def submit_flag(challenge: Challenge, event: Event):
"""Submit a flag for a given challenge"""
body = flask_rebar.get_validated_body()
submitted_flag = body["flag"]
team = current_user.get_team()
if team is None:
raise errors.NotFound(f'Current user has no team.')
if event.id != team.event_id:
raise errors.UnprocessableEntity(
f'Team "{team.name}" and challenge "{challenge.id}" are not part of the same event')
submission = Submission(team_id=team.id, challenge_id=challenge.id, input=submitted_flag)
flags = Flag.query.filter_by(challenge_id=challenge.id).all()
is_correct = any(validate_flag(x, submitted_flag) for x in flags)
submission.is_correct = is_correct
DB.session.add(submission)
DB.session.commit()
return {'correct': is_correct}
def get_listings():
body = rebar.validated_body
listings = _get_listings_by_seller(body['seller_id'])
if not listings:
raise errors.NotFound(msg=ResponseMessages.USER_HAS_NO_LISTINGS)
return listings
def create_category(current_admin: Administrator):
"""Add a category """
body = flask_rebar.get_validated_body()
name = body["name"]
event_id = body["event_id"]
event = Event.query.filter_by(id=event_id).first()
if event is None:
raise errors.NotFound(f'Event with id "{event_id}" not found.')
if not current_admin.is_admin_of_event(event_id):
raise errors.Unauthorized(
"You do not have the permission to administer this event.")
category = Category.query.filter_by(name=name, event_id=event_id).first()
if category is not None:
raise errors.UnprocessableEntity(
"A category with that name already exists")
category = Category(name=name, event_id=event_id)
DB.session.add(category)
DB.session.commit()
return category
def validate_and_get_current_event(event_id: int):
"""
Check if event with id event_id exists and that the event is visible. If not, return a 404 error.
"""
event = Event.query.filter_by(id=event_id).first()
if event is None or not event.is_visible:
raise errors.NotFound(f"Event with ID {event_id} not found.")
return event
def delete_account(account_id: UUID):
account = Account.query.filter_by(id=account_id).first()
if account is None:
raise errors.NotFound()
db.session.delete(account)
db.session.commit()
return "", 204
def get_user(user_id: int):
"""Get a user's info by its id"""
user = User.query.filter_by(id=user_id).first()
if user is None:
raise errors.NotFound()
return user
def get_job(job_id: UUID) -> Tuple[JobModel, int]:
domain = flask_rebar.get_validated_headers()["domain"]
try:
job = JobModel.get(domain, str(job_id))
except DoesNotExist:
raise errors.NotFound(f"Job {job_id} not found.")
return job, 200
def replace_account(account_id: UUID):
body = flask_rebar.get_validated_body()
account = Account.query.filter_by(id=account_id).update(body)
if account is None:
raise errors.NotFound()
db.session.commit()
return "", 204
def get_admin_event(current_admin: Administrator, event_id: int):
"""Get all the events"""
# pylint: disable=unused-argument
event = Event.query.filter_by(id=event_id).first()
if event is None:
raise errors.NotFound(f"Event with ID {event_id} does not exist.")
return event
def wrapper(*args, **kwargs):
if 'challenge_id' not in kwargs:
raise errors.BadRequest('The request requires a challenge ID')
challenge = Challenge.query.filter_by(id=kwargs['challenge_id']).first()
if challenge is None:
raise errors.NotFound(f'The challenge with id {kwargs["challenge_id"]} was not found')
event = Event.query.filter_by(id=challenge.category.event_id).first()
if event is None or not event.is_visible:
raise errors.NotFound(f"Event with ID {event.id} not found.")
check_open_event(event)
kwargs['challenge'] = challenge
kwargs['event'] = event
del kwargs['challenge_id']
return func(*args, **kwargs)
def get_author_by_name(author_name: str):
authors = author_service.get_by_name(author_name)
if not authors:
logging.error("Author is not found for [author_name=%s]", author_name)
raise errors.NotFound(
msg="Author is not found for [name={}]".format(author_name),
additional_data={
'timestamp': datetime.now().strftime("%Y-%m-%d %H:%M:%S")
})
return authors
def update_author(author_id: int):
body = flask_rebar.get_validated_body()
author = author_service.update(author_id, body)
if author is None:
logging.error("Author is not found for [author_id=%s]", author_id)
raise errors.NotFound(
msg="Author is not found for [author_id={}]".format(author_id),
additional_data={
'timestamp': datetime.now().strftime("%Y-%m-%d %H:%M:%S")
})
return author, 200
def update_todo(todo_id):
global todo_database
if todo_id not in todo_database:
raise errors.NotFound()
params = rebar.validated_body
todo_database[todo_id].update(params)
todo = todo_database[todo_id]
return todo
def get_author_by_id(author_id: int):
author = author_service.get_by_id(author_id)
if author is None:
logging.error("Author is not found for [author_id=%s]", author_id)
raise errors.NotFound(
msg="Author is not found for [author_id={}]".format(author_id),
additional_data={
'timestamp': datetime.now().strftime("%Y-%m-%d %H:%M:%S")
})
return author
def get_admin_categories(current_admin: Administrator, event_id: int):
"""Get all the categories for a given event"""
# pylint: disable=unused-argument
event = Event.query.filter_by(id=event_id).first()
if event is None:
raise errors.NotFound(f'Event with id "{event_id}" not found.')
categories = Category.query.filter_by(event_id=event_id).all()
return categories
def delete_event(current_admin: Administrator, event_id: int):
"""Delete an event"""
# pylint: disable=unused-argument
event = Event.query.filter_by(id=event_id).first()
if event is None:
raise errors.NotFound(f'Event with id "{event_id}" not found.')
DB.session.delete(event)
DB.session.commit()
return ""
def delete_game():
body = rebar.validated_body
game = _get_game(body['id'])
if not game:
raise errors.NotFound(msg=ResponseMessages.GAME_DOESNT_EXIST)
# Will return true if successful
if not _delete_game(body['id']):
raise errors.InternalError(msg=ResponseMessages.COULDNT_DELETE_GAME)
return "", 204
def delete_user():
body = rebar.validated_body
user = _get_user(body['id'])
if not user:
raise errors.NotFound(msg=ResponseMessages.USER_DOESNT_EXIST)
# Will return true if successful
if not _delete_user(body['id']):
raise errors.InternalError(msg=ResponseMessages.COULDNT_DELETE_USER)
return "", 204
def modify_listing(listing_id):
body = rebar.validated_body
listing = _get_listing(listing_id)
if not listing:
raise errors.NotFound(msg=ResponseMessages.LISTING_DOESNT_EXIST)
seller_id = str(listing.seller_id)
if seller_id != get_jwt_identity():
raise errors.Unauthorized(msg=ResponseMessages.LISTING_UNAUTHORIZED)
return _modify_listing(listing, body)
def delete_listing():
body = rebar.validated_body
listing = _get_listing(body['id'])
if not listing:
raise errors.NotFound(msg=ResponseMessages.LISTING_DOESNT_EXIST)
# Will return true if successful
if not _delete_listing(body['id']):
raise errors.InternalError(msg=ResponseMessages.COULDNT_DELETE_LISTING)
return "", 204
def delete_shipment():
body = rebar.validated_body
shipment = _get_shipment(body['id'])
if not shipment:
raise errors.NotFound(msg=ResponseMessages.SHIPMENT_DOESNT_EXIST)
# Will return true if successful
if not _delete_shipment(body['id']):
raise errors.InternalError(
msg=ResponseMessages.COULDNT_DELETE_SHIPMENT)
return "", 204
def get_admin_challenges_for_event(current_admin: Administrator,
event_id: int):
"""Get all the challenges for a given event"""
# pylint: disable=unused-argument
event = Event.query.filter_by(id=event_id).first()
if event is None:
raise errors.NotFound(f'Event with id "{event_id}" not found.')
challenges = Challenge.query.join(Category)\
.filter_by(event_id=event_id)\
.order_by(Challenge.id) \
.all()
return challenges
def get_admin_challenge(current_admin: Administrator, challenge_id: int):
"""Get a single challenge by its id"""
challenge = Challenge.query.filter_by(id=challenge_id) \
.join(Challenge.category) \
.join(Challenge.flags) \
.first()
# TODOMAX : Add tags
# TODOMAX : Add files
# TODOMAX : Add links
if challenge is None:
raise errors.NotFound(f'Challenge with id "{challenge_id}" not found.')
if not current_admin.is_admin_of_event(challenge.category.event_id):
raise errors.Unauthorized(
"You do not have the permission to administer this challenge.")
return challenge
def delete_document(doc_id: str):
###
# Delete a document by doc_id
##
errors = []
rc = 204
# Get the document from the store by ID
doc = Document.query.get(doc_id)
if not doc:
# Create a new doc
raise err.NotFound(f"Document with doc_id {doc_id} was not found")
db.session.delete(doc)
db.session.commit()
return {
'errors': errors,
}, rc
def edit_event(current_admin: Administrator, event_id: int):
"""Edit an new event"""
# pylint: disable=unused-argument
body = flask_rebar.get_validated_body()
name = body["name"]
teams = body["teams"]
is_open = body["is_open"]
is_visible = body["is_visible"]
front_page = body["front_page"] if "front_page" in body else ""
flag_format = body["flag_format"] if "flag_format" in body else ""
editable_event = Event.query.filter_by(id=event_id).first()
if editable_event is None:
raise errors.NotFound(f'Event with id "{event_id}" not found.')
if name != editable_event.name:
if not name:
raise errors.UnprocessableEntity("Name must not be empty.")
event = Event.query.filter_by(name=name).first()
if event is not None:
raise errors.UnprocessableEntity(
"An event with that name already exists.")
editable_event.name = name
editable_event.front_page = front_page
editable_event.flag_format = flag_format
editable_event.is_open = is_open
editable_event.is_visible = is_visible
editable_event.teams = teams
DB.session.commit()
return editable_event
def get_game(game_id):
game = _get_game(game_id)
if not game:
raise errors.NotFound(msg=ResponseMessages.GAME_DOESNT_EXIST)
return game
def get_listing(listing_id):
listing = _get_listing(listing_id)
if not listing:
raise errors.NotFound(msg=ResponseMessages.LISTING_DOESNT_EXIST)
return listing
def get_account(account_id: UUID):
account = Account.query.filter_by(id=account_id).first()
if account is None:
raise errors.NotFound()
return account
def get_shipment(shipment_id):
shipment = _get_shipment(shipment_id)
if not shipment:
raise errors.NotFound(msg=ResponseMessages.SHIPMENT_DOESNT_EXIST)
return shipment
def get_user(user_id):
user = _get_user(user_id)
if not user:
raise errors.NotFound(msg=ResponseMessages.USER_DOESNT_EXIST)
return user
