def test_pass_hash_with_0_len_pass_must_fail(self):
dummy_password = ""
dummy_salt_input = "*****@*****.**"
sure_bin = scrypt.hash(dummy_password, get_salt(dummy_salt_input))
self.assertRaises(errors.InvalidInputFormat, hash_password,
dummy_password, dummy_salt_input)
def test_001_pass_hash(self):
dummy_password = "******"
dummy_salt_input = "*****@*****.**"
sure_bin = scrypt.hash(dummy_password, get_salt(dummy_salt_input) )
sure = binascii.b2a_hex(sure_bin)
not_sure = hash_password(dummy_password, dummy_salt_input)
self.assertEqual(sure, not_sure)
def test_pass_hash(self):
dummy_password = "******"
dummy_salt_input = "*****@*****.**"
sure_bin = scrypt.hash(dummy_password, get_salt(dummy_salt_input))
sure = binascii.b2a_hex(sure_bin)
not_sure = hash_password(dummy_password, dummy_salt_input)
self.assertEqual(sure, not_sure)
def db_create_receiver(store, request, language):
"""
Creates a new receiver.
Returns:
(dict) the configured receiver
"""
fill_localized_keys(request, models.Receiver.localized_strings, language)
password = request['password']
if len(password) and password != GLSetting.default_password:
security.check_password_format(password)
else:
password = GLSetting.default_password
receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
receiver_password = security.hash_password(password, receiver_salt)
receiver_user_dict = {
'username': uuid4(),
'password': receiver_password,
'salt': receiver_salt,
'role': u'receiver',
'state': u'enabled',
'language': u"en",
'timezone': 0,
'password_change_needed': True,
}
receiver_user = models.User(receiver_user_dict)
receiver_user.last_login = datetime_null()
receiver_user.password_change_date = datetime_null()
store.add(receiver_user)
# ping_mail_address is duplicated at creation time from mail_address
request.update({'ping_mail_address': request['mail_address']})
receiver = models.Receiver(request)
receiver.user = receiver_user
# The various options related in manage GPG keys are used here.
gpg_options_parse(receiver, request)
log.debug("Creating receiver %s" % receiver.user.username)
store.add(receiver)
create_random_receiver_portrait(receiver.id)
contexts = request.get('contexts', [])
for context_id in contexts:
context = models.Context.get(store, context_id)
if not context:
log.err("Creation error: invalid Context can't be associated")
raise errors.ContextIdNotFound
context.receivers.add(receiver)
return admin_serialize_receiver(receiver, language)
def db_create_receiver(store, request, language):
"""
Creates a new receiver.
Returns:
(dict) the configured receiver
"""
fill_localized_keys(request, models.Receiver.localized_strings, language)
password = request['password']
if len(password) and password != GLSettings.default_password:
security.check_password_format(password)
else:
password = GLSettings.default_password
receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
receiver_password = security.hash_password(password, receiver_salt)
# ping_mail_address is duplicated at creation time from mail_address
request.update({'ping_mail_address': request['mail_address']})
receiver = models.Receiver(request)
receiver_user_dict = {
'username': uuid4(),
'password': receiver_password,
'salt': receiver_salt,
'role': u'receiver',
'state': u'enabled',
'language': u'en',
'timezone': 0,
'password_change_needed': True,
'mail_address': request['mail_address']
}
receiver_user = models.User(receiver_user_dict)
# The various options related in manage PGP keys are used here.
pgp_options_parse(receiver, request)
# Set receiver.id = receiver.user.username = receiver.user.id
receiver.id = receiver_user.username = receiver_user.id
store.add(receiver_user)
store.add(receiver)
create_random_receiver_portrait(receiver.id)
contexts = request.get('contexts', [])
for context_id in contexts:
context = models.Context.get(store, context_id)
if not context:
log.err("Creation error: invalid Context can't be associated")
raise errors.ContextIdNotFound
context.receivers.add(receiver)
log.debug("Created receiver %s" % receiver.user.username)
return admin_serialize_receiver(receiver, language)
def test_salt(self):
dummy_string = "xxxxxx32312xxxxxx"
sha = SHA512.new()
sha.update(dummy_string)
complete_hex = sha.hexdigest()
self.assertEqual( complete_hex[:SALT_LENGTH],
get_salt(dummy_string)[:SALT_LENGTH] )
new_dummy_string = "xxxxkkkk"
sha_second = SHA512.new()
sha_second.update(new_dummy_string)
complete_hex = sha_second.hexdigest()
self.assertEqual( complete_hex[:SALT_LENGTH],
get_salt(new_dummy_string)[:SALT_LENGTH] )
def test_002_salt(self):
dummy_string = "xxxxxx32312xxxxxx"
sha = hashes.Hash(hashes.SHA512(), backend=crypto_backend)
sha.update(dummy_string)
complete_hex = digest = binascii.b2a_hex(sha.finalize())
self.assertEqual( complete_hex[:SALT_LENGTH],
get_salt(dummy_string)[:SALT_LENGTH] )
new_dummy_string = "xxxxkkkk"
sha_second = hashes.Hash(hashes.SHA512(), backend=crypto_backend)
sha_second.update(new_dummy_string)
complete_hex = binascii.b2a_hex(sha_second.finalize())
self.assertEqual( complete_hex[:SALT_LENGTH],
get_salt(new_dummy_string)[:SALT_LENGTH] )
def test_salt(self):
dummy_string = "xxxxxx32312xxxxxx"
sha = hashes.Hash(hashes.SHA512(), backend=crypto_backend)
sha.update(dummy_string)
complete_hex = digest = binascii.b2a_hex(sha.finalize())
self.assertEqual(complete_hex[:SALT_LENGTH],
get_salt(dummy_string)[:SALT_LENGTH])
new_dummy_string = "xxxxkkkk"
sha_second = hashes.Hash(hashes.SHA512(), backend=crypto_backend)
sha_second.update(new_dummy_string)
complete_hex = binascii.b2a_hex(sha_second.finalize())
self.assertEqual(complete_hex[:SALT_LENGTH],
get_salt(new_dummy_string)[:SALT_LENGTH])
def test_valid_password(self):
dummy_password = dummy_salt_input = \
"http://blog.transparency.org/wp-content/uploads/2010/05/A2_Whistelblower_poster.jpg"
dummy_salt = get_salt(dummy_salt_input)
hashed_once = binascii.b2a_hex(scrypt.hash(dummy_password, dummy_salt))
hashed_twice = binascii.b2a_hex(scrypt.hash(dummy_password, dummy_salt))
self.assertTrue(hashed_once, hashed_twice)
self.assertTrue(check_password(dummy_password, hashed_once, dummy_salt_input))
def test_003_valid_password(self):
dummy_password = dummy_salt_input = \
"http://blog.transparency.org/wp-content/uploads/2010/05/A2_Whistelblower_poster.jpg"
dummy_salt = get_salt(dummy_salt_input)
hashed_once = binascii.b2a_hex(scrypt.hash(dummy_password, dummy_salt))
hashed_twice = binascii.b2a_hex(scrypt.hash(dummy_password, dummy_salt))
self.assertTrue(hashed_once, hashed_twice)
self.assertTrue(check_password(dummy_password, hashed_once, dummy_salt_input))
def test_006_change_password(self):
dummy_salt_input = "xxxxxxxx"
first_pass = helpers.VALID_PASSWORD1
second_pass = helpers.VALID_PASSWORD2
dummy_salt = get_salt(dummy_salt_input)
# as first we hash a "first_password" like has to be:
hashed1 = binascii.b2a_hex(scrypt.hash(str(first_pass), dummy_salt))
# now emulate the change unsing the globaleaks.security module
self.assertRaises(errors.InvalidOldPassword, change_password, hashed1, "invalid_old_pass", second_pass, dummy_salt_input)
def init_db(store, result, node_dict, appdata_dict):
"""
TODO refactor with languages the email_template, develop a dedicated
function outside the node, and inquire f*****g YHWH about the
callbacks existence/usage
"""
node = models.Node(node_dict)
node.languages_enabled = GLSetting.defaults.languages_enabled
node.receipt_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
node.wizard_done = GLSetting.skip_wizard
for k in appdata_dict['node']:
setattr(node, k, appdata_dict['node'][k])
store.add(node)
admin_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
admin_password = hash_password(u"globaleaks", admin_salt)
admin_dict = {
'username': u'admin',
'password': admin_password,
'salt': admin_salt,
'role': u'admin',
'state': u'enabled',
'language': u"en",
'timezone': 0,
'password_change_needed': False,
}
admin = models.User(admin_dict)
store.add(admin)
notification = models.Notification()
for k in appdata_dict['templates']:
setattr(notification, k, appdata_dict['templates'][k])
store.add(notification)
def init_db(store, result, node_dict, appdata_dict):
"""
"""
node = models.Node(node_dict)
node.languages_enabled = GLSettings.defaults.languages_enabled
node.receipt_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
node.wizard_done = GLSettings.skip_wizard
for k in appdata_dict['node']:
setattr(node, k, appdata_dict['node'][k])
store.add(node)
admin_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
admin_password = hash_password(u"globaleaks", admin_salt)
admin_dict = {
'username': u'admin',
'password': admin_password,
'salt': admin_salt,
'role': u'admin',
'state': u'enabled',
'mail_address': u'',
'language': u"en",
'timezone': 0,
'password_change_needed': False,
}
admin = models.User(admin_dict)
store.add(admin)
notification = models.Notification()
for k in appdata_dict['templates']:
setattr(notification, k, appdata_dict['templates'][k])
store.add(notification)
def init_db(store, result, node_dict, appdata_dict):
"""
"""
node = models.Node(node_dict)
node.languages_enabled = GLSettings.defaults.languages_enabled
node.receipt_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
node.wizard_done = GLSettings.skip_wizard
for k in appdata_dict['node']:
setattr(node, k, appdata_dict['node'][k])
store.add(node)
admin_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
admin_password = hash_password(u"globaleaks", admin_salt)
admin_dict = {
'username': u'admin',
'password': admin_password,
'salt': admin_salt,
'role': u'admin',
'state': u'enabled',
'mail_address': u'',
'language': u"en",
'timezone': 0,
'password_change_needed': False,
}
admin = models.User(admin_dict)
store.add(admin)
notification = models.Notification()
for k in appdata_dict['templates']:
setattr(notification, k, appdata_dict['templates'][k])
store.add(notification)
def test_004_change_password(self):
dummy_salt_input = "xxxxxxxx"
first_pass = helpers.VALID_PASSWORD1
second_pass = helpers.VALID_PASSWORD2
dummy_salt = get_salt(dummy_salt_input)
# as first we hash a "first_password" like has to be:
hashed1 = binascii.b2a_hex(scrypt.hash(str(first_pass), dummy_salt))
# now emulate the change unsing the globaleaks.security module
hashed2 = change_password(hashed1, first_pass, second_pass, dummy_salt_input)
# verify that second stored pass is the same
self.assertEqual(
hashed2,
binascii.b2a_hex(scrypt.hash(str(second_pass), dummy_salt) )
)
def test_change_password(self):
dummy_salt_input = "xxxxxxxx"
first_pass = helpers.VALID_PASSWORD1
second_pass = helpers.VALID_PASSWORD2
dummy_salt = get_salt(dummy_salt_input)
# as first we hash a "first_password" like has to be:
hashed1 = binascii.b2a_hex(scrypt.hash(str(first_pass), dummy_salt))
# now emulate the change unsing the globaleaks.security module
hashed2 = change_password(hashed1, first_pass, second_pass, dummy_salt_input)
# verify that second stored pass is the same
self.assertEqual(
hashed2,
binascii.b2a_hex(scrypt.hash(str(second_pass), dummy_salt))
)
def init_db(store):
db_create_tables(store)
appdata_dict = db_init_appdata(store)
log.debug("Performing database initialization...")
node = models.Node()
node.wizard_done = GLSettings.skip_wizard
node.receipt_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
for k in appdata_dict['node']:
setattr(node, k, appdata_dict['node'][k])
notification = models.Notification()
for k in appdata_dict['templates']:
setattr(notification, k, appdata_dict['templates'][k])
store.add(node)
store.add(notification)
load_default_fields(store)
admin_dict = {
'username': u'admin',
'password': u'globaleaks',
'deeletable': False,
'role': u'admin',
'state': u'enabled',
'deletable': False,
'name': u'Admin',
'description': u'',
'mail_address': u'',
'language': node.default_language,
'timezone': node.default_timezone,
'password_change_needed': False,
'pgp_key_status': 'disabled',
'pgp_key_info': '',
'pgp_key_fingerprint': '',
'pgp_key_public': '',
'pgp_key_expiration': datetime_null()
}
admin = db_create_admin(store, admin_dict, node.default_language)
admin.password_change_needed = False
def init_db(store):
db_create_tables(store)
appdata_dict = db_init_appdata(store)
log.debug("Performing database initialization...")
node = models.Node()
node.wizard_done = GLSettings.skip_wizard
node.receipt_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
for k in appdata_dict['node']:
setattr(node, k, appdata_dict['node'][k])
notification = models.Notification()
for k in appdata_dict['templates']:
setattr(notification, k, appdata_dict['templates'][k])
store.add(node)
store.add(notification)
load_default_fields(store)
admin_dict = {
'username': u'admin',
'password': u'globaleaks',
'deeletable': False,
'role': u'admin',
'state': u'enabled',
'deletable': False,
'name': u'Admin',
'description': u'',
'mail_address': u'',
'language': node.default_language,
'timezone': node.default_timezone,
'password_change_needed': False,
'pgp_key_status': 'disabled',
'pgp_key_info': '',
'pgp_key_fingerprint': '',
'pgp_key_public': '',
'pgp_key_expiration': datetime_null()
}
admin = db_create_admin(store, admin_dict, node.default_language)
admin.password_change_needed = False
def db_create_user(store, request, language):
fill_localized_keys(request, models.User.localized_keys, language)
password = request['password']
if len(password) and password != GLSettings.default_password:
security.check_password_format(password)
else:
password = GLSettings.default_password
password_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
password_hash = security.hash_password(password, password_salt)
user = models.User({
'username': request['username'],
'password': password_hash,
'salt': password_salt,
'role': request['role'],
'state': u'enabled',
'deletable': request['deletable'],
'name': request['name'],
'description': request['description'],
'language': u'en',
'timezone': 0,
'password_change_needed': True,
'mail_address': request['mail_address']
})
if request['username'] == '':
user.username = user.id
# The various options related in manage PGP keys are used here.
parse_pgp_options(user, request)
create_user_picture(user.id)
store.add(user)
return user
def db_create_user(store, request, language):
fill_localized_keys(request, models.User.localized_keys, language)
password = request['password']
if len(password) and password != GLSettings.default_password:
security.check_password_format(password)
else:
password = GLSettings.default_password
password_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
password_hash = security.hash_password(password, password_salt)
user = models.User({
'username': request['username'],
'password': password_hash,
'salt': password_salt,
'role': request['role'],
'state': u'enabled',
'deletable': request['deletable'],
'name': request['name'],
'description': request['description'],
'language': u'en',
'timezone': 0,
'password_change_needed': True,
'mail_address': request['mail_address']
})
if request['username'] == '':
user.username = user.id
# The various options related in manage PGP keys are used here.
parse_pgp_options(user, request)
create_user_picture(user.id)
store.add(user)
return user
def create_receiver(store, request, language=GLSetting.memory_copy.default_language):
"""
Creates a new receiver.
Returns:
(dict) the configured receiver
"""
v = dict(request)
for attr in getattr(Receiver, "localized_strings"):
v[attr] = {}
v[attr][language] = unicode(request[attr])
request = v
mail_address = utility.acquire_mail_address(request)
if not mail_address:
raise errors.NoEmailSpecified
# Pretend that username is unique:
homonymous = store.find(User, User.username == mail_address).count()
if homonymous:
log.err("Creation error: already present receiver with the requested username: %s" % mail_address)
raise errors.ExpectedUniqueField('mail_address', mail_address)
password = request.get('password')
security.check_password_format(password)
receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
receiver_password = security.hash_password(password, receiver_salt)
receiver_user_dict = {
'username': mail_address,
'password': receiver_password,
'salt': receiver_salt,
'role': u'receiver',
'state': u'enabled',
'failed_login_count': 0,
}
receiver_user = models.User(receiver_user_dict)
receiver_user.last_login = utility.datetime_null()
store.add(receiver_user)
receiver = Receiver(request)
receiver.user = receiver_user
receiver.notification_fields = request.get('notification_fields')
receiver.tags = request.get('tags')
# The various options related in manage GPG keys are used here.
gpg_options_parse(receiver, request)
log.debug("Creating receiver %s" % receiver.user.username)
store.add(receiver)
create_random_receiver_portrait(receiver.id)
contexts = request.get('contexts', [])
for context_id in contexts:
context = store.find(Context, Context.id == context_id).one()
if not context:
log.err("Creation error: invalid Context can't be associated")
raise errors.ContextGusNotFound
context.receivers.add(receiver)
return admin_serialize_receiver(receiver, language)
def initialize_node(store, results, only_node, email_templates):
"""
TODO refactor with languages the email_template, develop a dedicated
function outside the node, and inquire f*****g YHWH about the
callbacks existence/usage
"""
from Crypto import Random
Random.atfork()
node = models.Node(only_node)
# by default, only english is the surely present language
node.languages_enabled = GLSetting.defaults.languages_enabled
node.receipt_salt = get_salt(rstr.xeger("[A-Za-z0-9]{56}"))
node.creation_date = datetime_now()
store.add(node)
admin_salt = get_salt(rstr.xeger("[A-Za-z0-9]{56}"))
admin_password = hash_password(u"globaleaks", admin_salt)
admin_dict = {
"username": u"admin",
"password": admin_password,
"salt": admin_salt,
"role": u"admin",
"state": u"enabled",
"failed_login_count": 0,
}
admin = models.User(admin_dict)
admin.last_login = datetime_null()
store.add(admin)
notification = models.Notification()
# our defaults for free, because we're like Gandhi of the mail accounts.
notification.server = "mail.headstrong.de"
notification.port = 587
# port 587/SMTP-TLS or 465/SMTPS
notification.username = "******"
notification.password = "******"
notification.security = "TLS"
notification.source_name = "Default GlobaLeaks sender"
notification.source_email = notification.username
# Those fields are sets as default in order to show to the Admin the various 'variables'
# used in the template.
notification.tip_template = {GLSetting.memory_copy.default_language: email_templates["tip"]}
notification.tip_mail_title = {GLSetting.memory_copy.default_language: "From %NodeName% a new Tip"}
notification.file_template = {GLSetting.memory_copy.default_language: email_templates["file"]}
notification.file_mail_title = {
GLSetting.memory_copy.default_language: "From %NodeName% a new file appended to a tip"
}
notification.comment_template = {GLSetting.memory_copy.default_language: email_templates["comment"]}
notification.comment_mail_title = {GLSetting.memory_copy.default_language: "From %NodeName% a new comment"}
notification.activation_template = {GLSetting.memory_copy.default_language: "*Not Yet implemented*"}
notification.activation_mail_title = {GLSetting.memory_copy.default_language: "**Not Yet implemented"}
store.add(notification)
def db_create_receiver(store,
request,
language=GLSetting.memory_copy.default_language):
"""
Creates a new receiver.
Returns:
(dict) the configured receiver
"""
mo = structures.Rosetta()
mo.acquire_request(language, request, Receiver)
for attr in mo.get_localized_attrs():
request[attr] = mo.get_localized_dict(attr)
mail_address = request['mail_address']
# Pretend that username is unique:
homonymous = store.find(User, User.username == mail_address).count()
if homonymous:
log.err(
"Creation error: already present receiver with the requested username: %s"
% mail_address)
raise errors.ExpectedUniqueField('mail_address', mail_address)
password = request.get('password')
security.check_password_format(password)
receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
receiver_password = security.hash_password(password, receiver_salt)
receiver_user_dict = {
'username': mail_address,
'password': receiver_password,
'salt': receiver_salt,
'role': u'receiver',
'state': u'enabled',
}
receiver_user = models.User(receiver_user_dict)
receiver_user.last_login = datetime_null()
store.add(receiver_user)
receiver = Receiver(request)
receiver.user = receiver_user
receiver.mail_address = mail_address
receiver.tags = request['tags']
# The various options related in manage GPG keys are used here.
gpg_options_parse(receiver, request)
log.debug("Creating receiver %s" % receiver.user.username)
store.add(receiver)
create_random_receiver_portrait(receiver.id)
contexts = request.get('contexts', [])
for context_id in contexts:
context = store.find(Context, Context.id == context_id).one()
if not context:
log.err("Creation error: invalid Context can't be associated")
raise errors.ContextIdNotFound
context.receivers.add(receiver)
return admin_serialize_receiver(receiver, language)
def test_005_pass_hash_with_0_len_pass_must_fail(self):
dummy_password = ""
dummy_salt_input = "*****@*****.**"
sure_bin = scrypt.hash(dummy_password, get_salt(dummy_salt_input) )
self.assertRaises(errors.InvalidInputFormat, hash_password, dummy_password, dummy_salt_input)
from globaleaks.jobs import statistics_sched, mailflush_sched
from globaleaks.models import db_forge_obj, ReceiverTip, ReceiverFile, WhistleblowerTip, InternalTip
from globaleaks.rest.apicache import GLApiCache
from globaleaks.settings import GLSettings, transact, transact_ro
from globaleaks.security import GLSecureTemporaryFile
from globaleaks.third_party import rstr
from globaleaks.utils import token
from globaleaks.utils.structures import fill_localized_keys
from globaleaks.utils.utility import datetime_null, log
from . import TEST_DIR
## constants
VALID_PASSWORD1 = u'justapasswordwithaletterandanumberandbiggerthan8chars'
VALID_PASSWORD2 = u'justap455w0rdwithaletterandanumberandbiggerthan8chars'
VALID_SALT1 = security.get_salt(rstr.xeger(r'[A-Za-z0-9]{56}'))
VALID_SALT2 = security.get_salt(rstr.xeger(r'[A-Za-z0-9]{56}'))
VALID_HASH1 = security.hash_password(VALID_PASSWORD1, VALID_SALT1)
VALID_HASH2 = security.hash_password(VALID_PASSWORD2, VALID_SALT2)
INVALID_PASSWORD = u'antani'
FIXTURES_PATH = os.path.join(TEST_DIR, 'fixtures')
with open(os.path.join(TEST_DIR, 'keys/valid_pgp_key1.txt')) as pgp_file:
VALID_PGP_KEY1 = unicode(pgp_file.read())
with open(os.path.join(TEST_DIR, 'keys/valid_pgp_key2.txt')) as pgp_file:
VALID_PGP_KEY2 = unicode(pgp_file.read())
with open(os.path.join(TEST_DIR, 'keys/expired_pgp_key.txt')) as pgp_file:
EXPIRED_PGP_KEY = unicode(pgp_file.read())
def init_db(store, result, node_dict, appdata_dict):
"""
TODO refactor with languages the email_template, develop a dedicated
function outside the node, and inquire f*****g YHWH about the
callbacks existence/usage
"""
node = models.Node(node_dict)
for k in appdata_dict['node']:
setattr(node, k, appdata_dict['node'][k])
node.languages_enabled = GLSetting.defaults.languages_enabled
node.receipt_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
node.wizard_done = GLSetting.skip_wizard
node.creation_date = datetime_now()
store.add(node)
admin_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
admin_password = hash_password(u"globaleaks", admin_salt)
admin_dict = {
'username': u'admin',
'password': admin_password,
'salt': admin_salt,
'role': u'admin',
'state': u'enabled',
'language': u"en",
'timezone': 0,
'password_change_needed': False,
}
admin = models.User(admin_dict)
admin.last_login = datetime_null()
admin.password_change_date = datetime_null()
store.add(admin)
notification = models.Notification()
# our defaults for free, because we're like Gandhi of the mail accounts.
notification.server = "mail.headstrong.de"
notification.port = 587
# port 587/SMTP-TLS or 465/SMTPS
notification.username = "******"
notification.password = "******"
notification.security = "TLS"
notification.source_name = "Default GlobaLeaks sender"
notification.source_email = notification.username
# Those fields are sets as default in order to show to the Admin the various
# 'variables' used in the template.
for k in appdata_dict['templates']:
setattr(notification, k, appdata_dict['templates'][k])
store.add(notification)
def db_create_receiver(store, request, language=GLSetting.memory_copy.default_language):
"""
Creates a new receiver.
Returns:
(dict) the configured receiver
"""
mo = structures.Rosetta()
mo.acquire_request(language, request, Receiver)
for attr in mo.get_localized_attrs():
request[attr] = mo.get_localized_dict(attr)
mail_address = request['mail_address']
# Pretend that username is unique:
homonymous = store.find(User, User.username == mail_address).count()
if homonymous:
log.err("Creation error: already present receiver with the requested username: %s" % mail_address)
raise errors.ExpectedUniqueField('mail_address', mail_address)
password = request.get('password')
security.check_password_format(password)
receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
receiver_password = security.hash_password(password, receiver_salt)
receiver_user_dict = {
'username': mail_address,
'password': receiver_password,
'salt': receiver_salt,
'role': u'receiver',
'state': u'enabled',
}
receiver_user = models.User(receiver_user_dict)
receiver_user.last_login = datetime_null()
store.add(receiver_user)
receiver = Receiver(request)
receiver.user = receiver_user
receiver.mail_address = mail_address
receiver.tags = request['tags']
# The various options related in manage GPG keys are used here.
gpg_options_parse(receiver, request)
log.debug("Creating receiver %s" % receiver.user.username)
store.add(receiver)
create_random_receiver_portrait(receiver.id)
contexts = request.get('contexts', [])
for context_id in contexts:
context = store.find(Context, Context.id == context_id).one()
if not context:
log.err("Creation error: invalid Context can't be associated")
raise errors.ContextIdNotFound
context.receivers.add(receiver)
return admin_serialize_receiver(receiver, language)
def db_create_receiver(store, request, language=GLSetting.memory_copy.default_language):
"""
Creates a new receiver.
Returns:
(dict) the configured receiver
"""
fill_localized_keys(request, models.Receiver.localized_strings, language)
mail_address = request['mail_address']
# Pretend that username is unique:
homonymous = store.find(models.User, models.User.username == mail_address).count()
if homonymous:
log.err("Creation error: already present receiver with the requested username: %s" % mail_address)
raise errors.ExpectedUniqueField('mail_address', mail_address)
password = request['password']
if len(password) and password != GLSetting.default_password:
security.check_password_format(password)
else:
password = GLSetting.default_password
receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
receiver_password = security.hash_password(password, receiver_salt)
receiver_user_dict = {
'username': mail_address,
'password': receiver_password,
'salt': receiver_salt,
'role': u'receiver',
'state': u'enabled',
'language': u"en",
'timezone': 0,
'password_change_needed': True,
}
receiver_user = models.User(receiver_user_dict)
receiver_user.last_login = datetime_null()
receiver_user.password_change_needed = request['password_change_needed']
receiver_user.password_change_date = datetime_null()
store.add(receiver_user)
receiver = models.Receiver(request)
receiver.user = receiver_user
receiver.mail_address = mail_address
# The various options related in manage GPG keys are used here.
gpg_options_parse(receiver, request)
log.debug("Creating receiver %s" % receiver.user.username)
store.add(receiver)
create_random_receiver_portrait(receiver.id)
contexts = request.get('contexts', [])
for context_id in contexts:
context = models.Context.get(store, context_id)
if not context:
log.err("Creation error: invalid Context can't be associated")
raise errors.ContextIdNotFound
context.receivers.add(receiver)
return admin_serialize_receiver(receiver, language)
def initialize_node(store, results, only_node, templates, appdata):
"""
TODO refactor with languages the email_template, develop a dedicated
function outside the node, and inquire f*****g YHWH about the
callbacks existence/usage
"""
node = models.Node(only_node)
log.debug("Inizializing ApplicationData")
new_appdata = ApplicationData()
new_appdata.fields = appdata['fields']
new_appdata.version = appdata['version']
store.add(new_appdata)
if 'node_presentation' in appdata:
node.presentation = appdata['node_presentation']
if 'node_footer' in appdata:
node.footer = appdata['node_footer']
if 'node_subtitle' in appdata:
node.subtitle = appdata['node_subtitle']
node.languages_enabled = GLSetting.defaults.languages_enabled
node.receipt_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
node.wizard_done = GLSetting.skip_wizard
node.creation_date = datetime_now()
store.add(node)
admin_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
admin_password = hash_password(u"globaleaks", admin_salt)
admin_dict = {
'username': u'admin',
'password': admin_password,
'salt': admin_salt,
'role': u'admin',
'state': u'enabled',
}
admin = models.User(admin_dict)
admin.last_login = datetime_null()
store.add(admin)
notification = models.Notification()
# our defaults for free, because we're like Gandhi of the mail accounts.
notification.server = "mail.headstrong.de"
notification.port = 587
# port 587/SMTP-TLS or 465/SMTPS
notification.username = "******"
notification.password = "******"
notification.security = "TLS"
notification.source_name = "Default GlobaLeaks sender"
notification.source_email = notification.username
# Those fields are sets as default in order to show to the Admin the various
# 'variables' used in the template.
notification.encrypted_tip_template = { GLSetting.memory_copy.default_language:
templates['encrypted_tip'] }
notification.encrypted_tip_mail_title = { GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: new Tip (Encrypted)" }
notification.plaintext_tip_template= { GLSetting.memory_copy.default_language:
templates['plaintext_tip'] }
notification.plaintext_tip_mail_title = { GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: new ClearText" }
notification.encrypted_message_template = { GLSetting.memory_copy.default_language: templates['encrypted_message'] }
notification.encrypted_message_mail_title = { GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: New message (Encrypted)" }
notification.plaintext_message_template = { GLSetting.memory_copy.default_language: templates['plaintext_message'] }
notification.plaintext_message_mail_title = { GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: New message" }
notification.encrypted_file_template = { GLSetting.memory_copy.default_language: templates['encrypted_file'] }
notification.encrypted_file_mail_title = { GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: File attached (Encrypted)" }
notification.plaintext_file_template = { GLSetting.memory_copy.default_language: templates['plaintext_file'] }
notification.plaintext_file_mail_title = { GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: File attached" }
notification.encrypted_comment_template = { GLSetting.memory_copy.default_language: templates['encrypted_comment'] }
notification.encrypted_comment_mail_title = { GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: New comment (Encrypted)" }
notification.plaintext_comment_template = { GLSetting.memory_copy.default_language: templates['plaintext_comment'] }
notification.plaintext_comment_mail_title = { GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: New comment" }
notification.zip_description = { GLSetting.memory_copy.default_language:
templates['zip_collection'] }
store.add(notification)
def initialize_node(store, results, only_node, appdata):
"""
TODO refactor with languages the email_template, develop a dedicated
function outside the node, and inquire f*****g YHWH about the
callbacks existence/usage
"""
node = models.Node(only_node)
log.debug("Inizializing ApplicationData")
new_appdata = ApplicationData()
new_appdata.fields = appdata['fields']
new_appdata.version = appdata['version']
store.add(new_appdata)
for k in appdata['node']:
setattr(node, k, appdata['node'][k])
node.languages_enabled = GLSetting.defaults.languages_enabled
node.receipt_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
node.wizard_done = GLSetting.skip_wizard
node.creation_date = datetime_now()
store.add(node)
admin_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
admin_password = hash_password(u"globaleaks", admin_salt)
admin_dict = {
'username': u'admin',
'password': admin_password,
'salt': admin_salt,
'role': u'admin',
'state': u'enabled',
'language': u"en",
'timezone': 0,
'password_change_needed': False,
}
admin = models.User(admin_dict)
admin.last_login = datetime_null()
admin.password_change_date = datetime_null()
store.add(admin)
notification = models.Notification()
# our defaults for free, because we're like Gandhi of the mail accounts.
notification.server = "mail.headstrong.de"
notification.port = 587
# port 587/SMTP-TLS or 465/SMTPS
notification.username = "******"
notification.password = "******"
notification.security = "TLS"
notification.source_name = "Default GlobaLeaks sender"
notification.source_email = notification.username
# Those fields are sets as default in order to show to the Admin the various
# 'variables' used in the template.
for k in appdata['templates']:
# Todo handle pgp_expiration_alert and pgp_expiration_notice already included in client/app/data/txt
# and internationalized with right support on backend db.
if k in appdata['templates']:
setattr(notification, k, appdata['templates'][k])
# Todo handle pgp_expiration_alert and pgp_expiration_notice already included in client/app/data/txt
# and internationalized with right support on backend db.
store.add(notification)
def initialize_node(store, results, only_node, templates, appdata):
"""
TODO refactor with languages the email_template, develop a dedicated
function outside the node, and inquire f*****g YHWH about the
callbacks existence/usage
"""
node = models.Node(only_node)
log.debug("Inizializing ApplicationData")
new_appdata = ApplicationData()
new_appdata.fields = appdata['fields']
new_appdata.version = appdata['version']
store.add(new_appdata)
if 'node_presentation' in appdata:
node.presentation = appdata['node_presentation']
if 'node_footer' in appdata:
node.footer = appdata['node_footer']
if 'node_subtitle' in appdata:
node.subtitle = appdata['node_subtitle']
node.languages_enabled = GLSetting.defaults.languages_enabled
node.receipt_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
node.wizard_done = GLSetting.skip_wizard
node.creation_date = datetime_now()
store.add(node)
admin_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}'))
admin_password = hash_password(u"globaleaks", admin_salt)
admin_dict = {
'username': u'admin',
'password': admin_password,
'salt': admin_salt,
'role': u'admin',
'state': u'enabled',
}
admin = models.User(admin_dict)
admin.last_login = datetime_null()
store.add(admin)
notification = models.Notification()
# our defaults for free, because we're like Gandhi of the mail accounts.
notification.server = "mail.headstrong.de"
notification.port = 587
# port 587/SMTP-TLS or 465/SMTPS
notification.username = "******"
notification.password = "******"
notification.security = "TLS"
notification.source_name = "Default GlobaLeaks sender"
notification.source_email = notification.username
# Those fields are sets as default in order to show to the Admin the various
# 'variables' used in the template.
notification.encrypted_tip_template = {
GLSetting.memory_copy.default_language: templates['encrypted_tip']
}
notification.encrypted_tip_mail_title = {
GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: new Tip (Encrypted)"
}
notification.plaintext_tip_template = {
GLSetting.memory_copy.default_language: templates['plaintext_tip']
}
notification.plaintext_tip_mail_title = {
GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: new ClearText"
}
notification.encrypted_message_template = {
GLSetting.memory_copy.default_language: templates['encrypted_message']
}
notification.encrypted_message_mail_title = {
GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: New message (Encrypted)"
}
notification.plaintext_message_template = {
GLSetting.memory_copy.default_language: templates['plaintext_message']
}
notification.plaintext_message_mail_title = {
GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: New message"
}
notification.encrypted_file_template = {
GLSetting.memory_copy.default_language: templates['encrypted_file']
}
notification.encrypted_file_mail_title = {
GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: File attached (Encrypted)"
}
notification.plaintext_file_template = {
GLSetting.memory_copy.default_language: templates['plaintext_file']
}
notification.plaintext_file_mail_title = {
GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: File attached"
}
notification.encrypted_comment_template = {
GLSetting.memory_copy.default_language: templates['encrypted_comment']
}
notification.encrypted_comment_mail_title = {
GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: New comment (Encrypted)"
}
notification.plaintext_comment_template = {
GLSetting.memory_copy.default_language: templates['plaintext_comment']
}
notification.plaintext_comment_mail_title = {
GLSetting.memory_copy.default_language:
"[Tip %TipNum%] for %ReceiverName% in %ContextName%: New comment"
}
notification.zip_description = {
GLSetting.memory_copy.default_language: templates['zip_collection']
}
store.add(notification)
