def servicemodule_edit(request, servmdulid = None): c = getAuthValues(request, {}) if c["auth_name"] != "auth_team_white": return HttpResponseRedirect("/") c.update(csrf(request)) c["action"] = "edit" if request.method != "POST": servmdul_obj = ServiceModule.objects.filter(servmdulid = servmdulid) c["servmdulid"] = servmdul_obj[0].servmdulid c["docfile"] = Document.objects.get(servicemodule = servmdul_obj[0]) c["form"] = CreateServiceModuleForm(initial = servmdul_obj.values()[0]) return render_to_response('AdminConfig/servicemodule_create-edit.html', c) form_obj = CreateServiceModuleForm(request.POST, request.FILES) if 'docfile' in request.FILES and form_obj.is_valid(): form_obj.cleaned_data.pop('docfile', None) servmdul_obj = ServiceModule.objects.filter(servmdulid = servmdulid) servmdul_obj.update(**form_obj.cleaned_data) docfile = Document.objects.get(servicemodule = servmdul_obj[0].servmdulid) docfile.delete() save_document(request.FILES['docfile'], settings.CONTENT_PLUGGINS_PATH, servmdul_obj[0], ashash = False) return HttpResponseRedirect('/admin/servicemodules/') else: # Not exactly giving the user an error message here (TODO) print "there were errors" c["form"] = CreateServiceModuleForm() return render_to_response('AdminConfig/servicemodule_create-edit.html', c)
def servicemodule_edit(request, servmdulid=None): c = getAuthValues(request, {}) if c["auth_name"] != "auth_team_white": return HttpResponseRedirect("/") c.update(csrf(request)) c["action"] = "edit" if request.method != "POST": servmdul_obj = ServiceModule.objects.filter(servmdulid=servmdulid) c["servmdulid"] = servmdul_obj[0].servmdulid c["docfile"] = Document.objects.get(servicemodule=servmdul_obj[0]) c["form"] = CreateServiceModuleForm(initial=servmdul_obj.values()[0]) return render_to_response('AdminConfig/servicemodule_create-edit.html', c) form_obj = CreateServiceModuleForm(request.POST, request.FILES) if 'docfile' in request.FILES and form_obj.is_valid(): form_obj.cleaned_data.pop('docfile', None) servmdul_obj = ServiceModule.objects.filter(servmdulid=servmdulid) servmdul_obj.update(**form_obj.cleaned_data) docfile = Document.objects.get( servicemodule=servmdul_obj[0].servmdulid) docfile.delete() save_document(request.FILES['docfile'], settings.CONTENT_PLUGGINS_PATH, servmdul_obj[0], ashash=False) return HttpResponseRedirect('/admin/servicemodules/') else: # Not exactly giving the user an error message here (TODO) print "there were errors" c["form"] = CreateServiceModuleForm() return render_to_response('AdminConfig/servicemodule_create-edit.html', c)
def injects_create(request, competition = None): """ Create injects in the competition """ c = getAuthValues(request, {}) if c["auth_name"] != "auth_team_white": return HttpResponseRedirect("/") c["action"] = "create" c["comp_obj"] = Competition.objects.get(compurl = competition) c.update(csrf(request)) # Just displays the form if we're not handling any input if request.method != "POST": c["form"] = CreateInjectForm() return render_to_response('CompConfig/injects_create-edit.html', c) form_dict = request.POST.copy().dict() print form_dict form_dict["compid"] = c["comp_obj"].compid form_dict.pop('csrfmiddlewaretoken', None) form_dict.pop('docfile', None) form_obj = CreateInjectForm(form_dict) if not form_obj.is_valid(): c["messages"].new_info("Invalid field data in inject form: %s" % form_obj.errors, 1001) return render_to_response('CompConfig/injects_create-edit.html', c) # Start saving the inject! ijct_obj = Inject(**form_dict) ijct_obj.save() # Was there a file? If so, save it! if 'docfile' in request.FILES: save_document(request.FILES['docfile'], settings.CONTENT_INJECT_PATH, ijct_obj) return HttpResponseRedirect("/admin/competitions/%s/injects/" % competition)
def servicemodule_create(request): c = getAuthValues(request, {}) if c["auth_name"] != "auth_team_white": return HttpResponseRedirect("/") if request.method != "POST": c.update(csrf(request)) c["action"] = "create" c["form"] = CreateServiceModuleForm() return render_to_response('AdminConfig/servicemodule_create-edit.html', c) form_obj = CreateServiceModuleForm(request.POST, request.FILES) if 'docfile' in request.FILES and form_obj.is_valid(): form_obj.cleaned_data.pop('docfile', None) servmdul_obj = ServiceModule(**form_obj.cleaned_data) servmdul_obj.save() save_document(request.FILES['docfile'], settings.CONTENT_PLUGGINS_PATH, servmdul_obj, ashash=False) else: # Not exactly giving the user an error message here (TODO) c.update(csrf(request)) c["action"] = "create" c["form"] = CreateServiceModuleForm() return render_to_response('AdminConfig/servicemodule_create-edit.html', c) return HttpResponseRedirect('/admin/servicemodules/')
def injects_edit(request, competition = None, ijctid = None): """ Edit the inject in the competition """ c = getAuthValues(request, {}) if c["auth_name"] != "auth_team_white": return HttpResponseRedirect("/") c["action"] = "edit" c["comp_obj"] = Competition.objects.get(compurl = competition) c.update(csrf(request)) if request.method != "POST": # Have to use filter here, otherwise we get 'Inject object is not iterable' errors ijct_obj = Inject.objects.filter(compid = c["comp_obj"].compid, ijctid = int(ijctid)) c["ijctid"] = ijct_obj[0].ijctid c["form"] = CreateInjectForm(initial = ijct_obj.values()[0]) return render_to_response('CompConfig/injects_create-edit.html', c) # Note this will only work when there are no lists tmp_dict = request.POST.copy().dict() tmp_dict.pop('csrfmiddlewaretoken', None) tmp_dict.pop('docfile', None) ijct_obj = Inject.objects.filter(compid = c["comp_obj"].compid, ijctid = int(ijctid)) ijct_obj.update(**tmp_dict) # Was there a file? If so, save it! if 'docfile' in request.FILES: save_document(request.FILES['docfile'], settings.CONTENT_INJECT_PATH, ijct_obj) return HttpResponseRedirect('/admin/competitions/%s/injects/' % competition)
def injects_edit(request, competition = None, ijctid = None): """ Edit the inject in the competition """ c = getAuthValues(request, {}) if c["auth_name"] != "auth_team_white": return HttpResponseRedirect("/") c["action"] = "edit" c["comp_obj"] = Competition.objects.get(compurl = competition) c.update(csrf(request)) if request.method != "POST": # Have to use filter here, otherwise we get 'Inject object is not iterable' errors ijct_obj = Inject.objects.filter(compid = c["comp_obj"].compid, ijctid = int(ijctid)) c["ijctid"] = ijct_obj[0].ijctid c["form"] = CreateInjectForm(initial = ijct_obj.values()[0]) return render_to_response('CompConfig/injects_create-edit.html', c) # Note this will only work when there are no lists form_dict = request.POST.copy().dict() form_dict.pop('csrfmiddlewaretoken', None) form_dict.pop('docfile', None) if 'require_response' in form_dict: form_dict['require_response'] = True else: form_dict['require_response'] = False form_dict['dt_response_due'] = None form_dict['dt_response_close'] = None ijct_obj = Inject.objects.filter(compid = c["comp_obj"].compid, ijctid = int(ijctid)) ijct_obj.update(**form_dict) # Was there a file? If so, save it! if 'docfile' in request.FILES: save_document(request.FILES['docfile'], settings.CONTENT_INJECT_PATH, ijct_obj) return HttpResponseRedirect('/admin/competitions/%s/injects/' % competition)
def injects_respond(request, competition = None, ijctid = None): """ Displays a specific inject and provides either upload or text entry for inject response """ c = getAuthValues(request, {}) # If the user isn't authed as a Blue Team if c["auth_name"] != "auth_team_blue": c["message"] = "You must log in as a Blue Team to view this page." return HttpResponseForbidden(render_to_string('status_400.html', c)) c["comp_obj"] = Competition.objects.get(compurl = competition) # If the view is disabled if not c["comp_obj"].teams_view_injects_enabled: c["message"] = "This feature is disabled for this competition." return HttpResponseForbidden(render_to_string('status_400.html', c)) c.update(csrf(request)) # If we're not getting POST data, serve the page normally if request.method != "POST": ijct_obj = Inject.objects.get(compid = c["comp_obj"].compid, ijctid = ijctid) if not ijct_obj.require_response: return HttpResponseRedirect('/competitions/%s/injects/' % (competition)) c["inject"] = { "ijct_obj": ijct_obj, "files": Document.objects.filter(inject = ijctid), "display_state": get_inject_display_state(request.user, ijct_obj) } c["response_list"] = [] for i in InjectResponse.objects.filter(compid = c["comp_obj"].compid, teamid = request.user.teamid, ijctid = ijctid): c["response_list"].append({ "response": i, "files": Document.objects.filter(injectresponse = i) }) if c["inject"]["ijct_obj"].dt_response_close <= timezone.now(): c["response_locked"] = True else: c["response_locked"] = False c["responseform"] = InjectResponseForm() return render_to_response('Comp/injects_view_respond.html', c) # Check if we're allowed to take the submission (time restrictions) ijct_obj = Inject.objects.get(compid = c["comp_obj"].compid, ijctid = ijctid) if not ijct_obj.require_response: return HttpResponseRedirect('/competitions/%s/injects/' % (competition)) if ijct_obj.dt_response_close <= timezone.now(): # Very clever person - submission form was closed, but they're attempting to POST anyway return HttpResponseRedirect('/competitions/%s/injects/%s/' % (competition, ijctid)) # Determine if we're handling text entry or file upload tmp_dict = request.POST.copy().dict() tmp_dict.pop('csrfmiddlewaretoken', None) tmp_dict.pop('docfile', None) tmp_dict['compid'] = request.user.compid tmp_dict['teamid'] = request.user.teamid tmp_dict['ijctid'] = int(ijctid) ijct_resp_obj = InjectResponse(**tmp_dict) ijct_resp_obj.save() # Checks if we were given a file if 'docfile' in request.FILES: save_document(request.FILES['docfile'], settings.CONTENT_INJECT_REPONSE_PATH, ijct_resp_obj) return HttpResponseRedirect('/competitions/%s/injects/%s/' % (competition, ijctid))
def incidentresponse_respond(request, competition=None, intrspid=None): c = getAuthValues(request, {}) # If the user isn't authed as a Blue Team if c["auth_name"] != "auth_team_blue": c["message"] = "You must log in as a Blue Team to view this page." return HttpResponseForbidden(render_to_string('status_400.html', c)) c["comp_obj"] = Competition.objects.get(compurl=competition) # If the view is disabled if not c["comp_obj"].teams_view_incidentresponse_enabled: c["message"] = "This feature is disabled for this competition." return HttpResponseForbidden(render_to_string('status_400.html', c)) c.update(csrf(request)) # Get any already opened intrusion responses c["responseform"] = IncidentResponseReplyForm() c["firstpost"] = { "response": IncidentResponse.objects.get(intrspid=intrspid), "files": Document.objects.filter(incidentresponse=intrspid) } c["response_list"] = [] for i in IncidentResponse.objects.filter(compid=request.user.compid, teamid=request.user.teamid, replyto=intrspid): c["response_list"].append({ "response": i, "files": Document.objects.filter(incidentresponse=i) }) # If we're not getting POST data, serve the page normally if request.method != "POST": c["responseform"] = IncidentResponseReplyForm() return render_to_response('Comp/incidentresponse_view_respond.html', c) # Checks if form is valid, and if so, builds model form = IncidentResponseReplyForm(request.POST) if not form.is_valid(): print form.errors #TODO: This is technically failing without raising an error for the user return render_to_response('Comp/incidentresponse_view_respond.html', c) intresp_obj = IncidentResponse() intresp_obj.compid = c["comp_obj"].compid intresp_obj.teamid = request.user.teamid intresp_obj.datetime = timezone.now() intresp_obj.textentry = form.cleaned_data['textentry'] intresp_obj.replyto = intrspid intresp_obj.save() # Was there a file? If so, save it! if 'docfile' in request.FILES: save_document(request.FILES['docfile'], settings.CONTENT_INCIDENT_REPONSE_PATH, intresp_obj) return HttpResponseRedirect('/competitions/%s/incidentresponse/%s/' % (c["comp_obj"].compurl, str(intrspid)))
def incidentresponse_respond(request, competition = None, intrspid = None): c = getAuthValues(request, {}) # If the user isn't authed as a Blue Team if c["auth_name"] != "auth_team_blue": c["message"] = "You must log in as a Blue Team to view this page." return HttpResponseForbidden(render_to_string('status_400.html', c)) c["comp_obj"] = Competition.objects.get(compurl = competition) # If the view is disabled if not c["comp_obj"].teams_view_incidentresponse_enabled: c["message"] = "This feature is disabled for this competition." return HttpResponseForbidden(render_to_string('status_400.html', c)) c.update(csrf(request)) # Get any already opened intrusion responses c["responseform"] = IncidentResponseReplyForm() c["firstpost"] = { "response": IncidentResponse.objects.get(intrspid = intrspid), "files": Document.objects.filter(incidentresponse = intrspid) } c["response_list"] = [] for i in IncidentResponse.objects.filter(compid = request.user.compid, teamid = request.user.teamid, replyto = intrspid): c["response_list"].append({ "response": i, "files": Document.objects.filter(incidentresponse = i) }) # If we're not getting POST data, serve the page normally if request.method != "POST": c["responseform"] = IncidentResponseReplyForm() return render_to_response('Comp/incidentresponse_view_respond.html', c) # Checks if form is valid, and if so, builds model form = IncidentResponseReplyForm(request.POST) if not form.is_valid(): print form.errors #TODO: This is technically failing without raising an error for the user return render_to_response('Comp/incidentresponse_view_respond.html', c) intresp_obj = IncidentResponse() intresp_obj.compid = c["comp_obj"].compid intresp_obj.teamid = request.user.teamid intresp_obj.datetime = timezone.now() intresp_obj.textentry = form.cleaned_data['textentry'] intresp_obj.replyto = intrspid intresp_obj.save() # Was there a file? If so, save it! if 'docfile' in request.FILES: save_document(request.FILES['docfile'], settings.CONTENT_INCIDENT_REPONSE_PATH, intresp_obj) return HttpResponseRedirect('/competitions/%s/incidentresponse/%s/' % (c["comp_obj"].compurl, str(intrspid)))
def _show_info(self, widget): desc, teacher, mimetype =\ utils.get_info(self._sftp, self._subject, widget.title) dialog = InfoDialog(widget.title, desc, teacher, self._subject, mimetype) dialog.connect('save-document', lambda w: utils.save_document( self._sftp, self._subject, widget.title, mimetype))
def servicemodule_create(request): c = getAuthValues(request, {}) if c["auth_name"] != "auth_team_white": return HttpResponseRedirect("/") if request.method != "POST": c.update(csrf(request)) c["action"] = "create" c["form"] = CreateServiceModuleForm() return render_to_response('AdminConfig/servicemodule_create-edit.html', c) form_obj = CreateServiceModuleForm(request.POST, request.FILES) if 'docfile' in request.FILES and form_obj.is_valid(): form_obj.cleaned_data.pop('docfile', None) servmdul_obj = ServiceModule(**form_obj.cleaned_data) servmdul_obj.save() save_document(request.FILES['docfile'], settings.CONTENT_PLUGGINS_PATH, servmdul_obj, ashash = False) else: # Not exactly giving the user an error message here (TODO) c.update(csrf(request)) c["action"] = "create" c["form"] = CreateServiceModuleForm() return render_to_response('AdminConfig/servicemodule_create-edit.html', c) return HttpResponseRedirect('/admin/servicemodules/')
def _download(self, widget): count = 0 for document in self._selection: count += 1 alert = self._activity.get_alert() alert.props.title = 'Descargando documento(s)...' alert.props.msg = 'Se está descargando el/los documento(s)' alert.show() utils.save_document( self._sftp, self._subject, document.title, document.mimetype) alert.props.title = '¡Descarga completa!' alert.props.msg = 'Todos archivos se han descargado' ok_icon = Icon(icon_name='dialog-ok') alert.add_button(gtk.RESPONSE_OK, 'Ok', ok_icon) ok_icon.show() alert.connect('response', lambda w, r: self._activity.remove_alert(w)) alert.show() self._alert = None
def injects_create(request, competition = None): """ Create injects in the competition """ c = getAuthValues(request, {}) if c["auth_name"] != "auth_team_white": return HttpResponseRedirect("/") c["action"] = "create" c["comp_obj"] = Competition.objects.get(compurl = competition) c.update(csrf(request)) # Just displays the form if we're not handling any input if request.method != "POST": c["form"] = CreateInjectForm() return render_to_response('CompConfig/injects_create-edit.html', c) form_dict = request.POST.copy().dict() form_dict["compid"] = c["comp_obj"].compid form_dict.pop('csrfmiddlewaretoken', None) form_dict.pop('docfile', None) if 'require_response' in form_dict: form_dict['require_response'] = True else: form_dict['require_response'] = False form_dict['dt_response_due'] = None form_dict['dt_response_close'] = None form_obj = CreateInjectForm(form_dict) if not form_obj.is_valid(): #c["messages"].new_info("Invalid field data in inject form: %s" % form_obj.errors, 1001) return render_to_response('CompConfig/injects_create-edit.html', c) # Start saving the inject! print form_dict ijct_obj = Inject(**form_dict) ijct_obj.save() # Was there a file? If so, save it! if 'docfile' in request.FILES: save_document(request.FILES['docfile'], settings.CONTENT_INJECT_PATH, ijct_obj) return HttpResponseRedirect("/admin/competitions/%s/injects/" % competition)
def injects_respond(request, competition=None, ijctid=None): """ Displays a specific inject and provides either upload or text entry for inject response """ c = getAuthValues(request, {}) # If the user isn't authed as a Blue Team if c["auth_name"] != "auth_team_blue": c["message"] = "You must log in as a Blue Team to view this page." return HttpResponseForbidden(render_to_string('status_400.html', c)) c["comp_obj"] = Competition.objects.get(compurl=competition) # If the view is disabled if not c["comp_obj"].teams_view_injects_enabled: c["message"] = "This feature is disabled for this competition." return HttpResponseForbidden(render_to_string('status_400.html', c)) c.update(csrf(request)) # If we're not getting POST data, serve the page normally if request.method != "POST": ijct_obj = Inject.objects.get(compid=c["comp_obj"].compid, ijctid=ijctid) c["inject"] = { "ijct_obj": ijct_obj, "files": Document.objects.filter(inject=ijctid), "display_state": get_inject_display_state(request.user, ijct_obj) } c["response_list"] = [] for i in InjectResponse.objects.filter(compid=c["comp_obj"].compid, teamid=request.user.teamid, ijctid=ijctid): c["response_list"].append({ "response": i, "files": Document.objects.filter(injectresponse=i) }) if c["inject"]["ijct_obj"].dt_response_close <= timezone.now(): c["response_locked"] = True else: c["response_locked"] = False c["responseform"] = InjectResponseForm() return render_to_response('Comp/injects_view_respond.html', c) # Check if we're allowed to take the submission (time restrictions) ijct_obj = Inject.objects.get(compid=c["comp_obj"].compid, ijctid=ijctid) if ijct_obj.dt_response_close <= timezone.now(): # Very clever person - submission form was closed, but they're attempting to POST anyway return HttpResponseRedirect('/competitions/%s/injects/%s/' % (competition, ijctid)) # Determine if we're handling text entry or file upload tmp_dict = request.POST.copy().dict() tmp_dict.pop('csrfmiddlewaretoken', None) tmp_dict.pop('docfile', None) tmp_dict['compid'] = request.user.compid tmp_dict['teamid'] = request.user.teamid tmp_dict['ijctid'] = int(ijctid) ijct_resp_obj = InjectResponse(**tmp_dict) ijct_resp_obj.save() # Checks if we were given a file if 'docfile' in request.FILES: save_document(request.FILES['docfile'], settings.CONTENT_INJECT_REPONSE_PATH, ijct_resp_obj) return HttpResponseRedirect('/competitions/%s/injects/%s/' % (competition, ijctid))