def task_detail(request, pk):
if request.user.is_superuser:
event_list = TaskEvent.objects.filter(
type=int(PRACTICE_TYPE_REAL_VULN))
else:
event_list = TaskEvent.objects.filter(
type=int(PRACTICE_TYPE_REAL_VULN)).filter(
Q(share_teachers__in=[request.user.id])
| Q(create_user_id=request.user.id)).distinct()
category_list = task_models.RealVulnCategory.objects.all()
context = {'category_list': category_list, 'event_list': event_list}
pk = int(pk)
if pk == 0:
context['mode'] = 0
else:
try:
task = task_models.RealVulnTask.objects.get(pk=pk)
except task_models.RealVulnTask.DoesNotExist as e:
return default_views.Http404Page(request, e)
if task.builtin == 1:
return default_views.Http404Page(request, Exception())
context['mode'] = 1
context['task'] = PracticeExerciseTaskSerializerForEdit(task).data
return render(request, 'task_detail.html', context)
def event_detail(request, pk):
type_list = practice_types
if settings.PLATFORM_TYPE == 'OJ':
type_list = {key: type_list.get(key) for key in OJ_PRACTICE_TYPE_LIST}
context = {
'type_list': type_list,
}
pk = int(pk)
if pk == 0:
context['mode'] = 0
else:
try:
taskevent = event_models.TaskEvent.objects.get(pk=pk)
except event_models.TaskEvent.DoesNotExist as e:
return default_views.Http404Page(request, e)
context['mode'] = 1
context['event'] = TaskEventSerializer(taskevent).data
context['event_object'] = taskevent
if taskevent.builtin == 1:
return default_views.Http404Page(request, Exception())
return render(request, 'event_detail.html', context)
def env_detail(request, pk):
context = {
'DEBUG': settings.DEBUG,
'server_number_limit': EnvConfigHandler.get_terminal_number_limit(),
}
pk = int(pk)
if pk == 0:
context['mode'] = 0
else:
try:
env = env_models.Env.objects.get(pk=pk)
except env_models.Env.DoesNotExist as e:
return default_views.Http404Page(request, e)
if env.builtin == 1:
return default_views.Http404Page(request, Exception())
context['mode'] = 1
env_data = mserializers.EnvSerializer(env).data
dumped_attacker_list = json.dumps(env_data['attacker_list'])
context['env'] = env_data
context['dumped_attacker_list'] = dumped_attacker_list
server_number_limit = EnvConfigHandler.get_terminal_number_limit()
sence_terminator_tip = ugettext('x_sence_terminator_count') % {
'count': server_number_limit
}
context['sence_terminator_tip'] = sence_terminator_tip
return render(request, 'env_detail.html', context)
def exam_detail(request, **kwargs):
testpaper_id = kwargs.get('testpaper_id')
context = kwargs.get('menu')
try:
testpaper = TestPaper.objects.get(id=testpaper_id)
except Exception, e:
return default_views.Http404Page(request, e)
def task_detail(request, pk):
category_list = task_models.PracticeAttackDefenseCategory.objects.all()
if request.user.is_superuser:
event_list = TaskEvent.objects.filter(
type=int(PRACTICE_TYPE_ATTACK_DEFENSE))
else:
event_list = TaskEvent.objects.filter(
type=int(PRACTICE_TYPE_ATTACK_DEFENSE)).filter(
Q(share_teachers__in=[request.user])
| Q(create_user=request.user)).distinct()
context = {'category_list': category_list, 'event_list': event_list}
pk = int(pk)
if pk == 0:
context['mode'] = 0
else:
try:
task = task_models.PracticeAttackDefenseTask.objects.get(pk=pk)
except task_models.PracticeAttackDefenseTask.DoesNotExist as e:
return default_views.Http404Page(request, e)
context['mode'] = 1
context['task'] = PracticeAttackDefenseTaskSerializerForEdit(task).data
return render(request, 'task_detail.html', context)
def sys_notice_detail(request, pk):
if is_en(request):
ORGANIZATION = ORGANIZATION_EN
else:
ORGANIZATION = ORGANIZATION_CN
context = {
'classes_list': Classes.objects.filter(status=Status.NORMAL),
'faculty_list': Faculty.objects.filter(status=Status.NORMAL),
'groups': get_groups(),
'select': 3,
'ORGANIZATION': ORGANIZATION,
}
pk = int(pk)
if pk == 0:
context['mode'] = 0
else:
try:
sysNotice = SysNotice.objects.get(pk=pk)
except SysNotice.DoesNotExist as e:
return default_views.Http404Page(request, e)
sysNotice = mserializers.SysNoticeSerializer(sysNotice).data
context['mode'] = 1
context['sysNotice'] = sysNotice
return render(request, 'sys_notice_detail.html', context)
def env_attacker_detail(request, pk):
context = {}
pk = int(pk)
if pk == 0:
context['mode'] = 0
else:
try:
envattacker = env_models.EnvAttacker.objects.get(pk=pk)
except env_models.EnvAttacker.DoesNotExist as e:
return default_views.Http404Page(request, e)
if envattacker.builtin == 1:
return default_views.Http404Page(request, Exception())
context['mode'] = 1
context['envattacker'] = mserializers.EnvAttackerSerializer(
envattacker).data
return render(request, 'env_attacker_detail.html', context)
def event_achievement(request, pk):
context = {}
context['pk'] = pk
context["num"] = int(request.query_params["num"])
try:
event = common.get_user_event(request.user, pk)
context['event'] = event
except event_models.Event.DoesNotExist as e:
return default_views.Http404Page(request, e)
return app_render(request, 'exam_achievement.html', context)
def vuln_detail(request, pk, **kwargs):
context = kwargs.get('menu')
context['pk'] = pk
http = HttpClient(api_settings.SERVER, timeout=20)
json_data = {
'api_key': '123456',
'_id': pk,
}
url = http.murl(api_settings.DETAIL_URL)
try:
res = http.mpost(url, json=json_data)
except Exception as e:
logger.error('get vuln detail error: %s -- data[%s] server[%s]',
e.message, json_data, url)
# return default_views.Http404Page(request, e)
return default_views.Http404Page(request, Exception())
res_data = http.result(res, True)
if res.status_code != 200:
return default_views.Http404Page(request, Exception())
return render(request, 'x_vulns/web/vuln_detail.html', context)
def task_detail(request, pk, task_pk, **kwargs):
context = {}
pk = int(pk)
try:
event = common.get_user_event(request.user, pk)
except event_models.Event.DoesNotExist as e:
return default_views.Http404Page(request, e)
context['event'] = event
task_pk = int(task_pk)
if task_pk == 0:
context['mode'] = 0
else:
try:
task = event_models.EventTask.objects.get(pk=task_pk)
except event_models.EventTask.DoesNotExist as e:
return default_views.Http404Page(request, e)
context['task'] = task
return app_render(request, 'task_detail.html', context)
def review(request, pk, **kwargs):
context = kwargs.get('menu')
if is_en(request):
ORGANIZATION = ORGANIZATION_EN
else:
ORGANIZATION = ORGANIZATION_CN
try:
exam = event_models.Event.objects.get(pk=pk)
######
# score = event_models.Score.objects.get(pk=pk)
######
except Exception, e:
return default_views.Http404Page(request, e)
def detail(request, pk, **kwargs):
context = kwargs.get('menu')
if is_en(request):
ORGANIZATION = ORGANIZATION_EN
else:
ORGANIZATION = ORGANIZATION_CN
try:
exam = event_models.Event.objects.get(pk=pk)
ua.event_exam(request.user, testpaper=exam.name)
######
# score = event_models.Score.objects.get(pk=pk)
######
except Exception, e:
return default_views.Http404Page(request, e)
def standard_device_detail(request, pk):
context = {
'DEBUG': settings.DEBUG,
'image_ftp_address': settings.SERVER_INTERNET_IP,
'image_ftp_port': scene_api_settings.COMPLEX_MISC['ftp_proxy_port'],
'disk_format_info': api_settings.DISK_FORMAT_INFO,
'disk_controller_info': api_settings.DISK_CONTROLLER_INFO,
'virtual_network_interface_device_info':
api_settings.VIRTUAL_NETWORK_INTERFACE_DEVICE_INFO,
'video_image_driver_info': api_settings.VIDEO_IMAGE_DRIVER_INFO,
}
pk = int(pk)
if pk == 0:
context['mode'] = 0
else:
try:
standard_device = env_models.StandardDevice.objects.get(pk=pk)
except env_models.StandardDevice.DoesNotExist as e:
return default_views.Http404Page(request, e)
if standard_device.builtin == 1:
return default_views.Http404Page(request, Exception())
context['mode'] = 1
context['standard_device'] = mserializers.StandardDeviceSerializer(
standard_device).data
default_logos = []
for logo_name in os.listdir(api_settings.FULL_DEFAULT_DEVICE_LOGO_DIR):
default_logos.append(
(logo_name,
os.path.join(settings.MEDIA_URL,
api_settings.DEFAULT_DEVICE_LOGO_DIR, logo_name)))
context['default_logos'] = default_logos
return render(request, 'standard_device_detail.html', context)
def team_detail(request, pk):
context = {}
if int(pk) == 0:
context['mode'] = 0
user = User.objects.filter(team=None).exclude(status=User.USER.DELETE)
context['users'] = user
else:
try:
team = auth_model.Team.objects.get(pk=pk)
except auth_model.Team.DoesNotExist as e:
return default_views.Http404Page(request, e)
context['team'] = m_serializers.TeamSerializer(team).data
team_user = auth_model.TeamUser.objects.filter(team=team, status=TeamUserStatus.JOIN)
context['team_user'] = m_serializers.TeamUserSerializer(team_user, many=True).data
context['mode'] = 1
return render(request, 'team_detail.html', context)
def tool_detail(request, tool_id):
tool = Tool.objects.get(id=tool_id)
knowledges_list = None
if tool is None or tool.builtin == 1:
return default_views.Http404Page(request, Exception())
if tool.knowledges:
knowledges_list = tool.knowledges.split(",")
categories = ToolCategory.objects.all()
return render(request, 'x_tools/cms/tool_detail.html', {
"tool": tool,
"categories": categories,
"knowledges_list": knowledges_list
})
def down_zip(self, request, pk):
update = cloud_models.UpdateInfo.objects.get(id=pk)
data = RequestData(self.request, is_query=True)
depart = data.get('department', str)
if depart is None or len(depart) == 0:
return default_views.Http404Page(request, Exception())
departments = depart.split(",")
encrypt_file_list = []
for department in departments:
department = cloud_models.Department.objects.get(id=department)
# 查找有没有加密过的更新包
encrypt_path = update.zip.path + "_%s.%s" % (department.name,
'encrypt')
if not os.path.exists(encrypt_path):
x_rsa.x_encrypt(
update.zip.path, encrypt_path,
os.path.join(settings.BASE_DIR, "media", "key", "lic",
"key_pub.pem"))
encrypt_file_list.append(encrypt_path)
encrypt_path = encrypt_file_list[0]
file_name = ""
if len(encrypt_file_list) > 1:
# zip压缩一下
encrypt_path = "/tmp/%s.zip" % str(uuid.uuid4())
z = ZFile(encrypt_path, 'w')
for efile in encrypt_file_list:
z.addfile(efile, efile[efile.rfind('/') + 1:])
z.close()
file_name = "%s.zip" % depart
else:
file_name = "%s.encrypt" % department.name.encode("utf-8")
response = StreamingHttpResponse(file_iterator(encrypt_path))
response['Content-Type'] = 'application/octet-stream'
response['Content-Disposition'] = 'attachment;filename="{0}"'.format(
file_name)
return response
def course_detail(request, course_id):
context = {
'mode':
1,
'directions':
course_model.Direction.objects.filter(parent__isnull=True).filter(
status=Status.NORMAL)
}
course_id = int(course_id)
if course_id == 0:
context['mode'] = 0
else:
context['course'] = course_model.Course.objects.get(id=course_id)
if context['course'].builtin == 1:
return default_views.Http404Page(request, Exception())
context['difficulty'] = get_difficulty()
return render(request, 'course/cms/course_detail.html', context)
def group_detail(request, pk):
permissions = Permission.objects.all()
permissions = m_serializers.PermissionSerializer(permissions, many=True).data
groups = itertools.groupby(permissions, lambda x: x['content_type'])
permissions = []
for m, n in groups:
permissions.append(list(n))
max_group_length = max(map(lambda x: len(x), permissions))
context = {
'permission_col_range': range(max_group_length),
'permissions': permissions,
}
try:
group = Group.objects.get(pk=pk)
except Group.DoesNotExist as e:
return default_views.Http404Page(request, e)
context['group'] = m_serializers.GroupSerializer(group).data
return render(request, 'group_detail.html', context)
def user_audit(request, pk):
if is_en(request):
ORGANIZATION = ORGANIZATION_EN
else:
ORGANIZATION = ORGANIZATION_CN
product_type = get_product_type()
faculty_list = Faculty.objects.all()
major_list = Major.objects.all()
classes_list = Classes.objects.all()
group_list = Group.objects.all()
for g in group_list:
g.name = _(g.name)
context = {
'product_type': product_type,
'faculty_list': faculty_list,
'major_list': major_list,
'classes_list': classes_list,
'group_list': group_list,
'ORGANIZATION': ORGANIZATION,
}
if int(pk) == 0:
context['mode'] = 0
else:
try:
user = auth_model.User.objects.get(pk=pk)
context['user'] = user
context['majorId'] = user.major_id if user.major_id else -1
context['classesId'] = user.classes_id if user.classes_id else -1
if context['majorId'] != -1:
context['major'] = Major.objects.filter(id=user.major_id).first().name
if context['classesId'] != -1:
context['classes'] = Classes.objects.filter(id=user.classes_id).first().name
except auth_model.User.DoesNotExist as e:
return default_views.Http404Page(request, e)
context['mode'] = 1
context['userinfo'] = m_serializers.UserSerializer(user).data
return render(request, 'audit_detail.html', context)
def exam_detail(request, pk, **kwargs):
context = {}
teachers = User.objects.filter(groups__id=GroupType.TEACHER).exclude(
Q(id=request.user.id) | Q(status=0))
context['teachers'] = teachers
pk = int(pk)
if pk == 0:
context['mode'] = 0
else:
try:
event = common.get_user_event(request.user, pk)
except event_models.Event.DoesNotExist as e:
return default_views.Http404Page(request, e)
context['mode'] = 1
context['event'] = event
######################################################
# totalEvent = event_models.Event.objects.all()
# context['totalEvent'] = totalEvent
######################################################
return app_render(request, 'exam_detail.html', context)
def user_detail(request, pk):
def check_authority(user, allow_self=False):
operate_user = request.user
if user.id == operate_user.id:
return True if allow_self else False
if user.groups.filter(id=GroupType.ADMIN) or user.is_superuser:
return False
else:
if user.groups.filter(id=GroupType.TEACHER):
return True if operate_user.is_superuser or operate_user.groups.filter(id=GroupType.ADMIN) else False
if user.groups.filter(id=GroupType.USER):
return True if not operate_user.groups.filter(id=GroupType.USER) else False
return False
if is_en(request):
ORGANIZATION = ORGANIZATION_EN
else:
ORGANIZATION = ORGANIZATION_CN
product_type = get_product_type()
faculty_list = Faculty.objects.all()
major_list = Major.objects.all()
classes_list = Classes.objects.all()
edit_user = request.user
# 如果操作人是超级管理员
if edit_user.is_superuser:
group_list = Group.objects.all()
# 如果管理员操作自己
elif edit_user.id == int(pk) and edit_user.groups.filter(id=GroupType.ADMIN):
group_list = Group.objects.all()
# 如果操作人是教员
elif edit_user.is_staff:
ids = [2, 3]
group_list = Group.objects.all().filter(id__in=ids)
# 如果操作人是学员
else:
ids = [3]
group_list = Group.objects.all().filter(id__in=ids)
# fan yi
for g in group_list:
g.name = _(g.name)
context = {
'product_type': product_type,
'faculty_list': faculty_list,
'major_list': major_list,
'classes_list': classes_list,
'group_list': group_list,
'ORGANIZATION': ORGANIZATION,
}
if int(pk) == 0:
# 如果是新增
context['mode'] = 0
context['default_group'] = _('x_student')
else:
try:
user = auth_model.User.objects.get(pk=pk)
if user.status == 0:
return default_views.Http404Page(request, '')
if not check_authority(user, True):
return default_views.Http404Page(request, '')
context['user'] = user
context['majorId'] = user.major_id if user.major_id else -1
context['classesId'] = user.classes_id if user.classes_id else -1
if context['majorId'] != -1:
context['major'] = Major.objects.filter(id=user.major_id).first().name
if context['classesId'] != -1:
context['classes'] = Classes.objects.filter(id=user.classes_id).first().name
except auth_model.User.DoesNotExist as e:
return default_views.Http404Page(request, e)
context['mode'] = 1
user_info = m_serializers.UserSerializer(user).data
user_info['group_name'] = _(user_info['group_name'])
context['userinfo'] = user_info
return render(request, 'user_detail.html', context)
def event_report_score(request, pk):
if is_en(request):
ORGANIZATION = ORGANIZATION_EN
else:
ORGANIZATION = ORGANIZATION_CN
context = {}
context['pk'] = pk
context['ORGANIZATION'] = ORGANIZATION
try:
event = common.get_user_event(request.user, pk)
context['event'] = event
taskArrary = event_models.EventTask.objects.filter(event=pk)
all_score = 0
all_count = 0
for t in taskArrary:
all_count += 1
all_score = all_score + t.task_score
context['all_score'] = all_score
context['all_count'] = all_count
# 获取授权的班级,年级,院系
auth_class_list = event.auth_classes.all()
auth_major = []
auth_faculty = []
auth_class = []
process = []
# is authority
process = [{
'id': 0,
'status': _("x_answering")
}, {
'id': 1,
'status': _("x_submit_over")
}]
if len(auth_class_list) == 0:
auth_class_list = Classes.objects.all()
for classes in auth_class_list:
auth_class.append(classes)
major_dict = {
'name': classes.major_name(),
'id': classes.major_id,
'parent_id': classes.major.faculty_id,
}
faculty_dict = {
'name': classes.faculty_name(),
'id': classes.faculty(),
}
if not auth_major.__contains__(major_dict):
auth_major.append(major_dict)
if not auth_faculty.__contains__(faculty_dict):
auth_faculty.append(faculty_dict)
context['process'] = process
context['classes'] = auth_class
context['majors'] = auth_major
context['facultys'] = auth_faculty
except event_models.Event.DoesNotExist as e:
return default_views.Http404Page(request, e)
return app_render(request, 'exam_result_list.html', context)
def outputResult(request, pk):
context = {}
context['pk'] = pk
try:
event = common.get_user_event(request.user, pk)
context['event'] = event
task_arrary = event_models.EventTask.objects.filter(event=pk)
all_score = 0
all_count = 0
for t in task_arrary:
all_count += 1
all_score = all_score + t.task_score
context['all_score'] = all_score
context['all_count'] = all_count
except event_models.Event.DoesNotExist as e:
return default_views.Http404Page(request, e)
events = event_models.Event.objects.get(pk=pk)
eventset = SubmitRecord.objects.filter(event=events)
queryset = eventset.values('user__id').annotate(
obj_id=F('user__id'),
obj_name=F('user__first_name'),
obj_username=F('user__username'))
write_up_list = []
tash_list = []
# for task in task_arrary:
# task_hash = str(task.task_hash)
#
# write_up_di_lict = Note.objects.filter(resource=task_hash)
# tash_list.append(task_hash)
# write_up_list.append(write_up_di_lict)
queryset = queryset.annotate(
start_time=Min('submit_time'),
sum_score=Sum('score'),
submit_time=Max('submit_time'),
).order_by('-sum_score', 'submit_time')
for qs in queryset:
note = Note.objects.filter(resource=events.hash,
user_id=qs['obj_id']).first()
wr_score = qs['sum_score']
if note:
qs['sum_score'] = wr_score + note.score
qs['writeup_score'] = note.score
wb = xlwt.Workbook(encoding='utf-8')
sheet = wb.add_sheet('考试结果')
pattern = xlwt.Pattern() # Create the Pattern
pattern.pattern = xlwt.Pattern.SOLID_PATTERN # May be: NO_PATTERN, SOLID_PATTERN, or 0x00 through 0x12
pattern.pattern_fore_colour = 5 # 0 = Black, 1 = White, 2 = Red, 3 = Green, 4 = Blue, 5 = YelloW
borders = xlwt.Borders() # Create Borders
borders.left = xlwt.Borders.THIN # NO_LINE, THIN, MEDIUM, DASHED, DOTTED, THICK, DOUBLE,
borders.right = xlwt.Borders.THIN
borders.top = xlwt.Borders.THIN
borders.bottom = xlwt.Borders.THIN
style_border = xlwt.XFStyle() # Create Style
style_border_color = xlwt.XFStyle()
style_border.borders = borders # Add Borders to Style
style_border_color.borders = borders
style_border_color.pattern = pattern
sheet = excelHead(sheet, context, style_border, style_border_color)
sheet = excelContent(sheet, queryset, style_border)
wb.save('report.xls')
sio = StringIO.StringIO()
wb.save(sio)
sio.seek(0)
response = HttpResponse(sio.getvalue(),
content_type='application/vnd.ms-excel')
response['Content-Disposition'] = 'attachment; filename=report.xls'
response.write(sio.getvalue())
return response
