def create_receiver_with_contexts(self, store):
c = self.localization_set(self.dummyContext, models.Context, 'en')
r = self.localization_set(self.dummyReceiver_1, models.Receiver, 'en')
receiver_user = models.User(self.dummyReceiverUser_1)
receiver_user.last_login = self.dummyReceiverUser_1['last_login']
receiver_user.password_change_date = self.dummyReceiverUser_1['password_change_date']
# Avoid receivers with the same username!
receiver_user.username = u'xxx'
store.add(receiver_user)
receiver = models.Receiver(r)
receiver.user = receiver_user
receiver.gpg_key_status = u'disabled'
receiver.mail_address = u'*****@*****.**'
context1 = models.Context(c)
context1.submission_timetolive = context1.tip_timetolive = 1000
context1.description = context1.name = \
context1.submission_disclaimer = \
context1.submission_introduction = {'en': 'Valar Morghulis'}
context2 = models.Context(c)
context2.submission_timetolive = context2.tip_timetolive = 1000
context2.description = context2.name =\
context2.submission_disclaimer = \
context2.submission_introduction = {'en': 'Valar Dohaeris'}
receiver.contexts.add(context1)
receiver.contexts.add(context2)
store.add(receiver)
return receiver.id
def db_create_context(store, request, language):
"""
Creates a new context from the request of a client.
We associate to the context the list of receivers and if the receiver is
not valid we raise a ReceiverIdNotFound exception.
Args:
(dict) the request containing the keys to set on the model.
Returns:
(dict) representing the configured context
"""
receivers = request.get('receivers', [])
steps = request.get('steps', [])
fill_localized_keys(request, models.Context.localized_strings, language)
context = models.Context(request)
# Integrity checks related on name (need to exists, need to be unique)
# are performed only using the default language at the moment (XXX)
try:
context_name = request['name'][language]
except Exception as excep:
raise errors.InvalidInputFormat("language %s do not provide name: %s" %
(language, excep))
if len(context_name) < 1:
log.err("Invalid request: name is an empty string")
raise errors.InvalidInputFormat(
"Context name is missing (1 char required)")
if request['select_all_receivers']:
if request['maximum_selectable_receivers']:
log.debug(
"Resetting maximum_selectable_receivers (%d) because 'select_all_receivers' is True"
% request['maximum_selectable_receivers'])
request['maximum_selectable_receivers'] = 0
# tip_timetolive to be converted in seconds since hours and days
context.tip_timetolive = acquire_context_timetolive(
int(request['tip_timetolive']))
c = store.add(context)
for receiver_id in receivers:
receiver = models.Receiver.get(store, receiver_id)
if not receiver:
log.err("Creation error: unexistent context can't be associated")
raise errors.ReceiverIdNotFound
c.receivers.add(receiver)
if steps:
db_create_steps(store, c.id, steps, language)
else:
db_setup_default_steps(store, c.id)
log.debug("Created context %s (using %s)" % (context_name, language))
return admin_serialize_context(store, context, language)
def context_add(self, store):
c = self.localization_set(self.dummyContext, models.Context, 'en')
context = models.Context(c)
context.submission_timetolive = context.tip_timetolive = 1000
context.description = context.name = \
context.submission_disclaimer = \
context.submission_introduction = {'en': 'Localized723'}
store.add(context)
return context.id
def create_context_with_receivers(self, store):
u1 = self.localization_set(self.dummyReceiverUser_1, models.User, 'en')
receiver_user1 = models.User(u1)
receiver_user1.last_login = self.dummyReceiverUser_1['last_login']
receiver_user1.password_change_date = self.dummyReceiverUser_1[
'password_change_date']
u2 = self.localization_set(self.dummyReceiverUser_2, models.User, 'en')
receiver_user2 = models.User(u2)
receiver_user2.last_login = self.dummyReceiverUser_2['last_login']
receiver_user2.password_change_date = self.dummyReceiverUser_2[
'password_change_date']
store.add(receiver_user1)
store.add(receiver_user2)
c = self.localization_set(self.dummyContext, models.Context, 'en')
context = models.Context(c)
context.tip_timetolive = 1000
context.description = context.name = \
context.submission_disclaimer = \
context.submission_introduction = {'en': 'Localized76w'}
r1 = self.localization_set(self.dummyReceiver_1, models.Receiver, 'en')
r2 = self.localization_set(self.dummyReceiver_2, models.Receiver, 'en')
receiver1 = models.Receiver(r1)
receiver2 = models.Receiver(r2)
receiver1.user = receiver_user1
receiver2.user = receiver_user2
receiver1.user.pgp_key_status = u'disabled'
receiver1.user.pgp_key_expiration = "1970-01-01 00:00:00.000000"
receiver1.user.pgp_key_fingerprint = ""
receiver1.user.pgp_key_info = ""
receiver1.user.pgp_key_public = ""
receiver2.user.pgp_key_status = u'disabled'
receiver2.user.pgp_key_expiration = "1970-01-01 00:00:00.000000"
receiver2.user.pgp_key_fingerprint = ""
receiver2.user.pgp_key_info = ""
receiver2.user.pgp_key_public = ""
receiver1.mail_address = '*****@*****.**'
receiver2.mail_address = '*****@*****.**'
context.receivers.add(receiver1)
context.receivers.add(receiver2)
store.add(context)
return context.id
def create_receiver_with_contexts(self, store):
c = self.localization_set(self.dummyContext, models.Context, 'en')
r = self.localization_set(self.dummyReceiver_1, models.Receiver, 'en')
u = self.localization_set(self.dummyReceiverUser_1, models.User, 'en')
receiver_user = models.User(u)
receiver_user.last_login = self.dummyReceiverUser_1['last_login']
receiver_user.password_change_date = self.dummyReceiverUser_1[
'password_change_date']
# Avoid receivers with the same username!
receiver_user.username = u'xxx'
store.add(receiver_user)
receiver = models.Receiver(r)
receiver.user = receiver_user
receiver.user.pgp_key_status = u'disabled'
receiver.user.pgp_key_expiration = "1970-01-01 00:00:00.000000"
receiver.user.pgp_key_fingerprint = ""
receiver.user.pgp_key_info = ""
receiver.user.pgp_key_public = ""
receiver.mail_address = u'*****@*****.**'
context1 = models.Context(c)
context1.questionnaire_id = db_get_default_questionnaire_id(store)
context1.tip_timetolive = 1000
context1.description = context1.name = \
context1.submission_disclaimer = \
context1.submission_introduction = {'en': 'Valar Morghulis'}
context2 = models.Context(c)
context2.questionnaire_id = db_get_default_questionnaire_id(store)
context2.tip_timetolive = 1000
context2.description = context2.name = \
context2.submission_disclaimer = \
context2.submission_introduction = {'en': 'Valar Dohaeris'}
receiver.contexts.add(context1)
receiver.contexts.add(context2)
store.add(receiver)
return receiver.id
def wizard(store, request, language):
models.db_delete(store, l10n.EnabledLanguage, l10n.EnabledLanguage.name != language)
node = config.NodeFactory(store)
if node.get_val(u'wizard_done'):
log.err("DANGER: Wizard already initialized!")
raise errors.ForbiddenOperation
node._query_group()
node.set_val(u'name', request['node_name'])
node.set_val(u'default_language', language)
node.set_val(u'wizard_done', True)
node_l10n = l10n.NodeL10NFactory(store)
node_l10n.set_val(u'header_title_homepage', language, request['node_name'])
profiles.load_profile(store, request['profile'])
receiver_desc = models.User().dict(language)
receiver_desc['username'] = u'recipient'
receiver_desc['name'] = receiver_desc['public_name'] = request['receiver_name']
receiver_desc['mail_address'] = request['receiver_mail_address']
receiver_desc['language'] = language
receiver_desc['role'] =u'receiver'
receiver_desc['deletable'] = True
receiver_desc['pgp_key_remove'] = False
_, receiver = db_create_receiver_user(store, receiver_desc, language)
context_desc = models.Context().dict(language)
context_desc['name'] = u'Default'
context_desc['receivers'] = [receiver.id]
context = db_create_context(store, context_desc, language)
admin_desc = models.User().dict(language)
admin_desc['username'] = u'admin'
admin_desc['password'] = request['admin_password']
admin_desc['name'] = admin_desc['public_name'] = request['admin_name']
admin_desc['mail_address'] = request['admin_mail_address']
admin_desc['language'] = language
admin_desc['role'] =u'admin'
admin_desc['deletable'] = False
admin_desc['pgp_key_remove'] = False
admin_desc['password_change_needed'] = False
db_create_admin_user(store, admin_desc, language)
db_refresh_memory_variables(store)
def db_create_context(store, request, language):
request = fill_context_request(request, language)
if request['questionnaire_id'] == '':
request['questionnaire_id'] = db_get_default_questionnaire_id(store)
context = models.Context(request)
store.add(context)
db_associate_context_receivers(store, context, request['receivers'])
return context
def db_create_context(store, request, language):
request = fill_context_request(request, language)
context = models.Context(request)
store.add(context)
if request['reset_questionnaire']:
db_setup_default_questionnaire(store, context)
else:
db_create_steps(store, context, request['steps'], language)
db_associate_context_receivers(store, context, request['receivers'])
return context
def db_create_context(store, request, language):
request = fill_context_request(request, language)
if request['questionnaire_id'] == '':
request['questionnaire_id'] = db_get_default_questionnaire_id(store)
if not request['allow_recipients_selection']:
request['select_all_receivers'] = True
context = models.Context(request)
store.add(context)
db_associate_context_receivers(store, context, request['receivers'])
return context
def create_context_with_receivers(self, store):
u1 = self.localization_set(self.dummyReceiverUser_1, models.User, 'en')
receiver_user1 = models.User(u1)
receiver_user1.password = self.dummyReceiverUser_1['password']
receiver_user1.salt = self.dummyReceiverUser_1['salt']
u2 = self.localization_set(self.dummyReceiverUser_2, models.User, 'en')
receiver_user2 = models.User(u2)
receiver_user2.password = self.dummyReceiverUser_2['password']
receiver_user2.salt = self.dummyReceiverUser_2['salt']
store.add(receiver_user1)
store.add(receiver_user2)
c = self.localization_set(self.dummyContext, models.Context, 'en')
context = models.Context(c)
context.questionnaire_id = db_get_default_questionnaire_id(store)
context.tip_timetolive = 1000
context.description = context.name = \
context.submission_disclaimer = \
context.submission_introduction = {'en': 'Localized76w'}
r1 = self.localization_set(self.dummyReceiver_1, models.Receiver, 'en')
r2 = self.localization_set(self.dummyReceiver_2, models.Receiver, 'en')
receiver1 = models.Receiver(r1)
receiver2 = models.Receiver(r2)
receiver1.user = receiver_user1
receiver2.user = receiver_user2
receiver1.user.pgp_key_expiration = "1970-01-01 00:00:00.000000"
receiver1.user.pgp_key_fingerprint = ""
receiver1.user.pgp_key_public = ""
receiver2.user.pgp_key_expiration = "1970-01-01 00:00:00.000000"
receiver2.user.pgp_key_fingerprint = ""
receiver2.user.pgp_key_public = ""
receiver1.mail_address = '*****@*****.**'
receiver2.mail_address = '*****@*****.**'
context.receivers.add(receiver1)
context.receivers.add(receiver2)
store.add(context)
return context.id
def db_wizard(session, state, tid, request, client_using_tor, language):
node = config.ConfigFactory(session, tid, 'node')
if node.get_val(u'wizard_done'):
log.err("DANGER: Wizard already initialized!", tid=tid)
raise errors.ForbiddenOperation
db_update_enabled_languages(session, tid, [language], language)
tenant = models.db_get(session, models.Tenant, models.Tenant.id == tid)
tenant.label = request['node_name']
node.set_val(u'name', request['node_name'])
node.set_val(u'default_language', language)
node.set_val(u'wizard_done', True)
node.set_val(u'enable_developers_exception_notification',
request['enable_developers_exception_notification'])
# Guess Tor configuration from thee media used on first configuration and
# if the user is using Tor preserve node anonymity and perform outgoing connections via Tor
node.set_val(u'reachable_via_web', not client_using_tor)
node.set_val(u'allow_unencrypted', not client_using_tor)
node.set_val(u'anonymize_outgoing_connections', client_using_tor)
node.set_val(u'disable_encryption_warnings', not client_using_tor)
node_l10n = config.NodeL10NFactory(session, tid)
node_l10n.set_val(u'header_title_homepage', language, request['node_name'])
profiles.load_profile(session, tid, request['profile'])
receiver_desc = models.User().dict(language)
receiver_desc['name'] = request['receiver_name']
receiver_desc['username'] = u'recipient'
receiver_desc['name'] = request['receiver_name']
receiver_desc['mail_address'] = request['receiver_mail_address']
receiver_desc['language'] = language
receiver_desc['role'] = u'receiver'
receiver_desc['deletable'] = True
receiver_desc['pgp_key_remove'] = False
_, receiver = db_create_receiver_user(session, state, tid, receiver_desc,
language)
context_desc = models.Context().dict(language)
context_desc['name'] = u'Default'
context_desc['receivers'] = [receiver.id]
db_create_context(session, state, tid, context_desc, language)
admin_desc = models.User().dict(language)
admin_desc['name'] = request['admin_name']
admin_desc['username'] = u'admin'
admin_desc['password'] = request['admin_password']
admin_desc['name'] = request['admin_name']
admin_desc['mail_address'] = request['admin_mail_address']
admin_desc['language'] = language
admin_desc['role'] = u'admin'
admin_desc['deletable'] = False
admin_desc['pgp_key_remove'] = False
admin_desc['password_change_needed'] = False
db_create_user(session, state, tid, admin_desc, language)
db_refresh_memory_variables(session, [tid])
def db_wizard(session, tid, hostname, request):
"""
Transaction for the handling of wizard request
:param session: An ORM session
:param tid: A tenant ID
:param request: A user request
"""
language = request['node_language']
node = config.ConfigFactory(session, tid)
if tid == 1:
root_tenant_node = node
encryption = True
else:
root_tenant_node = node
encryption = root_tenant_node.get_val('encryption')
if node.get_val('wizard_done'):
log.err("DANGER: Wizard already initialized!", tid=tid)
raise errors.ForbiddenOperation
db_update_enabled_languages(session, tid, [language], language)
node.set_val('encryption', encryption)
node.set_val('name', request['node_name'])
node.set_val('default_language', language)
node.set_val('wizard_done', True)
node.set_val('enable_developers_exception_notification',
request['enable_developers_exception_notification'])
node.set_val('hostname', hostname)
node_l10n = config.ConfigL10NFactory(session, tid)
node_l10n.set_val('header_title_homepage', language, request['node_name'])
profiles.load_profile(session, tid, request['profile'])
if encryption:
crypto_escrow_prv_key, crypto_escrow_pub_key = GCE.generate_keypair()
node.set_val('crypto_escrow_pub_key', crypto_escrow_pub_key)
admin_desc = models.User().dict(language)
admin_desc['username'] = request['admin_username']
admin_desc['name'] = request['admin_name']
admin_desc['password'] = request['admin_password']
admin_desc['name'] = request['admin_name']
admin_desc['mail_address'] = request['admin_mail_address']
admin_desc['language'] = language
admin_desc['role'] = 'admin'
admin_desc['pgp_key_remove'] = False
admin_user = db_create_user(session, tid, admin_desc, language)
admin_user.password = GCE.hash_password(request['admin_password'],
admin_user.salt)
admin_user.password_change_needed = False
admin_user.password_change_date = datetime_now()
if encryption:
db_gen_user_keys(session, tid, admin_user, request['admin_password'])
admin_user.crypto_escrow_prv_key = Base64Encoder.encode(
GCE.asymmetric_encrypt(admin_user.crypto_pub_key,
crypto_escrow_prv_key))
receiver_user = None
if not request['skip_recipient_account_creation']:
receiver_desc = models.User().dict(language)
receiver_desc['username'] = request['receiver_username']
receiver_desc['name'] = request['receiver_name']
receiver_desc['password'] = request['receiver_password']
receiver_desc['mail_address'] = request['receiver_mail_address']
receiver_desc['language'] = language
receiver_desc['role'] = 'receiver'
receiver_desc['pgp_key_remove'] = False
receiver_desc['send_account_activation_link'] = receiver_desc[
'password'] == ''
receiver_user = db_create_user(session, tid, receiver_desc, language)
if receiver_desc['password']:
receiver_user.password = GCE.hash_password(
receiver_desc['password'], receiver_user.salt)
if encryption:
db_gen_user_keys(session, tid, receiver_user,
receiver_desc['password'])
context_desc = models.Context().dict(language)
context_desc['name'] = 'Default'
context_desc['status'] = 'enabled'
context_desc['receivers'] = [receiver_user.id] if receiver_user else []
context = db_create_context(session, tid, context_desc, language)
# Root tenants initialization terminates here
if tid == 1:
db_refresh_memory_variables(session, [tid])
return
# Secondary tenants initialization starts here
tenant = models.db_get(session, models.Tenant, models.Tenant.id == tid)
tenant.label = request['node_name']
mode = node.get_val('mode')
if mode not in ['default', 'demo']:
node.set_val(
'hostname',
tenant.subdomain + '.' + root_tenant_node.get_val('rootdomain'))
for varname in [
'reachable_via_web', 'enable_receipt_hint',
'disable_privacy_badge', 'simplified_login',
'can_delete_submission', 'can_postpone_expiration',
'anonymize_outgoing_connections', 'frame_ancestors',
'password_change_period', 'default_questionnaire',
'enable_password_reset'
]:
node.set_val(varname, root_tenant_node.get_val(varname))
context.questionnaire_id = root_tenant_node.get_val(
'default_questionnaire')
# Set data retention policy to 18 months
context.tip_timetolive = 540
# Delete the admin user
request['admin_password'] = ''
session.delete(admin_user)
if receiver_user is not None:
# Enable the recipient user to configure platform general settings
receiver_user.can_edit_general_settings = True
# Set the recipient name equal to the node name
receiver_user.name = receiver_user.public_name = request[
'node_name']
# Apply the specific fixes related to whistleblowing.it projects
if mode == 'whistleblowing.it':
node.set_val('simplified_login', True)
node.set_val('tor', False)
db_refresh_memory_variables(session, [tid])
def db_wizard(session, tid, request, client_using_tor, language):
language = request['node_language']
node = config.ConfigFactory(session, tid)
if tid != 1:
root_tenant_node = config.ConfigFactory(session, 1)
else:
root_tenant_node = node
if node.get_val(u'wizard_done'):
log.err("DANGER: Wizard already initialized!", tid=tid)
raise errors.ForbiddenOperation
db_update_enabled_languages(session, tid, [language], language)
node.set_val(u'name', request['node_name'])
node.set_val(u'default_language', language)
node.set_val(u'wizard_done', True)
node.set_val(u'enable_developers_exception_notification',
request['enable_developers_exception_notification'])
# Guess Tor configuration from thee media used on first configuration and
# if the user is using Tor preserve node anonymity and perform outgoing connections via Tor
node.set_val(u'reachable_via_web', not client_using_tor)
node.set_val(u'allow_unencrypted', not client_using_tor)
node.set_val(u'anonymize_outgoing_connections', client_using_tor)
node_l10n = config.ConfigL10NFactory(session, tid)
node_l10n.set_val(u'header_title_homepage', language, request['node_name'])
profiles.load_profile(session, tid, request['profile'])
admin_desc = models.User().dict(language)
admin_desc['name'] = request['admin_name']
admin_desc['username'] = u'admin'
admin_desc['password'] = request['admin_password']
admin_desc['name'] = request['admin_name']
admin_desc['mail_address'] = request['admin_mail_address']
admin_desc['language'] = language
admin_desc['role'] = u'admin'
admin_desc['deletable'] = False
admin_desc['pgp_key_remove'] = False
admin_user = db_create_user(session, tid, admin_desc, language)
admin_user.password_change_needed = False
admin_user.password_change_date = datetime_now()
receiver_desc = models.User().dict(language)
receiver_desc['name'] = request['receiver_name']
receiver_desc['username'] = u'recipient'
receiver_desc['password'] = request['receiver_password']
receiver_desc['name'] = request['receiver_name']
receiver_desc['mail_address'] = request['receiver_mail_address']
receiver_desc['language'] = language
receiver_desc['role'] = u'receiver'
receiver_desc['deletable'] = True
receiver_desc['pgp_key_remove'] = False
receiver_user = db_create_user(session, tid, receiver_desc, language)
context_desc = models.Context().dict(language)
context_desc['status'] = 1
context_desc['name'] = u'Default'
context_desc['receivers'] = [receiver_user.id]
context = db_create_context(session, tid, context_desc, language)
# Root tenants initialization terminates here
if tid == 1:
db_refresh_memory_variables(session, [tid])
return
# Secondary tenants initialization starts here
tenant = models.db_get(session, models.Tenant, models.Tenant.id == tid)
tenant.label = request['node_name']
mode = node.get_val(u'mode')
if mode != u'default':
node.set_val(
u'hostname',
tenant.subdomain + '.' + root_tenant_node.get_val(u'rootdomain'))
for varname in [
'reachable_via_web', 'disable_key_code_hint',
'disable_privacy_badge', 'disable_donation_panel',
'simplified_login', 'can_delete_submission',
'can_postpone_expiration', 'enable_user_pgp_key_upload',
'allow_unencrypted', 'anonymize_outgoing_connections',
'allow_iframes_inclusion', 'password_change_period',
'default_questionnaire'
]:
node.set_val(varname, root_tenant_node.get_val(varname))
context.questionnaire_id = root_tenant_node.get_val(
u'default_questionnaire')
# Apply the general settings to apply on all mode != default
if mode != u'default':
# Enable the recipient user to configure platform general settings
receiver_user.can_edit_general_settings = True
# Set data retention policy to 18 months
context.tip_timetolive = 540
# Apply the specific fixes related to whistleblowing.it projects
if mode == u'whistleblowing.it':
node.set_val(u'simplified_login', True)
node.set_val(u'tor', False)
# Enable recipients to load files to the whistleblower
context.enable_rc_to_wb_files = True
# Set the recipient name equal to the node name
receiver_user.name = request['node_name']
# Delete the admin user
session.delete(admin_user)
db_refresh_memory_variables(session, [tid])
def db_create_context(store, request, language):
"""
Creates a new context from the request of a client.
We associate to the context the list of receivers and if the receiver is
not valid we raise a ReceiverIdNotFound exception.
Args:
(dict) the request containing the keys to set on the model.
Returns:
(dict) representing the configured context
"""
receivers = request.get('receivers', [])
steps = request.get('steps', [])
fill_localized_keys(request, models.Context.localized_strings, language)
context = models.Context(request)
# Integrity checks related on name (need to exists, need to be unique)
# are performed only using the default language at the moment (XXX)
try:
context_name = request['name'][language]
except Exception as excep:
raise errors.InvalidInputFormat("language %s do not provide name: %s" %
(language, excep) )
if len(context_name) < 1:
log.err("Invalid request: name is an empty string")
raise errors.InvalidInputFormat("Context name is missing (1 char required)")
if request['select_all_receivers']:
if request['maximum_selectable_receivers']:
log.debug("Resetting maximum_selectable_receivers (%d) because 'select_all_receivers' is True" %
request['maximum_selectable_receivers'])
request['maximum_selectable_receivers'] = 0
# tip_timetolive and submission_timetolive need to be converted in seconds since hours and days
(context.submission_timetolive, context.tip_timetolive) = acquire_context_timetolive(request)
c = store.add(context)
for receiver_id in receivers:
receiver = models.Receiver.get(store, receiver_id)
if not receiver:
log.err("Creation error: unexistent context can't be associated")
raise errors.ReceiverIdNotFound
c.receivers.add(receiver)
if steps:
db_create_step(store, context.id, steps, language)
else:
appdata = store.find(models.ApplicationData).one()
steps = copy.deepcopy(appdata.fields)
n_s = 1
for step in steps:
for f_child in step['children']:
if not field_is_present(store, f_child):
f_child['is_template'] = False
for step in steps:
f_children = copy.deepcopy(step['children'])
del step['children']
s = models.db_forge_obj(store, models.Step, step)
for f_child in f_children:
o_children = copy.deepcopy(f_child['options'])
del f_child['options']
# FIXME currently default updata do not handle fieldgroups
# all this block must be redesigned in order to be called recursively
del f_child['children']
f = models.db_forge_obj(store, models.Field, f_child)
n_o = 1
for o_child in o_children:
o = models.db_forge_obj(store, models.FieldOption, o_child)
o.field_id = f.id
o.number = n_o
f.options.add(o)
n_o += 1
f.step_id = s.id
s.children.add(f)
s.context_id = context.id
s.number = n_s
context.steps.add(s)
n_s += 1
log.debug("Created context %s (using %s)" % (context_name, language) )
return admin_serialize_context(store, context, language)
