def regen_all(cls, context):
"""重算所有缓存,只有通过命令行提权后才能调用"""
User.test_permission(context)
for obj in models.Submission.objects.all():
try:
obj.group = User.get(context, obj.user).group
obj.save()
except NotFound:
pass
for obj in models.FlagClear.objects.all():
try:
user = User.get(context, obj.user)
obj.group = user.group
challenge = Challenge.get(context, obj.challenge)
if obj.flag not in range(len(challenge.flags)):
raise NotFound
obj.save()
except NotFound:
obj.delete()
for challenge in Challenge.get_all(context):
cls._regen_challenge_clear(challenge)
models.ChallengeFirst.objects.all().delete()
models.FlagFirst.objects.all().delete()
cls._refill_first()
cls._regen_score()
def post(self, request):
try:
kwargs = json.loads(request.body)
kwargs = {k: kwargs[k] for k in kwargs if k in User.update_fields}
user = User.get(Context.from_request(request), request.user.pk)
user.update(**kwargs)
return JsonResponse({})
except WrongFormat as e:
return JsonResponse({'error': e.json}, status=400)
def _add_user(cls, user):
from .expr_flags import expr_flag
if models.User.objects.filter(user=user).exists():
return False
token = User.get(Context(elevated=True), user).token
for expr_obj in models.Expr.objects.values('expr').distinct():
models.ExprFlag.objects.create(
expr=expr_obj['expr'],
user=user,
flag=expr_flag(expr_obj['expr'], token),
)
return True
def _add_expr(cls, expr):
from .expr_flags import expr_flag
if models.Expr.objects.filter(expr=expr).exists():
return False
for user_obj in models.User.objects.all():
token = User.get(Context(elevated=True), user_obj.user).token
models.ExprFlag.objects.create(
expr=expr,
user=user_obj.user,
flag=expr_flag(expr, token),
)
return True
def post(self, request):
if not self.check():
return redirect('hub')
eligible = request.POST['eligible']
if eligible == 'yes':
UstcEligible.objects.create(user=request.user, eligible=True)
user = User.get(
Context.from_request(request).copy(elevated=True),
request.user.pk)
user.update(group='ustc')
elif eligible == 'no':
UstcEligible.objects.create(user=request.user, eligible=False)
return redirect('hub')
def frontend(request):
return {
'page':
Page.get(),
'user_': (User.get(Context.from_request(request), request.user.pk)
if request.user.is_authenticated else None),
'groups':
User.groups,
'debug':
settings.DEBUG,
'no_board_groups':
User.no_board_groups,
}
def get(self, request):
if request.user.is_authenticated:
if Account.objects.filter(provider='ustc',
user=request.user).exists():
try:
request.user.ustceligible
except UstcEligible.DoesNotExist:
return redirect('ustcprofile')
context = Context.from_request(request)
try:
challenges = Challenge.get_enabled(context)
challenges = {'value': [obj.json for obj in challenges]}
except ProfileRequired as e:
messages.info(request, e.message)
return redirect('profile')
except TermsRequired as e:
messages.info(request, e.message)
return redirect('terms')
except Error as e:
challenges = {'error': e.json}
try:
announcement = Announcement.get_latest(context).json
except NotFound:
announcement = None
if request.user.is_authenticated:
user = User.get(context, request.user.pk)
if user.group == 'other':
ranking = Submission.get_user_ranking(context, request.user.pk)
else:
ranking = Submission.get_user_ranking(context,
request.user.pk,
group=user.group)
else:
ranking = {}
return TemplateResponse(
request, 'hub.html', {
'announcement': announcement,
'challenges': challenges,
'progress': Submission.get_user_progress(
context, request.user.pk),
'ranking': ranking,
'clear_count': Submission.get_clear_count(context),
})
def submit(cls, context, user, challenge, text):
if context.user.pk != user:
User.test_permission(context)
if len(text) > 200:
raise WrongFormat('Flag 不应超过 200 个字符')
user = User.get(context, user)
challenge = Challenge.get(context, challenge)
try:
latest = (models.Submission.objects.filter(
user=user.pk, challenge=challenge.pk).latest('time'))
except models.Submission.DoesNotExist:
pass
else:
if latest.time + timedelta(seconds=10) > context.time:
raise SlowDown('提交过于频繁,请 10 秒后再试')
obj = models.Submission.objects.create(
user=user.pk,
group=user.group,
challenge=challenge.pk,
text=text,
time=context.time,
)
matches, violations = challenge.check_flag_with_violations(text)
queryset = models.FlagClear.objects.filter(user=user.pk,
challenge=challenge.pk)
flags = {i.flag for i in queryset}
match_flags = {i['index'] for i in matches}
for flag in match_flags - flags:
models.FlagClear.objects.create(
submission=obj,
user=user.pk,
group=user.group,
challenge=challenge.pk,
flag=flag,
time=context.time,
)
if user.group not in User.no_score_groups:
models.FlagFirst.objects.get_or_create(
challenge=challenge.pk,
flag=flag,
group=None,
defaults={
'user': user.pk,
'time': context.time
},
)
models.FlagFirst.objects.get_or_create(
challenge=challenge.pk,
flag=flag,
group=user.group,
defaults={
'user': user.pk,
'time': context.time
},
)
for f, u in violations:
models.FlagViolation.objects.create(
submission=obj,
violation_flag=f['index'],
violation_user=u,
)
if match_flags - flags:
if (flags | match_flags).issuperset(range(len(challenge.flags))):
models.ChallengeClear.objects.create(
user=user.pk,
group=user.group,
challenge=challenge.pk,
time=context.time,
)
if user.group not in User.no_score_groups:
models.ChallengeFirst.objects.get_or_create(
challenge=challenge.pk,
group=None,
defaults={
'user': user.pk,
'time': context.time
},
)
models.ChallengeFirst.objects.get_or_create(
challenge=challenge.pk,
group=user.group,
defaults={
'user': user.pk,
'time': context.time
},
)
score = sum(i['score'] for i in matches if i['index'] not in flags)
cls._add_score(user.pk, user.group, context.time, score,
challenge.category)
return matches
def do_save(self, context, pk, **kwargs):
kwargs = {k: kwargs[k] for k in kwargs if k in User.update_fields}
return User.get(context, pk).update(**kwargs)
def do_get(self, context, pk):
return User.get(context, pk).json
def handle(self, fake_complex_challenges, fake_simple_challenges,
fake_users, fake_submissions, game_started_seconds,
**options):
root = User.create(
Context(elevated=True),
group='other',
nickname='root',
).user
root.is_staff = True
root.is_superuser = True
root.save()
root.refresh_from_db()
Account.objects.create(provider='debug', identity='root', user=root)
c1 = Challenge.create(
Context(root),
name='签到题',
category='checkin',
detail='签到题描述',
url='https://example.com/{token}',
prompt='flag{hackergame}',
index=-100,
enabled=True,
flags=[{
'name': '',
'score': 10,
'type': 'text',
'flag': 'flag{hackergame}',
}],
)
Submission.submit(Context(root), root.pk, c1.pk, 'flag{hackergame}')
for i in range(1, fake_complex_challenges + 1):
Challenge.create(
Context(root),
name=f'复杂题 {i}',
category='complex',
detail='<code>flag{FLAG_INDEX}</code> 或 '
'<code>flag{FLAG_INDEX:USER_ID}</code>',
url='',
prompt='flag{...}',
index=random.randrange(100),
enabled=random.choice((False, True, True, True, True)),
flags=[{
'name': f'flag {j}',
'score': random.randrange(100),
'type': ('expr', 'text')[j % 2],
'flag': ("f'flag{{%s:{token.partition(\":\")[0]}}}'" % j,
f'flag{{{j}}}')[j % 2],
} for j in range(random.randrange(1, 4))],
)
for i in range(1, fake_simple_challenges + 1):
Challenge.create(
Context(root),
name=f'简单题 {i}',
category='simple',
detail='',
url='',
prompt=('flag{0}', 'flag{0:USER_ID}')[i % 2],
index=random.randrange(100),
enabled=random.choice((False, True, True, True, True)),
flags=[{
'name': '',
'score': random.randrange(100),
'type': ('text', 'expr')[i % 2],
'flag': ('flag{0}',
"'flag{0:'+token.partition(':')[0]+'}'")[i % 2],
}],
)
terms = Terms.create(Context(root), name='条款', content='1 2 3 ...',
enabled=True)
now = timezone.now()
timestamps = []
for i in range(fake_submissions):
delta = random.randrange(game_started_seconds)
timestamps.append(now - timezone.timedelta(seconds=delta))
timestamps.sort()
Trigger.create(Context(root), time=min(timestamps), state=True)
groups = list(set(User.groups.keys()) - {'staff', 'banned'})
for i in range(fake_users):
print('user', i, end='\r')
u = User.create(
Context(elevated=True),
group=random.choice(groups),
nickname='用户 ' * 8 + str(i),
name='姓名',
sno='PB11111111',
tel='123456789',
email='*****@*****.**',
gender=random.choice(('female', 'male')),
qq='12345',
school='foo',
grade='1',
)
Terms.get(Context(u.user), terms.pk).agree(u.pk)
Account.objects.create(provider='debug', identity=f'{i}',
user=u.user)
users = [i.pk for i in User.get_all(Context(root))]
challenges = [i.pk for i in Challenge.get_all(Context(root))]
for i in range(fake_submissions):
print('submission', i, end='\r')
try:
u = random.choice(users)
c = random.choice(challenges)
fs = len(Challenge.get(Context(root), c).flags)
Submission.submit(
Context(
User.get(Context(root), u).user,
timestamps[i]
), u, c, f'flag{{{random.choice(range(fs))}:{u}}}'
)
Submission.submit(
Context(
User.get(Context(root), u).user,
timestamps[i] + timezone.timedelta(seconds=20)
), u, c, f'flag{{{random.choice(range(fs))}}}'
)
except (NotFound, SlowDown):
pass
Challenge.create(
Context(root),
name='难题',
category='hard',
detail='难题描述',
url='https://example.com/{token}',
prompt='flag{hackergame}',
index=100,
enabled=True,
flags=[{
'name': '',
'score': 100,
'type': 'text',
'flag': 'flag{hackergame}',
}],
)
def set_group(apps, schema_editor):
Submission = apps.get_model('submission', 'Submission')
db_alias = schema_editor.connection.alias
for obj in Submission.objects.using(db_alias).all():
obj.group = User.get(Context(elevated=True), obj.user).group
obj.save()