Browse Source

Fixed various minor linting issues

pull/1323/head
Jordan Wright 2 years ago
parent
commit
a73ac4ab7c
18 changed files with 179 additions and 159 deletions
  1. +2
    -0
      auth/auth.go
  2. +3
    -0
      context/context.go
  3. +47
    -47
      controllers/api.go
  4. +5
    -5
      controllers/api_test.go
  5. +14
    -14
      controllers/phish.go
  6. +11
    -11
      controllers/phish_test.go
  7. +21
    -21
      controllers/route.go
  8. +12
    -0
      logger/logger.go
  9. +3
    -0
      middleware/middleware.go
  10. +13
    -13
      models/campaign.go
  11. +1
    -1
      models/maillog.go
  12. +5
    -5
      models/maillog_test.go
  13. +19
    -19
      models/models.go
  14. +15
    -15
      models/result.go
  15. +4
    -4
      models/result_test.go
  16. +1
    -1
      models/template.go
  17. +2
    -2
      worker/worker.go
  18. +1
    -1
      worker/worker_test.go

+ 2
- 0
auth/auth.go View File

@ -109,6 +109,8 @@ func GenerateSecureKey() string {
return fmt.Sprintf("%x", k)
}
// ChangePassword verifies the current password provided in the request and,
// if it's valid, changes the password for the authenticated user.
func ChangePassword(r *http.Request) error {
u := ctx.Get(r, "user").(models.User)
currentPw := r.FormValue("current_password")

+ 3
- 0
context/context.go View File

@ -8,10 +8,12 @@ import (
"context"
)
// Get retrieves a value from the request context
func Get(r *http.Request, key interface{}) interface{} {
return r.Context().Value(key)
}
// Set stores a value on the request context
func Set(r *http.Request, key, val interface{}) *http.Request {
if val == nil {
return r
@ -20,6 +22,7 @@ func Set(r *http.Request, key, val interface{}) *http.Request {
return r.WithContext(context.WithValue(r.Context(), key, val))
}
// Clear is a null operation, since this is handled automatically in Go > 1.7
func Clear(r *http.Request) {
return
}

+ 47
- 47
controllers/api.go View File

@ -23,8 +23,8 @@ import (
"github.com/sirupsen/logrus"
)
// API (/api/reset) resets a user's API key
func (as *AdminServer) API_Reset(w http.ResponseWriter, r *http.Request) {
// APIReset (/api/reset) resets a user's API key
func (as *AdminServer) APIReset(w http.ResponseWriter, r *http.Request) {
switch {
case r.Method == "POST":
u := ctx.Get(r, "user").(models.User)
@ -38,9 +38,9 @@ func (as *AdminServer) API_Reset(w http.ResponseWriter, r *http.Request) {
}
}
// API_Campaigns returns a list of campaigns if requested via GET.
// If requested via POST, API_Campaigns creates a new campaign and returns a reference to it.
func (as *AdminServer) API_Campaigns(w http.ResponseWriter, r *http.Request) {
// APICampaigns returns a list of campaigns if requested via GET.
// If requested via POST, APICampaigns creates a new campaign and returns a reference to it.
func (as *AdminServer) APICampaigns(w http.ResponseWriter, r *http.Request) {
switch {
case r.Method == "GET":
cs, err := models.GetCampaigns(ctx.Get(r, "user_id").(int64))
@ -64,15 +64,15 @@ func (as *AdminServer) API_Campaigns(w http.ResponseWriter, r *http.Request) {
}
// If the campaign is scheduled to launch immediately, send it to the worker.
// Otherwise, the worker will pick it up at the scheduled time
if c.Status == models.CAMPAIGN_IN_PROGRESS {
if c.Status == models.CampaignInProgress {
go as.worker.LaunchCampaign(c)
}
JSONResponse(w, c, http.StatusCreated)
}
}
// API_Campaigns_Summary returns the summary for the current user's campaigns
func (as *AdminServer) API_Campaigns_Summary(w http.ResponseWriter, r *http.Request) {
// APICampaignsSummary returns the summary for the current user's campaigns
func (as *AdminServer) APICampaignsSummary(w http.ResponseWriter, r *http.Request) {
switch {
case r.Method == "GET":
cs, err := models.GetCampaignSummaries(ctx.Get(r, "user_id").(int64))
@ -85,9 +85,9 @@ func (as *AdminServer) API_Campaigns_Summary(w http.ResponseWriter, r *http.Requ
}
}
// API_Campaigns_Id returns details about the requested campaign. If the campaign is not
// valid, API_Campaigns_Id returns null.
func (as *AdminServer) API_Campaigns_Id(w http.ResponseWriter, r *http.Request) {
// APICampaign returns details about the requested campaign. If the campaign is not
// valid, APICampaign returns null.
func (as *AdminServer) APICampaign(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
id, _ := strconv.ParseInt(vars["id"], 0, 64)
c, err := models.GetCampaign(id, ctx.Get(r, "user_id").(int64))
@ -109,9 +109,9 @@ func (as *AdminServer) API_Campaigns_Id(w http.ResponseWriter, r *http.Request)
}
}
// API_Campaigns_Id_Results returns just the results for a given campaign to
// APICampaignResults returns just the results for a given campaign to
// significantly reduce the information returned.
func (as *AdminServer) API_Campaigns_Id_Results(w http.ResponseWriter, r *http.Request) {
func (as *AdminServer) APICampaignResults(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
id, _ := strconv.ParseInt(vars["id"], 0, 64)
cr, err := models.GetCampaignResults(id, ctx.Get(r, "user_id").(int64))
@ -126,8 +126,8 @@ func (as *AdminServer) API_Campaigns_Id_Results(w http.ResponseWriter, r *http.R
}
}
// API_Campaigns_Id_Summary returns just the summary for a given campaign.
func (as *AdminServer) API_Campaign_Id_Summary(w http.ResponseWriter, r *http.Request) {
// APICampaignSummary returns the summary for a given campaign.
func (as *AdminServer) APICampaignSummary(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
id, _ := strconv.ParseInt(vars["id"], 0, 64)
switch {
@ -146,9 +146,9 @@ func (as *AdminServer) API_Campaign_Id_Summary(w http.ResponseWriter, r *http.Re
}
}
// API_Campaigns_Id_Complete effectively "ends" a campaign.
// APICampaignComplete effectively "ends" a campaign.
// Future phishing emails clicked will return a simple "404" page.
func (as *AdminServer) API_Campaigns_Id_Complete(w http.ResponseWriter, r *http.Request) {
func (as *AdminServer) APICampaignComplete(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
id, _ := strconv.ParseInt(vars["id"], 0, 64)
switch {
@ -162,9 +162,9 @@ func (as *AdminServer) API_Campaigns_Id_Complete(w http.ResponseWriter, r *http.
}
}
// API_Groups returns a list of groups if requested via GET.
// If requested via POST, API_Groups creates a new group and returns a reference to it.
func (as *AdminServer) API_Groups(w http.ResponseWriter, r *http.Request) {
// APIGroups returns a list of groups if requested via GET.
// If requested via POST, APIGroups creates a new group and returns a reference to it.
func (as *AdminServer) APIGroups(w http.ResponseWriter, r *http.Request) {
switch {
case r.Method == "GET":
gs, err := models.GetGroups(ctx.Get(r, "user_id").(int64))
@ -198,8 +198,8 @@ func (as *AdminServer) API_Groups(w http.ResponseWriter, r *http.Request) {
}
}
// API_Groups_Summary returns a summary of the groups owned by the current user.
func (as *AdminServer) API_Groups_Summary(w http.ResponseWriter, r *http.Request) {
// APIGroupsSummary returns a summary of the groups owned by the current user.
func (as *AdminServer) APIGroupsSummary(w http.ResponseWriter, r *http.Request) {
switch {
case r.Method == "GET":
gs, err := models.GetGroupSummaries(ctx.Get(r, "user_id").(int64))
@ -212,9 +212,9 @@ func (as *AdminServer) API_Groups_Summary(w http.ResponseWriter, r *http.Request
}
}
// API_Groups_Id returns details about the requested group.
// If the group is not valid, API_Groups_Id returns null.
func (as *AdminServer) API_Groups_Id(w http.ResponseWriter, r *http.Request) {
// APIGroup returns details about the requested group.
// If the group is not valid, APIGroup returns null.
func (as *AdminServer) APIGroup(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
id, _ := strconv.ParseInt(vars["id"], 0, 64)
g, err := models.GetGroup(id, ctx.Get(r, "user_id").(int64))
@ -251,8 +251,8 @@ func (as *AdminServer) API_Groups_Id(w http.ResponseWriter, r *http.Request) {
}
}
// API_Groups_Id_Summary returns a summary of the groups owned by the current user.
func (as *AdminServer) API_Groups_Id_Summary(w http.ResponseWriter, r *http.Request) {
// APIGroupSummary returns a summary of the groups owned by the current user.
func (as *AdminServer) APIGroupSummary(w http.ResponseWriter, r *http.Request) {
switch {
case r.Method == "GET":
vars := mux.Vars(r)
@ -266,8 +266,8 @@ func (as *AdminServer) API_Groups_Id_Summary(w http.ResponseWriter, r *http.Requ
}
}
// API_Templates handles the functionality for the /api/templates endpoint
func (as *AdminServer) API_Templates(w http.ResponseWriter, r *http.Request) {
// APITemplates handles the functionality for the /api/templates endpoint
func (as *AdminServer) APITemplates(w http.ResponseWriter, r *http.Request) {
switch {
case r.Method == "GET":
ts, err := models.GetTemplates(ctx.Get(r, "user_id").(int64))
@ -309,8 +309,8 @@ func (as *AdminServer) API_Templates(w http.ResponseWriter, r *http.Request) {
}
}
// API_Templates_Id handles the functions for the /api/templates/:id endpoint
func (as *AdminServer) API_Templates_Id(w http.ResponseWriter, r *http.Request) {
// APITemplate handles the functions for the /api/templates/:id endpoint
func (as *AdminServer) APITemplate(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
id, _ := strconv.ParseInt(vars["id"], 0, 64)
t, err := models.GetTemplate(id, ctx.Get(r, "user_id").(int64))
@ -349,8 +349,8 @@ func (as *AdminServer) API_Templates_Id(w http.ResponseWriter, r *http.Request)
}
}
// API_Pages handles requests for the /api/pages/ endpoint
func (as *AdminServer) API_Pages(w http.ResponseWriter, r *http.Request) {
// APIPages handles requests for the /api/pages/ endpoint
func (as *AdminServer) APIPages(w http.ResponseWriter, r *http.Request) {
switch {
case r.Method == "GET":
ps, err := models.GetPages(ctx.Get(r, "user_id").(int64))
@ -385,9 +385,9 @@ func (as *AdminServer) API_Pages(w http.ResponseWriter, r *http.Request) {
}
}
// API_Pages_Id contains functions to handle the GET'ing, DELETE'ing, and PUT'ing
// APIPage contains functions to handle the GET'ing, DELETE'ing, and PUT'ing
// of a Page object
func (as *AdminServer) API_Pages_Id(w http.ResponseWriter, r *http.Request) {
func (as *AdminServer) APIPage(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
id, _ := strconv.ParseInt(vars["id"], 0, 64)
p, err := models.GetPage(id, ctx.Get(r, "user_id").(int64))
@ -426,8 +426,8 @@ func (as *AdminServer) API_Pages_Id(w http.ResponseWriter, r *http.Request) {
}
}
// API_SMTP handles requests for the /api/smtp/ endpoint
func (as *AdminServer) API_SMTP(w http.ResponseWriter, r *http.Request) {
// APISendingProfiles handles requests for the /api/smtp/ endpoint
func (as *AdminServer) APISendingProfiles(w http.ResponseWriter, r *http.Request) {
switch {
case r.Method == "GET":
ss, err := models.GetSMTPs(ctx.Get(r, "user_id").(int64))
@ -462,9 +462,9 @@ func (as *AdminServer) API_SMTP(w http.ResponseWriter, r *http.Request) {
}
}
// API_SMTP_Id contains functions to handle the GET'ing, DELETE'ing, and PUT'ing
// APISendingProfile contains functions to handle the GET'ing, DELETE'ing, and PUT'ing
// of a SMTP object
func (as *AdminServer) API_SMTP_Id(w http.ResponseWriter, r *http.Request) {
func (as *AdminServer) APISendingProfile(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
id, _ := strconv.ParseInt(vars["id"], 0, 64)
s, err := models.GetSMTP(id, ctx.Get(r, "user_id").(int64))
@ -508,8 +508,8 @@ func (as *AdminServer) API_SMTP_Id(w http.ResponseWriter, r *http.Request) {
}
}
// API_Import_Group imports a CSV of group members
func (as *AdminServer) API_Import_Group(w http.ResponseWriter, r *http.Request) {
// APIImportGroup imports a CSV of group members
func (as *AdminServer) APIImportGroup(w http.ResponseWriter, r *http.Request) {
ts, err := util.ParseCSV(r)
if err != nil {
JSONResponse(w, models.Response{Success: false, Message: "Error parsing CSV"}, http.StatusInternalServerError)
@ -519,9 +519,9 @@ func (as *AdminServer) API_Import_Group(w http.ResponseWriter, r *http.Request)
return
}
// API_Import_Email allows for the importing of email.
// APIImportEmail allows for the importing of email.
// Returns a Message object
func (as *AdminServer) API_Import_Email(w http.ResponseWriter, r *http.Request) {
func (as *AdminServer) APIImportEmail(w http.ResponseWriter, r *http.Request) {
if r.Method != "POST" {
JSONResponse(w, models.Response{Success: false, Message: "Method not allowed"}, http.StatusBadRequest)
return
@ -567,10 +567,10 @@ func (as *AdminServer) API_Import_Email(w http.ResponseWriter, r *http.Request)
return
}
// API_Import_Site allows for the importing of HTML from a website
// APIImportSite allows for the importing of HTML from a website
// Without "include_resources" set, it will merely place a "base" tag
// so that all resources can be loaded relative to the given URL.
func (as *AdminServer) API_Import_Site(w http.ResponseWriter, r *http.Request) {
func (as *AdminServer) APIImportSite(w http.ResponseWriter, r *http.Request) {
cr := cloneRequest{}
if r.Method != "POST" {
JSONResponse(w, models.Response{Success: false, Message: "Method not allowed"}, http.StatusBadRequest)
@ -626,9 +626,9 @@ func (as *AdminServer) API_Import_Site(w http.ResponseWriter, r *http.Request) {
return
}
// API_Send_Test_Email sends a test email using the template name
// APISendTestEmail sends a test email using the template name
// and Target given.
func (as *AdminServer) API_Send_Test_Email(w http.ResponseWriter, r *http.Request) {
func (as *AdminServer) APISendTestEmail(w http.ResponseWriter, r *http.Request) {
s := &models.EmailRequest{
ErrorChan: make(chan error),
UserId: ctx.Get(r, "user_id").(int64),

+ 5
- 5
controllers/api_test.go View File

@ -17,7 +17,7 @@ import (
// ControllersSuite is a suite of tests to cover API related functions
type ControllersSuite struct {
suite.Suite
ApiKey string
apiKey string
config *config.Config
adminServer *httptest.Server
phishServer *httptest.Server
@ -42,7 +42,7 @@ func (s *ControllersSuite) SetupSuite() {
// Get the API key to use for these tests
u, err := models.GetUser(1)
s.Nil(err)
s.ApiKey = u.ApiKey
s.apiKey = u.ApiKey
// Start the phishing server
s.phishServer = httptest.NewUnstartedServer(NewPhishingServer(s.config.PhishConf).server.Handler)
s.phishServer.Config.Addr = s.config.PhishConf.ListenURL
@ -100,7 +100,7 @@ func (s *ControllersSuite) SetupTest() {
c.SMTP = smtp
c.Groups = []models.Group{group}
models.PostCampaign(&c, c.UserId)
c.UpdateStatus(models.CAMPAIGN_EMAILS_SENT)
c.UpdateStatus(models.CampaignEmailsSent)
}
func (s *ControllersSuite) TestRequireAPIKey() {
@ -120,7 +120,7 @@ func (s *ControllersSuite) TestInvalidAPIKey() {
func (s *ControllersSuite) TestBearerToken() {
req, err := http.NewRequest("GET", fmt.Sprintf("%s/api/groups/", s.adminServer.URL), nil)
s.Nil(err)
req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", s.ApiKey))
req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", s.apiKey))
resp, err := http.DefaultClient.Do(req)
s.Nil(err)
defer resp.Body.Close()
@ -134,7 +134,7 @@ func (s *ControllersSuite) TestSiteImportBaseHref() {
}))
hr := fmt.Sprintf("<html><head><base href=\"%s\"/></head><body><img src=\"/test.png\"/>\n</body></html>", ts.URL)
defer ts.Close()
resp, err := http.Post(fmt.Sprintf("%s/api/import/site?api_key=%s", s.adminServer.URL, s.ApiKey), "application/json",
resp, err := http.Post(fmt.Sprintf("%s/api/import/site?api_key=%s", s.adminServer.URL, s.apiKey), "application/json",
bytes.NewBuffer([]byte(fmt.Sprintf(`
{
"url" : "%s",

+ 14
- 14
controllers/phish.go View File

@ -126,7 +126,7 @@ func (ps *PhishingServer) registerRoutes() {
// TrackHandler tracks emails as they are opened, updating the status for the given Result
func (ps *PhishingServer) TrackHandler(w http.ResponseWriter, r *http.Request) {
err, r := setupContext(r)
r, err := setupContext(r)
if err != nil {
// Log the error if it wasn't something we can safely ignore
if err != ErrInvalidRequest && err != ErrCampaignComplete {
@ -159,7 +159,7 @@ func (ps *PhishingServer) TrackHandler(w http.ResponseWriter, r *http.Request) {
// ReportHandler tracks emails as they are reported, updating the status for the given Result
func (ps *PhishingServer) ReportHandler(w http.ResponseWriter, r *http.Request) {
err, r := setupContext(r)
r, err := setupContext(r)
if err != nil {
// Log the error if it wasn't something we can safely ignore
if err != ErrInvalidRequest && err != ErrCampaignComplete {
@ -193,7 +193,7 @@ func (ps *PhishingServer) ReportHandler(w http.ResponseWriter, r *http.Request)
// PhishHandler handles incoming client connections and registers the associated actions performed
// (such as clicked link, etc.)
func (ps *PhishingServer) PhishHandler(w http.ResponseWriter, r *http.Request) {
err, r := setupContext(r)
r, err := setupContext(r)
if err != nil {
// Log the error if it wasn't something we can safely ignore
if err != ErrInvalidRequest && err != ErrCampaignComplete {
@ -304,15 +304,15 @@ func (ps *PhishingServer) TransparencyHandler(w http.ResponseWriter, r *http.Req
// setupContext handles some of the administrative work around receiving a new
// request, such as checking the result ID, the campaign, etc.
func setupContext(r *http.Request) (error, *http.Request) {
func setupContext(r *http.Request) (*http.Request, error) {
err := r.ParseForm()
if err != nil {
log.Error(err)
return err, r
return r, err
}
rid := r.Form.Get(models.RecipientParameter)
if rid == "" {
return ErrInvalidRequest, r
return r, ErrInvalidRequest
}
// Since we want to support the common case of adding a "+" to indicate a
// transparency request, we need to take care to handle the case where the
@ -332,28 +332,28 @@ func setupContext(r *http.Request) (error, *http.Request) {
if strings.HasPrefix(id, models.PreviewPrefix) {
rs, err := models.GetEmailRequestByResultId(id)
if err != nil {
return err, r
return r, err
}
r = ctx.Set(r, "result", rs)
return nil, r
return r, nil
}
rs, err := models.GetResult(id)
if err != nil {
return err, r
return r, err
}
c, err := models.GetCampaign(rs.CampaignId, rs.UserId)
if err != nil {
log.Error(err)
return err, r
return r, err
}
// Don't process events for completed campaigns
if c.Status == models.CAMPAIGN_COMPLETE {
return ErrCampaignComplete, r
if c.Status == models.CampaignComplete {
return r, ErrCampaignComplete
}
ip, _, err := net.SplitHostPort(r.RemoteAddr)
if err != nil {
log.Error(err)
return err, r
return r, err
}
// Respect X-Forwarded headers
if fips := r.Header.Get("X-Forwarded-For"); fips != "" {
@ -375,5 +375,5 @@ func setupContext(r *http.Request) (error, *http.Request) {
r = ctx.Set(r, "result", rs)
r = ctx.Set(r, "campaign", c)
r = ctx.Set(r, "details", d)
return nil, r
return r, nil
}

+ 11
- 11
controllers/phish_test.go View File

@ -102,22 +102,22 @@ func (s *ControllersSuite) transparencyRequest(r models.Result, rid, path string
func (s *ControllersSuite) TestOpenedPhishingEmail() {
campaign := s.getFirstCampaign()
result := campaign.Results[0]
s.Equal(result.Status, models.STATUS_SENDING)
s.Equal(result.Status, models.StatusSending)
s.openEmail(result.RId)
campaign = s.getFirstCampaign()
result = campaign.Results[0]
lastEvent := campaign.Events[len(campaign.Events)-1]
s.Equal(result.Status, models.EVENT_OPENED)
s.Equal(lastEvent.Message, models.EVENT_OPENED)
s.Equal(result.Status, models.EventOpened)
s.Equal(lastEvent.Message, models.EventOpened)
s.Equal(result.ModifiedDate, lastEvent.Time)
}
func (s *ControllersSuite) TestReportedPhishingEmail() {
campaign := s.getFirstCampaign()
result := campaign.Results[0]
s.Equal(result.Status, models.STATUS_SENDING)
s.Equal(result.Status, models.StatusSending)
s.reportedEmail(result.RId)
@ -125,14 +125,14 @@ func (s *ControllersSuite) TestReportedPhishingEmail() {
result = campaign.Results[0]
lastEvent := campaign.Events[len(campaign.Events)-1]
s.Equal(result.Reported, true)
s.Equal(lastEvent.Message, models.EVENT_REPORTED)
s.Equal(lastEvent.Message, models.EventReported)
s.Equal(result.ModifiedDate, lastEvent.Time)
}
func (s *ControllersSuite) TestClickedPhishingLinkAfterOpen() {
campaign := s.getFirstCampaign()
result := campaign.Results[0]
s.Equal(result.Status, models.STATUS_SENDING)
s.Equal(result.Status, models.StatusSending)
s.openEmail(result.RId)
s.clickLink(result.RId, campaign.Page.HTML)
@ -140,8 +140,8 @@ func (s *ControllersSuite) TestClickedPhishingLinkAfterOpen() {
campaign = s.getFirstCampaign()
result = campaign.Results[0]
lastEvent := campaign.Events[len(campaign.Events)-1]
s.Equal(result.Status, models.EVENT_CLICKED)
s.Equal(lastEvent.Message, models.EVENT_CLICKED)
s.Equal(result.Status, models.EventClicked)
s.Equal(lastEvent.Message, models.EventClicked)
s.Equal(result.ModifiedDate, lastEvent.Time)
}
@ -165,12 +165,12 @@ func (s *ControllersSuite) TestInvalidRecipientID() {
func (s *ControllersSuite) TestCompletedCampaignClick() {
campaign := s.getFirstCampaign()
result := campaign.Results[0]
s.Equal(result.Status, models.STATUS_SENDING)
s.Equal(result.Status, models.StatusSending)
s.openEmail(result.RId)
campaign = s.getFirstCampaign()
result = campaign.Results[0]
s.Equal(result.Status, models.EVENT_OPENED)
s.Equal(result.Status, models.EventOpened)
models.CompleteCampaign(campaign.Id, 1)
s.openEmail404(result.RId)
@ -178,7 +178,7 @@ func (s *ControllersSuite) TestCompletedCampaignClick() {
campaign = s.getFirstCampaign()
result = campaign.Results[0]
s.Equal(result.Status, models.EVENT_OPENED)
s.Equal(result.Status, models.EventOpened)
}
func (s *ControllersSuite) TestRobotsHandler() {

+ 21
- 21
controllers/route.go View File

@ -109,27 +109,27 @@ func (as *AdminServer) registerRoutes() {
api := router.PathPrefix("/api").Subrouter()
api = api.StrictSlash(true)
api.Use(mid.RequireAPIKey)
api.HandleFunc("/reset", as.API_Reset)
api.HandleFunc("/campaigns/", as.API_Campaigns)
api.HandleFunc("/campaigns/summary", as.API_Campaigns_Summary)
api.HandleFunc("/campaigns/{id:[0-9]+}", as.API_Campaigns_Id)
api.HandleFunc("/campaigns/{id:[0-9]+}/results", as.API_Campaigns_Id_Results)
api.HandleFunc("/campaigns/{id:[0-9]+}/summary", as.API_Campaign_Id_Summary)
api.HandleFunc("/campaigns/{id:[0-9]+}/complete", as.API_Campaigns_Id_Complete)
api.HandleFunc("/groups/", as.API_Groups)
api.HandleFunc("/groups/summary", as.API_Groups_Summary)
api.HandleFunc("/groups/{id:[0-9]+}", as.API_Groups_Id)
api.HandleFunc("/groups/{id:[0-9]+}/summary", as.API_Groups_Id_Summary)
api.HandleFunc("/templates/", as.API_Templates)
api.HandleFunc("/templates/{id:[0-9]+}", as.API_Templates_Id)
api.HandleFunc("/pages/", as.API_Pages)
api.HandleFunc("/pages/{id:[0-9]+}", as.API_Pages_Id)
api.HandleFunc("/smtp/", as.API_SMTP)
api.HandleFunc("/smtp/{id:[0-9]+}", as.API_SMTP_Id)
api.HandleFunc("/util/send_test_email", as.API_Send_Test_Email)
api.HandleFunc("/import/group", as.API_Import_Group)
api.HandleFunc("/import/email", as.API_Import_Email)
api.HandleFunc("/import/site", as.API_Import_Site)
api.HandleFunc("/reset", as.APIReset)
api.HandleFunc("/campaigns/", as.APICampaigns)
api.HandleFunc("/campaigns/summary", as.APICampaignsSummary)
api.HandleFunc("/campaigns/{id:[0-9]+}", as.APICampaign)
api.HandleFunc("/campaigns/{id:[0-9]+}/results", as.APICampaignResults)
api.HandleFunc("/campaigns/{id:[0-9]+}/summary", as.APICampaignSummary)
api.HandleFunc("/campaigns/{id:[0-9]+}/complete", as.APICampaignComplete)
api.HandleFunc("/groups/", as.APIGroups)
api.HandleFunc("/groups/summary", as.APIGroupsSummary)
api.HandleFunc("/groups/{id:[0-9]+}", as.APIGroup)
api.HandleFunc("/groups/{id:[0-9]+}/summary", as.APIGroupSummary)
api.HandleFunc("/templates/", as.APITemplates)
api.HandleFunc("/templates/{id:[0-9]+}", as.APITemplate)
api.HandleFunc("/pages/", as.APIPages)
api.HandleFunc("/pages/{id:[0-9]+}", as.APIPage)
api.HandleFunc("/smtp/", as.APISendingProfiles)
api.HandleFunc("/smtp/{id:[0-9]+}", as.APISendingProfile)
api.HandleFunc("/util/send_test_email", as.APISendTestEmail)
api.HandleFunc("/import/group", as.APIImportGroup)
api.HandleFunc("/import/email", as.APIImportEmail)
api.HandleFunc("/import/site", as.APIImportSite)
// Setup static file serving
router.PathPrefix("/").Handler(http.FileServer(unindexed.Dir("./static/")))

+ 12
- 0
logger/logger.go View File

@ -33,50 +33,62 @@ func Setup(conf *config.Config) error {
return nil
}
// Debug logs a debug message
func Debug(args ...interface{}) {
Logger.Debug(args...)
}
// Debugf logs a formatted debug messsage
func Debugf(format string, args ...interface{}) {
Logger.Debugf(format, args...)
}
// Info logs an informational message
func Info(args ...interface{}) {
Logger.Info(args...)
}
// Infof logs a formatted informational message
func Infof(format string, args ...interface{}) {
Logger.Infof(format, args...)
}
// Error logs an error message
func Error(args ...interface{}) {
Logger.Error(args...)
}
// Errorf logs a formatted error message
func Errorf(format string, args ...interface{}) {
Logger.Errorf(format, args...)
}
// Warn logs a warning message
func Warn(args ...interface{}) {
Logger.Warn(args...)
}
// Warnf logs a formatted warning message
func Warnf(format string, args ...interface{}) {
Logger.Warnf(format, args...)
}
// Fatal logs a fatal error message
func Fatal(args ...interface{}) {
Logger.Fatal(args...)
}
// Fatalf logs a formatted fatal error message
func Fatalf(format string, args ...interface{}) {
Logger.Fatalf(format, args...)
}
// WithFields returns a new log enty with the provided fields
func WithFields(fields logrus.Fields) *logrus.Entry {
return Logger.WithFields(fields)
}
// Writer returns the current logging writer
func Writer() *io.PipeWriter {
return Logger.Writer()
}

+ 3
- 0
middleware/middleware.go View File

@ -12,10 +12,13 @@ import (
"github.com/gorilla/csrf"
)
// CSRFExemptPrefixes are a list of routes that are exempt from CSRF protection
var CSRFExemptPrefixes = []string{
"/api",
}
// CSRFExceptions is a middleware that prevents CSRF checks on routes listed in
// CSRFExemptPrefixes.
func CSRFExceptions(handler http.Handler) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
for _, prefix := range CSRFExemptPrefixes {

+ 13
- 13
models/campaign.go View File

@ -37,7 +37,7 @@ type CampaignResults struct {
Id int64 `json:"id"`
Name string `json:"name"`
Status string `json:"status"`
Results []Result `json:"results, omitempty"`
Results []Result `json:"results,omitempty"`
Events []Event `json:"timeline,omitempty"`
}
@ -255,11 +255,11 @@ func getCampaignStats(cid int64) (CampaignStats, error) {
if err != nil {
return s, err
}
query.Where("status=?", EVENT_DATA_SUBMIT).Count(&s.SubmittedData)
query.Where("status=?", EventDataSubmit).Count(&s.SubmittedData)
if err != nil {
return s, err
}
query.Where("status=?", EVENT_CLICKED).Count(&s.ClickedLink)
query.Where("status=?", EventClicked).Count(&s.ClickedLink)
if err != nil {
return s, err
}
@ -269,19 +269,19 @@ func getCampaignStats(cid int64) (CampaignStats, error) {
}
// Every submitted data event implies they clicked the link
s.ClickedLink += s.SubmittedData
err = query.Where("status=?", EVENT_OPENED).Count(&s.OpenedEmail).Error
err = query.Where("status=?", EventOpened).Count(&s.OpenedEmail).Error
if err != nil {
return s, err
}
// Every clicked link event implies they opened the email
s.OpenedEmail += s.ClickedLink
err = query.Where("status=?", EVENT_SENT).Count(&s.EmailsSent).Error
err = query.Where("status=?", EventSent).Count(&s.EmailsSent).Error
if err != nil {
return s, err
}
// Every opened email event implies the email was sent
s.EmailsSent += s.OpenedEmail
err = query.Where("status=?", ERROR).Count(&s.Error).Error
err = query.Where("status=?", Error).Count(&s.Error).Error
return s, err
}
@ -386,7 +386,7 @@ func GetCampaignResults(id int64, uid int64) (CampaignResults, error) {
func GetQueuedCampaigns(t time.Time) ([]Campaign, error) {
cs := []Campaign{}
err := db.Where("launch_date <= ?", t).
Where("status = ?", CAMPAIGN_QUEUED).Find(&cs).Error
Where("status = ?", CampaignQueued).Find(&cs).Error
if err != nil {
log.Error(err)
}
@ -410,7 +410,7 @@ func PostCampaign(c *Campaign, uid int64) error {
c.UserId = uid
c.CreatedDate = time.Now().UTC()
c.CompletedDate = time.Time{}
c.Status = CAMPAIGN_QUEUED
c.Status = CampaignQueued
if c.LaunchDate.IsZero() {
c.LaunchDate = c.CreatedDate
} else {
@ -420,7 +420,7 @@ func PostCampaign(c *Campaign, uid int64) error {
c.SendByDate = c.SendByDate.UTC()
}
if c.LaunchDate.Before(c.CreatedDate) || c.LaunchDate.Equal(c.CreatedDate) {
c.Status = CAMPAIGN_IN_PROGRESS
c.Status = CampaignInProgress
}
// Check to make sure all the groups already exist
// Also, later we'll need to know the total number of recipients (counting
@ -508,7 +508,7 @@ func PostCampaign(c *Campaign, uid int64) error {
FirstName: t.FirstName,
LastName: t.LastName,
},
Status: STATUS_SCHEDULED,
Status: StatusScheduled,
CampaignId: c.Id,
UserId: c.UserId,
SendDate: sendDate,
@ -522,7 +522,7 @@ func PostCampaign(c *Campaign, uid int64) error {
}
processing := false
if r.SendDate.Before(c.CreatedDate) || r.SendDate.Equal(c.CreatedDate) {
r.Status = STATUS_SENDING
r.Status = StatusSending
processing = true
}
err = db.Save(r).Error
@ -587,12 +587,12 @@ func CompleteCampaign(id int64, uid int64) error {
return err
}
// Don't overwrite original completed time
if c.Status == CAMPAIGN_COMPLETE {
if c.Status == CampaignComplete {
return nil
}
// Mark the campaign as complete
c.CompletedDate = time.Now().UTC()
c.Status = CAMPAIGN_COMPLETE
c.Status = CampaignComplete
err = db.Where("id=? and user_id=?", id, uid).Save(&c).Error
if err != nil {
log.Error(err)

+ 1
- 1
models/maillog.go View File

@ -20,7 +20,7 @@ import (
// attempt. This will give us a maximum send delay of 256 minutes, or about 4.2 hours.
var MaxSendAttempts = 8
// ErrMaxSendAttempts is thrown when the maximum number of sending attemps for a given
// ErrMaxSendAttempts is thrown when the maximum number of sending attempts for a given
// MailLog is exceeded.
var ErrMaxSendAttempts = errors.New("max send attempts exceeded")

+ 5
- 5
models/maillog_test.go View File

@ -90,7 +90,7 @@ func (s *ModelsSuite) TestMailLogBackoff(ch *check.C) {
result, err := GetResult(m.RId)
ch.Assert(err, check.Equals, nil)
ch.Assert(result.SendDate, check.Equals, expectedSendDate)
ch.Assert(result.Status, check.Equals, STATUS_RETRY)
ch.Assert(result.Status, check.Equals, StatusRetry)
}
// Get our updated campaign and check for the added event
campaign, err = GetCampaign(campaign.Id, int64(1))
@ -123,7 +123,7 @@ func (s *ModelsSuite) TestMailLogError(ch *check.C) {
// Get our result and make sure the status is set correctly
result, err = GetResult(result.RId)
ch.Assert(err, check.Equals, nil)
ch.Assert(result.Status, check.Equals, ERROR)
ch.Assert(result.Status, check.Equals, Error)
// Get our updated campaign and check for the added event
campaign, err = GetCampaign(campaign.Id, int64(1))
@ -138,7 +138,7 @@ func (s *ModelsSuite) TestMailLogError(ch *check.C) {
expectedEvent := Event{
Id: gotEvent.Id,
Email: result.Email,
Message: EVENT_SENDING_ERROR,
Message: EventSendingError,
CampaignId: campaign.Id,
Details: string(ej),
Time: gotEvent.Time,
@ -165,7 +165,7 @@ func (s *ModelsSuite) TestMailLogSuccess(ch *check.C) {
// Get our result and make sure the status is set correctly
result, err = GetResult(result.RId)
ch.Assert(err, check.Equals, nil)
ch.Assert(result.Status, check.Equals, EVENT_SENT)
ch.Assert(result.Status, check.Equals, EventSent)
// Get our updated campaign and check for the added event
campaign, err = GetCampaign(campaign.Id, int64(1))
@ -178,7 +178,7 @@ func (s *ModelsSuite) TestMailLogSuccess(ch *check.C) {
expectedEvent := Event{
Id: gotEvent.Id,
Email: result.Email,
Message: EVENT_SENT,
Message: EventSent,
CampaignId: campaign.Id,
Time: gotEvent.Time,
}

+ 19
- 19
models/models.go View File

@ -18,25 +18,25 @@ var db *gorm.DB
var conf *config.Config
const (
CAMPAIGN_IN_PROGRESS string = "In progress"
CAMPAIGN_QUEUED string = "Queued"
CAMPAIGN_CREATED string = "Created"
CAMPAIGN_EMAILS_SENT string = "Emails Sent"
CAMPAIGN_COMPLETE string = "Completed"
EVENT_SENT string = "Email Sent"
EVENT_SENDING_ERROR string = "Error Sending Email"
EVENT_OPENED string = "Email Opened"
EVENT_CLICKED string = "Clicked Link"
EVENT_DATA_SUBMIT string = "Submitted Data"
EVENT_REPORTED string = "Email Reported"
EVENT_PROXY_REQUEST string = "Proxied request"
STATUS_SUCCESS string = "Success"
STATUS_QUEUED string = "Queued"
STATUS_SENDING string = "Sending"
STATUS_UNKNOWN string = "Unknown"
STATUS_SCHEDULED string = "Scheduled"
STATUS_RETRY string = "Retrying"
ERROR string = "Error"
CampaignInProgress string = "In progress"
CampaignQueued string = "Queued"
CampaignCreated string = "Created"
CampaignEmailsSent string = "Emails Sent"
CampaignComplete string = "Completed"
EventSent string = "Email Sent"
EventSendingError string = "Error Sending Email"
EventOpened string = "Email Opened"
EventClicked string = "Clicked Link"
EventDataSubmit string = "Submitted Data"
EventReported string = "Email Reported"
EventProxyRequest string = "Proxied request"
StatusSuccess string = "Success"
StatusQueued string = "Queued"
StatusSending string = "Sending"
StatusUnknown string = "Unknown"
StatusScheduled string = "Scheduled"
StatusRetry string = "Retrying"
Error string = "Error"
)
// Flash is used to hold flash information for use in templates.

+ 15
- 15
models/result.go View File

@ -58,12 +58,12 @@ func (r *Result) createEvent(status string, details interface{}) (*Event, error)
// HandleEmailSent updates a Result to indicate that the email has been
// successfully sent to the remote SMTP server
func (r *Result) HandleEmailSent() error {
event, err := r.createEvent(EVENT_SENT, nil)
event, err := r.createEvent(EventSent, nil)
if err != nil {
return err
}
r.SendDate = event.Time
r.Status = EVENT_SENT
r.Status = EventSent
r.ModifiedDate = event.Time
return db.Save(r).Error
}
@ -71,11 +71,11 @@ func (r *Result) HandleEmailSent() error {
// HandleEmailError updates a Result to indicate that there was an error when
// attempting to send the email to the remote SMTP server.
func (r *Result) HandleEmailError(err error) error {
event, err := r.createEvent(EVENT_SENDING_ERROR, EventError{Error: err.Error()})
event, err := r.createEvent(EventSendingError, EventError{Error: err.Error()})
if err != nil {
return err
}
r.Status = ERROR
r.Status = Error
r.ModifiedDate = event.Time
return db.Save(r).Error
}
@ -83,11 +83,11 @@ func (r *Result) HandleEmailError(err error) error {
// HandleEmailBackoff updates a Result to indicate that the email received a
// temporary error and needs to be retried
func (r *Result) HandleEmailBackoff(err error, sendDate time.Time) error {
event, err := r.createEvent(EVENT_SENDING_ERROR, EventError{Error: err.Error()})
event, err := r.createEvent(EventSendingError, EventError{Error: err.Error()})
if err != nil {
return err
}
r.Status = STATUS_RETRY
r.Status = StatusRetry
r.SendDate = sendDate
r.ModifiedDate = event.Time
return db.Save(r).Error
@ -96,16 +96,16 @@ func (r *Result) HandleEmailBackoff(err error, sendDate time.Time) error {
// HandleEmailOpened updates a Result in the case where the recipient opened the
// email.
func (r *Result) HandleEmailOpened(details EventDetails) error {
event, err := r.createEvent(EVENT_OPENED, details)
event, err := r.createEvent(EventOpened, details)
if err != nil {
return err
}
// Don't update the status if the user already clicked the link
// or submitted data to the campaign
if r.Status == EVENT_CLICKED || r.Status == EVENT_DATA_SUBMIT {
if r.Status == EventClicked || r.Status == EventDataSubmit {
return nil
}
r.Status = EVENT_OPENED
r.Status = EventOpened
r.ModifiedDate = event.Time
return db.Save(r).Error
}
@ -113,16 +113,16 @@ func (r *Result) HandleEmailOpened(details EventDetails) error {
// HandleClickedLink updates a Result in the case where the recipient clicked
// the link in an email.
func (r *Result) HandleClickedLink(details EventDetails) error {
event, err := r.createEvent(EVENT_CLICKED, details)
event, err := r.createEvent(EventClicked, details)
if err != nil {
return err
}
// Don't update the status if the user has already submitted data via the
// landing page form.
if r.Status == EVENT_DATA_SUBMIT {
if r.Status == EventDataSubmit {
return nil
}
r.Status = EVENT_CLICKED
r.Status = EventClicked
r.ModifiedDate = event.Time
return db.Save(r).Error
}
@ -130,11 +130,11 @@ func (r *Result) HandleClickedLink(details EventDetails) error {
// HandleFormSubmit updates a Result in the case where the recipient submitted
// credentials to the form on a Landing Page.
func (r *Result) HandleFormSubmit(details EventDetails) error {
event, err := r.createEvent(EVENT_DATA_SUBMIT, details)
event, err := r.createEvent(EventDataSubmit, details)
if err != nil {
return err
}
r.Status = EVENT_DATA_SUBMIT
r.Status = EventDataSubmit
r.ModifiedDate = event.Time
return db.Save(r).Error
}
@ -142,7 +142,7 @@ func (r *Result) HandleFormSubmit(details EventDetails) error {
// HandleEmailReport updates a Result in the case where they report a simulated
// phishing email using the HTTP handler.
func (r *Result) HandleEmailReport(details EventDetails) error {
event, err := r.createEvent(EVENT_REPORTED, details)
event, err := r.createEvent(EventReported, details)
if err != nil {
return err
}

+ 4
- 4
models/result_test.go View File

@ -42,7 +42,7 @@ func (s *ModelsSuite) TestResultSendingStatus(ch *check.C) {
// This campaign wasn't scheduled, so we expect the status to
// be sending
for _, r := range c.Results {
ch.Assert(r.Status, check.Equals, STATUS_SENDING)
ch.Assert(r.Status, check.Equals, StatusSending)
ch.Assert(r.ModifiedDate, check.Equals, c.CreatedDate)
}
}
@ -53,7 +53,7 @@ func (s *ModelsSuite) TestResultScheduledStatus(ch *check.C) {
// This campaign wasn't scheduled, so we expect the status to
// be sending
for _, r := range c.Results {
ch.Assert(r.Status, check.Equals, STATUS_SCHEDULED)
ch.Assert(r.Status, check.Equals, StatusScheduled)
ch.Assert(r.ModifiedDate, check.Equals, c.CreatedDate)
}
}
@ -68,9 +68,9 @@ func (s *ModelsSuite) TestResultVariableStatus(ch *check.C) {
// emails to be sent immediately, while others will be scheduled
for _, r := range c.Results {
if r.SendDate.Before(c.CreatedDate) || r.SendDate.Equal(c.CreatedDate) {
ch.Assert(r.Status, check.Equals, STATUS_SENDING)
ch.Assert(r.Status, check.Equals, StatusSending)
} else {
ch.Assert(r.Status, check.Equals, STATUS_SCHEDULED)
ch.Assert(r.Status, check.Equals, StatusScheduled)
}
}
}

+ 1
- 1
models/template.go View File

@ -51,7 +51,7 @@ func GetTemplates(uid int64) ([]Template, error) {
log.Error(err)
return ts, err
}
for i, _ := range ts {
for i := range ts {
// Get Attachments
err = db.Where("template_id=?", ts[i].Id).Find(&ts[i].Attachments).Error
if err == nil && len(ts[i].Attachments) == 0 {

+ 2
- 2
worker/worker.go View File

@ -81,8 +81,8 @@ func (w *DefaultWorker) Start() {
errorMail(err, msc)
return
}
if c.Status == models.CAMPAIGN_QUEUED {
err := c.UpdateStatus(models.CAMPAIGN_IN_PROGRESS)
if c.Status == models.CampaignQueued {
err := c.UpdateStatus(models.CampaignInProgress)
if err != nil {
log.Error(err)
return

+ 1
- 1
worker/worker_test.go View File

@ -74,5 +74,5 @@ func (s *WorkerSuite) SetupTest() {
c.SMTP = smtp
c.Groups = []models.Group{group}
models.PostCampaign(&c, c.UserId)
c.UpdateStatus(models.CAMPAIGN_EMAILS_SENT)
c.UpdateStatus(models.CampaignEmailsSent)
}

Loading…
Cancel
Save