Beispiel #1
0
 def edit_ipv6(self):
     ''' Add ipv6 addresses to a box (sorta edits the box object) '''
     form = Form(box_uuid="Select a box", ipv6="Please provide a list of IPv6 addresses")
     if form.validate(self.request.arguments):
         errors = []
         box = Box.by_uuid(self.get_argument('box_uuid'))
         if box is not None:
             ips_string = self.get_argument('ipv6').replace('\n', ',').lower()
             ips = filter(lambda char: char in "1234567890abcdef:,", ips_string).split(",")
             for ip in filter(lambda ip: 0 < len(ip), ips):
                 try:
                     box = Box.by_ip_address(ip)
                     if box is None:
                         addr = IpAddress(box_id=box.id, v6=ip)
                         dbsession.add(addr)
                     else:
                         errors.append(
                             "%s has already been assigned to %s." % (ip, box.name,)
                         )
                 except ValueError:
                     errors.append(
                         "'%s' is not a valid IPv6 address" % str(ip[:39])
                     )
             dbsession.flush()
         else:
             errors.append("Box does not exist")
         self.render("admin/view/game_objects.html", errors=errors)
     else:
         self.render("admin/view/game_objects.html", errors=form.errors)
Beispiel #2
0
 def post(self, *args, **kwargs):
     ''' Attempts to create an account '''
     form = Form(
         username="******",
         pass1="Please enter a password",
         pass2="Please confirm your password",
         recaptcha_challenge_field="Invalid captcha",
         recaptcha_response_field="Invalid captcha",
     )
     if not form.validate(self.request.arguments):
         self.render("public/registration.html", errors=form.errors)
     elif self.check_recaptcha():
         user_name = self.get_argument('username')
         if User.by_user_name(user_name) != None:
             self.render('public/registration.html',
                         errors=['Account name already taken'])
         elif len(user_name) < 3 or 15 < len(user_name):
             self.render('public/registration.html',
                         errors=['Username must be 3-15 characters'])
         elif not self.get_argument('pass1') == self.get_argument('pass2'):
             self.render('public/registration.html',
                         errors=['Passwords do not match'])
         elif not (12 <= len(self.get_argument('pass1')) <= 100):
             self.render('public/registration.html',
                         errors=['Password must be 12-100 characters'])
         else:
             user = self.create_user(user_name, self.get_argument('pass1'))
             self.render("public/account_created.html",
                         user_name=user.user_name)
     else:
         self.render("public/registration.html", errors=['Invalid captcha'])
 def post(self, *args, **kwargs):
     ''' Attempt to log into an account '''
     form = Form(
         username="******",
         password="******",
     )
     if form.validate(self.request.arguments):
         user = User.by_name(self.get_argument('username'))
         if user is not None:
             if user.validate_password(self.get_argument('password')):
                 if user.confirmed:
                     self.successful_login(user)
                     if user.has_permission('administrator'):
                         self.redirect('/admin')
                     else:
                         self.redirect('/user')
                 else:
                     self.render(
                         'public/login.html',
                         errors=[
                             "You must confirm your email address before you can login"
                         ])
             else:
                 self.render('public/login.html',
                             errors=["Invalid password"])
         else:
             self.render('public/login.html', errors=["Invalid username"])
     else:
         self.render('public/login.html', errors=form.errors)
 def post(self, *args, **kwargs):
     ''' Attempt to upgrade hash algo '''
     form = Form(
         old_password="******",
         new_password1="Enter a new password",
         new_password2="Confirm your new password",
     )
     if form.validate(self.request.arguments):
         user = self.get_current_user()
         passwd = self.get_argument('new_password1')
         old_passwd = self.get_argument('old_password')
         if not user.validate_password(old_passwd):
             self.render_page(["Invalid password"])
         elif not passwd == self.get_argument('new_password2'):
             self.render_page(["New passwords do not match"])
         elif user.team.money < self.config.password_upgrade:
             self.render_page(["You cannot afford to upgrade your hash"])
         elif len(passwd) <= self.config.max_password_length:
             user.team.money -= self.config.password_upgrade
             dbsession.add(user.team)
             dbsession.flush()
             self.update_password(passwd)
             self.render_page()
         else:
             self.render_page(["New password is too long"])
     else:
         self.render_page(form.errors)
Beispiel #5
0
 def edit_users(self):
     ''' Update user objects in the database '''
     form = Form(
         uuid="User not selected",
         account="Please enter an account name",
         handle="Please enter a handle name",
         hash_algorithm="Please select a hash algorithm",
         team_uuid="Please select a team",
     )
     if form.validate(self.request.arguments):
         errors = []
         user = User.by_uuid(self.get_argument('uuid'))
         if user is not None:
             # Update user account name
             if user.account != self.get_argument('account'):
                 if User.by_account(self.get_argument('account')) is None:
                     logging.info("Updated user account %s -> %s" %
                         (user.account, self.get_argument('account'),))
                     user.account = unicode(self.get_argument('account'))
                 else:
                     errors.append("Account name is already in use")
             # Update user handle
             if user.handle != self.get_argument('handle'):
                 if User.by_handle(self.get_argument('handle')) is None:
                     logging.info("Updated user handle %s -> %s" %
                         (user.handle, self.get_argument('handle'),))
                     user.handle = unicode(self.get_argument('handle'))
                 else:
                     errors.append("Handle is already in use")
             # Update hashing algoritm
             if self.get_argument('hash_algorithm') in user.algorithms:
                 if user.algorithm != self.get_argument('hash_algorithm'):
                     if 0 < len(self.get_argument('password', '')):
                         logging.info("Updated %s's hashing algorithm %s -> %s" %
                             (user.handle, user.algorithm, self.get_argument('hash_algorithm'),)
                         )
                         user.algorithm = self.get_argument('hash_algorithm')
                     else:
                         errors.append("You must provide a password when updating the hashing algorithm")
             else:
                 errors.append("Not a valid hash algorithm")
             # Update password
             if 0 < len(self.get_argument('password', '')):
                 user.password = self.get_argument('password')
             # Update team
             team = Team.by_uuid(self.get_argument('team_uuid'))
             if team is not None:
                 if user.team_id != team.id:
                     logging.info("Updated %s's team %s -> %s" %
                         (user.handle, user.team_id, team.name))
                     user.team_id = team.id
             else:
                 errors.append("Team does not exist in database")
             dbsession.add(user)
             dbsession.flush()
         else:
             errors.append("User does not exist")
         self.render("admin/view/user_objects.html", errors=errors)
     else:
         self.render("admin/view/user_objects.html", errors=form.errors)
Beispiel #6
0
 def add_source_code(self):
     form = Form(
         box_uuid="Please select a box",
         price="Please input a price for the source code",
         description="Please enter a description",
     )
     if form.validate(self.request.arguments):
         box = Box.by_uuid(self.get_argument('box_uuid'))
         if box is not None:
             if not 'source_archive' in self.request.files and 0 < len(
                     self.request.files['source_archive']):
                 self.render('admin/upgrades/source_code_market.html',
                             errors=["No file data"])
             else:
                 try:
                     price = abs(int(self.get_argument('price', 'NaN')))
                     self.create_source_code(box, price)
                     self.render('admin/upgrades/source_code_market.html',
                                 errors=None)
                 except ValueError:
                     self.render('admin/upgrades/source_code_market.html',
                                 errors=["Price must be an integer"])
         else:
             self.render('admin/upgrades/source_code_market.html',
                         errors=["The selected box does not exist"])
     else:
         self.render('admin/upgrades/source_code_market.html',
                     errors=form.errors)
Beispiel #7
0
 def create_box(self):
     ''' Create a box object '''
     form = Form(
         box_name="Enter a box name",
         description="Enter a description",
         difficulty="Select a difficulty",
         corporation_uuid="Please select a corporation",
         game_level="Please select a game level",
     )
     if form.validate(self.request.arguments):
         try:
             game_level = int(self.get_argument('game_level'))
             corp_uuid = self.get_argument('corporation_uuid')
             if Box.by_name(self.get_argument('box_name')) is not None:
                 self.render("admin/create/box.html",
                             errors=["Box name already exists"])
             elif Corporation.by_uuid(corp_uuid) is None:
                 self.render("admin/create/box.html",
                             errors=["Corporation does not exist"])
             elif GameLevel.by_number(game_level) is None:
                 self.render("admin/create/box.html",
                             errors=["Game level does not exist"])
             else:
                 self.__mkbox__()
                 self.redirect('/admin/view/game_objects')
         except ValueError:
             self.render('admin/view/create.html',
                         errors=["Invalid level number"])
     else:
         self.render("admin/create/box.html", errors=form.errors)
 def post(self, *args, **kwargs):
     ''' Creates a job based on the parameters '''
     form = Form(
         jobname="Please enter a job name",
         algorithm_uuid="Please select an algorithm",
         hashes="Please provide the target hashes",
     )
     if form.validate(self.request.arguments):
         algo = Algorithm.by_uuid(self.get_argument('algorithm_uuid'))
         user = self.get_current_user()
         if algo is None:
             self.render('cracking/jobs/create.html', 
                 errors=['Invalid algorithm']
             )
         elif Job.by_job_name(self.get_argument('jobname')) is not None:
             self.render('cracking/jobs/create.html', 
                 errors=['Duplicate job name']
             )
         else:
             job = self.create_job(user, algo)
             dispatch = Dispatch.Instance()
             dispatch.refresh()
             self.render("cracking/jobs/created.html", job=job)
     else:
         self.render('cracking/jobs/create.html', errors=form.errors)
Beispiel #9
0
 def post(self, *args, **kwargs):
     ''' Creates a new weapon system, and yes the form validation is shit '''
     form = Form(
         name="Please enter a name",
         ssh_user="******",
         ssh_key="Please enter an ssh key",
         ip_address="Please enter a ip address",
         ssh_port="Please enter an ssh port",
         service_port="Please enter a service port",
     )
     if form.validate(self.request.arguments):
         if WeaponSystem.by_name(self.get_argument('name')) is not None:
             self.render("admin/weaponsystem/create.html",
                         errors=['That name already exists'])
         elif WeaponSystem.by_ip_address(
                 self.get_argument('ip_address')) is not None:
             self.render("admin/weaponsystem/create.html",
                         errors=['IP Address already in use'])
         else:
             try:
                 if not 1 <= int(self.get_argument('ssh_port', -1)) < 65535:
                     raise ValueError("SSh port not in range")
                 if not 1 <= int(self.get_argument('service_port',
                                                   -1)) < 65535:
                     raise ValueError("Service port not in range")
                 weapon_system = self.create_weapon()
                 self.render("admin/weaponsystem/created.html", errors=None)
             except ValueError:
                 self.render(
                     "admin/weaponsystem/create.html",
                     errors=["Invalid port number; must be 1-65535"])
     else:
         self.render("admin/weaponsystem/create.html", errors=form.errors)
Beispiel #10
0
 def edit_ipv6(self):
     ''' Add ipv6 addresses to a box (sorta edits the box object) '''
     form = Form(box_uuid="Select a box",
                 ipv6="Please provide a list of IPv6 addresses")
     if form.validate(self.request.arguments):
         errors = []
         box = Box.by_uuid(self.get_argument('box_uuid'))
         if box is not None:
             ips_string = self.get_argument('ipv6').replace('\n',
                                                            ',').lower()
             ips = filter(lambda char: char in "1234567890abcdef:,",
                          ips_string).split(",")
             for ip in filter(lambda ip: 0 < len(ip), ips):
                 try:
                     box = Box.by_ip_address(ip)
                     if box is None:
                         addr = IpAddress(box_id=box.id, v6=ip)
                         dbsession.add(addr)
                     else:
                         errors.append(
                             "%s has already been assigned to %s." % (
                                 ip,
                                 box.name,
                             ))
                 except ValueError:
                     errors.append("'%s' is not a valid IPv6 address" %
                                   str(ip[:39]))
             dbsession.flush()
         else:
             errors.append("Box does not exist")
         self.render("admin/view/game_objects.html", errors=errors)
     else:
         self.render("admin/view/game_objects.html", errors=form.errors)
Beispiel #11
0
 def post(self, *args, **kwargs):
     ''' Attempts to create an account '''
     form = Form(
         username="******",
         pass1="Please enter a password",
         pass2="Please confirm your password",
         recaptcha_challenge_field="Invalid captcha",
         recaptcha_response_field="Invalid captcha",
     )
     if not form.validate(self.request.arguments):
         self.render("public/registration.html", errors=form.errors)
     elif self.check_recaptcha():
         user_name = self.get_argument('username')
         if User.by_user_name(user_name) != None:
             self.render('public/registration.html',
                         errors=['Account name already taken'])
         elif len(user_name) < 3 or 15 < len(user_name):
             self.render('public/registration.html',
                         errors=['Username must be 3-15 characters'])
         elif not self.get_argument('pass1') == self.get_argument('pass2'):
             self.render('public/registration.html',
                         errors=['Passwords do not match'])
         elif not (12 <= len(self.get_argument('pass1')) <= 100):
             self.render('public/registration.html',
                         errors=['Password must be 12-100 characters'])
         else:
             user = self.create_user(user_name, self.get_argument('pass1'))
             self.render(
                 "public/account_created.html", user_name=user.user_name)
     else:
         self.render("public/registration.html",
                     errors=['Invalid captcha'])
Beispiel #12
0
 def buyout(self):
     ''' Buyout and unlock a level '''
     form = Form(uuid="Level parameter missing")
     user = self.get_current_user()
     if form.validate(self.request.arguments):
         level = GameLevel.by_uuid(self.get_argument('uuid', ''))
         if level is not None and user is not None:
             if level.buyout < user.team.money:
                 logging.info("%s (%s) payed buyout for level #%d" % (
                     user.handle, user.team.name, level.number
                 ))
                 user.team.game_levels.append(level)
                 user.team.money -= level.buyout
                 dbsession.add(user.team)
                 event = self.event_manager.create_unlocked_level_event(user, level)
                 self.new_events.append(event)
                 self.redirect("/user/missions")
             else:
                 self.render("missions/view.html",
                     team=user.team,
                     errors=[
                         "You do not have enough money to unlock this level"
                     ]
                 )
         else:
             self.render("missions/view.html",
                 team=user.team,
                 errors=["Level does not exist"]
             )
     else:
         self.render("missions/view.html",
             team=user.team,
             errors=form.errors
         )
Beispiel #13
0
 def post(self, *args, **kwargs):
     ''' Attempt to upgrade hash algo '''
     form = Form(
         old_password="******",
         new_password1="Enter a new password",
         new_password2="Confirm your new password",
     )
     if form.validate(self.request.arguments):
         user = self.get_current_user()
         passwd = self.get_argument('new_password1')
         old_passwd = self.get_argument('old_password')
         if not user.validate_bank_password(old_passwd):
             self.render_page(["Invalid password"])
         elif not passwd == self.get_argument('new_password2'):
             self.render_page(["New passwords do not match"])
         elif user.team.money < self.config.password_upgrade_cost:
             self.render_page(["You cannot afford to upgrade your hash"])
         elif len(passwd) <= self.config.max_password_length:
             user.team.money -= self.config.password_upgrade_cost
             dbsession.add(user.team)
             dbsession.flush()
             self.update_password(passwd)
             self.render_page()
         else:
             self.render_page(["New password is too long"])
     else:
         self.render_page(form.errors)
Beispiel #14
0
 def edit_corporations(self):
     ''' Updates corporation object in the database '''
     form = Form(
         uuid="Object not selected",
         name="Missing corporation name",
         description="Missing description",
     )
     if form.validate(self.request.arguments):
         corp = Corporation.by_uuid(self.get_argument('uuid'))
         if corp is not None:
             if self.get_argument('name') != corp.name:
                 logging.info("Updated corporation name %s -> %s" % (
                     corp.name,
                     self.get_argument('name'),
                 ))
                 corp.name = unicode(self.get_argument('name'))
             if self.get_argument('description') != corp.description:
                 logging.info("Updated corporation description %s -> %s" % (
                     corp.description,
                     self.get_argument('description'),
                 ))
                 corp.description = unicode(
                     self.get_argument('description'))
             dbsession.add(corp)
             dbsession.flush()
             self.redirect('/admin/view/game_objects')
         else:
             self.render("admin/view/game_objects.html",
                         errors=["Corporation does not exist"])
     else:
         self.render("admin/view/game_objects.html", errors=form.errors)
 def post(self, *args, **kwargs):
     ''' Create  a new user '''
     form = Form(
         username="******",
         email="Please enter a valid email address",
         password1="Please enter a password",
         password2="Please confirm your password",
     )
     if form.validate(self.request.arguments):
         if User.by_name(self.get_argument('username')) is not None:
             error_msg = "Username already taken; if you forgot your password use the password recovery option"
             self.render('public/registration.html', errors=[error_msg])
         elif User.by_email(self.get_argument('email')) is not None:
             error_msg = "Email already in use; if you forgot your password use the password recovery option"
             self.render('public/registration.html', errors=[error_msg])
         elif self.get_argument('password1') != self.get_argument(
                 'password2'):
             self.render('public/registration.html',
                         errors=["Passwords do not match"])
         else:
             email_service = EmailService()
             user = self.create_user(self.get_argument('username'),
                                     self.get_argument('email'),
                                     self.get_argument('password1'))
             email_service.send_confirmation(user)
             self.render('public/registration_successful.html', user=user)
     else:
         self.render('public/registration.html', errors=form.errors)
 def buyout(self):
     ''' Buyout and unlock a level '''
     form = Form(uuid="Level parameter missing")
     user = self.get_current_user()
     if form.validate(self.request.arguments):
         level = GameLevel.by_uuid(self.get_argument('uuid', ''))
         if level is not None and user is not None:
             if level.buyout < user.team.money:
                 user.team.game_levels.append(level)
                 user.team.money -= level.buyout
                 dbsession.add(user.team)
                 self.event_manager.unlocked_level(user, level)
                 self.redirect("/user/missions")
             else:
                 self.render("missions/view.html",
                     team=user.team,
                     errors=[
                         "You do not have enough money to unlock this level"
                     ]
                 )
         else:
             self.render("missions/view.html",
                 team=user.team,
                 errors=["Level does not exist"]
             )
     else:
         self.render("missions/view.html",
             team=user.team,
             errors=form.errors
         )
Beispiel #17
0
 def create_flag(self):
     ''' Create a flag '''
     form = Form(
         box_uuid="Please select a box",
         flag_name="Please enter a name",
         token="Please enter a token value",
         reward="Please enter a reward value",
         is_file="Please select a file setting",
         description="Please enter a flag description",
     )
     if form.validate(self.request.arguments):
         try:
             if Flag.by_name(self.get_argument('flag_name')) is not None:
                 self.render('admin/create/flag.html',
                             errors=["Name already exists"])
             elif Flag.by_token(self.get_argument('token')) is not None:
                 self.render('admin/create/flag.html',
                             errors=["Token value is not unique"])
             elif Box.by_uuid(self.get_argument('box_uuid')) is None:
                 self.render('admin/create/flag.html',
                             errors=["Box does not exist"])
             else:
                 reward = int(self.get_argument('reward', 'NaN'))
                 self.__mkflag__(reward)
                 self.redirect('/admin/view/game_objects')
         except ValueError:
             self.render('admin/create/flag.html',
                         errors=["Invalid reward value"])
     else:
         self.render("admin/create/flag.html", errors=form.errors)
Beispiel #18
0
 def add_source_code(self):
     form = Form(
         box_uuid="Please select a box",
         price="Please input a price for the source code",
         description="Please enter a description",
     )
     if form.validate(self.request.arguments):
         box = Box.by_uuid(self.get_argument('box_uuid'))
         if box is not None:
             if not 'source_archive' in self.request.files and 0 < len(self.request.files['source_archive']):
                 self.render('admin/upgrades/source_code_market.html',
                     errors=["No file data"]
                 )
             else:
                 try:
                     price = abs(int(self.get_argument('price', 'NaN')))
                     self.create_source_code(box, price)
                     self.render('admin/upgrades/source_code_market.html',
                         errors=None
                     )
                 except ValueError:
                     self.render('admin/upgrades/source_code_market.html',
                         errors=["Price must be an integer"]
                     )
         else:
             self.render('admin/upgrades/source_code_market.html',
                 errors=["The selected box does not exist"]
             )
     else:
         self.render('admin/upgrades/source_code_market.html',
             errors=form.errors
         )
Beispiel #19
0
 def create_game_level(self):
     ''' Creates a game level '''
     form = Form(
         level_number="Please enter a level number",
         buyout="Please enter a buyout value",
     )
     if form.validate(self.request.arguments):
         try:
             game_level = int(self.get_argument('level_number'))
             buyout = int(self.get_argument('buyout'))
             if game_level <= 0:
                 self.render('admin/create/game_level.html',
                     errors=["Level number must be greater than 0"]
                 )
             elif GameLevel.by_number(game_level) is not None:
                 self.render('admin/create/game_level.html',
                     errors=["Game level number must be unique"]
                 )
             elif buyout < 0:
                 self.render('admin/create/game_level.html',
                     errors=["Invalid buyout value"]
                 )
             else:
                 self.__mklevel__(game_level, buyout)
                 self.redirect('/admin/view/game_levels')
         except ValueError:
             self.render('admin/create/game_level.html',
                 errors=["Invalid level number"]
             )
     else:
         self.render('admin/create/game_level.html', errors=form.errors)
Beispiel #20
0
 def edit_corporations(self):
     ''' Updates corporation object in the database '''
     form = Form(
         uuid="Object not selected",
         name="Missing corporation name",
         description="Missing description",
     )
     if form.validate(self.request.arguments):
         corp = Corporation.by_uuid(self.get_argument('uuid'))
         if corp is not None:
             if self.get_argument('name') != corp.name:
                 logging.info("Updated corporation name %s -> %s" %
                     (corp.name, self.get_argument('name'),)
                 )
                 corp.name = unicode(self.get_argument('name'))
             if self.get_argument('description') != corp.description:
                 logging.info("Updated corporation description %s -> %s" %
                     (corp.description, self.get_argument('description'),)
                 )
                 corp.description = unicode(self.get_argument('description'))
             dbsession.add(corp)
             dbsession.flush()
             self.redirect('/admin/view/game_objects')
         else:
             self.render("admin/view/game_objects.html",
                 errors=["Corporation does not exist"]
             )
     else:
         self.render("admin/view/game_objects.html", errors=form.errors)
Beispiel #21
0
 def create_flag(self):
     ''' Create a flag '''
     form = Form(
         box_uuid="Please select a box",
         flag_name="Please enter a name",
         token="Please enter a token value",
         reward="Please enter a reward value",
         is_file="Please select a file setting",
         description="Please enter a flag description",
     )
     if form.validate(self.request.arguments):
         try:
             if Flag.by_name(self.get_argument('flag_name')) is not None:
                 self.render('admin/create/flag.html',
                     errors=["Name already exists"]
                 )
             elif Flag.by_token(self.get_argument('token')) is not None:
                 self.render('admin/create/flag.html',
                     errors=["Token value is not unique"]
                 )
             elif Box.by_uuid(self.get_argument('box_uuid')) is None:
                 self.render('admin/create/flag.html',
                     errors=["Box does not exist"]
                 )
             else:
                 reward = int(self.get_argument('reward', 'NaN'))
                 self.__mkflag__(reward)
                 self.redirect('/admin/view/game_objects')
         except ValueError:
             self.render('admin/create/flag.html',
                 errors=["Invalid reward value"]
             )
     else:
         self.render("admin/create/flag.html", errors=form.errors)
Beispiel #22
0
 def create_game_level(self):
     ''' Creates a game level '''
     form = Form(
         level_number="Please enter a level number",
         buyout="Please enter a buyout value",
     )
     if form.validate(self.request.arguments):
         try:
             game_level = int(self.get_argument('level_number'))
             buyout = int(self.get_argument('buyout'))
             if game_level <= 0:
                 self.render('admin/create/game_level.html',
                             errors=["Level number must be greater than 0"])
             elif GameLevel.by_number(game_level) is not None:
                 self.render('admin/create/game_level.html',
                             errors=["Game level number must be unique"])
             elif buyout < 0:
                 self.render('admin/create/game_level.html',
                             errors=["Invalid buyout value"])
             else:
                 self.__mklevel__(game_level, buyout)
                 self.redirect('/admin/view/game_levels')
         except ValueError:
             self.render('admin/create/game_level.html',
                         errors=["Invalid level number"])
     else:
         self.render('admin/create/game_level.html', errors=form.errors)
Beispiel #23
0
 def create_box(self):
     ''' Create a box object '''
     form = Form(
         box_name="Enter a box name",
         description="Enter a description",
         difficulty="Select a difficulty",
         corporation_uuid="Please select a corporation",
         game_level="Please select a game level",
     )
     if form.validate(self.request.arguments):
         try:
             game_level = int(self.get_argument('game_level'))
             corp_uuid = self.get_argument('corporation_uuid')
             if Box.by_name(self.get_argument('box_name')) is not None:
                 self.render("admin/create/box.html",
                     errors=["Box name already exists"]
                 )
             elif Corporation.by_uuid(corp_uuid) is None:
                 self.render("admin/create/box.html",
                     errors=["Corporation does not exist"]
                 )
             elif GameLevel.by_number(game_level) is None:
                 self.render("admin/create/box.html",
                     errors=["Game level does not exist"]
                 )
             else:
                 self.__mkbox__()
                 self.redirect('/admin/view/game_objects')
         except ValueError:
             self.render('admin/view/create.html',
                 errors=["Invalid level number"]
             )
     else:
         self.render("admin/create/box.html", errors=form.errors)
Beispiel #24
0
 def post(self, *args, **kwargs):
     form = Form(
         uuid="Weapon not found",
     )
     if form.validate(self.request.arguments):
         user = self.get_current_user()
         weapon = ArmoryWeapon.by_uuid(self.request.arguments['uuid'][0])
         if user == None or weapon == None:
             self.render("store/weapons.html", errors=None, weapons=ArmoryWeapon.get_all_visible())
         elif user.gold < weapon.cost:
             self.render("store/weapons.html", errors=['You cannot afford this weapon'], weapons=ArmoryWeapon.get_all_visible())
         else:
             user.gold -= weapon.cost
             new_weapon = Weapon(
                 user_id=user.id,
                 name=weapon.name,
                 description=weapon.description,
                 required_level=weapon.required_level,
                 damage=weapon.damage,
                 rating=weapon.rating,
                 advanced=weapon.advanced,
                 classification=weapon.classification,
                 avatar=weapon.avatar,
             )
             self.dbsession.add(new_weapon)
             self.dbsession.add(user)
             self.dbsession.flush()
             self.render("store/purchase.html", item=weapon.name)
     else:
         self.render("store/weapons.html", errors=form.errors, weapons=ArmoryWeapon.get_all_visible())
Beispiel #25
0
 def post(self, *args, **kwargs):
     form = Form(
         uuid="Armor not found",
     )
     if form.validate(self.request.arguments):
         user = self.get_current_user()
         armor = ArmoryArmor.by_uuid(self.request.arguments['uuid'][0])
         if user == None or armor == None:
             self.render("store/armor.html", errors=None, armors=ArmoryArmor.get_all_visible())
         elif user.gold < armor.cost:
             self.render("store/armor.html", errors=['You cannot afford this armor'], armors=ArmoryArmor.get_all_visible())
         else:
             user.gold -= armor.cost
             new_armor = Armor(
                 user_id=user.id,
                 name=armor.name,
                 description=armor.description,
                 required_level=armor.required_level,
                 rating=armor.rating,
                 classification=armor.classification,
                 avatar=armor.avatar,
             )
             self.dbsession.add(new_armor)
             self.dbsession.add(user)
             self.dbsession.flush()
             self.render("store/purchase.html", item=armor.name)
     else:
         self.render("store/armor.html", errors=form.errors, armors=ArmoryArmor.get_all_visible())
 def post(self, *args, **kwargs):
     ''' Creates a new weapon system, and yes the form validation is shit '''
     form = Form(
         name="Please enter a name",
         ssh_user="******",
         ssh_key="Please enter an ssh key",
         ip_address="Please enter a ip address",
         ssh_port="Please enter an ssh port",
         service_port="Please enter a service port",
     )
     if form.validate(self.request.arguments):
         if WeaponSystem.by_name(self.get_argument('name')) is not None:
             self.render("admin/weaponsystem/create.html",
                 errors=['That name already exists']
             )
         elif WeaponSystem.by_ip_address(self.get_argument('ip_address')) is not None:
             self.render("admin/weaponsystem/create.html",
                 errors=['IP Address already in use']
             )
         else:
             try:
                 if not 1 <= int(self.get_argument('ssh_port', -1)) < 65535:
                     raise ValueError("SSh port not in range")
                 if not 1 <= int(self.get_argument('service_port', -1)) < 65535:
                     raise ValueError("Service port not in range")
                 weapon_system = self.create_weapon()
                 self.render("admin/weaponsystem/created.html", errors=None)
             except ValueError:
                 self.render("admin/weaponsystem/create.html",
                     errors=["Invalid port number; must be 1-65535"]
                 )
     else:
         self.render("admin/weaponsystem/create.html", errors=form.errors)
Beispiel #27
0
    def post(self, *args, **kwargs):
        ''' Create the Dork in the system '''
        form = Form(title="Please enter a title",
                    description="Please enter a Description",
                    author="Please Enter an Author",
                    query="Please Enter the Shodan Hq Search Query",
                    tag="Please Select a Category")
        try:
            #Getting the user
            session_manager = SessionManager.Instance()
            session = session_manager.get_session(
                self.get_secure_cookie('auth'), self.request.remote_ip)
            user = User.by_user_name(session.data['user_name'])

            #Get the tag
            old_tag = Tag.by_name(self.get_argument('tag'))

            #Get all the tags
            tags = Tag.all()

            if user != None:
                if form.validate(self.request.arguments):
                    old_dork = Dork.by_title(self.get_argument('title'))
                    if old_dork:
                        self.render(
                            'user/submit.html',
                            user=user,
                            errors=[
                                'A Dork by this title has already been submitted'
                            ],
                            success=None,
                            tags=tags)
                    elif old_tag == None:
                        self.render(
                            'user/submit.html',
                            user=user,
                            errors=[
                                'A Dork by this title has already been submitted'
                            ],
                            success=None,
                            tags=tags)
                    else:
                        self.create_dork(user)
                        self.render('user/submit.html',
                                    user=user,
                                    success='Successfully created new Dork',
                                    errors=None,
                                    tags=tags)
                else:
                    self.render('user/submit.html',
                                user=user,
                                errors=form.errors,
                                success=None,
                                tags=tags)
            else:
                self.render('public/please_login.html')
        except Exception as e:
            print e
            self.render('public/please_login.html')
Beispiel #28
0
 def post(self, *args, **kwargs):
     ''' This is used to create new tags '''
     form = Form(name="Please enter a tag name")
     tags = Tag.all()
     if form.validate(self.request.arguments):
         self.create_tag()
         tags = Tag.all()
         self.render("admin/manage_tags.html", tags=tags)
     else:
         self.render("admin/manage_tags.html", tags=tags, errors=form.errors)
Beispiel #29
0
 def edit_boxes(self):
     ''' Edit existing boxes in the database '''
     form = Form(
         uuid="Object not selected",
         name="Missing box name",
         corporation_uuid="Please select a corporation",
         description="Please enter a description",
         difficulty="Please enter a difficulty",
     )
     if form.validate(self.request.arguments):
         box = Box.by_uuid(self.get_argument('uuid'))
         if box is not None:
             errors = []
             if self.get_argument('name') != box.name:
                 if Box.by_name(self.get_argument('name')) is None:
                     logging.info("Updated box name %s -> %s" % (
                         box.name,
                         self.get_argument('name'),
                     ))
                     box.name = unicode(self.get_argument('name'))
                 else:
                     errors.append("Box name already exists")
             corp = Corporation.by_uuid(
                 self.get_argument('corporation_uuid'))
             if corp is not None and corp.id != box.corporation_id:
                 logging.info("Updated %s's corporation %s -> %s" % (
                     box.name,
                     box.corporation_id,
                     corp.id,
                 ))
                 box.corporation_id = corp.id
             elif corp is None:
                 errors.append("Corporation does not exist")
             if self.get_argument('description') != box.description:
                 logging.info("Updated %s's description %s -> %s" % (
                     box.name,
                     box.description,
                     self.get_argument('description'),
                 ))
                 box.description = unicode(self.get_argument('description'))
             if self.get_argument('difficulty') != box.difficulty:
                 logging.info("Updated %s's difficulty %s -> %s" % (
                     box.name,
                     box.difficulty,
                     self.get_argument('difficulty'),
                 ))
                 box.difficulty = unicode(self.get_argument('difficulty'))
             dbsession.add(box)
             dbsession.flush()
             self.render("admin/view/game_objects.html", errors=errors)
         else:
             self.render("admin/view/game_objects.html",
                         errors=["Box does not exist"])
     else:
         self.render("admin/view/game_objects.html", errors=form.errors)
 def get(self, *args, **kwargs):
     ''' AJAX // Delete a paste object from the database '''
     form = Form(paste_uuid="Paste does not exist.", )
     if form.validate(self.request.arguments):
         paste_uuid = self.get_argument("paste_uuid")
         paste = PasteBin.by_uuid(paste_uuid)
         user = self.get_current_user()
         if paste is not None and paste.team_id == user.team.id:
             dbsession.delete(paste)
             dbsession.flush()
     self.redirect("/user/share/pastebin")
Beispiel #31
0
 def post(self, *args, **kwargs):
     ''' This is used to create new tags '''
     form = Form(name="Please enter a tag name")
     tags = Tag.all()
     if form.validate(self.request.arguments):
         self.create_tag()
         tags = Tag.all()
         self.render("admin/manage_tags.html", tags=tags)
     else:
         self.render("admin/manage_tags.html",
                     tags=tags,
                     errors=form.errors)
 def flag(self):
     '''
     Accepts flag submissions, a flag can be either a string or a file,
     if the flag submission is a file the MD5 hexdigest is used.
     '''
     form = Form(flag_type="Missing flag type")
     user = self.get_current_user()
     if form.validate(self.request.arguments):
         flag = Flag.by_uuid(self.get_argument('uuid', ''))
         if flag is not None:
             if self.get_argument('flag_type').lower() == 'text':
                 token = self.get_argument('token', None)
                 errors = self.__chkflag__(flag, token)
                 if len(errors) == 0:
                     self.flag_captured()
                 else:
                     self.render("missions/view.html",
                         team=user.team,
                         errors=errors
                     )
             elif self.get_argument('flag_type').lower() == 'file':
                 if 0 < len(self.request.files['flag'][0]['body']):
                     file_data = self.request.files['flag'][0]['body']
                     errors = self.__chkflag__(flag, file_data)
                     if len(errors) == 0:
                         self.flag_captured()
                     else:
                         self.render("missions/view.html",
                             team=user.team,
                             errors=errors
                         )
                 else:
                     logging.info("No file data in flag submission.")
                     self.render("missions/view.html",
                         team=user.team,
                         errors=["No file data"]
                     )
             else:
                 self.render("missions/view.html",
                     team=user.team,
                     errors=["Invalid flag type"]
                 )
         else:
             self.render("missions/view.html",
                 team=user.team,
                 errors=["Flag does not exist"]
             )
     else:
         self.render("missions/view.html",
             team=user.team,
             errors=form.errors
         )
 def get(self, *args, **kwargs):
     ''' AJAX // Delete a paste object from the database '''
     form = Form(
         paste_uuid="Paste does not exist.",
     )
     if form.validate(self.request.arguments):
         paste_uuid = self.get_argument("paste_uuid")
         paste = PasteBin.by_uuid(paste_uuid)
         user = self.get_current_user()
         if paste is not None and paste.team_id == user.team.id:
             dbsession.delete(paste)
             dbsession.flush()
     self.redirect("/user/share/pastebin")
 def post(self, *args, **kwargs):
     """ Shit form validation """
     form = Form(description="Please enter a description")
     user = self.get_current_user()
     if form.validate(self.request.arguments):
         if 0 == len(self.request.files.keys()):
             self.render("share_upload/share_files.html", errors=["No file data."], shares=user.team.files)
         elif self.FSIZE < len(self.request.files["file_data"][0]["body"]):
             self.render("share_upload/share_files.html", errors=["File too large."], shares=user.team.files)
         else:
             self.create_file(user)
             self.redirect("/user/share/files")
     else:
         self.render("share_upload/share_files.html", errors=form.errors, shares=user.team.files)
 def post(self, *args, **kwargs):
     ''' Attempts to create an account, with shitty form validation '''
     form = Form(
         account="Please enter an account name",
         handle="Please enter a handle",
         team="Please select a team to join",
         pass1="Please enter a password",
         pass2="Please confirm your password",
         token="Please enter a registration token"
     )
     if form.validate(self.request.arguments):
         config = ConfigManager.Instance()
         account = self.get_argument('account').lower()
         handle = self.get_argument('handle').lower()
         rtok = self.get_argument('token', '__none__').lower()
         passwd = self.get_argument('pass1')
         if User.by_account(account) is not None:
             self.render('public/registration.html',
                 errors=['Account name already taken']
             )
         elif account == handle:
             self.render('public/registration.html',
                 errors=['Account name and hacker name must differ']
             )
         elif User.by_handle(handle) is not None:
             self.render('public/registration.html',
                 errors=['Handle already taken']
             )
         elif not passwd == self.get_argument('pass2'):
             self.render('public/registration.html',
                 errors=['Passwords do not match']
             )
         elif not 0 < len(passwd) <= config.max_password_length:
             self.render('public/registration.html',
                 errors=['Password must be 1-%d characters'
                             % config.max_password_length]
             )
         elif Team.by_uuid(self.get_argument('team', '')) is None:
             self.render('public/registration.html',
                 errors=["Please select a team to join"]
             )
         elif RegistrationToken.by_value(rtok) is None and not config.debug:
             self.render('public/registration.html',
                 errors=["Invalid registration token"]
             )
         else:
             self.create_user(account, handle, passwd, rtok)
             self.render('public/successful_reg.html', account=account)
     else:
         self.render('public/registration.html', errors=form.errors)
 def post(self, *args, **kwargs):
     ''' Creates a new text share '''
     form = Form(
         name="Please enter a name",
         content="Please provide some content",
     )
     if form.validate(self.request.arguments):
         user = self.get_current_user()
         paste = PasteBin(name=unicode(self.get_argument("name")),
                          contents=unicode(self.get_argument("content")),
                          team_id=user.team.id)
         dbsession.add(paste)
         dbsession.flush()
         self.event_manager.paste_bin(user, paste)
     self.redirect('/user/share/pastebin')
Beispiel #37
0
 def create_team(self):
     ''' Create a new team in the database '''
     form = Form(team_name="Enter a team name", motto="Enter a team motto")
     if form.validate(self.request.arguments):
         team = Team(
             name=unicode(self.get_argument('team_name')),
             motto=unicode(self.get_argument('motto')),
         )
         level_0 = GameLevel.all()[0]
         team.game_levels.append(level_0)
         dbsession.add(team)
         dbsession.flush()
         self.redirect('/admin/view/user_objects')
     else:
         self.render("admin/create/team.html", errors=form.errors)
 def post(self, *args, **kwargs):
     form = Form(box_uuid="Please select leaked code to buy")
     if form.validate(self.request.arguments):
         box = Box.by_uuid(self.get_argument('box_uuid', ''))
         if box is not None and box.source_code is not None:
             user = self.get_current_user()
             if box.source_code.price <= user.team.money:
                 self.purchase_code(box)
                 self.redirect("/source_code_market")
             else:
                 self.render_page(["You cannot afford to purchase this code"])
         else:
             self.render_page(["Box does not exist"])
     else:
         self.render_page(form.errors)
Beispiel #39
0
 def create_team(self):
     ''' Create a new team in the database '''
     form = Form(team_name="Enter a team name", motto="Enter a team motto")
     if form.validate(self.request.arguments):
         team = Team(
             name=unicode(self.get_argument('team_name')),
             motto=unicode(self.get_argument('motto')),
         )
         level_0 = GameLevel.all()[0]
         team.game_levels.append(level_0)
         dbsession.add(team)
         dbsession.flush()
         self.redirect('/admin/view/user_objects')
     else:
         self.render("admin/create/team.html", errors=form.errors)
Beispiel #40
0
 def get(self, *args, **kwargs):
     ''' AJAX // Retrieves a paste from the database '''
     form = Form(
         paste_uuid="Paste does not exist.",
     )
     if form.validate(self.request.arguments):
         paste_uuid = self.get_argument("paste_uuid")
         user = self.get_current_user()
         paste = PasteBin.by_uuid(paste_uuid)
         if paste is None or paste.team_id != user.team.id:
             self.render("pastebin/display.html", errors=["Paste does not exist."], paste=None)
         else:
             self.render("pastebin/display.html", errors=None, paste=paste)
     else:
         self.render("pastebin/display.html", errors=form.errors, paste=None)
Beispiel #41
0
class EquipArmorHandler(UserBaseHandler):
    ''' This is the handler that allows to equiping of armors from the profile '''

    def initialize(self, dbsession):
        self.dbsession = dbsession
        self.session_manager = SessionManager.Instance()
        self.session = self.session_manager.get_session(
            self.get_secure_cookie('auth'), self.request.remote_ip)
        self.form = Form(
            armor_id="You Must Select an Armor"
        )

    @authenticated
    def post(self, *args, **kwargs):
        ''' Display the default user page '''
        user = self.get_current_user()
        if self.form.validate(self.request.arguments):
            if user != None and self.get_argument('armor_id').isdigit():
                new_armor = Armor.by_id(self.get_argument('armor_id'))
                # Make sure that we have the weapon they are attemping to equip
                if new_armor in user.get_all_armor():
                    if new_armor.required_level <= user.level:
                        old_armor = user.equiped_armor
                        old_armor.equiped = False
                        new_armor.equiped = True
                        self.dbsession.add(new_armor)
                        self.dbsession.add(old_armor)
                        self.dbsession.flush()
                        self.redirect('/user')
                    else:
                        self.redirect('/user?error=2')
Beispiel #42
0
 def initialize(self, dbsession):
     self.dbsession = dbsession
     self.form = Form(
         username="******",
         pass1="Please enter a password",
         pass2="Please confirm your password",
     )
Beispiel #43
0
 def edit_boxes(self):
     ''' Edit existing boxes in the database '''
     form = Form(
         uuid="Object not selected",
         name="Missing box name",
         corporation_uuid="Please select a corporation",
         description="Please enter a description",
         difficulty="Please enter a difficulty",
     )
     if form.validate(self.request.arguments):
         box = Box.by_uuid(self.get_argument('uuid'))
         if box is not None:
             errors = []
             if self.get_argument('name') != box.name:
                 if Box.by_name(self.get_argument('name')) is None:
                     logging.info("Updated box name %s -> %s" %
                         (box.name, self.get_argument('name'),)
                     )
                     box.name = unicode(self.get_argument('name'))
                 else:
                     errors.append("Box name already exists")
             corp = Corporation.by_uuid(self.get_argument('corporation_uuid'))
             if corp is not None and corp.id != box.corporation_id:
                 logging.info("Updated %s's corporation %s -> %s" %
                     (box.name, box.corporation_id, corp.id,))
                 box.corporation_id = corp.id
             elif corp is None:
                 errors.append("Corporation does not exist")
             if self.get_argument('description') != box.description:
                 logging.info("Updated %s's description %s -> %s" %
                     (box.name, box.description, self.get_argument('description'),)
                 )
                 box.description = unicode(self.get_argument('description'))
             if self.get_argument('difficulty') != box.difficulty:
                 logging.info("Updated %s's difficulty %s -> %s" %
                     (box.name, box.difficulty, self.get_argument('difficulty'),)
                 )
                 box.difficulty = unicode(self.get_argument('difficulty'))
             dbsession.add(box)
             dbsession.flush()
             self.render("admin/view/game_objects.html", errors=errors)
         else:
             self.render("admin/view/game_objects.html",
                 errors=["Box does not exist"]
             )
     else:
         self.render("admin/view/game_objects.html", errors=form.errors)
Beispiel #44
0
 def post_theme(self, *args, **kwargs):
     ''' Change per-user theme '''
     form = Form(theme_uuid="Please select a theme", )
     if form.validate(self.request.arguments):
         theme = Theme.by_uuid(self.get_argument('theme_uuid'))
         if theme is not None:
             self.session['theme'] = ''.join(theme.cssfile)
             self.session.save()
             user = self.get_current_user()
             user.theme_id = theme.id
             dbsession.add(user)
             dbsession.flush()
             self.render_page()
         else:
             self.render_page(errors=["Theme does not exist."])
     else:
         self.render_page(errors=form.errors)
Beispiel #45
0
 def initialize(self, dbsession):
     self.dbsession = dbsession
     self.session_manager = SessionManager.Instance()
     self.session = self.session_manager.get_session(
         self.get_secure_cookie('auth'), self.request.remote_ip)
     self.form = Form(
         armor_id="You Must Select an Armor"
     )
 def post(self, *args, **kwargs):
     ''' Creates a new text share '''
     form = Form(
         name="Please enter a name",
         content="Please provide some content",
     )
     if form.validate(self.request.arguments):
         user = self.get_current_user()
         paste = PasteBin(
             name=unicode(self.get_argument("name")),
             contents=unicode(self.get_argument("content")),
             team_id=user.team.id
         )
         dbsession.add(paste)
         dbsession.flush()
         self.event_manager.paste_bin(user, paste)
     self.redirect('/user/share/pastebin')
 def post(self, *args, **kwargs):
     #Arg! Exploit Ho!
     form = Form(
         client_id="Please enter your client ID",
         explanation="Please enter an explanation",
     )
     user = User.by_user_name(self.session.data['user_name'])
     
     if not form.validate(self.request.arguments):
         print self.request.arguments
         self.render("user/feedback.html", user=user, errors=form.errors, success=None)
     else:
         if self.request.files.has_key('log'):
             if len(self.request.files['log']) == 1:
                 data = self.request.files['log'][0]['body']
                 #Do the exploit things here
         self.render("user/feedback.html", user=user, errors=None, success="Your feedback is appreciated!")
Beispiel #48
0
 def post_theme(self, *args, **kwargs):
     ''' Change per-user theme '''
     form = Form(theme_uuid="Please select a theme",)
     if form.validate(self.request.arguments):
         theme = Theme.by_uuid(self.get_argument('theme_uuid'))
         if theme is not None:
             self.session['theme'] = ''.join(theme.cssfile)
             self.session.save()
             user = self.get_current_user()
             user.theme_id = theme.id
             dbsession.add(user)
             dbsession.flush()
             self.render_page()
         else:
             self.render_page(errors=["Theme does not exist."])
     else:
         self.render_page(errors=form.errors)
Beispiel #49
0
 def edit_teams(self):
     ''' Edit existing team objects in the database '''
     form = Form(
         uuid="No team selected",
         name="Please enter a name",
         motto="Please enter a motto",
         listen_port="Please enter a listen port",
     )
     if form.validate(self.request.arguments):
         team = Team.by_uuid(self.get_argument('uuid'))
         if team is not None:
             errors = []
             if team.name != self.get_argument('name'):
                 logging.info("Updated team name %s -> %s" % (
                     team.name,
                     self.get_argument('name'),
                 ))
                 team.name = unicode(self.get_argument('name'))
             if team.motto != self.get_argument('motto'):
                 logging.info("Updated %s's motto %s -> %s" % (
                     team.name,
                     team.motto,
                     self.get_argument('motto'),
                 ))
                 team.motto = unicode(self.get_argument('motto'))
             try:
                 lport = int(self.get_argument('listen_port'))
                 if lport != team.listen_port:
                     logging.info("Updated %s's listen port %d -> %d" % (
                         team.name,
                         team.listen_port,
                         lport,
                     ))
                     team.listen_port = lport
             except ValueError:
                 errors.append("Invalid listen port %s " %
                               self.get_argument('listen_port'))
             dbsession.add(team)
             dbsession.flush()
             self.redirect("/admin/view/user_objects")
         else:
             self.render("admin/view/user_objects.html",
                         errors=["Team does not exist"])
     else:
         self.render("admin/view/user_objects.html", errors=form.errors)
Beispiel #50
0
 def box_level(self):
     ''' Changes a boxs level '''
     form = Form(box_uuid="No box selected", level_uuid="No level selected")
     if form.validate(self.request.arguments):
         errors = []
         box = Box.by_uuid(self.get_argument('box_uuid'))
         level = GameLevel.by_uuid(self.get_argument('level_uuid'))
         if box is not None and level is not None:
             box.game_level_id = level.id
             dbsession.add(box)
             dbsession.flush()
         elif box is None:
             errors.append("Box does not exist")
         elif level is None:
             errors.append("GameLevel does not exist")
         self.render("admin/view/game_levels.html", errors=errors)
     else:
         self.render("admin/view/game_levels.html", errors=form.errors)
Beispiel #51
0
 def post(self, *args, **kwargs):
     ''' Attempts to create an account, with shitty form validation '''
     form = Form(account="Please enter an account name",
                 handle="Please enter a handle",
                 team="Please select a team to join",
                 pass1="Please enter a password",
                 pass2="Please confirm your password",
                 token="Please enter a registration token")
     if form.validate(self.request.arguments):
         config = ConfigManager.Instance()
         account = self.get_argument('account').lower()
         handle = self.get_argument('handle').lower()
         rtok = self.get_argument('token', '__none__').lower()
         passwd = self.get_argument('pass1')
         if User.by_account(account) is not None:
             self.render('public/registration.html',
                         errors=['Account name already taken'])
         elif account == handle:
             self.render(
                 'public/registration.html',
                 errors=['Account name and hacker name must differ'])
         elif User.by_handle(handle) is not None:
             self.render('public/registration.html',
                         errors=['Handle already taken'])
         elif not passwd == self.get_argument('pass2'):
             self.render('public/registration.html',
                         errors=['Passwords do not match'])
         elif not 0 < len(passwd) <= config.max_password_length:
             self.render('public/registration.html',
                         errors=[
                             'Password must be 1-%d characters' %
                             config.max_password_length
                         ])
         elif Team.by_uuid(self.get_argument('team', '')) is None:
             self.render('public/registration.html',
                         errors=["Please select a team to join"])
         elif RegistrationToken.by_value(rtok) is None and not config.debug:
             self.render('public/registration.html',
                         errors=["Invalid registration token"])
         else:
             self.create_user(account, handle, passwd, rtok)
             self.render('public/successful_reg.html', account=account)
     else:
         self.render('public/registration.html', errors=form.errors)
Beispiel #52
0
 def edit_game_level(self):
     ''' Update game level objects '''
     form = Form(
         uuid="Select an object",
         number="Enter a level number",
         buyout="Enter a buyout value",
     )
     if form.validate(self.request.arguments):
         errors = []
         level = GameLevel.by_uuid(self.get_argument('uuid'))
         try:
             new_number = int(self.get_argument('number', 'NaN'))
             new_buyout = int(self.get_argument('buyout', 'NaN'))
             if level.number != new_number and GameLevel.by_number(
                     new_number) is None:
                 level.number = new_number
                 dbsession.add(level)
                 dbsession.flush()
                 # Fix the linked-list
                 game_levels = sorted(GameLevel.all())
                 index = 0
                 for game_level in game_levels[:-1]:
                     game_level.next_level_id = game_levels[index + 1].id
                     dbsession.add(game_level)
                     index += 1
                 game_levels[0].number = 0
                 dbsession.add(game_levels[0])
                 game_levels[-1].next_level_id = None
                 dbsession.add(game_levels[-1])
                 dbsession.flush()
             if GameLevel.by_number(new_number) is not None:
                 errors.append("GameLevel number is not unique")
             if level.buyout != new_buyout:
                 level.buyout = new_buyout
                 dbsession.add(level)
                 dbsession.flush()
         except ValueError:
             errors.append(
                 "That was not a number ... maybe you should go back to school"
             )
         self.render("admin/view/game_levels.html", errors=errors)
     else:
         self.render("admin/view/game_levels.html", errors=form.errors)
Beispiel #53
0
 def post(self, *args, **kwargs):
     ''' Checks login creds '''
     form = Form(
         username="******",
         password="******",
     )
     if not form.validate(self.request.arguments):
         self.render("public/login.html", errors=form.errors)
     else:
         user = User.by_username(self.get_argument('username'))
         if user is not None and user.validate_password(self.get_argument('password')):
             if user.locked:
                 self.render("public/login.html",
                     errors=["Your account must be approved by an administrator."]
                 )
             else:
                 self.successful_login(user)
                 self.redirect('/user')
         else:
             self.failed_login()
Beispiel #54
0
 def post(self, *args, **kwargs):
     ''' Checks submitted username and password '''
     form = Form(
         account="Enter an account name",
         password="******",
     )
     if form.validate(self.request.arguments):
         user = User.by_account(self.get_argument('account'))
         password_attempt = self.get_argument('password')
         if user is not None and user.validate_password(password_attempt):
             if not user.locked:
                 self.successful_login(user)
                 self.redirect('/user')
             else:
                 self.render('public/login.html',
                             errors=["Your account has been locked"])
         else:
             self.failed_login()
     else:
         self.render('public/login.html', errors=form.errors)
Beispiel #55
0
 def post(self, *args, **kwargs):
     ''' Checks login creds '''
     form = Form(
         username="******",
         password="******",
         recaptcha_challenge_field="Invalid captcha",
         recaptcha_response_field="Invalid captcha",
     )
     if not form.validate(self.request.arguments):
         self.render("public/login.html", errors=form.errors)
     elif self.check_recaptcha():
         user = User.by_user_name(self.get_argument('username'))
         if user != None and user.validate_password(
                 self.get_argument('password')):
             self.successful_login(user)
             self.redirect('/user')
         else:
             self.failed_login()
     else:
         self.render('public/login.html',
                     errors=["Invalid captcha, try again"])
Beispiel #56
0
 def create_corporation(self):
     ''' Add a new corporation to the database '''
     form = Form(
         corporation_name="Enter a corporation name",
         description="Please enter a description",
     )
     if form.validate(self.request.arguments):
         corp_name = self.get_argument('corporation_name')
         if Corporation.by_name(corp_name) is not None:
             self.render("admin/create/corporation.html",
                         errors=["Name already exists"])
         else:
             corporation = Corporation(
                 name=unicode(corp_name),
                 description=unicode(self.get_argument('description')),
             )
             dbsession.add(corporation)
             dbsession.flush()
             self.redirect('/admin/view/game_objects')
     else:
         self.render("admin/create/corporation.html", errors=form.errors)