def test_utc_future_date(self):
a = utility.datetime_now()
b = utility.utc_future_date(seconds=99)
c = utility.utc_future_date(minutes=99)
d = utility.utc_future_date(hours=99)
self.assertTrue(a < b)
self.assertTrue(b < c)
self.assertTrue(c < d)
def start_asynchronous():
"""
Initialize the asynchronous operation, scheduled in the system
https://github.com/globaleaks/GLBackend/wiki/Asynchronous-and-synchronous-operation
This method would be likely put in GLBaseRunner.postApplication, but is
not executed by globaleaks.run_app, then is called by the
OS-depenedent runner below
"""
from globaleaks.jobs import session_management_sched, \
notification_sched, delivery_sched, cleaning_sched
# When the application boot, maybe because has been after a restart, then
# with the method *.force_execution, we reschedule the execution of all the
# operations
# start the scheduler, before add the Schedule job
GLAsynchronous.start()
# This maybe expanded for debug:
# def event_debug_listener(event):
# if event.exception:
# Job failed
# else:
# Job success
# GLAsynchronous.print_jobs()
# GLAsynchronous.add_listener(event_debug_listener,
# EVENT_JOB_EXECUTED | EVENT_JOB_ERROR | EVENT_JOB_MISSED)
session_manage_sched = session_management_sched.APSSessionManagement()
GLAsynchronous.add_interval_job(session_manage_sched.operation,
minutes=GLSetting.session_management_minutes_delta,
start_date=utc_future_date(seconds=3))
deliver_sched = delivery_sched.APSDelivery()
GLAsynchronous.add_interval_job(deliver_sched.operation,
seconds=GLSetting.delivery_seconds_delta,
start_date=utc_future_date(seconds=5))
notify_sched = notification_sched.APSNotification()
GLAsynchronous.add_interval_job(notify_sched.operation,
minutes=GLSetting.notification_minutes_delta,
start_date=utc_future_date(seconds=7))
clean_sched = cleaning_sched.APSCleaning()
GLAsynchronous.add_interval_job(clean_sched.operation,
hours=GLSetting.cleaning_hours_delta,
start_date=utc_future_date(seconds=10))
def receiver_serialize_internal_tip(internaltip, language=GLSetting.memory_copy.default_language):
itip_dict = {
'context_id': internaltip.context.id,
'creation_date' : datetime_to_ISO8601(internaltip.creation_date),
'expiration_date' : datetime_to_ISO8601(internaltip.expiration_date),
'download_limit' : internaltip.download_limit,
'access_limit' : internaltip.access_limit,
'mark' : internaltip.mark,
'pertinence' : internaltip.pertinence_counter,
'escalation_threshold' : internaltip.escalation_threshold,
'fields' : internaltip.wb_fields,
# these two fields are at the moment unsent by the client, but kept
# maintained in unitTest. (tickets in wishlist)
'is_pertinent' : False,
'global_delete' : False,
# this field "inform" the receiver of the new expiration date that can
# be set, only if PUT with extend = True is updated
'potential_expiration_date' : \
datetime_to_ISO8601(utc_future_date(seconds=internaltip.context.tip_timetolive)),
'extend' : False,
'enable_private_messages': internaltip.context.enable_private_messages
}
# context_name and context_description are localized field
mo = Rosetta()
mo.acquire_storm_object(internaltip.context)
for attr in ['name', 'description' ]:
key = "context_%s" % attr
itip_dict[key] = mo.dump_translated(attr, language)
return itip_dict
def create_submission(store, request, finalize, language=GLSetting.memory_copy.default_language):
context = store.find(Context, Context.id == unicode(request['context_gus'])).one()
if not context:
log.err("Context requested: [%s] not found!" % request['context_gus'])
raise errors.ContextGusNotFound
submission = InternalTip()
submission.escalation_threshold = context.escalation_threshold
submission.access_limit = context.tip_max_access
submission.download_limit = context.file_max_download
submission.expiration_date = utc_future_date(seconds=context.tip_timetolive)
submission.pertinence_counter = 0
submission.context_id = context.id
submission.creation_date = datetime_now()
if finalize:
submission.mark = InternalTip._marker[1] # Finalized
else:
submission.mark = InternalTip._marker[0] # Submission
try:
store.add(submission)
except Exception as excep:
log.err("Storm/SQL Error: %s (create_submission)" % excep)
raise errors.InternalServerError("Unable to commit on DB")
files = request.get('files', [])
try:
import_files(store, submission, files, finalize)
except Exception as excep:
log.err("Submission create: files import fail: %s" % excep)
store.remove(submission)
store.commit()
raise excep
wb_fields = request.get('wb_fields', {})
try:
fo = Fields(context.localized_fields, context.unique_fields)
fo.validate_fields(wb_fields, strict_validation=finalize)
submission.wb_fields = wb_fields
except Exception as excep:
log.err("Submission create: fields validation fail: %s" % excep)
store.remove(submission)
store.commit()
raise excep
receivers = request.get('receivers', [])
try:
import_receivers(store, submission, receivers, required=finalize)
except Exception as excep:
log.err("Submission reate: receivers import fail: %s" % excep)
store.remove(submission)
store.commit()
raise excep
submission_dict = wb_serialize_internaltip(submission)
return submission_dict
def db_create_submission(store, token, request, language):
context = store.find(Context, Context.id == token.context_associated).one()
if not context:
# this can happen only if the context is removed
# between submission POST and PUT.. :) that's why is better just
# ignore this check, take che cached and wait the reference below fault
log.err("Context requested: [%s] not found!" % token.context_associated)
raise errors.ContextIdNotFound
submission = InternalTip()
submission.expiration_date = utc_future_date(seconds=context.tip_timetolive)
submission.context_id = context.id
submission.creation_date = datetime_now()
store.add(submission)
try:
for filedesc in token.uploaded_files:
associated_f = InternalFile()
associated_f.name = filedesc['filename']
# aio, when we are going to implement file.description ?
associated_f.description = ""
associated_f.content_type = filedesc['content_type']
associated_f.size = filedesc['body_len']
associated_f.internaltip_id = submission.id
associated_f.file_path = filedesc['encrypted_path']
store.add(associated_f)
log.debug("=> file associated %s|%s (%d bytes)" % (
associated_f.name, associated_f.content_type, associated_f.size))
except Exception as excep:
log.err("Unable to create a DB entry for file! %s" % excep)
raise excep
try:
wb_steps = request['wb_steps']
steps = db_get_context_steps(store, context.id, language)
verify_steps(steps, wb_steps)
submission.wb_steps = wb_steps
except Exception as excep:
log.err("Submission create: fields validation fail: %s" % excep)
raise excep
try:
import_receivers(store, submission, request['receivers'])
except Exception as excep:
log.err("Submission create: receivers import fail: %s" % excep)
raise excep
submission_dict = wb_serialize_internaltip(submission)
return submission_dict
def create_submission(store, request, finalize, language=GLSetting.memory_copy.default_language):
context = store.find(Context, Context.id == unicode(request['context_id'])).one()
if not context:
log.err("Context requested: [%s] not found!" % request['context_id'])
raise errors.ContextIdNotFound
submission = InternalTip()
submission.access_limit = context.tip_max_access
submission.download_limit = context.file_max_download
submission.expiration_date = utc_future_date(seconds=context.tip_timetolive)
submission.context_id = context.id
submission.creation_date = datetime_now()
if finalize:
submission.mark = u'finalize' # Finalized
else:
submission.mark = u'submission' # Submission
try:
store.add(submission)
except Exception as excep:
log.err("Storm/SQL Error: %s (create_submission)" % excep)
raise errors.InternalServerError("Unable to commit on DB")
try:
import_files(store, submission, request['files'], finalize)
except Exception as excep:
log.err("Submission create: files import fail: %s" % excep)
raise excep
try:
wb_steps = request['wb_steps']
if finalize:
steps = db_get_context_steps(store, context.id, language)
verify_steps(steps, wb_steps)
submission.wb_steps = wb_steps
except Exception as excep:
log.err("Submission create: fields validation fail: %s" % excep)
raise excep
try:
import_receivers(store, submission, request['receivers'], required=finalize)
except Exception as excep:
log.err("Submission create: receivers import fail: %s" % excep)
raise excep
submission_dict = wb_serialize_internaltip(submission)
return submission_dict
def postpone_expiration_date(store, user_id, tip_id):
rtip = access_tip(store, user_id, tip_id)
node = store.find(Node).one()
if not (node.postpone_superpower or
rtip.internaltip.context.postpone_superpower or
rtip.receiver.postpone_superpower):
raise errors.ExtendTipLifeNotEnabled()
else:
log.debug("Postpone check: Node %s, Context %s, Receiver %s" %(
"True" if node.postpone_superpower else "False",
"True" if rtip.internaltip.context.postpone_superpower else "False",
"True" if rtip.receiver.postpone_superpower else "False"
))
rtip.internaltip.expiration_date = \
utc_future_date(seconds=rtip.internaltip.context.tip_timetolive)
log.debug(" [%s] in %s has extended expiration time to %s" % (
rtip.receiver.name,
datetime_to_pretty_str(datetime_now()),
datetime_to_pretty_str(rtip.internaltip.expiration_date)))
comment = Comment()
comment.system_content = dict({
'type': "1", # the first kind of structured system_comments
'receiver_name': rtip.receiver.name,
'expire_on' : datetime_to_ISO8601(rtip.internaltip.expiration_date)
})
# remind: this is put just for debug, it's never used in the flow
# and a system comment may have nothing to say except the struct
comment.content = "%s %s %s (UTC)" % (
rtip.receiver.name,
datetime_to_pretty_str(datetime_now()),
datetime_to_pretty_str(rtip.internaltip.expiration_date))
comment.internaltip_id = rtip.internaltip.id
comment.author = u'System' # The printed line
comment.type = Comment._types[2] # System
comment.mark = Comment._marker[4] # skipped
rtip.internaltip.comments.add(comment)
def force_execution(self, aps=None, seconds=1):
"""
@aps: Advanced Python Scheduler object
seconds: number of seconds to await before operation start
force execution do not execute immidiatly self.operation(),
because we want be sure that is a thread start by APScheduler
"""
plan_exec = utc_future_date(hours=0, seconds=seconds)
plan_exec += (datetime.now() - datetime.utcnow())
try:
aps.add_date_job(self.operation, plan_exec)
except ValueError as exc:
log.err("Failing in force schedule execution of %s planned at %s" %
(self.__class__.__name__, pretty_date_time(plan_exec)))
log.debug("Forced execution of %s at %s" %
(self.__class__.__name__, pretty_date_time(plan_exec)))
def db_postpone_expiration_date(rtip):
if rtip.internaltip.context.tip_timetolive > -1:
rtip.internaltip.expiration_date = \
utc_future_date(days=rtip.internaltip.context.tip_timetolive)
def db_postpone_expiration_date(rtip):
rtip.internaltip.expiration_date = \
utc_future_date(seconds=rtip.internaltip.context.tip_timetolive)
def test_is_expired(self):
self.assertTrue(utility.is_expired(utility.datetime_null()))
self.assertTrue(utility.is_expired(utility.datetime_now()))
self.assertFalse(
utility.is_expired(utility.utc_future_date(seconds=1337)))
def db_postpone_expiration_date(rtip):
rtip.internaltip.expiration_date = \
utc_future_date(seconds=rtip.internaltip.context.tip_timetolive)
def db_create_submission(store, token_id, request, t2w, language):
# the .get method raise an exception if the token is invalid
token = TokenList.get(token_id)
token.use()
answers = request['answers']
context = store.find(models.Context,
models.Context.id == request['context_id']).one()
if not context:
raise errors.ContextIdNotFound
submission = models.InternalTip()
submission.progressive = db_assign_submission_progressive(store)
submission.expiration_date = utc_future_date(days=context.tip_timetolive)
# this is get from the client as it the only possibility possible
# that would fit with the end to end submission.
# the score is only an indicator and not a critical information so we can accept to
# be fooled by the malicious user.
submission.total_score = request['total_score']
# The use of Tor2Web is detected by the basehandler and the status forwared here;
# The status is used to keep track of the security level adopted by the whistleblower
submission.tor2web = t2w
submission.context_id = context.id
submission.enable_two_way_comments = context.enable_two_way_comments
submission.enable_two_way_messages = context.enable_two_way_messages
submission.enable_attachments = context.enable_attachments
submission.enable_whistleblower_identity = context.questionnaire.enable_whistleblower_identity
if submission.enable_whistleblower_identity and request[
'identity_provided']:
submission.identity_provided = True
submission.identity_provided_date = datetime_now()
try:
questionnaire = db_get_context_steps(store, context.id, None)
questionnaire_hash = unicode(sha256(json.dumps(questionnaire)))
submission.questionnaire_hash = questionnaire_hash
submission.preview = extract_answers_preview(questionnaire, answers)
store.add(submission)
db_archive_questionnaire_schema(store, questionnaire,
questionnaire_hash)
db_save_questionnaire_answers(store, submission.id, answers)
except Exception as excep:
log.err("Submission create: fields validation fail: %s" % excep)
raise excep
try:
for filedesc in token.uploaded_files:
new_file = models.InternalFile()
new_file.name = filedesc['filename']
new_file.description = ""
new_file.content_type = filedesc['content_type']
new_file.size = filedesc['body_len']
new_file.internaltip_id = submission.id
new_file.submission = filedesc['submission']
new_file.file_path = filedesc['encrypted_path']
store.add(new_file)
log.debug("=> file associated %s|%s (%d bytes)" %
(new_file.name, new_file.content_type, new_file.size))
except Exception as excep:
log.err("Submission create: unable to create db entry for files: %s" %
excep)
raise excep
receipt, wbtip = db_create_whistleblowertip(store, submission)
if submission.context.maximum_selectable_receivers and \
len(receiver_id_list) > submission.context.maximum_selectable_receivers:
raise errors.SubmissionValidationFailure(
"provided an invalid number of receivers")
rtips = []
for receiver in store.find(models.Receiver,
In(models.Receiver.id, request['receivers'])):
if submission.context not in receiver.contexts:
continue
if not GLSettings.memory_copy.allow_unencrypted and len(
receiver.user.pgp_key_public) == 0:
continue
rtips.append(db_create_receivertip(store, receiver, submission))
if len(rtips) == 0:
raise errors.SubmissionValidationFailure("needed almost one receiver")
log.debug("The finalized submission had created %d models.ReceiverTip(s)" %
len(rtips))
submission_dict = serialize_usertip(store, wbtip, language)
submission_dict.update({'receipt': receipt})
return submission_dict
def update_submission(store, id, request, finalize, language=GLSetting.memory_copy.default_language):
context = store.find(Context, Context.id == unicode(request['context_gus'])).one()
if not context:
log.err("Context requested: [%s] not found!" % request['context_gus'])
raise errors.ContextGusNotFound
submission = store.find(InternalTip, InternalTip.id == unicode(id)).one()
if not submission:
log.debug("Creating a new submission in update!")
submission = InternalTip()
submission.escalation_threshold = context.escalation_threshold
submission.access_limit = context.tip_max_access
submission.download_limit = context.file_max_download
submission.expiration_date = utc_future_date(seconds=context.tip_timetolive)
submission.pertinence_counter = 0
submission.context_id = context.id
submission.creation_date = datetime_now()
submission.mark = InternalTip._marker[0] # Submission
try:
store.add(submission)
except Exception as excep:
log.err("Storm/SQL Error: %s (update_submission)" % excep)
raise errors.InternalServerError("Unable to commit on DB")
# this may happen if a submission try to update a context
if submission.context_id != context.id:
log.err("Can't be changed context in a submission update")
raise errors.ContextGusNotFound("Context are immutable")
if submission.mark != InternalTip._marker[0]:
log.err("Submission %s do not permit update (status %s)" % (id, submission.mark))
raise errors.SubmissionConcluded
files = request.get('files', [])
try:
import_files(store, submission, files, finalize)
except Exception as excep:
log.err("Submission update: files import fail: %s" % excep)
log.exception(excep)
raise excep
wb_fields = request.get('wb_fields', [])
try:
fo = Fields(context.localized_fields, context.unique_fields)
fo.validate_fields(wb_fields, strict_validation=finalize)
submission.wb_fields = wb_fields
except Exception as excep:
log.err("Submission update: fields validation fail: %s" % excep)
log.exception(excep)
raise excep
receivers = request.get('receivers', [])
try:
import_receivers(store, submission, receivers, required=finalize)
except Exception as excep:
log.err("Submission update: receiver import fail: %s" % excep)
log.exception(excep)
raise excep
if finalize:
submission.mark = InternalTip._marker[1] # Finalized
submission_dict = wb_serialize_internaltip(submission)
return submission_dict
def db_create_submission(store, request, uploaded_files, t2w, language):
answers = request['answers']
context = store.find(models.Context, models.Context.id == request['context_id']).one()
if not context:
raise errors.ContextIdNotFound
submission = models.InternalTip()
submission.progressive = db_assign_submission_progressive(store)
if context.tip_timetolive > -1:
submission.expiration_date = utc_future_date(days=context.tip_timetolive)
else:
submission.expiration_date = datetime_never()
# this is get from the client as it the only possibility possible
# that would fit with the end to end submission.
# the score is only an indicator and not a critical information so we can accept to
# be fooled by the malicious user.
submission.total_score = request['total_score']
# The use of Tor2Web is detected by the basehandler and the status forwared here;
# The status is used to keep track of the security level adopted by the whistleblower
submission.tor2web = t2w
submission.context_id = context.id
submission.enable_two_way_comments = context.enable_two_way_comments
submission.enable_two_way_messages = context.enable_two_way_messages
submission.enable_attachments = context.enable_attachments
submission.enable_whistleblower_identity = context.questionnaire.enable_whistleblower_identity
if submission.enable_whistleblower_identity and request['identity_provided']:
submission.identity_provided = True
submission.identity_provided_date = datetime_now()
try:
questionnaire = db_get_context_steps(store, context.id, None)
questionnaire_hash = unicode(sha256(json.dumps(questionnaire)))
submission.questionnaire_hash = questionnaire_hash
submission.preview = extract_answers_preview(questionnaire, answers)
store.add(submission)
db_archive_questionnaire_schema(store, questionnaire, questionnaire_hash)
db_save_questionnaire_answers(store, submission.id, answers)
except Exception as excep:
log.err("Submission create: fields validation fail: %s" % excep)
raise excep
try:
for filedesc in uploaded_files:
new_file = models.InternalFile()
new_file.name = filedesc['name']
new_file.description = ""
new_file.content_type = filedesc['type']
new_file.size = filedesc['size']
new_file.internaltip_id = submission.id
new_file.submission = filedesc['submission']
new_file.file_path = filedesc['path']
store.add(new_file)
log.debug("=> file associated %s|%s (%d bytes)" % (
new_file.name, new_file.content_type, new_file.size))
except Exception as excep:
log.err("Submission create: unable to create db entry for files: %s" % excep)
raise excep
receipt, wbtip = db_create_whistleblowertip(store, submission)
if submission.context.maximum_selectable_receivers > 0 and \
len(request['receivers']) > submission.context.maximum_selectable_receivers:
raise errors.SubmissionValidationFailure("provided an invalid number of receivers")
rtips = []
for receiver in store.find(models.Receiver, In(models.Receiver.id, request['receivers'])):
if submission.context not in receiver.contexts:
continue
if not GLSettings.memory_copy.allow_unencrypted and len(receiver.user.pgp_key_public) == 0:
continue
rtips.append(db_create_receivertip(store, receiver, submission))
if len(rtips) == 0:
raise errors.SubmissionValidationFailure("needed almost one receiver")
log.debug("The finalized submission had created %d models.ReceiverTip(s)" % len(rtips))
submission_dict = serialize_usertip(store, wbtip, language)
submission_dict.update({'receipt': receipt})
return submission_dict
def db_create_submission(store, token_id, request, t2w, language):
# the .get method raise an exception if the token is invalid
token = TokenList.get(token_id)
token.use()
answers = request['answers']
context = store.find(models.Context,
models.Context.id == request['context_id']).one()
if not context:
raise errors.ContextIdNotFound
submission = models.InternalTip()
submission.progressive = db_assign_submission_progressive(store)
submission.expiration_date = utc_future_date(
seconds=context.tip_timetolive)
# The use of Tor2Web is detected by the basehandler and the status forwared here;
# The status is used to keep track of the security level adopted by the whistleblower
submission.tor2web = t2w
submission.context_id = context.id
submission.enable_two_way_comments = context.enable_two_way_comments
submission.enable_two_way_messages = context.enable_two_way_messages
submission.enable_attachments = context.enable_attachments
submission.enable_whistleblower_identity = context.enable_whistleblower_identity
if context.enable_whistleblower_identity and request['identity_provided']:
submission.identity_provided = True
submission.identity_provided_date = datetime_now()
try:
questionnaire = db_get_context_steps(store, context.id, None)
questionnaire_hash = unicode(sha256(json.dumps(questionnaire)))
submission.questionnaire_hash = questionnaire_hash
submission.preview = extract_answers_preview(questionnaire, answers)
store.add(submission)
db_archive_questionnaire_schema(store, questionnaire,
questionnaire_hash)
db_save_questionnaire_answers(store, submission.id, answers)
except Exception as excep:
log.err("Submission create: fields validation fail: %s" % excep)
raise excep
try:
import_receivers(store, submission, request['receivers'])
except Exception as excep:
log.err("Submission create: receivers import fail: %s" % excep)
raise excep
try:
for filedesc in token.uploaded_files:
associated_f = models.InternalFile()
associated_f.name = filedesc['filename']
associated_f.description = ""
associated_f.content_type = filedesc['content_type']
associated_f.size = filedesc['body_len']
associated_f.internaltip_id = submission.id
associated_f.file_path = filedesc['encrypted_path']
store.add(associated_f)
log.debug("=> file associated %s|%s (%d bytes)" %
(associated_f.name, associated_f.content_type,
associated_f.size))
except Exception as excep:
log.err("Submission create: unable to create db entry for files: %s" %
excep)
raise excep
receipt, wbtip = db_create_whistleblower_tip(store, submission)
submission_dict = serialize_usertip(store, wbtip, language)
submission_dict.update({'receipt': receipt})
return submission_dict
def db_create_submission(store, token_id, request, t2w, language):
# the .get method raise an exception if the token is invalid
token = TokenList.get(token_id)
token.use()
answers = request['answers']
context = store.find(models.Context, models.Context.id == request['context_id']).one()
if not context:
raise errors.ContextIdNotFound
submission = models.InternalTip()
submission.progressive = db_assign_submission_progressive(store)
submission.expiration_date = utc_future_date(seconds=context.tip_timetolive)
# The use of Tor2Web is detected by the basehandler and the status forwared here;
# The status is used to keep track of the security level adopted by the whistleblower
submission.tor2web = t2w
submission.context_id = context.id
submission.enable_two_way_comments = context.enable_two_way_comments
submission.enable_two_way_messages = context.enable_two_way_messages
submission.enable_attachments = context.enable_attachments
submission.enable_whistleblower_identity = context.enable_whistleblower_identity
if context.enable_whistleblower_identity and request['identity_provided']:
submission.identity_provided = True
submission.identity_provided_date = datetime_now()
try:
questionnaire = db_get_context_steps(store, context.id, None)
questionnaire_hash = unicode(sha256(json.dumps(questionnaire)))
submission.questionnaire_hash = questionnaire_hash
submission.preview = extract_answers_preview(questionnaire, answers)
store.add(submission)
db_archive_questionnaire_schema(store, questionnaire, questionnaire_hash)
db_save_questionnaire_answers(store, submission.id, answers)
except Exception as excep:
log.err("Submission create: fields validation fail: %s" % excep)
raise excep
try:
import_receivers(store, submission, request['receivers'])
except Exception as excep:
log.err("Submission create: receivers import fail: %s" % excep)
raise excep
try:
for filedesc in token.uploaded_files:
associated_f = models.InternalFile()
associated_f.name = filedesc['filename']
associated_f.description = ""
associated_f.content_type = filedesc['content_type']
associated_f.size = filedesc['body_len']
associated_f.internaltip_id = submission.id
associated_f.file_path = filedesc['encrypted_path']
store.add(associated_f)
log.debug("=> file associated %s|%s (%d bytes)" % (
associated_f.name, associated_f.content_type, associated_f.size))
except Exception as excep:
log.err("Submission create: unable to create db entry for files: %s" % excep)
raise excep
receipt, wbtip = db_create_whistleblower_tip(store, submission)
submission_dict = serialize_usertip(store, wbtip, language)
submission_dict.update({'receipt': receipt})
return submission_dict
def db_create_submission(store, token_id, request, t2w, language):
# the .get method raise an exception if the token is invalid
token = TokenList.get(token_id)
if not token.context_associated == request['context_id']:
raise errors.InvalidInputFormat(
"Token context does not match the one specified in submission payload"
)
token.validate(request)
TokenList.delete(token_id)
answers = request['answers']
context = store.find(Context, Context.id == token.context_associated).one()
if not context:
# this can happen only if the context is removed
# between submission POST and PUT.. :) that's why is better just
# ignore this check, take che cached and wait the reference below fault
log.err("Context requested: [%s] not found!" %
token.context_associated)
raise errors.ContextIdNotFound
submission = InternalTip()
submission.expiration_date = utc_future_date(
seconds=context.tip_timetolive)
submission.context_id = context.id
submission.creation_date = datetime_now()
# Tor2Web is spot in the handler and passed here, is done to keep track of the
# security level adopted by the whistleblower
submission.tor2web = t2w
try:
questionnaire = db_get_context_steps(
store, context.id, GLSettings.memory_copy.default_language)
questionnaire_hash = sha256(json.dumps(questionnaire))
submission.questionnaire_hash = questionnaire_hash
submission.preview = extract_answers_preview(questionnaire, answers)
store.add(submission)
db_archive_questionnaire_schema(store, submission)
db_save_questionnaire_answers(store, submission, answers)
except Exception as excep:
log.err("Submission create: fields validation fail: %s" % excep)
raise excep
try:
import_receivers(store, submission, request['receivers'])
except Exception as excep:
log.err("Submission create: receivers import fail: %s" % excep)
raise excep
try:
for filedesc in token.uploaded_files:
associated_f = InternalFile()
associated_f.name = filedesc['filename']
associated_f.description = ""
associated_f.content_type = filedesc['content_type']
associated_f.size = filedesc['body_len']
associated_f.internaltip_id = submission.id
associated_f.file_path = filedesc['encrypted_path']
store.add(associated_f)
log.debug("=> file associated %s|%s (%d bytes)" %
(associated_f.name, associated_f.content_type,
associated_f.size))
except Exception as excep:
log.err("Unable to create a DB entry for file! %s" % excep)
raise excep
receipt = db_create_whistleblower_tip(store, submission)
submission_dict = wb_serialize_internaltip(store, submission)
submission_dict.update({'receipt': receipt})
return submission_dict
def db_postpone_expiration_date(rtip):
if rtip.internaltip.context.tip_timetolive > -1:
rtip.internaltip.expiration_date = \
utc_future_date(days=rtip.internaltip.context.tip_timetolive)
def test_is_expired(self):
self.assertFalse(utility.is_expired(None))
self.assertTrue(utility.is_expired(utility.datetime_null()))
self.assertTrue(utility.is_expired(utility.datetime_now()))
self.assertFalse(utility.is_expired(utility.utc_future_date(seconds=1337)))
def db_create_submission(store, token_id, request, t2w, language):
# the .get method raise an exception if the token is invalid
token = TokenList.get(token_id)
if not token.context_associated == request['context_id']:
raise errors.InvalidInputFormat("Token context does not match the one specified in submission payload")
token.validate(request)
TokenList.delete(token_id)
answers = request['answers']
context = store.find(Context, Context.id == token.context_associated).one()
if not context:
# this can happen only if the context is removed
# between submission POST and PUT.. :) that's why is better just
# ignore this check, take che cached and wait the reference below fault
log.err("Context requested: [%s] not found!" % token.context_associated)
raise errors.ContextIdNotFound
submission = InternalTip()
submission.expiration_date = utc_future_date(seconds=context.tip_timetolive)
submission.context_id = context.id
submission.creation_date = datetime_now()
# Tor2Web is spot in the handler and passed here, is done to keep track of the
# security level adopted by the whistleblower
submission.tor2web = t2w
try:
questionnaire = db_get_context_steps(store, context.id, GLSettings.memory_copy.default_language)
questionnaire_hash = sha256(json.dumps(questionnaire))
submission.questionnaire_hash = questionnaire_hash
submission.preview = extract_answers_preview(questionnaire, answers)
store.add(submission)
db_archive_questionnaire_schema(store, submission)
db_save_questionnaire_answers(store, submission, answers)
except Exception as excep:
log.err("Submission create: fields validation fail: %s" % excep)
raise excep
try:
import_receivers(store, submission, request['receivers'])
except Exception as excep:
log.err("Submission create: receivers import fail: %s" % excep)
raise excep
try:
for filedesc in token.uploaded_files:
associated_f = InternalFile()
associated_f.name = filedesc['filename']
associated_f.description = ""
associated_f.content_type = filedesc['content_type']
associated_f.size = filedesc['body_len']
associated_f.internaltip_id = submission.id
associated_f.file_path = filedesc['encrypted_path']
store.add(associated_f)
log.debug("=> file associated %s|%s (%d bytes)" % (
associated_f.name, associated_f.content_type, associated_f.size))
except Exception as excep:
log.err("Unable to create a DB entry for file! %s" % excep)
raise excep
receipt = db_create_whistleblower_tip(store, submission)
submission_dict = wb_serialize_internaltip(store, submission)
submission_dict.update({'receipt': receipt})
return submission_dict
