New: admin-only checkbox for auto-report

lookyloo/lookyloo.py

@@ -72,7 +72,7 @@ class CaptureSettings(CaptureSettingsCore, total=False):
     '''The capture settings that can be passed to Lookyloo'''
     listing: int | None
     not_queued: int | None
-    auto_report: bool | str | dict[str, str] | None
+    auto_report: bool | str | dict[str, str] | None  # {'email': , 'comment': , 'recipient_mail':}
     dnt: str | None
     browser_name: str | None
     os: str | None

website/web/__init__.py

@@ -1598,6 +1598,15 @@ def capture_web() -> str | Response | WerkzeugResponse:
             else:
                 flash('Invalid proxy: Check that you entered a scheme, a hostname and a port.', 'error')
 
+        # auto report
+        if flask_login.current_user.is_authenticated:
+            if request.form.get('auto-report'):
+                capture_query['auto_report'] = {
+                    'email': request.form.get('email'),
+                    'comment': request.form.get('comment'),
+                    'recipient_mail': request.form.get('recipient-mail')
+                }
+
         if request.form.get('url'):
             capture_query['url'] = request.form['url']
             perma_uuid = lookyloo.enqueue_capture(capture_query, source='web', user=user, authenticated=flask_login.current_user.is_authenticated)

website/web/templates/capture.html

@@ -81,6 +81,7 @@
     <hr>
     <!-- End of Submission type -->
 
+
     <div>
       <button class="btn btn-link" type="button" data-bs-toggle="collapse" data-bs-target="#collapseConfigBrowser"
               aria-expanded="false" aria-controls="collapseConfigBrowser">
@@ -356,6 +357,38 @@
 
     <hr>
 
+  {% if current_user.is_authenticated %}
+        <!-- admin only checkbox for autoreport -->
+        <div>
+            <div class="form-check">
+              <input class="form-check-input" type="checkbox"  id="auto-report" name="auto-report" checked="false">
+              <label for="auto-report" class="form-check-label">Automatically submit to investigation team</label>
+            </div>
+        </div>
+        <div id="collapseMailConfiguration" class="collapse d-xl-block">
+            <div class="card card-body">
+                <div class="row mb-3">
+                    <label for="email" >Email of the sender (optional): </label>
+                    <div>
+                        <input type="text" id="email" name="email">
+                    </div>
+                </div>
+                <div class="row mb-3">
+                    <label for="comment">Comment (optional): </label>
+                    <div>
+                        <input type="text" id="comment" name="comment">
+                    </div>
+                </div>
+                <div class="row mb-3">
+                    <label for="recipient-mail">Email of the recipient (optional): </label>
+                    <div>
+                        <input type="text" id="recipient-mail" name="recipient-mail">
+                    </div>
+                </div>
+            </div>
+        </div>
+    {%  endif %}
+
     <center>
       <b>
       {% if default_public %}
@@ -377,6 +410,18 @@
   <script src='{{ url_for('static', filename='capture.js') }}'
           {{get_sri('static', 'capture.js')}}
           crossorigin="anonymous"></script>
+    <script>
+        const displayReportForm = function() {
+            let show_form = document.getElementById("auto-report").checked;
+            if(show_form){
+                document.getElementById("collapseMailConfiguration").style.display = "block";
+            } else {
+                document.getElementById("collapseMailConfiguration").style.display = "none";
+            }
+        }
+        displayReportForm()
+        document.getElementById("auto-report").addEventListener('change', displayReportForm);
+    </script>
   <script>
   $('#nav-url-tab').on('click', function(e) {
     document.getElementById("singleCaptureField").required = true;