fix: correct number of solved assignments in report card (#2065)

* fix: correct number of solved assignments in report card Filter the list of assignments to accurately count the number of solved assignments. Closes: gh-2063 * chore: remove scoreboard code This is added when we run a CTF challenge during OWASP AppSecEU in 2017. We can remove this code. Closes: gh-2064
2025-03-11 22:57:49 +01:00
parent 2c5e4c4491
commit 23d6fe6f36
16 changed files with 106 additions and 441 deletions
--- a/src/main/java/org/owasp/webgoat/container/MvcConfiguration.java
+++ b/src/main/java/org/owasp/webgoat/container/MvcConfiguration.java
@ -53,7 +53,6 @@ public class MvcConfiguration implements WebMvcConfigurer {
    registry.addViewController("/login").setViewName("login");
    registry.addViewController("/lesson_content").setViewName("lesson_content");
    registry.addViewController("/start.mvc").setViewName("main_new");
-    registry.addViewController("/scoreboard").setViewName("scoreboard");
  }

  @Bean
--- a/src/main/java/org/owasp/webgoat/container/users/LessonProgress.java
+++ b/src/main/java/org/owasp/webgoat/container/users/LessonProgress.java
@ -84,6 +84,6 @@ public class LessonProgress {
  }

  long numberOfSolvedAssignments() {
-    return assignments.size();
+    return assignments.stream().filter(AssignmentProgress::isSolved).count();
  }
 }
--- a/src/main/java/org/owasp/webgoat/container/users/Scoreboard.java
+++ b/src/main/java/org/owasp/webgoat/container/users/Scoreboard.java
@ -1,83 +0,0 @@
-/*
- * SPDX-FileCopyrightText: Copyright © 2017 WebGoat authors
- * SPDX-License-Identifier: GPL-2.0-or-later
- */
-package org.owasp.webgoat.container.users;
-
-import java.util.List;
-import java.util.Optional;
-import java.util.stream.Collectors;
-import lombok.AllArgsConstructor;
-import lombok.Getter;
-import org.owasp.webgoat.container.i18n.PluginMessages;
-import org.owasp.webgoat.container.lessons.Lesson;
-import org.owasp.webgoat.container.session.Course;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RestController;
-
-/**
- * Temp endpoint just for the CTF.
- *
- * @author nbaars
- * @since 3/23/17.
- */
-@RestController
-@AllArgsConstructor
-public class Scoreboard {
-
-  private final UserProgressRepository userTrackerRepository;
-  private final UserRepository userRepository;
-  private final Course course;
-  private final PluginMessages pluginMessages;
-
-  @AllArgsConstructor
-  @Getter
-  private class Ranking {
-    private String username;
-    private List<String> flagsCaptured;
-  }
-
-  @GetMapping("/scoreboard-data")
-  public List<Ranking> getRankings() {
-    return userRepository.findAll().stream()
-        .filter(user -> !user.getUsername().startsWith("csrf-"))
-        .map(
-            user ->
-                new Ranking(
-                    user.getUsername(),
-                    challengesSolved(userTrackerRepository.findByUser(user.getUsername()))))
-        .sorted((o1, o2) -> o2.getFlagsCaptured().size() - o1.getFlagsCaptured().size())
-        .collect(Collectors.toList());
-  }
-
-  private List<String> challengesSolved(UserProgress userTracker) {
-    List<String> challenges =
-        List.of(
-            "Challenge1",
-            "Challenge2",
-            "Challenge3",
-            "Challenge4",
-            "Challenge5",
-            "Challenge6",
-            "Challenge7",
-            "Challenge8",
-            "Challenge9");
-    return challenges.stream()
-        .map(userTracker::getLessonProgress)
-        .flatMap(Optional::stream)
-        .filter(LessonProgress::isLessonSolved)
-        .map(LessonProgress::getLessonName)
-        .map(this::toLessonTitle)
-        .toList();
-  }
-
-  private String toLessonTitle(String id) {
-    String titleKey =
-        course.getLessons().stream()
-            .filter(l -> l.getId().equals(id))
-            .findFirst()
-            .map(Lesson::getTitle)
-            .orElse("No title");
-    return pluginMessages.getMessage(titleKey, titleKey);
-  }
-}
--- a/src/main/java/org/owasp/webgoat/container/users/UserProgress.java
+++ b/src/main/java/org/owasp/webgoat/container/users/UserProgress.java
@ -41,7 +41,7 @@ public class UserProgress {
  }

  /**
-   * Returns an existing lesson tracker or create a new one based on the lesson
+   * Returns an existing lesson progress or create a new one based on the lesson
   *
   * @param lesson the lesson
   * @return a lesson tracker created if not already present
@ -49,7 +49,7 @@ public class UserProgress {
  public LessonProgress getLessonProgress(Lesson lesson) {
    Optional<LessonProgress> progress =
        lessonProgress.stream().filter(l -> l.getLessonName().equals(lesson.getId())).findFirst();
-    if (!progress.isPresent()) {
+    if (progress.isEmpty()) {
      LessonProgress newLessonTracker = new LessonProgress(lesson);
      lessonProgress.add(newLessonTracker);
      return newLessonTracker;
@ -58,16 +58,6 @@ public class UserProgress {
    }
  }

-  /**
-   * Query method for finding a specific lesson tracker based on id
-   *
-   * @param id the id of the lesson
-   * @return optional due to the fact we can only create a lesson tracker based on a lesson
-   */
-  public Optional<LessonProgress> getLessonProgress(String id) {
-    return lessonProgress.stream().filter(l -> l.getLessonName().equals(id)).findFirst();
-  }
-
  public void assignmentSolved(Lesson lesson, String assignmentName) {
    LessonProgress progress = getLessonProgress(lesson);
    progress.incrementAttempts();