def wrapped(*args, **kwargs): client = args[1] admin = False for net in config_get_list("server", "admin_net"): if ipaddr.IPAddress(client['client_address']) \ in ipaddr.IPNetwork(net): admin = True break if not admin: logging.info("Unauthorized admin request from '%s'" % client['client_address']) raise AskgodException("You are not an admin!") return fn(*args, **kwargs)
def notify_flag(teamid, code, value, tags): notify_servers = config_get_list("server", "notify_servers", []) notify_scripts = config_get_list("server", "notify_scripts", []) data = {'teamid': teamid, 'code': code, 'value': value, 'tags': tags} json_data = json.dumps(data) old_timeout = socket.getdefaulttimeout() socket.setdefaulttimeout(3) for server in notify_servers: try: address = socket.getaddrinfo(server, 5000)[0][4] sock = socket.socket(socket.AF_INET6, socket.SOCK_STREAM) sock.connect(address) sock.sendall(json_data) sock.shutdown(socket.SHUT_RDWR) sock.close() except: logging.error("Unable to reach the notify server: %s" % server) socket.setdefaulttimeout(old_timeout) for script in notify_scripts: cmd = [script, str(teamid), code.encode(), str(value), tags.encode()] with open(os.devnull, "a") as devnull: ret = subprocess.call(cmd, stdout=devnull, stderr=devnull) if ret != 0: logging.error("Notify script '%s' returned non-zero: %s" % (script, ret))
def validate_origin(request): """ Receives an HTTP request, checks it against the allowed HTTP origins, if allowed, sets the appropriate headers. """ allowed_origins = config_get_list("server", "allowed_origins") request_origin = request.headers.get("Origin", "") if request_origin: if request_origin in allowed_origins: request.send_header("Access-Control-Allow-Origin", request_origin) request.send_header("Access-Control-Allow-Headers", "Content-Type") else: logging.info("Got request from unauthorized origin: %s" % (request_origin))
def scores_progress(self, client, tags=None): """ Returns the progress percentage """ db_store = client['db_store'] if not tags: # Overall progress if not config_get_bool("server", "scores_progress_overall", False): raise AskgodException("Overall progress is disabled.") total = 0.0 obtained = 0.0 for entry in db_store.find(DBFlag): if entry.teamid and entry.teamid != client['team']: continue total += entry.value for entry in db_store.find(DBScore, teamid=client['team']): obtained += entry.value return int(obtained / total * 100) ret = {} if not isinstance(tags, list): ret = 0.0 tags = [tags] for tag in tags: namespace = tag.split(":")[0] if namespace not in config_get_list("server", "scores_progress_tags", []): raise AskgodException("Disallowed tag namespaced.") total = 0.0 obtained = 0.0 for entry in db_store.find(DBFlag): if entry.teamid and entry.teamid != client['team']: continue entry_tags = entry.tags.split(",") if tag in entry_tags: total += entry.value for entry in db_store.find(DBScore, teamid=client['team']): entry_tags = entry.flag.tags.split(",") if tag in entry_tags: obtained += entry.value if isinstance(ret, dict): if not total: ret[tag] = 0 continue ret[tag] = int(obtained / total * 100) else: if not total: return 0 return int(obtained / total * 100) return ret