def edit_challenge(request, slug):
challenge = get_object_or_404(Challenge, slug=slug)
user = request.user.get_profile()
if user != challenge.created_by:
return HttpResponseForbidden(_("You can't edit challenge"))
if request.method == 'POST':
form = ChallengeForm(request.POST, instance=challenge)
if form.is_valid():
form.save()
messages.success(request, _('Challenge updated!'))
return HttpResponseRedirect(reverse('challenges_show', kwargs={
'slug': challenge.slug,
}))
else:
messages.error(request, _('Unable to update your challenge.'))
else:
form = ChallengeForm(instance=challenge)
context = {
'form': form,
'project': challenge.project,
'challenge': challenge,
}
return render_to_response('challenges/challenge_edit_summary.html',
context,
context_instance=RequestContext(request))
def create_challenge(request, project_id):
project = get_object_or_404(Project, id=project_id)
if project.slug != 'mojo':
return HttpResponseForbidden(_("You can't create challenge"))
user = request.user.get_profile()
if request.method == 'POST':
form = ChallengeForm(request.POST)
if form.is_valid():
challenge = form.save(commit=False)
challenge.created_by = user
challenge.project = project
challenge.save()
messages.success(request,
_('Your new challenge has been created.'))
return HttpResponseRedirect(reverse('challenges_show', kwargs={
'slug': challenge.slug,
}))
else:
messages.error(request, _('Unable to create your challenge.'))
else:
form = ChallengeForm()
context = {
'form': form,
'project': project,
}
return render_to_response('challenges/challenge_edit_summary.html',
context,
context_instance=RequestContext(request))
def add_challenge(request):
if request.method == 'POST':
challenge_form = ChallengeForm(request.POST, request.FILES)
response = create_or_update_challenge(request, challenge_form, True)
if response is not None:
return response
else:
challenge_form = ChallengeForm()
return delete_messages_before(render(request, 'challenges/add.html', locals()), request)
def add_challenge(request: HttpRequest) -> HttpResponse:
creating = True
if request.method == 'POST':
challenge_form = ChallengeForm(request.POST, request.FILES)
response = create_or_update_challenge(request, challenge_form, creating)
if response is not None:
return response
else:
challenge_form = ChallengeForm()
return render(request, 'challenges/add.html', locals())
def update_challenge(request: HttpRequest, slug: str) -> HttpResponse:
challenge = get_object_or_404(Challenge.all_objects, slug=slug)
creating = False
if request.method == 'POST':
challenge_form = ChallengeForm(request.POST, request.FILES, instance=challenge)
response = create_or_update_challenge(request, challenge_form, creating)
if response is not None:
return response
else:
challenge.flag = ''
challenge_form = ChallengeForm(instance=challenge)
return render(request, 'challenges/add.html', locals())
def edit_challenge(request, slug):
challenge = get_object_or_404(Challenge, slug=slug)
user = request.user.get_profile()
if user != challenge.created_by:
return HttpResponseForbidden()
if request.method == 'POST':
form = ChallengeForm(request.POST, instance=challenge)
if form.is_valid():
form.save()
messages.success(request, _('Challenge updated!'))
return HttpResponseRedirect(
reverse('challenges_show', kwargs={
'slug': challenge.slug,
}))
else:
messages.error(request, _('Unable to update your challenge.'))
else:
form = ChallengeForm(instance=challenge)
context = {
'form': form,
'project': challenge.project,
'challenge': challenge,
}
return render_to_response('challenges/challenge_edit_summary.html',
context,
context_instance=RequestContext(request))
def update_challenge(request, slug):
challenge = get_object_or_404(Challenge.all_objects, slug=slug)
if request.method == 'POST':
challenge_form = ChallengeForm(request.POST, request.FILES, instance=challenge)
response = create_or_update_challenge(request, challenge_form, False)
if response is not None:
return response
else:
request.method = "GET"
return challenge_display(request, slug, challenge_form)
return delete_messages_before(redirect(reverse('challenges:display', args=(challenge.slug,))), request)
def create_challenge(request, project_id):
project = get_object_or_404(Project, id=project_id)
if project.slug != 'mojo':
return HttpResponseForbidden()
user = request.user.get_profile()
if request.method == 'POST':
form = ChallengeForm(request.POST)
if form.is_valid():
challenge = form.save(commit=False)
challenge.created_by = user
challenge.project = project
challenge.save()
messages.success(request,
_('Your new challenge has been created.'))
return HttpResponseRedirect(
reverse('challenges_show', kwargs={
'slug': challenge.slug,
}))
else:
messages.error(request, _('Unable to create your challenge.'))
else:
form = ChallengeForm()
context = {
'form': form,
'project': project,
}
return render_to_response('challenges/challenge_edit_summary.html',
context,
context_instance=RequestContext(request))
def challenge_edit(request, challenge_uuid):
"""
Edit a challenge
"""
challenge_inst = get_object_or_404(Challenge.objects.filter(user=request.user), uuid=challenge_uuid)
if request.method == 'POST':
challenge_form = ChallengeForm(request.POST, instance=challenge_inst)
if challenge_form.is_valid():
challenge = challenge_form.save(commit=False)
challenge.user = request.user
challenge.save()
context = {'challenge': challenge_inst}
return render(request, 'challenge/challenge_view.html', context)
else:
challenge_form = ChallengeForm(instance=challenge_inst)
context = {'challenge_form': challenge_form, 'challenge': challenge_inst}
return render(
request,
'challenge/challenge_edit.html',
context
)
def challenge_new(request):
if request.method == "POST":
form = ChallengeForm(request.POST, request.FILES)
if form.is_valid():
challenge = form.save(commit=False)
# challenge.author = request.user
challenge.published_date = timezone.now()
challenge.save()
return redirect('/')
else:
form = ChallengeForm()
return render(request, 'challenges/registration.html', {'form': form})
def challenge_add(request):
"""
Add a new challenge
"""
if request.method == 'POST':
challenge_form = ChallengeForm(request.POST)
if challenge_form.is_valid():
challenge = challenge_form.save(commit=False)
challenge.user = request.user
challenge.save()
return redirect('challenge-list')
else:
challenge_form = ChallengeForm()
return render(
request,
'challenge/challenge_add.html',
{
'challenge_form': challenge_form,
}
)
def challenge_display(request, slug, challenge_form=None):
team = request.user
if not hasattr(team, 'teamprofile'):
request.session['messages'] = ['We tried really hard to find it but this team does not exists.']
return redirect(reverse('challenges:list'))
team_profile = team.teamprofile
if team.is_staff:
challenge = get_object_or_404(Challenge.all_objects, slug=slug)
if challenge_form is None:
challenge_form = ChallengeForm(instance=challenge)
else:
challenge = get_object_or_404(Challenge.objects, slug=slug)
if request.method == "POST":
submition_form = SubmitionForm(request.POST)
if submition_form.is_valid():
flag = submition_form.cleaned_data["flag"]
if flag == challenge.flag:
if TeamFlagChall.objects.filter(flagger=team_profile, chall=challenge).count() > 0:
request.session["messages"] = ["Congratulations ! This is indeed the correct flag."
" But your team already flagged this challenge."]
else:
new_team_flagger = TeamFlagChall(flagger=team_profile, chall=challenge)
new_team_flagger.save() # fail if not unique together
request.session["messages"] = ["Congratulations ! You won " + str(challenge.nb_points) + "pts !"]
points_to_add = challenge.nb_points
# if request.user.is_staff:
# rank = challenge.flaggers.count()
# else:
if request.user.is_staff:
rank = TeamFlagChall.objects.filter(chall=challenge).count()
else:
rank = TeamFlagChall.objects.filter(chall=challenge,
flagger__team__is_staff=False).count()
if rank == 1:
request.session["messages"].append("Excellent ! You are the first team to flag this challenge."
"You won an extra " + str(challenge.nb_points_first_blood) +
"pts for this exploit !")
points_to_add += challenge.nb_points_first_blood
elif rank == 2:
request.session["messages"].append("Excellent ! You are the second team to flag this challenge."
"You won an extra " + str(challenge.nb_points_second_blood) +
"pts for this exploit !")
points_to_add += challenge.nb_points_second_blood
elif rank == 3:
request.session["messages"].append("Excellent ! You are the third team to flag this challenge."
"You won an extra " + str(challenge.nb_points_third_blood) +
"pts for this exploit !")
points_to_add += challenge.nb_points_third_blood
team_profile.score += points_to_add
team_profile.save()
else:
request.session["messages"] = ["Sorry it's not the correct flag. Keep searching"
" and don't hesitate to call a staff member if needed."]
else:
submition_form = SubmitionForm()
# Les données nécessaires à l'affichage
team_flag = TeamFlagChall.objects.filter(flagger=team_profile, chall=challenge)
challenge_valide = team_flag.count() > 0
if challenge_valide:
if request.user.is_staff:
rank = TeamFlagChall.objects.filter(chall=challenge,
date_flagged__lte=team_flag[0].date_flagged,
).count()
else:
rank = TeamFlagChall.objects.filter(chall=challenge,
date_flagged__lte=team_flag[0].date_flagged,
flagger__team__is_staff=False
).count()
return render(request, 'challenges/display.html', locals())