def submit():
msg = request.form['msg']
fh = request.files['fh']
strip_metadata = True if 'notclean' in request.form else False
fnames = []
if msg:
fnames.append(store.save_message_submission(g.sid, msg))
flash("Thanks! We received your message.", "notification")
if fh:
fnames.append(store.save_file_submission(g.sid, fh.filename,
fh.stream, fh.content_type, strip_metadata))
flash("Thanks! We received your document '%s'."
% fh.filename or '[unnamed]', "notification")
for fname in fnames:
submission = Submission(g.source, fname)
db_session.add(submission)
if g.source.pending:
g.source.pending = False
# Generate a keypair now, if there's enough entropy (issue #303)
entropy_avail = int(open('/proc/sys/kernel/random/entropy_avail').read())
if entropy_avail >= 2400:
crypto_util.genkeypair(g.sid, g.codename)
g.source.last_updated = datetime.now()
db_session.commit()
normalize_timestamps(g.sid)
return redirect(url_for('lookup'))
def test_genkeypair(self):
codename = crypto_util.genrandomid()
filesystem_id = crypto_util.hash_codename(codename)
journalist_filename = crypto_util.display_id()
source = db.Source(filesystem_id, journalist_filename)
db.db_session.add(source)
db.db_session.commit()
crypto_util.genkeypair(source.filesystem_id, codename)
self.assertIsNotNone(crypto_util.getkey(filesystem_id))
def async_genkey(sid, codename):
crypto_util.genkeypair(sid, codename)
# Register key generation as update to the source, so sources will
# filter to the top of the list in the document interface if a
# flagged source logs in and has a key generated for them. #789
try:
source = Source.query.filter(Source.filesystem_id == sid).one()
source.last_updated = datetime.utcnow()
db_session.commit()
except Exception as e:
app.logger.error("async_genkey for source (sid={}): {}".format(sid, e))
def init_source():
"""Initialize a source: create their database record, the
filesystem directory that stores their submissions & replies,
and their GPG key encrypted with their codename. Return a source
object and their codename string.
:returns: A 2-tuple. The first entry, the :class:`db.Source`
initialized. The second, their codename string.
"""
source, codename = init_source_without_keypair()
crypto_util.genkeypair(source.filesystem_id, codename)
return source, codename
def init_source():
"""Initialize a source: create their database record, the
filesystem directory that stores their submissions & replies,
and their GPG key encrypted with their codename. Return a source
object and their codename string.
:returns: A 2-tuple. The first entry, the :class:`db.Source`
initialized. The second, their codename string.
"""
source, codename = init_source_without_keypair()
crypto_util.genkeypair(source.filesystem_id, codename)
return source, codename
def init_source():
"""Initialize a source: create their database record, the
filesystem directory that stores their submissions & replies,
and their GPG key encrypted with their codename. Return a source
object and their codename string.
:returns: A 2-tuple. The first entry, the :class:`db.Source`
initialized. The second, their codename string.
"""
# Create source identity and database record
codename = crypto_util.genrandomid()
filesystem_id = crypto_util.hash_codename(codename)
journalist_filename = crypto_util.display_id()
source = db.Source(filesystem_id, journalist_filename)
db.db_session.add(source)
db.db_session.commit()
# Create the directory to store their submissions and replies
os.mkdir(store.path(source.filesystem_id))
# Generate their key, blocking for as long as necessary
crypto_util.genkeypair(source.filesystem_id, codename)
return source, codename
def async_genkey(sid, codename):
with app.app_context():
background.execute(lambda: crypto_util.genkeypair(sid, codename))
def async_genkey(sid, codename):
with app.app_context():
background.execute(lambda: crypto_util.genkeypair(sid, codename))
