create default profiles on server initialistion

Author: pygrum

pkg/commands/build.go

@@ -31,7 +31,7 @@ import (
 var (
 	l             log.Logger
 	internals     = []string{"id", "ca_cert"}
-	ValidTypes    = []string{"bool", "int", "string", "float"}
+	ValidTypes    = []string{consts.OpTypeBool, consts.OpTypeInt, consts.OpTypeString, consts.OpTypeFloat}
 	builderConfig *BuilderConfig
 )
 
@@ -82,59 +82,60 @@ func defaultOptions() []*builderpb.Option {
 		Name:        "id",
 		Description: "[internal] the agent ID assigned to the build (immutable)",
 		Default:     builderConfig.ID,
-		Type:        "string",
+		Type:        consts.OpTypeString,
 		Required:    true,
 	}
 	name := &builderpb.Option{
 		Name:        "name",
 		Description: "name of this particular agent instance",
 		Default:     builderConfig.ID,
-		Type:        "string",
+		Type:        consts.OpTypeString,
 		Required:    false,
 	}
 	OS := &builderpb.Option{
 		Name:        "os",
 		Description: "the OS that the build targets",
 		Default:     runtime.GOOS,
+		Type:        consts.OpTypeString,
 		Required:    false,
 	}
 	arch := &builderpb.Option{
 		Name:        "arch",
 		Description: "the platform architecture that the build targets",
 		Default:     "amd64",
-		Type:        "string",
+		Type:        consts.OpTypeString,
 		Required:    false,
 	}
 	def := config.MainConfig.Interface
 	if def == "" {
 		def = config.ClientConfig.RHost
 	}
 	host := &builderpb.Option{
-		Name:        "host",
+		Name:        "lhost",
 		Description: "the host that the agent calls back to",
 		Default:     def,
-		Type:        "string",
+		Type:        consts.OpTypeString,
 		Required:    false,
 	}
 	port := &builderpb.Option{
-		Name:        "port",
+		Name:        consts.OpLPort,
 		Description: "the port on which to connect to the host on callback",
-		Default:     "8000",
-		Type:        "int",
+		Default:     "",
+		Type:        consts.OpTypeInt,
 		Required:    false,
 	}
 	out := &builderpb.Option{
 		Name:        "outfile",
 		Description: "the name of the resulting binary",
 		Default:     "",
-		Type:        "string",
+		Type:        consts.OpTypeString,
 		Required:    false,
 	}
 	caCert := &builderpb.Option{
 		Name:        "ca_cert",
 		Description: "[internal] the certificate authority used to sign server certificates (immutable)",
 		Default:     "***",
-		Type:        "string",
+		Type:        consts.OpTypeString,
 		Required:    true,
 	}
 	options = append(options, ID, name, OS, arch, host, port, caCert, out)
@@ -221,17 +222,17 @@ func setCmd(name, value string) {
 
 func TypeVerify(t, value string) error {
 	switch t {
-	case "int":
+	case consts.OpTypeInt:
 		if _, err := strconv.Atoi(value); err != nil {
 			return fmt.Errorf("not a valid integer")
 		}
 
-	case "bool":
+	case consts.OpTypeBool:
 		if _, err := strconv.ParseBool(value); err != nil {
 			return fmt.Errorf("not a valid boolean")
 		}
 
-	case "float":
+	case consts.OpTypeFloat:
 		if _, err := strconv.ParseFloat(value, 64); err != nil {
 			return fmt.Errorf("not a valid float")
 		}
@@ -355,6 +356,8 @@ func build() {
 		return
 	}
 	l.Success("build complete. saved to %s", out.Name())
+	// regen in case they want the convenience of building agents in succession
+	builderConfig.ID = agentID()
 }
 
 // agentID generates an ID for an agent.
@@ -385,11 +388,11 @@ func gatherOptions() string {
 
 func allOptions() []string {
 	var options []string
-	for k := range builderConfig.request.Options {
-		if slices.Contains(internals, k) {
+	for _, k := range builderConfig.options {
+		if slices.Contains(internals, k.Name) {
 			continue
 		}
-		options = append(options, k)
+		options = append(options, k.Name)
 	}
 	return options
 }

pkg/consts/consts.go

@@ -17,4 +17,16 @@ const (
 	AgentIDSize     = 8
 	RequestIDLength = 36
 	OpcodeLength    = 4 // uint32
+
+	ProfileTCP          = "tcp"
+	ProfileHTTP         = "http"
+	ProfileHTTPS        = "https"
+	TypeInternalProfile = "internal"
+
+	OpTypeBool   = "bool"
+	OpTypeInt    = "int"
+	OpTypeFloat  = "float"
+	OpTypeString = "string"
+
+	OpLPort = "lport"
 )

pkg/db/db.go

@@ -11,6 +11,7 @@ import (
 	"gorm.io/driver/mysql"
 	"gorm.io/gorm"
 	"gorm.io/gorm/logger"
+	"strconv"
 )
 
 var (
@@ -36,9 +37,66 @@ func Initialize() string {
 	if err = db.AutoMigrate(&Builder{}, &Agent{}, &Player{}, &Profile{}, &ProfileRecord{}); err != nil {
 		l.Fatal("failed to migrate schema: %v. Monarch cannot continue to operate", err)
 	}
+	return initServerUser(&conf)
+}
+
+// initialize profiles for default handlers - HTTP, HTTPS, TCP
+func initDefaultProfiles(c *config.MonarchConfig) {
+	httpProfile := &Profile{
+		Name:      consts.ProfileHTTP,
+		BuilderID: consts.TypeInternalProfile,
+		CreatedBy: consts.ServerUser,
+	}
+	httpR1 := &ProfileRecord{
+		Profile: consts.ProfileHTTP,
+		Name:    consts.OpLPort,
+		Value:   strconv.Itoa(c.HttpPort),
+	}
+	if tx := db.Create(httpProfile); tx.Error != nil {
+		l.Warn(tx.Error.Error())
+	}
+	if tx := db.Create(httpR1); tx.Error != nil {
+		l.Warn(tx.Error.Error())
+	}
+	httpsProfile := &Profile{
+		Name:      consts.ProfileHTTPS,
+		BuilderID: consts.TypeInternalProfile,
+		CreatedBy: consts.ServerUser,
+	}
+	httpsR1 := &ProfileRecord{
+		Profile: consts.ProfileHTTPS,
+		Name:    consts.OpLPort,
+		Value:   strconv.Itoa(c.HttpsPort),
+	}
+	if tx := db.Create(httpsProfile); tx.Error != nil {
+		l.Warn(tx.Error.Error())
+	}
+	if tx := db.Create(httpsR1); tx.Error != nil {
+		l.Warn(tx.Error.Error())
+	}
+	tcpProfile := &Profile{
+		Name:      consts.ProfileTCP,
+		BuilderID: consts.TypeInternalProfile,
+		CreatedBy: consts.ServerUser,
+	}
+	tcpR1 := &ProfileRecord{
+		Profile: consts.ProfileTCP,
+		Name:    consts.OpLPort,
+		Value:   strconv.Itoa(c.TcpPort),
+	}
+	if tx := db.Create(tcpProfile); tx.Error != nil {
+		l.Warn(tx.Error.Error())
+	}
+	if tx := db.Create(tcpR1); tx.Error != nil {
+		l.Warn(tx.Error.Error())
+	}
+}
+
+func initServerUser(c *config.MonarchConfig) string {
 	uid := uuid.New().String()
 	serverPlayer := &Player{}
 	if db.Where("username = ?", consts.ServerUser).First(serverPlayer); len(serverPlayer.UUID) == 0 {
+		// we can do first-time-run steps here
 		serverPlayer = &Player{
 			UUID:     uid,
 			Username: consts.ServerUser,
@@ -48,6 +106,9 @@ func Initialize() string {
 			l.Fatal("could not create default server user: %v", result.Error)
 		}
 		config.ClientConfig.UUID = uid
+
+		// create default profiles (for now it just loads port numbers for each endpoint type)
+		initDefaultProfiles(c)
 	} else {
 		config.ClientConfig.Name = consts.ServerUser
 		config.ClientConfig.UUID = serverPlayer.UUID

pkg/teamserver/teamserver.go

@@ -8,6 +8,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"github.com/pygrum/monarch/pkg/consts"
 	"github.com/pygrum/monarch/pkg/handler/tcp"
 	"github.com/pygrum/monarch/pkg/teamserver/roles"
 	"github.com/pygrum/monarch/pkg/types"
@@ -211,15 +212,20 @@ func (s *MonarchServer) Builders(_ context.Context, req *clientpb.BuilderRequest
 
 func (s *MonarchServer) Profiles(_ context.Context, req *clientpb.ProfileRequest) (*clientpb.Profiles, error) {
 	var profiles []db.Profile
+	builderIDs := append(req.Name, consts.TypeInternalProfile)
+
 	pbProfiles := &clientpb.Profiles{}
-	if len(req.Name) > 0 {
-		if err := db.Where("name IN ? AND builder_id = ?", req.Name, req.BuilderId).Find(&profiles); err != nil {
-			return nil, fmt.Errorf("failed to find profiles(s): %v", err)
-		}
-	} else {
-		if err := db.Where("builder_id = ?", req.BuilderId).Find(&profiles).Error; err != nil {
-			return nil, fmt.Errorf("failed to find profiles(s): %v", err)
-		}
+	//if len(req.Name) > 0 {
+	//	if err := db.Where("name IN ? AND builder_id IN ?", req.Name, builderIDs).Find(&profiles); err != nil {
+	//		return nil, fmt.Errorf("failed to find profiles(s): %v", err)
+	//	}
+	//} else {
+	//	if err := db.Where("builder_id IN ?", builderIDs).Find(&profiles).Error; err != nil {
+	//		return nil, fmt.Errorf("failed to find profiles(s): %v", err)
+	//	}
+	//}
+	if err := db.Where("builder_id IN ?", builderIDs).Find(&profiles).Error; err != nil {
+		return nil, fmt.Errorf("failed to find profiles(s): %v", err)
 	}
 	for _, p := range profiles {
 		pbProfiles.Profiles = append(pbProfiles.Profiles, &clientpb.Profile{
@@ -239,7 +245,9 @@ func (s *MonarchServer) SaveProfile(ctx context.Context, req *clientpb.SaveProfi
 		return nil, ErrNoMetadata
 	}
 	player := md["uid"]
-	if db.Where("name = ? AND builder_id = ?", req.Name, req.BuilderId).Find(&profile); len(profile.Name) != 0 {
+	// include internal profile in duplicate check to prevent load conflicts
+	builderIDs := []string{req.BuilderId, consts.TypeInternalProfile}
+	if db.Where("name = ? AND builder_id IN ?", req.Name, builderIDs).Find(&profile); len(profile.Name) != 0 {
 		return nil, fmt.Errorf("a profile for this build named '%s' already exists", req.Name)
 	}
 	profile = &db.Profile{
@@ -268,7 +276,10 @@ func (s *MonarchServer) SaveProfile(ctx context.Context, req *clientpb.SaveProfi
 func (s *MonarchServer) LoadProfile(_ context.Context, req *clientpb.SaveProfileRequest) (*clientpb.ProfileData, error) {
 	profile := &db.Profile{}
 	profileData := &clientpb.ProfileData{}
-	if err := db.Where("name = ? AND builder_id = ?", req.Name, req.BuilderId).Find(profile).Error; err != nil {
+
+	// include internal builder ID to allow for loading of internal profiles
+	builderIDs := []string{req.BuilderId, consts.TypeInternalProfile}
+	if err := db.Where("name = ? AND builder_id IN ?", req.Name, builderIDs).Find(profile).Error; err != nil {
 		return nil, fmt.Errorf("failed to find %s: %v", req.Name, err)
 	}
 	var records []db.ProfileRecord
@@ -306,6 +317,8 @@ func (s *MonarchServer) RmProfiles(ctx context.Context, req *clientpb.ProfileReq
 	role := md["role"][0]
 
 	var profiles []db.Profile
+	// rightly only allow deletion from current loaded profile and not internal
+	// if they somehow managed to change the builder_id to internal, they would only be able to remove if admin
 	if err := db.Where("name IN ? AND builder_id = ? ", req.Name, req.BuilderId).Find(&profiles).Error; err != nil {
 		return nil, fmt.Errorf("couldn't get profiles: %v", err)
 	}