Beispiel #1
0
def db_update_node(store, request, language):
    """
    Update and serialize the node infos

    :param store: the store on which perform queries.
    :param language: the language in which to localize data
    :return: a dictionary representing the serialization of the node
    """
    enable_disable_languages(store, request)

    if language in request["languages_enabled"]:
        node_l10n = NodeL10NFactory(store)
        node_l10n.update(request, language)

    node = NodeFactory(store)
    node.update(request)

    if request["basic_auth"] and request["basic_auth_username"] != "" and request["basic_auth_password"] != "":
        node.set_val("basic_auth", True)
        node.set_val("basic_auth_username", request["basic_auth_username"])
        node.set_val("basic_auth_password", request["basic_auth_password"])
    else:
        node.set_val("basic_auth", False)

    db_refresh_memory_variables(store)

    # TODO pass instance of db_update_node into admin_serialize
    return db_admin_serialize_node(store, language)
Beispiel #2
0
def update_notification(session, tid, request, language):
    ConfigFactory(session, tid).update('notification', request)
    ConfigL10NFactory(session, tid).update('notification', request, language)

    db_refresh_memory_variables(session, [tid])

    return db_get_notification(session, tid, language)
Beispiel #3
0
def db_update_node(session, tid, user_session, request, language):
    """
    Transaction to update the node configuration

    :param session: An ORM session
    :param tid: A tenant ID
    :param user_session: The current user session
    :param request: The request data
    :param language: the language in which to localize data
    :return: Return the serialized configuration for the specified tenant
    """
    config = ConfigFactory(session, tid)

    enable_escrow = not config.get_val('escrow') and request.get('escrow', False)
    disable_escrow = user_session.ek and config.get_val('escrow') and not request.get('escrow', False)

    config.update('node', request)

    if request['enable_ricochet_panel'] and not request['ricochet_address']:
        request['enable_ricochet_panel'] = False

    # Validate that IP addresses/ranges we're getting are goo
    if 'ip_filter_admin' in request and request['ip_filter_admin_enable'] and request['ip_filter_admin']:
        parse_csv_ip_ranges_to_ip_networks(request['ip_filter_admin'])

    if 'languages_enabled' in request and 'default_language' in request:
        db_update_enabled_languages(session,
                                    tid,
                                    request['languages_enabled'],
                                    request['default_language'])

    if language in db_get_languages(session, tid):
        ConfigL10NFactory(session, tid).update('node', request, language)

    if enable_escrow:
        crypto_escrow_prv_key, State.tenant_cache[tid].crypto_escrow_pub_key = GCE.generate_keypair()
        user = db_get(session, models.User, models.User.id == user_session.user_id)
        user.crypto_escrow_prv_key = Base64Encoder.encode(GCE.asymmetric_encrypt(user.crypto_pub_key, crypto_escrow_prv_key))

        if tid == 1:
            session.query(models.User).update({'password_change_needed': True}, synchronize_session=False)
        else:
            session.query(models.User).filter(models.User.tid == tid).update({'password_change_needed': True}, synchronize_session=False)

    if disable_escrow:
        if tid == 1:
            session.query(models.User).update({'crypto_escrow_bkp1_key': ''}, synchronize_session=False)
        else:
            session.query(models.User).update({'crypto_escrow_bkp2_key': ''}, synchronize_session=False)

        session.query(models.User).filter(models.User.tid == tid).update({'crypto_escrow_prv_key': ''}, synchronize_session=False)

    config.set_val('crypto_escrow_pub_key', State.tenant_cache[tid].crypto_escrow_pub_key)

    db_refresh_memory_variables(session, [tid])

    if tid == 1:
        log.setloglevel(config.get_val('log_level'))

    return db_admin_serialize_node(session, tid, language)
Beispiel #4
0
def db_admin_update_user(session, tid, user_id, request, language):
    """
    Updates the specified user.
    """
    fill_localized_keys(request, models.User.localized_keys, language)

    user = db_get_user(session, tid, user_id)

    if user.username != request['username']:
        check = session.query(models.User).filter(models.User.username == text_type(request['username']),
                                                  models.UserTenant.user_id == models.User.id,
                                                  models.UserTenant.tenant_id == tid).one_or_none()
        if check is not None:
            raise errors.InputValidationError('Username already in use')

    user.update(request)

    password = request['password']
    if password:
        user.hash_alg = GCE.HASH
        user.salt = GCE.generate_salt()
        user.password = GCE.hash_password(password, user.salt)
        user.password_change_date = datetime_now()
        user.crypto_prv_key = b''
        user.crypto_pub_key = b''

    # The various options related in manage PGP keys are used here.
    parse_pgp_options(user, request)

    if user.role == 'admin':
        db_refresh_memory_variables(session, [tid])

    return user
Beispiel #5
0
def db_update_node(session, tid, request, language):
    """
    Update and serialize the node infos

    :param session: the session on which perform queries.
    :param language: the language in which to localize data
    :return: a dictionary representing the serialization of the node
    """
    node = ConfigFactory(session, tid, 'node')

    if tid != 1:
        request['enable_signup'] = False

    node.update(request)

    if request['basic_auth'] and request['basic_auth_username'] and request[
            'basic_auth_password']:
        node.set_val(u'basic_auth', True)
        node.set_val(u'basic_auth_username', request['basic_auth_username'])
        node.set_val(u'basic_auth_password', request['basic_auth_password'])
    else:
        node.set_val(u'basic_auth', False)

    db_update_enabled_languages(session, tid, request['languages_enabled'],
                                request['default_language'])

    if language in request['languages_enabled']:
        node_l10n = NodeL10NFactory(session, tid)
        node_l10n.update(request, language)

    db_refresh_memory_variables(session, [tid])

    # TODO pass instance of db_update_node into admin_serialize
    return db_admin_serialize_node(session, tid, language)
Beispiel #6
0
def db_admin_update_user(session, tid, user_id, request, language):
    """
    Updates the specified user.
    """
    fill_localized_keys(request, models.User.localized_keys, language)

    user = db_get_user(session, tid, user_id)

    if user.username != request['username']:
        check = session.query(models.User).filter(
            models.User.username == str(request['username']),
            models.User.tid == tid).one_or_none()
        if check is not None:
            raise errors.InputValidationError('Username already in use')

    user.update(request)

    password = request['password']
    if password and not user.crypto_pub_key:
        user.hash_alg = 'ARGON2'
        user.salt = GCE.generate_salt()
        user.password = GCE.hash_password(password, user.salt)
        user.password_change_date = datetime_now()

    # The various options related in manage PGP keys are used here.
    parse_pgp_options(user, request)

    if user.role == 'admin':
        db_refresh_memory_variables(session, [tid])

    return user
Beispiel #7
0
def db_create(session, desc):
    t = models.Tenant()

    t.active = desc['active']

    session.add(t)

    # required to generate the tenant id
    session.flush()

    appdata = load_appdata()

    if t.id == 1:
        db_load_defaults(session)

    models.config.initialize_config(session, t.id, desc['mode'])

    for var in ['mode', 'name', 'subdomain']:
        db_set_config_variable(session, t.id, var, desc[var])

    models.config.add_new_lang(session, t.id, 'en', appdata)

    db_initialize_tenant_submission_statuses(session, t.id)

    db_refresh_memory_variables(session, [t.id])

    return t
Beispiel #8
0
def db_create(session, desc):
    appdata = load_appdata()

    t = models.db_forge_obj(session, models.Tenant, desc)

    # required to generate/retrive the id
    session.flush()

    db_update_defaults(session)

    models.config.system_cfg_init(session, tid=t.id)

    models.config.add_new_lang(session, t.id, u'en', appdata)

    file_descs = [
      (u'logo', 'data/logo.png'),
      (u'favicon', 'data/favicon.ico')
    ]

    for file_desc in file_descs:
        with open(os.path.join(Settings.client_path, file_desc[1]), 'r') as f:
            data = base64.b64encode(f.read())
            file.db_add_file(session, t.id, file_desc[0], u'', data)

    db_refresh_memory_variables(session, [t.id])

    return t
Beispiel #9
0
def db_update_node(store, request, language):
    """
    Update and serialize the node infos

    :param store: the store on which perform queries.
    :param language: the language in which to localize data
    :return: a dictionary representing the serialization of the node
    """
    enable_disable_languages(store, request)

    if language in request['languages_enabled']:
        node_l10n = NodeL10NFactory(store)
        node_l10n.update(request, language)

    node = NodeFactory(store)
    node.update(request)

    if request[
            'basic_auth'] and request['basic_auth_username'] != '' and request[
                'basic_auth_password'] != '':
        node.set_val('basic_auth', True)
        node.set_val('basic_auth_username', request['basic_auth_username'])
        node.set_val('basic_auth_password', request['basic_auth_password'])
    else:
        node.set_val('basic_auth', False)

    db_refresh_memory_variables(store)

    # TODO pass instance of db_update_node into admin_serialize
    return db_admin_serialize_node(store, language)
    def _setUp(self, session):
        valid_setup = test_tls.get_valid_setup()

        config.db_set_config_variable(session, 1, 'https_cert', valid_setup['cert'])
        config.db_set_config_variable(session, 1, 'https_enabled', True)

        db_refresh_memory_variables(session)
Beispiel #11
0
def db_admin_update_user(session, state, tid, user_id, request, language):
    """
    Updates the specified user.
    """
    fill_localized_keys(request, models.User.localized_keys, language)

    user = db_get_user(session, tid, user_id)

    if user.username != request['username']:
        check = session.query(models.User).filter(
            models.User.username == text_type(request['username']),
            models.UserTenant.user_id == models.User.id,
            models.UserTenant.tenant_id == tid).one_or_none()
        if check is not None:
            raise errors.InputValidationError('Username already in use')

    user.update(request)

    password = request['password']
    if password:
        user.password = security.hash_password(password, user.salt)
        user.password_change_date = datetime_now()

    # The various options related in manage PGP keys are used here.
    parse_pgp_options(state, user, request)

    if user.role == 'admin':
        db_refresh_memory_variables(session, [tid])

    return user
    def _setUp(self, session):
        valid_setup = test_tls.get_valid_setup()

        config.db_set_config_variable(session, 1, 'https_cert',
                                      valid_setup['cert'])
        config.db_set_config_variable(session, 1, 'https_enabled', True)

        db_refresh_memory_variables(session)
    def _setUp(self, session):
        valid_setup = test_tls.get_valid_setup()

        config = ConfigFactory(session, 1, 'node')
        config.set_val(u'https_cert', valid_setup['cert'])
        config.set_val(u'https_enabled', True)

        db_refresh_memory_variables(session)
Beispiel #14
0
def db_create(session, desc):
    t = db_preallocate(session, desc)

    db_initialize(session, t, desc['mode'])

    db_refresh_memory_variables(session, [t.id])

    return t
    def _setUp(self, store):
        valid_setup = test_tls.get_valid_setup()

        prv_fact = PrivateFactory(store)
        prv_fact.set_val(u'https_cert', valid_setup['cert'])
        prv_fact.set_val(u'https_enabled', True)

        db_refresh_memory_variables(store)
Beispiel #16
0
def db_create(session, desc):
    t = db_preallocate(session, desc)

    db_initialize(session, t, desc['mode'])

    db_refresh_memory_variables(session, [t.id])

    return t
Beispiel #17
0
def db_create(session, desc):
    t = db_preallocate(session, desc)

    t.active = True

    db_initialize(session, t.id)

    db_refresh_memory_variables(session, [t.id])

    return t
Beispiel #18
0
def update(session, tid, request):
    t = db_get(session, models.Tenant, models.Tenant.id == tid)

    t.active = request['active']

    for var in ['mode', 'name', 'subdomain']:
        db_set_config_variable(session, tid, var, request[var])

    db_refresh_memory_variables(session, [t.id])

    return serialize_tenant(session, t)
Beispiel #19
0
def update(session, id, request):
    tenant = models.db_get(session, models.Tenant, models.Tenant.id == id)
    tenant.update(request)

    # A tenant created via signup but not activated may require initialization
    if not session.query(models.Config).filter(models.Config.tid == id).count():
        db_initialize(session, tenant, 'default')

    db_refresh_memory_variables(session, [id])

    return serialize_tenant(session, tenant)
Beispiel #20
0
def wizard(store, request, language):
    node = NodeFactory(store)

    if node.get_val('wizard_done'):
        # TODO report as anomaly
        log.err("DANGER: Wizard already initialized!")
        raise errors.ForbiddenOperation

    node._query_group()

    node.set_val('name', request['node']['name'])
    node.set_val('default_language', language)
    node.set_val('wizard_done', True)

    if GLSettings.memory_copy.onionservice is not None:
        node.set_val('onionservice', GLSettings.memory_copy.onionservice)

    node_l10n = NodeL10NFactory(store)

    node_l10n.set_val('description', language, request['node']['description'])
    node_l10n.set_val('header_title_homepage', language, request['node']['name'])

    context = db_create_context(store, request['context'], language)

    langs_to_drop = EnabledLanguage.list(store)
    langs_to_drop.remove(language)
    if len(langs_to_drop):
        EnabledLanguage.remove_old_langs(store, langs_to_drop)

    request['receiver']['contexts'] = [context.id]
    request['receiver']['language'] = language
    db_create_receiver(store, request['receiver'], language)

    admin_dict = {
        'username': u'admin',
        'password': request['admin']['password'],
        'role': u'admin',
        'state': u'enabled',
        'deletable': False,
        'name': u'Admin',
        'public_name': u'Admin',
        'description': u'',
        'mail_address': request['admin']['mail_address'],
        'language': language,
        'password_change_needed': False,
        'pgp_key_remove': False,
        'pgp_key_fingerprint': '',
        'pgp_key_public': '',
        'pgp_key_expiration': datetime_null()
    }

    db_create_admin_user(store, admin_dict, language)

    db_refresh_memory_variables(store)
Beispiel #21
0
def update(session, id, request):
    tenant = models.db_get(session, models.Tenant, models.Tenant.id == id)
    tenant.update(request)

    # A tenant created via signup but not activate may require initialization
    if not session.query(models.Config).filter(models.Config.tid == id).count():
        db_initialize(session, id)

    db_refresh_memory_variables(session, [id])

    return serialize_tenant(session, tenant)
Beispiel #22
0
def wizard(store, request, language):
    models.db_delete(store, l10n.EnabledLanguage, l10n.EnabledLanguage.name != language)

    node = config.NodeFactory(store)

    if node.get_val(u'wizard_done'):
        log.err("DANGER: Wizard already initialized!")
        raise errors.ForbiddenOperation

    node._query_group()

    node.set_val(u'name', request['node_name'])
    node.set_val(u'default_language', language)
    node.set_val(u'wizard_done', True)

    node_l10n = l10n.NodeL10NFactory(store)

    node_l10n.set_val(u'header_title_homepage', language, request['node_name'])

    profiles.load_profile(store, request['profile'])

    receiver_desc = models.User().dict(language)
    receiver_desc['username'] = u'recipient'
    receiver_desc['name'] = receiver_desc['public_name'] = request['receiver_name']
    receiver_desc['mail_address'] = request['receiver_mail_address']
    receiver_desc['language'] = language
    receiver_desc['role'] =u'receiver'
    receiver_desc['deletable'] = True
    receiver_desc['pgp_key_remove'] = False

    _, receiver = db_create_receiver_user(store, receiver_desc, language)

    context_desc = models.Context().dict(language)
    context_desc['name'] = u'Default'
    context_desc['receivers'] = [receiver.id]

    context = db_create_context(store, context_desc, language)

    admin_desc = models.User().dict(language)
    admin_desc['username'] = u'admin'
    admin_desc['password'] = request['admin_password']
    admin_desc['name'] = admin_desc['public_name'] = request['admin_name']
    admin_desc['mail_address'] = request['admin_mail_address']
    admin_desc['language'] = language
    admin_desc['role'] =u'admin'
    admin_desc['deletable'] = False
    admin_desc['pgp_key_remove'] = False
    admin_desc['password_change_needed'] = False

    db_create_admin_user(store, admin_desc, language)

    db_refresh_memory_variables(store)
Beispiel #23
0
def wizard(store, request, language):
    models.db_delete(store, l10n.EnabledLanguage,
                     l10n.EnabledLanguage.name != language)

    node = config.NodeFactory(store)

    if node.get_val(u'wizard_done'):
        log.err("DANGER: Wizard already initialized!")
        raise errors.ForbiddenOperation

    node._query_group()

    node.set_val(u'name', request['node']['name'])
    node.set_val(u'default_language', language)
    node.set_val(u'wizard_done', True)

    node_l10n = l10n.NodeL10NFactory(store)

    node_l10n.set_val(u'description', language, request['node']['description'])
    node_l10n.set_val(u'header_title_homepage', language,
                      request['node']['name'])

    profiles.load_profile(store, request['profile'])

    context = db_create_context(store, request['context'], language)

    request['receiver']['username'] = u'recipient'
    request['receiver']['contexts'] = [context.id]
    request['receiver']['language'] = language
    db_create_receiver_user(store, request['receiver'], language)

    admin_dict = {
        'username': u'admin',
        'password': request['admin']['password'],
        'role': u'admin',
        'state': u'enabled',
        'deletable': False,
        'name': u'Admin',
        'public_name': u'Admin',
        'description': u'',
        'mail_address': request['admin']['mail_address'],
        'language': language,
        'password_change_needed': False,
        'pgp_key_remove': False,
        'pgp_key_fingerprint': '',
        'pgp_key_public': '',
        'pgp_key_expiration': datetime_null()
    }

    db_create_admin_user(store, admin_dict, language)

    db_refresh_memory_variables(store)
Beispiel #24
0
def db_create_admin_user(store, request, language):
    """
    Creates a new admin
    Returns:
        (dict) the admin descriptor
    """
    user = db_create_user(store, request, language)

    log.debug("Created new admin")

    db_refresh_memory_variables(store)

    return user
Beispiel #25
0
def update_notification(session, tid, request, language):
    config = ConfigFactory(session, tid)
    if request['smtp_password'] == '':
        del request['smtp_password']

    config.update('notification', request)

    config_l10n = ConfigL10NFactory(session, tid)
    config_l10n.update('notification', request, language)

    db_refresh_memory_variables(session, [tid])

    return db_get_notification(session, tid, language)
Beispiel #26
0
def db_update_node(store, request, wizard_done, language):
    """
    Update and serialize the node infos

    :param store: the store on which perform queries.
    :param language: the language in which to localize data
    :return: a dictionary representing the serialization of the node
    """
    node = store.find(models.Node).one()

    fill_localized_keys(request, models.Node.localized_keys, language)

    # verify that the languages enabled are valid 'code' in the languages supported
    node.languages_enabled = []
    for lang_code in request['languages_enabled']:
        if lang_code in LANGUAGES_SUPPORTED_CODES:
            node.languages_enabled.append(lang_code)
        else:
            raise errors.InvalidInputFormat("Invalid lang code enabled: %s" % lang_code)

    if not len(node.languages_enabled):
        raise errors.InvalidInputFormat("Missing enabled languages")

    # enforcing of default_language usage (need to be set, need to be _enabled)
    if request['default_language']:
        if request['default_language'] not in node.languages_enabled:
            raise errors.InvalidInputFormat("Invalid lang code as default")

        node.default_language = request['default_language']

    else:
        node.default_language = node.languages_enabled[0]
        log.err("Default language not set!? fallback on %s" % node.default_language)

    node.basic_auth = request['basic_auth']
    if request['basic_auth'] and request['basic_auth_username'] != '' and request['basic_auth_password']  != '':
        node.basic_auth = True
        node.basic_auth_username = request['basic_auth_username']
        node.basic_auth_password = request['basic_auth_password']
    else:
        node.basic_auth = False

    if wizard_done:
        node.wizard_done = True

    node.update(request)

    db_refresh_memory_variables(store)

    return db_admin_serialize_node(store, language)
Beispiel #27
0
def db_update_node(session, tid, request, language):
    """
    Update and serialize the node infos

    :param tid:
    :param request:
    :param session: the session on which perform queries.
    :param language: the language in which to localize data
    :return: a dictionary representing the serialization of the node
    """
    config = ConfigFactory(session, tid)

    config.update('node', request)

    if 'basic_auth' in request and request['basic_auth'] and request[
            'basic_auth_username'] and request['basic_auth_password']:
        config.set_val('basic_auth', True)
        config.set_val('basic_auth_username', request['basic_auth_username'])
        config.set_val('basic_auth_password', request['basic_auth_password'])
    else:
        config.set_val('basic_auth', False)
        config.set_val('basic_auth_username', '')
        config.set_val('basic_auth_password', '')

    if request['enable_ricochet_panel'] and not request['ricochet_address']:
        request['enable_ricochet_panel'] = False

    # Validate that IP addresses/ranges we're getting are goo
    if 'ip_filter_admin' in request and request[
            'ip_filter_admin_enable'] and request['ip_filter_admin']:
        parse_csv_ip_ranges_to_ip_networks(request['ip_filter_admin'])

    if 'ip_filter_whistleblower_enable' in request and request[
            'ip_filter_whistleblower_enable'] and request[
                'ip_filter_whistleblower']:
        parse_csv_ip_ranges_to_ip_networks(request['ip_filter_whistleblower'])

    if 'languages_enabled' in request and 'default_language' in request:
        db_update_enabled_languages(session, tid, request['languages_enabled'],
                                    request['default_language'])

    if language in models.EnabledLanguage.list(session, tid):
        ConfigL10NFactory(session, tid).update('node', request, language)

    db_refresh_memory_variables(session, [tid])

    if tid == 1:
        log.setloglevel(config.get_val('log_level'))

    return db_admin_serialize_node(session, tid, language)
Beispiel #28
0
def update_notification(session, tid, request, language):
    config = ConfigFactory(session, tid)
    if request['smtp_password'] == '':
        del request['smtp_password']

    config.update('notification', request)

    config_l10n = ConfigL10NFactory(session, tid)
    config_l10n.update('notification', request, language)

    if request.pop('reset_templates'):
        config_l10n.reset('notification', load_appdata())

    db_refresh_memory_variables(session, [tid])

    return admin_serialize_notification(session, tid, language)
Beispiel #29
0
def update_notification(session, tid, request, language):
    notif = ConfigFactory(session, tid, 'notification')
    if request['smtp_password'] == '':
        del request['smtp_password']

    notif.update(request)

    notif_l10n = NotificationL10NFactory(session, tid)
    notif_l10n.update(request, language)

    if request.pop('reset_templates'):
        notif_l10n.reset_templates(load_appdata())

    db_refresh_memory_variables(session, [tid])

    return admin_serialize_notification(session, tid, language)
def update_notification(store, request, language):
    notif = store.find(Notification).one()

    fill_localized_keys(request, Notification.localized_keys, language)

    if request['reset_templates']:
        appdata_dict = load_appdata()
        for k in appdata_dict['templates']:
            request[k] = appdata_dict['templates'][k]

    notif.update(request)

    parse_pgp_options(notif, request)

    db_refresh_memory_variables(store)

    return admin_serialize_notification(notif, language)
def update_notification(store, request, language):
    notif = store.find(Notification).one()

    fill_localized_keys(request, Notification.localized_keys, language)

    if request['reset_templates']:
        appdata_dict = load_appdata()
        for k in appdata_dict['templates']:
            request[k] = appdata_dict['templates'][k]

    notif.update(request)

    parse_pgp_options(notif, request)

    db_refresh_memory_variables(store)

    return admin_serialize_notification(notif, language)
Beispiel #32
0
def update_notification(store, request, language):
    notif = NotificationFactory(store)
    notif.update(request)

    smtp_pw = request.pop('smtp_password', u'')
    if smtp_pw != u'':
        PrivateFactory(store).set_val(u'smtp_password', smtp_pw)

    notif_l10n = NotificationL10NFactory(store)
    notif_l10n.update(request, language)

    if request.pop('reset_templates'):
        notif_l10n.reset_templates(load_appdata())

    # Since the Notification object has been changed refresh the global copy.
    db_refresh_memory_variables(store)

    return admin_serialize_notification(store, language)
Beispiel #33
0
def db_update_node(store, request, wizard_done, language):
    """
    Update and serialize the node infos

    :param store: the store on which perform queries.
    :param language: the language in which to localize data
    :return: a dictionary representing the serialization of the node
    """
    node = store.find(models.Node).one()

    fill_localized_keys(request, models.Node.localized_keys, language)

    # verify that the languages enabled are valid 'code' in the languages supported
    node.languages_enabled = []
    for lang_code in request['languages_enabled']:
        if lang_code in LANGUAGES_SUPPORTED_CODES:
            node.languages_enabled.append(lang_code)
        else:
            raise errors.InvalidInputFormat("Invalid lang code enabled: %s" %
                                            lang_code)

    if not len(node.languages_enabled):
        raise errors.InvalidInputFormat("Missing enabled languages")

    # enforcing of default_language usage (need to be set, need to be _enabled)
    if request['default_language']:
        if request['default_language'] not in node.languages_enabled:
            raise errors.InvalidInputFormat("Invalid lang code as default")

        node.default_language = request['default_language']

    else:
        node.default_language = node.languages_enabled[0]
        log.err("Default language not set!? fallback on %s" %
                node.default_language)

    if wizard_done:
        node.wizard_done = True

    node.update(request)

    db_refresh_memory_variables(store)

    return db_admin_serialize_node(store, language)
Beispiel #34
0
def db_update_node(session, tid, request, language, config_node):
    """
    Update and serialize the node infos

    :param session: the session on which perform queries.
    :param language: the language in which to localize data
    :return: a dictionary representing the serialization of the node
    """
    node = ConfigFactory(session, tid, config_node)

    node.update(request)

    if 'basic_auth' in request:
        if request['basic_auth'] and request[
                'basic_auth_username'] and request['basic_auth_password']:
            node.set_val(u'basic_auth', True)
            node.set_val(u'basic_auth_username',
                         request['basic_auth_username'])
            node.set_val(u'basic_auth_password',
                         request['basic_auth_password'])
        else:
            node.set_val(u'basic_auth', False)

    # Validate that IP addresses/ranges we're getting are goo
    if 'ip_filter_authenticated' in request:
        if request['ip_filter_authenticated_enable'] and request[
                'ip_filter_authenticated']:
            # Make sure we can validate and parse the whole thing
            parse_csv_ip_ranges_to_ip_networks(
                request['ip_filter_authenticated'])

    if 'languages_enabled' in request and 'default_language' in request:
        db_update_enabled_languages(session, tid, request['languages_enabled'],
                                    request['default_language'])

    if language in models.EnabledLanguage.list(session, tid):
        node_l10n = NodeL10NFactory(session, tid)
        node_l10n.update(request, language)

    db_refresh_memory_variables(session, [tid])

    return db_admin_serialize_node(session, tid, language)
Beispiel #35
0
def update_notification(store, request, language):
    notif_l10n = NotificationL10NFactory(store)
    notif_l10n.update(request, language)

    if request.pop('reset_templates'):
        appdata = load_appdata()
        notif_l10n.reset_templates(appdata)

    smtp_pw = request.pop('smtp_password', u'')
    if smtp_pw != u'':
        PrivateFactory(store).set_val('smtp_password', smtp_pw)

    notif = NotificationFactory(store)
    notif.update(request)

    parse_pgp_options(notif, request)

    # Since the Notification object has been changed refresh the global copy.
    db_refresh_memory_variables(store)

    return admin_serialize_notification(store, language)
Beispiel #36
0
def update_notification(store, request, language):
    notif = store.find(Notification).one()

    fill_localized_keys(request, Notification.localized_keys, language)

    if request['reset_templates']:
        appdata_dict = load_appdata()
        for k in appdata_dict['templates']:
            request[k] = appdata_dict['templates'][k]

    if request['password'] == u'':
      log.debug('No password set. Using pw already in the DB.')
      request['password'] = notif.password

    notif.update(request)

    parse_pgp_options(notif, request)
    # Since the Notification object has been changed refresh the global copy.
    db_refresh_memory_variables(store)

    return admin_serialize_notification(notif, language)
Beispiel #37
0
def db_admin_update_user(session, state, tid, user_id, request, language):
    """
    Updates the specified user.
    """
    fill_localized_keys(request, models.User.localized_keys, language)

    user = models.db_get(session, models.User, models.User.tid == tid,
                         models.User.id == user_id)

    user.update(request)

    password = request['password']
    if password:
        user.password = security.hash_password(password, user.salt)
        user.password_change_date = datetime_now()

    # The various options related in manage PGP keys are used here.
    parse_pgp_options(state, user, request)

    if user.role == 'admin':
        db_refresh_memory_variables(session, [tid])

    return user
Beispiel #38
0
def db_admin_update_user(store, user_id, request, language):
    """
    Updates the specified user.
    raises: globaleaks.errors.UserIdNotFound` if the user does not exist.
    """
    fill_localized_keys(request, models.User.localized_keys, language)

    user = models.db_get(store, models.User, id=user_id)

    user.update(request)

    password = request['password']
    if password:
        user.password = security.hash_password(password, user.salt)
        user.password_change_date = datetime_now()

    # The various options related in manage PGP keys are used here.
    parse_pgp_options(user, request)

    if user.role == 'admin':
        db_refresh_memory_variables(store)

    return user
Beispiel #39
0
def delete(session, id):
    models.db_delete(session, models.Tenant, models.Tenant.id == id)

    db_refresh_memory_variables(session, [id])
Beispiel #40
0
def db_wizard(session, state, tid, request, client_using_tor, language):
    node = config.ConfigFactory(session, tid, 'node')

    if node.get_val(u'wizard_done'):
        log.err("DANGER: Wizard already initialized!", tid=tid)
        raise errors.ForbiddenOperation

    db_update_enabled_languages(session, tid, [language], language)

    tenant = models.db_get(session, models.Tenant, models.Tenant.id == tid)
    tenant.label = request['node_name']

    node.set_val(u'name', request['node_name'])
    node.set_val(u'default_language', language)
    node.set_val(u'wizard_done', True)
    node.set_val(u'enable_developers_exception_notification',
                 request['enable_developers_exception_notification'])

    # Guess Tor configuration from thee media used on first configuration and
    # if the user is using Tor preserve node anonymity and perform outgoing connections via Tor
    node.set_val(u'reachable_via_web', not client_using_tor)
    node.set_val(u'allow_unencrypted', not client_using_tor)
    node.set_val(u'anonymize_outgoing_connections', client_using_tor)
    node.set_val(u'disable_encryption_warnings', not client_using_tor)

    node_l10n = config.NodeL10NFactory(session, tid)
    node_l10n.set_val(u'header_title_homepage', language, request['node_name'])

    profiles.load_profile(session, tid, request['profile'])

    receiver_desc = models.User().dict(language)
    receiver_desc['name'] = request['receiver_name']
    receiver_desc['username'] = u'recipient'
    receiver_desc['name'] = request['receiver_name']
    receiver_desc['mail_address'] = request['receiver_mail_address']
    receiver_desc['language'] = language
    receiver_desc['role'] = u'receiver'
    receiver_desc['deletable'] = True
    receiver_desc['pgp_key_remove'] = False

    _, receiver = db_create_receiver_user(session, state, tid, receiver_desc,
                                          language)

    context_desc = models.Context().dict(language)
    context_desc['name'] = u'Default'
    context_desc['receivers'] = [receiver.id]

    db_create_context(session, state, tid, context_desc, language)

    admin_desc = models.User().dict(language)
    admin_desc['name'] = request['admin_name']
    admin_desc['username'] = u'admin'
    admin_desc['password'] = request['admin_password']
    admin_desc['name'] = request['admin_name']
    admin_desc['mail_address'] = request['admin_mail_address']
    admin_desc['language'] = language
    admin_desc['role'] = u'admin'
    admin_desc['deletable'] = False
    admin_desc['pgp_key_remove'] = False
    admin_desc['password_change_needed'] = False

    db_create_user(session, state, tid, admin_desc, language)

    db_refresh_memory_variables(session, [tid])
Beispiel #41
0
def set_config_variable(session, tid, var, val):
    db_set_config_variable(session, tid, var, val)

    db_refresh_memory_variables(session, [tid])
Beispiel #42
0
def db_wizard(session, tid, request, client_using_tor, language):
    language = request['node_language']

    node = config.ConfigFactory(session, tid)

    if tid != 1:
        root_tenant_node = config.ConfigFactory(session, 1)
    else:
        root_tenant_node = node

    if node.get_val(u'wizard_done'):
        log.err("DANGER: Wizard already initialized!", tid=tid)
        raise errors.ForbiddenOperation

    db_update_enabled_languages(session, tid, [language], language)

    node.set_val(u'name', request['node_name'])
    node.set_val(u'default_language', language)
    node.set_val(u'wizard_done', True)
    node.set_val(u'enable_developers_exception_notification', request['enable_developers_exception_notification'])

    # Guess Tor configuration from thee media used on first configuration and
    # if the user is using Tor preserve node anonymity and perform outgoing connections via Tor
    node.set_val(u'reachable_via_web', not client_using_tor)
    node.set_val(u'allow_unencrypted', not client_using_tor)
    node.set_val(u'anonymize_outgoing_connections', client_using_tor)

    node_l10n = config.ConfigL10NFactory(session, tid)
    node_l10n.set_val(u'header_title_homepage', language, request['node_name'])

    profiles.load_profile(session, tid, request['profile'])

    admin_desc = models.User().dict(language)
    admin_desc['name'] = request['admin_name']
    admin_desc['username'] = u'admin'
    admin_desc['password'] = request['admin_password']
    admin_desc['name'] = request['admin_name']
    admin_desc['mail_address'] = request['admin_mail_address']
    admin_desc['language'] = language
    admin_desc['role'] =u'admin'
    admin_desc['deletable'] = False
    admin_desc['pgp_key_remove'] = False

    admin_user = db_create_user(session, tid, admin_desc, language)
    admin_user.password_change_needed = False
    admin_user.password_change_date = datetime_now()

    receiver_desc = models.User().dict(language)
    receiver_desc['name'] = request['receiver_name']
    receiver_desc['username'] = u'recipient'
    receiver_desc['password'] = request['receiver_password']
    receiver_desc['name'] = request['receiver_name']
    receiver_desc['mail_address'] = request['receiver_mail_address']
    receiver_desc['language'] = language
    receiver_desc['role'] =u'receiver'
    receiver_desc['deletable'] = True
    receiver_desc['pgp_key_remove'] = False

    receiver_user = db_create_user(session, tid, receiver_desc, language)

    context_desc = models.Context().dict(language)
    context_desc['status'] = 1
    context_desc['name'] = u'Default'
    context_desc['receivers'] = [receiver_user.id]

    context = db_create_context(session, tid, context_desc, language)

    # Root tenants initialization terminates here

    if tid == 1:
        db_refresh_memory_variables(session, [tid])
        return

    # Secondary tenants initialization starts here

    tenant = models.db_get(session, models.Tenant, models.Tenant.id == tid)
    tenant.label = request['node_name']

    mode = node.get_val(u'mode')

    if mode != u'default':
        node.set_val(u'hostname', tenant.subdomain + '.' + node.get_val(u'rootdomain'))
        node.set_val(u'reachable_via_web', True)
        node.set_val(u'allow_unencrypted', True)
        node.set_val(u'anonymize_outgoing_connections', True)
        node.set_val(u'allow_iframes_inclusion', True)
        context.questionnaire_id = root_tenant_node.get_val(u'default_questionnaire')

    # Apply the specific fixes related to whistleblowing.it projects
    if mode == u'whistleblowing.it':
        node.set_val(u'disable_key_code_hint', True)
        node.set_val(u'disable_privacy_badge', True)
        node.set_val(u'disable_donation_panel', True)
        node.set_val(u'simplified_login', True)
        node.set_val(u'can_delete_submission', False)
        node.set_val(u'enable_user_pgp_key_upload', False)
        node.set_val(u'tor', False)

        # Delete the admin user
        session.delete(admin_user)

        # Set the recipient name equal to the node name
        receiver_user.name = request['node_name']

        # Enable the recipient user to configure platform general settings
        receiver_user.can_edit_general_settings = True

        # Set data retention policy to 18 months
        context.tip_timetolive = 540

        # Enable recipients to load files to the whistleblower
        context.enable_rc_to_wb_files = True

    db_refresh_memory_variables(session, [tid])