def wrapper(*args, **kwargs):
current_participant = current_user.get_participant()
if current_participant is None:
raise errors.Unauthorized("You must be a participant to access this resource.")
kwargs['current_participant'] = current_participant
return func(*args, **kwargs)
def create_category(current_admin: Administrator):
"""Add a category """
body = flask_rebar.get_validated_body()
name = body["name"]
event_id = body["event_id"]
event = Event.query.filter_by(id=event_id).first()
if event is None:
raise errors.NotFound(f'Event with id "{event_id}" not found.')
if not current_admin.is_admin_of_event(event_id):
raise errors.Unauthorized(
"You do not have the permission to administer this event.")
category = Category.query.filter_by(name=name, event_id=event_id).first()
if category is not None:
raise errors.UnprocessableEntity(
"A category with that name already exists")
category = Category(name=name, event_id=event_id)
DB.session.add(category)
DB.session.commit()
return category
def edit_challenge(current_admin: Administrator, challenge_id: int):
"""Edit a challenge and its associated ressources (flags, links, files)"""
body = flask_rebar.get_validated_body()
name = body["name"]
points = body["points"]
hidden = body["hidden"]
description = body["description"]
category_id = body["category_id"]
flags = body["flags"]
editable_challenge = Challenge.query.filter_by(id=challenge_id).first()
if editable_challenge is None:
raise errors.UnprocessableEntity("This challenge does not exist.")
if not current_admin.is_admin_of_event(
editable_challenge.category.event_id):
raise errors.Unauthorized(
"You do not have the permission to administer this challenge.")
if category_id != editable_challenge.category_id:
category = Category.query.filter_by(
id=category_id,
event_id=editable_challenge.category.event_id).first()
if category is None:
raise errors.UnprocessableEntity("The category doesn't exist.")
if name != editable_challenge.name:
if not name:
raise errors.UnprocessableEntity("Name must not be empty.")
challenge = Challenge.query.filter_by(name=name).first()
if challenge is not None:
raise errors.UnprocessableEntity(
"A challenge with that name already exists.")
if points != editable_challenge.points and points <= 0:
raise errors.UnprocessableEntity("Points must be positive.")
editable_challenge.name = name
editable_challenge.points = points
editable_challenge.hidden = hidden
editable_challenge.description = description
editable_challenge.category_id = category_id
flag_objects = list(
map(lambda flag: Flag(is_regex=flag['is_regex'], value=flag['value']),
flags))
editable_challenge.flags = flag_objects
DB.session.commit()
return editable_challenge
def modify_listing(listing_id):
body = rebar.validated_body
listing = _get_listing(listing_id)
if not listing:
raise errors.NotFound(msg=ResponseMessages.LISTING_DOESNT_EXIST)
seller_id = str(listing.seller_id)
if seller_id != get_jwt_identity():
raise errors.Unauthorized(msg=ResponseMessages.LISTING_UNAUTHORIZED)
return _modify_listing(listing, body)
def make_challenge_hidden(current_admin: Administrator, challenge_id: int):
"""Make a challenge hidden"""
challenge = Challenge.query.filter_by(id=challenge_id).first()
if challenge is None:
raise errors.UnprocessableEntity("This challenge does not exist.")
if not current_admin.is_admin_of_event(challenge.category.event_id):
raise errors.Unauthorized(
"You do not have the permission to administer this challenge.")
challenge.hidden = True
DB.session.commit()
return {"name": "OK"}
def get_admin_challenge(current_admin: Administrator, challenge_id: int):
"""Get a single challenge by its id"""
challenge = Challenge.query.filter_by(id=challenge_id) \
.join(Challenge.category) \
.join(Challenge.flags) \
.first()
# TODOMAX : Add tags
# TODOMAX : Add files
# TODOMAX : Add links
if challenge is None:
raise errors.NotFound(f'Challenge with id "{challenge_id}" not found.')
if not current_admin.is_admin_of_event(challenge.category.event_id):
raise errors.Unauthorized(
"You do not have the permission to administer this challenge.")
return challenge
def delete_challenge(current_admin: Administrator, challenge_id: int):
"""Delete a challenge"""
challenge = Challenge.query.filter_by(id=challenge_id).first()
if challenge is None:
raise errors.UnprocessableEntity("This challenge does not exist.")
if not current_admin.is_admin_of_event(challenge.category.event_id):
raise errors.Unauthorized(
"You do not have the permission to administer this challenge.")
# Cleanup associated ressources
flags = Flag.query.filter_by(challenge_id=challenge_id).all()
submissions = Submission.query.filter_by(challenge_id=challenge_id).all()
DB.session.delete(challenge)
for flag in flags:
DB.session.delete(flag)
for submission in submissions:
DB.session.delete(submission)
DB.session.commit()
return ""
def authenticate(self):
if not current_user.is_authenticated:
raise errors.Unauthorized()