Refactoring tests to remove stretchr/testify dependency

pull/1741/head
Jordan Wright 2020-02-01 21:44:50 -06:00 committed by GitHub
parent e12258bf25
commit be459e47bf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 765 additions and 532 deletions

View File

@ -4,16 +4,10 @@ import (
"encoding/json"
"io/ioutil"
"os"
"reflect"
"testing"
"github.com/stretchr/testify/suite"
)
type ConfigSuite struct {
suite.Suite
ConfigFile *os.File
}
var validConfig = []byte(`{
"admin_server": {
"listen_url": "127.0.0.1:3333",
@ -33,36 +27,48 @@ var validConfig = []byte(`{
"contact_address": ""
}`)
func (s *ConfigSuite) SetupTest() {
func createTemporaryConfig(t *testing.T) *os.File {
f, err := ioutil.TempFile("", "gophish-config")
s.Nil(err)
s.ConfigFile = f
if err != nil {
t.Fatalf("unable to create temporary config: %v", err)
}
return f
}
func (s *ConfigSuite) TearDownTest() {
err := s.ConfigFile.Close()
s.Nil(err)
func removeTemporaryConfig(t *testing.T, f *os.File) {
err := f.Close()
if err != nil {
t.Fatalf("unable to remove temporary config: %v", err)
}
}
func (s *ConfigSuite) TestLoadConfig() {
_, err := s.ConfigFile.Write(validConfig)
s.Nil(err)
func TestLoadConfig(t *testing.T) {
f := createTemporaryConfig(t)
defer removeTemporaryConfig(t, f)
_, err := f.Write(validConfig)
if err != nil {
t.Fatalf("error writing config to temporary file: %v", err)
}
// Load the valid config
conf, err := LoadConfig(s.ConfigFile.Name())
s.Nil(err)
conf, err := LoadConfig(f.Name())
if err != nil {
t.Fatalf("error loading config from temporary file: %v", err)
}
expectedConfig := &Config{}
err = json.Unmarshal(validConfig, &expectedConfig)
s.Nil(err)
if err != nil {
t.Fatalf("error unmarshaling config: %v", err)
}
expectedConfig.MigrationsPath = expectedConfig.MigrationsPath + expectedConfig.DBName
expectedConfig.TestFlag = false
s.Equal(expectedConfig, conf)
if !reflect.DeepEqual(expectedConfig, conf) {
t.Fatalf("invalid config received. expected %#v got %#v", expectedConfig, conf)
}
// Load an invalid config
conf, err = LoadConfig("bogusfile")
s.NotNil(err)
if err == nil {
t.Fatalf("expected error when loading invalid config, but got %v", err)
}
func TestConfigSuite(t *testing.T) {
suite.Run(t, new(ConfigSuite))
}

View File

@ -6,23 +6,20 @@ import (
"fmt"
"net/http"
"net/http/httptest"
"os"
"testing"
"github.com/gophish/gophish/config"
"github.com/gophish/gophish/models"
"github.com/stretchr/testify/suite"
)
type APISuite struct {
suite.Suite
type testContext struct {
apiKey string
config *config.Config
apiServer *Server
admin models.User
}
func (s *APISuite) SetupSuite() {
func setupTest(t *testing.T) *testContext {
conf := &config.Config{
DBName: "sqlite3",
DBPath: ":memory:",
@ -30,39 +27,34 @@ func (s *APISuite) SetupSuite() {
}
err := models.Setup(conf)
if err != nil {
s.T().Fatalf("Failed creating database: %v", err)
t.Fatalf("Failed creating database: %v", err)
}
s.config = conf
s.Nil(err)
ctx := &testContext{}
ctx.config = conf
// Get the API key to use for these tests
u, err := models.GetUser(1)
s.Nil(err)
s.apiKey = u.ApiKey
s.admin = u
// Move our cwd up to the project root for help with resolving
// static assets
err = os.Chdir("../")
s.Nil(err)
s.apiServer = NewServer()
if err != nil {
t.Fatalf("error getting admin user: %v", err)
}
ctx.apiKey = u.ApiKey
ctx.admin = u
ctx.apiServer = NewServer()
return ctx
}
func (s *APISuite) TearDownTest() {
campaigns, _ := models.GetCampaigns(1)
for _, campaign := range campaigns {
models.DeleteCampaign(campaign.Id)
}
func tearDown(t *testing.T, ctx *testContext) {
// Cleanup all users except the original admin
users, _ := models.GetUsers()
for _, user := range users {
if user.Id == 1 {
continue
}
err := models.DeleteUser(user.Id)
s.Nil(err)
}
// users, _ := models.GetUsers()
// for _, user := range users {
// if user.Id == 1 {
// continue
// }
// err := models.DeleteUser(user.Id)
// s.Nil(err)
// }
}
func (s *APISuite) SetupTest() {
func createTestData(t *testing.T) {
// Add a group
group := models.Group{Name: "Test Group"}
group.Targets = []models.Target{
@ -73,12 +65,12 @@ func (s *APISuite) SetupTest() {
models.PostGroup(&group)
// Add a template
t := models.Template{Name: "Test Template"}
t.Subject = "Test subject"
t.Text = "Text text"
t.HTML = "<html>Test</html>"
t.UserId = 1
models.PostTemplate(&t)
template := models.Template{Name: "Test Template"}
template.Subject = "Test subject"
template.Text = "Text text"
template.HTML = "<html>Test</html>"
template.UserId = 1
models.PostTemplate(&template)
// Add a landing page
p := models.Page{Name: "Test Page"}
@ -97,7 +89,7 @@ func (s *APISuite) SetupTest() {
// Set the status such that no emails are attempted
c := models.Campaign{Name: "Test campaign"}
c.UserId = 1
c.Template = t
c.Template = template
c.Page = p
c.SMTP = smtp
c.Groups = []models.Group{group}
@ -105,12 +97,13 @@ func (s *APISuite) SetupTest() {
c.UpdateStatus(models.CampaignEmailsSent)
}
func (s *APISuite) TestSiteImportBaseHref() {
func TestSiteImportBaseHref(t *testing.T) {
ctx := setupTest(t)
h := "<html><head></head><body><img src=\"/test.png\"/></body></html>"
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintln(w, h)
}))
hr := fmt.Sprintf("<html><head><base href=\"%s\"/></head><body><img src=\"/test.png\"/>\n</body></html>", ts.URL)
expected := fmt.Sprintf("<html><head><base href=\"%s\"/></head><body><img src=\"/test.png\"/>\n</body></html>", ts.URL)
defer ts.Close()
req := httptest.NewRequest(http.MethodPost, "/api/import/site",
bytes.NewBuffer([]byte(fmt.Sprintf(`
@ -121,13 +114,13 @@ func (s *APISuite) TestSiteImportBaseHref() {
`, ts.URL))))
req.Header.Set("Content-Type", "application/json")
response := httptest.NewRecorder()
s.apiServer.ImportSite(response, req)
ctx.apiServer.ImportSite(response, req)
cs := cloneResponse{}
err := json.NewDecoder(response.Body).Decode(&cs)
s.Nil(err)
s.Equal(cs.HTML, hr)
if err != nil {
t.Fatalf("error decoding response: %v", err)
}
if cs.HTML != expected {
t.Fatalf("unexpected response received. expected %s got %s", expected, cs.HTML)
}
func TestAPISuite(t *testing.T) {
suite.Run(t, new(APISuite))
}

View File

@ -6,6 +6,7 @@ import (
"fmt"
"net/http"
"net/http/httptest"
"testing"
"golang.org/x/crypto/bcrypt"
@ -13,9 +14,11 @@ import (
"github.com/gophish/gophish/models"
)
func (s *APISuite) createUnpriviledgedUser(slug string) *models.User {
func createUnpriviledgedUser(t *testing.T, slug string) *models.User {
role, err := models.GetRoleBySlug(slug)
s.Nil(err)
if err != nil {
t.Fatalf("error getting role by slug: %v", err)
}
unauthorizedUser := &models.User{
Username: "foo",
Hash: "bar",
@ -24,56 +27,82 @@ func (s *APISuite) createUnpriviledgedUser(slug string) *models.User {
RoleID: role.ID,
}
err = models.PutUser(unauthorizedUser)
s.Nil(err)
if err != nil {
t.Fatalf("error saving unpriviledged user: %v", err)
}
return unauthorizedUser
}
func (s *APISuite) TestGetUsers() {
func TestGetUsers(t *testing.T) {
testCtx := setupTest(t)
r := httptest.NewRequest(http.MethodGet, "/api/users", nil)
r = ctx.Set(r, "user", s.admin)
r = ctx.Set(r, "user", testCtx.admin)
w := httptest.NewRecorder()
s.apiServer.Users(w, r)
s.Equal(w.Code, http.StatusOK)
testCtx.apiServer.Users(w, r)
expected := http.StatusOK
if w.Code != expected {
t.Fatalf("unexpected error code received. expected %d got %d", expected, w.Code)
}
got := []models.User{}
err := json.NewDecoder(w.Body).Decode(&got)
s.Nil(err)
// We only expect one user
s.Equal(1, len(got))
// And it should be the admin user
s.Equal(s.admin.Id, got[0].Id)
if err != nil {
t.Fatalf("error decoding users data: %v", err)
}
func (s *APISuite) TestCreateUser() {
// We only expect one user
expectedUsers := 1
if len(got) != expectedUsers {
t.Fatalf("unexpected number of users returned. expected %d got %d", expectedUsers, len(got))
}
// And it should be the admin user
if testCtx.admin.Id != got[0].Id {
t.Fatalf("unexpected user received. expected %d got %d", testCtx.admin.Id, got[0].Id)
}
}
func TestCreateUser(t *testing.T) {
testCtx := setupTest(t)
payload := &userRequest{
Username: "foo",
Password: "bar",
Role: models.RoleUser,
}
body, err := json.Marshal(payload)
s.Nil(err)
if err != nil {
t.Fatalf("error marshaling userRequest payload: %v", err)
}
r := httptest.NewRequest(http.MethodPost, "/api/users", bytes.NewBuffer(body))
r.Header.Set("Content-Type", "application/json")
r = ctx.Set(r, "user", s.admin)
r = ctx.Set(r, "user", testCtx.admin)
w := httptest.NewRecorder()
s.apiServer.Users(w, r)
s.Equal(w.Code, http.StatusOK)
testCtx.apiServer.Users(w, r)
expected := http.StatusOK
if w.Code != expected {
t.Fatalf("unexpected error code received. expected %d got %d", expected, w.Code)
}
got := &models.User{}
err = json.NewDecoder(w.Body).Decode(got)
s.Nil(err)
s.Equal(got.Username, payload.Username)
s.Equal(got.Role.Slug, payload.Role)
if err != nil {
t.Fatalf("error decoding user payload: %v", err)
}
if got.Username != payload.Username {
t.Fatalf("unexpected username received. expected %s got %s", payload.Username, got.Username)
}
if got.Role.Slug != payload.Role {
t.Fatalf("unexpected role received. expected %s got %s", payload.Role, got.Role.Slug)
}
}
// TestModifyUser tests that a user with the appropriate access is able to
// modify their username and password.
func (s *APISuite) TestModifyUser() {
unpriviledgedUser := s.createUnpriviledgedUser(models.RoleUser)
func TestModifyUser(t *testing.T) {
testCtx := setupTest(t)
unpriviledgedUser := createUnpriviledgedUser(t, models.RoleUser)
newPassword := "new-password"
newUsername := "new-username"
payload := userRequest{
@ -82,33 +111,48 @@ func (s *APISuite) TestModifyUser() {
Role: unpriviledgedUser.Role.Slug,
}
body, err := json.Marshal(payload)
s.Nil(err)
if err != nil {
t.Fatalf("error marshaling userRequest payload: %v", err)
}
url := fmt.Sprintf("/api/users/%d", unpriviledgedUser.Id)
r := httptest.NewRequest(http.MethodPut, url, bytes.NewBuffer(body))
r.Header.Set("Content-Type", "application/json")
r.Header.Set("Authorization", fmt.Sprintf("Bearer %s", unpriviledgedUser.ApiKey))
w := httptest.NewRecorder()
s.apiServer.ServeHTTP(w, r)
testCtx.apiServer.ServeHTTP(w, r)
response := &models.User{}
err = json.NewDecoder(w.Body).Decode(response)
s.Nil(err)
s.Equal(w.Code, http.StatusOK)
s.Equal(response.Username, newUsername)
if err != nil {
t.Fatalf("error decoding user payload: %v", err)
}
expected := http.StatusOK
if w.Code != expected {
t.Fatalf("unexpected error code received. expected %d got %d", expected, w.Code)
}
if response.Username != newUsername {
t.Fatalf("unexpected username received. expected %s got %s", newUsername, response.Username)
}
got, err := models.GetUser(unpriviledgedUser.Id)
s.Nil(err)
s.Equal(response.Username, got.Username)
s.Equal(newUsername, got.Username)
if err != nil {
t.Fatalf("error getting unpriviledged user: %v", err)
}
if response.Username != got.Username {
t.Fatalf("unexpected username received. expected %s got %s", response.Username, got.Username)
}
err = bcrypt.CompareHashAndPassword([]byte(got.Hash), []byte(newPassword))
s.Nil(err)
if err != nil {
t.Fatalf("incorrect hash received for created user. expected %s got %s", []byte(newPassword), []byte(got.Hash))
}
}
// TestUnauthorizedListUsers ensures that users without the ModifySystem
// permission are unable to list the users registered in Gophish.
func (s *APISuite) TestUnauthorizedListUsers() {
func TestUnauthorizedListUsers(t *testing.T) {
testCtx := setupTest(t)
// First, let's create a standard user which doesn't
// have ModifySystem permissions.
unauthorizedUser := s.createUnpriviledgedUser(models.RoleUser)
unauthorizedUser := createUnpriviledgedUser(t, models.RoleUser)
// We'll try to make a request to the various users API endpoints to
// ensure that they fail. Previously, we could hit the handlers directly
// but we need to go through the router for this test to ensure the
@ -117,72 +161,99 @@ func (s *APISuite) TestUnauthorizedListUsers() {
r.Header.Set("Authorization", fmt.Sprintf("Bearer %s", unauthorizedUser.ApiKey))
w := httptest.NewRecorder()
s.apiServer.ServeHTTP(w, r)
s.Equal(w.Code, http.StatusForbidden)
testCtx.apiServer.ServeHTTP(w, r)
expected := http.StatusForbidden
if w.Code != expected {
t.Fatalf("unexpected error code received. expected %d got %d", expected, w.Code)
}
}
// TestUnauthorizedModifyUsers verifies that users without ModifySystem
// permission (a "standard" user) can only get or modify their own information.
func (s *APISuite) TestUnauthorizedGetUser() {
func TestUnauthorizedGetUser(t *testing.T) {
testCtx := setupTest(t)
// First, we'll make sure that a user with the "user" role is unable to
// get the information of another user (in this case, the main admin).
unauthorizedUser := s.createUnpriviledgedUser(models.RoleUser)
url := fmt.Sprintf("/api/users/%d", s.admin.Id)
unauthorizedUser := createUnpriviledgedUser(t, models.RoleUser)
url := fmt.Sprintf("/api/users/%d", testCtx.admin.Id)
r := httptest.NewRequest(http.MethodGet, url, nil)
r.Header.Set("Authorization", fmt.Sprintf("Bearer %s", unauthorizedUser.ApiKey))
w := httptest.NewRecorder()
s.apiServer.ServeHTTP(w, r)
s.Equal(w.Code, http.StatusForbidden)
testCtx.apiServer.ServeHTTP(w, r)
expected := http.StatusForbidden
if w.Code != expected {
t.Fatalf("unexpected error code received. expected %d got %d", expected, w.Code)
}
}
// TestUnauthorizedModifyRole ensures that users without the ModifySystem
// privilege are unable to modify their own role, preventing a potential
// privilege escalation issue.
func (s *APISuite) TestUnauthorizedSetRole() {
unauthorizedUser := s.createUnpriviledgedUser(models.RoleUser)
func TestUnauthorizedSetRole(t *testing.T) {
testCtx := setupTest(t)
unauthorizedUser := createUnpriviledgedUser(t, models.RoleUser)
url := fmt.Sprintf("/api/users/%d", unauthorizedUser.Id)
payload := &userRequest{
Username: unauthorizedUser.Username,
Role: models.RoleAdmin,
}
body, err := json.Marshal(payload)
s.Nil(err)
if err != nil {
t.Fatalf("error marshaling userRequest payload: %v", err)
}
r := httptest.NewRequest(http.MethodPut, url, bytes.NewBuffer(body))
r.Header.Set("Authorization", fmt.Sprintf("Bearer %s", unauthorizedUser.ApiKey))
w := httptest.NewRecorder()
s.apiServer.ServeHTTP(w, r)
s.Equal(w.Code, http.StatusBadRequest)
testCtx.apiServer.ServeHTTP(w, r)
expected := http.StatusBadRequest
if w.Code != expected {
t.Fatalf("unexpected error code received. expected %d got %d", expected, w.Code)
}
response := &models.Response{}
err = json.NewDecoder(w.Body).Decode(response)
s.Nil(err)
s.Equal(response.Message, ErrInsufficientPermission.Error())
if err != nil {
t.Fatalf("error decoding response payload: %v", err)
}
if response.Message != ErrInsufficientPermission.Error() {
t.Fatalf("incorrect error received when setting role. expected %s got %s", ErrInsufficientPermission.Error(), response.Message)
}
}
// TestModifyWithExistingUsername verifies that it's not possible to modify
// an user's username to one which already exists.
func (s *APISuite) TestModifyWithExistingUsername() {
unauthorizedUser := s.createUnpriviledgedUser(models.RoleUser)
func TestModifyWithExistingUsername(t *testing.T) {
testCtx := setupTest(t)
unauthorizedUser := createUnpriviledgedUser(t, models.RoleUser)
payload := &userRequest{
Username: s.admin.Username,
Username: testCtx.admin.Username,
Role: unauthorizedUser.Role.Slug,
}
body, err := json.Marshal(payload)
s.Nil(err)
if err != nil {
t.Fatalf("error marshaling userRequest payload: %v", err)
}
url := fmt.Sprintf("/api/users/%d", unauthorizedUser.Id)
r := httptest.NewRequest(http.MethodPut, url, bytes.NewReader(body))
r.Header.Set("Authorization", fmt.Sprintf("Bearer %s", unauthorizedUser.ApiKey))
w := httptest.NewRecorder()
s.apiServer.ServeHTTP(w, r)
s.Equal(w.Code, http.StatusBadRequest)
expected := &models.Response{
testCtx.apiServer.ServeHTTP(w, r)
expected := http.StatusBadRequest
if w.Code != expected {
t.Fatalf("unexpected error code received. expected %d got %d", expected, w.Code)
}
expectedResponse := &models.Response{
Message: ErrUsernameTaken.Error(),
Success: false,
}
got := &models.Response{}
err = json.NewDecoder(w.Body).Decode(got)
s.Nil(err)
s.Equal(got.Message, expected.Message)
if err != nil {
t.Fatalf("error decoding response payload: %v", err)
}
if got.Message != expectedResponse.Message {
t.Fatalf("incorrect error received when setting role. expected %s got %s", expectedResponse.Message, got.Message)
}
}

View File

@ -1,62 +1,75 @@
package controllers
import (
"fmt"
"net/http/httptest"
"os"
"path/filepath"
"testing"
"github.com/gophish/gophish/config"
"github.com/gophish/gophish/models"
"github.com/stretchr/testify/suite"
)
// ControllersSuite is a suite of tests to cover API related functions
type ControllersSuite struct {
suite.Suite
// testContext is the data required to test API related functions
type testContext struct {
apiKey string
config *config.Config
adminServer *httptest.Server
phishServer *httptest.Server
origPath string
}
func (s *ControllersSuite) SetupSuite() {
func setupTest(t *testing.T) *testContext {
wd, _ := os.Getwd()
fmt.Println(wd)
conf := &config.Config{
DBName: "sqlite3",
DBPath: ":memory:",
MigrationsPath: "../db/db_sqlite3/migrations/",
}
abs, _ := filepath.Abs("../db/db_sqlite3/migrations/")
fmt.Printf("in controllers_test.go: %s\n", abs)
err := models.Setup(conf)
if err != nil {
s.T().Fatalf("Failed creating database: %v", err)
t.Fatalf("error setting up database: %v", err)
}
s.config = conf
s.Nil(err)
// Setup the admin server for use in testing
s.adminServer = httptest.NewUnstartedServer(NewAdminServer(s.config.AdminConf).server.Handler)
s.adminServer.Config.Addr = s.config.AdminConf.ListenURL
s.adminServer.Start()
ctx := &testContext{}
ctx.config = conf
ctx.adminServer = httptest.NewUnstartedServer(NewAdminServer(ctx.config.AdminConf).server.Handler)
ctx.adminServer.Config.Addr = ctx.config.AdminConf.ListenURL
ctx.adminServer.Start()
// Get the API key to use for these tests
u, err := models.GetUser(1)
s.Nil(err)
s.apiKey = u.ApiKey
if err != nil {
t.Fatalf("error getting first user from database: %v", err)
}
ctx.apiKey = u.ApiKey
// Start the phishing server
s.phishServer = httptest.NewUnstartedServer(NewPhishingServer(s.config.PhishConf).server.Handler)
s.phishServer.Config.Addr = s.config.PhishConf.ListenURL
s.phishServer.Start()
ctx.phishServer = httptest.NewUnstartedServer(NewPhishingServer(ctx.config.PhishConf).server.Handler)
ctx.phishServer.Config.Addr = ctx.config.PhishConf.ListenURL
ctx.phishServer.Start()
// Move our cwd up to the project root for help with resolving
// static assets
origPath, _ := os.Getwd()
ctx.origPath = origPath
err = os.Chdir("../")
s.Nil(err)
if err != nil {
t.Fatalf("error changing directories to setup asset discovery: %v", err)
}
createTestData(t)
return ctx
}
func (s *ControllersSuite) TearDownTest() {
campaigns, _ := models.GetCampaigns(1)
for _, campaign := range campaigns {
models.DeleteCampaign(campaign.Id)
}
func tearDown(t *testing.T, ctx *testContext) {
// Tear down the admin and phishing servers
ctx.adminServer.Close()
ctx.phishServer.Close()
// Reset the path for the next test
os.Chdir(ctx.origPath)
}
func (s *ControllersSuite) SetupTest() {
func createTestData(t *testing.T) {
// Add a group
group := models.Group{Name: "Test Group"}
group.Targets = []models.Target{
@ -67,12 +80,12 @@ func (s *ControllersSuite) SetupTest() {
models.PostGroup(&group)
// Add a template
t := models.Template{Name: "Test Template"}
t.Subject = "Test subject"
t.Text = "Text text"
t.HTML = "<html>Test</html>"
t.UserId = 1
models.PostTemplate(&t)
template := models.Template{Name: "Test Template"}
template.Subject = "Test subject"
template.Text = "Text text"
template.HTML = "<html>Test</html>"
template.UserId = 1
models.PostTemplate(&template)
// Add a landing page
p := models.Page{Name: "Test Page"}
@ -91,20 +104,10 @@ func (s *ControllersSuite) SetupTest() {
// Set the status such that no emails are attempted
c := models.Campaign{Name: "Test campaign"}
c.UserId = 1
c.Template = t
c.Template = template
c.Page = p
c.SMTP = smtp
c.Groups = []models.Group{group}
models.PostCampaign(&c, c.UserId)
c.UpdateStatus(models.CampaignEmailsSent)
}
func (s *ControllersSuite) TearDownSuite() {
// Tear down the admin and phishing servers
s.adminServer.Close()
s.phishServer.Close()
}
func TestControllerSuite(t *testing.T) {
suite.Run(t, new(ControllersSuite))
}

View File

@ -5,22 +5,25 @@ import (
"encoding/json"
"fmt"
"io/ioutil"
"log"
"net/http"
"net/url"
"reflect"
"testing"
"github.com/gophish/gophish/config"
"github.com/gophish/gophish/models"
)
func (s *ControllersSuite) getFirstCampaign() models.Campaign {
func getFirstCampaign(t *testing.T) models.Campaign {
campaigns, err := models.GetCampaigns(1)
s.Nil(err)
if err != nil {
t.Fatalf("error getting first campaign from database: %v", err)
}
return campaigns[0]
}
func (s *ControllersSuite) getFirstEmailRequest() models.EmailRequest {
campaign := s.getFirstCampaign()
func getFirstEmailRequest(t *testing.T) models.EmailRequest {
campaign := getFirstCampaign(t)
req := models.EmailRequest{
TemplateId: campaign.TemplateId,
Template: campaign.Template,
@ -33,205 +36,334 @@ func (s *ControllersSuite) getFirstEmailRequest() models.EmailRequest {
FromAddress: campaign.SMTP.FromAddress,
}
err := models.PostEmailRequest(&req)
s.Nil(err)
if err != nil {
t.Fatalf("error creating email request: %v", err)
}
return req
}
func (s *ControllersSuite) openEmail(rid string) {
resp, err := http.Get(fmt.Sprintf("%s/track?%s=%s", s.phishServer.URL, models.RecipientParameter, rid))
s.Nil(err)
func openEmail(t *testing.T, ctx *testContext, rid string) {
resp, err := http.Get(fmt.Sprintf("%s/track?%s=%s", ctx.phishServer.URL, models.RecipientParameter, rid))
if err != nil {
t.Fatalf("error requesting /track endpoint: %v", err)
}
defer resp.Body.Close()
body, err := ioutil.ReadAll(resp.Body)
s.Nil(err)
got, err := ioutil.ReadAll(resp.Body)
if err != nil {
t.Fatalf("error reading response body from /track endpoint: %v", err)
}
expected, err := ioutil.ReadFile("static/images/pixel.png")
s.Nil(err)
s.Equal(bytes.Compare(body, expected), 0)
if err != nil {
t.Fatalf("error reading local transparent pixel: %v", err)
}
if !bytes.Equal(got, expected) {
t.Fatalf("unexpected tracking pixel data received. expected %#v got %#v", expected, got)
}
}
func (s *ControllersSuite) reportedEmail(rid string) {
resp, err := http.Get(fmt.Sprintf("%s/report?%s=%s", s.phishServer.URL, models.RecipientParameter, rid))
s.Nil(err)
s.Equal(resp.StatusCode, http.StatusNoContent)
func openEmail404(t *testing.T, ctx *testContext, rid string) {
resp, err := http.Get(fmt.Sprintf("%s/track?%s=%s", ctx.phishServer.URL, models.RecipientParameter, rid))
if err != nil {
t.Fatalf("error requesting /track endpoint: %v", err)
}
func (s *ControllersSuite) reportEmail404(rid string) {
resp, err := http.Get(fmt.Sprintf("%s/report?%s=%s", s.phishServer.URL, models.RecipientParameter, rid))
s.Nil(err)
s.Equal(resp.StatusCode, http.StatusNotFound)
}
func (s *ControllersSuite) openEmail404(rid string) {
resp, err := http.Get(fmt.Sprintf("%s/track?%s=%s", s.phishServer.URL, models.RecipientParameter, rid))
s.Nil(err)
defer resp.Body.Close()
s.Nil(err)
s.Equal(resp.StatusCode, http.StatusNotFound)
got := resp.StatusCode
expected := http.StatusNotFound
if got != expected {
t.Fatalf("invalid status code received for /track endpoint. expected %d got %d", expected, got)
}
}
func (s *ControllersSuite) clickLink(rid string, expectedHTML string) {
resp, err := http.Get(fmt.Sprintf("%s/?%s=%s", s.phishServer.URL, models.RecipientParameter, rid))
s.Nil(err)
defer resp.Body.Close()
body, err := ioutil.ReadAll(resp.Body)
s.Nil(err)
log.Printf("%s\n\n\n", body)
s.Equal(bytes.Compare(body, []byte(expectedHTML)), 0)
func reportedEmail(t *testing.T, ctx *testContext, rid string) {
resp, err := http.Get(fmt.Sprintf("%s/report?%s=%s", ctx.phishServer.URL, models.RecipientParameter, rid))
if err != nil {
t.Fatalf("error requesting /report endpoint: %v", err)
}
got := resp.StatusCode
expected := http.StatusNoContent
if got != expected {
t.Fatalf("invalid status code received for /report endpoint. expected %d got %d", expected, got)
}
}
func (s *ControllersSuite) clickLink404(rid string) {
resp, err := http.Get(fmt.Sprintf("%s/?%s=%s", s.phishServer.URL, models.RecipientParameter, rid))
s.Nil(err)
defer resp.Body.Close()
s.Nil(err)
s.Equal(resp.StatusCode, http.StatusNotFound)
func reportEmail404(t *testing.T, ctx *testContext, rid string) {
resp, err := http.Get(fmt.Sprintf("%s/report?%s=%s", ctx.phishServer.URL, models.RecipientParameter, rid))
if err != nil {
t.Fatalf("error requesting /report endpoint: %v", err)
}
got := resp.StatusCode
expected := http.StatusNotFound
if got != expected {
t.Fatalf("invalid status code received for /report endpoint. expected %d got %d", expected, got)
}
}
func (s *ControllersSuite) transparencyRequest(r models.Result, rid, path string) {
resp, err := http.Get(fmt.Sprintf("%s%s?%s=%s", s.phishServer.URL, path, models.RecipientParameter, rid))
s.Nil(err)
func clickLink(t *testing.T, ctx *testContext, rid string, expectedHTML string) {
resp, err := http.Get(fmt.Sprintf("%s/?%s=%s", ctx.phishServer.URL, models.RecipientParameter, rid))
if err != nil {
t.Fatalf("error requesting / endpoint: %v", err)
}
defer resp.Body.Close()
s.Equal(resp.StatusCode, http.StatusOK)
got, err := ioutil.ReadAll(resp.Body)
if err != nil {
t.Fatalf("error reading payload from / endpoint response: %v", err)
}
if !bytes.Equal(got, []byte(expectedHTML)) {
t.Fatalf("invalid response received from / endpoint. expected %s got %s", got, expectedHTML)
}
}
func clickLink404(t *testing.T, ctx *testContext, rid string) {
resp, err := http.Get(fmt.Sprintf("%s/?%s=%s", ctx.phishServer.URL, models.RecipientParameter, rid))
if err != nil {
t.Fatalf("error requesting / endpoint: %v", err)
}
defer resp.Body.Close()
got := resp.StatusCode
expected := http.StatusNotFound
if got != expected {
t.Fatalf("invalid status code received for / endpoint. expected %d got %d", expected, got)
}
}
func transparencyRequest(t *testing.T, ctx *testContext, r models.Result, rid, path string) {
resp, err := http.Get(fmt.Sprintf("%s%s?%s=%s", ctx.phishServer.URL, path, models.RecipientParameter, rid))
if err != nil {
t.Fatalf("error requesting %s endpoint: %v", path, err)
}
defer resp.Body.Close()
got := resp.StatusCode
expected := http.StatusOK
if got != expected {
t.Fatalf("invalid status code received for / endpoint. expected %d got %d", expected, got)
}
tr := &TransparencyResponse{}
err = json.NewDecoder(resp.Body).Decode(tr)
s.Nil(err)
s.Equal(tr.ContactAddress, s.config.ContactAddress)
s.Equal(tr.SendDate, r.SendDate)
s.Equal(tr.Server, config.ServerName)
if err != nil {
t.Fatalf("error unmarshaling transparency request: %v", err)
}
expectedResponse := &TransparencyResponse{
ContactAddress: ctx.config.ContactAddress,
SendDate: r.SendDate,
Server: config.ServerName,
}
if !reflect.DeepEqual(tr, expectedResponse) {
t.Fatalf("unexpected transparency response received. expected %v got %v", expectedResponse, tr)
}
}
func (s *ControllersSuite) TestOpenedPhishingEmail() {
campaign := s.getFirstCampaign()
func TestOpenedPhishingEmail(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
campaign := getFirstCampaign(t)
result := campaign.Results[0]
s.Equal(result.Status, models.StatusSending)
if result.Status != models.StatusSending {
t.Fatalf("unexpected result status received. expected %s got %s", models.StatusSending, result.Status)
}
s.openEmail(result.RId)
openEmail(t, ctx, result.RId)
campaign = s.getFirstCampaign()
campaign = getFirstCampaign(t)
result = campaign.Results[0]
lastEvent := campaign.Events[len(campaign.Events)-1]
s.Equal(result.Status, models.EventOpened)
s.Equal(lastEvent.Message, models.EventOpened)
s.Equal(result.ModifiedDate, lastEvent.Time)
if result.Status != models.EventOpened {
t.Fatalf("unexpected result status received. expected %s got %s", models.EventOpened, result.Status)
}
if lastEvent.Message != models.EventOpened {
t.Fatalf("unexpected event status received. expected %s got %s", lastEvent.Message, models.EventOpened)
}
if result.ModifiedDate != lastEvent.Time {
t.Fatalf("unexpected result modified date received. expected %s got %s", lastEvent.Time, result.ModifiedDate)
}
}
func (s *ControllersSuite) TestReportedPhishingEmail() {
campaign := s.getFirstCampaign()
func TestReportedPhishingEmail(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
campaign := getFirstCampaign(t)
result := campaign.Results[0]
s.Equal(result.Status, models.StatusSending)
if result.Status != models.StatusSending {
t.Fatalf("unexpected result status received. expected %s got %s", models.StatusSending, result.Status)
}
s.reportedEmail(result.RId)
reportedEmail(t, ctx, result.RId)
campaign = s.getFirstCampaign()
campaign = getFirstCampaign(t)
result = campaign.Results[0]
lastEvent := campaign.Events[len(campaign.Events)-1]
s.Equal(result.Reported, true)
s.Equal(lastEvent.Message, models.EventReported)
s.Equal(result.ModifiedDate, lastEvent.Time)
if result.Reported != true {
t.Fatalf("unexpected result report status received. expected %v got %v", true, result.Reported)
}
if lastEvent.Message != models.EventReported {
t.Fatalf("unexpected event status received. expected %s got %s", lastEvent.Message, models.EventReported)
}
if result.ModifiedDate != lastEvent.Time {
t.Fatalf("unexpected result modified date received. expected %s got %s", lastEvent.Time, result.ModifiedDate)
}
}
func (s *ControllersSuite) TestClickedPhishingLinkAfterOpen() {
campaign := s.getFirstCampaign()
func TestClickedPhishingLinkAfterOpen(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
campaign := getFirstCampaign(t)
result := campaign.Results[0]
s.Equal(result.Status, models.StatusSending)
if result.Status != models.StatusSending {
t.Fatalf("unexpected result status received. expected %s got %s", models.StatusSending, result.Status)
}
s.openEmail(result.RId)
s.clickLink(result.RId, campaign.Page.HTML)
openEmail(t, ctx, result.RId)
clickLink(t, ctx, result.RId, campaign.Page.HTML)
campaign = s.getFirstCampaign()
campaign = getFirstCampaign(t)
result = campaign.Results[0]
lastEvent := campaign.Events[len(campaign.Events)-1]
s.Equal(result.Status, models.EventClicked)
s.Equal(lastEvent.Message, models.EventClicked)
s.Equal(result.ModifiedDate, lastEvent.Time)
if result.Status != models.EventClicked {
t.Fatalf("unexpected result status received. expected %s got %s", models.EventClicked, result.Status)
}
if lastEvent.Message != models.EventClicked {
t.Fatalf("unexpected event status received. expected %s got %s", lastEvent.Message, models.EventClicked)
}
if result.ModifiedDate != lastEvent.Time {
t.Fatalf("unexpected result modified date received. expected %s got %s", lastEvent.Time, result.ModifiedDate)
}
}
func (s *ControllersSuite) TestNoRecipientID() {
resp, err := http.Get(fmt.Sprintf("%s/track", s.phishServer.URL))
s.Nil(err)
s.Equal(resp.StatusCode, http.StatusNotFound)
resp, err = http.Get(s.phishServer.URL)
s.Nil(err)
s.Equal(resp.StatusCode, http.StatusNotFound)
func TestNoRecipientID(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
resp, err := http.Get(fmt.Sprintf("%s/track", ctx.phishServer.URL))
if err != nil {
t.Fatalf("error requesting /track endpoint: %v", err)
}
got := resp.StatusCode
expected := http.StatusNotFound
if got != expected {
t.Fatalf("invalid status code received for /track endpoint. expected %d got %d", expected, got)
}
func (s *ControllersSuite) TestInvalidRecipientID() {
resp, err = http.Get(ctx.phishServer.URL)
if err != nil {
t.Fatalf("error requesting /track endpoint: %v", err)
}
got = resp.StatusCode
if got != expected {
t.Fatalf("invalid status code received for / endpoint. expected %d got %d", expected, got)
}
}
func TestInvalidRecipientID(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
rid := "XXXXXXXXXX"
s.openEmail404(rid)
s.clickLink404(rid)
s.reportEmail404(rid)
openEmail404(t, ctx, rid)
clickLink404(t, ctx, rid)
reportEmail404(t, ctx, rid)
}
func (s *ControllersSuite) TestCompletedCampaignClick() {
campaign := s.getFirstCampaign()
func TestCompletedCampaignClick(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
campaign := getFirstCampaign(t)
result := campaign.Results[0]
s.Equal(result.Status, models.StatusSending)
s.openEmail(result.RId)
if result.Status != models.StatusSending {
t.Fatalf("unexpected result status received. expected %s got %s", models.StatusSending, result.Status)
}
campaign = s.getFirstCampaign()
openEmail(t, ctx, result.RId)
campaign = getFirstCampaign(t)
result = campaign.Results[0]
s.Equal(result.Status, models.EventOpened)
if result.Status != models.EventOpened {
t.Fatalf("unexpected result status received. expected %s got %s", models.EventOpened, result.Status)
}
models.CompleteCampaign(campaign.Id, 1)
s.openEmail404(result.RId)
s.clickLink404(result.RId)
openEmail404(t, ctx, result.RId)
clickLink404(t, ctx, result.RId)
campaign = s.getFirstCampaign()
campaign = getFirstCampaign(t)
result = campaign.Results[0]
s.Equal(result.Status, models.EventOpened)
if result.Status != models.EventOpened {
t.Fatalf("unexpected result status received. expected %s got %s", models.EventOpened, result.Status)
}
}
func (s *ControllersSuite) TestRobotsHandler() {
expected := []byte("User-agent: *\nDisallow: /\n")
resp, err := http.Get(fmt.Sprintf("%s/robots.txt", s.phishServer.URL))
s.Nil(err)
s.Equal(resp.StatusCode, http.StatusOK)
func TestRobotsHandler(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
resp, err := http.Get(fmt.Sprintf("%s/robots.txt", ctx.phishServer.URL))
if err != nil {
t.Fatalf("error requesting /robots.txt endpoint: %v", err)
}
defer resp.Body.Close()
got := resp.StatusCode
expectedStatus := http.StatusOK
if got != expectedStatus {
t.Fatalf("invalid status code received for /track endpoint. expected %d got %d", expectedStatus, got)
}
expected := []byte("User-agent: *\nDisallow: /\n")
body, err := ioutil.ReadAll(resp.Body)
s.Nil(err)
s.Equal(bytes.Compare(body, expected), 0)
if err != nil {
t.Fatalf("error reading response body from /robots.txt endpoint: %v", err)
}
if !bytes.Equal(body, expected) {
t.Fatalf("invalid robots.txt response received. expected %s got %s", expected, body)
}
}
func (s *ControllersSuite) TestInvalidPreviewID() {
func TestInvalidPreviewID(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
bogusRId := fmt.Sprintf("%sbogus", models.PreviewPrefix)
s.openEmail404(bogusRId)
s.clickLink404(bogusRId)
s.reportEmail404(bogusRId)
openEmail404(t, ctx, bogusRId)
clickLink404(t, ctx, bogusRId)
reportEmail404(t, ctx, bogusRId)
}
func (s *ControllersSuite) TestPreviewTrack() {
req := s.getFirstEmailRequest()
s.openEmail(req.RId)
func TestPreviewTrack(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
req := getFirstEmailRequest(t)
openEmail(t, ctx, req.RId)
}
func (s *ControllersSuite) TestPreviewClick() {
req := s.getFirstEmailRequest()
s.clickLink(req.RId, req.Page.HTML)
func TestPreviewClick(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
req := getFirstEmailRequest(t)
clickLink(t, ctx, req.RId, req.Page.HTML)
}
func (s *ControllersSuite) TestInvalidTransparencyRequest() {
func TestInvalidTransparencyRequest(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
bogusRId := fmt.Sprintf("bogus%s", TransparencySuffix)
s.openEmail404(bogusRId)
s.clickLink404(bogusRId)
s.reportEmail404(bogusRId)
openEmail404(t, ctx, bogusRId)
clickLink404(t, ctx, bogusRId)
reportEmail404(t, ctx, bogusRId)
}
func (s *ControllersSuite) TestTransparencyRequest() {
campaign := s.getFirstCampaign()
func TestTransparencyRequest(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
campaign := getFirstCampaign(t)
result := campaign.Results[0]
rid := fmt.Sprintf("%s%s", result.RId, TransparencySuffix)
s.transparencyRequest(result, rid, "/")
s.transparencyRequest(result, rid, "/track")
s.transparencyRequest(result, rid, "/report")
transparencyRequest(t, ctx, result, rid, "/")
transparencyRequest(t, ctx, result, rid, "/track")
transparencyRequest(t, ctx, result, rid, "/report")
// And check with the URL encoded version of a +
rid = fmt.Sprintf("%s%s", result.RId, "%2b")
s.transparencyRequest(result, rid, "/")
s.transparencyRequest(result, rid, "/track")
s.transparencyRequest(result, rid, "/report")
transparencyRequest(t, ctx, result, rid, "/")
transparencyRequest(t, ctx, result, rid, "/track")
transparencyRequest(t, ctx, result, rid, "/report")
}
func (s *ControllersSuite) TestRedirectTemplating() {
func TestRedirectTemplating(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
p := models.Page{
Name: "Redirect Page",
HTML: "<html>Test</html>",
@ -239,7 +371,9 @@ func (s *ControllersSuite) TestRedirectTemplating() {
RedirectURL: "http://example.com/{{.RId}}",
}
err := models.PostPage(&p)
s.Nil(err)
if err != nil {
t.Fatalf("error posting new page: %v", err)
}
smtp, _ := models.GetSMTP(1, 1)
template, _ := models.GetTemplate(1, 1)
group, _ := models.GetGroup(1, 1)
@ -251,7 +385,9 @@ func (s *ControllersSuite) TestRedirectTemplating() {
campaign.SMTP = smtp
campaign.Groups = []models.Group{group}
err = models.PostCampaign(&campaign, campaign.UserId)
s.Nil(err)
if err != nil {
t.Fatalf("error creating campaign: %v", err)
}
client := http.Client{
CheckRedirect: func(req *http.Request, via []*http.Request) error {
@ -259,12 +395,22 @@ func (s *ControllersSuite) TestRedirectTemplating() {
},
}
result := campaign.Results[0]
resp, err := client.PostForm(fmt.Sprintf("%s/?%s=%s", s.phishServer.URL, models.RecipientParameter, result.RId), url.Values{"username": {"test"}, "password": {"test"}})
s.Nil(err)
defer resp.Body.Close()
s.Equal(http.StatusFound, resp.StatusCode)
expectedURL := fmt.Sprintf("http://example.com/%s", result.RId)
got, err := resp.Location()
s.Nil(err)
s.Equal(expectedURL, got.String())
resp, err := client.PostForm(fmt.Sprintf("%s/?%s=%s", ctx.phishServer.URL, models.RecipientParameter, result.RId), url.Values{"username": {"test"}, "password": {"test"}})
if err != nil {
t.Fatalf("error requesting / endpoint: %v", err)
}
defer resp.Body.Close()
got := resp.StatusCode
expectedStatus := http.StatusFound
if got != expectedStatus {
t.Fatalf("invalid status code received for /track endpoint. expected %d got %d", expectedStatus, got)
}
expectedURL := fmt.Sprintf("http://example.com/%s", result.RId)
gotURL, err := resp.Location()
if err != nil {
t.Fatalf("error getting Location header from response: %v", err)
}
if gotURL.String() != expectedURL {
t.Fatalf("invalid redirect received. expected %s got %s", expectedURL, gotURL)
}
}

View File

@ -5,106 +5,115 @@ import (
"net/http"
"net/url"
"strings"
"testing"
"github.com/PuerkitoBio/goquery"
)
func (s *ControllersSuite) TestLoginCSRF() {
resp, err := http.PostForm(fmt.Sprintf("%s/login", s.adminServer.URL),
func attemptLogin(t *testing.T, ctx *testContext, client *http.Client, username, password, optionalPath string) *http.Response {
resp, err := http.Get(fmt.Sprintf("%s/login", ctx.adminServer.URL))
if err != nil {
t.Fatalf("error requesting the /login endpoint: %v", err)
}
got := resp.StatusCode
expected := http.StatusOK
if got != expected {
t.Fatalf("invalid status code received. expected %d got %d", expected, got)
}
doc, err := goquery.NewDocumentFromResponse(resp)
if err != nil {
t.Fatalf("error parsing /login response body")
}
elem := doc.Find("input[name='csrf_token']").First()
token, ok := elem.Attr("value")
if !ok {
t.Fatal("unable to find csrf_token value in login response")
}
if client == nil {
client = &http.Client{}
}
req, err := http.NewRequest("POST", fmt.Sprintf("%s/login%s", ctx.adminServer.URL, optionalPath), strings.NewReader(url.Values{
"username": {username},
"password": {password},
"csrf_token": {token},
}.Encode()))
if err != nil {
t.Fatalf("error creating new /login request: %v", err)
}
req.Header.Set("Cookie", resp.Header.Get("Set-Cookie"))
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
resp, err = client.Do(req)
if err != nil {
t.Fatalf("error requesting the /login endpoint: %v", err)
}
return resp
}
func TestLoginCSRF(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
resp, err := http.PostForm(fmt.Sprintf("%s/login", ctx.adminServer.URL),
url.Values{
"username": {"admin"},
"password": {"gophish"},
})
s.Equal(resp.StatusCode, http.StatusForbidden)
fmt.Println(err)
if err != nil {
t.Fatalf("error requesting the /login endpoint: %v", err)
}
func (s *ControllersSuite) TestInvalidCredentials() {
resp, err := http.Get(fmt.Sprintf("%s/login", s.adminServer.URL))
s.Equal(err, nil)
s.Equal(resp.StatusCode, http.StatusOK)
doc, err := goquery.NewDocumentFromResponse(resp)
s.Equal(err, nil)
elem := doc.Find("input[name='csrf_token']").First()
token, ok := elem.Attr("value")
s.Equal(ok, true)
client := &http.Client{}
req, err := http.NewRequest("POST", fmt.Sprintf("%s/login", s.adminServer.URL), strings.NewReader(url.Values{
"username": {"admin"},
"password": {"invalid"},
"csrf_token": {token},
}.Encode()))
s.Equal(err, nil)
req.Header.Set("Cookie", resp.Header.Get("Set-Cookie"))
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
resp, err = client.Do(req)
s.Equal(err, nil)
s.Equal(resp.StatusCode, http.StatusUnauthorized)
got := resp.StatusCode
expected := http.StatusForbidden
if got != expected {
t.Fatalf("invalid status code received. expected %d got %d", expected, got)
}
}
func (s *ControllersSuite) TestSuccessfulLogin() {
resp, err := http.Get(fmt.Sprintf("%s/login", s.adminServer.URL))
s.Equal(err, nil)
s.Equal(resp.StatusCode, http.StatusOK)
doc, err := goquery.NewDocumentFromResponse(resp)
s.Equal(err, nil)
elem := doc.Find("input[name='csrf_token']").First()
token, ok := elem.Attr("value")
s.Equal(ok, true)
client := &http.Client{}
req, err := http.NewRequest("POST", fmt.Sprintf("%s/login", s.adminServer.URL), strings.NewReader(url.Values{
"username": {"admin"},
"password": {"gophish"},
"csrf_token": {token},
}.Encode()))
s.Equal(err, nil)
req.Header.Set("Cookie", resp.Header.Get("Set-Cookie"))
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
resp, err = client.Do(req)
s.Equal(err, nil)
s.Equal(resp.StatusCode, http.StatusOK)
func TestInvalidCredentials(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
resp := attemptLogin(t, ctx, nil, "admin", "bogus", "")
got := resp.StatusCode
expected := http.StatusUnauthorized
if got != expected {
t.Fatalf("invalid status code received. expected %d got %d", expected, got)
}
}
func (s *ControllersSuite) TestSuccessfulRedirect() {
func TestSuccessfulLogin(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
resp := attemptLogin(t, ctx, nil, "admin", "gophish", "")
got := resp.StatusCode
expected := http.StatusOK
if got != expected {
t.Fatalf("invalid status code received. expected %d got %d", expected, got)
}
}
func TestSuccessfulRedirect(t *testing.T) {
ctx := setupTest(t)
defer tearDown(t, ctx)
next := "/campaigns"
resp, err := http.Get(fmt.Sprintf("%s/login", s.adminServer.URL))
s.Equal(err, nil)
s.Equal(resp.StatusCode, http.StatusOK)
doc, err := goquery.NewDocumentFromResponse(resp)
s.Equal(err, nil)
elem := doc.Find("input[name='csrf_token']").First()
token, ok := elem.Attr("value")
s.Equal(ok, true)
client := &http.Client{
CheckRedirect: func(req *http.Request, via []*http.Request) error {
return http.ErrUseLastResponse
},
}}
resp := attemptLogin(t, ctx, client, "admin", "gophish", fmt.Sprintf("?next=%s", next))
got := resp.StatusCode
expected := http.StatusFound
if got != expected {
t.Fatalf("invalid status code received. expected %d got %d", expected, got)
}
req, err := http.NewRequest("POST", fmt.Sprintf("%s/login?next=%s", s.adminServer.URL, next), strings.NewReader(url.Values{
"username": {"admin"},
"password": {"gophish"},
"csrf_token": {token},
}.Encode()))
s.Equal(err, nil)
req.Header.Set("Cookie", resp.Header.Get("Set-Cookie"))
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
resp, err = client.Do(req)
s.Equal(err, nil)
s.Equal(resp.StatusCode, http.StatusFound)
url, err := resp.Location()
s.Equal(err, nil)
s.Equal(url.Path, next)
if err != nil {
t.Fatalf("error parsing response Location header: %v", err)
}
if url.Path != next {
t.Fatalf("unexpected Location header received. expected %s got %s", next, url.Path)
}
}

View File

@ -8,14 +8,8 @@ import (
"net/textproto"
"reflect"
"testing"
"github.com/stretchr/testify/suite"
)
type MailerSuite struct {
suite.Suite
}
func generateMessages(dialer Dialer) []Mail {
to := []string{"to@example.com"}
@ -47,30 +41,30 @@ func newMockErrorSender(err error) *mockSender {
return sender
}
func (ms *MailerSuite) TestDialHost() {
func TestDialHost(t *testing.T) {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
md := newMockDialer()
md.setDial(md.unreachableDial)
_, err := dialHost(ctx, md)
if _, ok := err.(*ErrMaxConnectAttempts); !ok {
ms.T().Fatalf("Didn't receive expected ErrMaxConnectAttempts. Got: %s", err)
t.Fatalf("Didn't receive expected ErrMaxConnectAttempts. Got: %s", err)
}
e := err.(*ErrMaxConnectAttempts)
if e.underlyingError != errHostUnreachable {
ms.T().Fatalf("Got invalid underlying error. Expected %s Got %s\n", e.underlyingError, errHostUnreachable)
t.Fatalf("Got invalid underlying error. Expected %s Got %s\n", e.underlyingError, errHostUnreachable)
}
if md.dialCount != MaxReconnectAttempts {
ms.T().Fatalf("Unexpected number of reconnect attempts. Expected %d, Got %d", MaxReconnectAttempts, md.dialCount)
t.Fatalf("Unexpected number of reconnect attempts. Expected %d, Got %d", MaxReconnectAttempts, md.dialCount)
}
md.setDial(md.defaultDial)
_, err = dialHost(ctx, md)
if err != nil {
ms.T().Fatalf("Unexpected error when dialing the mock host: %s", err)
t.Fatalf("Unexpected error when dialing the mock host: %s", err)
}
}
func (ms *MailerSuite) TestMailWorkerStart() {
func TestMailWorkerStart(t *testing.T) {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
@ -97,16 +91,16 @@ func (ms *MailerSuite) TestMailWorkerStart() {
got = append(got, message)
original := messages[idx].(*mockMessage)
if original.from != message.from {
ms.T().Fatalf("Invalid message received. Expected %s, Got %s", original.from, message.from)
t.Fatalf("Invalid message received. Expected %s, Got %s", original.from, message.from)
}
idx++
}
if len(got) != len(messages) {
ms.T().Fatalf("Unexpected number of messages received. Expected %d Got %d", len(got), len(messages))
t.Fatalf("Unexpected number of messages received. Expected %d Got %d", len(got), len(messages))
}
}
func (ms *MailerSuite) TestBackoff() {
func TestBackoff(t *testing.T) {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
@ -139,28 +133,28 @@ func (ms *MailerSuite) TestBackoff() {
// Check that we only sent one message
expectedCount := 1
if len(got) != expectedCount {
ms.T().Fatalf("Unexpected number of messages received. Expected %d Got %d", len(got), expectedCount)
t.Fatalf("Unexpected number of messages received. Expected %d Got %d", len(got), expectedCount)
}
// Check that it's the correct message
originalFrom := messages[1].(*mockMessage).from
if got[0].from != originalFrom {
ms.T().Fatalf("Invalid message received. Expected %s, Got %s", originalFrom, got[0].from)
t.Fatalf("Invalid message received. Expected %s, Got %s", originalFrom, got[0].from)
}
// Check that the first message performed a backoff
backoffCount := messages[0].(*mockMessage).backoffCount
if backoffCount != expectedCount {
ms.T().Fatalf("Did not receive expected backoff. Got backoffCount %d, Expected %d", backoffCount, expectedCount)
t.Fatalf("Did not receive expected backoff. Got backoffCount %d, Expected %d", backoffCount, expectedCount)
}
// Check that there was a reset performed on the sender
if sender.resetCount != expectedCount {
ms.T().Fatalf("Did not receive expected reset. Got resetCount %d, expected %d", sender.resetCount, expectedCount)
t.Fatalf("Did not receive expected reset. Got resetCount %d, expected %d", sender.resetCount, expectedCount)
}
}
func (ms *MailerSuite) TestPermError() {
func TestPermError(t *testing.T) {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
@ -193,13 +187,13 @@ func (ms *MailerSuite) TestPermError() {
// Check that we only sent one message
expectedCount := 1
if len(got) != expectedCount {
ms.T().Fatalf("Unexpected number of messages received. Expected %d Got %d", len(got), expectedCount)
t.Fatalf("Unexpected number of messages received. Expected %d Got %d", len(got), expectedCount)
}
// Check that it's the correct message
originalFrom := messages[1].(*mockMessage).from
if got[0].from != originalFrom {
ms.T().Fatalf("Invalid message received. Expected %s, Got %s", originalFrom, got[0].from)
t.Fatalf("Invalid message received. Expected %s, Got %s", originalFrom, got[0].from)
}
message := messages[0].(*mockMessage)
@ -208,21 +202,21 @@ func (ms *MailerSuite) TestPermError() {
expectedBackoffCount := 0
backoffCount := message.backoffCount
if backoffCount != expectedBackoffCount {
ms.T().Fatalf("Did not receive expected backoff. Got backoffCount %d, Expected %d", backoffCount, expectedCount)
t.Fatalf("Did not receive expected backoff. Got backoffCount %d, Expected %d", backoffCount, expectedCount)
}
// Check that there was a reset performed on the sender
if sender.resetCount != expectedCount {
ms.T().Fatalf("Did not receive expected reset. Got resetCount %d, expected %d", sender.resetCount, expectedCount)
t.Fatalf("Did not receive expected reset. Got resetCount %d, expected %d", sender.resetCount, expectedCount)
}
// Check that the email errored out appropriately
if !reflect.DeepEqual(message.err, expectedError) {
ms.T().Fatalf("Did not received expected error. Got %#v\nExpected %#v", message.err, expectedError)
t.Fatalf("Did not received expected error. Got %#v\nExpected %#v", message.err, expectedError)
}
}
func (ms *MailerSuite) TestUnknownError() {
func TestUnknownError(t *testing.T) {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
@ -252,13 +246,13 @@ func (ms *MailerSuite) TestUnknownError() {
// Check that we only sent one message
expectedCount := 1
if len(got) != expectedCount {
ms.T().Fatalf("Unexpected number of messages received. Expected %d Got %d", len(got), expectedCount)
t.Fatalf("Unexpected number of messages received. Expected %d Got %d", len(got), expectedCount)
}
// Check that it's the correct message
originalFrom := messages[1].(*mockMessage).from
if got[0].from != originalFrom {
ms.T().Fatalf("Invalid message received. Expected %s, Got %s", originalFrom, got[0].from)
t.Fatalf("Invalid message received. Expected %s, Got %s", originalFrom, got[0].from)
}
message := messages[0].(*mockMessage)
@ -271,21 +265,17 @@ func (ms *MailerSuite) TestUnknownError() {
expectedBackoffCount := 1
backoffCount := message.backoffCount
if backoffCount != expectedBackoffCount {
ms.T().Fatalf("Did not receive expected backoff. Got backoffCount %d, Expected %d", backoffCount, expectedBackoffCount)
t.Fatalf("Did not receive expected backoff. Got backoffCount %d, Expected %d", backoffCount, expectedBackoffCount)
}
// Check that the underlying connection was reestablished
expectedDialCount := 2
if dialer.dialCount != expectedDialCount {
ms.T().Fatalf("Did not receive expected dial count. Got %d expected %d", dialer.dialCount, expectedDialCount)
t.Fatalf("Did not receive expected dial count. Got %d expected %d", dialer.dialCount, expectedDialCount)
}
// Check that the email errored out appropriately
if !reflect.DeepEqual(message.err, expectedError) {
ms.T().Fatalf("Did not received expected error. Got %#v\nExpected %#v", message.err, expectedError)
t.Fatalf("Did not received expected error. Got %#v\nExpected %#v", message.err, expectedError)
}
}
func TestMailerSuite(t *testing.T) {
suite.Run(t, new(MailerSuite))
}

View File

@ -9,19 +9,17 @@ import (
"github.com/gophish/gophish/config"
ctx "github.com/gophish/gophish/context"
"github.com/gophish/gophish/models"
"github.com/stretchr/testify/suite"
)
var successHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("success"))
})
type MiddlewareSuite struct {
suite.Suite
type testContext struct {
apiKey string
}
func (s *MiddlewareSuite) SetupSuite() {
func setupTest(t *testing.T) *testContext {
conf := &config.Config{
DBName: "sqlite3",
DBPath: ":memory:",
@ -29,12 +27,16 @@ func (s *MiddlewareSuite) SetupSuite() {
}
err := models.Setup(conf)
if err != nil {
s.T().Fatalf("Failed creating database: %v", err)
t.Fatalf("Failed creating database: %v", err)
}
// Get the API key to use for these tests
u, err := models.GetUser(1)
s.Nil(err)
s.apiKey = u.ApiKey
if err != nil {
t.Fatalf("error getting user: %v", err)
}
ctx := &testContext{}
ctx.apiKey = u.ApiKey
return ctx
}
// MiddlewarePermissionTest maps an expected HTTP Method to an expected HTTP
@ -43,7 +45,8 @@ type MiddlewarePermissionTest map[string]int
// TestEnforceViewOnly ensures that only users with the ModifyObjects
// permission have the ability to send non-GET requests.
func (s *MiddlewareSuite) TestEnforceViewOnly() {
func TestEnforceViewOnly(t *testing.T) {
setupTest(t)
permissionTests := map[string]MiddlewarePermissionTest{
models.RoleAdmin: MiddlewarePermissionTest{
http.MethodGet: http.StatusOK,
@ -64,7 +67,9 @@ func (s *MiddlewareSuite) TestEnforceViewOnly() {
}
for r, checks := range permissionTests {
role, err := models.GetRoleBySlug(r)
s.Nil(err)
if err != nil {
t.Fatalf("error getting role by slug: %v", err)
}
for method, expected := range checks {
req := httptest.NewRequest(method, "/", nil)
@ -76,12 +81,16 @@ func (s *MiddlewareSuite) TestEnforceViewOnly() {
})
EnforceViewOnly(successHandler).ServeHTTP(response, req)
s.Equal(response.Code, expected)
got := response.Code
if got != expected {
t.Fatalf("incorrect status code received. expected %d got %d", expected, got)
}
}
}
}
func (s *MiddlewareSuite) TestRequirePermission() {
func TestRequirePermission(t *testing.T) {
setupTest(t)
middleware := RequirePermission(models.PermissionModifySystem)
handler := middleware(successHandler)
@ -95,26 +104,37 @@ func (s *MiddlewareSuite) TestRequirePermission() {
response := httptest.NewRecorder()
// Test that with the requested permission, the request succeeds
role, err := models.GetRoleBySlug(role)
s.Nil(err)
if err != nil {
t.Fatalf("error getting role by slug: %v", err)
}
req = ctx.Set(req, "user", models.User{
Role: role,
RoleID: role.ID,
})
handler.ServeHTTP(response, req)
s.Equal(response.Code, expected)
got := response.Code
if got != expected {
t.Fatalf("incorrect status code received. expected %d got %d", expected, got)
}
}
}
func (s *MiddlewareSuite) TestRequireAPIKey() {
func TestRequireAPIKey(t *testing.T) {
setupTest(t)
req := httptest.NewRequest(http.MethodGet, "/", nil)
req.Header.Set("Content-Type", "application/json")
response := httptest.NewRecorder()
// Test that making a request without an API key is denied
RequireAPIKey(successHandler).ServeHTTP(response, req)
s.Equal(response.Code, http.StatusUnauthorized)
expected := http.StatusUnauthorized
got := response.Code
if got != expected {
t.Fatalf("incorrect status code received. expected %d got %d", expected, got)
}
}
func (s *MiddlewareSuite) TestInvalidAPIKey() {
func TestInvalidAPIKey(t *testing.T) {
setupTest(t)
req := httptest.NewRequest(http.MethodGet, "/", nil)
query := req.URL.Query()
query.Set("api_key", "bogus-api-key")
@ -122,18 +142,23 @@ func (s *MiddlewareSuite) TestInvalidAPIKey() {
req.Header.Set("Content-Type", "application/json")
response := httptest.NewRecorder()
RequireAPIKey(successHandler).ServeHTTP(response, req)
s.Equal(response.Code, http.StatusUnauthorized)
expected := http.StatusUnauthorized
got := response.Code
if got != expected {
t.Fatalf("incorrect status code received. expected %d got %d", expected, got)
}
}
func (s *MiddlewareSuite) TestBearerToken() {
func TestBearerToken(t *testing.T) {
testCtx := setupTest(t)
req := httptest.NewRequest(http.MethodGet, "/", nil)
req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", s.apiKey))
req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", testCtx.apiKey))
req.Header.Set("Content-Type", "application/json")
response := httptest.NewRecorder()
RequireAPIKey(successHandler).ServeHTTP(response, req)
s.Equal(response.Code, http.StatusOK)
expected := http.StatusOK
got := response.Code
if got != expected {
t.Fatalf("incorrect status code received. expected %d got %d", expected, got)
}
func TestMiddlewareSuite(t *testing.T) {
suite.Run(t, new(MiddlewareSuite))
}

View File

@ -7,6 +7,7 @@ import (
"fmt"
"io"
"io/ioutil"
"path/filepath"
"time"
"bitbucket.org/liamstask/goose/lib/goose"
@ -93,6 +94,8 @@ func Setup(c *config.Config) error {
Env: "production",
Driver: chooseDBDriver(conf.DBName, conf.DBPath),
}
abs, _ := filepath.Abs(migrateConf.MigrationsDir)
fmt.Println(abs)
// Get the latest possible migration
latest, err := goose.GetMostRecentDBVersion(migrateConf.MigrationsDir)
if err != nil {

View File

@ -8,28 +8,9 @@ import (
"reflect"
"testing"
"github.com/gophish/gophish/config"
"github.com/gophish/gophish/models"
"github.com/stretchr/testify/suite"
)
type UtilSuite struct {
suite.Suite
}
func (s *UtilSuite) SetupSuite() {
conf := &config.Config{
DBName: "sqlite3",
DBPath: ":memory:",
MigrationsPath: "../db/db_sqlite3/migrations/",
}
err := models.Setup(conf)
if err != nil {
s.T().Fatalf("Failed creating database: %v", err)
}
s.Nil(err)
}
func buildCSVRequest(csvPayload string) (*http.Request, error) {
csvHeader := "First Name,Last Name,Email\n"
body := new(bytes.Buffer)
@ -52,7 +33,7 @@ func buildCSVRequest(csvPayload string) (*http.Request, error) {
return r, nil
}
func (s *UtilSuite) TestParseCSVEmail() {
func TestParseCSVEmail(t *testing.T) {
expected := models.Target{
BaseRecipient: models.BaseRecipient{
FirstName: "John",
@ -63,16 +44,19 @@ func (s *UtilSuite) TestParseCSVEmail() {
csvPayload := fmt.Sprintf("%s,%s,<%s>", expected.FirstName, expected.LastName, expected.Email)
r, err := buildCSVRequest(csvPayload)
s.Nil(err)
if err != nil {
t.Fatalf("error building CSV request: %v", err)
}
got, err := ParseCSV(r)
s.Nil(err)
s.Equal(len(got), 1)
if err != nil {
t.Fatalf("error parsing CSV: %v", err)
}
expectedLength := 1
if len(got) != expectedLength {
t.Fatalf("invalid number of results received from CSV. expected %d got %d", expectedLength, len(got))
}
if !reflect.DeepEqual(expected, got[0]) {
s.T().Fatalf("Incorrect targets received. Expected: %#v\nGot: %#v", expected, got)
t.Fatalf("Incorrect targets received. Expected: %#v\nGot: %#v", expected, got)
}
}
func TestUtilSuite(t *testing.T) {
suite.Run(t, new(UtilSuite))
}

View File

@ -7,16 +7,10 @@ import (
"log"
"net/http"
"net/http/httptest"
"reflect"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/suite"
)
type WebhookSuite struct {
suite.Suite
}
type mockSender struct {
client *http.Client
}
@ -33,22 +27,24 @@ func (ms mockSender) Send(endPoint EndPoint, data interface{}) error {
return nil
}
func (s *WebhookSuite) TestSendMocked() {
mcSnd := newMockSender()
endp1 := EndPoint{URL: "http://example.com/a1", Secret: "s1"}
d1 := map[string]string{
func TestSendMocked(t *testing.T) {
ms := newMockSender()
endpoint := EndPoint{URL: "http://example.com/a1", Secret: "s1"}
data := map[string]string{
"a1": "a11",
"a2": "a22",
"a3": "a33",
}
err := mcSnd.Send(endp1, d1)
s.Nil(err)
err := ms.Send(endpoint, data)
if err != nil {
t.Fatalf("error sending data to webhook endpoint: %v", err)
}
}
func (s *WebhookSuite) TestSendReal() {
expectedSign := "004b36ca3fcbc01a08b17bf5d4a7e1aa0b10e14f55f3f8bd9acac0c7e8d2635d"
func TestSendReal(t *testing.T) {
expectedSig := "004b36ca3fcbc01a08b17bf5d4a7e1aa0b10e14f55f3f8bd9acac0c7e8d2635d"
secret := "secret456"
d1 := map[string]interface{}{
data := map[string]interface{}{
"key1": "val1",
"key2": "val2",
"key3": "val3",
@ -58,37 +54,50 @@ func (s *WebhookSuite) TestSendReal() {
fmt.Println("[test] running the server...")
signStartIdx := len(Sha256Prefix) + 1
realSignRaw := r.Header.Get(SignatureHeader)
realSign := realSignRaw[signStartIdx:]
assert.Equal(s.T(), expectedSign, realSign)
sigHeader := r.Header.Get(SignatureHeader)
gotSig := sigHeader[signStartIdx:]
if expectedSig != gotSig {
t.Fatalf("invalid signature received. expected %s got %s", expectedSig, gotSig)
}
contTypeJsonHeader := r.Header.Get("Content-Type")
assert.Equal(s.T(), contTypeJsonHeader, "application/json")
ct := r.Header.Get("Content-Type")
expectedCT := "application/json"
if ct != expectedCT {
t.Fatalf("invalid content type. expected %s got %s", ct, expectedCT)
}
body, err := ioutil.ReadAll(r.Body)
s.Nil(err)
if err != nil {
t.Fatalf("error reading JSON body from webhook request: %v", err)
}
var d2 map[string]interface{}
err = json.Unmarshal(body, &d2)
s.Nil(err)
assert.Equal(s.T(), d1, d2)
var payload map[string]interface{}
err = json.Unmarshal(body, &payload)
if err != nil {
t.Fatalf("error unmarshaling webhook payload: %v", err)
}
if !reflect.DeepEqual(data, payload) {
t.Fatalf("invalid payload received. expected %#v got %#v", data, payload)
}
}))
defer ts.Close()
endp1 := EndPoint{URL: ts.URL, Secret: secret}
err := Send(endp1, d1)
s.Nil(err)
err := Send(endp1, data)
if err != nil {
t.Fatalf("error sending data to webhook endpoint: %v", err)
}
}
func (s *WebhookSuite) TestSignature() {
func TestSignature(t *testing.T) {
secret := "secret123"
payload := []byte("some payload456")
expectedSign := "ab7844c1e9149f8dc976c4188a72163c005930f3c2266a163ffe434230bdf761"
realSign, err := sign(secret, payload)
s.Nil(err)
assert.Equal(s.T(), expectedSign, realSign)
expected := "ab7844c1e9149f8dc976c4188a72163c005930f3c2266a163ffe434230bdf761"
got, err := sign(secret, payload)
if err != nil {
t.Fatalf("error signing payload: %v", err)
}
if expected != got {
t.Fatalf("invalid signature received. expected %s got %s", expected, got)
}
func TestWebhookSuite(t *testing.T) {
suite.Run(t, new(WebhookSuite))
}

View File

@ -1,18 +1,18 @@
package worker
import (
"testing"
"github.com/gophish/gophish/config"
"github.com/gophish/gophish/models"
"github.com/stretchr/testify/suite"
)
// WorkerSuite is a suite of tests to cover API related functions
type WorkerSuite struct {
suite.Suite
// testContext is context to cover API related functions
type testContext struct {
config *config.Config
}
func (s *WorkerSuite) SetupSuite() {
func setupTest(t *testing.T) *testContext {
conf := &config.Config{
DBName: "sqlite3",
DBPath: ":memory:",
@ -20,21 +20,15 @@ func (s *WorkerSuite) SetupSuite() {
}
err := models.Setup(conf)
if err != nil {
s.T().Fatalf("Failed creating database: %v", err)
t.Fatalf("Failed creating database: %v", err)
}
s.config = conf
s.Nil(err)
ctx := &testContext{}
ctx.config = conf
return ctx
}
func (s *WorkerSuite) TearDownTest() {
campaigns, _ := models.GetCampaigns(1)
for _, campaign := range campaigns {
models.DeleteCampaign(campaign.Id)
}
}
func (s *WorkerSuite) SetupTest() {
s.config.TestFlag = true
func createTestData(t *testing.T, ctx *testContext) {
ctx.config.TestFlag = true
// Add a group
group := models.Group{Name: "Test Group"}
group.Targets = []models.Target{
@ -45,12 +39,12 @@ func (s *WorkerSuite) SetupTest() {
models.PostGroup(&group)
// Add a template
t := models.Template{Name: "Test Template"}
t.Subject = "Test subject"
t.Text = "Text text"
t.HTML = "<html>Test</html>"
t.UserId = 1
models.PostTemplate(&t)
template := models.Template{Name: "Test Template"}
template.Subject = "Test subject"
template.Text = "Text text"
template.HTML = "<html>Test</html>"
template.UserId = 1
models.PostTemplate(&template)
// Add a landing page
p := models.Page{Name: "Test Page"}
@ -69,7 +63,7 @@ func (s *WorkerSuite) SetupTest() {
// Set the status such that no emails are attempted
c := models.Campaign{Name: "Test campaign"}
c.UserId = 1
c.Template = t
c.Template = template
c.Page = p
c.SMTP = smtp
c.Groups = []models.Group{group}