42CTF/website
42CTF
/
website
13
5
Fork 10
Code Issues 10 Pull Requests 1 Projects 9 Releases Wiki Activity

Compare commits

base: 42CTF:main
Branches Tags
42CTF:main
42CTF:ctf-ordered-by-points
42CTF:translation
42CTF:resources
42CTF:news-content
42CTF:bot-api
42CTF:challenges-description
42CTF:home-refacto
ix:main
ix:ctf-ordered-by-points
ix:translation
ix:members
ix:resources
ix:news-content
ix:bot-api
ix:challenges-description
ix:home-refacto
ix:dynamic-scoring
..
compare: ix:main
Branches Tags
ix:main
ix:ctf-ordered-by-points
ix:translation
ix:members
ix:resources
ix:news-content
ix:bot-api
ix:challenges-description
ix:home-refacto
ix:dynamic-scoring
42CTF:main
42CTF:ctf-ordered-by-points
42CTF:translation
42CTF:resources
42CTF:news-content
42CTF:bot-api
42CTF:challenges-description
42CTF:home-refacto

No commits in common. "main" and "main" have entirely different histories.
main ... main

24 changed files with 90 additions and 556 deletions
Show Stats Expand all files Collapse all files

2
src/accounts/admin.py
View File

@ -10,7 +10,7 @@ class userprofile(admin.ModelAdmin):
#list display
list_display = ['user', 'score', 'last_submission_date', 'campus']
# search list
search_fields = ['score', 'user__username', 'campus__name']
search_fields = ['score', 'user__username', 'campus']
@admin.register(Campus)
class campus(admin.ModelAdmin):

24
src/accounts/management/commands/prune_users.py
View File

@ -1,24 +0,0 @@
from collections import defaultdict
from django.core.management.base import BaseCommand, CommandError
from accounts import models as acc_models
from django.contrib.auth import models as auth_models
from django.contrib.auth.models import timezone
from datetime import timedelta
class Command(BaseCommand):
help = 'Remove all users who never logged in'
def handle(self, *args, **options):
all_users = acc_models.UserProfileInfo.objects.filter(score=0).select_related()
to_remove = []
for elem in all_users:
user = elem.user
if user.last_login is None and user.date_joined < timezone.now() - timedelta(hours=72):
to_remove.append(user)
print("You are going to remove {} users.".format(len(to_remove)))
answer = input("Continue ? [y/N] ")
if answer.lower() in ["y","yes"]:
for elem in to_remove:
elem.delete()
print("Users have been successfully pruned.")

7
src/accounts/templates/accounts/edit.html
View File

@ -92,13 +92,6 @@
{% endif %}
<li class="list-group-item">{% trans "Registered since" %} {{ user.date_joined|date:"Y-m-d" }}</li>
</ul>
<ul class="list-group">
<form method='GET' action="{% url 'accounts:profile' user %}">
<li class="list-group-item">
<input class="form-control" type="submit" value="{% trans " View my profile" %}">
</li>
</form>
</ul>
<ul class="list-group">
<form method='GET' action="{% url 'accounts:delete_account' %}">
{%csrf_token%}

1
src/accounts/views/connection.py
View File

@ -87,6 +87,7 @@ def connect_discord(request):
@login_required
def authorize_discord(request):
if request.user.userprofileinfo.discord_id:
print("Already")
return bad_request(request, "Already connected")
try:
token = oauth.discord.authorize_access_token(request)

4
src/api/urls.py
View File

@ -2,8 +2,6 @@ from django.urls import path
from . import views
urlpatterns = [
path('bot/discord', views.bot_discord_rank, name='bot_discord_rank'), # legacy, to remove when new bot is deployed
path('bot/discord/rank', views.bot_discord_rank, name='bot_discord_rank'), # use this
path('bot/discord/campus', views.bot_discord_campus, name='bot_discord_campus'),
path('bot/discord', views.discord_bot, name='discord_bot'),
path('events/<str:event_slug>', views.events_data, name='events_data'),
]

22
src/api/views.py
View File

@ -7,7 +7,8 @@ from django.shortcuts import get_object_or_404
# Create your views here.
def bot_discord_rank(request):
def discord_bot(request):
if request.method != 'GET':
return JsonResponse({'error':'bad request'})
@ -27,24 +28,6 @@ def bot_discord_rank(request):
return JsonResponse(data)
def bot_discord_campus(request):
if request.method != 'GET':
return JsonResponse({'error':'bad request'})
token = request.GET.get('token')
auth_token = os.getenv('BOT_TOKEN')
if (token != auth_token or not auth_token):
return JsonResponse({'error':'not authorized'})
all_users = UserProfileInfo.objects.select_related().order_by('-score', 'last_submission_date', 'user__username')
data = {}
for user in all_users:
if user.campus and user.discord_id:
data[user.discord_id] = user.campus.name
return JsonResponse(data)
def events_data(request, event_slug):
if request.method != 'GET':
return JsonResponse({'error':'bad request'})
@ -70,3 +53,4 @@ def events_data(request, event_slug):
return JsonResponse(data)

55
src/ctfs/admin.py
View File

@ -2,6 +2,8 @@ from django.contrib import admin
from .models import Category, CTF, CTF_flags
admin.site.register(Category)
#admin.site.register(CTF)
#admin.site.register(CTF_flags)
@admin.register(CTF_flags)
class ctf_flags(admin.ModelAdmin):
@ -12,61 +14,12 @@ class ctf_flags(admin.ModelAdmin):
# search list
search_fields = ['ctf__category__name', 'ctf__name', 'user__username']
def get_queryset(self, request):
qs = super().get_queryset(request)
if request.user.is_superuser:
return qs
groups = list(request.user.groups.values_list('name', flat=True))
return qs.filter(event__name__in=groups)
def has_view_permission(self, request, obj=None):
if request.user.is_superuser:
return True
if obj is not None:
return request.user.groups.filter(name=obj.event.name).exists()
return super().has_view_permission(request, obj)
def has_change_permission(self, request, obj=None):
if request.user.is_superuser:
return True
if obj is not None:
return request.user.groups.filter(name=obj.event.name).exists()
return super().has_change_permission(request, obj)
def has_delete_permission(self, request, obj=None):
if request.user.is_superuser:
return True
if obj is not None:
return request.user.groups.filter(name=obj.event.name).exists()
return super().has_delete_permission(request, obj)
@admin.register(CTF)
class ctf(admin.ModelAdmin):
#list display
list_display = ['name', 'event', 'category', 'points']
list_display = ['name', 'event', 'category']
#list Filter
list_filter = ('category', 'event')
# search list
search_fields = ['category__name', 'name', 'author__username']
def get_queryset(self, request):
qs = super().get_queryset(request)
if request.user.is_superuser:
return qs
groups = list(request.user.groups.values_list('name', flat=True))
return qs.filter(event__name__in=groups)
def has_view_permission(self, request, obj=None):
if request.user.is_superuser:
return True
if obj is not None:
return request.user.groups.filter(name=obj.event.name).exists()
return super().has_view_permission(request, obj)
def has_change_permission(self, request, obj=None):
if request.user.is_superuser:
return True
if obj is not None:
return request.user.groups.filter(name=obj.event.name).exists()
return super().has_change_permission(request, obj)
# Register your models here.

18
src/ctfs/migrations/0009_ctf_flags_bonus.py
View File

@ -1,18 +0,0 @@
# Generated by Django 3.2.11 on 2023-09-17 17:57
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('ctfs', '0008_auto_20220215_1713'),
]
operations = [
migrations.AddField(
model_name='ctf_flags',
name='bonus',
field=models.PositiveSmallIntegerField(default=0),
),
]

1
src/ctfs/models.py
View File

@ -45,7 +45,6 @@ class CTF_flags(models.Model):
user = models.ForeignKey(User, unique=False, on_delete=models.CASCADE)
ctf = models.ForeignKey(CTF, unique=False, on_delete=models.CASCADE)
flag_date = models.DateTimeField('Flag date')
bonus = models.PositiveSmallIntegerField(default=0)
class Meta:
ordering = ['-flag_date']

84
src/events/admin.py
View File

@ -1,5 +1,5 @@
from django.contrib import admin
from .models import Event, EventPlayer, Team, Bonus
from .models import Event, EventPlayer, Team
@admin.register(Event)
class event(admin.ModelAdmin):
@ -8,27 +8,6 @@ class event(admin.ModelAdmin):
# search list
search_fields = ['name', 'slug', 'description', 'password']
def get_queryset(self, request):
qs = super().get_queryset(request)
if request.user.is_superuser:
return qs
groups = list(request.user.groups.values_list('name', flat=True))
return qs.filter(name__in=groups)
def has_view_permission(self, request, obj=None):
if request.user.is_superuser:
return True
if obj is not None:
return request.user.groups.filter(name=obj.name).exists()
return super().has_view_permission(request, obj)
def has_change_permission(self, request, obj=None):
if request.user.is_superuser:
return True
if obj is not None:
return request.user.groups.filter(name=obj.name).exists()
return super().has_change_permission(request, obj)
@admin.register(EventPlayer)
class score(admin.ModelAdmin):
#list display
@ -38,33 +17,7 @@ class score(admin.ModelAdmin):
# search list
search_fields = ['user__username', 'score', 'event__name']
def get_queryset(self, request):
qs = super().get_queryset(request)
if request.user.is_superuser:
return qs
groups = list(request.user.groups.values_list('name', flat=True))
return qs.filter(event__name__in=groups)
def has_view_permission(self, request, obj=None):
if request.user.is_superuser:
return True
if obj is not None:
return request.user.groups.filter(name=obj.event.name).exists()
return super().has_view_permission(request, obj)
def has_change_permission(self, request, obj=None):
if request.user.is_superuser:
return True
if obj is not None:
return request.user.groups.filter(name=obj.event.name).exists()
return super().has_change_permission(request, obj)
def has_delete_permission(self, request, obj=None):
if request.user.is_superuser:
return True
if obj is not None:
return request.user.groups.filter(name=obj.event.name).exists()
return super().has_delete_permission(request, obj)
# Register your models here.
@admin.register(Team)
class team(admin.ModelAdmin):
@ -74,36 +27,3 @@ class team(admin.ModelAdmin):
list_filter = ('event',)
# search list
search_fields = ['name']
def get_queryset(self, request):
qs = super().get_queryset(request)
if request.user.is_superuser:
return qs
groups = list(request.user.groups.values_list('name', flat=True))
return qs.filter(event__name__in=groups)
def has_view_permission(self, request, obj=None):
if request.user.is_superuser:
return True
if obj is not None:
return request.user.groups.filter(name=obj.event.name).exists()
return super().has_view_permission(request, obj)
def has_change_permission(self, request, obj=None):
if request.user.is_superuser:
return True
if obj is not None:
return request.user.groups.filter(name=obj.event.name).exists()
return super().has_change_permission(request, obj)
def has_delete_permission(self, request, obj=None):
if request.user.is_superuser:
return True
if obj is not None:
return request.user.groups.filter(name=obj.event.name).exists()
return super().has_delete_permission(request, obj)
@admin.register(Bonus)
class bonus(admin.ModelAdmin):
#list display
list_display = ['points', 'absolute']

28
src/events/migrations/0011_bonus_points.py
View File

@ -1,28 +0,0 @@
# Generated by Django 3.2.11 on 2023-09-17 17:00
import django.core.validators
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
('events', '0010_event_campus'),
]
operations = [
migrations.CreateModel(
name='Bonus',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('absolute', models.BooleanField(default=True)),
('points', models.CharField(max_length=100, validators=[django.core.validators.int_list_validator])),
],
),
migrations.AddField(
model_name='event',
name='bonus',
field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, to='events.bonus'),
),
]

24
src/events/migrations/0012_auto_20230917_2038.py
View File

@ -1,24 +0,0 @@
# Generated by Django 3.2.11 on 2023-09-17 18:38
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
('events', '0011_bonus_points'),
]
operations = [
migrations.AlterField(
model_name='event',
name='bonus',
field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, to='events.bonus'),
),
migrations.AlterField(
model_name='eventplayer',
name='team',
field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, to='events.team'),
),
]

12
src/events/models.py
View File

@ -1,17 +1,10 @@
from django.db import models
from django.contrib.auth.models import User
from django.contrib.auth.models import timezone
from django.core.validators import int_list_validator
import uuid
from accounts.models import Campus
# Create your models here.
class Bonus(models.Model):
absolute = models.BooleanField(default=True)
points = models.CharField(validators=[int_list_validator], max_length=100)
def __str__(self):
return self.points
class Event(models.Model):
id = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)
name = models.CharField(max_length=200)
@ -26,7 +19,6 @@ class Event(models.Model):
auto_match = models.BooleanField(default=False)
dynamic = models.BooleanField(default=False)
campus = models.ManyToManyField(Campus, blank=True)
bonus = models.ForeignKey(Bonus, null=True, on_delete=models.SET_NULL, blank=True)
def __str__(self):
return self.name
@ -45,6 +37,8 @@ class EventPlayer(models.Model):
event = models.ForeignKey(Event, on_delete=models.CASCADE)
score = models.PositiveIntegerField(default=0, db_index=True)
last_submission_date = models.DateTimeField('Last Submission Date', default=timezone.now)
team = models.ForeignKey(Team, on_delete=models.CASCADE, null=True, blank=True)
team = models.ForeignKey(Team, on_delete=models.CASCADE, null=True)
class Meta:
ordering = ['-score', 'last_submission_date', 'user__username']

3
src/events/templates/events/create_team.html
View File

@ -16,9 +16,6 @@
{% if registered == False %}
<span class="message error-msg">{% trans "You need to be registered to the event." %}</span>
{% else %}
{% if invalid == True %}
<span class="message error-msg">{% trans "Invalid characters in name" %}</span>
{% endif %}
{% if exist == True %}
<span class="message error-msg">{% trans "Name already taken." %}</span>
{% endif %}

6
src/events/templates/events/ctf_info.html
View File

@ -22,9 +22,6 @@
{% if request.user.is_authenticated %}
{% if congrat == True %}
<p>{% trans "Congratulation !" %}</p>
{% if bonus|add:"0" > 0 %}
<p>{% trans "Bonus points awarded" %} : {{ bonus }}</p>
{% endif %}
{% elif alreadyflag == True %}
<p>{% trans "Already flagged" %}</p>
{% elif eventisover == True %}
@ -99,9 +96,6 @@
<ul class="list-group">
<li class="list-group-item">{% trans "Author" %} : <a style="position:absolute;right: 15px;" class="profile_link {{is_member}}" href="{% url 'accounts:profile' user_name=ctf.author.username %}">{{ ctf.author.username }}</a></li>
<li class="list-group-item">{% trans "Point reward" %} : <span style="position:absolute;right: 15px;">{{ ctf.points }}</span></li>
{% if ctf.event.bonus %}
<li class="list-group-item">{% trans "Speed Bonuses" %} : <span style="position:absolute;right: 15px;">{{ bonus_points }}</span></li>
{% endif %}
</ul>
</div>

2
src/events/templates/events/event_info.html
View File

@ -26,7 +26,7 @@
{% endif %}
</div>
<div class="event-footer">
{% if begun == True or is_event_manager == True %}
{% if begun == True %}
<h4>{% trans "Challenges" %}</h4>
{% if ctfs %}

168
src/events/templates/events/profile.html
View File

@ -1,168 +0,0 @@
{% extends 'base.html' %}
{% block content %}
{% load i18n %}
{% load key_value %}
{% load is_member %}
{% ismember user.userprofileinfo as is_member %}
<div class="row">
<div class="col-sm-12 col-md-9">
<a href="{% url 'events:event_info' event_slug=event.slug %}">< Back to event</a>
<div>
<h4>{% trans "Challenges Solved by" %} <span class="{{ is_member }}">{{ user.username }} - {{ event.name }}</span></h4>
{% if solves%}
<div class="table table-dark">
<div class="card-body">
<div id="time-chart"></div>
</div>
</div>
<table class="table table-dark">
<thead>
<tr>
<th scope="col">{% trans "Challenge Name" %}</th>
<th scope="col">{% trans "Category" %}</th>
<th scope="col">{% trans "Points" %}</th>
<th scope="col">{% trans "Bonus" %}</th>
<th scope="col">{% trans "Date" %}</th>
</tr>
</thead>
<tbody>
{% for s in solves %}
<tr>
<th scope="row"><a href="{% url 'events:event_chall_info' event_slug=event.slug chall_slug=s.ctf.slug %}">{{ s.ctf.name }}</a></th>
<td>{{ s.ctf.category.name}}</td>
<td>{{ s.ctf.points }}</td>
<td>{{ s.bonus }}</td>
<td>{{ s.flag_date|date:"Y-m-d H:i:s" }}</td>
</tr>
{% endfor %}
</tbody>
</table>
{% else %}
<p>{% trans "It seems that this user has not solved any challenge yet..." %}</p>
{% endif %}
</div>
</div>
<div class="d-none d-md-block col-10 col-md-3 right-sidebar">
<ul class="list-group">
<li class="list-group-item {{ is_member }}">{{ user.username }}</li>
<li class="list-group-item">{% trans "Score" %} : {{ score }}</li>
<li class="list-group-item">{% trans "Rank" %} : {{ rank }}</li>
{% if user.userprofileinfo.portfolio_site %}
<li class="list-group-item">
<a href="{{ user.userprofileinfo.portfolio_site }}" target="_blank">
{{ user.userprofileinfo.portfolio_site }}
</a>
</li>
{% endif %}
{% if member %}
<li class="list-group-item is-member">{% trans "Status: Member" %}</li>
{% else %}
<li class="list-group-item">{% trans "Status: Visitor" %}</li>
{% endif %}
<li class="list-group-item">{% trans "Registered since" %} {{ user.date_joined|date:"d-m-Y" }}</li>
</ul>
<ul class="list-group">
<li class="list-group-item">{% trans "Categories stats" %}</li>
{% for cat in catsDatas %}
<li class="list-group-item" style="padding-bottom: 3;padding-top: 0;">
<span>{{ cat.0 }}</span>
<div class="progress">
{% if cat.3 == '0' %}
<div class="progress-bar bg-success" role="progressbar" style="width: 0%;color:#d9d9d9;" aria-valuenow="0" aria-valuemin="0" aria-valuemax="100">0 %</div>
{% else %}
<div class="progress-bar bg-success" role="progressbar" style="width: {{ cat.3 }}%" aria-valuenow="{{ cat.3 }}" aria-valuemin="0" aria-valuemax="100">{{ cat.3 }} %</div>
{% endif %}
</div>
</li>
{% endfor %}
</ul>
<ul class="list-group">
<ul class="list-group">
<li class="list-group-item">{% trans "Challenges created" %}</li>
{% if created %}
{% for creat in created %}
<li class="list-group-item"><a href="{% url 'ctf' cat_slug=creat.category.slug ctf_slug=creat.slug %}">{{ creat.name }}</a></li>
{% endfor %}
{% else %}
<li class="list-group-item">{% trans "It seems that this user has not created any challenge yet..." %}</li>
{% endif %}
</ul>
</ul>
</div>
</div>
<script src="https://code.highcharts.com/highcharts.src.js"></script>
<script>
Highcharts.theme={colors:["#2b908f","#90ee7e","#f45b5b","#7798BF","#aaeeee","#ff0066","#eeaaee","#55BF3B","#DF5353","#7798BF","#aaeeee"],chart:{backgroundColor:{linearGradient:{x1:0,y1:0,x2:1,y2:1},stops:[[0,"#1D1D1D"],[1,"#1D1D1D"]]},style:{fontFamily:"'Unica One', sans-serif"},plotBorderColor:"#606063"},title:{style:{color:"#E0E0E3",textTransform:"uppercase",fontSize:"20px"}},subtitle:{style:{color:"#E0E0E3",textTransform:"uppercase"}},xAxis:{gridLineColor:"#707073",labels:{style:{color:"#E0E0E3"}},lineColor:"#707073",minorGridLineColor:"#505053",tickColor:"#707073",title:{style:{color:"#A0A0A3"}}},yAxis:{gridLineColor:"#707073",labels:{style:{color:"#E0E0E3"}},lineColor:"#707073",minorGridLineColor:"#505053",tickColor:"#707073",tickWidth:1,title:{style:{color:"#A0A0A3"}}},tooltip:{backgroundColor:"rgba(0, 0, 0, 0.85)",style:{color:"#F0F0F0"}},plotOptions:{series:{dataLabels:{color:"#F0F0F3",style:{fontSize:"13px"}},marker:{lineColor:"#333"}},boxplot:{fillColor:"#505053"},candlestick:{lineColor:"white"},errorbar:{color:"white"}},legend:{backgroundColor:"#1D1D1D",itemStyle:{color:"#E0E0E3"},itemHoverStyle:{color:"#FFF"},itemHiddenStyle:{color:"#606063"},title:{style:{color:"#C0C0C0"}}},credits:{style:{color:"#666"}},labels:{style:{color:"#707073"}},drilldown:{activeAxisLabelStyle:{color:"#F0F0F3"},activeDataLabelStyle:{color:"#F0F0F3"}},navigation:{buttonOptions:{symbolStroke:"#DDDDDD",theme:{fill:"#505053"}}},rangeSelector:{buttonTheme:{fill:"#505053",stroke:"#000000",style:{color:"#CCC"},states:{hover:{fill:"#707073",stroke:"#000000",style:{color:"white"}},select:{fill:"#000003",stroke:"#000000",style:{color:"white"}}}},inputBoxBorderColor:"#505053",inputStyle:{backgroundColor:"#333",color:"silver"},labelStyle:{color:"silver"}},navigator:{handles:{backgroundColor:"#666",borderColor:"#AAA"},outlineColor:"#CCC",maskFill:"rgba(255,255,255,0.1)",series:{color:"#7798BF",lineColor:"#A6C7ED"},xAxis:{gridLineColor:"#505053"}},scrollbar:{barBackgroundColor:"#808083",barBorderColor:"#808083",buttonArrowColor:"#CCC",buttonBackgroundColor:"#606063",buttonBorderColor:"#606063",rifleColor:"#FFF",trackBackgroundColor:"#404043",trackBorderColor:"#404043"}};
Highcharts.setOptions(Highcharts.theme);
Highcharts.chart('time-chart', {
title: {
text: 'Points earned for each category'
},
yAxis: {
title: {
text: 'Points earned'
}
},
xAxis: {
type: 'datetime',
labels: {
formatter: function() {
return Highcharts.dateFormat('%d.%b %Y',
this.value);
}
}
},
legend: {
layout: 'vertical',
align: 'right',
verticalAlign: 'middle'
},
plotOptions: {
pointStart: {{ user.date_joined|timestamp_fromdate }},
series: {
label: {
connectorAllowed: false
},
allowPointSelect: true,
marker: {
enabled: true
}
}
},
series: [
{
name: 'Total',
data: {{ solved|safe }}
},
{% for cat in cats %}
{
name: '{{ cat.name }}',
data: {{ pointDatas|keyvalue:cat.name|safe }},
visible: false,
},
{% endfor %}
],
responsive: {
rules: [{
condition: {
maxWidth: 500
},
chartOptions: {
legend: {
layout: 'horizontal',
align: 'center',
verticalAlign: 'bottom'
}
}
}]
}
});
</script>
{% endblock %}

110
src/events/views/events.py
View File

@ -41,31 +41,6 @@ def actualize_points(ctf):
player.team.score -= diff
player.team.save()
def compute_bonus_points(ctf):
if not ctf.event.bonus:
return 0
solves = CTF_flags.objects.filter(ctf=ctf)
bonuses = ctf.event.bonus.points.split(',')
if len(solves) >= len(bonuses):
return 0
else:
if ctf.event.bonus.absolute == True:
return int(bonuses[len(solves)])
else:
return int(bonuses[len(solves)]) * ctf.points // 100
def format_bonus_points(ctf):
if not ctf.event.bonus:
return None
bonuses = ctf.event.bonus.points.split(',')
if ctf.event.bonus.absolute == True:
return ''.join([b + ', ' for b in bonuses])[:-2]
return ''.join([str(ctf.points * int(b) // 100) + ', ' for b in bonuses])[:-2]
# Create your views here.
def events(request):
list_events = Event.objects.filter().order_by('-end_date', 'start_date')
@ -75,8 +50,7 @@ def chall_event_info(request, event_slug, chall_slug):
event_info = get_object_or_404(Event, slug=event_slug)
ctf_info = get_object_or_404(CTF, event__slug=event_info.slug, slug=chall_slug)
is_event_manager = request.user.groups.filter(name=event_info.name).exists() or request.user.is_superuser
if timezone.now() < ctf_info.pub_date and not is_event_manager:
if timezone.now() < ctf_info.pub_date:
return redirect('events:event_info', event_slug=event_slug)
eventisover = False
alreadyflag = False
@ -86,7 +60,6 @@ def chall_event_info(request, event_slug, chall_slug):
notsub = False
noteam = False
player = None
bonus = 0
if request.user.is_authenticated and not request.user.is_staff:
player = EventPlayer.objects.filter(event=event_info, user=request.user)
if not player:
@ -107,8 +80,6 @@ def chall_event_info(request, event_slug, chall_slug):
notsub = True
if request.GET.get('NoTeam'):
noteam = True
bonus = request.GET.get('Bonus')
bonus_points = format_bonus_points(ctf_info)
solved_challs = CTF_flags.objects.filter(ctf=ctf_info).order_by('flag_date')
solved_list = []
for s in solved_challs:
@ -118,59 +89,57 @@ def chall_event_info(request, event_slug, chall_slug):
solved_list.append([s.user, s.flag_date])
description = get_description_by_lang(ctf_info)
return render(request, 'events/ctf_info.html', { 'ctf' : ctf_info, 'event':event_info, 'solved_list': solved_list, 'description': description, 'eventisover': eventisover, 'alreadyflag': alreadyflag,
'congrat': congrat, 'wrongflag': wrongflag, 'errorform': errorform, 'notsub': notsub, 'noteam':noteam, 'bonus':bonus, 'bonus_points':bonus_points})
'congrat': congrat, 'wrongflag': wrongflag, 'errorform': errorform, 'notsub': notsub, 'noteam':noteam})
def event(request, event_slug):
event_info = get_object_or_404(Event, slug=event_slug)
IsRegistered = False
wrongpwd = False
alreadyregistered = False
subisover = False
is_event_manager = request.user.groups.filter(name=event_info.name).exists() or request.user.is_superuser
ended = (timezone.now() >= event_info.end_date)
begun = (timezone.now() >= event_info.start_date)
if is_event_manager: # we want to see all the challenges
challenges = CTF.objects.filter(event=event_info).order_by('category', 'points')
else:
challenges = CTF.objects.filter(event=event_info, pub_date__lte=timezone.now()).order_by('category', 'points')
if event_info.team_size == 1:
solved_list = EventPlayer.objects.filter(event=event_info).order_by('-score', 'last_submission_date', 'user__username')
else:
solved_list = Team.objects.filter(event=event_info).order_by('-score', 'last_submission_date', 'name')
if request.GET.get('WrongPassword'):
wrongpwd = True
if request.GET.get('AlreadyRegistered'):
alreadyregistered = True
if request.GET.get('SubscriptionIsOver'):
subisover = True
if request.user.is_authenticated:
try:
EventPlayer.objects.get(event=event_info, user=request.user)
return render(request, 'events/event_info.html', {'event' : event_info, 'IsRegistered': True, 'ctfs': challenges, 'solved_list':solved_list,
'ended': ended, 'begun': begun, 'wrongpwd': wrongpwd, 'alreadyregistered': alreadyregistered, 'subisover': subisover, 'is_event_manager':is_event_manager})
player = EventPlayer.objects.get(event=event_info, user=request.user)
except:
pass
if (event_info.campus.all() or event_info.password) and request.user.is_authenticated is False:
return render(request, 'events/event_pwd.html', {'event' : event_info, 'logged': False})
if event_info.campus.all() and is_event_manager is False:
player = None
if player:
IsRegistered = True
if event_info.campus.all():
if request.user.is_authenticated:
if request.user.is_staff is False:
user = UserProfileInfo.objects.get(user=request.user)
if user.campus is None:
return render(request, 'events/event_pwd.html', {'event' : event_info, 'logged': True, 'wrongpwd': wrongpwd, 'alreadyregistered': alreadyregistered, 'userHasCampus': False, 'campusCanJoin': True})
elif user.campus not in event_info.campus.all():
return render(request, 'events/event_pwd.html', {'event' : event_info, 'logged': True, 'wrongpwd': wrongpwd, 'alreadyregistered': alreadyregistered, 'userHasCampus': True, 'campusCanJoin': False})
if event_info.password and is_event_manager is False:
else:
return render(request, 'events/event_pwd.html', {'event' : event_info, 'logged': False, 'wrongpwd': wrongpwd, 'alreadyregistered': alreadyregistered, 'userHasCampus': True, 'campusCanJoin': True})
if event_info.password:
if request.user.is_authenticated:
if request.user.is_staff is False:
if not player:
return render(request, 'events/event_pwd.html', {'event' : event_info, 'logged': True, 'wrongpwd': wrongpwd, 'alreadyregistered': alreadyregistered, 'userHasCampus': True, 'campusCanJoin': True})
return render(request, 'events/event_info.html', {'event' : event_info, 'ctfs': challenges, 'solved_list':solved_list, 'IsRegistered': False,
'ended': ended, 'begun': begun, 'wrongpwd': wrongpwd, 'alreadyregistered': alreadyregistered, 'subisover': subisover, 'is_event_manager':is_event_manager})
else:
return render(request, 'events/event_pwd.html', {'event' : event_info, 'logged': False, 'wrongpwd': wrongpwd, 'alreadyregistered': alreadyregistered, 'userHasCampus': True, 'campusCanJoin': True})
ended = False
if timezone.now() >= event_info.end_date:
ended = True
begun = False
if timezone.now() >= event_info.start_date:
begun = True
challenges = CTF.objects.filter(event=event_info, pub_date__lte=timezone.now()).order_by('category', 'points')
if event_info.team_size == 1:
solved_list = EventPlayer.objects.filter(event=event_info).order_by('-score', 'last_submission_date', 'user__username')
else:
solved_list = Team.objects.filter(event=event_info).order_by('-score', 'last_submission_date', 'name')
return render(request, 'events/event_info.html', {'event' : event_info, 'IsRegistered': IsRegistered, 'ctfs': challenges, 'solved_list':solved_list,
'ended': ended, 'begun': begun, 'wrongpwd': wrongpwd, 'alreadyregistered': alreadyregistered, 'subisover': subisover})
@login_required
def submit_event_flag(request, event_slug, chall_slug):
@ -214,21 +183,20 @@ def submit_event_flag(request, event_slug, chall_slug):
if form.is_valid():
if ctf_info.flag == request.POST.get('flag'):
bonus = compute_bonus_points(ctf_info)
new = CTF_flags(user = request.user, ctf = ctf_info, flag_date = timezone.now(), bonus = bonus)
new = CTF_flags(user = request.user, ctf = ctf_info, flag_date = timezone.now())
new.save()
if ctf_info.points > 0:
player.last_submission_date = timezone.now()
player.score += (ctf_info.points + bonus)
player.score += ctf_info.points
player.save()
if player.team:
if ctf_info.points > 0:
player.team.last_submission_date = timezone.now()
player.team.score += (ctf_info.points + bonus)
player.team.score += ctf_info.points
player.team.save()
if ev.dynamic:
actualize_points(ctf_info)
response['Location'] += '?Congrat=1&Bonus=' + str(bonus)
response['Location'] += '?Congrat=1'
return response
else:
response['Location'] += '?WrongFlag=1'
@ -310,7 +278,7 @@ def profile(request, user_name, event_slug):
percent = (solved_count / max_count) * 100
catsDatas.append([cat.name, solved_count, max_count, '{:.0f}'.format(percent)])
for flag in solved:
somme += (flag.ctf.points + flag.bonus)
somme += flag.ctf.points
pointDatas[cat.name].append([flag.flag_date.timestamp() * 1000, somme])
solves = CTF_flags.objects.filter(user=user_obj, ctf__event=event_info).order_by('-flag_date')
@ -318,10 +286,10 @@ def profile(request, user_name, event_slug):
somme = 0
solved.append([event_info.start_date.timestamp() * 1000, 0])
for s in solves.reverse():
somme += (s.ctf.points + s.bonus)
somme += s.ctf.points
solved.append([s.flag_date.timestamp() * 1000,somme])
return render(request,'events/profile.html', {'user':user_obj, 'solves':solves,'solved':solved,'catsDatas': catsDatas, 'pointDatas': pointDatas,
'rank': rank, 'score' : player.score, 'cats':cats, 'event': event_info})
return render(request,'accounts/profile.html', {'user':user_obj, 'solves':solves,'solved':solved,'catsDatas': catsDatas, 'pointDatas': pointDatas,
'rank': rank, 'score' : somme, 'cats':cats})

24
src/events/views/teams.py
View File

@ -13,13 +13,10 @@ from random import randint
def create_team(request, event_slug):
ev = get_object_or_404(Event, slug=event_slug)
if request.method == 'POST':
teamname = request.POST.get('teamname')
if request.user.is_authenticated and ev.team_size > 1:
if any(c in set('./') for c in teamname):
return render(request, 'events/create_team.html', {'event' : ev, 'logged': True, 'wrongpwd': False, 'registered' : True, 'exist' : False, 'invalid' : True})
if Team.objects.filter(name=teamname, event=ev).exists():
if Team.objects.filter(name=request.POST.get('teamname'), event=ev).exists():
return render(request, 'events/create_team.html', {'event' : ev, 'logged': True, 'wrongpwd': False, 'registered' : True, 'exist' : True})
new = Team(name=teamname, password=request.POST.get('password'), event=ev)
new = Team(name=request.POST.get('teamname'), password=request.POST.get('password'), event=ev)
new.save()
player = EventPlayer.objects.get(user=request.user, event=ev)
player.team = new
@ -118,9 +115,8 @@ def manage_team(request, event_slug):
pname = p_form.cleaned_data['name']
if pname == tname:
pass
elif any(c in set('./') for c in pname):
error = _("Invalid characters in name")
elif Team.objects.filter(name=pname, event=event_info).exists():
else:
if Team.objects.filter(name=pname, event=event_info).exists():
error = _("Name already taken.")
ppassword = p_form.cleaned_data['password']
if error is None:
@ -141,20 +137,18 @@ def leave_team(request, event_slug):
player = EventPlayer.objects.get(user=request.user, event=event_info)
team = Team.objects.get(event=event_info, name=player.team.name)
player.team = None
player.save()
members = EventPlayer.objects.filter(team=team, event=event_info)
if members.count() == 0:
team.delete()
else:
team.score -= player.score
team.save()
player.team = None
solved = CTF_flags.objects.filter(user=player.user, ctf__event=event_info)
player.score = 0
solved.delete()
player.save()
members = EventPlayer.objects.filter(team=team, event=event_info)
if members.count() == 0:
team.delete()
return redirect('events:event_info', event_slug=event_slug)
@login_required

1
src/home/views.py
View File

@ -35,6 +35,7 @@ def home(request):
lang_code = request.session[LANGUAGE_SESSION_KEY]
url_translated = translate_url(request.path, lang_code)
if request.path != url_translated:
print("%s\n%s" % (request.path, url_translated))
response = HttpResponseRedirect(url_translated)
return response
news = new.objects.order_by('-pub_date')[:5]

2
src/resources/templates/resources/tools.html
View File

@ -16,7 +16,7 @@
- <a href="https://cutter.re">cutter</a></br>
- <a href="https://github.com/ReFirmLabs/binwalk">binwalk</a></br>
- <a href="https://rada.re">r2</a></br>
- <a href="https://hugsy.github.io/gef/">gdb/gef</a></br>
- <a href="https://gef.readthedocs.io/en/master/">gdb/gef</a></br>
- qemu-user</br>
<br>
{% trans "If you want to solve the challenges on your own machine, we recommend you to use a Linux operating system."%}

12
src/scoreboard/templates/scoreboard/network.html
View File

@ -8,30 +8,30 @@
<div class="col-12">
<div class="row justify-content-md-center justify-content-sm-center">
<div class="col-4 col-sm-3 col-md-2 podium podium-two text-center">
<img src="{{ top3.1.0.logo }}" alt="{{ top3.1.0 }}"/>
<img src="{{ top3.1.0.logo }}" alt="{{ top3.1.0 }}" width="100%"/>
<h3>#2 :</h3>
<p>
Score : {{ top3.1.1 }}
<br>
<a href="{% url 'scoreboard:campus' campus=top3.1.0 %}">{{ top3.1.0 }}</a>
{{ top3.1.0 }}
</p>
</div>
<div class="col-4 col-sm-3 col-md-2 podium podium-one text-center">
<img src="{{ top3.0.0.logo }}" alt="{{ top3.0.0 }}"/>
<img src="{{ top3.0.0.logo }}" alt="{{ top3.0.0 }}" width="100%"/>
<h3>#1 : </h3>
<p>
Score : {{ top3.0.1 }}
<br>
<a href="{% url 'scoreboard:campus' campus=top3.0.0 %}">{{ top3.0.0 }}</a>
{{ top3.0.0 }}
</p>
</div>
<div class="col-4 col-sm-3 col-md-2 podium podium-three text-center">
<img src="{{ top3.2.0.logo }}" alt="{{ top3.2.0 }}"/>
<img src="{{ top3.2.0.logo }}" alt="{{ top3.2.0 }}" width="100%"/>
<h3>#3 : </h3>
<p>
Score : {{ top3.2.1 }}
<br>
<a href="{% url 'scoreboard:campus' campus=top3.2.0 %}">{{ top3.2.0 }}</a>
{{ top3.2.0 }}
</p>
</div>
</div>

2
src/statics/css/style.css
View File

@ -320,7 +320,7 @@ footer {
vertical-align: bottom;
}
.podium h3 {margin-top:-5%;}
.podium img{position:relative;top: -55px; max-height: 50px; max-width: 100%;}
.podium img{position:relative;top: -55px}
.podium-one{
background-color: #313131;
height: 25vh;}

2
src/templates/base.html
View File

@ -95,7 +95,7 @@
<a href="{% url 'accounts:edit' %}" class="nav-link">{{ request.user.username }}</a>
</li>
<li class="nav-item dropdown">
<a class="nav-link" href="{% url 'accounts:profile' user %}">{{ request.user.userprofileinfo.score }}</a>
<span class="nav-link">{{ request.user.userprofileinfo.score }}</span>
</li>
<li class="nav-item dropdown">
<a class="nav-link" href="{% url 'accounts:out' %}">{% translate "Logout" %}</a>