admin/CTFd
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

init CTFd source
Some checks are pending
Linting / Linting (3.11) (push) Waiting to run
Details
Mirror core-theme / mirror (push) Waiting to run
Details

Browse Source
This commit is contained in:
gkr
2025-12-25 09:39:21 +08:00
commit 2e06f92c64
1047 changed files with 150349 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

122
tests/api/v1/test_brackets.py Normal file
View File

@@ -0,0 +1,122 @@
from CTFd.models import Brackets, Users
from tests.helpers import (
create_ctfd,
destroy_ctfd,
gen_bracket,
login_as_user,
register_user,
)
def test_brackets_get_api():
"""Test that brackets API GET endpiont is behaving propertly"""
app = create_ctfd()
with app.app_context():
gen_bracket(app.db, name="players1")
with app.test_client() as client:
client.get("/register")
with client.session_transaction() as sess:
data = {
"name": "user",
"email": "user@examplectf.com",
"password": "password",
"bracket_id": 1,
"nonce": sess.get("nonce"),
}
client.post("/register", data=data)
client = login_as_user(app, raise_for_error=True)
r = client.get("/api/v1/brackets?type=users")
resp = r.get_json()
print(resp)
assert r.status_code == 200
assert resp["data"][0]["name"] == "players1"
assert resp["data"][0]["description"] == "players who are part of the test"
destroy_ctfd(app)
def test_brackets_post_api():
"""Test that brackets API POST endpiont is behaving propertly"""
app = create_ctfd()
with app.app_context():
data = {
"name": "testplayers",
"description": "Test players bracket",
"type": "users",
}
register_user(app)
with login_as_user(app) as client:
r = client.post("/api/v1/brackets", json=data)
assert r.status_code == 403
assert Brackets.query.count() == 0
with login_as_user(app, name="admin") as client:
r = client.post("/api/v1/brackets", json=data)
assert r.status_code == 200
assert Brackets.query.count() == 1
destroy_ctfd(app)
def test_brackets_patch_api():
"""Test that brackets API PATCH endpiont is behaving propertly"""
app = create_ctfd()
with app.app_context():
gen_bracket(app.db, name="players1")
assert Brackets.query.count() == 1
register_user(app, bracket_id=1)
with login_as_user(app) as client:
r = client.patch("/api/v1/brackets/1", json={"name": "newplayers"})
assert r.status_code == 403
assert Brackets.query.filter_by(id=1).first().name == "players1"
with login_as_user(app, name="admin") as client:
r = client.patch("/api/v1/brackets/1", json={"name": "newplayers"})
assert r.status_code == 200
assert Brackets.query.filter_by(id=1).first().name == "newplayers"
destroy_ctfd(app)
def test_brackets_delete_api():
"""Test that brackets API DELETE endpiont is behaving propertly"""
app = create_ctfd()
with app.app_context():
gen_bracket(app.db, name="players1")
assert Brackets.query.count() == 1
register_user(app, bracket_id=1)
with login_as_user(app) as client:
r = client.delete("/api/v1/brackets/1", json="")
assert r.status_code == 403
assert Brackets.query.count() == 1
with login_as_user(app, name="admin") as client:
r = client.delete("/api/v1/brackets/1", json="")
print(r.get_json())
assert r.status_code == 200
assert Brackets.query.count() == 0
destroy_ctfd(app)
def test_user_bracket_changing():
"""Test that admins can change user's brackets via the API"""
app = create_ctfd()
with app.app_context():
gen_bracket(app.db, name="players1")
gen_bracket(app.db, name="players2")
with app.test_client() as client:
client.get("/register")
with client.session_transaction() as sess:
data = {
"name": "user",
"email": "user@examplectf.com",
"password": "password",
"bracket_id": 1,
"nonce": sess.get("nonce"),
}
client.post("/register", data=data)
with login_as_user(app, name="admin") as client:
assert Users.query.filter_by(id=2).first().bracket_id == 1
r = client.patch("/api/v1/users/2", json={"bracket_id": 2})
assert r.status_code == 200
assert Users.query.filter_by(id=2).first().bracket_id == 2
destroy_ctfd(app)