def post(self, *args, **kwargs): ''' Check validity of flag submissions ''' flag = Flag.by_uuid(self.get_argument('uuid', '')) if flag is not None: if flag.is_file: self.validate_file(flag) else: self.validate_text(flag) else: self.render('public/404.html')
def post(self, *args, **kwargs): ''' Check validity of flag submissions ''' flag = Flag.by_uuid(self.get_argument('uuid', '')) if flag is not None: if flag.is_file: self.validate_file(flag) else: self.validate_text(flag) else: self.render('public/404.html')
def flag(self): ''' Accepts flag submissions, a flag can be either a string or a file, if the flag submission is a file the MD5 hexdigest is used. ''' form = Form(flag_type="Missing flag type") user = self.get_current_user() if form.validate(self.request.arguments): flag = Flag.by_uuid(self.get_argument('uuid', '')) if flag is not None: if self.get_argument('flag_type').lower() == 'text': token = self.get_argument('token', None) errors = self.__chkflag__(flag, token) if len(errors) == 0: self.flag_captured() else: self.render("missions/view.html", team=user.team, errors=errors ) elif self.get_argument('flag_type').lower() == 'file': if 0 < len(self.request.files['flag'][0]['body']): file_data = self.request.files['flag'][0]['body'] errors = self.__chkflag__(flag, file_data) if len(errors) == 0: self.flag_captured() else: self.render("missions/view.html", team=user.team, errors=errors ) else: logging.info("No file data in flag submission.") self.render("missions/view.html", team=user.team, errors=["No file data"] ) else: self.render("missions/view.html", team=user.team, errors=["Invalid flag type"] ) else: self.render("missions/view.html", team=user.team, errors=["Flag does not exist"] ) else: self.render("missions/view.html", team=user.team, errors=form.errors )
def del_flag(self): ''' Delete a flag object from the database ''' flag = Flag.by_uuid(self.get_argument('uuid', '')) if flag is not None: logging.info("Deleted flag: %s " % flag.name) dbsession.delete(flag) dbsession.flush() self.redirect('/admin/view/game_objects') else: logging.info("Flag (%r) does not exist in the database" % self.get_argument('uuid', '')) self.render("admin/view/game_objects.html", errors=["Flag does not exist in database"])
def del_flag(self): ''' Delete a flag object from the database ''' flag = Flag.by_uuid(self.get_argument('uuid', '')) if flag is not None: logging.info("Deleted flag: %s " % flag.name) dbsession.delete(flag) dbsession.flush() self.redirect('/admin/view/game_objects') else: logging.info("Flag (%r) does not exist in the database" % self.get_argument('uuid', '') ) self.render("admin/view/game_objects.html", errors=["Flag does not exist in database"] )
def post(self, *args, **kwargs): ''' Check validity of flag submissions ''' flag = Flag.by_uuid(self.get_argument('uuid', '')) if flag is not None: if flag.is_file and 'flag' in self.request.files: submission = self.request.files['flag'][0]['body'] elif not flag.is_file: submission = self.get_argument('token') else: submission = None old_reward = int(flag.value) if self.attempt_capture(flag, submission): self.render('missions/captured.html', flag=flag, reward=old_reward) else: self.render_page(flag, errors=["Invalid flag submission"]) else: self.render('public/404.html')
def edit_flags(self): ''' Super ugly code, yes - Edit existing flags in the database ''' form = Form( uuid="Object not selected", name="Please enter a name", token="Please enter a toke value", description="Please provide a description", value="Please enter a reward value", box_uuid="Please select a box", ) if form.validate(self.request.arguments): flag = Flag.by_uuid(self.get_argument('uuid')) if flag is not None: errors = [] if flag.name != self.get_argument('name'): if Flag.by_name(unicode(self.get_argument('name'))) is None: logging.info("Updated flag name %s -> %s" % (flag.name, self.get_argument('name'),) ) flag.name = unicode(self.get_argument('name')) else: errors.append("Flag name already exists") if flag.token != self.get_argument('token'): if Flag.by_token(unicode(self.get_argument('token'))) is None: logging.info("Updated %s's token %s -> %s" % (flag.name, flag.token, self.get_argument('token'),) ) flag.token = unicode(self.get_argument('token')) else: errors.append("Token is not unique") if flag.description != self.get_argument('description'): logging.info("Updated %s's description %s -> %s" % (flag.name, flag.description, self.get_argument('description'),) ) flag.description = unicode(self.get_argument('description')) try: reward_value = int(self.get_argument('value')) if reward_value != flag.value: logging.info("Updated %s's value %d -> %d" % (flag.name, flag.value, reward_value,) ) flag.value = reward_value except ValueError: errors.append("Invalid reward amount") box = Box.by_uuid(self.get_argument('box_uuid')) if box is not None and box.id != flag.box_id: logging.info("Updated %s's box %d -> %d" % (flag.name, flag.box_id, box.id) ) flag.box_id = box.id elif box is None: errors.append("Box does not exist") dbsession.add(flag) dbsession.flush() self.render("admin/view/game_objects.html", errors=errors) else: self.render("admin/view/game_objects.html", errors=["Flag does not exist"] ) else: self.render("admin/view/game_objects.html", errors=form.errors)
def edit_flags(self): ''' Super ugly code, yes - Edit existing flags in the database ''' form = Form( uuid="Object not selected", name="Please enter a name", token="Please enter a toke value", description="Please provide a description", value="Please enter a reward value", box_uuid="Please select a box", ) if form.validate(self.request.arguments): flag = Flag.by_uuid(self.get_argument('uuid')) if flag is not None: errors = [] if flag.name != self.get_argument('name'): if Flag.by_name(unicode( self.get_argument('name'))) is None: logging.info("Updated flag name %s -> %s" % ( flag.name, self.get_argument('name'), )) flag.name = unicode(self.get_argument('name')) else: errors.append("Flag name already exists") if flag.token != self.get_argument('token'): if Flag.by_token(unicode( self.get_argument('token'))) is None: logging.info("Updated %s's token %s -> %s" % ( flag.name, flag.token, self.get_argument('token'), )) flag.token = unicode(self.get_argument('token')) else: errors.append("Token is not unique") if flag.description != self.get_argument('description'): logging.info("Updated %s's description %s -> %s" % ( flag.name, flag.description, self.get_argument('description'), )) flag.description = unicode( self.get_argument('description')) try: reward_value = int(self.get_argument('value')) if reward_value != flag.value: logging.info("Updated %s's value %d -> %d" % ( flag.name, flag.value, reward_value, )) flag.value = reward_value except ValueError: errors.append("Invalid reward amount") box = Box.by_uuid(self.get_argument('box_uuid')) if box is not None and box.id != flag.box_id: logging.info("Updated %s's box %d -> %d" % (flag.name, flag.box_id, box.id)) flag.box_id = box.id elif box is None: errors.append("Box does not exist") dbsession.add(flag) dbsession.flush() self.render("admin/view/game_objects.html", errors=errors) else: self.render("admin/view/game_objects.html", errors=["Flag does not exist"]) else: self.render("admin/view/game_objects.html", errors=form.errors)