diff --git a/app/controllers/challenges_controller.rb b/app/controllers/challenges_controller.rb index 49671fcc..c9d6c0a8 100644 --- a/app/controllers/challenges_controller.rb +++ b/app/controllers/challenges_controller.rb @@ -6,12 +6,11 @@ class ChallengesController < ApplicationController before_action :enforce_access before_action :load_game, :load_message_count before_action :find_challenge - before_action :find_solved_by, only: %i[show update] + before_action :find_solved_by, :check_solvable_by, only: %i[show update] before_action :valid_captcha, :find_and_log_flag, :on_team?, only: [:update] def show @solved_challenge = @challenge.get_solved_challenge_for(current_user.team) - @solvable = @challenge.can_be_solved_by(current_user.team) @solved_video_url = @solved_challenge.flag.video_url if @solved_challenge flash.now[:notice] = I18n.t('flag.accepted') if @solved_challenge end @@ -20,12 +19,11 @@ def update if @flag_found @solved_challenge = @flag_found.save_solved_challenge(current_user) @solved_video_url = @flag_found.video_url + @solvable = false flash.now[:notice] = I18n.t('flag.accepted') else flash.now[:alert] = wrong_flag_messages.sample end - @solvable = @challenge.can_be_solved_by(current_user.team) - render :show end @@ -47,6 +45,10 @@ def find_solved_by @solved_by = @challenge.solved_challenges.includes(team: :division).order(created_at: :asc) end + def check_solvable_by + @solvable = @challenge.can_be_solved_by(current_user.team) + end + def find_and_log_flag flag = params[:challenge]&.[](:submitted_flag) # Safe navigation on a hash return if flag.nil? diff --git a/app/views/challenges/show.html.haml b/app/views/challenges/show.html.haml index a6fe1bf7..c03278be 100644 --- a/app/views/challenges/show.html.haml +++ b/app/views/challenges/show.html.haml @@ -1,5 +1,5 @@ -# For PentestGames, @challenge here can actually be a flag object since Pentest challenges belong to teams + challenges and are linked by a flag object. --# +-# - content_for :admin_menu do %a.dropdown-item{:href => admin_edit_url(@challenge)}= t('challenges.admin_edit_challenge', challengename: @challenge.name) diff --git a/test/controllers/challenges_controller_test.rb b/test/controllers/challenges_controller_test.rb index a5ecd93c..11744501 100644 --- a/test/controllers/challenges_controller_test.rb +++ b/test/controllers/challenges_controller_test.rb @@ -83,6 +83,7 @@ def setup } end assert :success + assert_select 'input#challenge_submitted_flag', 1, 'Flag submission box should be visible with a bad submission' assert true, wrong_flag_messages.include?(flash[:notice]) end @@ -120,6 +121,7 @@ def setup flag_text = @pentest_challenge.defense_flags.find_by(team_id: @team2.id).flag put :update, params: { id: @pentest_challenge, team_id: @team2, challenge: { submitted_flag: flag_text } } assert_response :success + assert_select "input#challenge_submitted_flag", {count: 0}, 'Flag submission box should not be present when team has solved challenge' assert_equal I18n.t('flag.accepted'), flash[:notice] end @@ -128,6 +130,7 @@ def setup sign_in @team1.team_captain get :show, params: { id: @pentest_challenge, team_id: @team2 } assert_response :success + assert_select "input#challenge_submitted_flag", {count: 0}, 'Flag submission box should not be present when team has solved challenge' assert_equal I18n.t('flag.accepted'), flash[:notice] end @@ -136,6 +139,7 @@ def setup sign_in @team1.team_captain get :show, params: { id: @standard_challenge } assert_response :success + assert_select "input#challenge_submitted_flag", {count: 0}, 'Flag submission box should not be present when team has solved challenge' assert_equal I18n.t('flag.accepted'), flash[:notice] end @@ -145,6 +149,7 @@ def setup sign_in @team1.team_captain get :show, params: { id: share_chal } assert_response :success + assert_select "input#challenge_submitted_flag", {count: 0}, 'Challenge flag submission box should not be present when team has solved challenge' assert_equal I18n.t('flag.accepted'), flash[:notice] end end