private async Task <IActionResult> RenderAsync(ViewType viewType, int labId, object model)
{
var lab = await _labService.GetLabAsync(labId, HttpContext.RequestAborted);
if (lab == null)
{
return(RedirectToAction("RenderLabList", "AdminLabs"));
}
ViewData["Lab"] = await _labService.GetLabAsync(labId, HttpContext.RequestAborted);
ViewData["ViewType"] = viewType;
return(await RenderViewAsync(MenuItems.AdminFlags, model));
}
public async Task <IActionResult> EditLabAsync(Lab labData)
{
// Check input
if (!ModelState.IsValid)
{
AddStatusMessage(_localizer["EditLabAsync:InvalidInput"], StatusMessageTypes.Error);
return(await ShowEditLabFormAsync(null, labData));
}
try
{
// Retrieve edited lab from database and apply changes
var lab = await _labService.GetLabAsync(labData.Id, HttpContext.RequestAborted);
lab.Name = labData.Name;
lab.ApiCode = labData.ApiCode;
lab.ServerBaseUrl = labData.ServerBaseUrl;
lab.MaxPoints = labData.MaxPoints;
lab.MaxFlagPoints = labData.MaxFlagPoints;
lab.Visible = labData.Visible;
await _labService.UpdateLabAsync(lab, HttpContext.RequestAborted);
AddStatusMessage(_localizer["EditLabAsync:Success"], StatusMessageTypes.Success);
}
catch (InvalidOperationException ex)
{
_logger.LogError(ex, "Edit lab");
AddStatusMessage(_localizer["EditLabAsync:UnknownError"], StatusMessageTypes.Error);
return(await ShowEditLabFormAsync(null, labData));
}
return(await RenderLabListAsync());
}
public async Task <IActionResult> CallLabServerAsync([FromServices] ILabService labService, int labId, int userId)
{
// Retrieve lab data
var lab = await labService.GetLabAsync(labId, HttpContext.RequestAborted);
if (lab == null)
{
AddStatusMessage(_localizer["CallLabServerAsync:NotFound"], StatusMessageTypes.Error);
return(await RenderViewAsync());
}
// Build authentication string
var user = await _userService.GetUserAsync(userId, HttpContext.RequestAborted);
var group = user.GroupId == null ? null : await _userService.GetGroupAsync(user.GroupId ?? -1);
var authData = new UserLoginRequest
{
UserId = userId,
UserDisplayName = user.DisplayName,
GroupId = group?.Id,
GroupName = group?.DisplayName,
AdminMode = true
};
string authString = new CryptoService(lab.ApiCode).Encrypt(authData.Serialize());
// Build final URL
string url = lab.ServerBaseUrl.TrimEnd().TrimEnd('/') + "/auth/login?code=" + authString;
// Forward to server
return(Redirect(url));
}
private async Task <IActionResult> RenderAsync(int?labId)
{
// Retrieve group ID
var currentUser = await GetCurrentUserAsync();
if (currentUser?.GroupId == null)
{
AddStatusMessage(_localizer["RenderAsync:NoGroup"], StatusMessageTypes.Error);
return(await RenderViewAsync());
}
// Show group's most recent lab
if (labId == null)
{
var currentLabExecution = await _labExecutionService.GetMostRecentLabExecutionAsync(currentUser.GroupId.Value, HttpContext.RequestAborted);
if (currentLabExecution == null)
{
AddStatusMessage(_localizer["RenderAsync:NoActiveLab"], StatusMessageTypes.Info);
return(await RenderViewAsync());
}
labId = currentLabExecution.LabId;
}
// Check whether user may access this lab, if it even exists
var lab = await _labService.GetLabAsync(labId.Value, HttpContext.RequestAborted);
if (lab == null || (!lab.Visible && !currentUser.Privileges.HasAnyPrivilege(UserPrivileges.ViewAdminScoreboard | UserPrivileges.ViewLabs)))
{
AddStatusMessage(_localizer["RenderAsync:LabNotFound"], StatusMessageTypes.Error);
return(await RenderViewAsync());
}
// Retrieve scoreboard
var scoreboard = await _scoreboardService.GetUserScoreboardAsync(currentUser.Id, currentUser.GroupId.Value, labId.Value, HttpContext.RequestAborted);
if (scoreboard == null)
{
AddStatusMessage(_localizer["RenderAsync:EmptyScoreboard", labId], StatusMessageTypes.Error);
return(await RenderViewAsync());
}
ViewData["Scoreboard"] = scoreboard;
return(await RenderViewAsync(MenuItems.Group));
}
private async Task <IActionResult> ShowEditLabFormAsync(int?id, Lab lab = null)
{
// Retrieve by ID, if no object from a failed POST was passed
if (id != null)
{
lab = await _labService.GetLabAsync(id.Value, HttpContext.RequestAborted);
if (lab == null)
{
AddStatusMessage(_localizer["ShowEditLabFormAsync:NotFound"], StatusMessageTypes.Error);
return(await RenderLabListAsync());
}
}
if (lab == null)
{
AddStatusMessage(_localizer["ShowEditLabFormAsync:MissingParameter"], StatusMessageTypes.Error);
return(await RenderLabListAsync());
}
return(await RenderAsync(ViewType.Edit, lab));
}
public async Task <IActionResult> CallLabServerAsync(int labId)
{
// Retrieve group ID
var currentUser = await GetCurrentUserAsync();
if (currentUser?.GroupId == null)
{
AddStatusMessage(_localizer["CallLabServerAsync:NoGroup"], StatusMessageTypes.Error);
return(await RenderViewAsync());
}
// Retrieve lab data
var lab = await _labService.GetLabAsync(labId, HttpContext.RequestAborted);
if (lab == null)
{
AddStatusMessage(_localizer["CallLabServerAsync:LabNotFound"], StatusMessageTypes.Error);
return(await RenderViewAsync());
}
// Check whether lab is accessible by given group
DateTime now = DateTime.Now;
var labExecution = await _labExecutionService.GetLabExecutionAsync(currentUser.GroupId.Value, labId, HttpContext.RequestAborted);
if (labExecution == null || now < labExecution.PreStart)
{
AddStatusMessage(_localizer["CallLabServerAsync:LabNotActive"], StatusMessageTypes.Error);
return(await RenderViewAsync());
}
// Build authentication string
var authData = new UserLoginRequest
{
UserId = currentUser.Id,
UserDisplayName = currentUser.DisplayName,
GroupId = currentUser.GroupId,
GroupName = currentUser.Group?.DisplayName,
AdminMode = false
};
string authString = new CryptoService(lab.ApiCode).Encrypt(authData.Serialize());
// Build final URL
string url = lab.ServerBaseUrl.TrimEnd().TrimEnd('/') + "/auth/login?code=" + authString;
// Forward to server
return(Redirect(url));
}
public async Task <IActionResult> CreateExerciseSubmissionAsync(CtfApiRequest request)
{
try
{
// Resolve lab
var lab = await _labService.GetLabAsync(request.LabId, HttpContext.RequestAborted);
if (lab == null)
{
return(BadRequest(new { error = $"Could not resolve requested lab {request.LabId}" }));
}
// Decode request
var apiExerciseSubmission = request.Decode <ApiExerciseSubmission>(new CryptoService(lab.ApiCode));
// Resolve exercise
var exercise = await _exerciseService.FindExerciseAsync(lab.Id, apiExerciseSubmission.ExerciseNumber, HttpContext.RequestAborted);
if (exercise == null)
{
return(NotFound(new { error = "Exercise not found" }));
}
// Check lab execution
// This will also automatically check whether the given user exists
var labExecution = await _labExecutionService.GetLabExecutionForUserAsync(apiExerciseSubmission.UserId, lab.Id, HttpContext.RequestAborted);
var now = DateTime.Now;
if (labExecution == null || now < labExecution.PreStart)
{
return(NotFound(new { error = "Lab is not active for this user" }));
}
// Some exercises may only be submitted after the pre-start phase has ended
if (!exercise.IsPreStartAvailable && now < labExecution.Start)
{
return(NotFound(new { error = "This exercise may not be submitted in the pre-start phase" }));
}
// Create submission
var submission = new ExerciseSubmission
{
ExerciseId = exercise.Id,
UserId = apiExerciseSubmission.UserId,
ExercisePassed = apiExerciseSubmission.ExercisePassed,
SubmissionTime = apiExerciseSubmission.SubmissionTime ?? DateTime.Now,
Weight = apiExerciseSubmission.ExercisePassed ? 1 : (apiExerciseSubmission.Weight >= 0 ? apiExerciseSubmission.Weight : 1)
};
await _exerciseService.CreateExerciseSubmissionAsync(submission, HttpContext.RequestAborted);
return(Ok());
}
catch (CryptographicException ex)
{
_logger.LogError(ex, "Create exercise submission for user");
return(StatusCode(StatusCodes.Status401Unauthorized, new { error = "Could not decode the request packet" }));
}
catch (Exception ex)
{
_logger.LogError(ex, "Create exercise submission for user");
return(StatusCode(StatusCodes.Status500InternalServerError, new { error = "An internal error occured during processing of the request" }));
}
}
