def put(self, token_id):
"""
Parameter: token_id
Request: SubmissionDesc
Response: SubmissionDesc
PUT finalize the submission
"""
@transact
def put_transact(store, token, request):
status = db_create_submission(store, token, request, self.request.language)
receipt = db_create_whistleblower_tip(store, status)
status.update({'receipt': receipt})
return status
request = self.validate_message(self.request.body, requests.SubmissionDesc)
# the .get method raise an exception if the token is invalid
token = TokenList.get(token_id)
if not token.context_associated == request['context_id']:
raise errors.InvalidInputFormat("Token context unaligned with REST url")
token.validate(request)
status = yield put_transact(token, request)
TokenList.delete(token_id)
self.set_status(202) # Updated, also if submission if effectively created (201)
self.finish(status)
def put(self, token_id):
"""
Finalize the submission
"""
request = self.validate_message(self.request.content.read(), requests.SubmissionDesc)
# The get and use method will raise if the token is invalid
token = TokenList.get(token_id)
token.use()
submission = create_submission(self.request.tid,
request,
token.uploaded_files,
self.request.client_using_tor)
# Delete the token only when a valid submission has been stored in the DB
TokenList.delete(token_id)
return submission
def put(self, token_id):
"""
Parameter: token_id
Request: SubmissionDesc
Response: SubmissionDesc
PUT finalize the submission
"""
request = self.validate_message(self.request.body, requests.SubmissionDesc)
# The get and use method will raise if the token is invalid
token = TokenList.get(token_id)
token.use()
submission = yield create_submission(request,
token.uploaded_files,
self.check_tor2web(),
self.request.language)
# Delete the token only when a valid submission has been stored in the DB
TokenList.delete(token_id)
self.set_status(202) # Updated, also if submission if effectively created (201)
self.write(submission)
def db_create_submission(store, token_id, request, t2w, language):
# the .get method raise an exception if the token is invalid
token = TokenList.get(token_id)
if not token.context_associated == request['context_id']:
raise errors.InvalidInputFormat(
"Token context does not match the one specified in submission payload"
)
token.validate(request)
TokenList.delete(token_id)
answers = request['answers']
context = store.find(Context, Context.id == token.context_associated).one()
if not context:
# this can happen only if the context is removed
# between submission POST and PUT.. :) that's why is better just
# ignore this check, take che cached and wait the reference below fault
log.err("Context requested: [%s] not found!" %
token.context_associated)
raise errors.ContextIdNotFound
submission = InternalTip()
submission.expiration_date = utc_future_date(
seconds=context.tip_timetolive)
submission.context_id = context.id
submission.creation_date = datetime_now()
# Tor2Web is spot in the handler and passed here, is done to keep track of the
# security level adopted by the whistleblower
submission.tor2web = t2w
try:
questionnaire = db_get_context_steps(
store, context.id, GLSettings.memory_copy.default_language)
questionnaire_hash = sha256(json.dumps(questionnaire))
submission.questionnaire_hash = questionnaire_hash
submission.preview = extract_answers_preview(questionnaire, answers)
store.add(submission)
db_archive_questionnaire_schema(store, submission)
db_save_questionnaire_answers(store, submission, answers)
except Exception as excep:
log.err("Submission create: fields validation fail: %s" % excep)
raise excep
try:
import_receivers(store, submission, request['receivers'])
except Exception as excep:
log.err("Submission create: receivers import fail: %s" % excep)
raise excep
try:
for filedesc in token.uploaded_files:
associated_f = InternalFile()
associated_f.name = filedesc['filename']
associated_f.description = ""
associated_f.content_type = filedesc['content_type']
associated_f.size = filedesc['body_len']
associated_f.internaltip_id = submission.id
associated_f.file_path = filedesc['encrypted_path']
store.add(associated_f)
log.debug("=> file associated %s|%s (%d bytes)" %
(associated_f.name, associated_f.content_type,
associated_f.size))
except Exception as excep:
log.err("Unable to create a DB entry for file! %s" % excep)
raise excep
receipt = db_create_whistleblower_tip(store, submission)
submission_dict = wb_serialize_internaltip(store, submission)
submission_dict.update({'receipt': receipt})
return submission_dict
def db_create_submission(store, token_id, request, t2w, language):
# the .get method raise an exception if the token is invalid
token = TokenList.get(token_id)
if not token.context_associated == request['context_id']:
raise errors.InvalidInputFormat("Token context does not match the one specified in submission payload")
token.validate(request)
TokenList.delete(token_id)
answers = request['answers']
context = store.find(Context, Context.id == token.context_associated).one()
if not context:
# this can happen only if the context is removed
# between submission POST and PUT.. :) that's why is better just
# ignore this check, take che cached and wait the reference below fault
log.err("Context requested: [%s] not found!" % token.context_associated)
raise errors.ContextIdNotFound
submission = InternalTip()
submission.expiration_date = utc_future_date(seconds=context.tip_timetolive)
submission.context_id = context.id
submission.creation_date = datetime_now()
# Tor2Web is spot in the handler and passed here, is done to keep track of the
# security level adopted by the whistleblower
submission.tor2web = t2w
try:
questionnaire = db_get_context_steps(store, context.id, GLSettings.memory_copy.default_language)
questionnaire_hash = sha256(json.dumps(questionnaire))
submission.questionnaire_hash = questionnaire_hash
submission.preview = extract_answers_preview(questionnaire, answers)
store.add(submission)
db_archive_questionnaire_schema(store, submission)
db_save_questionnaire_answers(store, submission, answers)
except Exception as excep:
log.err("Submission create: fields validation fail: %s" % excep)
raise excep
try:
import_receivers(store, submission, request['receivers'])
except Exception as excep:
log.err("Submission create: receivers import fail: %s" % excep)
raise excep
try:
for filedesc in token.uploaded_files:
associated_f = InternalFile()
associated_f.name = filedesc['filename']
associated_f.description = ""
associated_f.content_type = filedesc['content_type']
associated_f.size = filedesc['body_len']
associated_f.internaltip_id = submission.id
associated_f.file_path = filedesc['encrypted_path']
store.add(associated_f)
log.debug("=> file associated %s|%s (%d bytes)" % (
associated_f.name, associated_f.content_type, associated_f.size))
except Exception as excep:
log.err("Unable to create a DB entry for file! %s" % excep)
raise excep
receipt = db_create_whistleblower_tip(store, submission)
submission_dict = wb_serialize_internaltip(store, submission)
submission_dict.update({'receipt': receipt})
return submission_dict
