mitre-cyber-academy / ctf-scoreboard Goto Github PK

Currently emails are sent synchronously which slows down the application for users, implement something like https://blog.engineyard.com/2015/testing-async-emails-rails-42 to send them async.

The division should not be change-able for ANY team during the competition. This is left over from the scoreboard merge.

It would make things a lot cleaner if we had just one application instead of two. This would probably be best done by migrating all of the scoreboard code into the registration site.

It will provide some padding at the bottom of the page, and will make pages end less abruptly.

The top teams should automatically be prompted for their contact information (things such as their transcript and address).

If we integrate the registration and the scoreboard together we no longer have to email users beforehand with their credentials for the competition. This unfortunately means that they also don't get any reminder that the CTF is coming up. We should still send them out an alert the day before the competition to all users reminding them that the CTF is the next day.

This should only be applicable to drop down items, regular input form fields should already persist.

The registration site needs to ask teams to upload a PDF containing some sort of verification that they are eligible to compete in the competition. We can also include a list of valid verification methods.

Migrated from Trello

The papertrail gem is currently added however no models are setup to use it.

There is a bit of an edge case that happens if a user registers and then uses the forgot password option before completing registration. It sends them an email asking them to reset their password but then won't let them reset their password because they haven't set their name and a bunch of other fields. In order to get around this we need to do some checking before sending the forgot password email.

This is something that needs to be added in once the scoreboard is integrated. We need to have the ability to automatically have all the teams receive a completion certificate once the competition is completed with all the information filled in automatically. This should be an option on the game object to enable or disable this feature.

What information can we ask the competitors for, and what do we want to have

Add a statement of data protection to the user registration page & profile page

not able to edit teams in the admin view if they have not completed both steps of registration

It would be extremely useful if we had a way to be notified automatically when users receive an exception, something like https://github.com/smartinez87/exception_notification should be able to do this.

http://chartkick.com/ allows you to build both area charts and geographical charts, both of which we want for the competition.

I'm not a dev and I'm not expert on how RoR works.

Can you provide simple steps to configure the app before starting the web server?

Because if I only do:

• gem install bundler
• bundle install
• bin/rails server

I have an error ActiveRecord::NoDatabaseError (FATAL: database "registration_development" does not exist so I assume there is some database provision and configuration (bundle exec rake something) to do before starting the web server.

Graduate Student is not a real option when selecting year in school. Instead it is saved as Not in School. Occurs with new accounts and when editing existing account.

Mark whole teams as ineligible for prizes when a team member joins that is ineligible

At this time it is possible to perform the upgrade however I am planning to hold off until rails_admin is officially released with support for rails 5. I believe it is the only gem holding us back: https://rubygems.org/gems/rails_admin

Feature to close the registration at a certain time. This means that people can no longer register and teams can not change.

As shown below, when the show team page is multiple pages long the pagination does show properly.

Currently if you create a bunch of empty teams in the database with no team captain and then try to join one of them an error is thrown. We should make sure this doesn't happen.

One good thing we could do that would make this easier to fix is adding a users_count field to the database and setting up a counter cache, see http://stackoverflow.com/a/9209705

This would also be useful for fixing the following from happening on the join_team page

We could then just set the default team filter to not show teams where the user count is empty, which would hide any team that accidentally gets in that state from the user.

We have a strange case where a user managed to register and create a team and somehow remove themselves from the team but remain as the team captain. This breaks the export script so we kinda need to figure out how to fix it at some point. The team was team number 241 and user 621. It may represent a bug in the team destroy or user destroy code.

Allow users to edit their user information after registration

Migrated from Trello

Use this to replace the brassring site.

Migrated from Trello

When ineligible user leaves team, eligibility doesn't get updated.

To reproduce:

Create two users, Eligible and Ineligible.
Have Eligible create a team.
Have Ineligible join the team.
Team should now be considered NOT eligible for prizes.
Have Ineligible leave the team.
Team is still considered NOT eligible even though the only team member is eligible.

For some reason the rails 4 branch is not working right with authentication and rails_admin. Mainly it just doesn't ask for a password for the admin panel. This needs to be addressed before merging this branch into master.

We should automate the requesting of resumes and transcripts and integrate it into the scoreboard for the top 10 teams for each division. We could also put a countdown on it for when it is due by in order to make it clear to the competitors how soon we need the information by. This makes it a lot easier to keep track of the data.

I'm thinking of two paths for team deletion:

1. Everyone leaves the team
2. Captain decides to delete the team. In this case we should send an email to all team members saying they are off a team.

Comments?

Add option to registration for teams to choose to not compete for money but still compete in challenges.

This is implemented on the scoreboard as an option that marks them eligible vs ineligible but is not implemented on the registration site yet. It needs to be.

Migrated from Trello

This needs to be handled carefully since it would be really nice for the user if they can be disassociated from one team and easily re-associated to another.

Not exactly sure how this is possible, but there are a few rare instances currently where users have outstanding team invitations but there is no team associated. I am not 100% sure this is an issue yet, however we have had at least one person at this point email and say they were having trouble joining a team and they do have a user invite which is in such a state. It may be best to simply delete all associated user invites and requests when a team is deleted.

This handles the testing of emails for us locally without requiring us to use gmail or something in our development environment. https://github.com/ryanb/letter_opener

This has caused problems with two teams.

When a user clicks a link to register after being invited by a team captain, the email should auto populate.

Consider a message that warns users that if they register with an email other than the email they were invited with, they will not have the invite to the team.

Optional area for profile contains additional information and the ability to edit information a user registered with

We have had multiple users who stated they signed up for the competition but did not receive team credentials, mainly because they never actually registered a team. We need to make this more clear.

Causes a NoMethodError in UserRequestsController#create when trying to join a team as there is no Team Captain to send the request email to.

To reproduce:

Create two accounts, PersonA and PersonB.
Have PersonA create a team.
Have PersonB join the team.
Have PersonA navigate to Edit Team page.
Have PersonB delete their account.
WITHOUT RELOADING have PersonA transfer captaincy to PersonB.
Team Captain is now null and will throw the error when anyone else requests to join the team.

Issue also occurs if PersonB leaves the team instead of deleting their account.

If a team opens a challenge on the high school division it should open it for the college and professional divisions as well. That makes the state of the challenge code a lot cleaner and also eases the integration of the registration site and the scoreboard significantly since teams can technically increase in division during the competition if they add more players of a higher division level.

DEPRECATION WARNING: config.serve_static_files is deprecated and will be removed in Rails 5.1.
Please use config.public_file_server.enabled = true instead.
(called from block in <top (required)> at /app/config/environments/production.rb:27)

Not a big deal, but all teams with NA are showing up in the USA which is technically incorrect. The reason this is happening is because users can choose from any US state or NA. We could fix this by adding a fallback where when they choose NA they are prompted to input a country, or we could forget about it altogether. Also since we are allowing competitors from all over the world, having a US only map no longer really works.

If we are going to open source the challenges then we might as well make it easy for people to find out when the open sourcing has actually happened. It would be trivial to add a rake task that we can run which will email all and let them know that the challenges have been released.