Merge pull request #62 from aau-network-security/develop

Develop

.github/workflows/main.yml

@@ -27,10 +27,10 @@ jobs:
           - 5432:5432
 
     steps:
-      - name: Set up Go 1.14
+      - name: Set up Go 1.15
         uses: actions/setup-go@v1
         with:
-          go-version: 1.14
+          go-version: 1.15
         id: go
       - name: Check out code into the Go module directory
         uses: actions/checkout@v1

database/init.go

@@ -26,5 +26,10 @@ func createTables(db *sql.DB) (string, error) {
 		return "", err
 	}
 
+	//Create Profiles Table
+	if _, err := db.Query(CreateProfilesTable); err != nil {
+		return "", err
+	}
+
 	return OK, nil
 }

database/query.go

@@ -29,6 +29,22 @@ var (
 		"last_access timestamp, " +
 		"solved_challenges text);"
 
+	CreateProfilesTable = "CREATE TABLE IF NOT EXISTS Profiles("+
+		"id serial primary key, "+
+		"name varchar (50), "+
+		"secret boolean, "+
+		"challenges text);"
+
+	AddProfileQuery = "INSERT INTO profiles (name, secret, challenges) VALUES ($1, $2, $3)"
+
+	GetProfilesQuery = "SELECT * FROM profiles ORDER BY id asc"
+
+	UpdateProfileQuery = "UPDATE profiles SET secret = $1, challenges = $2 WHERE name = $3"
+
+	DeleteProfileQuery = "DELETE FROM profiles WHERE name = $1"
+
+	CheckProfileExistsQuery = "SELECT EXISTS(SELECT 1 FROM profiles WHERE name = $1);"
+
 	AddTeamQuery = "INSERT INTO team (tag, event_id, email, name, password, created_at, last_access, solved_challenges)" +
 		"VALUES ($1, $2, $3, $4, $5, $6, $7, $8)"
 

database/store.go

@@ -53,6 +53,10 @@ type Store interface {
 	UpdateExercises(req *pb.UpdateExerciseRequest) (string, error)
 	UpdateCloseEvent(*pb.UpdateEventRequest) (string, error)
 	DelTeam(request *pb.DelTeamRequest) (string, error)
+	AddProfile(request *pb.AddProfileRequest) (string, error)
+	GetProfiles() ([]model.Profile, error)
+	UpdateProfile(request *pb.UpdateProfileRequest) (string, error)
+	DeleteProfile(request *pb.DelProfileRequest) (string, error)
 }
 
 func NewStore(conf *model.Config) (Store, error) {
@@ -374,6 +378,104 @@ func (s *store) DropEvent(in *pb.DropEventReq) (bool, error) {
 
 }
 
+func (s *store) AddProfile(in *pb.AddProfileRequest) (string, error) {
+	s.m.Lock()
+	defer s.m.Unlock()
+	var rows *sql.Rows
+	var err error
+	//Check if profile exists
+	var exists bool
+	rows, err = s.db.Query(CheckProfileExistsQuery, in.Name)
+	if err != nil {
+		return "", fmt.Errorf("query checking if profile exists err %v", err)
+	}
+	for rows.Next() {
+		err := rows.Scan(&exists)
+		if err != nil && !strings.Contains(err.Error(), handleNullConversionError) {
+			return "", err
+		}
+	}
+	if exists {
+		return "", fmt.Errorf("Secret profile with name \"%s\" already exists", in.Name)
+	}
+
+	type Challenge struct {
+		Tag  string `json:"tag"`
+		Name string `json:"name"`
+	}
+	var challenges []Challenge
+	for _, c := range in.Challenges {
+		challenges = append(challenges, Challenge{
+			Tag:  c.Tag,
+			Name: c.Name,
+		})
+	}
+	challengesDB, _ := json.Marshal(challenges)
+	_, err = s.db.Exec(AddProfileQuery, in.Name, in.Secret, string(challengesDB))
+	if err != nil {
+		return "", err
+	}
+
+	return OK, nil
+}
+
+func (s *store) GetProfiles() ([]model.Profile, error) {
+	var rows *sql.Rows
+	var err error
+	s.m.Lock()
+	defer s.m.Unlock()
+
+	rows, err = s.db.Query(GetProfilesQuery)
+	if err != nil {
+		return nil, fmt.Errorf("query getting profiles err %v", err)
+	}
+	var profiles []model.Profile
+	for rows.Next() {
+		profile := new(model.Profile)
+		err := rows.Scan(&profile.Id, &profile.Name, &profile.Secret, &profile.Challenges)
+		if err != nil && !strings.Contains(err.Error(), handleNullConversionError) {
+			return nil, err
+		}
+		profiles = append(profiles, *profile)
+	}
+	return profiles, nil
+}
+
+func (s *store) UpdateProfile(in *pb.UpdateProfileRequest) (string, error) {
+	s.m.Lock()
+	defer s.m.Unlock()
+
+	type Challenge struct {
+		Tag  string `json:"tag"`
+		Name string `json:"name"`
+	}
+	var challenges []Challenge
+	for _, c := range in.Challenges {
+		challenges = append(challenges, Challenge{
+			Tag:  c.Tag,
+			Name: c.Name,
+		})
+	}
+	challengesDB, _ := json.Marshal(challenges)
+	_, err := s.db.Exec(UpdateProfileQuery, in.Secret, string(challengesDB), in.Name)
+	if err != nil {
+		return "", err
+	}
+
+	return OK, nil
+}
+
+func (s *store) DeleteProfile(in *pb.DelProfileRequest)(string, error){
+	s.m.Lock()
+	defer s.m.Unlock()
+	_, err := s.db.Exec(DeleteProfileQuery, in.Name)
+	if err != nil {
+		return "", err
+	}
+
+	return OK, nil
+}
+
 func parseEvents(rows *sql.Rows) ([]model.Event, error) {
 	var events []model.Event
 	for rows.Next() {

database/timeline_test.go

@@ -57,7 +57,7 @@ func insertTeamEvent(eid int, db *sql.DB) error {
 }
 
 func insertFakeEvent(event fakeEvent, db *sql.DB) error {
-	_, err := db.Exec(AddEventQuery, event.tag, "", event.available, event.capacity, "kali", 1, "ftp,sql", event.sT.UTC(), event.fT.UTC(), time.Date(0001, 01, 01, 00, 00, 00, 0000, time.UTC).Format(time.RFC3339), "tester", false, "", "")
+	_, err := db.Exec(AddEventQuery, event.tag, "", event.available, event.capacity, "kali", 1, "ftp,sql", event.sT.UTC(), event.fT.UTC(), time.Date(0001, 01, 01, 00, 00, 00, 0000, time.UTC).Format(time.RFC3339), "tester", 0, "", "")
 	if err != nil {
 		return err
 	}
@@ -212,7 +212,7 @@ func TestGetEvents(t *testing.T) {
 		ExpectedFinishTime: expectedFinishTime.Format(time.RFC3339),
 		FinishedAt:         time.Date(0001, 01, 01, 00, 00, 00, 0000, time.UTC).Format(time.RFC3339),
 		CreatedBy:          "tester",
-		OnlyVPN:            false,
+		OnlyVPN:            0,
 		SecretKey:          "",
 		DisabledExercises:  "",
 	}}

model/model.go

@@ -30,6 +30,13 @@ type Team struct {
 	SolvedChallenges string
 }
 
+type Profile struct {
+	Id         uint
+	Name       string
+	Secret     bool
+	Challenges string
+}
+
 type Config struct {
 	Host      string `yaml:"host"`
 	AuthKey   string `yaml:"auth-key"`