easyctf-2017/server/api/problem.py

204 lines
5.9 KiB
Python
Raw Normal View History

2016-01-02 20:45:05 +00:00
import hashlib
import imp
2016-01-02 05:15:29 +00:00
import logger
2016-01-02 22:44:32 +00:00
import os
2016-04-08 02:54:47 +00:00
import shutil
import utils
2016-01-02 05:15:29 +00:00
from flask import Blueprint, jsonify, session, request
2015-12-31 02:56:00 +00:00
from flask import current_app as app
2016-01-02 20:45:05 +00:00
from werkzeug import secure_filename
2015-12-31 02:56:00 +00:00
2016-01-02 20:45:05 +00:00
from models import db, Files, Problems, Solves, Teams
2016-03-12 07:34:26 +00:00
from decorators import admins_only, api_wrapper, login_required, InternalException, WebException
2015-12-31 02:56:00 +00:00
blueprint = Blueprint("problem", __name__)
@blueprint.route("/add", methods=["POST"])
@admins_only
@api_wrapper
def problem_add():
2016-04-08 00:58:56 +00:00
title = request.form["title"]
2016-03-12 07:34:26 +00:00
category = request.form["category"]
description = request.form["description"]
hint = request.form["hint"]
2016-03-12 07:34:26 +00:00
value = request.form["value"]
2016-04-08 02:48:12 +00:00
grader_contents = request.form["grader_contents"]
pid = utils.generate_string()
while Problems.query.filter_by(pid=pid).first():
pid = utils.generate_string()
2015-12-31 02:56:00 +00:00
2016-04-08 00:58:56 +00:00
title_exist = Problems.query.filter_by(title=title).first()
if title_exist:
2016-03-12 07:34:26 +00:00
raise WebException("Problem name already taken.")
2016-04-17 12:58:32 +00:00
try:
exec(grader_contents)
except Exception, e:
raise WebException("There is a syntax error in the grader: %s" % e)
2016-04-08 02:48:12 +00:00
problem = Problems(pid, title, category, description, value, hint=hint)
2016-03-12 07:34:26 +00:00
db.session.add(problem)
db.session.commit()
2016-01-02 20:45:05 +00:00
2016-03-12 07:34:26 +00:00
files = request.files.getlist("files[]")
for _file in files:
filename = secure_filename(_file.filename)
2016-01-02 20:45:05 +00:00
2016-03-12 07:34:26 +00:00
if len(filename) == 0:
continue
2016-01-02 20:45:05 +00:00
2016-03-12 07:34:26 +00:00
file_path = os.path.join(app.config["UPLOAD_FOLDER"], filename)
2016-03-12 07:34:26 +00:00
_file.save(file_path)
db_file = Files(problem.pid, "/".join(file_path.split("/")[2:]))
db.session.add(db_file)
2016-01-02 20:45:05 +00:00
2016-04-08 02:48:12 +00:00
grader_folder = os.path.join(app.config["GRADER_FOLDER"], pid)
if not os.path.exists(grader_folder):
os.makedirs(grader_folder)
grader_path = os.path.join(grader_folder, "grader.py")
grader_file = open(grader_path, "w")
grader_file.write(grader_contents)
grader_file.close()
problem.grader = grader_path
2016-03-12 07:34:26 +00:00
db.session.commit()
2015-12-31 02:56:00 +00:00
2016-03-12 07:34:26 +00:00
return { "success": 1, "message": "Success!" }
2015-12-31 02:56:00 +00:00
@blueprint.route("/delete", methods=["POST"])
@admins_only
@api_wrapper
def problem_delete():
2016-03-12 07:34:26 +00:00
pid = request.form["pid"]
problem = Problems.query.filter_by(pid=pid).first()
if problem:
Solves.query.filter_by(pid=pid).delete()
Problems.query.filter_by(pid=pid).delete()
2016-04-08 02:54:47 +00:00
grader_folder = "/".join(problem.grader.split("/")[:-1])
shutil.rmtree(grader_folder)
2016-03-12 07:34:26 +00:00
db.session.commit()
return { "success": 1, "message": "Success!" }
raise WebException("Problem does not exist!")
2015-12-31 02:56:00 +00:00
@blueprint.route("/update", methods=["POST"])
@admins_only
@api_wrapper
def problem_update():
2016-03-12 07:34:26 +00:00
pid = request.form["pid"]
2016-04-08 00:58:56 +00:00
title = request.form["title"]
2016-03-12 07:34:26 +00:00
category = request.form["category"]
description = request.form["description"]
hint = request.form["hint"]
value = request.form["value"]
2016-04-08 02:48:12 +00:00
grader_contents = request.form["grader_contents"]
2016-04-17 12:58:32 +00:00
try:
exec(grader_contents)
except Exception, e:
raise WebException("There is a syntax error in the grader: %s" % e)
2016-03-12 07:34:26 +00:00
problem = Problems.query.filter_by(pid=pid).first()
if problem:
2016-04-08 00:58:56 +00:00
problem.title = title
2016-03-12 07:34:26 +00:00
problem.category = category
problem.description = description
problem.hint = hint
problem.value = value
2016-04-08 02:48:12 +00:00
grader = open(problem.grader, "w")
grader.write(grader_contents)
grader.close()
2016-03-12 07:34:26 +00:00
db.session.add(problem)
db.session.commit()
return { "success": 1, "message": "Success!" }
raise WebException("Problem does not exist!")
2016-01-02 05:15:29 +00:00
@blueprint.route("/submit", methods=["POST"])
@api_wrapper
@login_required
2016-01-02 05:15:29 +00:00
def problem_submit():
2016-03-12 07:34:26 +00:00
pid = request.form["pid"]
flag = request.form["flag"]
tid = session["tid"]
problem = Problems.query.filter_by(pid=pid).first()
team = Teams.query.filter_by(tid=tid).first()
solved = Solves.query.filter_by(pid=pid, tid=tid, correct=1).first()
if solved:
raise WebException("You already solved this problem.")
2016-03-12 07:34:26 +00:00
if problem:
grader = imp.load_source("grader", problem.grader)
correct, response = grader.grade(flag)
solve = Solves(pid, tid, flag, correct)
db.session.add(solve)
db.session.commit()
2016-03-12 07:34:26 +00:00
if correct:
logger.log(__name__, "%s has solved %s by submitting %s" % (team.teamname, problem.title, flag), level=logger.WARNING)
return { "success": 1, "message": response }
2016-03-12 07:34:26 +00:00
else:
logger.log(__name__, "%s has incorrectly submitted %s to %s" % (team.teamname, flag, problem.title), level=logger.WARNING)
raise WebException(response)
2016-03-12 07:34:26 +00:00
else:
raise WebException("Problem does not exist!")
@blueprint.route("/data", methods=["GET"])
@login_required
@api_wrapper
def problem_data():
problems = Problems.query.order_by(Problems.value).all()
problems_return = []
2016-03-12 07:34:26 +00:00
for problem in problems:
solves = Solves.query.filter_by(pid=problem.pid, correct=1).count()
solved = Solves.query.filter_by(pid=problem.pid, tid=session.get("tid", None), correct=1)
solved = ["Solved", "Unsolved"][solved is None]
problems_return.append({
"pid": problem.pid,
"title": problem.title,
"category": problem.category,
"description": problem.description,
"hint": problem.hint,
"value": problem.value,
"solves": solves,
"solved": solved
})
return { "success": 1, "problems": problems_return }
2016-03-12 07:34:26 +00:00
def insert_problem(data, force=False):
with app.app_context():
if len(list(get_problem(pid=data["pid"]).all())) > 0:
if force == True:
_problem = Problems.query.filter_by(pid=data["pid"]).first()
db.session.delete(_problem)
db.session.commit()
else:
raise InternalException("Problem already exists.")
2016-04-08 00:58:56 +00:00
insert = Problems(data["pid"], data["title"], data["category"], data["description"], data["value"])
2016-03-12 07:34:26 +00:00
if "hint" in data: insert.hint = data["hint"]
if "autogen" in data: insert.autogen = data["autogen"]
if "bonus" in data: insert.bonus = data["bonus"]
if "threshold" in data: insert.threshold = data["threshold"]
if "weightmap" in data: insert.weightmap = data["weightmap"]
db.session.add(insert)
db.session.commit()
return True
2016-04-08 00:58:56 +00:00
def get_problem(title=None, pid=None):
2016-03-12 07:34:26 +00:00
match = {}
2016-04-08 00:58:56 +00:00
if title != None:
match.update({ "title": title })
2016-03-12 07:34:26 +00:00
elif pid != None:
match.update({ "pid": pid })
with app.app_context():
result = Problems.query.filter_by(**match)
return result