diff --git a/src/main/java/org/owasp/wrongsecrets/Challenges.java b/src/main/java/org/owasp/wrongsecrets/Challenges.java index b7f719f62..b2ffba8c8 100644 --- a/src/main/java/org/owasp/wrongsecrets/Challenges.java +++ b/src/main/java/org/owasp/wrongsecrets/Challenges.java @@ -88,6 +88,10 @@ public boolean isFirstChallenge(ChallengeDefinition challengeDefinition) { return challengeDefinition.equals(definitions.challenges().get(0)); } + public boolean isLastChallenge(ChallengeDefinition challengeDefinition) { + return challengeDefinition.equals(definitions.challenges().getLast()); + } + public List getChallengeDefinitions() { return definitions.challenges(); } diff --git a/src/main/java/org/owasp/wrongsecrets/challenges/ChallengesController.java b/src/main/java/org/owasp/wrongsecrets/challenges/ChallengesController.java index 3bcbf7cb1..8c9fe0f3d 100644 --- a/src/main/java/org/owasp/wrongsecrets/challenges/ChallengesController.java +++ b/src/main/java/org/owasp/wrongsecrets/challenges/ChallengesController.java @@ -48,7 +48,7 @@ public class ChallengesController { @Value("${ctf_enabled}") private boolean ctfModeEnabled; - private boolean spoilingEnabled; + private final boolean spoilingEnabled; @Value("${ctf_key}") private String ctfKey; @@ -93,7 +93,7 @@ public String spoiler(@PathVariable("short-name") String shortName, Model model) model.addAttribute("spoiler", new Spoiler("Spoils are disabled in the configuration")); } else { Optional spoilerFromRuntimeEnvironment = - challenges.findChallenge(shortName, runtimeEnvironment).map(c -> c.spoiler()); + challenges.findChallenge(shortName, runtimeEnvironment).map(Challenge::spoiler); Supplier spoilerFromRandomChallenge = () -> { var challengeDefinition = findByShortName(shortName); @@ -151,8 +151,13 @@ public String challenge(Model model, @PathVariable("short-name") String shortNam model.addAttribute("answerCorrect", null); model.addAttribute("answerIncorrect", null); model.addAttribute("solution", null); + String clickNext = + "This challenge has been disabled. Click \"next\" to go to the next challenge."; + if (challenges.isLastChallenge(challengeDefinition)) { + clickNext = "This challenge has been disabled"; + } if (!isChallengeEnabled(challengeDefinition)) { - model.addAttribute("answerIncorrect", "This challenge has been disabled."); + model.addAttribute("answerIncorrect", "This challenge has been disabled." + clickNext); } if (ctfModeEnabled && challenges.isFirstChallenge(challengeDefinition)) { if (!Strings.isNullOrEmpty(ctfServerAddress) && !ctfServerAddress.equals("not_set")) { @@ -331,7 +336,7 @@ private void enrichWithHintsAndReasons(Model model) { private void fireEnding(Model model) { var notCompleted = challenges.getDefinitions().challenges().stream() - .filter(def -> isChallengeEnabled(def)) + .filter(this::isChallengeEnabled) .filter(this::challengeNotCompleted) .count(); if (notCompleted == 0) { diff --git a/src/main/resources/explanations/missing_cloud.adoc b/src/main/resources/explanations/missing_cloud.adoc index b1dd9ea29..55884a78c 100644 --- a/src/main/resources/explanations/missing_cloud.adoc +++ b/src/main/resources/explanations/missing_cloud.adoc @@ -1,2 +1,4 @@ We are running outside a properly configured Cloud environment. Please run this in an AWS/Azure/GCP environment as explained in the https://github.com/OWASP/wrongsecrets#cloud-challenges[README.md] + +There are still supported challenges after this one. Please try another challenge instead! diff --git a/src/main/resources/explanations/missing_k8s.adoc b/src/main/resources/explanations/missing_k8s.adoc index 4e7315753..f40e18672 100644 --- a/src/main/resources/explanations/missing_k8s.adoc +++ b/src/main/resources/explanations/missing_k8s.adoc @@ -1,3 +1,5 @@ We are running outside a K8s cluster. Please run this in the K8s cluster as explained in the https://github.com/OWASP/wrongsecrets#basic-k8s-exercise[README.md] + +There are still supported challenges after this one. Please try another challenge instead! diff --git a/src/main/resources/explanations/missing_vault.adoc b/src/main/resources/explanations/missing_vault.adoc index 006e40ad1..384392fa8 100644 --- a/src/main/resources/explanations/missing_vault.adoc +++ b/src/main/resources/explanations/missing_vault.adoc @@ -1,2 +1,4 @@ We are running outside a K8s cluster with Vault. Please run this in the K8s cluster as explained in the https://github.com/OWASP/wrongsecrets#vault-exercises-with-minikube[README.md] + +There might still be supported challenges after this one. Please try another challenge instead!