Bump CTFd to v3.8.0 (#182)

* chore(deps): bump CTFd to 3.8.0

* feat(api): bump API support to 3.8.0, refacto tests

* ci: fix sha256 sum for proper tag pin

* ci: fix tests output

* ci: fix condition

* chore: remove Makefile

We no longer run tests manually, and the Makefile had low value so I drop it

Author: pandatix

.github/workflows/ci.yaml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     services:
       ctfd:
-        image: ctfd/ctfd:3.7.7@sha256:9847758cdafc5ab86bdc121353dcf5a27a29ce313587270ee90a71bfbda2b910
+        image: ctfd/ctfd:3.8.0@sha256:61712c4af6e9cddccfafc4503484c8091f6325be286d407595b922dc9552b5ae
         ports:
           - 8000:8000
     steps:
@@ -52,15 +52,15 @@ jobs:
           fi
 
       - name: Run go tests
-        run: make tests
+        run: go test ./api -run=^Test_F_ -coverprofile=functional.cov
         env:
           CTFD_URL: http://localhost:8000
 
       - name: Upload coverage to Coveralls
         if: ${{ matrix.update-coverage }}
         uses: shogo82148/actions-goveralls@25f5320d970fb565100cf1993ada29be1bb196a1 # v1.10.0
         with:
-          path-to-profile: functional.out
+          path-to-profile: functional.cov
 
   go-lint:
     runs-on: ubuntu-latest

Makefile

@@ -13,4 +13,4 @@
 
 Golang client for interacting with [CTFd](https://ctfd.io/).
 
-Last version tested on: [3.7.7](https://github.com/CTFd/CTFd/releases/tag/3.7.7).
+Last version tested on: [3.8.0](https://github.com/CTFd/CTFd/releases/tag/3.8.0).

README.md

@@ -33,6 +33,7 @@ type PostChallengesParams struct {
 	Initial        *int          `json:"initial,omitempty"`
 	Decay          *int          `json:"decay,omitempty"`
 	Minimum        *int          `json:"minimum,omitempty"`
+	Logic          string        `json:"logic"`
 	MaxAttempts    *int          `json:"max_attempts,omitempty"`
 	NextID         *int          `json:"next_id,omitempty"`
 	Requirements   *Requirements `json:"requirements,omitempty"`
@@ -89,6 +90,7 @@ type PatchChallengeParams struct {
 	Initial        *int    `json:"initial,omitempty"`
 	Decay          *int    `json:"decay,omitempty"`
 	Minimum        *int    `json:"minimum,omitempty"`
+	Logic          *string `json:"logic,omitempty"`
 	MaxAttempts    *int    `json:"max_attempts,omitempty"`
 	NextID         *int    `json:"next_id,omitempty"`
 	// Requirements can update the challenge's behavior and prerequisites i.e.
@@ -167,3 +169,24 @@ func (client *Client) GetChallengeTopics(id int, opts ...Option) ([]*Topic, erro
 	}
 	return ct, nil
 }
+
+func (client *Client) GetChallengeRatings(id int, opts ...Option) ([]*Rating, error) {
+	ratings := []*Rating{}
+	if err := client.Get(fmt.Sprintf("/challenges/%d/ratings", id), nil, &ratings, opts...); err != nil {
+		return nil, err
+	}
+	return ratings, nil
+}
+
+type PutChallengeRatingsParams struct {
+	Value  int    `json:"value"` // either 1 for thumbsup or -1 for thumbsdown
+	Review string `json:"review"`
+}
+
+func (client *Client) PutChallengeRatings(id int, params *PutChallengeRatingsParams, opts ...Option) (*Rating, error) {
+	rat := &Rating{}
+	if err := client.Put(fmt.Sprintf("/challenges/%c/ratings", id), params, rat, opts...); err != nil {
+		return nil, err
+	}
+	return rat, nil
+}

api/challenges.go

@@ -216,6 +216,16 @@ func (client *Client) Patch(edp string, params any, dst any, opts ...Option) err
 	return client.Call(req, dst, opts...)
 }
 
+func (client *Client) Put(edp string, params any, dst any, opts ...Option) error {
+	body, err := json.Marshal(params)
+	if err != nil {
+		return err
+	}
+	req, _ := http.NewRequest(http.MethodPatch, edp, bytes.NewBuffer(body))
+
+	return client.Call(req, dst, opts...)
+}
+
 func (client *Client) Delete(edp string, params any, dst any, opts ...Option) (err error) {
 	var body []byte
 	if params != nil {

api/client.go

@@ -43,8 +43,17 @@ type PatchConfigsParams struct {
 	TeamCreation               *bool   `json:"team_creation,omitempty"`
 	TeamDisbanding             *string `json:"team_disbanding,omitempty"`
 	TeamSize                   *int    `json:"team_size,omitempty"`
+	PasswordMinLength          *int    `json:"password_min_length,omitempty"`
 	VerifyEmails               *bool   `json:"verify_emails,omitempty"`
 
+	// Challenges
+
+	ViewSelfSubmission    bool   `json:"view_self_submissions"`
+	MaxAttemptsBehavior   string `json:"max_attempts_behavior"`
+	MaxAttemptsTimeout    int    `json:"max_attempts_timeout"`
+	HintsFreePublicAccess bool   `json:"hints_free_public_access"`
+	ChallengeRatings      string `json:"challenge_ratings"`
+
 	// Pages
 
 	RobotsTxt *string `json:"robots_txt,omitempty"`
@@ -103,7 +112,8 @@ type PatchConfigsParams struct {
 
 	// Social
 
-	SocialShares *bool `json:"social_shares,omitempty"`
+	SocialShares         *bool  `json:"social_shares,omitempty"`
+	SocialSharesTemplate string `json:"social_share_solve_template"`
 
 	// Legal
 

api/configs.go

@@ -2,25 +2,48 @@ package api
 
 type (
 	Challenge struct {
-		ID             int           `json:"id"`
-		Name           string        `json:"name"`
-		Description    string        `json:"description"`
-		Attribution    *string       `json:"attribution,omitempty"`
-		ConnectionInfo *string       `json:"connection_info,omitempty"`
-		MaxAttempts    *int          `json:"max_attempts,omitempty"`
-		Function       *string       `json:"function,omitempty"`
-		Value          int           `json:"value"`
-		Initial        *int          `json:"initial,omitempty"`
-		Decay          *int          `json:"decay,omitempty"`
-		Minimum        *int          `json:"minimum,omitempty"`
-		Category       string        `json:"category"`
-		Type           string        `json:"type"`
-		TypeData       *Type         `json:"type_data,omitempty"`
-		State          string        `json:"state"`
-		NextID         *int          `json:"next_id"`
-		Requirements   *Requirements `json:"requirements"` // List of challenge IDs to complete before
-		Solves         int           `json:"solves"`
-		SolvedByMe     bool          `json:"solved_by_me"`
+		ID             int               `json:"id"`
+		Name           string            `json:"name"`
+		Description    string            `json:"description"`
+		Attribution    *string           `json:"attribution,omitempty"`
+		ConnectionInfo *string           `json:"connection_info,omitempty"`
+		MaxAttempts    *int              `json:"max_attempts,omitempty"`
+		Function       *string           `json:"function,omitempty"`
+		Value          int               `json:"value"`
+		Initial        *int              `json:"initial,omitempty"`
+		Decay          *int              `json:"decay,omitempty"`
+		Minimum        *int              `json:"minimum,omitempty"`
+		Logic          string            `json:"logic"`
+		Category       string            `json:"category"`
+		SolutionID     *int              `json:"solution_id,omitempty"`
+		Type           string            `json:"type"`
+		TypeData       *Type             `json:"type_data,omitempty"`
+		State          string            `json:"state"`
+		NextID         *int              `json:"next_id"`
+		Requirements   *Requirements     `json:"requirements"` // List of challenge IDs to complete before
+		Solves         int               `json:"solves"`
+		SolvedByMe     bool              `json:"solved_by_me"`
+		Rating         *Rating           `json:"rating,omitempty"`
+		Ratings        *ChallengeRatings `json:"ratings,omitempty"`
+	}
+
+	Solution struct {
+		ID          int    `json:"id"`
+		ChallengeID int    `json:"challenge_id"`
+		State       string `json:"state"`
+		Content     string `json:"content"`
+		HTML        string `json:"html"`
+	}
+
+	Rating struct {
+		ID          int        `json:"id"`
+		Date        string     `json:"date"`
+		Value       int        `json:"value"`
+		Review      string     `json:"review"`
+		UserID      int        `json:"user_id"`
+		User        *User      `json:"user"`
+		ChallengeID int        `json:"challenge_id"`
+		Challenge   *Challenge `json:"challenge"`
 	}
 
 	Bracket struct {
@@ -85,6 +108,12 @@ type (
 		Prerequisites []int `json:"prerequisites"`
 	}
 
+	ChallengeRatings struct {
+		Up    int `json:"up"`
+		Down  int `json:"down"`
+		Count int `json:"count"`
+	}
+
 	Tag struct {
 		ID          int    `json:"id"`
 		Challenge   *int   `json:"challenge,omitempty"` // XXX This may be duplicated with ChallengeID ?
@@ -313,4 +342,8 @@ type (
 		Status  string `json:"status"`
 		Message string `json:"message"`
 	}
+
+	Shares struct {
+		URL string `json:"url"`
+	}
 )

api/model.go

@@ -7,6 +7,7 @@ import (
 
 	"github.com/ctfer-io/go-ctfd/api"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func Test_F_CTF(t *testing.T) {
@@ -17,13 +18,9 @@ func Test_F_CTF(t *testing.T) {
 	// For the first blood the admin award the player, then extract the
 	// statistics and pause the event.
 
-	assert := assert.New(t)
-
 	// 1a. Get nonce and session to mock a browser first
 	nonce, session, err := api.GetNonceAndSession(CTFD_URL)
-	if !assert.Nil(err, "got error: %s", err) {
-		return
-	}
+	require.NoError(t, err)
 	admin := api.NewClient(CTFD_URL, nonce, session, "")
 
 	t.Cleanup(func() {
@@ -63,18 +60,14 @@ func Test_F_CTF(t *testing.T) {
 		Start:                  "",
 		End:                    "",
 	})
-	if !assert.Nil(err, "got error: %s", err) {
-		return
-	}
+	require.NoError(t, err)
 
 	// 1c. Create an API Key to avoid session/nonce+cookies dance
 	token, err := admin.PostTokens(&api.PostTokensParams{
 		Expiration:  "2222-01-01",
 		Description: "Example API token.",
 	})
-	if !assert.Nil(err, "got error: %s", err) {
-		return
-	}
+	require.NoError(t, err)
 	admin.SetAPIKey(*token.Value)
 
 	// 2. Add a page
@@ -88,9 +81,7 @@ func Test_F_CTF(t *testing.T) {
 		Route:        "/tutorials/test",
 		Title:        "Test",
 	})
-	if !assert.Nil(err, "got error: %s", err) {
-		return
-	}
+	require.NoError(t, err)
 
 	// 3. Add a challenge with a flag
 	chall, err := admin.PostChallenges(&api.PostChallengesParams{
@@ -106,20 +97,17 @@ func Test_F_CTF(t *testing.T) {
 		State:          "visible",
 		Type:           "dynamic",
 	})
-	assert.NotNil(chall)
-	if !assert.Nil(err, "got error: %s", err) {
-		return
-	}
+	require.NotNil(t, chall)
+	require.NoError(t, err)
+
 	flag, err := admin.PostFlags(&api.PostFlagsParams{
 		Challenge: chall.ID,
 		Content:   "24HIUT{IcmpExfiltrationIsEasy}",
 		Data:      "case_sensitive",
 		Type:      "static",
 	})
-	assert.NotNil(flag)
-	if !assert.Nil(err, "got error: %s", err) {
-		return
-	}
+	assert.NotNil(t, flag)
+	require.NoError(t, err)
 
 	// 4. User register
 	name := "ctfer-" + randHex()
@@ -130,33 +118,34 @@ func Test_F_CTF(t *testing.T) {
 		Email:    name + "@example.com",
 		Password: "password",
 	})
-	if !assert.Nil(err, "got error: %s", err) {
-		return
-	}
+	require.NoError(t, err)
+
 	usr, err := user.GetUsersMe()
-	if !assert.Nil(err, "got error: %s", err) {
-		return
-	}
+	require.NoError(t, err)
 
 	// 5a. User failed attempt
 	att, err := user.PostChallengesAttempt(&api.PostChallengesAttemptParams{
 		ChallengeID: chall.ID,
 		Submission:  "INVALID-FLAG",
 	})
-	if !assert.Nil(err, "got error: %s", err) {
-		return
-	}
-	assert.Equal("incorrect", att.Status)
+	assert.Equal(t, "incorrect", att.Status)
+	require.NoError(t, err)
 
 	// 5b. User successfull attempt
 	att, err = user.PostChallengesAttempt(&api.PostChallengesAttemptParams{
 		ChallengeID: chall.ID,
 		Submission:  "24HIUT{IcmpExfiltrationIsEasy}",
 	})
-	if !assert.Nil(err, "got error: %s", err) {
-		return
-	}
-	assert.Equal("correct", att.Status)
+	assert.Equal(t, "correct", att.Status)
+	require.NoError(t, err)
+
+	// 5c. User share its work
+	sh, err := user.PostShares(&api.PostSharesParams{
+		ChallengeID: chall.ID,
+		Type:        "solve",
+	})
+	require.Nil(t, err)
+	assert.NotEmpty(t, sh.URL)
 
 	// 6. Admin gives an award for first blood
 	_, err = admin.PostAwards(&api.PostAwardsParams{
@@ -167,28 +156,22 @@ func Test_F_CTF(t *testing.T) {
 		UserID:      usr.ID,
 		Value:       50,
 	})
-	if !assert.Nil(err, "got error: %s", err) {
-		return
-	}
+	require.NoError(t, err)
 
 	// 7. Admin gets some statistics
 	_, err = admin.GetStatisticsChallengesSolves()
-	if !assert.Nil(err, "got error: %s", err) {
-		return
-	}
+	require.NoError(t, err)
+
 	_, err = admin.GetStatisticsUsers()
-	if !assert.Nil(err, "got error: %s", err) {
-		return
-	}
+	require.NoError(t, err)
+
 	// ...
 
 	// 8. Admin pause event
 	err = admin.PatchConfigs(&api.PatchConfigsParams{
 		Paused: ptr(true),
 	})
-	if !assert.Nil(err, "got error: %s", err) {
-		return
-	}
+	require.NoError(t, err)
 
 	// Time to open-source your challenges :)
 }