• Stars
    star
    181
  • Rank 212,110 (Top 5 %)
  • Language
  • License
    GNU Affero Genera...
  • Created almost 11 years ago
  • Updated 9 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Phantom of the Capitol

Phantom DC for Short

A RESTful API for retrieving the required fields for and filling out the contact forms of members of the US Congress.

Phantom DC has three major functions:

  • Looking up form fields provided by all members of congress
  • Using PhantomJS to proxy fill-in a congress member's form such that they need not navigate directly to the congress member's web page
  • It can return any captcha images and forward the user submitted solution to the .gov website

This project relies on:

Build Status

How to Use This API

Documentation is located here.

How to Contribute to This Project

Dev/ Production Setup with Docker (Recommended)

Docker makes it easy to set up Phantom DC for development, production, and testing.

Here's an example which will get you a quick development instance:

$  cp docker-compose.yml.example docker-compose.yml
$  cp .env.example .env
$  sudo docker-compose up --build

Take a look at config/phantom-dc_config.rb.example to get an idea of what configuration options you can pass on to the phantom-dc docker instance using environment variables in .env. In most instances, you'll want to change the AWS config options.

If you're actively developing, you'll probably also want to share your host directories path with the container by adding volumes to the app service in docker-compose.yml:

  app:
    ...
    volumes:
      - ./cwc:/opt/phantomdc/cwc
      - ./app:/opt/phantomdc/app
      - ./public:/opt/phantomdc/public
      - ./spec:/opt/phantomdc/spec
      - ./tasks:/opt/phantomdc/tasks
      - ./db/migrate:/opt/phantomdc/db/migrate
      - ./docker/app/entrypoint.sh:/opt/phantomdc/entrypoint.sh

To run the test suite using docker, run:

$    sudo docker-compose -f docker-compose.test.yml run test_app rspec spec

You may also want to run a cron daemon for your production setup which pulls the latest YAML files from contact-congress or your other data sources every so often. Only run this after giving time (~5min should do it) for the phantom-dc container to initially populate its members of congress upon the first run:

$  docker run -it --rm --name=phantom-dc-cron \
      -v /var/run/docker.sock:/var/run/docker.sock \
      -v $(pwd)/docker/cron/crontab:/etc/crontabs/root \
      docker crond -f

Development Environment Installation and Setup with Vagrant

Requirements

Using Debian or Ubuntu? Here's a one liner to save you time.

$  apt-get install vagrant virtualbox
  • An AWS account for storing captchas and debug screen shots.

  • SmartyStreets Account An API key for using SmartyStreets allows rake tasks to run.

Installation

On Host
$  # First, using github.com, fork this repo so you can clone directly \
   # from your own repo \
   git clone [email protected]:<YOUR_ACCOUNT>/phantom-of-the-capitol.git &&
   cd phantom-of-the-capitol &&
   vagrant up

$  # Edit config (at minimum change DEBUG_KEY and AWS credentials) \
   cp config/phantom-dc_config.rb.example config/phantom-dc_config.rb &&
   vi config/phantom-dc_config.rb
Within Vagrant VM
$  vagrant ssh

$  cd /vagrant;
   bundle exec rake ar:create;
   bundle exec rake ar:schema:load;
   rackup --host 0.0.0.0

Production Environment Installation and Setup

Requirements

On a Debian based system (we're testing against Ubuntu) download and install the latest phantomjs and then run the below apt-get command.

$  apt-get install imagemagick libmysql++-dev libpq-dev git libqt4-dev xvfb

Install ruby with rvm, then

$  gem install bundler;
   bundle install;

Create the mysql database:

$   cp config/database.rb.example config/database.rb;

    # fill in db info as with any rails app \
    vi config/database.rb;

    # configure the app datafile
    cp config/phantom-dc_config.rb.example  config/phantom-dc_config.rb;
    bundle exec rake ar:create;
    bundle exec rake ar:schema:load

Populating the Database

Once you have Phantom DC running, you have to add DataSources. DataSources are git repositories containing a subdirectory filled with yml files which tell Phantom DC how to fill out forms. In most cases, you want the US Congress data source, which should be added via the below command:

$  ./phantom-dc datasource add --git-clone \
      https://github.com/unitedstates/contact-congress.git us_congress ./us_congress members/

To update the DataSource repos, run...

$  bundle exec rake phantom-dc:update_git

Run this rake task any time you want to update the DataSource repos to the latest commit of each repository. To add and remove DataSources, see the help dialogue for the CLI:

$  ./phantom-dc datasource --help

Running

Just run rackup

Testing

If you haven't set up the test db, create it, using config/database.rb

Then you'll need to create and prepare the test database:

$  RACK_ENV=test bundle exec rake ar:create;
   RACK_ENV=test bundle exec rake ar:schema:load

And run

$  bundle exec rspec spec

Debugging Phantom of the Capitol

The Congress Forms Debugger is a useful tool for debugging Phantom DC. To run it locally, in config/phantom-dc_config.rb first make sure to set DEBUG_KEY to a shared secret and CORS_ALLOWED_DOMAINS to add localhost:8000 if the debugger is going to be run on port 8000. Then:

$  git clone https://github.com/EFForg/congress-forms-test &&
   cd congress-forms-test &&
   vim js/config.js # edit this file so that `PHANTOM_DC_SERVER` points to your own `phantom-of-the-capitol` API root.

$  python -m SimpleHTTPServer # or configure apache for this endpoint

Now, you should be able to point your browser to http://localhost:8000/congress-forms-test/?debug_key=DEBUG_KEY (replacing, of course, DEBUG_KEY) and see a list of members of congress with a column for their Recent Success Rate. From here, you can click on the bioguide identifier for a member of congress and be brought to a page where you can then:

  1. send a test form fill
  2. see details about their recent form fills, including (if it was an attempt resulting in failure or error):
  • the Delayed::Job id #
  • a debugging message
  • a screenshot at the point of failure
  1. view the actions for this member of congress, as the database sees them (e.g. if you want to make sure the actions match the latest YAML from contact-congress)

Re-Running Jobs That Resulted in error or failure

Any jobs that result in an error or failure are added to the Delayed::Job job queue, unless the SKIP_DELAY environment variable is set. This job queue should be checked periodically and the jobs themselves debugged and re-run to ensure delivery. A number of convenience rake tasks have been provided for this purpose.

rake phantom-dc:delayed_job:jobs_per_member

Dispays the number of jobs per member of congress in descending order, indicating which members have captchas on their forms and giving a summation at the end.

rake phantom-dc:delayed_job:perform_fills[regex,job_id,overrides]

Perform the form fills in the queue, optionally providing:

  • regex which will only perform the fills for members with matching bioguide identifiers
  • job_id which will only perform the fill for a given Delayed::Job id
  • overrides, a Ruby hash which will override the field values when the fill is performed

Examples:

$  rake phantom-dc:delayed_job:perform_fills
$  rake phantom-dc:delayed_job:perform_fills[A000000]
$  rake phantom-dc:delayed_job:perform_fills[A000000,,'{"$PHONE" => "555-555-5555"}']
$  rake phantom-dc:delayed_job:perform_fills[,12345,'{"$EMAIL" => "[email protected]"}']

rake phantom-dc:override_field[regex,job_id,overrides]

Override values for jobs in the queue, optionally providing:

  • regex which will only override the values for members with matching bioguide identifiers
  • job_id which will only override the value for a given Delayed::Job id
  • overrides, a Ruby hash which will override the field values for the criteria specified

Examples:

$  rake phantom-dc:delayed_job:override_field
$  rake phantom-dc:delayed_job:override_field[A000000]
$  rake phantom-dc:delayed_job:override_field[A000000,,'{"$PHONE" => "555-555-5555"}']
$  rake phantom-dc:delayed_job:override_field[,12345,'{"$EMAIL" => "[email protected]"}']

rake phantom-dc:delayed_job:zip4_retry[regex]

Pick out the jobs that have no $ADDRESS_ZIP4 defined, figure out the zip+4 based on the address and 5-digit zip in the job (requires an account with SmartyStreets with credentials in config/phantom-dc_config.rb), and try the job again. Optionally provide:

  • regex which will only perform the fills for members with matching bioguide identifiers

Examples:

$  rake phantom-dc:delayed_job:zip4_retry
$  rake phantom-dc:delayed_job:zip4_retry[A000000]

Padrino Console

If you prefer to dive deep, you can fire up the padrino console with padrino c and debug jobs:

> Delayed::Job.where(queue: "error_or_failure").count # count of all jobs
 => 78
> job = Delayed::Job.where(queue: "error_or_failure").first # get the first job
 => #<Delayed::Backend::ActiveRecord::Job id: 318, priority: 0, attempts: 1, handler: "--- !ruby/object:Delayed::PerformableMethod\nobject:...", last_error: "Unable to find css \"p\" with text /Thank you!/\n[\"/ho...", run_at: "2014-07-03 12:14:10", locked_at: nil, failed_at: nil, locked_by: nil, queue: "error_or_failure", created_at: "2014-07-03 12:14:10", updated_at: "2014-08-26 18:50:27">
> handler = YAML.load job.handler # get the "handler" which contains the object to be acted upon and the arguments
 => #<Delayed::PerformableMethod:0x0000000544ae30 @object=#<CongressMember id: 60, bioguide_id: "F000457", success_criteria: "---\nheaders:\n  status: 200\nbody:\n  contains: Your m...", created_at: "2014-04-30 19:08:05", updated_at: "2014-07-03 18:54:34">, @method_name=:fill_out_form, @args=[{"$NAME_FIRST"=>"John", "$NAME_LAST"=>"Doe", "$ADDRESS_STREET"=>"123 Fake Street", "$ADDRESS_CITY"=>"Hennepin", "$ADDRESS_ZIP5"=>"55369", "$EMAIL"=>"[email protected]", "subscribe"=>"1", "$SUBJECT"=>"Example subject", "$MESSAGE"=>"Example Message", "$NAME_PREFIX"=>"Mr.", "$ADDRESS_STATE_POSTAL_ABBREV"=>"MN", "$TOPIC"=>"Example Topic", "$PHONE"=>"555-555-5555", "$ADDRESS_ZIP4"=>"1234"}, nil]>
handler.args[0]['$PHONE'] = '123-456-7890' # set the phone number

Then, when you're ready to retry the fill:

handler.perform # try filling out the form
handler.object.fill_out_form(handler.args[0]) do |c|
  puts c
  STDIN.gets.strip
end # fills out a form with a captcha

More Repositories

1

https-everywhere

A browser extension that encrypts your communications with many websites that offer HTTPS but still allow unencrypted connections.
JavaScript
3,364
star
2

privacybadger

Privacy Badger is a browser extension that automatically learns to block invisible trackers.
JavaScript
3,172
star
3

crocodilehunter

Taking one back for Steve Irwin γ€€ γ€€ (๑‒̀ㅂ‒́)و
Python
968
star
4

apkeep

Rust
827
star
5

OpenWireless

The official home of the EFF OpenWireless Project
JavaScript
731
star
6

action-center-platform

The EFF Action Center Platform
Ruby
453
star
7

privacybadgerfirefox-legacy

LEGACY Privacy Badger for Firefox SEE README
JavaScript
408
star
8

starttls-everywhere

A system for ensuring & authenticating STARTTLS encryption between mail servers
Python
371
star
9

yaya

Yet Another Yara Automaton - Automatically curate open source yara rules and run scans
Go
264
star
10

cover-your-tracks

Is your browser safe against tracking?
JavaScript
193
star
11

dnt-guide

How to Implement DNT
132
star
12

badger-sett

Automated training for Privacy Badger. Badger Sett automates browsers to visit websites to produce fresh Privacy Badger tracker data.
Python
119
star
13

cryptolog

Cryptolog is a tool for anonymizing webserver logs.
Python
68
star
14

cryptobot-email

Python
61
star
15

actioncenter-mobile

2.0
JavaScript
60
star
16

dnt-policy

dnt-policy
44
star
17

sec

Security Education Companion
JavaScript
38
star
18

spot_the_surveillance

Spot the Surveillance is an open-source educational VR tool to help people identify street-level surveillance in their community. As each surveillance device is identified, the user is informed on how the device is used via text and narration. The experience is created with accessibility in mind, so is entirely gaze-based for people with mobility challenges. Audio is also used to assist low-vision users.
JavaScript
34
star
19

www-l10n

31
star
20

rayhunter

Rust tool to detect cell site simulators on an orbic mobile hotspot
Rust
31
star
21

pushserver

A server for sending push notifications to mobile apps
JavaScript
30
star
22

privacybadger-website

Code and content of https://privacybadger.org
SCSS
25
star
23

badger-swarm

Runs distributed Badger Sett scans on Digital Ocean.
Shell
24
star
24

design

Open Source product design resources
22
star
25

starttls-backend

STARTTLS Everywhere web backend and checker
Go
18
star
26

https-everywhere-lib-wasm

A library for HTTPS Everywhere which compiles to WASM
Rust
16
star
27

webrequest-tlsinfo-api

A proposed addition to the Web Extensions API for providing TLS and X.509 information to addons
15
star
28

smtp-tls-history

Produce graphs of the historical (in)security of SMTP transmissions by parsing mailboxes
Python
13
star
29

https-everywhere-lib-core

Core Rust library for HTTPS Everywhere
Rust
12
star
30

trackerlab

EFF's Tracker Blocking Laboratory is an experimental project to test heuristic blocking of non-consensual online tracking. It's based on AdBlock Plus.
D
11
star
31

https-everywhere-docker-base

The Dockerfile for installing all the system-level requirements for HTTPS Everywhere
Dockerfile
11
star
32

onlinecensorship

Ruby
11
star
33

eff_diceware

A ruby gem for creating secure passphrases using EFF's long wordlist.
Ruby
10
star
34

cyberspying

cyberspying.eff.org twitter tool
JavaScript
10
star
35

ssd-l10n

ssd-l10n
10
star
36

https-everywhere-atlas

Static site generator for the HTTPS-Everywhere atlas.
CSS
10
star
37

starttls-policy-cli

Python
9
star
38

stopwatchingus

StopWatching.us Site
HTML
9
star
39

sas

Stand Against Spying
HTML
9
star
40

https-everywhere-standalone

Transparently redirect insecure HTTP to secure HTTPS using HTTPS Everywhere and `mitmproxy`
Python
9
star
41

congress-forms-test

Way for volunteers to test EFF's congress-forms repo
JavaScript
8
star
42

observatory

Python
7
star
43

dayofaction-banner

User-installable banner for activism campaigns
CSS
7
star
44

generate-smarter-encryption-bloom-filter

Generates the bloom file needed for HTTPS Everywhere's DuckDuckGo Smarter Encryption update channel.
Rust
6
star
45

starttls-frontend

Static front end for the STARTTLS scanner
CSS
6
star
46

OpenWireless-WebUI

Open Wireless Web UI
6
star
47

tokio-dl-stream-to-disk

A micro-library for downloading from a URL and streaming it directly to the disk
Rust
6
star
48

congress_forms

Ruby
5
star
49

congress-forms.js

A javascript widget which can construct plain forms that submit to a contact-congress server.
JavaScript
5
star
50

aws_one_click_staging

Ruby
4
star
51

psi-tumblr-crawler

JavaScript
4
star
52

https-everywhere-full-fetch-test

A docker wrapper to generate a patch after a full fetch test
Dockerfile
4
star
53

projectsecretidentity

CSS
4
star
54

ow-python

stripped down implementation of python for openwireless
4
star
55

org.eff.optimizedautocomplete

CiviCRM extension: Optimize the autocomplete search box mysql queries so they're more efficient on large databases
PHP
4
star
56

congress-pics

Generate dynamic images for members of congress
4
star
57

congress_forms_api

Ruby
4
star
58

fight215

JavaScript
3
star
59

roaming-android-mitm

Shell
3
star
60

ngw-website

JavaScript
3
star
61

httpse-ruleset-tests

JavaScript
3
star
62

lemonhrm

Fork of orangehrm open source hr management tool. Adds e-mail notifications and additional fields to the recruitment module.
PHP
3
star
63

psi-tumblr-uploader

2
star
64

eff_fab

Ruby
2
star
65

digitalcitizen

2
star
66

SEC-LevelUp

This repository is for the Level Up community to report issues with the Security Educatoin Companion, which is currently maintained by EFF. EFF is not actively developing this site and is not accepting feature requests..
2
star
67

active_preview

Rails plugin to make previews of active record objects
Ruby
2
star
68

rails_response_headers

Configure ActionController response headers with YAML.
Ruby
2
star
69

actioncenter-feedback

Repo for getting feedback on the new actioncenter
2
star
70

tosback2

HTML
2
star
71

stop-sesta

CSS
2
star
72

find-aa-domains

Create a script to find domains in the PB pre-block list which are mentioned in the Acceptable Ads list as well
JavaScript
2
star
73

privacybadger-test-fixtures-subdomain

Test fixtures for Privacy Badger
HTML
1
star
74

https-everywhere-labeller

Alexa Labeller for HTTPS Everywhere Repo
JavaScript
1
star
75

eff_matomo

Matomo API in Ruby
Ruby
1
star
76

sovereign-keys

C++
1
star
77

privacybadger-test-fixtures

Test fixtures for Privacy Badger
HTML
1
star
78

dear_fcc

Dear FCC
Ruby
1
star
79

fingerprinting-list

1
star
80

https-docs

1
star
81

petition-widget

Boilerplate code for embedding petitions
CSS
1
star
82

apkeep-files

1
star
83

ruby-civicrm

Ruby client for CiviCRM REST interface
Ruby
1
star