def public(team_id):
infos = get_infos()
errors = get_errors()
team = Teams.query.filter_by(id=team_id, banned=False, hidden=False).first_or_404()
solves = team.get_solves()
awards = team.get_awards()
place = team.place
score = team.score
if errors:
return render_template("teams/public.html", team=team, errors=errors)
if config.is_scoreboard_frozen():
infos.append("Scoreboard has been frozen")
return render_template(
"teams/public.html",
solves=solves,
awards=awards,
team=team,
score=score,
place=place,
score_frozen=config.is_scoreboard_frozen(),
infos=infos,
errors=errors,
)
def private():
infos = get_infos()
errors = get_errors()
user = get_current_user()
if not user.team_id:
return render_template("teams/team_enrollment.html")
team_id = user.team_id
team = Teams.query.filter_by(id=team_id).first_or_404()
solves = team.get_solves()
awards = team.get_awards()
place = team.place
score = team.score
if config.is_scoreboard_frozen():
infos.append("Scoreboard has been frozen")
return render_template(
"teams/private.html",
solves=solves,
awards=awards,
user=user,
team=team,
score=score,
place=place,
score_frozen=config.is_scoreboard_frozen(),
infos=infos,
errors=errors,
)
def settings():
infos = get_infos()
user = get_current_user()
name = user.name
email = user.email
website = user.website
affiliation = user.affiliation
country = user.country
tokens = UserTokens.query.filter_by(user_id=user.id).all()
prevent_name_change = get_config("prevent_name_change")
if get_config("verify_emails") and not user.verified:
confirm_url = markup(url_for("auth.confirm"))
infos.append(
markup(
"Your email address isn't confirmed!<br>"
"Please check your email to confirm your email address.<br><br>"
f'To have the confirmation email resent please <a href="{confirm_url}">click here</a>.'
))
return render_template(
"settings.html",
name=name,
email=email,
website=website,
affiliation=affiliation,
country=country,
tokens=tokens,
prevent_name_change=prevent_name_change,
infos=infos,
)
def multi_scoreboard(sb=None):
if sb == None:
sb = 'Global'
infos = get_infos()
if config.is_scoreboard_frozen():
infos.append("Scoreboard has been frozen")
if is_admin() is True and scores_visible() is False:
infos.append("Scores are not currently visible to users")
standings = get_standings()
teams = []
scoreboards = ["Global"]
for t in Teams.query.all():
if sb == "Global" and (t.name not in teams):
teams.append(t.name)
for f in t.fields:
if f.name not in scoreboards:
scoreboards.append(f.name)
if f.name == sb and (t.name not in teams):
teams.append(t.name)
if sb not in scoreboards:
abort(404)
filtered_standings = [st for st in standings if st[2] in teams]
return render_template("multi_scoreboard.html",
standings=filtered_standings,
infos=infos,
scoreboards=scoreboards,
scoreboard=sb)
def join():
infos = get_infos()
errors = get_errors()
user = get_current_user_attrs()
if user.team_id:
errors.append("You are already in a team. You cannot join another.")
if request.method == "GET":
team_size_limit = get_config("team_size", default=0)
if team_size_limit:
plural = "" if team_size_limit == 1 else "s"
infos.append("Teams are limited to {limit} member{plural}".format(
limit=team_size_limit, plural=plural))
return render_template("teams/join_team.html",
infos=infos,
errors=errors)
if request.method == "POST":
teamname = request.form.get("name")
passphrase = request.form.get("password", "").strip()
team = Teams.query.filter_by(name=teamname).first()
if errors:
return (
render_template("teams/join_team.html",
infos=infos,
errors=errors),
403,
)
if team and verify_password(passphrase, team.password):
team_size_limit = get_config("team_size", default=0)
if team_size_limit and len(team.members) >= team_size_limit:
errors.append(
"{name} has already reached the team size limit of {limit}"
.format(name=team.name, limit=team_size_limit))
return render_template("teams/join_team.html",
infos=infos,
errors=errors)
user = get_current_user()
user.team_id = team.id
db.session.commit()
if len(team.members) == 1:
team.captain_id = user.id
db.session.commit()
clear_user_session(user_id=user.id)
clear_team_session(team_id=team.id)
return redirect(url_for("challenges.listing"))
else:
errors.append("That information is incorrect")
return render_template("teams/join_team.html",
infos=infos,
errors=errors)
def listing():
infos = get_infos()
if config.is_scoreboard_frozen():
infos.append("Scoreboard has been frozen")
standings = get_standings()
return render_template("scoreboard.html", standings=standings, infos=infos)
def scoreboard_view():
standings = get_standings()
infos = get_infos()
if is_scoreboard_frozen():
infos.append("Scoreboard has been frozen")
return render_template('scoreboard-matrix.html', standings=standings,
challenges=get_challenges())
def listing():
infos = get_infos()
if config.is_scoreboard_frozen():
infos.append("Результаты заморожены")
if is_admin() is True and scores_visible() is False:
infos.append("Результаты сейчас не отображаются для участников")
standings = get_standings()
return render_template("scoreboard.html", standings=standings, infos=infos)
def listing():
infos = get_infos()
if config.is_scoreboard_frozen():
infos.append("Scoreboard has been frozen")
if is_admin() is True and scores_visible() is False:
infos.append("Scores are not currently visible to users")
standings = get_standings()
return render_template("scoreboard.html", standings=standings, infos=infos)
def public(user_id):
infos = get_infos()
errors = get_errors()
user = Users.query.filter_by(id=user_id, banned=False, hidden=False).first_or_404()
if config.is_scoreboard_frozen():
infos.append("Scoreboard has been frozen")
return render_template(
"users/public.html", user=user, account=user.account, infos=infos, errors=errors
)
def listing():
infos = get_infos()
errors = get_errors()
if ctf_started() is False:
errors.append(f"{config.ctf_name()} ещё не начался")
if ctf_paused() is True:
infos.append(f"{config.ctf_name()} приостановлен")
if ctf_ended() is True:
infos.append(f"{config.ctf_name()} закончился")
return render_template("challenges.html", infos=infos, errors=errors)
def listing():
infos = get_infos()
errors = get_errors()
if ctf_started() is False:
errors.append(f"{config.ctf_name()} has not started yet")
if ctf_paused() is True:
infos.append(f"{config.ctf_name()} is paused")
if ctf_ended() is True:
infos.append(f"{config.ctf_name()} has ended")
return render_template("challenges.html", infos=infos, errors=errors)
def listing():
infos = get_infos()
errors = get_errors()
start = get_config("start") or 0
end = get_config("end") or 0
if ctf_paused():
infos.append("{} is paused".format(config.ctf_name()))
# CTF has ended but we want to allow view_after_ctf. Show error but let JS load challenges.
if ctf_ended() and view_after_ctf():
infos.append("{} has ended".format(config.ctf_name()))
return render_template(
"challenges.html", infos=infos, errors=errors, start=int(start), end=int(end)
)
def listing():
infos = get_infos()
if config.is_scoreboard_frozen():
infos.append("Scoreboard has been frozen")
if is_admin() is True and scores_visible() is False:
infos.append("Scores are not currently visible to users")
standings = get_standings()
standings_interne = [s for s in standings if s.fields != True]
standings_externe = [s for s in standings if s.fields == True]
return render_template("scoreboard.html",
standings_interne=standings_interne,
standings_externe=standings_externe,
infos=infos)
def private():
infos = get_infos()
errors = get_errors()
user = get_current_user()
if config.is_scoreboard_frozen():
infos.append("Scoreboard has been frozen")
return render_template(
"users/private.html",
user=user,
account=user.account,
infos=infos,
errors=errors,
)
def join():
infos = get_infos()
errors = get_errors()
if request.method == "GET":
team_size_limit = get_config("team_size", default=0)
if team_size_limit:
plural = "" if team_size_limit == 1 else "s"
infos.append(
"Команды могут содержать не больше {limit} участников".format(
limit=team_size_limit, plural=plural))
return render_template("teams/join_team.html",
infos=infos,
errors=errors)
if request.method == "POST":
teamname = request.form.get("name")
passphrase = request.form.get("password", "").strip()
team = Teams.query.filter_by(name=teamname).first()
if team and verify_password(passphrase, team.password):
team_size_limit = get_config("team_size", default=0)
if team_size_limit and len(team.members) >= team_size_limit:
errors.append(
"Команда {name} уже достигла лимит в {limit} участников".
format(name=team.name, limit=team_size_limit))
return render_template("teams/join_team.html",
infos=infos,
errors=errors)
user = get_current_user()
user.team_id = team.id
db.session.commit()
if len(team.members) == 1:
team.captain_id = user.id
db.session.commit()
clear_user_session(user_id=user.id)
clear_team_session(team_id=team.id)
return redirect(url_for("challenges.listing"))
else:
errors.append("Такая информация некорректна")
return render_template("teams/join_team.html",
infos=infos,
errors=errors)
def listing():
infos = get_infos()
errors = get_errors()
start = get_config('start') or 0
end = get_config('end') or 0
if ctf_paused():
infos.append('{} is paused'.format(config.ctf_name()))
if view_after_ctf():
infos.append('{} has ended'.format(config.ctf_name()))
return render_template('challenges.html',
infos=infos,
errors=errors,
start=int(start),
end=int(end))
def new():
infos = get_infos()
errors = get_errors()
if request.method == "GET":
team_size_limit = get_config("team_size", default=0)
if team_size_limit:
plural = "" if team_size_limit == 1 else "s"
infos.append(
"Teams are limited to {limit} member{plural}".format(
limit=team_size_limit, plural=plural
)
)
return render_template("teams/new_team.html", infos=infos, errors=errors)
elif request.method == "POST":
teamname = request.form.get("name", "").strip()
passphrase = request.form.get("password", "").strip()
errors = get_errors()
user = get_current_user()
existing_team = Teams.query.filter_by(name=teamname).first()
if existing_team:
errors.append("That team name is already taken")
if not teamname:
errors.append("That team name is invalid")
if errors:
return render_template("teams/new_team.html", errors=errors)
team = Teams(name=teamname, password=passphrase, captain_id=user.id)
db.session.add(team)
db.session.commit()
user.team_id = team.id
db.session.commit()
clear_user_session(user_id=user.id)
clear_team_session(team_id=team.id)
return redirect(url_for("challenges.listing"))
def listing():
if (Configs.challenge_visibility == ChallengeVisibilityTypes.PUBLIC
and authed() is False):
pass
else:
if is_teams_mode() and get_current_team() is None:
return redirect(url_for("teams.private", next=request.full_path))
infos = get_infos()
errors = get_errors()
if ctf_started() is False:
errors.append(f"{Configs.ctf_name} has not started yet")
if ctf_paused() is True:
infos.append(f"{Configs.ctf_name} is paused")
if ctf_ended() is True:
infos.append(f"{Configs.ctf_name} has ended")
return render_template("challenges.html", infos=infos, errors=errors)
def scoreboard_listing():
infos = get_infos()
if config.is_scoreboard_frozen():
infos.append("Scoreboard has been frozen")
if is_admin() is True and scores_visible() is False:
infos.append("Scores are not currently visible to users")
Model = get_model()
standings = get_standings(fields=[Model.email])
category_standings = get_category_standings()
return render_template(
"scoreboard.html",
standings=standings,
category_standings=category_standings,
infos=infos,
email_group_asset=email_group_asset,
)
def invite():
infos = get_infos()
errors = get_errors()
code = request.args.get("code")
if code is None:
abort(404)
user = get_current_user_attrs()
if user.team_id:
errors.append("You are already in a team. You cannot join another.")
try:
team = Teams.load_invite_code(code)
except TeamTokenExpiredException:
abort(403, description="This invite URL has expired")
except TeamTokenInvalidException:
abort(403, description="This invite URL is invalid")
team_size_limit = get_config("team_size", default=0)
if request.method == "GET":
if team_size_limit:
infos.append(
"Teams are limited to {limit} member{plural}".format(
limit=team_size_limit, plural=pluralize(number=team_size_limit)
)
)
return render_template(
"teams/invite.html", team=team, infos=infos, errors=errors
)
if request.method == "POST":
if errors:
return (
render_template(
"teams/invite.html", team=team, infos=infos, errors=errors
),
403,
)
if team_size_limit and len(team.members) >= team_size_limit:
errors.append(
"{name} has already reached the team size limit of {limit}".format(
name=team.name, limit=team_size_limit
)
)
return (
render_template(
"teams/invite.html", team=team, infos=infos, errors=errors
),
403,
)
user = get_current_user()
user.team_id = team.id
db.session.commit()
clear_user_session(user_id=user.id)
clear_team_session(team_id=team.id)
return redirect(url_for("challenges.listing"))
def new():
infos = get_infos()
errors = get_errors()
if request.method == "GET":
team_size_limit = get_config("team_size", default=0)
if team_size_limit:
plural = "" if team_size_limit == 1 else "s"
infos.append("Teams are limited to {limit} member{plural}".format(
limit=team_size_limit, plural=plural))
return render_template("teams/new_team.html",
infos=infos,
errors=errors)
elif request.method == "POST":
teamname = request.form.get("name", "").strip()
passphrase = request.form.get("password", "").strip()
errors = get_errors()
website = request.form.get("website")
affiliation = request.form.get("affiliation")
user = get_current_user()
existing_team = Teams.query.filter_by(name=teamname).first()
if existing_team:
errors.append("Такое имя команды уже занято")
if not teamname:
errors.append("Имя команды неправильное")
# Process additional user fields
fields = {}
for field in TeamFields.query.all():
fields[field.id] = field
entries = {}
for field_id, field in fields.items():
value = request.form.get(f"fields[{field_id}]", "").strip()
if field.required is True and (value is None or value == ""):
errors.append("Пожалуйста, укажите все обязательные поля")
break
# Handle special casing of existing profile fields
if field.name.lower() == "affiliation":
affiliation = value
break
elif field.name.lower() == "website":
website = value
break
if field.field_type == "boolean":
entries[field_id] = bool(value)
else:
entries[field_id] = value
if website:
valid_website = validators.validate_url(website)
else:
valid_website = True
if affiliation:
valid_affiliation = len(affiliation) < 128
else:
valid_affiliation = True
if valid_website is False:
errors.append(
"Вебсайт должен быть правильной ссылкой, начинающейся с http или https"
)
if valid_affiliation is False:
errors.append("Пожалуйста, укажите учреждение покороче")
if errors:
return render_template("teams/new_team.html", errors=errors)
team = Teams(name=teamname, password=passphrase, captain_id=user.id)
if website:
team.website = website
if affiliation:
team.affiliation = affiliation
db.session.add(team)
db.session.commit()
for field_id, value in entries.items():
entry = TeamFieldEntries(field_id=field_id,
value=value,
team_id=team.id)
db.session.add(entry)
db.session.commit()
user.team_id = team.id
db.session.commit()
clear_user_session(user_id=user.id)
clear_team_session(team_id=team.id)
return redirect(url_for("challenges.listing"))
def new():
infos = get_infos()
errors = get_errors()
if bool(get_config("team_creation", default=True)) is False:
abort(
403,
description="Team creation is currently disabled. Please join an existing team.",
)
num_teams_limit = int(get_config("num_teams", default=0))
num_teams = Teams.query.filter_by(banned=False, hidden=False).count()
if num_teams_limit and num_teams >= num_teams_limit:
abort(
403,
description=f"Reached the maximum number of teams ({num_teams_limit}). Please join an existing team.",
)
user = get_current_user_attrs()
if user.team_id:
errors.append("You are already in a team. You cannot join another.")
if request.method == "GET":
team_size_limit = get_config("team_size", default=0)
if team_size_limit:
plural = "" if team_size_limit == 1 else "s"
infos.append(
"Teams are limited to {limit} member{plural}".format(
limit=team_size_limit, plural=plural
)
)
return render_template("teams/new_team.html", infos=infos, errors=errors)
elif request.method == "POST":
teamname = request.form.get("name", "").strip()
passphrase = request.form.get("password", "").strip()
website = request.form.get("website")
affiliation = request.form.get("affiliation")
user = get_current_user()
existing_team = Teams.query.filter_by(name=teamname).first()
if existing_team:
errors.append("That team name is already taken")
if not teamname:
errors.append("That team name is invalid")
# Process additional user fields
fields = {}
for field in TeamFields.query.all():
fields[field.id] = field
entries = {}
for field_id, field in fields.items():
value = request.form.get(f"fields[{field_id}]", "").strip()
if field.required is True and (value is None or value == ""):
errors.append("Please provide all required fields")
break
# Handle special casing of existing profile fields
if field.name.lower() == "affiliation":
affiliation = value
break
elif field.name.lower() == "website":
website = value
break
if field.field_type == "boolean":
entries[field_id] = bool(value)
else:
entries[field_id] = value
if website:
valid_website = validators.validate_url(website)
else:
valid_website = True
if affiliation:
valid_affiliation = len(affiliation) < 128
else:
valid_affiliation = True
if valid_website is False:
errors.append("Websites must be a proper URL starting with http or https")
if valid_affiliation is False:
errors.append("Please provide a shorter affiliation")
if errors:
return render_template("teams/new_team.html", errors=errors), 403
team = Teams(name=teamname, password=passphrase, captain_id=user.id)
if website:
team.website = website
if affiliation:
team.affiliation = affiliation
db.session.add(team)
db.session.commit()
for field_id, value in entries.items():
entry = TeamFieldEntries(field_id=field_id, value=value, team_id=team.id)
db.session.add(entry)
db.session.commit()
user.team_id = team.id
db.session.commit()
clear_user_session(user_id=user.id)
clear_team_session(team_id=team.id)
return redirect(url_for("challenges.listing"))