Merge pull request #167 from jdabtieu/v3.2.1-patches

v3.2.1 patches
jdabtieu · Oct 3, 2022 · 3630fd3 · 3630fd3
2 parents b966b5f + 0a7f298
commit 3630fd3
Show file tree

Hide file tree

Showing 7 changed files with 26 additions and 12 deletions.
diff --git a/INSTALL.sh b/INSTALL.sh
@@ -63,7 +63,7 @@ CREATE TABLE 'submissions' ('sub_id' integer PRIMARY KEY NOT NULL, 'date' dateti
 CREATE TABLE 'problems' ('id' varchar(64) NOT NULL, 'name' varchar(256) NOT NULL, 'point_value' integer NOT NULL DEFAULT (0), 'category' varchar(64), 'flag' varchar(256) NOT NULL, 'draft' boolean NOT NULL DEFAULT(0));
 CREATE TABLE 'contests' ('id' varchar(32) NOT NULL, 'name' varchar(256) NOT NULL, 'start' datetime NOT NULL, 'end' datetime NOT NULL, 'scoreboard_visible' boolean NOT NULL DEFAULT (1));
 CREATE TABLE 'announcements' ('id' integer PRIMARY KEY NOT NULL, 'name' varchar(256) NOT NULL, 'date' datetime NOT NULL);
-CREATE TABLE 'contest_users' ('contest_id' varchar(32) NOT NULL, 'user_id' integer NOT NULL, 'points' integer NOT NULL DEFAULT (0) , 'lastAC' datetime);
+CREATE TABLE 'contest_users' ('contest_id' varchar(32) NOT NULL, 'user_id' integer NOT NULL, 'points' integer NOT NULL DEFAULT (0) , 'lastAC' datetime, 'hidden' integer NOT NULL DEFAULT(0));
 CREATE TABLE 'contest_solved' ('contest_id' varchar(32) NOT NULL, 'user_id' integer NOT NULL, 'problem_id' varchar(64) NOT NULL);
 CREATE TABLE 'contest_problems' ('contest_id' varchar(32) NOT NULL, 'problem_id' varchar(64) NOT NULL, 'name' varchar(256) NOT NULL, 'point_value' integer NOT NULL DEFAULT(0), 'category' varchar(64), 'flag' varchar(256) NOT NULL, 'draft' boolean NOT NULL DEFAULT(0), 'score_min' integer NOT NULL DEFAULT(0), 'score_max' integer NOT NULL DEFAULT(0), 'score_users' integer NOT NULL DEFAULT(-1), 'flag_hint' varchar(256) NOT NULL DEFAULT(''));
 CREATE TABLE 'problem_solved' ('user_id' integer NOT NULL, 'problem_id' varchar(64) NOT NULL);

diff --git a/docs/INSTALL.md b/docs/INSTALL.md
@@ -51,7 +51,7 @@ CREATE TABLE 'submissions' ('sub_id' integer PRIMARY KEY NOT NULL, 'date' dateti
 CREATE TABLE 'problems' ('id' varchar(64) NOT NULL, 'name' varchar(256) NOT NULL, 'point_value' integer NOT NULL DEFAULT (0), 'category' varchar(64), 'flag' varchar(256) NOT NULL, 'draft' boolean NOT NULL DEFAULT(0));
 CREATE TABLE 'contests' ('id' varchar(32) NOT NULL, 'name' varchar(256) NOT NULL, 'start' datetime NOT NULL, 'end' datetime NOT NULL, 'scoreboard_visible' boolean NOT NULL DEFAULT (1));
 CREATE TABLE 'announcements' ('id' integer PRIMARY KEY NOT NULL, 'name' varchar(256) NOT NULL, 'date' datetime NOT NULL);
-CREATE TABLE 'contest_users' ('contest_id' varchar(32) NOT NULL, 'user_id' integer NOT NULL, 'points' integer NOT NULL DEFAULT (0) , 'lastAC' datetime);
+CREATE TABLE 'contest_users' ('contest_id' varchar(32) NOT NULL, 'user_id' integer NOT NULL, 'points' integer NOT NULL DEFAULT (0) , 'lastAC' datetime, 'hidden' NOT NULL DEFAULT(0));
 CREATE TABLE 'contest_solved' ('contest_id' varchar(32) NOT NULL, 'user_id' integer NOT NULL, 'problem_id' varchar(64) NOT NULL);
 CREATE TABLE 'contest_problems' ('contest_id' varchar(32) NOT NULL, 'problem_id' varchar(64) NOT NULL, 'name' varchar(256) NOT NULL, 'point_value' integer NOT NULL DEFAULT(0), 'category' varchar(64), 'flag' varchar(256) NOT NULL, 'draft' boolean NOT NULL DEFAULT(0), 'score_min' integer NOT NULL DEFAULT(0), 'score_max' integer NOT NULL DEFAULT(0), 'score_users' integer NOT NULL DEFAULT(-1), 'flag_hint' varchar(256) NOT NULL DEFAULT(''));
 CREATE TABLE 'problem_solved' ('user_id' integer NOT NULL, 'problem_id' varchar(64) NOT NULL);

diff --git a/docs/SECURITY.md b/docs/SECURITY.md
@@ -8,10 +8,10 @@ Please refer to the chart below for versions with security support
 | ----------- | ------------------ |
 | Prereleases | :x:                |
 | Betas       | :x:                |
-| 3.1.0       | :white_check_mark: |
-| < 3.1.0     | :x:                |
+| 3.2.1       | :white_check_mark: |
+| < 3.2.1     | :x:                |
 
-As you can tell, it is strongly recommended to always be on the latest stable version. It is strongly recommended to run the application on a modern Linux distribution (kernel >=4.19).
+As you can tell, it is strongly recommended to always be on the latest stable version. It is strongly recommended to run the application on a modern Linux distribution with Python >=3.8.
 
 ## Reporting a Vulnerability
 

diff --git a/src/application.py b/src/application.py
@@ -649,9 +649,10 @@ def contest(contest_id):
         cid=contest_id)
 
     solve_count = dict()
-    for row in db.execute(("SELECT problem_id, COUNT(user_id) AS solves "
-                           "FROM contest_solved WHERE contest_id=:cid "
-                           "GROUP BY problem_id"), cid=contest_id):
+    for row in db.execute(("SELECT problem_id, COUNT(user_id) AS solves FROM "
+                           "contest_solved WHERE contest_id=:cid AND user_id NOT IN ("
+                           "SELECT user_id FROM contest_users WHERE contest_id=:cid AND "
+                           "hidden=1) GROUP BY problem_id"), cid=contest_id):
         if row["problem_id"] is None:
             continue
         solve_count[row["problem_id"]] = row["solves"]
@@ -691,6 +692,7 @@ def editcontest(contest_id):
     new_description = request.form.get("description").replace('\r', '')
     start = request.form.get("start")
     end = request.form.get("end")
+    scoreboard_visible = bool(request.form.get("scoreboard_visible"))
 
     if not new_name:
         flash('Name cannot be empty', 'danger')
@@ -706,9 +708,9 @@ def editcontest(contest_id):
         flash('Contest cannot end before it starts!', 'danger')
         return render_template("contest/edit.html"), 400
 
-    db.execute(("UPDATE contests SET name=:name, start=datetime(:start), "
-                "end=datetime(:end) WHERE id=:cid"),
-               name=new_name, start=start, end=end, cid=contest_id)
+    db.execute(("UPDATE contests SET name=?, start=datetime(?), end=datetime(?), "
+                "scoreboard_visible=? WHERE id=?"),
+               new_name, start, end, scoreboard_visible, contest_id)
 
     write_file(f'metadata/contests/{contest_id}/description.md', new_description)
 

diff --git a/src/helpers.py b/src/helpers.py
@@ -174,7 +174,7 @@ def check_version():
     """
     Checks if CTFOJ is up to date with the latest version on GitHub
     """
-    curr_version = "v3.1.0"
+    curr_version = "v3.2.1"
     try:
         latest_version = requests.get(
             "https://api.github.com/repos/jdabtieu/CTFOJ/releases/latest").json()["name"]

diff --git a/src/templates/contest/edit.html b/src/templates/contest/edit.html
@@ -38,6 +38,10 @@ <h1>Edit Contest</h1>
            placeholder="End Date & Time"
            value="{{ data['end'] }}"
            required>
+    <div class="form-control mb-3" style="border: 0;">
+        <input type="checkbox" id="scoreboard_visible" name="scoreboard_visible" {% if data['scoreboard_visible'] %}checked{% endif %}>
+        <label for="scoreboard_visible">Scoreboard Visible?</label>
+    </div>
     <input class="btn btn-primary" type="submit" id="submit" name="submit" value="Edit">
     <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
 </form>

diff --git a/src/tests/test_contest.py b/src/tests/test_contest.py
@@ -98,12 +98,20 @@ def test_contest(client, database):
     assert result.status_code == 200
     assert b'Hidden' in result.data
 
+    result = client.get('/contest/testingcontest')
+    assert result.status_code == 200
+    assert b'0' in result.data  # 0 non-hidden solves
+
     result = client.post('/contest/testingcontest/scoreboard/unhide', data={
         'user_id': 1
     }, follow_redirects=True)
     assert result.status_code == 200
     assert b'Hidden' not in result.data
 
+    result = client.get('/contest/testingcontest')
+    assert result.status_code == 200
+    assert b'1' in result.data  # 1 non-hidden solves
+
     client.post('/contest/testingcontest/scoreboard/hide', data={
         'user_id': 1}, follow_redirects=True)