def edit_user_profile_names(): form = ProfileForm(current_user) if form.validate_on_submit(): current_user.first_name = form.first_name.data current_user.last_name = form.last_name.data current_user.display_name = form.display_name.data db.session.commit() else: flash_errors(form) return render_template('users/profile.html', user=current_user, form=form)
def team_credential_edit(credential_id): team = current_user.team credential = CheckCredentials.query.get(credential_id) if credential is None or credential.team_id != team.id: abort(401) form = PasswordChangeForm(credential) if form.validate_on_submit(): credential.change_password(form.new_password.data) db.session.commit() return redirect(url_for("credentials.team_credentials_list")) else: flash_errors(form) return render_credentials_page("credentials/edit.html", form=form, team=team, credential=credential)
def solve_flag(): form = FlagSolveForm() if form.validate_on_submit(): if has_flag(current_user.team, form.flag.data): flash('You already discovered flag \'%s\'.' % form.flag.data, category='danger') else: flag = Flag.query.filter_by(flag=form.flag.data).first() if flag is not None: current_user.team.solved_flags.append(FlagDiscovery(team=current_user.team, discovery_user=current_user, flag=flag)) db.session.commit() flash('Flag \'%s\' discovered for %s points!' % (flag.flag, flag.value), category='success') else: flash('Flag \'%s\' not found.' % form.flag.data, category='danger') else: flash_errors(form) return redirect(url_for('scoring.list_flags'))
def approve_solve(solve_id): if not current_user.team.role == Team.WHITE: abort(401) return "no." solve = InjectSolve.query.get(solve_id) if not solve: flash('No solve with that ID exists', category='danger') return redirect(url_for('scoring.list_available_injects')) form = InjectApprovalForm() if form.validate_on_submit(): solve.approve(current_user, int(form.value.data)) db.session.commit() flash('Awarded %s points to %s for solving %s' % (form.value.data, solve.team.name, solve.inject.title)) return redirect(url_for('scoring.list_available_injects')) else: flash_errors(form) form.value.data = solve.inject.value return render_inject_page('scoring/injects/approve.html', form=form, solve=solve)