def db_create_user(store, request, language): fill_localized_keys(request, models.User.localized_keys, language) user = models.User({ 'username': request['username'], 'role': request['role'], 'state': u'enabled', 'deletable': request['deletable'], 'name': request['name'], 'description': request['description'], 'language': u'en', 'timezone': 0, 'password_change_needed': True, 'mail_address': request['mail_address'] }) if request['username'] == '': user.username = user.id password = request['password'] if len(password) and password != GLSettings.default_password: security.check_password_format(password) else: password = GLSettings.default_password user.salt = security.generateRandomSalt() user.password = security.hash_password(password, user.salt) # The various options related in manage PGP keys are used here. parse_pgp_options(user, request) store.add(user) return user
def db_admin_update_user(store, user_id, request, language): """ Updates the specified user. raises: globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist. """ user = models.User.get(store, user_id) if not user: raise errors.UserIdNotFound fill_localized_keys(request, models.User.localized_keys, language) user.name = request['name'] user.description = request['description'] user.state = request['state'] user.password_change_needed = request['password_change_needed'] user.mail_address = request['mail_address'] user.language = request.get('language', GLSettings.memory_copy.default_language) user.timezone = request.get('timezone', GLSettings.memory_copy.default_timezone) password = request['password'] if len(password): security.check_password_format(password) user.password = security.hash_password(password, user.salt) user.password_change_date = datetime_now() # The various options related in manage PGP keys are used here. parse_pgp_options(user, request) return user
def db_admin_update_user(store, user_id, request, language): """ Updates the specified user. raises: globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist. """ user = models.User.get(store, user_id) if not user: raise errors.UserIdNotFound fill_localized_keys(request, models.User.localized_keys, language) user.name = request['name'] user.description = request['description'] user.state = request['state'] user.password_change_needed = request['password_change_needed'] user.mail_address = request['mail_address'] user.language = request.get('language', GLSettings.memory_copy.default_language) user.timezone = request.get('timezone', GLSettings.memory_copy.default_timezone) password = request['password'] if len(password): security.check_password_format(password) user.password = security.hash_password(password, user.salt) user.password_change_date = datetime_now() # The various options related in manage PGP keys are used here. parse_pgp_options(user, request) return user
def update_receiver(store, receiver_id, request, language=GLSetting.memory_copy.default_language): """ Updates the specified receiver with the details. raises :class:`globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist. """ receiver = models.Receiver.get(store, receiver_id) if not receiver: raise errors.ReceiverIdNotFound fill_localized_keys(request, models.Receiver.localized_strings, language) mail_address = request['mail_address'] homonymous = store.find(models.User, models.User.username == mail_address).one() if homonymous and homonymous.id != receiver.user_id: log.err("Update error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) receiver.mail_address = mail_address # the email address it's also the username, stored in User receiver.user.username = mail_address receiver.user.state = request['state'] # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) receiver.user.language = request.get('language', GLSetting.memory_copy.default_language) receiver.user.timezone = request.get('timezone', GLSetting.memory_copy.default_timezone) password = request['password'] if len(password): security.check_password_format(password) receiver.user.password = security.hash_password(password, receiver.user.salt) receiver.user.password_change_date = datetime_now() contexts = request.get('contexts', []) for context in receiver.contexts: receiver.contexts.remove(context) for context_id in contexts: context = models.Context.get(store, context_id) if not context: log.err("Update error: unexistent context can't be associated") raise errors.ContextIdNotFound receiver.contexts.add(context) receiver.last_update = datetime_now() try: receiver.update(request) except DatabaseError as dberror: log.err("Unable to update receiver %s: %s" % (receiver.name, dberror)) raise errors.InvalidInputFormat(dberror) return admin_serialize_receiver(receiver, language)
def test_check_password_format(self): self.assertRaises(errors.InvalidInputFormat, check_password_format, "123abc") # less than 8 chars self.assertRaises(errors.InvalidInputFormat, check_password_format, "withnonumbers") # withnonumbers self.assertRaises(errors.InvalidInputFormat, check_password_format, "12345678") # onlynumbers check_password_format("abcde12345")
def update_receiver(store, id, request, language=GLSetting.memory_copy.default_language): """ Updates the specified receiver with the details. raises :class:`globaleaks.errors.ReceiverGusNotFound` if the receiver does not exist. """ receiver = store.find(Receiver, Receiver.id == unicode(id)).one() v = dict(request) for attr in getattr(Receiver, "localized_strings"): v[attr] = getattr(receiver, attr) v[attr][language] = unicode(request[attr]) request = v if not receiver: raise errors.ReceiverGusNotFound mail_address = utility.acquire_mail_address(request) if not mail_address: raise errors.NoEmailSpecified homonymous = store.find(User, User.username == mail_address).one() if homonymous and homonymous.id != receiver.user_id: log.err("Update error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) receiver.notification_fields = request['notification_fields'] receiver.tags = request['tags'] # the email address it's also the username, stored in User receiver.user.username = mail_address # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) password = request.get('password') if len(password): security.check_password_format(password) receiver.user.password = security.hash_password(password, receiver.user.salt) contexts = request.get('contexts', []) for context in receiver.contexts: receiver.contexts.remove(context) for context_id in contexts: context = store.find(Context, Context.id == context_id).one() if not context: log.err("Update error: unexistent context can't be associated") raise errors.ContextGusNotFound receiver.contexts.add(context) receiver.update(request) receiver.last_update = utility.datetime_now() return admin_serialize_receiver(receiver, language)
def db_create_receiver(store, request, language): """ Creates a new receiver. Returns: (dict) the configured receiver """ fill_localized_keys(request, models.Receiver.localized_strings, language) password = request['password'] if len(password) and password != GLSettings.default_password: security.check_password_format(password) else: password = GLSettings.default_password receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}')) receiver_password = security.hash_password(password, receiver_salt) # ping_mail_address is duplicated at creation time from mail_address request.update({'ping_mail_address': request['mail_address']}) receiver = models.Receiver(request) receiver_user_dict = { 'username': uuid4(), 'password': receiver_password, 'salt': receiver_salt, 'role': u'receiver', 'state': u'enabled', 'language': u'en', 'timezone': 0, 'password_change_needed': True, 'mail_address': request['mail_address'] } receiver_user = models.User(receiver_user_dict) # The various options related in manage PGP keys are used here. pgp_options_parse(receiver, request) # Set receiver.id = receiver.user.username = receiver.user.id receiver.id = receiver_user.username = receiver_user.id store.add(receiver_user) store.add(receiver) create_random_receiver_portrait(receiver.id) contexts = request.get('contexts', []) for context_id in contexts: context = models.Context.get(store, context_id) if not context: log.err("Creation error: invalid Context can't be associated") raise errors.ContextIdNotFound context.receivers.add(receiver) log.debug("Created receiver %s" % receiver.user.username) return admin_serialize_receiver(receiver, language)
def db_create_receiver(store, request, language): """ Creates a new receiver. Returns: (dict) the configured receiver """ fill_localized_keys(request, models.Receiver.localized_strings, language) password = request['password'] if len(password) and password != GLSetting.default_password: security.check_password_format(password) else: password = GLSetting.default_password receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}')) receiver_password = security.hash_password(password, receiver_salt) receiver_user_dict = { 'username': uuid4(), 'password': receiver_password, 'salt': receiver_salt, 'role': u'receiver', 'state': u'enabled', 'language': u"en", 'timezone': 0, 'password_change_needed': True, } receiver_user = models.User(receiver_user_dict) receiver_user.last_login = datetime_null() receiver_user.password_change_date = datetime_null() store.add(receiver_user) # ping_mail_address is duplicated at creation time from mail_address request.update({'ping_mail_address': request['mail_address']}) receiver = models.Receiver(request) receiver.user = receiver_user # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) log.debug("Creating receiver %s" % receiver.user.username) store.add(receiver) create_random_receiver_portrait(receiver.id) contexts = request.get('contexts', []) for context_id in contexts: context = models.Context.get(store, context_id) if not context: log.err("Creation error: invalid Context can't be associated") raise errors.ContextIdNotFound context.receivers.add(receiver) return admin_serialize_receiver(receiver, language)
def update_receiver(store, receiver_id, request, language=GLSetting.memory_copy.default_language): """ Updates the specified receiver with the details. raises :class:`globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist. """ receiver = store.find(Receiver, Receiver.id == unicode(receiver_id)).one() if not receiver: raise errors.ReceiverIdNotFound mo = structures.Rosetta() mo.acquire_request(language, request, Receiver) for attr in mo.get_localized_attrs(): request[attr] = mo.get_localized_dict(attr) mail_address = request['mail_address'] homonymous = store.find(User, User.username == mail_address).one() if homonymous and homonymous.id != receiver.user_id: log.err("Update error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) receiver.mail_address = mail_address receiver.tags = request['tags'] # the email address it's also the username, stored in User receiver.user.username = mail_address # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) password = request['password'] if len(password): security.check_password_format(password) receiver.user.password = security.hash_password(password, receiver.user.salt) contexts = request.get('contexts', []) for context in receiver.contexts: receiver.contexts.remove(context) for context_id in contexts: context = store.find(Context, Context.id == context_id).one() if not context: log.err("Update error: unexistent context can't be associated") raise errors.ContextIdNotFound receiver.contexts.add(context) receiver.last_update = datetime_now() try: receiver.update(request) except Exception as dberror: log.err("Unable to update receiver %s: %s" % (receiver.name, dberror)) raise errors.InvalidInputFormat(dberror) return admin_serialize_receiver(receiver, language)
def update_receiver(store, receiver_id, request, language): """ Updates the specified receiver with the details. raises :class:`globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist. """ receiver = models.Receiver.get(store, receiver_id) if not receiver: raise errors.ReceiverIdNotFound fill_localized_keys(request, models.Receiver.localized_strings, language) receiver.user.state = request['state'] receiver.user.password_change_needed = request['password_change_needed'] receiver.user.mail_address = request['mail_address'] # The various options related in manage PGP keys are used here. pgp_options_parse(receiver, request) receiver.user.language = request.get( 'language', GLSettings.memory_copy.default_language) receiver.user.timezone = request.get( 'timezone', GLSettings.memory_copy.default_timezone) password = request['password'] if len(password): security.check_password_format(password) receiver.user.password = security.hash_password( password, receiver.user.salt) receiver.user.password_change_date = datetime_now() contexts = request.get('contexts', []) for context in receiver.contexts: receiver.contexts.remove(context) for context_id in contexts: context = models.Context.get(store, context_id) if not context: raise errors.ContextIdNotFound receiver.contexts.add(context) try: receiver.update(request) except DatabaseError as dberror: log.err("Unable to update receiver %s: %s" % (receiver.name, dberror)) raise errors.InvalidInputFormat(dberror) return admin_serialize_receiver(receiver, language)
def update_receiver(store, receiver_id, request, language): """ Updates the specified receiver with the details. raises :class:`globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist. """ receiver = models.Receiver.get(store, receiver_id) if not receiver: raise errors.ReceiverIdNotFound fill_localized_keys(request, models.Receiver.localized_strings, language) receiver.user.state = request['state'] receiver.user.password_change_needed = request['password_change_needed'] # The various options related in manage PGP keys are used here. pgp_options_parse(receiver, request) receiver.user.language = request.get('language', GLSetting.memory_copy.language) receiver.user.timezone = request.get('timezone', GLSetting.memory_copy.default_timezone) password = request['password'] if len(password): security.check_password_format(password) receiver.user.password = security.hash_password(password, receiver.user.salt) receiver.user.password_change_date = datetime_now() contexts = request.get('contexts', []) for context in receiver.contexts: receiver.contexts.remove(context) for context_id in contexts: context = models.Context.get(store, context_id) if not context: raise errors.ContextIdNotFound receiver.contexts.add(context) receiver.last_update = datetime_now() try: receiver.update(request) except DatabaseError as dberror: log.err("Unable to update receiver %s: %s" % (receiver.name, dberror)) raise errors.InvalidInputFormat(dberror) return admin_serialize_receiver(receiver, language)
def db_create_user(store, request, language): fill_localized_keys(request, models.User.localized_keys, language) password = request['password'] if len(password) and password != GLSettings.default_password: security.check_password_format(password) else: password = GLSettings.default_password password_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}')) password_hash = security.hash_password(password, password_salt) user = models.User({ 'username': request['username'], 'password': password_hash, 'salt': password_salt, 'role': request['role'], 'state': u'enabled', 'deletable': request['deletable'], 'name': request['name'], 'description': request['description'], 'language': u'en', 'timezone': 0, 'password_change_needed': True, 'mail_address': request['mail_address'] }) if request['username'] == '': user.username = user.id # The various options related in manage PGP keys are used here. parse_pgp_options(user, request) create_user_picture(user.id) store.add(user) return user
def db_admin_update_user(store, user_id, request, language): """ Updates the specified user. raises: globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist. """ user = models.User.get(store, user_id) if not user: raise errors.UserIdNotFound fill_localized_keys(request, models.User.localized_keys, language) user.update(request) password = request['password'] if len(password): security.check_password_format(password) user.password = security.hash_password(password, user.salt) user.password_change_date = datetime_now() # The various options related in manage PGP keys are used here. parse_pgp_options(user, request) return user
def create_receiver(store, request, language=GLSetting.memory_copy.default_language): """ Creates a new receiver. Returns: (dict) the configured receiver """ v = dict(request) for attr in getattr(Receiver, "localized_strings"): v[attr] = {} v[attr][language] = unicode(request[attr]) request = v mail_address = utility.acquire_mail_address(request) if not mail_address: raise errors.NoEmailSpecified # Pretend that username is unique: homonymous = store.find(User, User.username == mail_address).count() if homonymous: log.err("Creation error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) password = request.get('password') security.check_password_format(password) receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}')) receiver_password = security.hash_password(password, receiver_salt) receiver_user_dict = { 'username': mail_address, 'password': receiver_password, 'salt': receiver_salt, 'role': u'receiver', 'state': u'enabled', 'failed_login_count': 0, } receiver_user = models.User(receiver_user_dict) receiver_user.last_login = utility.datetime_null() store.add(receiver_user) receiver = Receiver(request) receiver.user = receiver_user receiver.notification_fields = request.get('notification_fields') receiver.tags = request.get('tags') # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) log.debug("Creating receiver %s" % receiver.user.username) store.add(receiver) create_random_receiver_portrait(receiver.id) contexts = request.get('contexts', []) for context_id in contexts: context = store.find(Context, Context.id == context_id).one() if not context: log.err("Creation error: invalid Context can't be associated") raise errors.ContextGusNotFound context.receivers.add(receiver) return admin_serialize_receiver(receiver, language)
def test_check_password_format(self): self.assertRaises(errors.InvalidInputFormat, check_password_format, "123abc") # less than 8 chars self.assertRaises(errors.InvalidInputFormat, check_password_format, "withnonumbers") # withnonumbers self.assertRaises(errors.InvalidInputFormat, check_password_format, "12345678") # onlynumbers check_password_format("abcde12345")
def db_create_receiver(store, request, language=GLSetting.memory_copy.default_language): """ Creates a new receiver. Returns: (dict) the configured receiver """ fill_localized_keys(request, models.Receiver.localized_strings, language) mail_address = request['mail_address'] # Pretend that username is unique: homonymous = store.find(models.User, models.User.username == mail_address).count() if homonymous: log.err("Creation error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) password = request['password'] if len(password) and password != GLSetting.default_password: security.check_password_format(password) else: password = GLSetting.default_password receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}')) receiver_password = security.hash_password(password, receiver_salt) receiver_user_dict = { 'username': mail_address, 'password': receiver_password, 'salt': receiver_salt, 'role': u'receiver', 'state': u'enabled', 'language': u"en", 'timezone': 0, 'password_change_needed': True, } receiver_user = models.User(receiver_user_dict) receiver_user.last_login = datetime_null() receiver_user.password_change_needed = request['password_change_needed'] receiver_user.password_change_date = datetime_null() store.add(receiver_user) receiver = models.Receiver(request) receiver.user = receiver_user receiver.mail_address = mail_address # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) log.debug("Creating receiver %s" % receiver.user.username) store.add(receiver) create_random_receiver_portrait(receiver.id) contexts = request.get('contexts', []) for context_id in contexts: context = models.Context.get(store, context_id) if not context: log.err("Creation error: invalid Context can't be associated") raise errors.ContextIdNotFound context.receivers.add(receiver) return admin_serialize_receiver(receiver, language)
def update_receiver(store, receiver_id, request, language=GLSetting.memory_copy.default_language): """ Updates the specified receiver with the details. raises :class:`globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist. """ receiver = store.find(Receiver, Receiver.id == unicode(receiver_id)).one() if not receiver: raise errors.ReceiverIdNotFound mo = structures.Rosetta() mo.acquire_request(language, request, Receiver) for attr in mo.get_localized_attrs(): request[attr] = mo.get_localized_dict(attr) mail_address = request['mail_address'] homonymous = store.find(User, User.username == mail_address).one() if homonymous and homonymous.id != receiver.user_id: log.err( "Update error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) receiver.mail_address = mail_address receiver.tags = request['tags'] # the email address it's also the username, stored in User receiver.user.username = mail_address # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) password = request['password'] if len(password): security.check_password_format(password) receiver.user.password = security.hash_password( password, receiver.user.salt) contexts = request.get('contexts', []) for context in receiver.contexts: receiver.contexts.remove(context) for context_id in contexts: context = store.find(Context, Context.id == context_id).one() if not context: log.err("Update error: unexistent context can't be associated") raise errors.ContextIdNotFound receiver.contexts.add(context) receiver.last_update = datetime_now() try: receiver.update(request) except Exception as dberror: log.err("Unable to update receiver %s: %s" % (receiver.name, dberror)) raise errors.InvalidInputFormat(dberror) return admin_serialize_receiver(receiver, language)
def db_create_receiver(store, request, language=GLSetting.memory_copy.default_language): """ Creates a new receiver. Returns: (dict) the configured receiver """ mo = structures.Rosetta() mo.acquire_request(language, request, Receiver) for attr in mo.get_localized_attrs(): request[attr] = mo.get_localized_dict(attr) mail_address = request['mail_address'] # Pretend that username is unique: homonymous = store.find(User, User.username == mail_address).count() if homonymous: log.err( "Creation error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) password = request.get('password') security.check_password_format(password) receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}')) receiver_password = security.hash_password(password, receiver_salt) receiver_user_dict = { 'username': mail_address, 'password': receiver_password, 'salt': receiver_salt, 'role': u'receiver', 'state': u'enabled', } receiver_user = models.User(receiver_user_dict) receiver_user.last_login = datetime_null() store.add(receiver_user) receiver = Receiver(request) receiver.user = receiver_user receiver.mail_address = mail_address receiver.tags = request['tags'] # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) log.debug("Creating receiver %s" % receiver.user.username) store.add(receiver) create_random_receiver_portrait(receiver.id) contexts = request.get('contexts', []) for context_id in contexts: context = store.find(Context, Context.id == context_id).one() if not context: log.err("Creation error: invalid Context can't be associated") raise errors.ContextIdNotFound context.receivers.add(receiver) return admin_serialize_receiver(receiver, language)
def db_create_receiver(store, request, language=GLSetting.memory_copy.default_language): """ Creates a new receiver. Returns: (dict) the configured receiver """ mo = structures.Rosetta() mo.acquire_request(language, request, Receiver) for attr in mo.get_localized_attrs(): request[attr] = mo.get_localized_dict(attr) mail_address = request['mail_address'] # Pretend that username is unique: homonymous = store.find(User, User.username == mail_address).count() if homonymous: log.err("Creation error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) password = request.get('password') security.check_password_format(password) receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}')) receiver_password = security.hash_password(password, receiver_salt) receiver_user_dict = { 'username': mail_address, 'password': receiver_password, 'salt': receiver_salt, 'role': u'receiver', 'state': u'enabled', } receiver_user = models.User(receiver_user_dict) receiver_user.last_login = datetime_null() store.add(receiver_user) receiver = Receiver(request) receiver.user = receiver_user receiver.mail_address = mail_address receiver.tags = request['tags'] # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) log.debug("Creating receiver %s" % receiver.user.username) store.add(receiver) create_random_receiver_portrait(receiver.id) contexts = request.get('contexts', []) for context_id in contexts: context = store.find(Context, Context.id == context_id).one() if not context: log.err("Creation error: invalid Context can't be associated") raise errors.ContextIdNotFound context.receivers.add(receiver) return admin_serialize_receiver(receiver, language)