Skip to content

Commit

Permalink
Fixes #209
Browse files Browse the repository at this point in the history
  • Loading branch information
jdabtieu committed Aug 5, 2023
1 parent fcc96fa commit 60e1b5f
Show file tree
Hide file tree
Showing 8 changed files with 56 additions and 16 deletions.
14 changes: 7 additions & 7 deletions src/application.py
Original file line number Diff line number Diff line change
Expand Up @@ -737,20 +737,20 @@ def create_problem():
flash('A problem with this name or ID already exists', 'danger')
return render_template("problem/create.html"), 409

# Check if file exists & upload if it does
file = request.files["file"]
if file.filename:
filename = problem_id + ".zip"
file.save("dl/" + filename)
description += f'\n\n[{filename}](/dl/{filename})'

# Modify problems table
db.execute(("INSERT INTO problems (id, name, point_value, category, flag, draft, "
"flag_hint, instanced) VALUES (:id, :name, :point_value, :category, "
":flag, :draft, :fhint, :inst)"),
id=problem_id, name=name, point_value=point_value, category=category,
flag=flag, draft=draft, fhint=flag_hint, inst=instanced)

# Check if file exists & upload if it does
file = request.files["file"]
if file.filename:
filename = problem_id + ".zip"
file.save("dl/" + filename)
description += f'\n\n[{filename}](/dl/{filename})'

os.makedirs('metadata/problems/' + problem_id)
write_file('metadata/problems/' + problem_id + '/description.md', description)
write_file('metadata/problems/' + problem_id + '/hints.md', hints)
Expand Down
6 changes: 5 additions & 1 deletion src/templates/contest/edit_problem.html
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@

{% block main %}
<h1>Edit {{ data["name"] }}</h1>
<form autocomplete="off" method="post">
<form autocomplete="off" method="post" enctype="multipart/form-data">
<div class="form-floating">
<input class="form-control mb-3"
name="name"
Expand Down Expand Up @@ -80,6 +80,10 @@ <h1>Edit {{ data["name"] }}</h1>
required>
<label for="point_value">Point Value</label>
</div>
<div class="input-group mb-3">
<label class="input-group-text" for="file">New File (optional)</label>
<input class="form-control" type="file" id="file" name="file" accept=".zip">
</div>
<input class="btn btn-primary" type="submit" id="submit" name="submit" value="Submit">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
</form>
Expand Down
6 changes: 5 additions & 1 deletion src/templates/problem/edit_problem.html
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@

{% block main %}
<h1>Edit {{ data["name"] }}</h1>
<form autocomplete="off" method="post">
<form autocomplete="off" method="post" enctype="multipart/form-data">
<div class="form-floating">
<input class="form-control mb-3"
name="name"
Expand Down Expand Up @@ -79,6 +79,10 @@ <h1>Edit {{ data["name"] }}</h1>
required>
<label for="point_value">Point Value</label>
</div>
<div class="input-group mb-3">
<label class="input-group-text" for="file">New File (optional)</label>
<input class="form-control" type="file" id="file" name="file" accept=".zip">
</div>
<input class="btn btn-primary" type="submit" id="submit" name="submit" value="Submit">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
</form>
Expand Down
1 change: 1 addition & 0 deletions src/tests/conftest.py
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ def client():
app.config['USE_CAPTCHA'] = False
app.config['WTF_CSRF_ENABLED'] = False
app.config['SECRET_KEY'] = 'testing_secret_key'
open('fake_empty_file', 'w').close()
return app.test_client()


Expand Down
7 changes: 5 additions & 2 deletions src/tests/test_contest.py
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,7 @@ def test_contest(client, database):
'hints': 'try looking at the title 2',
'point_value': 2,
'category': 'web',
'file': ('fake_empty_file', ''),
'instanced': True,
})
assert result.status_code == 302
Expand Down Expand Up @@ -281,7 +282,8 @@ def test_contest(client, database):
'name': 'dynscore',
'description': 'dynamic is fun',
'category': 'web',
'flag': 'ctf{nobodywillguessme}'
'flag': 'ctf{nobodywillguessme}',
'file': ('fake_empty_file', ''),
})
assert result.status_code == 302

Expand All @@ -293,7 +295,8 @@ def test_contest(client, database):
'description': 'dynamic is fun',
'category': 'web',
'flag': 'ctf{nobodywillguessmeagain}',
'rejudge': True
'rejudge': True,
'file': ('fake_empty_file', ''),
})
assert result.status_code == 302

Expand Down
17 changes: 13 additions & 4 deletions src/tests/test_problems.py
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,8 @@ def test_problem(client, database):
'point_value': 2,
'rejudge': True,
'category': 'web',
'flag': 'ctf{hello}'
'flag': 'ctf{hello}',
'file': ('fake_empty_file', ''),
})
assert result.status_code == 400
assert b'required' in result.data
Expand All @@ -73,11 +74,15 @@ def test_problem(client, database):
'point_value': 2,
'rejudge': True,
'category': 'web',
'flag': '\x2f\x10'
'flag': '\x2f\x10',
'file': ('fake_empty_file', ''),
})
assert result.status_code == 400
assert b'Invalid' in result.data

file = open("test_upload.txt", "w")
file.write('ree2')
file.close()
result = client.post('/problem/helloworldtesting/edit', data={
'name': 'hello world 2',
'description': 'a short fun problem 2',
Expand All @@ -86,10 +91,14 @@ def test_problem(client, database):
'rejudge': True,
'category': 'web',
'flag': 'ctf{hello}',
'flag_hint': 'ctf{...}'
'flag_hint': 'ctf{...}',
'file': ('test_upload.txt', 'test_upload.txt'),
}, follow_redirects=True)
assert result.status_code == 200

result = client.get('/dl/helloworldtesting.zip')
assert result.data == b'ree2'

result = client.get('/users/admin/profile')
assert result.status_code == 200
assert b'2 Points' in result.data
Expand All @@ -112,7 +121,7 @@ def test_problem(client, database):

result = client.get('/api/problem?id=helloworldtesting')
assert json.loads(result.data)['status'] == 'success'
assert json.loads(result.data)['data']['description'] == 'a short fun problem 2'
assert json.loads(result.data)['data']['description'].startswith('a short fun problem 2')
assert json.loads(result.data)['data']['hints'] == 'try looking at the title 2'
assert json.loads(result.data)['data']['editorial'] == 'sample editorial'
assert json.loads(result.data)['data']['flag_hint'] == 'ctf{...}'
Expand Down
12 changes: 11 additions & 1 deletion src/views/contest.py
Original file line number Diff line number Diff line change
Expand Up @@ -315,6 +315,7 @@ def publish_contest_problem(contest_id, problem_id):
@api.route('/<contest_id>/problem/<problem_id>/edit', methods=["GET", "POST"])
@admin_required
def edit_contest_problem(contest_id, problem_id):

# Ensure contest exists
if not contest_exists(contest_id):
return render_template("contest/contest_noexist.html"), 404
Expand Down Expand Up @@ -376,7 +377,16 @@ def edit_contest_problem(contest_id, problem_id):
"flag_hint=:fhint, instanced=:inst WHERE contest_id=:cid AND problem_id=:pid"),
name=new_name, category=new_category, flag=new_flag, cid=contest_id,
pid=problem_id, fhint=new_flag_hint, inst=new_instanced)

# Check if file exists & upload if it does
file = request.files["file"]
if file.filename:
if not os.path.exists("dl/" + contest_id):
os.makedirs("dl/" + contest_id)
filename = problem_id + ".zip"
filepath = "dl/" + contest_id + "/"
file.save(filepath + filename)
if f'[{filename}](/{filepath + filename})' not in new_description:
new_description += f'\n\n[{filename}](/{filepath + filename})'
write_file(
f'metadata/contests/{contest_id}/{problem_id}/description.md', new_description)
write_file(f'metadata/contests/{contest_id}/{problem_id}/hints.md', new_hint)
Expand Down
9 changes: 9 additions & 0 deletions src/views/problem.py
Original file line number Diff line number Diff line change
Expand Up @@ -178,6 +178,15 @@ def editproblem(problem_id):
"(SELECT user_id FROM problem_solved WHERE problem_id=:pid)"),
dpv=new_points - data[0]["point_value"], pid=problem_id
)

# Check if file exists & upload if it does
file = request.files["file"]
if file.filename:
filename = problem_id + ".zip"
file.save("dl/" + filename)
if f'[{filename}](/dl/{filename})' not in new_description:
new_description += f'\n\n[{filename}](/dl/{filename})'

write_file('metadata/problems/' + problem_id + '/description.md', new_description)
write_file('metadata/problems/' + problem_id + '/hints.md', new_hint)

Expand Down

0 comments on commit 60e1b5f

Please sign in to comment.