def db_serialize_node(session, tid, language):
"""
Serialize the public node configuration.
:param session: An ORM session
:param tid: A tenant ID
:param language: The language to be used during serialization
:return: The serialization of the public node configuration
"""
node_dict = ConfigFactory(session, tid).serialize('public_node')
l10n_dict = ConfigL10NFactory(
session,
tid,
).serialize('node', language)
ret_dict = merge_dicts(node_dict, l10n_dict)
ret_dict['root_tenant'] = tid == 1
ret_dict['languages_enabled'] = models.EnabledLanguage.list(
session,
tid) if node_dict['wizard_done'] else list(LANGUAGES_SUPPORTED_CODES)
ret_dict['languages_supported'] = LANGUAGES_SUPPORTED
records = session.query(models.File.id, models.File.data).filter(
models.File.tid == tid, models.File.id.in_(['css', 'script']))
for x in records:
ret_dict[x[0]] = True
if tid != 1:
root_tenant_node = ConfigFactory(session, 1)
for varname in ['version', 'version_db', 'latest_version']:
ret_dict[varname] = root_tenant_node.get_val(varname)
if language not in models.EnabledLanguage.list(session, tid):
language = root_tenant_node.get_val('default_language')
root_tenant_l10n = ConfigL10NFactory(session, 1)
if ret_dict['mode'] != 'default':
ret_dict['footer'] = root_tenant_l10n.get_val('footer', language)
ret_dict['whistleblowing_question'] = root_tenant_l10n.get_val(
'whistleblowing_question', language)
ret_dict['whistleblowing_button'] = root_tenant_l10n.get_val(
'whistleblowing_button', language)
ret_dict['enable_disclaimer'] = root_tenant_node.get_val(
'enable_disclaimer')
ret_dict['disclaimer_title'] = root_tenant_l10n.get_val(
'disclaimer_title', language)
ret_dict['disclaimer_text'] = root_tenant_l10n.get_val(
'disclaimer_text', language)
records = session.query(models.File.id, models.File.data).filter(
models.File.tid == 1, models.File.id.in_(['css', 'script']))
for x in records:
if not ret_dict.get(x[0]):
ret_dict[x[0]] = True
return ret_dict
def db_serialize_node(session, tid, language):
"""
Serialize the public node configuration.
"""
node_dict = ConfigFactory(session, tid).serialize('public_node')
l10n_dict = ConfigL10NFactory(
session,
tid,
).serialize('node', language)
ret_dict = merge_dicts(node_dict, l10n_dict)
ret_dict['root_tenant'] = tid == 1
ret_dict['languages_enabled'] = models.EnabledLanguage.list(
session,
tid) if node_dict['wizard_done'] else list(LANGUAGES_SUPPORTED_CODES)
ret_dict['languages_supported'] = LANGUAGES_SUPPORTED
files = [u'logo', u'favicon', u'css', u'script']
records = session.query(models.File.id, models.File.data).filter(
models.File.tid == tid,
models.File.id.in_([u'logo', u'favicon', u'css', u'script']))
for x in records:
ret_dict[x[0]] = x[1] if x[0] == 'logo' else True
if tid != 1:
root_tenant_node = ConfigFactory(session, 1)
for varname in ['version', 'version_db', 'latest_version']:
ret_dict[varname] = root_tenant_node.get_val(varname)
if language not in models.EnabledLanguage.list(session, tid):
language = root_tenant_node.get_val(u'default_language')
root_tenant_l10n = ConfigL10NFactory(session, 1)
if ret_dict['mode'] != u'default':
ret_dict['footer'] = root_tenant_l10n.get_val(u'footer', language)
ret_dict['whistleblowing_question'] = root_tenant_l10n.get_val(
u'whistleblowing_question', language)
ret_dict['whistleblowing_button'] = root_tenant_l10n.get_val(
u'whistleblowing_button', language)
ret_dict['enable_disclaimer'] = root_tenant_node.get_val(
u'enable_disclaimer')
ret_dict['disclaimer_title'] = root_tenant_l10n.get_val(
u'disclaimer_title', language)
ret_dict['disclaimer_text'] = root_tenant_l10n.get_val(
u'disclaimer_text', language)
records = session.query(models.File.id, models.File.data).filter(
models.File.tid == 1,
models.File.id.in_([u'logo', u'favicon', u'css', u'script']))
for x in records:
if not ret_dict[x[0]]:
ret_dict[x[0]] = x[1] if x[0] == 'logo' else True
return ret_dict
def db_serialize_node(session, tid, language):
"""
Serialize the public node configuration.
"""
# Contexts and Receivers relationship
node_dict = ConfigFactory(session, tid).serialize('public_node')
l10n_dict = ConfigL10NFactory(
session,
tid,
).serialize('node', language)
ret_dict = merge_dicts(node_dict, l10n_dict)
ret_dict['root_tenant'] = tid == 1
ret_dict['languages_enabled'] = models.EnabledLanguage.list(
session,
tid) if node_dict['wizard_done'] else list(LANGUAGES_SUPPORTED_CODES)
ret_dict['languages_supported'] = LANGUAGES_SUPPORTED
files = [u'logo', u'favicon', u'css', u'script']
for x in files:
ret_dict[x] = db_get_file(session, tid, x)
if tid != 1:
root_tenant_node = ConfigFactory(session, 1)
for varname in ['version', 'version_db', 'latest_version']:
ret_dict[varname] = root_tenant_node.get_val(varname)
if language not in models.EnabledLanguage.list(session, tid):
language = root_tenant_node.get_val(u'default_language')
root_tenant_l10n = ConfigL10NFactory(session, 1)
if ret_dict['mode'] == u'whistleblowing.it' or ret_dict[
'mode'] == u'eat':
ret_dict['footer'] = root_tenant_l10n.get_val(u'footer', language)
ret_dict['whistleblowing_question'] = root_tenant_l10n.get_val(
u'whistleblowing_question', language)
ret_dict['whistleblowing_button'] = root_tenant_l10n.get_val(
u'whistleblowing_button', language)
ret_dict['enable_disclaimer'] = root_tenant_node.get_val(
u'enable_disclaimer')
ret_dict['disclaimer_title'] = root_tenant_l10n.get_val(
u'disclaimer_title', language)
ret_dict['disclaimer_text'] = root_tenant_l10n.get_val(
u'disclaimer_text', language)
for x in files:
if not ret_dict[x]:
ret_dict[x] = db_get_file(session, 1, x)
return ret_dict
def db_admin_serialize_node(session, tid, language, config_node='admin_node'):
"""
Transaction for fetching the node configuration as admin
:param session: An ORM session
:param tid: A tenant ID
:param language: The language to be used on serialization
:param config_node: The set of variables to be serialized
:return: Return the serialized configuration for the specified tenant
"""
config = ConfigFactory(session, tid).serialize(config_node)
misc_dict = {
'languages_supported': LANGUAGES_SUPPORTED,
'languages_enabled': models.EnabledLanguage.list(session, tid),
'root_tenant': tid == 1,
'https_possible': tid == 1 or State.tenant_cache[1].reachable_via_web,
}
if tid != 1:
root_tenant_node = ConfigFactory(session, 1)
misc_dict['version'] = root_tenant_node.get_val('version')
misc_dict['latest_version'] = root_tenant_node.get_val(
'latest_version')
l10n_dict = ConfigL10NFactory(session, tid).serialize('node', language)
return utils.sets.merge_dicts(config, misc_dict, l10n_dict)
def db_admin_serialize_node(session, tid, language, config_node='admin_node'):
"""
Transaction for fetching the node configuration as admin
:param session: An ORM session
:param tid: A tenant ID
:param language: The language to be used on serialization
:param config_node: The set of variables to be serialized
:return: Return the serialized configuration for the specified tenant
"""
config = ConfigFactory(session, tid).serialize(config_node)
logo = session.query(models.File.data).filter(models.File.tid == tid, models.File.id == 'logo').one_or_none()
misc_dict = {
'languages_supported': LANGUAGES_SUPPORTED,
'languages_enabled': db_get_languages(session, tid),
'root_tenant': tid == 1,
'https_possible': tid == 1 or State.tenant_cache[1].reachable_via_web,
'encryption_possible': tid == 1 or State.tenant_cache[1].encryption,
'logo': logo if logo else ''
}
if tid != 1:
root_tenant_node = ConfigFactory(session, 1)
misc_dict['version'] = root_tenant_node.get_val('version')
misc_dict['latest_version'] = root_tenant_node.get_val('latest_version')
l10n_dict = ConfigL10NFactory(session, tid).serialize('node', language)
return utils.sets.merge_dicts(config, misc_dict, l10n_dict)
def db_admin_serialize_node(session, tid, language, config_node='admin_node'):
config = ConfigFactory(session, tid).serialize(config_node)
# Contexts and Receivers relationship
configured = session.query(models.ReceiverContext).filter(
models.ReceiverContext.context_id == models.Context.id,
models.Context.tid).count() > 0
misc_dict = {
'encryption_available': GCE.ENCRYPTION_AVAILABLE,
'languages_supported': LANGUAGES_SUPPORTED,
'languages_enabled': models.EnabledLanguage.list(session, tid),
'configured': configured,
'root_tenant': tid == 1,
'https_possible': tid == 1 or State.tenant_cache[1].reachable_via_web,
}
if tid != 1:
root_tenant_node = ConfigFactory(session, 1)
misc_dict['version'] = root_tenant_node.get_val(u'version')
misc_dict['latest_version'] = root_tenant_node.get_val(
u'latest_version')
l10n_dict = ConfigL10NFactory(session, tid).serialize('node', language)
return utils.sets.merge_dicts(config, misc_dict, l10n_dict)
def db_admin_serialize_node(session, tid, language, config_node='admin_node'):
"""
Transaction for fetching the node configuration as admin
:param session: An ORM session
:param tid: A tenant ID
:param language: The language to be used on serialization
:param config_node: The set of variables to be serialized
:return: Return the serialized configuration for the specified tenant
"""
ret = ConfigFactory(session, tid).serialize(config_node)
logo = session.query(models.File.id).filter(models.File.tid == tid, models.File.name == 'logo').one_or_none()
ret.update({
'changelog': read_file('/usr/share/globaleaks/CHANGELOG'),
'license': read_file('/usr/share/globaleaks/LICENSE'),
'languages_supported': LANGUAGES_SUPPORTED,
'languages_enabled': db_get_languages(session, tid),
'root_tenant': tid == 1,
'https_possible': tid == 1 or State.tenant_cache[1].reachable_via_web,
'encryption_possible': tid == 1 or State.tenant_cache[1].encryption,
'logo': True if logo else False
})
if 'version' in ret:
ret['update_available'] = ret['version'] != ret['latest_version']
ret.update(ConfigL10NFactory(session, tid).serialize('node', language))
return ret
def update_notification(session, tid, request, language):
ConfigFactory(session, tid).update('notification', request)
ConfigL10NFactory(session, tid).update('notification', request, language)
db_refresh_memory_variables(session, [tid])
return db_get_notification(session, tid, language)
def db_update_node(session, tid, user_session, request, language):
"""
Transaction to update the node configuration
:param session: An ORM session
:param tid: A tenant ID
:param user_session: The current user session
:param request: The request data
:param language: the language in which to localize data
:return: Return the serialized configuration for the specified tenant
"""
config = ConfigFactory(session, tid)
enable_escrow = not config.get_val('escrow') and request.get('escrow', False)
disable_escrow = user_session.ek and config.get_val('escrow') and not request.get('escrow', False)
config.update('node', request)
if request['enable_ricochet_panel'] and not request['ricochet_address']:
request['enable_ricochet_panel'] = False
# Validate that IP addresses/ranges we're getting are goo
if 'ip_filter_admin' in request and request['ip_filter_admin_enable'] and request['ip_filter_admin']:
parse_csv_ip_ranges_to_ip_networks(request['ip_filter_admin'])
if 'languages_enabled' in request and 'default_language' in request:
db_update_enabled_languages(session,
tid,
request['languages_enabled'],
request['default_language'])
if language in db_get_languages(session, tid):
ConfigL10NFactory(session, tid).update('node', request, language)
if enable_escrow:
crypto_escrow_prv_key, State.tenant_cache[tid].crypto_escrow_pub_key = GCE.generate_keypair()
user = db_get(session, models.User, models.User.id == user_session.user_id)
user.crypto_escrow_prv_key = Base64Encoder.encode(GCE.asymmetric_encrypt(user.crypto_pub_key, crypto_escrow_prv_key))
if tid == 1:
session.query(models.User).update({'password_change_needed': True}, synchronize_session=False)
else:
session.query(models.User).filter(models.User.tid == tid).update({'password_change_needed': True}, synchronize_session=False)
if disable_escrow:
if tid == 1:
session.query(models.User).update({'crypto_escrow_bkp1_key': ''}, synchronize_session=False)
else:
session.query(models.User).update({'crypto_escrow_bkp2_key': ''}, synchronize_session=False)
session.query(models.User).filter(models.User.tid == tid).update({'crypto_escrow_prv_key': ''}, synchronize_session=False)
config.set_val('crypto_escrow_pub_key', State.tenant_cache[tid].crypto_escrow_pub_key)
db_refresh_memory_variables(session, [tid])
if tid == 1:
log.setloglevel(config.get_val('log_level'))
return db_admin_serialize_node(session, tid, language)
def update_notification(session, tid, request, language):
config = ConfigFactory(session, tid)
if request['smtp_password'] == '':
del request['smtp_password']
config.update('notification', request)
config_l10n = ConfigL10NFactory(session, tid)
config_l10n.update('notification', request, language)
db_refresh_memory_variables(session, [tid])
return db_get_notification(session, tid, language)
def admin_serialize_notification(session, tid, language):
config_dict = ConfigFactory(session, tid).serialize('admin_notification')
conf_l10n_dict = ConfigL10NFactory(session,
tid).serialize('notification', language)
cmd_flags = {
'reset_templates': False,
'exception_email_pgp_key_remove': False,
'smtp_password': '',
}
return merge_dicts(config_dict, cmd_flags, conf_l10n_dict)
def db_update_node(session, tid, request, language):
"""
Update and serialize the node infos
:param tid:
:param request:
:param session: the session on which perform queries.
:param language: the language in which to localize data
:return: a dictionary representing the serialization of the node
"""
config = ConfigFactory(session, tid)
config.update('node', request)
if 'basic_auth' in request and request['basic_auth'] and request[
'basic_auth_username'] and request['basic_auth_password']:
config.set_val('basic_auth', True)
config.set_val('basic_auth_username', request['basic_auth_username'])
config.set_val('basic_auth_password', request['basic_auth_password'])
else:
config.set_val('basic_auth', False)
config.set_val('basic_auth_username', '')
config.set_val('basic_auth_password', '')
if request['enable_ricochet_panel'] and not request['ricochet_address']:
request['enable_ricochet_panel'] = False
# Validate that IP addresses/ranges we're getting are goo
if 'ip_filter_admin' in request and request[
'ip_filter_admin_enable'] and request['ip_filter_admin']:
parse_csv_ip_ranges_to_ip_networks(request['ip_filter_admin'])
if 'ip_filter_whistleblower_enable' in request and request[
'ip_filter_whistleblower_enable'] and request[
'ip_filter_whistleblower']:
parse_csv_ip_ranges_to_ip_networks(request['ip_filter_whistleblower'])
if 'languages_enabled' in request and 'default_language' in request:
db_update_enabled_languages(session, tid, request['languages_enabled'],
request['default_language'])
if language in models.EnabledLanguage.list(session, tid):
ConfigL10NFactory(session, tid).update('node', request, language)
db_refresh_memory_variables(session, [tid])
if tid == 1:
log.setloglevel(config.get_val('log_level'))
return db_admin_serialize_node(session, tid, language)
def update_notification(session, tid, request, language):
config = ConfigFactory(session, tid)
if request['smtp_password'] == '':
del request['smtp_password']
config.update('notification', request)
config_l10n = ConfigL10NFactory(session, tid)
config_l10n.update('notification', request, language)
if request.pop('reset_templates'):
config_l10n.reset('notification', load_appdata())
db_refresh_memory_variables(session, [tid])
return admin_serialize_notification(session, tid, language)
def db_get_notification(session, tid, language):
"""
Transaction to get the notification settings for the specified tenant
:param session: An ORM session
:param tid: A tenant ID
:param language: The language to be used in the serialization
:return: the serialization of notification settings for the specified tenant
"""
ret = ConfigFactory(session, tid).serialize('notification')
ret.update(
ConfigL10NFactory(session, tid).serialize('notification', language))
ret['templates'] = ConfigL10NFilters['notification']
return ret
def db_admin_serialize_node(session, tid, language, config_node='admin_node'):
config = ConfigFactory(session, tid).serialize(config_node)
misc_dict = {
'languages_supported': LANGUAGES_SUPPORTED,
'languages_enabled': models.EnabledLanguage.list(session, tid),
'root_tenant': tid == 1,
'https_possible': tid == 1 or State.tenant_cache[1].reachable_via_web,
}
if tid != 1:
root_tenant_node = ConfigFactory(session, 1)
misc_dict['version'] = root_tenant_node.get_val('version')
misc_dict['latest_version'] = root_tenant_node.get_val('latest_version')
l10n_dict = ConfigL10NFactory(session, tid).serialize('node', language)
return utils.sets.merge_dicts(config, misc_dict, l10n_dict)
def db_get_notification(session, tid, language):
"""
Transaction to get the notification settings for the specified tenant
:param session: An ORM session
:param tid: A tenant ID
:param language: The language to be used in the serialization
:return: the serialization of notification settings for the specified tenant
"""
config_dict = ConfigFactory(session, tid).serialize('admin_notification')
conf_l10n_dict = ConfigL10NFactory(session,
tid).serialize('notification', language)
additional_dict = {
'smtp_password': '',
'templates': ConfigL10NFilters['notification']
}
return merge_dicts(config_dict, conf_l10n_dict, additional_dict)
def db_get_notification(session, tid, language):
"""
Transaction to get the notification settings for the specified tenant
:param session: An ORM session
:param tid: A tenant ID
:param language: The language to be used in the serialization
:return: the serialization of notification settings for the specified tenant
"""
config_dict = ConfigFactory(session, tid).serialize('admin_notification')
conf_l10n_dict = ConfigL10NFactory(session,
tid).serialize('notification', language)
cmd_flags = {
'reset_templates': False,
'exception_email_pgp_key_remove': False,
'smtp_password': '',
}
return merge_dicts(config_dict, cmd_flags, conf_l10n_dict)
def db_serialize_node(session, tid, language):
"""
Serialize the public node configuration.
:param session: An ORM session
:param tid: A tenant ID
:param language: The language to be used during serialization
:return: The serialization of the public node configuration
"""
languages = db_get_languages(session, tid)
ret = ConfigFactory(session, tid).serialize('public_node')
ret.update(ConfigL10NFactory(
session,
tid,
).serialize('node', language))
ret['root_tenant'] = tid == 1
ret['languages_enabled'] = languages if ret['wizard_done'] else list(
LANGUAGES_SUPPORTED_CODES)
ret['languages_supported'] = LANGUAGES_SUPPORTED
for x in special_files:
ret[x] = session.query(models.File.id).filter(
models.File.tid == tid, models.File.name == x).one_or_none()
if tid != 1:
root_tenant_node = ConfigFactory(session, 1)
for varname in ['version', 'version_db', 'latest_version']:
ret[varname] = root_tenant_node.get_val(varname)
if language not in languages:
language = root_tenant_node.get_val('default_language')
root_tenant_l10n = ConfigL10NFactory(session, 1)
if ret['mode'] != 'default':
ret['onionservice'] = ret[
'subdomain'] + '.' + root_tenant_node.get_val('onionservice')
if ret['mode'] not in ['default', 'demo']:
ret['disable_privacy_badge'] = root_tenant_node.get_val(
'disable_privacy_badge')
ret['footer'] = root_tenant_l10n.get_val('footer', language)
ret['whistleblowing_question'] = root_tenant_l10n.get_val(
'whistleblowing_question', language)
ret['whistleblowing_button'] = root_tenant_l10n.get_val(
'whistleblowing_button', language)
ret['enable_disclaimer'] = root_tenant_node.get_val(
'enable_disclaimer')
ret['disclaimer_title'] = root_tenant_l10n.get_val(
'disclaimer_title', language)
ret['disclaimer_text'] = root_tenant_l10n.get_val(
'disclaimer_text', language)
for x in special_files:
if not ret[x]:
ret[x] = session.query(models.File.id).filter(
models.File.tid == 1,
models.File.name == x).one_or_none()
return ret
def reset_templates(session, tid):
config_l10n = ConfigL10NFactory(session, tid)
config_l10n.reset('notification', load_appdata())
