gophish/db/db.go

131 lines
4.4 KiB
Go

package db
import (
"database/sql"
"errors"
"fmt"
"os"
"time"
"github.com/coopernurse/gorp"
"github.com/jordan-wright/gophish/config"
"github.com/jordan-wright/gophish/models"
_ "github.com/mattn/go-sqlite3"
)
var Conn *gorp.DbMap
var DB *sql.DB
var err error
var ErrUsernameTaken = errors.New("Username already taken")
// Setup initializes the Conn object
// It also populates the Gophish Config object
func Setup() error {
DB, err := sql.Open("sqlite3", config.Conf.DBPath)
Conn = &gorp.DbMap{Db: DB, Dialect: gorp.SqliteDialect{}}
//If the file already exists, delete it and recreate it
_, err = os.Stat(config.Conf.DBPath)
Conn.AddTableWithName(models.User{}, "users").SetKeys(true, "Id")
Conn.AddTableWithName(models.Campaign{}, "campaigns").SetKeys(true, "Id")
Conn.AddTableWithName(models.Group{}, "groups").SetKeys(true, "Id")
if err != nil {
fmt.Println("Database not found, recreating...")
createTablesSQL := []string{
//Create tables
`CREATE TABLE users (id INTEGER PRIMARY KEY AUTOINCREMENT, username TEXT NOT NULL, hash VARCHAR(60) NOT NULL, api_key VARCHAR(32), UNIQUE(username), UNIQUE(api_key));`,
`CREATE TABLE campaigns (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT NOT NULL, created_date TIMESTAMP NOT NULL, completed_date TIMESTAMP, template TEXT, status TEXT NOT NULL, uid INTEGER, FOREIGN KEY (uid) REFERENCES users(id));`,
`CREATE TABLE targets (id INTEGER PRIMARY KEY AUTOINCREMENT, email TEXT NOT NULL, UNIQUE(email));`,
`CREATE TABLE groups (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT NOT NULL, modified_date TIMESTAMP NOT NULL);`,
`CREATE TABLE user_groups (uid INTEGER NOT NULL, gid INTEGER NOT NULL, FOREIGN KEY (uid) REFERENCES users(id), FOREIGN KEY (gid) REFERENCES groups(id), UNIQUE(uid, gid))`,
`CREATE TABLE group_targets (gid INTEGER NOT NULL, tid INTEGER NOT NULL, FOREIGN KEY (gid) REFERENCES groups(id), FOREIGN KEY (tid) REFERENCES targets(id), UNIQUE(gid, tid));`,
}
fmt.Println("Creating db at " + config.Conf.DBPath)
//Create the tables needed
for _, stmt := range createTablesSQL {
_, err = DB.Exec(stmt)
if err != nil {
return err
}
}
//Create the default user
init_user := models.User{
Username: "admin",
Hash: "$2a$10$IYkPp0.QsM81lYYPrQx6W.U6oQGw7wMpozrKhKAHUBVL4mkm/EvAS",
APIKey: "12345678901234567890123456789012",
}
Conn.Insert(&init_user)
if err != nil {
fmt.Println(err)
}
c := models.Campaign{
Name: "Test Campaigns",
CreatedDate: time.Now().UTC(),
CompletedDate: time.Now().UTC(),
Template: "test template",
Status: "In progress",
Uid: init_user.Id,
}
Conn.Insert(&c)
}
return nil
}
// API Functions (GET, POST, PUT, DELETE)
// GetUser returns the user that the given id corresponds to. If no user is found, an
// error is thrown.
func GetUser(id int64) (models.User, error) {
u := models.User{}
err := Conn.SelectOne(&u, "SELECT * FROM Users WHERE id=?", id)
if err != nil {
return u, err
}
return u, nil
}
// GetUserByAPIKey returns the user that the given API Key corresponds to. If no user is found, an
// error is thrown.
func GetUserByAPIKey(key []byte) (models.User, error) {
u := models.User{}
err := Conn.SelectOne(&u, "SELECT id, username, api_key FROM Users WHERE apikey=?", key)
if err != nil {
return u, err
}
return u, nil
}
// GetUserByAPIKey returns the user that the given API Key corresponds to. If no user is found, an
// error is thrown.
func GetUserByUsername(username string) (models.User, error) {
u := models.User{}
err := Conn.SelectOne(&u, "SELECT * FROM Users WHERE username=?", username)
if err != sql.ErrNoRows {
return u, ErrUsernameTaken
} else if err != nil {
return u, err
}
return u, nil
}
func PutUser(u *models.User) error {
_, err := Conn.Update(u)
return err
}
func GetCampaigns(key interface{}) ([]models.Campaign, error) {
cs := []models.Campaign{}
_, err := Conn.Select(&cs, "SELECT c.id, name, created_date, completed_date, status, template FROM campaigns c, users u WHERE c.uid=u.id AND u.api_key=?", key)
return cs, err
}
func GetCampaign(id int64, key interface{}) (models.Campaign, error) {
c := models.Campaign{}
err := Conn.SelectOne(&c, "SELECT campaigns.id, name, created_date, completed_date, status, template FROM campaigns, users WHERE campaigns.uid=users.id AND campaigns.id =? AND users.api_key=?", id, key)
return c, err
}
func PutCampaign(c *models.Campaign) error {
_, err := Conn.Update(c)
return err
}