Added ability to create campaigns

Need to improve GetCampaign() and GetCampaigns() to include Results and Groups
pull/24/head
Jordan 2014-02-18 14:22:16 -06:00
parent 788a5703d2
commit 1e52267bfa
6 changed files with 101 additions and 37 deletions

View File

@ -77,9 +77,7 @@ func API_Campaigns(w http.ResponseWriter, r *http.Request) {
c.CreatedDate = time.Now() c.CreatedDate = time.Now()
c.CompletedDate = time.Time{} c.CompletedDate = time.Time{}
c.Status = IN_PROGRESS c.Status = IN_PROGRESS
c.Uid = ctx.Get(r, "user_id").(int64) err = db.PostCampaign(&c, ctx.Get(r, "user_id").(int64))
// Insert into the DB
err = db.Conn.Insert(&c)
if checkError(err, w, "Cannot insert campaign into database", http.StatusInternalServerError) { if checkError(err, w, "Cannot insert campaign into database", http.StatusInternalServerError) {
return return
} }
@ -109,7 +107,15 @@ func API_Campaigns_Id(w http.ResponseWriter, r *http.Request) {
} }
writeJSON(w, cj) writeJSON(w, cj)
case r.Method == "DELETE": case r.Method == "DELETE":
//c := models.Campaign{} _, err := db.GetCampaign(id, ctx.Get(r, "user_id").(int64))
if checkError(err, w, "No campaign found", http.StatusNotFound) {
return
}
err = db.DeleteCampaign(id)
if checkError(err, w, "Error deleting campaign", http.StatusInternalServerError) {
return
}
writeJSON(w, []byte("{\"success\" : \"true\"}"))
} }
} }

View File

@ -3,10 +3,10 @@ package db
import ( import (
"database/sql" "database/sql"
"errors" "errors"
"fmt"
"log" "log"
"net/mail" "net/mail"
"os" "os"
"time"
"github.com/coopernurse/gorp" "github.com/coopernurse/gorp"
"github.com/jordan-wright/gophish/config" "github.com/jordan-wright/gophish/config"
@ -35,10 +35,11 @@ func Setup() error {
createTablesSQL := []string{ createTablesSQL := []string{
//Create tables //Create tables
`CREATE TABLE users (id INTEGER PRIMARY KEY AUTOINCREMENT, username TEXT NOT NULL, hash VARCHAR(60) NOT NULL, api_key VARCHAR(32), UNIQUE(username), UNIQUE(api_key));`, `CREATE TABLE users (id INTEGER PRIMARY KEY AUTOINCREMENT, username TEXT NOT NULL, hash VARCHAR(60) NOT NULL, api_key VARCHAR(32), UNIQUE(username), UNIQUE(api_key));`,
`CREATE TABLE campaigns (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT NOT NULL, created_date TIMESTAMP NOT NULL, completed_date TIMESTAMP, template TEXT, status TEXT NOT NULL, uid INTEGER, FOREIGN KEY (uid) REFERENCES users(id));`, `CREATE TABLE campaigns (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT NOT NULL, created_date TIMESTAMP NOT NULL, completed_date TIMESTAMP, template TEXT, status TEXT NOT NULL);`,
`CREATE TABLE targets (id INTEGER PRIMARY KEY AUTOINCREMENT, email TEXT NOT NULL, UNIQUE(email));`, `CREATE TABLE targets (id INTEGER PRIMARY KEY AUTOINCREMENT, email TEXT NOT NULL, UNIQUE(email));`,
`CREATE TABLE groups (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT NOT NULL, modified_date TIMESTAMP NOT NULL);`, `CREATE TABLE groups (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT NOT NULL, modified_date TIMESTAMP NOT NULL);`,
`CREATE TABLE campaign_results (cid INTEGER NOT NULL, tid INTEGER NOT NULL, result TEXT NOT NULL, FOREIGN KEY (cid) REFERENCES users(id), FOREIGN KEY (tid) REFERENCES targets(id), UNIQUE(cid, tid))`, `CREATE TABLE campaign_results (cid INTEGER NOT NULL, email TEXT NOT NULL, result TEXT NOT NULL, FOREIGN KEY (cid) REFERENCES users(id), UNIQUE(cid, email))`,
`CREATE TABLE user_campaigns (uid INTEGER NOT NULL, cid INTEGER NOT NULL, FOREIGN KEY (uid) REFERENCES users(id), FOREIGN KEY (cid) REFERENCES campaigns(id), UNIQUE(uid, cid))`,
`CREATE TABLE user_groups (uid INTEGER NOT NULL, gid INTEGER NOT NULL, FOREIGN KEY (uid) REFERENCES users(id), FOREIGN KEY (gid) REFERENCES groups(id), UNIQUE(uid, gid))`, `CREATE TABLE user_groups (uid INTEGER NOT NULL, gid INTEGER NOT NULL, FOREIGN KEY (uid) REFERENCES users(id), FOREIGN KEY (gid) REFERENCES groups(id), UNIQUE(uid, gid))`,
`CREATE TABLE group_targets (gid INTEGER NOT NULL, tid INTEGER NOT NULL, FOREIGN KEY (gid) REFERENCES groups(id), FOREIGN KEY (tid) REFERENCES targets(id), UNIQUE(gid, tid));`, `CREATE TABLE group_targets (gid INTEGER NOT NULL, tid INTEGER NOT NULL, FOREIGN KEY (gid) REFERENCES groups(id), FOREIGN KEY (tid) REFERENCES targets(id), UNIQUE(gid, tid));`,
} }
@ -53,22 +54,13 @@ func Setup() error {
//Create the default user //Create the default user
init_user := models.User{ init_user := models.User{
Username: "admin", Username: "admin",
Hash: "$2a$10$IYkPp0.QsM81lYYPrQx6W.U6oQGw7wMpozrKhKAHUBVL4mkm/EvAS", Hash: "$2a$10$IYkPp0.QsM81lYYPrQx6W.U6oQGw7wMpozrKhKAHUBVL4mkm/EvAS", //gophish
APIKey: "12345678901234567890123456789012", APIKey: "12345678901234567890123456789012",
} }
Conn.Insert(&init_user) Conn.Insert(&init_user)
if err != nil { if err != nil {
Logger.Println(err) Logger.Println(err)
} }
c := models.Campaign{
Name: "Test Campaigns",
CreatedDate: time.Now().UTC(),
CompletedDate: time.Now().UTC(),
Template: "test template",
Status: "In progress",
Uid: init_user.Id,
}
Conn.Insert(&c)
} }
return nil return nil
} }
@ -119,17 +111,71 @@ func PutUser(u *models.User) error {
// GetCampaigns returns the campaigns owned by the given user. // GetCampaigns returns the campaigns owned by the given user.
func GetCampaigns(uid int64) ([]models.Campaign, error) { func GetCampaigns(uid int64) ([]models.Campaign, error) {
cs := []models.Campaign{} cs := []models.Campaign{}
_, err := Conn.Select(&cs, "SELECT c.id, name, created_date, completed_date, status, template FROM campaigns c, users u WHERE c.uid=u.id AND u.id=?", uid) _, err := Conn.Select(&cs, "SELECT c.id, name, created_date, completed_date, status, template FROM campaigns c, user_campaigns uc, users u WHERE uc.uid=u.id AND uc.cid=c.id AND u.id=?", uid)
return cs, err return cs, err
} }
// GetCampaign returns the campaign, if it exists, specified by the given id and user_id. // GetCampaign returns the campaign, if it exists, specified by the given id and user_id.
func GetCampaign(id int64, uid int64) (models.Campaign, error) { func GetCampaign(id int64, uid int64) (models.Campaign, error) {
c := models.Campaign{} c := models.Campaign{}
err := Conn.SelectOne(&c, "SELECT c.id, name, created_date, completed_date, status, template FROM campaigns c, users u WHERE c.uid=u.id AND c.id =? AND u.id=?", id, uid) err := Conn.SelectOne(&c, "SELECT c.id, name, created_date, completed_date, status, template FROM campaigns c, user_campaigns uc, users u WHERE uc.uid=u.id AND uc.cid=c.id AND c.id=? AND u.id=?", id, uid)
return c, err return c, err
} }
// PostCampaign inserts a campaign and all associated records into the database.
func PostCampaign(c *models.Campaign, uid int64) error {
// Insert into the DB
err = Conn.Insert(c)
if err != nil {
Logger.Println(err)
return err
}
// Insert all the results
for i, g := range c.Groups {
c.Groups[i], err = GetGroupByName(g.Name, uid)
if err == sql.ErrNoRows {
Logger.Printf("Error - Group %s does not exist", g.Name)
return err
} else if err != nil {
Logger.Println(err)
return err
}
// Insert a result for each target in the group
for _, t := range c.Groups[i].Targets {
r := models.Result{Target: t, Status: "Unknown"}
c.Results = append(c.Results, r)
fmt.Printf("%v", c.Results)
_, err = Conn.Exec("INSERT INTO campaign_results VALUES (?,?,?)", c.Id, r.Email, r.Status)
if err != nil {
Logger.Printf("Error adding result record for target %s\n", t.Email)
Logger.Println(err)
}
}
}
// Now, let's add the user->user_groups->group mapping
_, err = Conn.Exec("INSERT OR IGNORE INTO user_campaigns VALUES (?,?)", uid, c.Id)
if err != nil {
Logger.Printf("Error adding many-many mapping for campaign %s\n", c.Name)
}
return nil
}
func DeleteCampaign(id int64) error {
// Delete all the campaign_results entries for this group
_, err := Conn.Exec("DELETE FROM campaign_results WHERE cid=?", id)
if err != nil {
return err
}
// Delete the reference to the campaign in the user_campaigns table
_, err = Conn.Exec("DELETE FROM user_campaigns WHERE cid=?", id)
if err != nil {
return err
}
// Delete the campaign itself
_, err = Conn.Exec("DELETE FROM campaigns WHERE id=?", id)
return err
}
// GetGroups returns the groups owned by the given user. // GetGroups returns the groups owned by the given user.
func GetGroups(uid int64) ([]models.Group, error) { func GetGroups(uid int64) ([]models.Group, error) {
gs := []models.Group{} gs := []models.Group{}
@ -162,6 +208,21 @@ func GetGroup(id int64, uid int64) (models.Group, error) {
return g, nil return g, nil
} }
// GetGroup returns the group, if it exists, specified by the given name and user_id.
func GetGroupByName(n string, uid int64) (models.Group, error) {
g := models.Group{}
err := Conn.SelectOne(&g, "SELECT g.id, g.name, g.modified_date FROM groups g, user_groups ug, users u WHERE ug.uid=u.id AND ug.gid=g.id AND g.name=? AND u.id=?", n, uid)
if err != nil {
Logger.Println(err)
return g, err
}
_, err = Conn.Select(&g.Targets, "SELECT t.id, t.email FROM targets t, group_targets gt WHERE gt.gid=? AND gt.tid=t.id", g.Id)
if err != nil {
Logger.Println(err)
}
return g, nil
}
// PostGroup creates a new group in the database. // PostGroup creates a new group in the database.
func PostGroup(g *models.Group, uid int64) error { func PostGroup(g *models.Group, uid int64) error {
// Insert into the DB // Insert into the DB

View File

@ -41,12 +41,11 @@ type Campaign struct {
Template string `json:"template"` //This may change Template string `json:"template"` //This may change
Status string `json:"status"` Status string `json:"status"`
Results []Result `json:"results" db:"-"` Results []Result `json:"results" db:"-"`
Uid int64 `json:"-"` Groups []Group `json:"groups" db:"-"`
} }
type Result struct { type Result struct {
Id int64 Target
TargetId int64
Status string `json:"status"` Status string `json:"status"`
} }

View File

@ -21,7 +21,7 @@ app.factory('GroupService', function($resource) {
}); });
app.controller('CampaignCtrl', function($scope, CampaignService, ngTableParams) { app.controller('CampaignCtrl', function($scope, CampaignService, ngTableParams) {
$scope.tableParams = new ngTableParams({ $scope.mainTableParams = new ngTableParams({
page: 1, // show first page page: 1, // show first page
count: 10, // count per page count: 10, // count per page
sorting: { sorting: {
@ -100,6 +100,15 @@ app.controller('CampaignCtrl', function($scope, CampaignService, ngTableParams)
}; };
$scope.editGroupTableParams.reload() $scope.editGroupTableParams.reload()
} }
$scope.deleteCampaign = function(campaign) {
var deleteCampaign = new CampaignService(campaign);
deleteCampaign.$delete({
id: deleteCampaign.id
}, function() {
$scope.mainTableParams.reload();
});
}
}); });
app.controller('GroupCtrl', function($scope, GroupService, ngTableParams) { app.controller('GroupCtrl', function($scope, GroupService, ngTableParams) {

View File

@ -1,11 +0,0 @@
$(document).ready(function() {
$(".editable-row").hover(
function() {
alert("test")
$(this).find(".edit-row").removeClass("hidden");
}, function() {
$(this > ".edit-row").addClass("hidden");
}
)
})

View File

@ -25,7 +25,7 @@
</div> </div>
&nbsp; &nbsp;
<div class="row"> <div class="row">
<table ng-table="tableParams" class="table table-hover table-striped table-bordered"> <table ng-table="mainTableParams" class="table table-hover table-striped table-bordered">
<tbody> <tbody>
<tr ng-repeat="campaign in $data" class="editable-row"> <tr ng-repeat="campaign in $data" class="editable-row">
<td data-title="'Created Date'" class="col-sm-1">{{campaign.created_date | date:'medium'}}</td> <td data-title="'Created Date'" class="col-sm-1">{{campaign.created_date | date:'medium'}}</td>
@ -41,7 +41,7 @@
<li><a href="/campaigns/{{campaign.id}}/relaunch">Relaunch</a> <li><a href="/campaigns/{{campaign.id}}/relaunch">Relaunch</a>
</li> </li>
<li class="divider"></li> <li class="divider"></li>
<li><a href="/campaigns/{{campaign.id}}/delete">Delete</a> <li><a ng-click="deleteCampaign(campaign)" ng-href="#">Delete</a>
</li> </li>
</ul> </ul>
</div> </div>