def resolve_team(self, info):
user = info.context.user
validate_user_is_authenticated(user)
if not user.team:
raise Exception('User has not joined a team')
return user.team
def mutate(self, info, password):
user = info.context.user
# Validate user is authenticated
validate_user_is_authenticated(user)
# validate_password(password)
user.set_password(password)
user.save()
return ChangePassword(status='User password changed')
def mutate(self, info, flag):
user = info.context.user
# Validate user is authenticated
validate_user_is_authenticated(user)
# Sanitize flag input
validate_flag(flag)
# Validate active Ctf
if Ctf.objects.filter(start__lt=timezone.now(), end__gt=timezone.now()):
correct = False
if Challenge.objects.filter(flag__iexact=flag).exists():
chal = Challenge.objects.get(flag__iexact=flag)
if chal.id not in user.team.solved.all().values_list('challenge_id', flat=True):
user.team.points += chal.points
user.team.correct_flags += 1
sc = SolvedChallenge(challenge=chal)
sc.save()
user.team.solved.add(sc)
user.team.save()
correct = True
else:
user.team.wrong_flags += 1
user.team.save()
correct = False
# Create list of solved challenges
solved = []
for sc in user.team.solved.all().order_by('timestamp'):
solved.append({'id': sc.challenge.id, 'points': sc.challenge.points,
'timestamp': format(sc.timestamp, 'U')})
# Push the realtime data to rethinkdb
connection = r.connect(host=RDB_HOST, port=RDB_PORT)
try:
r.db(CTF_DB).table('teams').filter({"sid": user.team.id}).update(
{'points': user.team.points, 'correct_flags': user.team.correct_flags, 'wrong_flags': user.team.wrong_flags, 'solved': solved}).run(connection)
if correct:
r.db(CTF_DB).table('challenges').filter({"sid": chal.id}).update(
{'solved_count': SolvedChallenge.objects.filter(challenge=chal).count()}).run(connection)
except RqlRuntimeError as e:
raise Exception(
'Error adding category to realtime database: %s' % (e))
finally:
connection.close()
if correct:
return CheckFlag(status='Correct Flag')
else:
return CheckFlag(status='Wrong Flag')
else:
#no active ctf
return CheckFlag(status='No currently active CTF')
def mutate(self, info, challenge_id):
user = info.context.user
# Validate user is authenticated
validate_user_is_authenticated(user)
# does challenge exist with passed in challenge id?
try:
chall_obj = Challenge.objects.get(id__exact=challenge_id)
except:
raise Exception('Invalid Challenge ID')
# look up container that belongs to logged in user for the associated challenge
try:
cont_obj = Container.objects.get(challenge__id__exact=challenge_id,
user__exact=user)
except:
print(
'Container does not exist for user and/or challenge. Attempt to create.'
)
# if none exists create or assign one instead of raising exception
try:
try:
assigned_cont_obj = assignContainerToUser(
challenge_id, user.id)
except:
assigned_cont_obj = newContainer(challenge_id, user.id)
print("############")
print(
"name: {0}, \nimage: {1}, \nlabels: {2}, \nshort_id: {3}, \nstatus: {4}"
.format(assigned_cont_obj.name,
assigned_cont_obj.image,
assigned_cont_obj.labels,
assigned_cont_obj.short_id,
assigned_cont_obj.status))
print("############")
except Exception as ex:
raise Exception(
'Unable to create container. Exception info: ' + str(ex))
# return CREATED container name (image_header) so header can be parsed out & return path prefix (in challenge model) as a next_hop
return GetUserContainer(
containerName=assigned_cont_obj.name,
nextHop=chall_obj.pathPrefix,
status='New Container Created for - challenge_id: ' +
str(challenge_id) + ', user: '******'Container Retrieved - challenge_id: ' +
str(challenge_id) + ', container_id: ' +
str(cont_obj.id) + ', user: ' + user.username)
def mutate(self, info, token):
# Validate username and password
user = info.context.user
validate_user_is_authenticated(user)
validate_token(token)
if not Team.objects.filter(token__iexact=token).exists():
raise Exception('Invalid team token')
team = Team.objects.get(token=token)
user.team = team
user.save()
return JoinTeam(status='Join team successful')
def resolve_me(self, info):
user = info.context.user
validate_user_is_authenticated(user)
return user