|
with login_as_user(app, "user1") as client:
|
|
# No cached data
|
|
assert app.cache.get("view/api.scoreboard_scoreboard_list") is None
|
|
assert app.cache.get("view/api.scoreboard_scoreboard_detail") is None
|
|
|
|
# Load and check cached data
|
|
client.get("/api/v1/scoreboard")
|
|
assert app.cache.get("view/api.scoreboard_scoreboard_list")
|
|
client.get("/api/v1/scoreboard/top/10")
|
|
assert app.cache.get("view/api.scoreboard_scoreboard_detail")
|
|
|
|
# Check scoreboard page
|
|
assert (
|
|
app.cache.get(make_template_fragment_key("public_scoreboard_table"))
|
|
is None
|
|
)
|
|
client.get("/scoreboard")
|
|
assert app.cache.get(make_template_fragment_key("public_scoreboard_table"))
|
|
|
|
# Empty standings and check that the cached data is gone
|
|
clear_standings()
|
|
assert app.cache.get("view/api.scoreboard_scoreboard_list") is None
|
|
assert app.cache.get("view/api.scoreboard_scoreboard_detail") is None
|
|
assert (
|
|
app.cache.get(make_template_fragment_key("public_scoreboard_table"))
|
|
is None
|
|
)
|
|
destroy_ctfd(app)
|