From d26395def2344e2ecc8a999881ffd72ea6ba1dc8 Mon Sep 17 00:00:00 2001
From: Brendan McDevitt <brendan@mcdevitt.tech>
Date: Mon, 11 Apr 2022 20:53:20 -0500
Subject: [PATCH] if you create a text file at ./data/github_usernames.txt with
 one username per line GithubUserImporter will use this data to import a
 GithubUser for each one

---
 README.md                                     |  8 ++++
 app/controllers/cnas_controller.rb            |  1 +
 app/controllers/cpes_controller.rb            |  1 +
 app/controllers/cvemon_cves_controller.rb     |  1 +
 app/controllers/cves_controller.rb            |  1 +
 .../github_advisories_controller.rb           |  3 +-
 app/controllers/github_pocs_controller.rb     |  1 +
 app/controllers/github_users_controller.rb    | 11 +++++
 .../trickest_poc_cves_controller.rb           |  1 +
 app/models/github_user.rb                     |  5 ++
 app/views/github_users/index.html.erb         |  1 +
 app/views/github_users/show.html.erb          |  2 +
 config/routes.rb                              |  3 ++
 db/seeds.rb                                   |  7 +++
 lib/importers/github_user_importer.rb         | 48 +++++++++++++++++++
 15 files changed, 93 insertions(+), 1 deletion(-)
 create mode 100644 app/controllers/github_users_controller.rb
 create mode 100644 app/models/github_user.rb
 create mode 100644 app/views/github_users/index.html.erb
 create mode 100644 app/views/github_users/show.html.erb
 create mode 100644 lib/importers/github_user_importer.rb

diff --git a/README.md b/README.md
index e703544..b43edcf 100644
--- a/README.md
+++ b/README.md
@@ -62,6 +62,14 @@ For now unauthenticated api over localhost:3000 until I put in some basic token
   get "/github_advisories/:ghsa_id", to: "github_advisories#show"
 ```
 
+#### GithubUsers
+Create a text file named `./data/github_usernames.txt` with one username per line
+There is a seed task that will read this file and perform an API call to github API and store the data in DB for each user.
+```
+  get "/github_users", to: "github_users#index"
+  get "/github_users/:username", to: "github_users#show"
+```
+
 #### GithubPocs
 ```
   get "/github_pocs", to: "github_pocs#index"
diff --git a/app/controllers/cnas_controller.rb b/app/controllers/cnas_controller.rb
index e46164d..9da836c 100644
--- a/app/controllers/cnas_controller.rb
+++ b/app/controllers/cnas_controller.rb
@@ -1,6 +1,7 @@
 class CnasController < ApplicationController
   def index
     @cnas = Cna.all
+    render json: @cnas.to_json
   end
 
   def show
diff --git a/app/controllers/cpes_controller.rb b/app/controllers/cpes_controller.rb
index bbf7d78..b2cff81 100644
--- a/app/controllers/cpes_controller.rb
+++ b/app/controllers/cpes_controller.rb
@@ -1,6 +1,7 @@
 class CpesController < ApplicationController
   def index
     @cpes = Cpe.all
+    render json: @cpes.to_json
   end
 
   def show
diff --git a/app/controllers/cvemon_cves_controller.rb b/app/controllers/cvemon_cves_controller.rb
index db19db4..8205191 100644
--- a/app/controllers/cvemon_cves_controller.rb
+++ b/app/controllers/cvemon_cves_controller.rb
@@ -1,6 +1,7 @@
 class CvemonCvesController < ApplicationController
   def index
     @pocs = CvemonCve.all
+    render json: @pocs.to_json
   end
 
   def show
diff --git a/app/controllers/cves_controller.rb b/app/controllers/cves_controller.rb
index ab4c531..0ad98e7 100644
--- a/app/controllers/cves_controller.rb
+++ b/app/controllers/cves_controller.rb
@@ -1,6 +1,7 @@
 class CvesController < ApplicationController
   def index
     @cves = Cve.all
+    render json: @cves.to_json
   end
 
   def show
diff --git a/app/controllers/github_advisories_controller.rb b/app/controllers/github_advisories_controller.rb
index 47b4941..7a7ab01 100644
--- a/app/controllers/github_advisories_controller.rb
+++ b/app/controllers/github_advisories_controller.rb
@@ -1,10 +1,11 @@
 class GithubAdvisoriesController < ApplicationController
   def index
     @advisories = GithubAdvisory.all
+    render json: @advisories.to_json
   end
 
   def show
-    @advisory = GithubAdivsory.find_by_ghsa_id(params[:ghsa_id])
+    @advisory = GithubAdvisory.find_by_ghsa_id(params[:ghsa_id])
     render json: @advisory.to_json
   end
 end
diff --git a/app/controllers/github_pocs_controller.rb b/app/controllers/github_pocs_controller.rb
index 3f11751..75c2ca1 100644
--- a/app/controllers/github_pocs_controller.rb
+++ b/app/controllers/github_pocs_controller.rb
@@ -1,6 +1,7 @@
 class GithubPocsController < ApplicationController
   def index
     @pocs = GithubPoc.all
+    render json: @pocs.to_json
   end
 
   def show
diff --git a/app/controllers/github_users_controller.rb b/app/controllers/github_users_controller.rb
new file mode 100644
index 0000000..8dc85ba
--- /dev/null
+++ b/app/controllers/github_users_controller.rb
@@ -0,0 +1,11 @@
+class GithubUsersController < ApplicationController
+  def index
+    @users = GithubUser.all
+    render json: @users.to_json
+  end
+
+  def show
+    @user = GithubUser.find_by_username(params[:username])
+    render json: @user.to_json
+  end
+end
diff --git a/app/controllers/trickest_poc_cves_controller.rb b/app/controllers/trickest_poc_cves_controller.rb
index 1e0b876..d35ef46 100644
--- a/app/controllers/trickest_poc_cves_controller.rb
+++ b/app/controllers/trickest_poc_cves_controller.rb
@@ -1,6 +1,7 @@
 class TrickestPocCvesController < ApplicationController
   def index
     @pocs = TrickestPocCve.all
+    render json: @pocs.to_json
   end
 
   def show
diff --git a/app/models/github_user.rb b/app/models/github_user.rb
new file mode 100644
index 0000000..ed2de26
--- /dev/null
+++ b/app/models/github_user.rb
@@ -0,0 +1,5 @@
+class GithubUser< ActiveRecord::Base
+  def self.find_by_username(username)
+    find_by(login: username)
+  end
+end
diff --git a/app/views/github_users/index.html.erb b/app/views/github_users/index.html.erb
new file mode 100644
index 0000000..643fbd5
--- /dev/null
+++ b/app/views/github_users/index.html.erb
@@ -0,0 +1 @@
+<h1>Cpes#index</h1>
diff --git a/app/views/github_users/show.html.erb b/app/views/github_users/show.html.erb
new file mode 100644
index 0000000..aab9741
--- /dev/null
+++ b/app/views/github_users/show.html.erb
@@ -0,0 +1,2 @@
+@users
+
diff --git a/config/routes.rb b/config/routes.rb
index 7a436ff..6dc453d 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -33,4 +33,7 @@ Rails.application.routes.draw do
   get "/github_advisories", to: "github_advisories#index"
   get "/github_advisories/:ghsa_id", to: "github_advisories#show"
 
+  get "/github_users", to: "github_users#index"
+  get "/github_users/:username", to: "github_users#show"
+
 end
diff --git a/db/seeds.rb b/db/seeds.rb
index 0354ecd..bf2355a 100644
--- a/db/seeds.rb
+++ b/db/seeds.rb
@@ -14,6 +14,7 @@ require '/data_importer/lib/importers/trickest_poc_cve_importer.rb'
 require '/data_importer/lib/importers/cvemon_cve_importer.rb'
 require '/data_importer/lib/importers/cna_importer.rb'
 require '/data_importer/lib/importers/github_advisory_importer.rb'
+require '/data_importer/lib/importers/github_user_importer.rb'
 
 def line_sep
   puts '----------' * 12
@@ -28,6 +29,7 @@ def perform
     import_cpes
     import_cnas
     import_github_advisories
+    import_github_usernames
 end
 
 def import_cves
@@ -50,6 +52,11 @@ def import_github_advisories
     GithubAdvisoryImporter.new.import
 end
 
+def import_github_usernames
+    line_sep
+    GithubUserImporter.new.import
+end
+
 def import_inthewild_cve_exploits
     line_sep
     InthewildCveExploitImporter.new.import
diff --git a/lib/importers/github_user_importer.rb b/lib/importers/github_user_importer.rb
new file mode 100644
index 0000000..d19170c
--- /dev/null
+++ b/lib/importers/github_user_importer.rb
@@ -0,0 +1,48 @@
+require '/data_importer/lib/github_api/user.rb'
+
+class GithubUserImporter
+  attr_accessor :filepath, :usernames
+  def initialize
+    @filepath = '/data_importer/data/github_usernames.txt'
+    @usernames = File.read(filepath).split("\n")
+  end
+
+  def username_hashes
+    usernames.map do |username|
+      response = GithubApi::User.find(username)
+      response.to_h
+    end
+  end
+
+  def user_h_to_attr(user_h)
+    attrs = {}
+    attrs[:github_id] = user_h['id']
+    attrs[:login] = user_h['login']
+    attrs[:name] = user_h['name']
+    attrs[:avatar_url] = user_h['avatarUrl']
+    attrs[:bio] = user_h['bio']
+    attrs[:bio_html] = user_h['bioHTML']
+    attrs[:location] = user_h['location']
+    attrs
+  end
+
+  def bulk_insert(username_hashes)
+    GithubUser.bulk_insert do |worker|
+      username_hashes.each do |username_hash|
+        attrs = user_h_to_attr(username_hash)
+        worker.add(attrs)
+      end
+    end
+  end
+
+  def import
+    if filepath.nil?
+      puts "Please provide a filepath in the projects data dir named github_usernames.txt with one username per line."
+    else
+      puts "Now importing GithubUsers"
+      usernames = username_hashes.map {|h| h[:login] }
+      puts "Now importing data from the following usernames: #{usernames}"
+      bulk_insert(username_hashes)
+    end
+  end
+end