fix: use comment instead of kino inputs

polvalente · polvalente · commit 19d56d3097ac · 2025-04-04T23:11:05.000-03:00
diff --git a/modules/2-owasp.livemd b/modules/2-owasp.livemd
@@ -1,5 +1,3 @@
-<!-- livebook:{"persist_outputs":true} -->
-
 # ESCT: Part 2 - OWASP
 
 ```elixir
@@ -103,17 +101,9 @@ Notable CWEs included are CWE-259: Use of Hard-coded Password, CWE-327: Broken o
 
 _Please uncomment the function call that you believe is correct._
 
-<!-- livebook:{"attrs":"eyJtb2R1bGVfaWQiOm51bGwsInF1ZXN0aW9uX2lkIjpudWxsLCJzb3VyY2UiOiJkZWZtb2R1bGUgUGFzc3dvcmRDb21wYXJlIGRvXG4gIGRlZiBvcHRpb25fb25lKHBhc3N3b3JkLCBtZDVfaGFzaCkgZG9cbiAgICBjYXNlIDpjcnlwdG8uaGFzaCg6bWQ1LCBwYXNzd29yZCkgPT0gbWQ1X2hhc2ggZG9cbiAgICAgIHRydWUgLT4gOmVudHJ5X2dyYW50ZWRfb3AxXG4gICAgICBmYWxzZSAtPiA6ZW50cnlfZGVuaWVkX29wMVxuICAgIGVuZFxuICBlbmRcblxuICBkZWYgb3B0aW9uX3R3byhwYXNzd29yZCwgYmNyeXB0X3NhbHRlZF9oYXNoKSBkb1xuICAgIGNhc2UgQmNyeXB0LnZlcmlmeV9wYXNzKHBhc3N3b3JkLCBiY3J5cHRfc2FsdGVkX2hhc2gpIGRvXG4gICAgICB0cnVlIC0+IDplbnRyeV9ncmFudGVkX29wMlxuICAgICAgZmFsc2UgLT4gOmVudHJ5X2RlbmllZF9vcDJcbiAgICBlbmRcbiAgZW5kXG5lbmRcblxuIyBETyBOT1QgQ0hBTkdFIENPREUgQUJPVkUgVEhJUyBMSU5FID09PT09PT09PT09PT09PT09PT09PT09PT1cblxuIyBQYXNzd29yZENvbXBhcmUub3B0aW9uX29uZShcInVzZXJzX3Bhc3N3b3JkXCIsIG1kNV9oYXNoKVxuIyBQYXNzd29yZENvbXBhcmUub3B0aW9uX3R3byhcInVzZXJzX3Bhc3N3b3JkXCIsIGJjcnlwdF9zYWx0ZWRfaGFzaCkifQ","chunks":[[0,178],[180,859]],"kind":"Elixir.GradingClient.GradedCell","livebook_object":"smart_cell"} -->
+<!-- livebook:{"attrs":"eyJtb2R1bGVfaWQiOm51bGwsInF1ZXN0aW9uX2lkIjpudWxsLCJzb3VyY2UiOiIjT1dBU1A6MVxuZGVmbW9kdWxlIFBhc3N3b3JkQ29tcGFyZSBkb1xuICBkZWYgb3B0aW9uX29uZShwYXNzd29yZCwgbWQ1X2hhc2gpIGRvXG4gICAgY2FzZSA6Y3J5cHRvLmhhc2goOm1kNSwgcGFzc3dvcmQpID09IG1kNV9oYXNoIGRvXG4gICAgICB0cnVlIC0+IDplbnRyeV9ncmFudGVkX29wMVxuICAgICAgZmFsc2UgLT4gOmVudHJ5X2RlbmllZF9vcDFcbiAgICBlbmRcbiAgZW5kXG5cbiAgZGVmIG9wdGlvbl90d28ocGFzc3dvcmQsIGJjcnlwdF9zYWx0ZWRfaGFzaCkgZG9cbiAgICBjYXNlIEJjcnlwdC52ZXJpZnlfcGFzcyhwYXNzd29yZCwgYmNyeXB0X3NhbHRlZF9oYXNoKSBkb1xuICAgICAgdHJ1ZSAtPiA6ZW50cnlfZ3JhbnRlZF9vcDJcbiAgICAgIGZhbHNlIC0+IDplbnRyeV9kZW5pZWRfb3AyXG4gICAgZW5kXG4gIGVuZFxuZW5kXG5cbiMgRE8gTk9UIENIQU5HRSBDT0RFIEFCT1ZFIFRISVMgTElORSA9PT09PT09PT09PT09PT09PT09PT09PT09XG5cbiMgUGFzc3dvcmRDb21wYXJlLm9wdGlvbl9vbmUoXCJ1c2Vyc19wYXNzd29yZFwiLCBtZDVfaGFzaClcbiMgUGFzc3dvcmRDb21wYXJlLm9wdGlvbl90d28oXCJ1c2Vyc19wYXNzd29yZFwiLCBiY3J5cHRfc2FsdGVkX2hhc2gpIn0","chunks":null,"kind":"Elixir.GradingClient.GradedCell","livebook_object":"smart_cell"} -->
 
 ```elixir
-module_id = Kino.Input.select("Module", [{OWASP, "OWASP"}])
-question_id = Kino.Input.number("Question ID")
-Kino.render(Kino.Layout.grid([module_id, question_id], columns: 2))
-nil
-
-module_id = Kino.Input.read(module_id)
-question_id = Kino.Input.read(question_id)
-
 result =
   defmodule PasswordCompare do
     def option_one(password, md5_hash) do
@@ -131,6 +121,25 @@ result =
     end
   end
 
+[module_id, question_id] =
+  "#OWASP:1\ndefmodule PasswordCompare do\n  def option_one(password, md5_hash) do\n    case :crypto.hash(:md5, password) == md5_hash do\n      true -> :entry_granted_op1\n      false -> :entry_denied_op1\n    end\n  end\n\n  def option_two(password, bcrypt_salted_hash) do\n    case Bcrypt.verify_pass(password, bcrypt_salted_hash) do\n      true -> :entry_granted_op2\n      false -> :entry_denied_op2\n    end\n  end\nend\n\n# DO NOT CHANGE CODE ABOVE THIS LINE =========================\n\n# PasswordCompare.option_one(\"users_password\", md5_hash)\n# PasswordCompare.option_two(\"users_password\", bcrypt_salted_hash)"
+  |> String.split("\n", parts: 2)
+  |> hd()
+  |> String.trim_leading("#")
+  |> String.split(":", parts: 2)
+
+module_id =
+  case %{"OWASP" => OWASP}[String.trim(module_id)] do
+    nil -> raise "invalid module id: #{module_id}"
+    module_id -> module_id
+  end
+
+question_id =
+  case Integer.parse(String.trim(question_id)) do
+    {id, ""} -> id
+    _ -> raise "invalid question id: #{question_id}"
+  end
+
 case GradingClient.check_answer(module_id, question_id, result) do
   :correct ->
     IO.puts([IO.ANSI.green(), "Correct!", IO.ANSI.reset()])
@@ -143,18 +152,6 @@ case GradingClient.check_answer(module_id, question_id, result) do
 end
 ```
 
-<!-- livebook:{"output":true} -->
-
-```
-Incorrect: Research MD5 Rainbow Tables
-```
-
-<!-- livebook:{"output":true} -->
-
-```
-:ok
-```
-
 <!-- livebook:{"branch_parent_index":3} -->
 
 ## Injection
@@ -279,17 +276,9 @@ _Please change the atom below to the name of the vulnerable package installed in
 
 _HINT: Check the changelogs for each dependency._
 
-<!-- livebook:{"attrs":"eyJtb2R1bGVfaWQiOm51bGwsInF1ZXN0aW9uX2lkIjpudWxsLCJzb3VyY2UiOiJhbnN3ZXIgPSBcbiAgS2luby5JbnB1dC5zZWxlY3QoXCJBbnN3ZXJcIiwgW1xuICAgIHs6ZWN0bywgXCJFY3RvIHYyLjIuMlwifSxcbiAgICB7Om54LCBcIk54IHYwLjUuMFwifSxcbiAgICB7OnBsdWcsIFwiUGx1ZyB2MS4zLjJcIn1cbiAgXSlcblxuS2luby5yZW5kZXIoYW5zd2VyKVxuXG5LaW5vLklucHV0LnJlYWQoYW5zd2VyKSJ9","chunks":[[0,178],[180,631]],"kind":"Elixir.GradingClient.GradedCell","livebook_object":"smart_cell"} -->
+<!-- livebook:{"attrs":"eyJtb2R1bGVfaWQiOm51bGwsInF1ZXN0aW9uX2lkIjpudWxsLCJzb3VyY2UiOiIjT1dBU1A6MlxuYW5zd2VyID0gXG4gIEtpbm8uSW5wdXQuc2VsZWN0KFwiQW5zd2VyXCIsIFtcbiAgICB7OmVjdG8sIFwiRWN0byB2Mi4yLjJcIn0sXG4gICAgezpueCwgXCJOeCB2MC41LjBcIn0sXG4gICAgezpwbHVnLCBcIlBsdWcgdjEuMy4yXCJ9XG4gIF0pXG5cbktpbm8ucmVuZGVyKGFuc3dlcilcblxuS2luby5JbnB1dC5yZWFkKGFuc3dlcikifQ","chunks":null,"kind":"Elixir.GradingClient.GradedCell","livebook_object":"smart_cell"} -->
 
 ```elixir
-module_id = Kino.Input.select("Module", [{OWASP, "OWASP"}])
-question_id = Kino.Input.number("Question ID")
-Kino.render(Kino.Layout.grid([module_id, question_id], columns: 2))
-nil
-
-module_id = Kino.Input.read(module_id)
-question_id = Kino.Input.read(question_id)
-
 result =
   (
     answer =
@@ -303,6 +292,25 @@ result =
     Kino.Input.read(answer)
   )
 
+[module_id, question_id] =
+  "#OWASP:2\nanswer = \n  Kino.Input.select(\"Answer\", [\n    {:ecto, \"Ecto v2.2.2\"},\n    {:nx, \"Nx v0.5.0\"},\n    {:plug, \"Plug v1.3.2\"}\n  ])\n\nKino.render(answer)\n\nKino.Input.read(answer)"
+  |> String.split("\n", parts: 2)
+  |> hd()
+  |> String.trim_leading("#")
+  |> String.split(":", parts: 2)
+
+module_id =
+  case %{"OWASP" => OWASP}[String.trim(module_id)] do
+    nil -> raise "invalid module id: #{module_id}"
+    module_id -> module_id
+  end
+
+question_id =
+  case Integer.parse(String.trim(question_id)) do
+    {id, ""} -> id
+    _ -> raise "invalid question id: #{question_id}"
+  end
+
 case GradingClient.check_answer(module_id, question_id, result) do
   :correct ->
     IO.puts([IO.ANSI.green(), "Correct!", IO.ANSI.reset()])
@@ -315,18 +323,6 @@ case GradingClient.check_answer(module_id, question_id, result) do
 end
 ```
 
-<!-- livebook:{"output":true} -->
-
-```
-Incorrect: Check the changelog for the next minor or major release.
-```
-
-<!-- livebook:{"output":true} -->
-
-```
-:ok
-```
-
 <!-- livebook:{"branch_parent_index":3} -->
 
 ## Identification and Authentication Failures
@@ -457,18 +453,4 @@ case HTTPoison.get(user_inputted_url) do
 end
 ```
 
-<!-- livebook:{"output":true} -->
-
-```
-This is the IP belonging to your Livebook instance:
-179.241.241.114
-
-```
-
-<!-- livebook:{"output":true} -->
-
-```
-:ok
-```
-
 [**<- Previous Module: Introduction**](./1-introduction.livemd) || [**Next Module: Secure SDLC Concepts ->**](./3-ssdlc.livemd)
diff --git a/modules/grading_client/lib/grading_client/graded_cell.ex b/modules/grading_client/lib/grading_client/graded_cell.ex
@@ -11,11 +11,6 @@ defmodule GradingClient.GradedCell do
      editor: [source: source, language: "elixir"]}
   end
 
-  @impl true
-  def handle_connect(ctx) do
-    {:ok, %{}, ctx}
-  end
-
   @impl true
   def handle_editor_change(source, ctx) do
     {:ok, assign(ctx, source: source)}
@@ -32,29 +27,41 @@ defmodule GradingClient.GradedCell do
 
   @impl true
   def to_source(attrs) do
-    dbg(attrs)
-
-    options = Enum.map(GradingClient.Answers.get_modules(), &{&1, inspect(&1)})
-
-    inputs =
-      quote do
-        module_id = Kino.Input.select("Module", unquote(options))
-        question_id = Kino.Input.number("Question ID")
-
-        Kino.render(Kino.Layout.grid([module_id, question_id], columns: 2))
-        nil
-      end
+    modules = Map.new(GradingClient.Answers.get_modules(), &{inspect(&1), &1})
 
     source_ast =
       try do
-        source = Code.string_to_quoted!(attrs["source"])
+        source_attr = attrs["source"]
+        source = Code.string_to_quoted!(source_attr)
 
         quote do
-          module_id = Kino.Input.read(module_id)
-          question_id = Kino.Input.read(question_id)
-
           result = unquote(source)
 
+          [module_id, question_id] =
+            unquote(source_attr)
+            |> String.split("\n", parts: 2)
+            |> hd()
+            |> String.trim_leading("#")
+            |> String.split(":", parts: 2)
+
+          module_id =
+            case unquote(Macro.escape(modules))[String.trim(module_id)] do
+              nil ->
+                raise "invalid module id: #{module_id}"
+
+              module_id ->
+                module_id
+            end
+
+          question_id =
+            case Integer.parse(String.trim(question_id)) do
+              {id, ""} ->
+                id
+
+              _ ->
+                raise "invalid question id: #{question_id}"
+            end
+
           case GradingClient.check_answer(module_id, question_id, result) do
             :correct ->
               IO.puts([IO.ANSI.green(), "Correct!", IO.ANSI.reset()])
@@ -72,10 +79,7 @@ defmodule GradingClient.GradedCell do
           {:<<>>, [delimiter: ~s["""]], [attrs["source"] <> "\n"]}
       end
 
-    [
-      Kino.SmartCell.quoted_to_string(inputs),
-      Kino.SmartCell.quoted_to_string(source_ast)
-    ]
+    Kino.SmartCell.quoted_to_string(source_ast)
   end
 
   @impl true
