Jakach/armeech-neptune
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

adding documents
Deploy / deploy (push) Successful in 38s
Details

Browse Source
This commit is contained in:
janis steiner
2026-05-08 00:33:37 +02:00
parent 4f18b193c9
commit b70e8cd6e4
6 changed files with 530 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/api/index.php
+112
View File
@@ -64,6 +64,9 @@ try {
case 'links':
handleLinks($method, $id, $db);
break;
case 'documents':
handleDocuments($method, $id, $db);
break;
case 'shapes':
handleShapes($method, $id, $db);
break;
@@ -447,6 +450,115 @@ function handleLinks($method, $id, $db) {
}
}
function handleDocuments($method, $id, $db) {
$username = $_SESSION['neptune_username'] ?? 'Unknown';
switch ($method) {
case 'GET':
if ($id) {
$stmt = $db->prepare("
SELECT d.*, t.name AS team_name, t.color AS team_color
FROM documents d JOIN teams t ON d.team_id = t.id
WHERE d.id = ?
");
$stmt->execute([$id]);
echo json_encode($stmt->fetch(PDO::FETCH_ASSOC));
} else {
$teamFilter = $_GET['team_id'] ?? null;
$typeFilter = $_GET['doc_type'] ?? null;
$sql = "
SELECT d.*, t.name AS team_name, t.color AS team_color
FROM documents d JOIN teams t ON d.team_id = t.id
";
$params = [];
$conditions = [];
if ($teamFilter) {
$conditions[] = "d.team_id = ?";
$params[] = $teamFilter;
}
if ($typeFilter) {
$conditions[] = "d.doc_type = ?";
$params[] = $typeFilter;
}
if ($conditions) $sql .= " WHERE " . implode(' AND ', $conditions);
$sql .= " ORDER BY d.occurred_at DESC";
$stmt = $db->prepare($sql);
$stmt->execute($params);
echo json_encode($stmt->fetchAll(PDO::FETCH_ASSOC));
}
break;
case 'POST':
$data = json_decode(file_get_contents('php://input'), true);
$stmt = $db->prepare("
INSERT INTO documents (doc_type, team_id, title, content, occurred_at)
VALUES (?, ?, ?, ?, ?)
");
$stmt->execute([
$data['doc_type'],
$data['team_id'],
$data['title'],
$data['content'] ?? '',
$data['occurred_at'] ?? date('Y-m-d H:i:s')
]);
$docId = $db->lastInsertId();
// Also create a timeline event for this document
$teamId = $data['team_id'];
$docType = $data['doc_type'];
$typeLabels = ['deployment' => 'Deployment', 'attack' => 'Attack', 'incident-report' => 'Incident Report', 'remediation' => 'Remediation', 'exercise' => 'Exercise'];
$typeLabel = $typeLabels[$docType] ?? ucfirst($docType);
$eventTitle = $typeLabel . ': ' . $data['title'];
$eventDesc = $username . ' created document "' . $data['title'] . '" (' . $typeLabel . ')';
$stmt2 = $db->prepare("
INSERT INTO events (team_id, title, description, severity, event_type, occurred_at)
VALUES (?, ?, ?, 'info', 'document', ?)
");
$stmt2->execute([$teamId, $eventTitle, $eventDesc, $data['occurred_at'] ?? date('Y-m-d H:i:s')]);
echo json_encode(['id' => $docId]);
break;
case 'PUT':
if ($id) {
$data = json_decode(file_get_contents('php://input'), true);
$fields = [];
$params = [];
foreach (['doc_type','team_id','title','content','occurred_at'] as $f) {
if (isset($data[$f])) {
$fields[] = "$f = ?";
$params[] = $data[$f];
}
}
if ($fields) {
$params[] = $id;
$stmt = $db->prepare("UPDATE documents SET " . implode(', ', $fields) . " WHERE id = ?");
$stmt->execute($params);
// Create a timeline event for the edit
if (isset($data['title']) || isset($data['doc_type'])) {
$docType = $data['doc_type'] ?? '';
$docTitle = $data['title'] ?? '';
$teamId = $data['team_id'] ?? null;
if ($teamId) {
$typeLabels = ['deployment' => 'Deployment', 'attack' => 'Attack', 'incident-report' => 'Incident Report', 'remediation' => 'Remediation', 'exercise' => 'Exercise'];
$typeLabel = $typeLabels[$docType] ?? ucfirst($docType);
$eventTitle = 'Updated ' . $typeLabel . ': ' . $docTitle;
$eventDesc = $username . ' updated document "' . $docTitle . '" (' . $typeLabel . ')';
$stmt2 = $db->prepare("
INSERT INTO events (team_id, title, description, severity, event_type, occurred_at)
VALUES (?, ?, ?, 'info', 'document', ?)
");
$stmt2->execute([$teamId, $eventTitle, $eventDesc, date('Y-m-d H:i:s')]);
}
}
}
echo json_encode(['updated' => true]);
}
break;
case 'DELETE':
if ($id) {
$db->prepare("DELETE FROM documents WHERE id = ?")->execute([$id]);
echo json_encode(['deleted' => true]);
}
break;
}
}
function handleShapes($method, $id, $db) {
switch ($method) {
case 'GET':
backend/config/database.php
+11
View File
@@ -16,6 +16,17 @@ function getDbConnection() {
}
function migrate($db) {
$db->exec("CREATE TABLE IF NOT EXISTS documents (
id INT AUTO_INCREMENT PRIMARY KEY,
doc_type VARCHAR(50) NOT NULL,
team_id INT NOT NULL,
title VARCHAR(255) NOT NULL,
content TEXT,
occurred_at DATETIME NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
FOREIGN KEY (team_id) REFERENCES teams(id) ON DELETE CASCADE
)");
$db->exec("CREATE TABLE IF NOT EXISTS network_shapes (
id INT AUTO_INCREMENT PRIMARY KEY,
label VARCHAR(255) NOT NULL DEFAULT '',