def test_keywords_conversion(self):
yield self.perform_full_submission_actions()
yield Delivery().run()
data = {}
data['type'] = 'tip'
data['user'] = yield user.get_user(1, self.dummyReceiver_1['id'], u'en')
data['context'] = yield admin.context.get_context(1, self.dummyContext['id'], u'en')
data['notification'] = yield tw(admin.notification.db_get_notification, 1, u'en')
data['node'] = yield tw(admin.node.db_admin_serialize_node, 1, u'en')
for tip in self.dummyRTips:
if tip['receiver_id'] == self.dummyReceiver_1['id']:
tip_id = tip['id']
break
data['tip'], _ = yield rtip.get_rtip(1, self.dummyReceiver_1['id'], tip_id, u'en')
data['comments'] = data['tip']['comments']
data['comment'] = data['comments'][0]
data['messages'] = data['tip']['messages']
data['message'] = data['messages'][0]
files = yield rtip.receiver_get_rfile_list(data['tip']['id'])
data['file'] = files[0]
for key in ['tip', 'comment', 'message', 'file']:
data['type'] = key
template = ''.join(supported_template_types[key].keyword_list)
Templating().format_template(template, data)
def test_https_process(self):
valid_cfg = {
'proxy_ip': '127.0.0.1',
'proxy_port': 43434,
'tls_socket_fds': [sock.fileno() for sock in self.https_socks],
'debug': False,
}
valid_cfg['site_cfgs'] = yield tw(load_tls_dict_list)
tmp = tempfile.TemporaryFile(mode='w')
tmp.write(json.dumps(valid_cfg))
tmp.seek(0, 0)
tmp_fd = tmp.fileno()
self.http_process = HTTPSProcess(fd=tmp_fd)
# Connect to service ensure that it responds with a 502
yield threads.deferToThread(self.fetch_resource_with_fail)
# Start the HTTP server proxy requests will be forwarded to.
self.pp = helpers.SimpleServerPP()
reactor.spawnProcess(self.pp, 'python', args=['python', '-m', 'SimpleHTTPServer', '43434'], usePTY=True)
yield self.pp.start_defer
# Check that requests are routed successfully
yield threads.deferToThread(self.fetch_resource)
def test_get_with_valid_activation_token_mode_whistleblowing_it(self):
yield tw(db_set_config_variable, 1, 'enable_signup', True)
yield tw(db_set_config_variable, 1, 'mode', u'whistleblowing.it')
yield self.test_model_count(models.User, 0)
self._handler = signup.Signup
handler = self.request(self.dummySignup)
r = yield handler.post()
self._handler = signup.SignupActivation
handler = self.request(self.dummySignup)
token = yield get_signup_token()
yield handler.get(token)
yield self.test_model_count(models.User, 1)
def test_get_with_invalid_activation_token(self):
yield tw(db_set_config_variable, 1, 'enable_signup', True)
handler = self.request(self.dummySignup)
r = yield handler.get(u'invalid')
self.assertTrue(not r)
def test_refresh_works(self):
State.tenant_cache[1].anonymize_outgoing_connections = False
yield tw(config.db_set_config_variable, 1, 'latest_version', '0.0.1')
yield self.test_model_count(models.Mail, 0)
def fetch_packages_file_mock(self):
return succeed(packages)
UpdateCheck.fetch_packages_file = fetch_packages_file_mock
yield UpdateCheck().operation()
latest_version = yield tw(config.db_get_config_variable, 1, 'latest_version')
self.assertEqual(latest_version, '2.0.1337')
yield self.test_model_count(models.Mail, 1)
def setUp(self):
yield TestGL.setUp(self)
from globaleaks.rest import api
self.api = api.APIResourceWrapper()
yield tw(db_update_enabled_languages, 1, ['en', 'ar', 'it'], 'en')
yield refresh_memory_variables()
def test_deny_token(self):
# The active component of this application is the placement of the api key
# in the private memory copy. When that changes this test will break.
self.api_tok, digest = generateApiToken()
yield tw(db_set_config_variable, 1, 'admin_api_token_digest', '')
shorturl_desc = self.get_dummy_shorturl()
handler = self.request(shorturl_desc, headers={'x-api-token': self.api_tok})
yield self.assertRaises(errors.NotAuthenticated, handler.post)
def schedule_exception_email(self, exception_text, *args):
if not hasattr(self.tenant_cache[1], 'notification'):
log.err("Error: Cannot send mail exception before complete initialization.")
return
if self.exceptions_email_count >= self.settings.exceptions_email_hourly_limit:
return
exception_text = (exception_text % args) if args else exception_text
sha256_hash = sha256(exception_text.encode())
if sha256_hash not in self.exceptions:
self.exceptions[sha256_hash] = 0
self.exceptions[sha256_hash] += 1
if self.exceptions[sha256_hash] > 5:
log.err("Exception mail suppressed for (%s) [reason: threshold exceeded]", sha256_hash)
return
self.exceptions_email_count += 1
mail_subject = "GlobaLeaks Exception"
delivery_list = self.tenant_cache[1].notification.exception_delivery_list
mail_body = text_type("Platform: %s\nHost: %s (%s)\nVersion: %s\n\n%s"
% (self.tenant_cache[1].name,
self.tenant_cache[1].hostname,
self.tenant_cache[1].onionservice,
__version__,
exception_text))
for mail_address, pgp_key_public in delivery_list:
# Opportunisticly encrypt the mail body. NOTE that mails will go out
# unencrypted if one address in the list does not have a public key set.
if pgp_key_public:
pgpctx = PGPContext(self.settings.tmp_path)
fingerprint = pgpctx.load_key(pgp_key_public)['fingerprint']
mail_body = pgpctx.encrypt_message(fingerprint, mail_body)
# avoid waiting for the notification to send and instead rely on threads to handle it
tw(db_schedule_email, 1, mail_address, mail_subject, mail_body)
def test_post(self):
r = {}
for i in range(0, 3):
handler = self.request(get_dummy_tenant_desc(), role='admin')
t = yield handler.post()
r[i] = yield tw(config.db_get_config_variable, t['id'], 'receipt_salt')
# Checks that the salt is actually modified from create to another
self.assertNotEqual(r[0], r[1])
self.assertNotEqual(r[1], r[2])
self.assertNotEqual(r[2], r[0])
def test_launch_and_shutdown(self):
yield tw(db_set_config_variable, 1, 'https_enabled', False)
sock, fail = reserve_port_for_ip('127.0.0.1', 43434)
self.assertIsNone(fail)
ip, port = '127.0.0.1', 43435
p_s = supervisor.ProcessSupervisor([sock], ip, port)
yield p_s.maybe_launch_https_workers()
self.assertFalse(p_s.is_running())
p_s.shutdown()
self.assertTrue(p_s.shutting_down)
self.assertFalse(p_s.is_running())
def setUp(self):
self.test_reactor = task.Clock()
jobs.job.reactor = self.test_reactor
tempdict.reactor = self.test_reactor
token.TokenList.reactor = self.test_reactor
Sessions.reactor = self.test_reactor
self.state = State
init_state()
self.setUp_dummy()
if self.initialize_test_database_using_archived_db:
shutil.copy(
os.path.join(TEST_DIR, 'db', 'empty', 'glbackend-%d.db' % DATABASE_VERSION),
os.path.join(Settings.db_file_path)
)
else:
yield db.create_db()
yield db.init_db()
allow_unencrypted = self.encryption_scenario in ['PLAINTEXT', 'MIXED']
yield tw(db_set_config_variable, 1, u'allow_unencrypted', allow_unencrypted)
yield self.set_hostnames(1)
yield db.refresh_memory_variables()
sup = ProcessSupervisor([], '127.0.0.1', 8082)
self.state.process_supervisor = sup
self.state.reset_hourly()
Settings.submission_minimum_delay = 0
self.internationalized_text = load_appdata()['node']['whistleblowing_button']
def fill_data(self):
# fill_data/create_admin
self.dummyAdminUser = yield create_user(1, copy.deepcopy(self.dummyAdminUser), 'en')
# fill_data/create_custodian
self.dummyCustodianUser = yield create_user(1, copy.deepcopy(self.dummyCustodianUser), 'en')
# fill_data/create_receiver
self.dummyReceiver_1 = yield create_user(1, copy.deepcopy(self.dummyReceiver_1), 'en')
self.dummyReceiverUser_1['id'] = self.dummyReceiver_1['id']
self.dummyReceiver_2 = yield create_user(1, copy.deepcopy(self.dummyReceiver_2), 'en')
self.dummyReceiverUser_2['id'] = self.dummyReceiver_2['id']
receivers_ids = [self.dummyReceiver_1['id'], self.dummyReceiver_2['id']]
yield mock_users_keys()
# fill_data/create_context
self.dummyContext['receivers'] = receivers_ids
self.dummyContext = yield create_context(1, copy.deepcopy(self.dummyContext), 'en')
self.dummyQuestionnaire = yield get_questionnaire(1, self.dummyContext['questionnaire_id'], 'en')
self.dummyQuestionnaire['steps'].append(get_dummy_step())
self.dummyQuestionnaire['steps'][1]['questionnaire_id'] = self.dummyContext['questionnaire_id']
self.dummyQuestionnaire['steps'][1]['label'] = 'Whistleblower identity'
self.dummyQuestionnaire['steps'][1]['presentation_order'] = 1
self.dummyQuestionnaire['steps'][1] = yield create_step(1, self.dummyQuestionnaire['steps'][1], 'en')
if self.complex_field_population:
yield self.add_whistleblower_identity_field_to_step(self.dummyQuestionnaire['steps'][1]['id'])
for i in range(1, self.population_of_tenants):
name = 'tenant-' + str(i+1)
t = yield create_tenant({'mode': 'default', 'label': name, 'active': True, 'subdomain': name})
yield tw(db_wizard, t['id'], self.dummyWizard, True, u'en')
yield self.set_hostnames(i+1)
yield associate_users_of_first_tenant_to_second_tenant()
def set_hostname(self, req_args, *args, **kwargs):
yield check_hostname(self.request.tid, req_args['value'])
yield tw(db_set_config_variable, self.request.tid, u'hostname', req_args['value'])
def post(self):
request = self.validate_message(self.request.content.read(),
requests.WizardDesc)
return tw(db_wizard, self.request.tid, request, self.request.client_using_tor, self.request.language)
def setUp(self):
yield helpers.TestHandlerWithPopulatedDB.setUp(self)
yield tw(db_set_config_variable, 1, 'encryption', False)
self.state.tenant_cache[1].encryption = False
def set_init_params(tls_config):
hostname = 'localhost:9999'
yield tw(config.db_set_config_variable, 1, 'hostname', hostname)
State.tenant_cache[1].hostname = hostname
def tearDown(self):
yield tw(db_set_config_variable, 1, 'admin_api_token_digest', '')
yield helpers.TestHandlerWithPopulatedDB.tearDown(self)
def post(self):
request = self.validate_message(self.request.content.read(),
requests.WizardDesc)
return tw(db_wizard, self.request.tid, request,
self.request.client_using_tor, self.request.language)
def put(self):
is_ready = yield can_perform_acme_run(self.request.tid)
if not is_ready:
raise errors.ForbiddenOperation()
yield tw(db_acme_cert_request, self.request.tid)
def set_hostname(self, req_args, *args, **kwargs):
yield check_hostname(self.request.tid, req_args['value'])
yield tw(db_set_config_variable, self.request.tid, u'hostname',
req_args['value'])
def test_delete(self):
handler = self.request({}, role='admin')
yield handler.delete(u'antani')
img = yield tw(file.db_get_file, 1, 'antani')
self.assertEqual(img, '')
def test_post_with_signup_enabled(self):
yield tw(db_set_config_variable, 1, 'enable_signup', True)
handler = self.request(self.dummySignup)
yield handler.post()
def setUp(self):
self.api_tok, digest = generateApiToken()
yield helpers.TestHandlerWithPopulatedDB.setUp(self)
yield tw(db_set_config_variable, 1, 'admin_api_token_digest', digest)
yield db.refresh_memory_variables()
def get(self):
return tw(db_get_submission_statuses, self.request.tid, self.request.language)
def set_hostname(self, req_args, *args, **kwargs):
yield check_hostname(self.request.tid, req_args['value'])
yield tw(db_set_config_variable, self.request.tid, 'hostname', req_args['value'])
yield tw(db_refresh_memory_variables, [self.request.tid])
self.state.tenant_cache[self.request.tid].hostname = req_args['value']
def get(self, validation_token):
check = yield tw(db_validate_address_change, validation_token)
if not check:
self.redirect_url = "/#/email/validation/failure"
self.redirect(self.redirect_url)
def get(self):
"""
Return all the questionnaires.
"""
return tw(db_get_questionnaires, self.request.tid, self.request.language)
def test_post_with_signup_enabled(self):
yield tw(db_set_config_variable, 1, 'enable_signup', True)
handler = self.request(self.dummySignup)
yield handler.post()
def put(self, step_id):
request = self.validate_message(self.request.content.read(),
requests.AdminStepDesc)
return tw(db_update_step, self.request.tid, step_id, request, self.request.language)
def put(self):
return tw(db_acme_cert_request, self.request.tid)
def delete(self, step_id):
return tw(db_delete_step, self.request.tid, step_id)
def post(self, status_id):
request = self.validate_message(self.request.content.read(),
requests.SubmissionSubStatusDesc)
return tw(db_create_submission_substatus, self.request.tid, status_id, request, self.request.language)
def setUp(self):
yield helpers.TestHandlerWithPopulatedDB.setUp(self)
for r in (yield tw(admin.user.db_get_users, 1, 'receiver', 'en')):
if r['pgp_key_fingerprint'] == 'BFB3C82D1B5F6A94BDAC55C6E70460ABF9A4C8C1':
self.rcvr_id = r['id']
