def post(self, tip_id):
"""
Errors: ModelNotFound, ForbiddenOperation
"""
uploaded_file = self.get_file_upload()
if uploaded_file is None:
return
yield self.can_perform_action(tip_id, uploaded_file['name'])
rtip = yield get_rtip(self.current_user.user_id, tip_id, self.request.language)
# First: dump the file in the filesystem
filename = string.split(os.path.basename(uploaded_file['path']), '.aes')[0] + '.plain'
dst = os.path.join(GLSettings.submission_path, filename)
directory_traversal_check(GLSettings.submission_path, dst)
uploaded_file = yield threads.deferToThread(write_upload_plaintext_to_disk, uploaded_file, dst)
uploaded_file['creation_date'] = datetime_now()
uploaded_file['submission'] = False
yield register_wbfile_on_db(rtip['id'], uploaded_file)
log.debug("Recorded new WhistleblowerFile %s", uploaded_file['name'])
def post(self, tip_id):
"""
Errors: TipIdNotFound, ForbiddenOperation
"""
err = yield self.can_perform_action(tip_id)
if err is not None:
raise err
rtip = yield get_rtip(self.current_user.user_id, tip_id, self.request.language)
uploaded_file = self.get_file_upload()
if uploaded_file is None:
return
try:
# First: dump the file in the filesystem
filename = string.split(os.path.basename(uploaded_file['path']), '.aes')[0] + '.plain'
dst = os.path.join(GLSettings.submission_path, filename)
directory_traversal_check(GLSettings.submission_path, dst)
uploaded_file = yield threads.deferToThread(write_upload_plaintext_to_disk, uploaded_file, dst)
except Exception as excep:
log.err("Unable to save a file in filesystem: %s" % excep)
raise errors.InternalServerError("Unable to accept new files")
uploaded_file['creation_date'] = datetime_now()
uploaded_file['submission'] = False
try:
# Second: register the file in the database
yield register_wbfile_on_db(uploaded_file, rtip['id'])
except Exception as excep:
raise errors.InternalServerError("Unable to accept new files: %s" % excep)
def get(self, rfile_id):
rfile = yield self.download_rfile(self.current_user.user_id, rfile_id)
filelocation = os.path.join(GLSettings.submission_path, rfile['path'])
directory_traversal_check(GLSettings.submission_path, filelocation)
self.force_file_download(rfile['name'], filelocation)
def get(self, rfile_id):
rfile = yield self.download_rfile(self.current_user.user_id, rfile_id)
filelocation = os.path.join(GLSettings.submission_path, rfile['path'])
directory_traversal_check(GLSettings.submission_path, filelocation)
self.force_file_download(rfile['name'], filelocation)
def post(self, tip_id):
"""
Errors: TipIdNotFound, ForbiddenOperation
"""
err = yield self.can_perform_action(tip_id)
if err is not None:
raise err
rtip = yield get_rtip(self.current_user.user_id, tip_id, self.request.language)
uploaded_file = self.get_file_upload()
if uploaded_file is None:
return
try:
# First: dump the file in the filesystem
filename = string.split(os.path.basename(uploaded_file['path']), '.aes')[0] + '.plain'
dst = os.path.join(GLSettings.submission_path, filename)
directory_traversal_check(GLSettings.submission_path, dst)
uploaded_file = yield threads.deferToThread(write_upload_plaintext_to_disk, uploaded_file, dst)
except Exception as excep:
log.err("Unable to save a file in filesystem: %s" % excep)
raise errors.InternalServerError("Unable to accept new files")
uploaded_file['creation_date'] = datetime_now()
uploaded_file['submission'] = False
try:
# Second: register the file in the database
yield register_wbfile_on_db(uploaded_file, rtip['id'])
except Exception as excep:
raise errors.InternalServerError("Unable to accept new files")
self.set_status(201) # Created
