easyctf-2017/server/api/problem.py

import hashlib
import logger

from flask import Blueprint, session, request
from flask import current_app as app
from werkzeug import secure_filename

from models import db, Files, Problems, Solves, Teams
from decorators import admins_only, api_wrapper, login_required

blueprint = Blueprint("problem", __name__)

@blueprint.route("/add", methods=["POST"])
@admins_only
@api_wrapper
def problem_add():
    name = request.form["name"]
    category = request.form["category"]
    description = request.form["description"]
    hint = request.form["hint"]
    flag = request.form["flag"]
    value = request.form["value"]

    name_exists = Problems.query.filter_by(name=name).first()
    if name_exists:
        return { "success":0, "message": "Problem name already taken." }

    problem = Problems(name, category, description, hint, flag, value)
    db.session.add(problem)

    files = request.files["imp-files"]
    for _file in files:
        filename = secure_filename(_file.filename)

        if len(filename) == 0:
            continue

        folder = problem.name.replace(" ", "-")
        folder_path = os.path.join(os.path.normpath(app["UPLOAD_FOLDER"], folder))
        if not folder_path:
            os.makedirs(folder_path)

        file_path = os.path.join(path, filename)
        _file.save(file_path)
        db_file = Files(problem.pid, file_path)
        db.session.add(db_file)

    db.session.commit()

    return { "success": 1, "message": "Success!" }

@blueprint.route("/delete", methods=["POST"])
@admins_only
@api_wrapper
def problem_delete():
    pid = request.form["pid"]
    problem = Problems.query.filter_by(pid=pid).first()
    if problem:
        Solves.query.filter_by(pid=pid).delete()
        Challenges.query.filter_by(pid=pid).delete()
        db.session.commit()
        return { "success": 1, "message": "Success!" }
    return { "success": 0, "message": "Problem does not exist!" }

@blueprint.route("/update", methods=["POST"])
@admins_only
@api_wrapper
def problem_update():
    pid = request.form["pid"]
    name = request.form["name"]
    description = request.form["description"]
    hint = request.form["hint"]
    flag = request.form["flag"]
    disabled = request.form["disabled"]
    value = request.form["value"]

    problem = Problems.query.filter_by(pid=pid).first()
    if problem:
        problem.name = name
        problem.description = description
        problem.hint = hint
        problem.flag = flag
        problem.disabled = disabled
        problem.value = value

        db.session.add(problem)
        db.session.commit()

        return { "success": 1, "message": "Success!" }
    return { "success": 0, "message": "Problem does not exist!" }

@blueprint.route("/submit", methods=["POST"])
@api_wrapper
@login_required
def problem_submit():
    pid = request.form["pid"]
    flag = request.form["flag"]
    tid = session["tid"]

    problem = Problems.query.filter_by(pid=pid).first()
    team = Teams.query.filter_by(tid=tid).first()
    if problem:
        if flag == problem.flag:
            solve = Solves(pid, tid)
            team.score += problem.value
            problem.solves += 1
            db.session.add(solve)
            db.session.add(team)
            db.session.add(problem)
            db.session.commit()

            logger.log("submissions.log", logger.WARNING, "%s has solved %s by submitting %s" % (team.name, problem.name, flag))
            return { "success": 1, "message": "Correct!" }

        else:
            logger.log("submissions.log", logger.WARNING, "%s has incorrectly submitted %s to %s" % (team.name, flag, problem.name))
            return { "success": 0, "message": "Incorrect." }

    else:
        return { "success": 0, "message": "Problem does not exist!" }
Add files model to database 2016-01-02 20:45:05 +00:00			`import hashlib`
Add problem solve functionality 2016-01-02 05:15:29 +00:00			`import logger`

Begin backend for handling problems 2015-12-31 02:56:00 +00:00			`from flask import Blueprint, session, request`
			`from flask import current_app as app`
Add files model to database 2016-01-02 20:45:05 +00:00			`from werkzeug import secure_filename`
Begin backend for handling problems 2015-12-31 02:56:00 +00:00
Add files model to database 2016-01-02 20:45:05 +00:00			`from models import db, Files, Problems, Solves, Teams`
Display items in the navbar when appropriate 2016-01-02 19:30:42 +00:00			`from decorators import admins_only, api_wrapper, login_required`
Begin backend for handling problems 2015-12-31 02:56:00 +00:00
			`blueprint = Blueprint("problem", __name__)`

			`@blueprint.route("/add", methods=["POST"])`
			`@admins_only`
			`@api_wrapper`
			`def problem_add():`
			`name = request.form["name"]`
Add category to Problems 2016-01-02 04:18:40 +00:00			`category = request.form["category"]`
Begin backend for handling problems 2015-12-31 02:56:00 +00:00			`description = request.form["description"]`
			`hint = request.form["hint"]`
			`flag = request.form["flag"]`
			`value = request.form["value"]`

			`name_exists = Problems.query.filter_by(name=name).first()`
			`if name_exists:`
			`return { "success":0, "message": "Problem name already taken." }`

Add category to Problems 2016-01-02 04:18:40 +00:00			`problem = Problems(name, category, description, hint, flag, value)`
Begin backend for handling problems 2015-12-31 02:56:00 +00:00			`db.session.add(problem)`
Add files model to database 2016-01-02 20:45:05 +00:00
			`files = request.files["imp-files"]`
			`for _file in files:`
			`filename = secure_filename(_file.filename)`

			`if len(filename) == 0:`
			`continue`

			`folder = problem.name.replace(" ", "-")`
			`folder_path = os.path.join(os.path.normpath(app["UPLOAD_FOLDER"], folder))`
			`if not folder_path:`
			`os.makedirs(folder_path)`

			`file_path = os.path.join(path, filename)`
			`_file.save(file_path)`
			`db_file = Files(problem.pid, file_path)`
			`db.session.add(db_file)`

Begin backend for handling problems 2015-12-31 02:56:00 +00:00			`db.session.commit()`

			`return { "success": 1, "message": "Success!" }`

			`@blueprint.route("/delete", methods=["POST"])`
			`@admins_only`
			`@api_wrapper`
			`def problem_delete():`
			`pid = request.form["pid"]`
			`problem = Problems.query.filter_by(pid=pid).first()`
			`if problem:`
			`Solves.query.filter_by(pid=pid).delete()`
			`Challenges.query.filter_by(pid=pid).delete()`
			`db.session.commit()`
			`return { "success": 1, "message": "Success!" }`
			`return { "success": 0, "message": "Problem does not exist!" }`

			`@blueprint.route("/update", methods=["POST"])`
			`@admins_only`
			`@api_wrapper`
			`def problem_update():`
			`pid = request.form["pid"]`
			`name = request.form["name"]`
			`description = request.form["description"]`
			`hint = request.form["hint"]`
			`flag = request.form["flag"]`
			`disabled = request.form["disabled"]`
			`value = request.form["value"]`

			`problem = Problems.query.filter_by(pid=pid).first()`
			`if problem:`
			`problem.name = name`
			`problem.description = description`
			`problem.hint = hint`
			`problem.flag = flag`
			`problem.disabled = disabled`
			`problem.value = value`

			`db.session.add(problem)`
			`db.session.commit()`

			`return { "success": 1, "message": "Success!" }`
			`return { "success": 0, "message": "Problem does not exist!" }`
Add problem solve functionality 2016-01-02 05:15:29 +00:00
			`@blueprint.route("/submit", methods=["POST"])`
			`@api_wrapper`
Display items in the navbar when appropriate 2016-01-02 19:30:42 +00:00			`@login_required`
Add problem solve functionality 2016-01-02 05:15:29 +00:00			`def problem_submit():`
			`pid = request.form["pid"]`
			`flag = request.form["flag"]`
			`tid = session["tid"]`

			`problem = Problems.query.filter_by(pid=pid).first()`
			`team = Teams.query.filter_by(tid=tid).first()`
			`if problem:`
			`if flag == problem.flag:`
			`solve = Solves(pid, tid)`
			`team.score += problem.value`
			`problem.solves += 1`
			`db.session.add(solve)`
			`db.session.add(team)`
			`db.session.add(problem)`
			`db.session.commit()`

			`logger.log("submissions.log", logger.WARNING, "%s has solved %s by submitting %s" % (team.name, problem.name, flag))`
			`return { "success": 1, "message": "Correct!" }`

			`else:`
			`logger.log("submissions.log", logger.WARNING, "%s has incorrectly submitted %s to %s" % (team.name, flag, problem.name))`
			`return { "success": 0, "message": "Incorrect." }`

			`else:`
			`return { "success": 0, "message": "Problem does not exist!" }`