mirror of https://github.com/gophish/gophish
Added ability to create campaigns
Need to improve GetCampaign() and GetCampaigns() to include Results and Groupspull/24/head
parent
788a5703d2
commit
1e52267bfa
|
@ -77,9 +77,7 @@ func API_Campaigns(w http.ResponseWriter, r *http.Request) {
|
||||||
c.CreatedDate = time.Now()
|
c.CreatedDate = time.Now()
|
||||||
c.CompletedDate = time.Time{}
|
c.CompletedDate = time.Time{}
|
||||||
c.Status = IN_PROGRESS
|
c.Status = IN_PROGRESS
|
||||||
c.Uid = ctx.Get(r, "user_id").(int64)
|
err = db.PostCampaign(&c, ctx.Get(r, "user_id").(int64))
|
||||||
// Insert into the DB
|
|
||||||
err = db.Conn.Insert(&c)
|
|
||||||
if checkError(err, w, "Cannot insert campaign into database", http.StatusInternalServerError) {
|
if checkError(err, w, "Cannot insert campaign into database", http.StatusInternalServerError) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -109,7 +107,15 @@ func API_Campaigns_Id(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
writeJSON(w, cj)
|
writeJSON(w, cj)
|
||||||
case r.Method == "DELETE":
|
case r.Method == "DELETE":
|
||||||
//c := models.Campaign{}
|
_, err := db.GetCampaign(id, ctx.Get(r, "user_id").(int64))
|
||||||
|
if checkError(err, w, "No campaign found", http.StatusNotFound) {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
err = db.DeleteCampaign(id)
|
||||||
|
if checkError(err, w, "Error deleting campaign", http.StatusInternalServerError) {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
writeJSON(w, []byte("{\"success\" : \"true\"}"))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
91
db/db.go
91
db/db.go
|
@ -3,10 +3,10 @@ package db
|
||||||
import (
|
import (
|
||||||
"database/sql"
|
"database/sql"
|
||||||
"errors"
|
"errors"
|
||||||
|
"fmt"
|
||||||
"log"
|
"log"
|
||||||
"net/mail"
|
"net/mail"
|
||||||
"os"
|
"os"
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/coopernurse/gorp"
|
"github.com/coopernurse/gorp"
|
||||||
"github.com/jordan-wright/gophish/config"
|
"github.com/jordan-wright/gophish/config"
|
||||||
|
@ -35,10 +35,11 @@ func Setup() error {
|
||||||
createTablesSQL := []string{
|
createTablesSQL := []string{
|
||||||
//Create tables
|
//Create tables
|
||||||
`CREATE TABLE users (id INTEGER PRIMARY KEY AUTOINCREMENT, username TEXT NOT NULL, hash VARCHAR(60) NOT NULL, api_key VARCHAR(32), UNIQUE(username), UNIQUE(api_key));`,
|
`CREATE TABLE users (id INTEGER PRIMARY KEY AUTOINCREMENT, username TEXT NOT NULL, hash VARCHAR(60) NOT NULL, api_key VARCHAR(32), UNIQUE(username), UNIQUE(api_key));`,
|
||||||
`CREATE TABLE campaigns (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT NOT NULL, created_date TIMESTAMP NOT NULL, completed_date TIMESTAMP, template TEXT, status TEXT NOT NULL, uid INTEGER, FOREIGN KEY (uid) REFERENCES users(id));`,
|
`CREATE TABLE campaigns (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT NOT NULL, created_date TIMESTAMP NOT NULL, completed_date TIMESTAMP, template TEXT, status TEXT NOT NULL);`,
|
||||||
`CREATE TABLE targets (id INTEGER PRIMARY KEY AUTOINCREMENT, email TEXT NOT NULL, UNIQUE(email));`,
|
`CREATE TABLE targets (id INTEGER PRIMARY KEY AUTOINCREMENT, email TEXT NOT NULL, UNIQUE(email));`,
|
||||||
`CREATE TABLE groups (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT NOT NULL, modified_date TIMESTAMP NOT NULL);`,
|
`CREATE TABLE groups (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT NOT NULL, modified_date TIMESTAMP NOT NULL);`,
|
||||||
`CREATE TABLE campaign_results (cid INTEGER NOT NULL, tid INTEGER NOT NULL, result TEXT NOT NULL, FOREIGN KEY (cid) REFERENCES users(id), FOREIGN KEY (tid) REFERENCES targets(id), UNIQUE(cid, tid))`,
|
`CREATE TABLE campaign_results (cid INTEGER NOT NULL, email TEXT NOT NULL, result TEXT NOT NULL, FOREIGN KEY (cid) REFERENCES users(id), UNIQUE(cid, email))`,
|
||||||
|
`CREATE TABLE user_campaigns (uid INTEGER NOT NULL, cid INTEGER NOT NULL, FOREIGN KEY (uid) REFERENCES users(id), FOREIGN KEY (cid) REFERENCES campaigns(id), UNIQUE(uid, cid))`,
|
||||||
`CREATE TABLE user_groups (uid INTEGER NOT NULL, gid INTEGER NOT NULL, FOREIGN KEY (uid) REFERENCES users(id), FOREIGN KEY (gid) REFERENCES groups(id), UNIQUE(uid, gid))`,
|
`CREATE TABLE user_groups (uid INTEGER NOT NULL, gid INTEGER NOT NULL, FOREIGN KEY (uid) REFERENCES users(id), FOREIGN KEY (gid) REFERENCES groups(id), UNIQUE(uid, gid))`,
|
||||||
`CREATE TABLE group_targets (gid INTEGER NOT NULL, tid INTEGER NOT NULL, FOREIGN KEY (gid) REFERENCES groups(id), FOREIGN KEY (tid) REFERENCES targets(id), UNIQUE(gid, tid));`,
|
`CREATE TABLE group_targets (gid INTEGER NOT NULL, tid INTEGER NOT NULL, FOREIGN KEY (gid) REFERENCES groups(id), FOREIGN KEY (tid) REFERENCES targets(id), UNIQUE(gid, tid));`,
|
||||||
}
|
}
|
||||||
|
@ -53,22 +54,13 @@ func Setup() error {
|
||||||
//Create the default user
|
//Create the default user
|
||||||
init_user := models.User{
|
init_user := models.User{
|
||||||
Username: "admin",
|
Username: "admin",
|
||||||
Hash: "$2a$10$IYkPp0.QsM81lYYPrQx6W.U6oQGw7wMpozrKhKAHUBVL4mkm/EvAS",
|
Hash: "$2a$10$IYkPp0.QsM81lYYPrQx6W.U6oQGw7wMpozrKhKAHUBVL4mkm/EvAS", //gophish
|
||||||
APIKey: "12345678901234567890123456789012",
|
APIKey: "12345678901234567890123456789012",
|
||||||
}
|
}
|
||||||
Conn.Insert(&init_user)
|
Conn.Insert(&init_user)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
Logger.Println(err)
|
Logger.Println(err)
|
||||||
}
|
}
|
||||||
c := models.Campaign{
|
|
||||||
Name: "Test Campaigns",
|
|
||||||
CreatedDate: time.Now().UTC(),
|
|
||||||
CompletedDate: time.Now().UTC(),
|
|
||||||
Template: "test template",
|
|
||||||
Status: "In progress",
|
|
||||||
Uid: init_user.Id,
|
|
||||||
}
|
|
||||||
Conn.Insert(&c)
|
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
@ -119,17 +111,71 @@ func PutUser(u *models.User) error {
|
||||||
// GetCampaigns returns the campaigns owned by the given user.
|
// GetCampaigns returns the campaigns owned by the given user.
|
||||||
func GetCampaigns(uid int64) ([]models.Campaign, error) {
|
func GetCampaigns(uid int64) ([]models.Campaign, error) {
|
||||||
cs := []models.Campaign{}
|
cs := []models.Campaign{}
|
||||||
_, err := Conn.Select(&cs, "SELECT c.id, name, created_date, completed_date, status, template FROM campaigns c, users u WHERE c.uid=u.id AND u.id=?", uid)
|
_, err := Conn.Select(&cs, "SELECT c.id, name, created_date, completed_date, status, template FROM campaigns c, user_campaigns uc, users u WHERE uc.uid=u.id AND uc.cid=c.id AND u.id=?", uid)
|
||||||
return cs, err
|
return cs, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetCampaign returns the campaign, if it exists, specified by the given id and user_id.
|
// GetCampaign returns the campaign, if it exists, specified by the given id and user_id.
|
||||||
func GetCampaign(id int64, uid int64) (models.Campaign, error) {
|
func GetCampaign(id int64, uid int64) (models.Campaign, error) {
|
||||||
c := models.Campaign{}
|
c := models.Campaign{}
|
||||||
err := Conn.SelectOne(&c, "SELECT c.id, name, created_date, completed_date, status, template FROM campaigns c, users u WHERE c.uid=u.id AND c.id =? AND u.id=?", id, uid)
|
err := Conn.SelectOne(&c, "SELECT c.id, name, created_date, completed_date, status, template FROM campaigns c, user_campaigns uc, users u WHERE uc.uid=u.id AND uc.cid=c.id AND c.id=? AND u.id=?", id, uid)
|
||||||
return c, err
|
return c, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// PostCampaign inserts a campaign and all associated records into the database.
|
||||||
|
func PostCampaign(c *models.Campaign, uid int64) error {
|
||||||
|
// Insert into the DB
|
||||||
|
err = Conn.Insert(c)
|
||||||
|
if err != nil {
|
||||||
|
Logger.Println(err)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
// Insert all the results
|
||||||
|
for i, g := range c.Groups {
|
||||||
|
c.Groups[i], err = GetGroupByName(g.Name, uid)
|
||||||
|
if err == sql.ErrNoRows {
|
||||||
|
Logger.Printf("Error - Group %s does not exist", g.Name)
|
||||||
|
return err
|
||||||
|
} else if err != nil {
|
||||||
|
Logger.Println(err)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
// Insert a result for each target in the group
|
||||||
|
for _, t := range c.Groups[i].Targets {
|
||||||
|
r := models.Result{Target: t, Status: "Unknown"}
|
||||||
|
c.Results = append(c.Results, r)
|
||||||
|
fmt.Printf("%v", c.Results)
|
||||||
|
_, err = Conn.Exec("INSERT INTO campaign_results VALUES (?,?,?)", c.Id, r.Email, r.Status)
|
||||||
|
if err != nil {
|
||||||
|
Logger.Printf("Error adding result record for target %s\n", t.Email)
|
||||||
|
Logger.Println(err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// Now, let's add the user->user_groups->group mapping
|
||||||
|
_, err = Conn.Exec("INSERT OR IGNORE INTO user_campaigns VALUES (?,?)", uid, c.Id)
|
||||||
|
if err != nil {
|
||||||
|
Logger.Printf("Error adding many-many mapping for campaign %s\n", c.Name)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func DeleteCampaign(id int64) error {
|
||||||
|
// Delete all the campaign_results entries for this group
|
||||||
|
_, err := Conn.Exec("DELETE FROM campaign_results WHERE cid=?", id)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
// Delete the reference to the campaign in the user_campaigns table
|
||||||
|
_, err = Conn.Exec("DELETE FROM user_campaigns WHERE cid=?", id)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
// Delete the campaign itself
|
||||||
|
_, err = Conn.Exec("DELETE FROM campaigns WHERE id=?", id)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
// GetGroups returns the groups owned by the given user.
|
// GetGroups returns the groups owned by the given user.
|
||||||
func GetGroups(uid int64) ([]models.Group, error) {
|
func GetGroups(uid int64) ([]models.Group, error) {
|
||||||
gs := []models.Group{}
|
gs := []models.Group{}
|
||||||
|
@ -162,6 +208,21 @@ func GetGroup(id int64, uid int64) (models.Group, error) {
|
||||||
return g, nil
|
return g, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// GetGroup returns the group, if it exists, specified by the given name and user_id.
|
||||||
|
func GetGroupByName(n string, uid int64) (models.Group, error) {
|
||||||
|
g := models.Group{}
|
||||||
|
err := Conn.SelectOne(&g, "SELECT g.id, g.name, g.modified_date FROM groups g, user_groups ug, users u WHERE ug.uid=u.id AND ug.gid=g.id AND g.name=? AND u.id=?", n, uid)
|
||||||
|
if err != nil {
|
||||||
|
Logger.Println(err)
|
||||||
|
return g, err
|
||||||
|
}
|
||||||
|
_, err = Conn.Select(&g.Targets, "SELECT t.id, t.email FROM targets t, group_targets gt WHERE gt.gid=? AND gt.tid=t.id", g.Id)
|
||||||
|
if err != nil {
|
||||||
|
Logger.Println(err)
|
||||||
|
}
|
||||||
|
return g, nil
|
||||||
|
}
|
||||||
|
|
||||||
// PostGroup creates a new group in the database.
|
// PostGroup creates a new group in the database.
|
||||||
func PostGroup(g *models.Group, uid int64) error {
|
func PostGroup(g *models.Group, uid int64) error {
|
||||||
// Insert into the DB
|
// Insert into the DB
|
||||||
|
|
|
@ -41,12 +41,11 @@ type Campaign struct {
|
||||||
Template string `json:"template"` //This may change
|
Template string `json:"template"` //This may change
|
||||||
Status string `json:"status"`
|
Status string `json:"status"`
|
||||||
Results []Result `json:"results" db:"-"`
|
Results []Result `json:"results" db:"-"`
|
||||||
Uid int64 `json:"-"`
|
Groups []Group `json:"groups" db:"-"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Result struct {
|
type Result struct {
|
||||||
Id int64
|
Target
|
||||||
TargetId int64
|
|
||||||
Status string `json:"status"`
|
Status string `json:"status"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -21,7 +21,7 @@ app.factory('GroupService', function($resource) {
|
||||||
});
|
});
|
||||||
|
|
||||||
app.controller('CampaignCtrl', function($scope, CampaignService, ngTableParams) {
|
app.controller('CampaignCtrl', function($scope, CampaignService, ngTableParams) {
|
||||||
$scope.tableParams = new ngTableParams({
|
$scope.mainTableParams = new ngTableParams({
|
||||||
page: 1, // show first page
|
page: 1, // show first page
|
||||||
count: 10, // count per page
|
count: 10, // count per page
|
||||||
sorting: {
|
sorting: {
|
||||||
|
@ -100,6 +100,15 @@ app.controller('CampaignCtrl', function($scope, CampaignService, ngTableParams)
|
||||||
};
|
};
|
||||||
$scope.editGroupTableParams.reload()
|
$scope.editGroupTableParams.reload()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$scope.deleteCampaign = function(campaign) {
|
||||||
|
var deleteCampaign = new CampaignService(campaign);
|
||||||
|
deleteCampaign.$delete({
|
||||||
|
id: deleteCampaign.id
|
||||||
|
}, function() {
|
||||||
|
$scope.mainTableParams.reload();
|
||||||
|
});
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
app.controller('GroupCtrl', function($scope, GroupService, ngTableParams) {
|
app.controller('GroupCtrl', function($scope, GroupService, ngTableParams) {
|
||||||
|
|
|
@ -1,11 +0,0 @@
|
||||||
$(document).ready(function() {
|
|
||||||
$(".editable-row").hover(
|
|
||||||
function() {
|
|
||||||
alert("test")
|
|
||||||
$(this).find(".edit-row").removeClass("hidden");
|
|
||||||
}, function() {
|
|
||||||
$(this > ".edit-row").addClass("hidden");
|
|
||||||
}
|
|
||||||
)
|
|
||||||
})
|
|
||||||
|
|
|
@ -25,7 +25,7 @@
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<table ng-table="tableParams" class="table table-hover table-striped table-bordered">
|
<table ng-table="mainTableParams" class="table table-hover table-striped table-bordered">
|
||||||
<tbody>
|
<tbody>
|
||||||
<tr ng-repeat="campaign in $data" class="editable-row">
|
<tr ng-repeat="campaign in $data" class="editable-row">
|
||||||
<td data-title="'Created Date'" class="col-sm-1">{{campaign.created_date | date:'medium'}}</td>
|
<td data-title="'Created Date'" class="col-sm-1">{{campaign.created_date | date:'medium'}}</td>
|
||||||
|
@ -41,7 +41,7 @@
|
||||||
<li><a href="/campaigns/{{campaign.id}}/relaunch">Relaunch</a>
|
<li><a href="/campaigns/{{campaign.id}}/relaunch">Relaunch</a>
|
||||||
</li>
|
</li>
|
||||||
<li class="divider"></li>
|
<li class="divider"></li>
|
||||||
<li><a href="/campaigns/{{campaign.id}}/delete">Delete</a>
|
<li><a ng-click="deleteCampaign(campaign)" ng-href="#">Delete</a>
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
|
|
Loading…
Reference in New Issue