def submit(): msg = request.form['msg'] fh = request.files['fh'] if msg: store.save_message_submission(g.sid, msg) flash("Thanks! We received your message.", "notification") if fh: store.save_file_submission(g.sid, fh.filename, fh.stream) flash("Thanks! We received your document '%s'." % fh.filename or '[unnamed]', "notification") return redirect(url_for('lookup'))
def submit(source, num_submissions): """Generates and submits *num_submissions* :class:`db.Submission`s on behalf of a :class:`db.Source` *source*. :param db.Source source: The source on who's behalf to make submissions. :param int num_submissions: Number of random-data submissions to make. :returns: A list of the :class:`db.Submission`s submitted. """ assert num_submissions >= 1 submissions = [] for _ in range(num_submissions): source.interaction_count += 1 fpath = store.save_message_submission(source.filesystem_id, source.interaction_count, source.journalist_filename, str(os.urandom(1))) submission = db.Submission(source, fpath) submissions.append(submission) db.db_session.add(submission) db.db_session.commit() return submissions
def submit(source, num_submissions): """Generates and submits *num_submissions* :class:`db.Submission`s on behalf of a :class:`db.Source` *source*. :param db.Source source: The source on who's behalf to make submissions. :param int num_submissions: Number of random-data submissions to make. :returns: A list of the :class:`db.Submission`s submitted. """ assert num_submissions >= 1 submissions = [] for _ in range(num_submissions): source.interaction_count += 1 fpath = store.save_message_submission(source.filesystem_id, source.interaction_count, source.journalist_filename, str(os.urandom(1))) submission = db.Submission(source, fpath) submissions.append(submission) db.db_session.add(submission) db.db_session.commit() return submissions
def submit(): msg = request.form['msg'] fh = request.files['fh'] strip_metadata = True if 'notclean' in request.form else False fnames = [] if msg: fnames.append(store.save_message_submission(g.sid, msg)) flash("Thanks! We received your message.", "notification") if fh: fnames.append(store.save_file_submission(g.sid, fh.filename, fh.stream, fh.content_type, strip_metadata)) flash("Thanks! We received your document '%s'." % fh.filename or '[unnamed]', "notification") for fname in fnames: submission = Submission(g.source, fname) db_session.add(submission) if g.source.pending: g.source.pending = False # Generate a keypair now, if there's enough entropy (issue #303) entropy_avail = int(open('/proc/sys/kernel/random/entropy_avail').read()) if entropy_avail >= 2400: crypto_util.genkeypair(g.sid, g.codename) g.source.last_updated = datetime.now() db_session.commit() normalize_timestamps(g.sid) return redirect(url_for('lookup'))
def submit(): msg = request.form['msg'] fh = request.files['fh'] # Don't bother submitting anything if it was an "empty" submission. #878. if not (msg or fh): flash("You must enter a message or choose a file to submit.", "error") return redirect(url_for('lookup')) fnames = [] journalist_filename = g.source.journalist_filename first_submission = g.source.interaction_count == 0 if msg: g.source.interaction_count += 1 fnames.append( store.save_message_submission(g.sid, g.source.interaction_count, journalist_filename, msg)) if fh: g.source.interaction_count += 1 fnames.append( store.save_file_submission(g.sid, g.source.interaction_count, journalist_filename, fh.filename, fh.stream)) if first_submission: msg = render_template('first_submission_flashed_message.html') flash(Markup(msg), "success") else: if msg and not fh: things = 'message' elif not msg and fh: things = 'document' else: things = 'message and document' msg = render_template('next_submission_flashed_message.html', things=things) flash(Markup(msg), "success") for fname in fnames: submission = Submission(g.source, fname) db_session.add(submission) if g.source.pending: g.source.pending = False # Generate a keypair now, if there's enough entropy (issue #303) entropy_avail = int( open('/proc/sys/kernel/random/entropy_avail').read()) if entropy_avail >= 2400: async_genkey(g.sid, g.codename) g.source.last_updated = datetime.utcnow() db_session.commit() normalize_timestamps(g.sid) return redirect(url_for('lookup'))
def submit(): msg = request.form['msg'] fh = request.files['fh'] # Don't bother submitting anything if it was an "empty" submission. #878. if not (msg or fh): flash("You must enter a message or choose a file to submit.", "error") return redirect(url_for('lookup')) fnames = [] journalist_filename = g.source.journalist_filename first_submission = g.source.interaction_count == 0 if msg: g.source.interaction_count += 1 fnames.append( store.save_message_submission(g.sid, g.source.interaction_count, journalist_filename, msg)) if fh: g.source.interaction_count += 1 fnames.append( store.save_file_submission(g.sid, g.source.interaction_count, journalist_filename, fh.filename, fh.stream)) if first_submission: flash( "Thanks for submitting something to SecureDrop! Please check back later for replies.", "notification") else: if msg: flash("Thanks! We received your message.", "notification") if fh: flash( '{} "{}".'.format("Thanks! We received your document", fh.filename or '[unnamed]'), "notification") for fname in fnames: submission = Submission(g.source, fname) db_session.add(submission) if g.source.pending: g.source.pending = False # Generate a keypair now, if there's enough entropy (issue #303) entropy_avail = int( open('/proc/sys/kernel/random/entropy_avail').read()) if entropy_avail >= 2400: async_genkey(g.sid, g.codename) g.source.last_updated = datetime.utcnow() db_session.commit() normalize_timestamps(g.sid) return redirect(url_for('lookup'))
def submit(): msg = request.form['msg'] fh = request.files['fh'] # Don't submit anything if it was an "empty" submission. #878 if not (msg or fh): flash( gettext( "You must enter a message or choose a file to submit."), "error") return redirect(url_for('main.lookup')) fnames = [] journalist_filename = g.source.journalist_filename first_submission = g.source.interaction_count == 0 if msg: g.source.interaction_count += 1 fnames.append( store.save_message_submission(g.filesystem_id, g.source.interaction_count, journalist_filename, msg)) if fh: g.source.interaction_count += 1 fnames.append( store.save_file_submission(g.filesystem_id, g.source.interaction_count, journalist_filename, fh.filename, fh.stream)) if first_submission: msg = render_template('first_submission_flashed_message.html') flash(Markup(msg), "success") else: if msg and not fh: html_contents = gettext('Thanks! We received your message.') elif not msg and fh: html_contents = gettext('Thanks! We received your document.') else: html_contents = gettext('Thanks! We received your message and ' 'document.') msg = render_template('next_submission_flashed_message.html', html_contents=html_contents) flash(Markup(msg), "success") for fname in fnames: submission = Submission(g.source, fname) db_session.add(submission) if g.source.pending: g.source.pending = False # Generate a keypair now, if there's enough entropy (issue #303) # (gpg reads 300 bytes from /dev/random) entropy_avail = get_entropy_estimate() if entropy_avail >= 2400: async_genkey(g.filesystem_id, g.codename) current_app.logger.info( "generating key, entropy: {}".format(entropy_avail)) else: current_app.logger.warn( "skipping key generation. entropy: {}".format( entropy_avail)) g.source.last_updated = datetime.utcnow() db_session.commit() normalize_timestamps(g.filesystem_id) return redirect(url_for('main.lookup'))