cristiancmoises
/
gophish
mirror of https://github.com/gophish/gophish
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Implementing /api/groups functionality. POST is almost working :)

pull/24/head
Jordan 2014-02-04 21:08:09 -06:00
parent 50292da53f
commit fb6cdb5caf
3 changed files with 43 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
controllers/api.go
View File

@ -4,6 +4,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"net/http" "net/http"
"net/mail"
"strconv" "strconv"
"time" "time"
@ -122,6 +123,18 @@ func API_Campaigns_Id_Launch(w http.ResponseWriter, r *http.Request) {
// API_Groups returns details about the requested group. If the campaign is not // API_Groups returns details about the requested group. If the campaign is not
// valid, API_Groups returns null. // valid, API_Groups returns null.
// Example:
/*
POST /api/groups
{ "name" : "Test Group",
"targets" : ["test@example.com", "test2@example.com"]
}
RESULT { "name" : "Test Group",
"targets" : ["test@example.com", "test2@example.com"]
"id" : 1
}
*/
func API_Groups(w http.ResponseWriter, r *http.Request) { func API_Groups(w http.ResponseWriter, r *http.Request) {
switch { switch {
case r.Method == "GET": case r.Method == "GET":
@ -160,6 +173,34 @@ func API_Groups(w http.ResponseWriter, r *http.Request) {
if checkError(err, w, "Cannot insert group into database") { if checkError(err, w, "Cannot insert group into database") {
return return
} }
// Let's start a transaction to handle the bulk inserting
trans, err := db.Conn.Begin()
if checkError(err, w, "Error starting transaction to insert data") {
return
}
// Now, let's add the user->user_groups->group mapping
// TODO
for _, t := range g.Targets {
if _, err = mail.ParseAddress(t.Email); err != nil {
fmt.Printf("Found invalid email %s\n", t.Email)
continue
}
res, err := db.Conn.Exec("INSERT OR IGNORE INTO targets VALUES (null, ?)", t.Email)
if err != nil {
fmt.Printf("Error adding email: %s\n", t.Email)
}
t.Id, err = res.LastInsertId()
if err != nil {
fmt.Printf("Error getting last insert id for email: %s\n", t.Email)
}
_, err = db.Conn.Exec("INSERT OR IGNORE INTO group_targets VALUES (?,?)", g.Id, t.Id)
if err != nil {
fmt.Printf("Error adding many-many mapping for %s\n", t.Email)
}
}
if checkError(trans.Commit(), w, "Error committing transaction") {
return
}
gj, err := json.MarshalIndent(g, "", " ") gj, err := json.MarshalIndent(g, "", " ")
if checkError(err, w, "Error creating JSON response") { if checkError(err, w, "Error creating JSON response") {
return return

2
models/models.go
View File

@ -55,7 +55,7 @@ type Group struct {
Name string `json:"name"` Name string `json:"name"`
ModifiedDate time.Time `json:"modified_date" db:"modified_date"` ModifiedDate time.Time `json:"modified_date" db:"modified_date"`
Targets []Target `json:"targets" db:"-"` Targets []Target `json:"targets" db:"-"`
Uid int64 `json:"-"` Uid int64 `json:"-" db:"-"`
} }
type Target struct { type Target struct {

2
templates/register.html
View File

@ -7,7 +7,7 @@
<input type="text" name="username" class="form-control" placeholder="Username" required autofocus/> <input type="text" name="username" class="form-control" placeholder="Username" required autofocus/>
<input type="password" name="password" class="form-control" placeholder="Password" required/> <input type="password" name="password" class="form-control" placeholder="Password" required/>
<input type="hidden" name="csrf_token" value={{%.Token%}}/> <input type="hidden" name="csrf_token" value={{%.Token%}}/>
<button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button> <button class="btn btn-lg btn-primary btn-block" type="submit">Register</button>
</form> </form>
</div> </div>
{{%end%}} {{%end%}}