2019-03-27 03:17:20 +00:00
|
|
|
package api
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
|
|
|
"encoding/json"
|
|
|
|
"fmt"
|
|
|
|
"net/http"
|
|
|
|
"net/http/httptest"
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/gophish/gophish/config"
|
|
|
|
"github.com/gophish/gophish/models"
|
|
|
|
)
|
|
|
|
|
2020-02-02 03:44:50 +00:00
|
|
|
type testContext struct {
|
2019-03-27 03:17:20 +00:00
|
|
|
apiKey string
|
|
|
|
config *config.Config
|
|
|
|
apiServer *Server
|
2019-05-31 18:58:18 +00:00
|
|
|
admin models.User
|
2019-03-27 03:17:20 +00:00
|
|
|
}
|
|
|
|
|
2020-02-02 03:44:50 +00:00
|
|
|
func setupTest(t *testing.T) *testContext {
|
2019-03-27 03:17:20 +00:00
|
|
|
conf := &config.Config{
|
|
|
|
DBName: "sqlite3",
|
|
|
|
DBPath: ":memory:",
|
|
|
|
MigrationsPath: "../../db/db_sqlite3/migrations/",
|
|
|
|
}
|
|
|
|
err := models.Setup(conf)
|
|
|
|
if err != nil {
|
2020-02-02 03:44:50 +00:00
|
|
|
t.Fatalf("Failed creating database: %v", err)
|
2019-03-27 03:17:20 +00:00
|
|
|
}
|
2020-02-02 03:44:50 +00:00
|
|
|
ctx := &testContext{}
|
|
|
|
ctx.config = conf
|
2019-03-27 03:17:20 +00:00
|
|
|
// Get the API key to use for these tests
|
|
|
|
u, err := models.GetUser(1)
|
2020-02-02 03:44:50 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("error getting admin user: %v", err)
|
|
|
|
}
|
|
|
|
ctx.apiKey = u.ApiKey
|
|
|
|
ctx.admin = u
|
|
|
|
ctx.apiServer = NewServer()
|
|
|
|
return ctx
|
2019-03-27 03:17:20 +00:00
|
|
|
}
|
|
|
|
|
2020-02-02 03:44:50 +00:00
|
|
|
func tearDown(t *testing.T, ctx *testContext) {
|
2019-05-31 18:58:18 +00:00
|
|
|
// Cleanup all users except the original admin
|
2020-02-02 03:44:50 +00:00
|
|
|
// users, _ := models.GetUsers()
|
|
|
|
// for _, user := range users {
|
|
|
|
// if user.Id == 1 {
|
|
|
|
// continue
|
|
|
|
// }
|
|
|
|
// err := models.DeleteUser(user.Id)
|
|
|
|
// s.Nil(err)
|
|
|
|
// }
|
2019-03-27 03:17:20 +00:00
|
|
|
}
|
|
|
|
|
2020-02-02 03:44:50 +00:00
|
|
|
func createTestData(t *testing.T) {
|
2019-03-27 03:17:20 +00:00
|
|
|
// Add a group
|
|
|
|
group := models.Group{Name: "Test Group"}
|
|
|
|
group.Targets = []models.Target{
|
|
|
|
models.Target{BaseRecipient: models.BaseRecipient{Email: "test1@example.com", FirstName: "First", LastName: "Example"}},
|
|
|
|
models.Target{BaseRecipient: models.BaseRecipient{Email: "test2@example.com", FirstName: "Second", LastName: "Example"}},
|
|
|
|
}
|
|
|
|
group.UserId = 1
|
|
|
|
models.PostGroup(&group)
|
|
|
|
|
|
|
|
// Add a template
|
2020-02-02 03:44:50 +00:00
|
|
|
template := models.Template{Name: "Test Template"}
|
|
|
|
template.Subject = "Test subject"
|
|
|
|
template.Text = "Text text"
|
|
|
|
template.HTML = "<html>Test</html>"
|
|
|
|
template.UserId = 1
|
|
|
|
models.PostTemplate(&template)
|
2019-03-27 03:17:20 +00:00
|
|
|
|
|
|
|
// Add a landing page
|
|
|
|
p := models.Page{Name: "Test Page"}
|
|
|
|
p.HTML = "<html>Test</html>"
|
|
|
|
p.UserId = 1
|
|
|
|
models.PostPage(&p)
|
|
|
|
|
|
|
|
// Add a sending profile
|
|
|
|
smtp := models.SMTP{Name: "Test Page"}
|
|
|
|
smtp.UserId = 1
|
|
|
|
smtp.Host = "example.com"
|
|
|
|
smtp.FromAddress = "test@test.com"
|
|
|
|
models.PostSMTP(&smtp)
|
|
|
|
|
|
|
|
// Setup and "launch" our campaign
|
|
|
|
// Set the status such that no emails are attempted
|
|
|
|
c := models.Campaign{Name: "Test campaign"}
|
|
|
|
c.UserId = 1
|
2020-02-02 03:44:50 +00:00
|
|
|
c.Template = template
|
2019-03-27 03:17:20 +00:00
|
|
|
c.Page = p
|
|
|
|
c.SMTP = smtp
|
|
|
|
c.Groups = []models.Group{group}
|
|
|
|
models.PostCampaign(&c, c.UserId)
|
|
|
|
c.UpdateStatus(models.CampaignEmailsSent)
|
|
|
|
}
|
|
|
|
|
2020-02-02 03:44:50 +00:00
|
|
|
func TestSiteImportBaseHref(t *testing.T) {
|
|
|
|
ctx := setupTest(t)
|
2019-03-27 03:17:20 +00:00
|
|
|
h := "<html><head></head><body><img src=\"/test.png\"/></body></html>"
|
|
|
|
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
fmt.Fprintln(w, h)
|
|
|
|
}))
|
2020-02-02 03:44:50 +00:00
|
|
|
expected := fmt.Sprintf("<html><head><base href=\"%s\"/></head><body><img src=\"/test.png\"/>\n</body></html>", ts.URL)
|
2019-03-27 03:17:20 +00:00
|
|
|
defer ts.Close()
|
|
|
|
req := httptest.NewRequest(http.MethodPost, "/api/import/site",
|
|
|
|
bytes.NewBuffer([]byte(fmt.Sprintf(`
|
|
|
|
{
|
|
|
|
"url" : "%s",
|
|
|
|
"include_resources" : false
|
|
|
|
}
|
|
|
|
`, ts.URL))))
|
|
|
|
req.Header.Set("Content-Type", "application/json")
|
|
|
|
response := httptest.NewRecorder()
|
2020-02-02 03:44:50 +00:00
|
|
|
ctx.apiServer.ImportSite(response, req)
|
2019-03-27 03:17:20 +00:00
|
|
|
cs := cloneResponse{}
|
|
|
|
err := json.NewDecoder(response.Body).Decode(&cs)
|
2020-02-02 03:44:50 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("error decoding response: %v", err)
|
|
|
|
}
|
|
|
|
if cs.HTML != expected {
|
|
|
|
t.Fatalf("unexpected response received. expected %s got %s", expected, cs.HTML)
|
|
|
|
}
|
2019-03-27 03:17:20 +00:00
|
|
|
}
|