Adds Survey to Rate Challenges After Correct Flag Submission #224

app/assets/javascripts/application.js

@@ -11,6 +11,7 @@
 // GO AFTER THE REQUIRES BELOW.
 //
 //= require jquery
+//= require jquery_ujs
 //= require_tree .
 //= require jquery.nested-fields
 // Loads all Bootstrap javascripts

app/assets/javascripts/surveys.js

@@ -0,0 +1,6 @@
+// Place all the behaviors and hooks related to the matching controller here.
+// All this logic will automatically be available in application.js.
+
+function setRating(id, rating) {
+  document.getElementById(id).value = rating;
+}

app/assets/stylesheets/surveys.scss

@@ -0,0 +1,56 @@
+// Place all the styles related to the Surveys controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: https://sass-lang.com/
+
+.star-cb-group {
+  /* remove inline-block whitespace */
+  font-size: 0;
+  /* flip the order so we can use the + and ~ combinators */
+  unicode-bidi: bidi-override;
+  direction: rtl;
+  /* the hidden clearer */
+}
+.star-cb-group * {
+  font-size: 1rem;
+}
+.star-cb-group > input {
+  display: none;
+}
+.star-cb-group > input + label {
+  /* only enough room for the star */
+  display: inline-block;
+  overflow: hidden;
+  text-indent: 9999px;
+  width: 1em;
+  white-space: nowrap;
+  cursor: pointer;
+}
+.star-cb-group > input + label:before {
+  display: inline-block;
+  text-indent: -9999px;
+  content: "☆";
+  color: #888;
+}
+.star-cb-group > input:checked ~ label:before, .star-cb-group > input + label:hover ~ label:before, .star-cb-group > input + label:hover:before {
+  content: "★";
+  color: rgb(238, 206, 24);
+  text-shadow: 0 0 1px #333;
+}
+.star-cb-group > .star-cb-clear + label {
+  text-indent: -9999px;
+  width: .5em;
+  margin-left: -.5em;
+}
+.star-cb-group > .star-cb-clear + label:before {
+  width: .5em;
+}
+.star-cb-group:hover > input + label:before {
+  content: "☆";
+  color: #888;
+  text-shadow: none;
+}
+.star-cb-group:hover > input + label:hover ~ label:before, .star-cb-group:hover > input + label:hover:before {
+  content: "★";
+  color: rgb(238, 206, 24);
+  text-shadow: 0 0 1px #333;
+}

app/controllers/challenges_controller.rb

@@ -21,10 +21,11 @@ def update
       @solved_challenge = @flag_found.save_solved_challenge(current_user)
       @solved_video_url = @flag_found.video_url
       flash.now[:notice] = I18n.t('flag.accepted')
+      @survey = Survey.new
+      @survey.submitted_flag_id = @submitted_flag.id
     else
       flash.now[:alert] = wrong_flag_messages.sample
     end
-    @solvable = @challenge.can_be_solved_by(current_user.team)
 
     render :show
   end
@@ -51,7 +52,9 @@ def find_and_log_flag
     flag = params[:challenge]&.[](:submitted_flag) # Safe navigation on a hash
     return if flag.nil?
 
-    SubmittedFlag.create(user: current_user, challenge: @challenge, text: flag) unless current_user.admin?
+    unless current_user.admin?
+      @submitted_flag = SubmittedFlag.create(user: current_user, challenge: @challenge, text: flag)
+    end
     @flag_found = @challenge.find_flag(flag)
   end
 

app/controllers/surveys_controller.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+class SurveysController < ApplicationController
+  def create
+    @survey = Survey.new(survey_params)
+
+    redirect_to '/game', notice: I18n.t('surveys.submitted') if @survey.save
+  end
+
+  private
+
+  def survey_params
+    params.require(:survey).permit(:difficulty, :realism, :interest, :comment, :submitted_flag_id)
+  end
+end

app/helpers/surveys_helper.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+module SurveysHelper
+end

app/models/submitted_flag.rb

@@ -3,6 +3,7 @@
 class SubmittedFlag < ApplicationRecord
   belongs_to :user
   belongs_to :challenge
+  has_many :surveys, dependent: :destroy
 
   validates :text, presence: true
 

app/models/survey.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class Survey < ApplicationRecord
+  belongs_to :submitted_flag, optional: true
+end

app/views/challenges/show.html.haml

@@ -1,5 +1,5 @@
 -# For PentestGames, @challenge here can actually be a flag object since Pentest challenges belong to teams + challenges and are linked by a flag object.
--# 
+-#
 - content_for :admin_menu do
   %li= link_to t('challenges.admin_edit_challenge', challengename: @challenge.name), admin_edit_url(@challenge)
 
@@ -28,7 +28,7 @@
       = sanitize(Kramdown::Document.new(@challenge.sponsor_description).to_html)
 
 - if @solvable
-  = form_for :challenge, url: submit_url(@defense_team, @challenge), method: "put", html: { class: "well", style: "margin-bottom:40px;" } do |f|
+  = form_for :challenge, url: submit_url(@defense_team, @challenge), method: "put", html: { class: "well form-inline", style: "margin-bottom:40px;" } do |f|
     .control-group
       %p
         = t('challenges.submit_flag')
@@ -38,6 +38,11 @@
     .control-group
       = invisible_recaptcha_tags text: 'Submit', :class => "btn btn-primary"
 
+- if @flag_found
+  %hr/
+  = render partial: "surveys/form"
+  %hr/
+
 - if @solved_by.length > 0
   %table.table.table-bordered.table-striped
     %thead

app/views/surveys/_form.html.haml

@@ -0,0 +1,56 @@
+= form_for @survey, html: { class: "well form-inline", style: "margin-bottom:40px;" } do |f|
+  - if @survey.errors.any?
+    #error_explanation
+      %h2= "#{pluralize(@survey.errors.count, "error")} prohibited this survey from being saved:"
+      %ul
+        - @survey.errors.full_messages.each do |message|
+          %li= message
+
+  %h3= t('surveys.new.header')
+
+  .field
+    = f.label :difficulty
+    = render partial: "surveys/star_rating", locals: { |
+            star_5: "rating_difficulty_5",             |
+            star_4: "rating_difficulty_4",             |
+            star_3: "rating_difficulty_3",             |
+            star_2: "rating_difficulty_2",             |
+            star_1: "rating_difficulty_1",             |
+            star_0: "rating_difficulty_0",             |
+            category: :difficulty,                     |
+            f: f                                       |
+      }                                                |
+    = f.hidden_field :difficulty
+  .field
+    = f.label :realism
+    = render partial: "surveys/star_rating", locals: { |
+            star_5: "rating_realism_5",                |
+            star_4: "rating_realism_4",                |
+            star_3: "rating_realism_3",                |
+            star_2: "rating_realism_2",                |
+            star_1: "rating_realism_1",                |
+            star_0: "rating_realism_0",                |
+            category: :realism,                        |
+            f: f                                       |
+      }                                                |
+    = f.hidden_field :realism
+  .field
+    = f.label :interest
+    = render partial: "surveys/star_rating", locals: { |
+            star_5: "rating_interest_5",               |
+            star_4: "rating_interest_4",               |
+            star_3: "rating_interest_3",               |
+            star_2: "rating_interest_2",               |
+            star_1: "rating_interest_1",               |
+            star_0: "rating_interest_0",               |
+            category: :interest,                       |
+            f: f                                       |
+      }                                                |
+    = f.hidden_field :interest
+  .field
+    = f.label :comment
+    = f.text_area :comment
+  .field
+    = f.hidden_field :submitted_flag_id
+  .field
+    = f.submit t('surveys.new.submit_btn'), class: "btn btn-primary"

app/views/surveys/_star_rating.html.haml

@@ -0,0 +1,13 @@
+%span.star-cb-group
+  = f.radio_button category, 5, { :name => "#{category}", :id => "#{star_5}", :onclick => "setRating('survey_#{category}', '5')" }
+  %label{:for => "#{star_5}"} 5
+  = f.radio_button category, 4, { :name => "#{category}", :id => "#{star_4}", :onclick => "setRating('survey_#{category}', '4')" }
+  %label{:for => "#{star_4}"} 4
+  = f.radio_button category, 3, { :name => "#{category}", :id => "#{star_3}", :onclick => "setRating('survey_#{category}', '3')" }
+  %label{:for => "#{star_3}"} 3
+  = f.radio_button category, 2, { :name => "#{category}", :id => "#{star_2}", :onclick => "setRating('survey_#{category}', '2')" }
+  %label{:for => "#{star_2}"} 2
+  = f.radio_button category, 1, { :name => "#{category}", :id => "#{star_1}", :onclick => "setRating('survey_#{category}', '1')" }
+  %label{:for => "#{star_1}"} 1
+  = f.radio_button category, 0, { :name => "#{category}", :id => "#{star_0}", :class => "star-cb-clear", :onclick => "setRating('survey_#{category}', '0')", :checked => true }
+  %label{:for => "#{star_0}"} 0

config/initializers/rails_admin.rb

@@ -19,7 +19,7 @@
   config.actions do
     # root actions
     dashboard                     # mandatory
-    # collection actions 
+    # collection actions
     index                         # mandatory
     new do
       except ['Challenge', 'FeedItem', 'SolvedChallenge', 'Flag'] # Block users from adding items from their parent classes instead of their own classes
@@ -472,7 +472,7 @@
     list do
       field :team_name
       field :affiliation
-      field :team_captian
+      field :team_captain
       field :division
     end
   end

config/locales/en.yml

@@ -407,3 +407,8 @@ en:
       unlock_line_1: 'Your account has been locked due to an excessive amount of unsuccessful sign in attempts.'
       unlock_line_2: 'Click the link below to unlock your account:'
       unlock_account_link: 'Unlock my account'
+  surveys:
+    submitted: 'Survey Submitted!'
+    new:
+      header: 'Review Solved Challenge'
+      submit_btn: 'Submit Survey'

config/routes.rb

@@ -58,6 +58,10 @@
     end
   end
 
+  resource :surveys, only: %i[create] do
+    post :create
+  end
+
   get '/game/summary' => 'games#summary'
   get '/game/teams' => 'games#teams'
 

db/migrate/20200710145833_create_surveys.rb

@@ -0,0 +1,13 @@
+class CreateSurveys < ActiveRecord::Migration[6.0]
+  def change
+    create_table :surveys do |t|
+      t.integer :difficulty, default: 0, null: false
+      t.integer :realism, default: 0, null: false
+      t.integer :interest, default: 0, null: false
+      t.text :comment, default: "", null: true
+      t.integer :submitted_flag_id, null: false
+      t.timestamps
+    end
+    add_foreign_key "surveys", "submitted_flags"
+  end
+end

db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2020_06_23_173255) do
+ActiveRecord::Schema.define(version: 2020_07_10_145833) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -178,6 +178,16 @@
     t.index ["flag_id"], name: "index_submitted_flags_on_flag_id"
   end
 
+  create_table "surveys", force: :cascade do |t|
+    t.integer "difficulty", default: 0, null: false
+    t.integer "realism", default: 0, null: false
+    t.integer "interest", default: 0, null: false
+    t.text "comment", default: ""
+    t.integer "submitted_flag_id", null: false
+    t.datetime "created_at", precision: 6, null: false
+    t.datetime "updated_at", precision: 6, null: false
+  end
+
   create_table "teams", id: :serial, force: :cascade do |t|
     t.string "team_name"
     t.datetime "created_at"
@@ -281,5 +291,6 @@
   add_foreign_key "challenges", "games"
   add_foreign_key "flags", "teams"
   add_foreign_key "submitted_flags", "flags"
+  add_foreign_key "surveys", "submitted_flags"
   add_foreign_key "teams", "divisions"
 end