def regen_all(cls, context): """重算所有缓存,只有通过命令行提权后才能调用""" User.test_permission(context) for obj in models.Submission.objects.all(): try: obj.group = User.get(context, obj.user).group obj.save() except NotFound: pass for obj in models.FlagClear.objects.all(): try: user = User.get(context, obj.user) obj.group = user.group challenge = Challenge.get(context, obj.challenge) if obj.flag not in range(len(challenge.flags)): raise NotFound obj.save() except NotFound: obj.delete() for challenge in Challenge.get_all(context): cls._regen_challenge_clear(challenge) models.ChallengeFirst.objects.all().delete() models.FlagFirst.objects.all().delete() cls._refill_first() cls._regen_score()
def post(self, request): try: kwargs = json.loads(request.body) kwargs = {k: kwargs[k] for k in kwargs if k in User.update_fields} user = User.get(Context.from_request(request), request.user.pk) user.update(**kwargs) return JsonResponse({}) except WrongFormat as e: return JsonResponse({'error': e.json}, status=400)
def _add_user(cls, user): from .expr_flags import expr_flag if models.User.objects.filter(user=user).exists(): return False token = User.get(Context(elevated=True), user).token for expr_obj in models.Expr.objects.values('expr').distinct(): models.ExprFlag.objects.create( expr=expr_obj['expr'], user=user, flag=expr_flag(expr_obj['expr'], token), ) return True
def _add_expr(cls, expr): from .expr_flags import expr_flag if models.Expr.objects.filter(expr=expr).exists(): return False for user_obj in models.User.objects.all(): token = User.get(Context(elevated=True), user_obj.user).token models.ExprFlag.objects.create( expr=expr, user=user_obj.user, flag=expr_flag(expr, token), ) return True
def post(self, request): if not self.check(): return redirect('hub') eligible = request.POST['eligible'] if eligible == 'yes': UstcEligible.objects.create(user=request.user, eligible=True) user = User.get( Context.from_request(request).copy(elevated=True), request.user.pk) user.update(group='ustc') elif eligible == 'no': UstcEligible.objects.create(user=request.user, eligible=False) return redirect('hub')
def frontend(request): return { 'page': Page.get(), 'user_': (User.get(Context.from_request(request), request.user.pk) if request.user.is_authenticated else None), 'groups': User.groups, 'debug': settings.DEBUG, 'no_board_groups': User.no_board_groups, }
def get(self, request): if request.user.is_authenticated: if Account.objects.filter(provider='ustc', user=request.user).exists(): try: request.user.ustceligible except UstcEligible.DoesNotExist: return redirect('ustcprofile') context = Context.from_request(request) try: challenges = Challenge.get_enabled(context) challenges = {'value': [obj.json for obj in challenges]} except ProfileRequired as e: messages.info(request, e.message) return redirect('profile') except TermsRequired as e: messages.info(request, e.message) return redirect('terms') except Error as e: challenges = {'error': e.json} try: announcement = Announcement.get_latest(context).json except NotFound: announcement = None if request.user.is_authenticated: user = User.get(context, request.user.pk) if user.group == 'other': ranking = Submission.get_user_ranking(context, request.user.pk) else: ranking = Submission.get_user_ranking(context, request.user.pk, group=user.group) else: ranking = {} return TemplateResponse( request, 'hub.html', { 'announcement': announcement, 'challenges': challenges, 'progress': Submission.get_user_progress( context, request.user.pk), 'ranking': ranking, 'clear_count': Submission.get_clear_count(context), })
def submit(cls, context, user, challenge, text): if context.user.pk != user: User.test_permission(context) if len(text) > 200: raise WrongFormat('Flag 不应超过 200 个字符') user = User.get(context, user) challenge = Challenge.get(context, challenge) try: latest = (models.Submission.objects.filter( user=user.pk, challenge=challenge.pk).latest('time')) except models.Submission.DoesNotExist: pass else: if latest.time + timedelta(seconds=10) > context.time: raise SlowDown('提交过于频繁,请 10 秒后再试') obj = models.Submission.objects.create( user=user.pk, group=user.group, challenge=challenge.pk, text=text, time=context.time, ) matches, violations = challenge.check_flag_with_violations(text) queryset = models.FlagClear.objects.filter(user=user.pk, challenge=challenge.pk) flags = {i.flag for i in queryset} match_flags = {i['index'] for i in matches} for flag in match_flags - flags: models.FlagClear.objects.create( submission=obj, user=user.pk, group=user.group, challenge=challenge.pk, flag=flag, time=context.time, ) if user.group not in User.no_score_groups: models.FlagFirst.objects.get_or_create( challenge=challenge.pk, flag=flag, group=None, defaults={ 'user': user.pk, 'time': context.time }, ) models.FlagFirst.objects.get_or_create( challenge=challenge.pk, flag=flag, group=user.group, defaults={ 'user': user.pk, 'time': context.time }, ) for f, u in violations: models.FlagViolation.objects.create( submission=obj, violation_flag=f['index'], violation_user=u, ) if match_flags - flags: if (flags | match_flags).issuperset(range(len(challenge.flags))): models.ChallengeClear.objects.create( user=user.pk, group=user.group, challenge=challenge.pk, time=context.time, ) if user.group not in User.no_score_groups: models.ChallengeFirst.objects.get_or_create( challenge=challenge.pk, group=None, defaults={ 'user': user.pk, 'time': context.time }, ) models.ChallengeFirst.objects.get_or_create( challenge=challenge.pk, group=user.group, defaults={ 'user': user.pk, 'time': context.time }, ) score = sum(i['score'] for i in matches if i['index'] not in flags) cls._add_score(user.pk, user.group, context.time, score, challenge.category) return matches
def do_save(self, context, pk, **kwargs): kwargs = {k: kwargs[k] for k in kwargs if k in User.update_fields} return User.get(context, pk).update(**kwargs)
def do_get(self, context, pk): return User.get(context, pk).json
def handle(self, fake_complex_challenges, fake_simple_challenges, fake_users, fake_submissions, game_started_seconds, **options): root = User.create( Context(elevated=True), group='other', nickname='root', ).user root.is_staff = True root.is_superuser = True root.save() root.refresh_from_db() Account.objects.create(provider='debug', identity='root', user=root) c1 = Challenge.create( Context(root), name='签到题', category='checkin', detail='签到题描述', url='https://example.com/{token}', prompt='flag{hackergame}', index=-100, enabled=True, flags=[{ 'name': '', 'score': 10, 'type': 'text', 'flag': 'flag{hackergame}', }], ) Submission.submit(Context(root), root.pk, c1.pk, 'flag{hackergame}') for i in range(1, fake_complex_challenges + 1): Challenge.create( Context(root), name=f'复杂题 {i}', category='complex', detail='<code>flag{FLAG_INDEX}</code> 或 ' '<code>flag{FLAG_INDEX:USER_ID}</code>', url='', prompt='flag{...}', index=random.randrange(100), enabled=random.choice((False, True, True, True, True)), flags=[{ 'name': f'flag {j}', 'score': random.randrange(100), 'type': ('expr', 'text')[j % 2], 'flag': ("f'flag{{%s:{token.partition(\":\")[0]}}}'" % j, f'flag{{{j}}}')[j % 2], } for j in range(random.randrange(1, 4))], ) for i in range(1, fake_simple_challenges + 1): Challenge.create( Context(root), name=f'简单题 {i}', category='simple', detail='', url='', prompt=('flag{0}', 'flag{0:USER_ID}')[i % 2], index=random.randrange(100), enabled=random.choice((False, True, True, True, True)), flags=[{ 'name': '', 'score': random.randrange(100), 'type': ('text', 'expr')[i % 2], 'flag': ('flag{0}', "'flag{0:'+token.partition(':')[0]+'}'")[i % 2], }], ) terms = Terms.create(Context(root), name='条款', content='1 2 3 ...', enabled=True) now = timezone.now() timestamps = [] for i in range(fake_submissions): delta = random.randrange(game_started_seconds) timestamps.append(now - timezone.timedelta(seconds=delta)) timestamps.sort() Trigger.create(Context(root), time=min(timestamps), state=True) groups = list(set(User.groups.keys()) - {'staff', 'banned'}) for i in range(fake_users): print('user', i, end='\r') u = User.create( Context(elevated=True), group=random.choice(groups), nickname='用户 ' * 8 + str(i), name='姓名', sno='PB11111111', tel='123456789', email='*****@*****.**', gender=random.choice(('female', 'male')), qq='12345', school='foo', grade='1', ) Terms.get(Context(u.user), terms.pk).agree(u.pk) Account.objects.create(provider='debug', identity=f'{i}', user=u.user) users = [i.pk for i in User.get_all(Context(root))] challenges = [i.pk for i in Challenge.get_all(Context(root))] for i in range(fake_submissions): print('submission', i, end='\r') try: u = random.choice(users) c = random.choice(challenges) fs = len(Challenge.get(Context(root), c).flags) Submission.submit( Context( User.get(Context(root), u).user, timestamps[i] ), u, c, f'flag{{{random.choice(range(fs))}:{u}}}' ) Submission.submit( Context( User.get(Context(root), u).user, timestamps[i] + timezone.timedelta(seconds=20) ), u, c, f'flag{{{random.choice(range(fs))}}}' ) except (NotFound, SlowDown): pass Challenge.create( Context(root), name='难题', category='hard', detail='难题描述', url='https://example.com/{token}', prompt='flag{hackergame}', index=100, enabled=True, flags=[{ 'name': '', 'score': 100, 'type': 'text', 'flag': 'flag{hackergame}', }], )
def set_group(apps, schema_editor): Submission = apps.get_model('submission', 'Submission') db_alias = schema_editor.connection.alias for obj in Submission.objects.using(db_alias).all(): obj.group = User.get(Context(elevated=True), obj.user).group obj.save()