def uploadExistingFile(self):
"""Server Side Upload Function for existing files
Creates a new ciphertext and new access files to all
users who have access to the file. DB File Information updated
Security: Authenticate User Message by users session key
Concurrency control"""
lcHDRS = {}
for key, val in cherrypy.request.headers.iteritems():
lcHDRS[key.lower()] = val
username = lcHDRS['username']
sessionKey = um.getSessionKey(username)
if sessionKey != -1:
try:
data = json.loads(
security.decryptS_AES(lcHDRS['data'].decode('hex'),
sessionKey.decode('hex')))
usr_id = DBmodule.db_getUserID(username)
fn = data['filename']
iv = data['iv']
aes = lcHDRS['aes']
sign = data['sign']
files = DBmodule.db_listMyFiles(usr_id)
filenames = [x.encode('latin-1') for x in files]
if fn in filenames:
file_id = DBmodule.db_getFileId(usr_id, fn)
# Concurrent Access
while (DBmodule.db_fileStatus(file_id) is True):
time.sleep(2)
status = DBmodule.db_fileInUse(file_id)
if status:
destination = os.path.join('storage',
str(file_id) + '.file')
# Save Ciphertext
with open(destination, 'wb') as f:
shutil.copyfileobj(cherrypy.request.body, f)
userList = DBmodule.db_whoHasAccess(file_id)
# Save FILE Encrypted by RSA for every user
for i in range(0, len(userList)):
with open(destination + '.key' + str(userList[i]),
'wb') as f:
f.write(aes[i])
# Add File Information to DB
uni = iv.decode('hex').decode('latin-1')
DBmodule.db_fileInfoUpdate(file_id, usr_id, sign, uni)
statusF = DBmodule.db_fileNotInUse(file_id)
if statusF is True:
return 'Okay, File Updated'
else:
raise cherrypy.HTTPError(
408,
'Request Timeout! Please Try Again\nSafeBox Team'
)
else:
raise cherrypy.HTTPError(
408,
'Request Timeout! Please Try Again\nSafeBox Team')
except:
raise cherrypy.HTTPError(
401, 'Currently, you are not a valid user!\nSafeBox Team')
def upload(self):
"""Server Side Upload Function for new files
Creates a new ciphertext and new access files to the user who
wants to save the file. DB File Information updated
Security: Authenticate User Message
Concurrency control"""
lcHDRS = {}
for key, val in cherrypy.request.headers.iteritems():
lcHDRS[key.lower()] = val
username = lcHDRS['username']
sessionKey = um.getSessionKey(username)
if sessionKey != -1:
try:
data = json.loads(
security.decryptS_AES(lcHDRS['data'].decode('hex'),
sessionKey.decode('hex')))
usr_id = DBmodule.db_getUserID(username)
fn = data['filename']
iv = data['iv']
aes = lcHDRS['aes']
sign = data['sign']
files = DBmodule.db_listMyFiles(usr_id)
filenames = [x.encode('latin-1') for x in files]
# File does not exist. Add New File
if fn not in filenames:
new_id = DBmodule.getNewFileId()
destination = os.path.join('storage',
str(new_id) + '.file')
# Save Ciphertext
with open(destination, 'wb') as f:
shutil.copyfileobj(cherrypy.request.body, f)
# Save FILE Encrypted by RSA
with open(destination + '.key' + str(usr_id), 'wb') as f:
f.write(aes)
# Add File Information to DB
uni = iv.decode('hex').decode('latin-1')
DBmodule.db_insertFile(fn, '/', uni, 1, usr_id, sign)
return 'Okay, New File Add'
except:
raise cherrypy.HTTPError(
401, 'Currently, you are not a valid user!\nSafeBox Team')
else:
raise cherrypy.HTTPError(
401, 'Currently, you are not a valid user!\nSafeBox Team')