def db_update_node(session, tid, user_session, request, language): """ Transaction to update the node configuration :param session: An ORM session :param tid: A tenant ID :param user_session: The current user session :param request: The request data :param language: the language in which to localize data :return: Return the serialized configuration for the specified tenant """ config = ConfigFactory(session, tid) enable_escrow = not config.get_val('escrow') and request.get('escrow', False) disable_escrow = user_session.ek and config.get_val('escrow') and not request.get('escrow', False) config.update('node', request) if request['enable_ricochet_panel'] and not request['ricochet_address']: request['enable_ricochet_panel'] = False # Validate that IP addresses/ranges we're getting are goo if 'ip_filter_admin' in request and request['ip_filter_admin_enable'] and request['ip_filter_admin']: parse_csv_ip_ranges_to_ip_networks(request['ip_filter_admin']) if 'languages_enabled' in request and 'default_language' in request: db_update_enabled_languages(session, tid, request['languages_enabled'], request['default_language']) if language in db_get_languages(session, tid): ConfigL10NFactory(session, tid).update('node', request, language) if enable_escrow: crypto_escrow_prv_key, State.tenant_cache[tid].crypto_escrow_pub_key = GCE.generate_keypair() user = db_get(session, models.User, models.User.id == user_session.user_id) user.crypto_escrow_prv_key = Base64Encoder.encode(GCE.asymmetric_encrypt(user.crypto_pub_key, crypto_escrow_prv_key)) if tid == 1: session.query(models.User).update({'password_change_needed': True}, synchronize_session=False) else: session.query(models.User).filter(models.User.tid == tid).update({'password_change_needed': True}, synchronize_session=False) if disable_escrow: if tid == 1: session.query(models.User).update({'crypto_escrow_bkp1_key': ''}, synchronize_session=False) else: session.query(models.User).update({'crypto_escrow_bkp2_key': ''}, synchronize_session=False) session.query(models.User).filter(models.User.tid == tid).update({'crypto_escrow_prv_key': ''}, synchronize_session=False) config.set_val('crypto_escrow_pub_key', State.tenant_cache[tid].crypto_escrow_pub_key) db_refresh_memory_variables(session, [tid]) if tid == 1: log.setloglevel(config.get_val('log_level')) return db_admin_serialize_node(session, tid, language)
def db_update_node(session, tid, request, language): """ Update and serialize the node infos :param session: the session on which perform queries. :param language: the language in which to localize data :return: a dictionary representing the serialization of the node """ node = ConfigFactory(session, tid, 'node') if tid != 1: request['enable_signup'] = False node.update(request) if request['basic_auth'] and request['basic_auth_username'] and request[ 'basic_auth_password']: node.set_val(u'basic_auth', True) node.set_val(u'basic_auth_username', request['basic_auth_username']) node.set_val(u'basic_auth_password', request['basic_auth_password']) else: node.set_val(u'basic_auth', False) db_update_enabled_languages(session, tid, request['languages_enabled'], request['default_language']) if language in request['languages_enabled']: node_l10n = NodeL10NFactory(session, tid) node_l10n.update(request, language) db_refresh_memory_variables(session, [tid]) # TODO pass instance of db_update_node into admin_serialize return db_admin_serialize_node(session, tid, language)
def db_admin_serialize_node(session, tid, language, config_node='admin_node'): """ Transaction for fetching the node configuration as admin :param session: An ORM session :param tid: A tenant ID :param language: The language to be used on serialization :param config_node: The set of variables to be serialized :return: Return the serialized configuration for the specified tenant """ ret = ConfigFactory(session, tid).serialize(config_node) logo = session.query(models.File.id).filter(models.File.tid == tid, models.File.name == 'logo').one_or_none() ret.update({ 'changelog': read_file('/usr/share/globaleaks/CHANGELOG'), 'license': read_file('/usr/share/globaleaks/LICENSE'), 'languages_supported': LANGUAGES_SUPPORTED, 'languages_enabled': db_get_languages(session, tid), 'root_tenant': tid == 1, 'https_possible': tid == 1 or State.tenant_cache[1].reachable_via_web, 'encryption_possible': tid == 1 or State.tenant_cache[1].encryption, 'logo': True if logo else False }) if 'version' in ret: ret['update_available'] = ret['version'] != ret['latest_version'] ret.update(ConfigL10NFactory(session, tid).serialize('node', language)) return ret
def update_notification(session, tid, request, language): config = ConfigFactory(session, tid) if request['smtp_password'] == '': del request['smtp_password'] config.update('notification', request) config_l10n = ConfigL10NFactory(session, tid) config_l10n.update('notification', request, language) db_refresh_memory_variables(session, [tid]) return db_get_notification(session, tid, language)
def db_update_node(session, tid, request, language): """ Update and serialize the node infos :param tid: :param request: :param session: the session on which perform queries. :param language: the language in which to localize data :return: a dictionary representing the serialization of the node """ config = ConfigFactory(session, tid) config.update('node', request) if 'basic_auth' in request and request['basic_auth'] and request[ 'basic_auth_username'] and request['basic_auth_password']: config.set_val('basic_auth', True) config.set_val('basic_auth_username', request['basic_auth_username']) config.set_val('basic_auth_password', request['basic_auth_password']) else: config.set_val('basic_auth', False) config.set_val('basic_auth_username', '') config.set_val('basic_auth_password', '') if request['enable_ricochet_panel'] and not request['ricochet_address']: request['enable_ricochet_panel'] = False # Validate that IP addresses/ranges we're getting are goo if 'ip_filter_admin' in request and request[ 'ip_filter_admin_enable'] and request['ip_filter_admin']: parse_csv_ip_ranges_to_ip_networks(request['ip_filter_admin']) if 'ip_filter_whistleblower_enable' in request and request[ 'ip_filter_whistleblower_enable'] and request[ 'ip_filter_whistleblower']: parse_csv_ip_ranges_to_ip_networks(request['ip_filter_whistleblower']) if 'languages_enabled' in request and 'default_language' in request: db_update_enabled_languages(session, tid, request['languages_enabled'], request['default_language']) if language in models.EnabledLanguage.list(session, tid): ConfigL10NFactory(session, tid).update('node', request, language) db_refresh_memory_variables(session, [tid]) if tid == 1: log.setloglevel(config.get_val('log_level')) return db_admin_serialize_node(session, tid, language)
def update_notification(session, tid, request, language): notif = ConfigFactory(session, tid, 'notification') if request['smtp_password'] == '': del request['smtp_password'] notif.update(request) notif_l10n = NotificationL10NFactory(session, tid) notif_l10n.update(request, language) if request.pop('reset_templates'): notif_l10n.reset_templates(load_appdata()) db_refresh_memory_variables(session, [tid]) return admin_serialize_notification(session, tid, language)
def update_notification(session, tid, request, language): config = ConfigFactory(session, tid) if request['smtp_password'] == '': del request['smtp_password'] config.update('notification', request) config_l10n = ConfigL10NFactory(session, tid) config_l10n.update('notification', request, language) if request.pop('reset_templates'): config_l10n.reset('notification', load_appdata()) db_refresh_memory_variables(session, [tid]) return admin_serialize_notification(session, tid, language)
def db_get_notification(session, tid, language): """ Transaction to get the notification settings for the specified tenant :param session: An ORM session :param tid: A tenant ID :param language: The language to be used in the serialization :return: the serialization of notification settings for the specified tenant """ ret = ConfigFactory(session, tid).serialize('notification') ret.update( ConfigL10NFactory(session, tid).serialize('notification', language)) ret['templates'] = ConfigL10NFilters['notification'] return ret
def db_update_node(session, tid, request, language, config_node): """ Update and serialize the node infos :param session: the session on which perform queries. :param language: the language in which to localize data :return: a dictionary representing the serialization of the node """ node = ConfigFactory(session, tid, config_node) node.update(request) if 'basic_auth' in request: if request['basic_auth'] and request[ 'basic_auth_username'] and request['basic_auth_password']: node.set_val(u'basic_auth', True) node.set_val(u'basic_auth_username', request['basic_auth_username']) node.set_val(u'basic_auth_password', request['basic_auth_password']) else: node.set_val(u'basic_auth', False) # Validate that IP addresses/ranges we're getting are goo if 'ip_filter_authenticated' in request: if request['ip_filter_authenticated_enable'] and request[ 'ip_filter_authenticated']: # Make sure we can validate and parse the whole thing parse_csv_ip_ranges_to_ip_networks( request['ip_filter_authenticated']) if 'languages_enabled' in request and 'default_language' in request: db_update_enabled_languages(session, tid, request['languages_enabled'], request['default_language']) if language in models.EnabledLanguage.list(session, tid): node_l10n = NodeL10NFactory(session, tid) node_l10n.update(request, language) db_refresh_memory_variables(session, [tid]) return db_admin_serialize_node(session, tid, language)
def db_serialize_node(session, tid, language): """ Serialize the public node configuration. :param session: An ORM session :param tid: A tenant ID :param language: The language to be used during serialization :return: The serialization of the public node configuration """ languages = db_get_languages(session, tid) ret = ConfigFactory(session, tid).serialize('public_node') ret.update(ConfigL10NFactory( session, tid, ).serialize('node', language)) ret['root_tenant'] = tid == 1 ret['languages_enabled'] = languages if ret['wizard_done'] else list( LANGUAGES_SUPPORTED_CODES) ret['languages_supported'] = LANGUAGES_SUPPORTED for x in special_files: ret[x] = session.query(models.File.id).filter( models.File.tid == tid, models.File.name == x).one_or_none() if tid != 1: root_tenant_node = ConfigFactory(session, 1) for varname in ['version', 'version_db', 'latest_version']: ret[varname] = root_tenant_node.get_val(varname) if language not in languages: language = root_tenant_node.get_val('default_language') root_tenant_l10n = ConfigL10NFactory(session, 1) if ret['mode'] != 'default': ret['onionservice'] = ret[ 'subdomain'] + '.' + root_tenant_node.get_val('onionservice') if ret['mode'] not in ['default', 'demo']: ret['disable_privacy_badge'] = root_tenant_node.get_val( 'disable_privacy_badge') ret['footer'] = root_tenant_l10n.get_val('footer', language) ret['whistleblowing_question'] = root_tenant_l10n.get_val( 'whistleblowing_question', language) ret['whistleblowing_button'] = root_tenant_l10n.get_val( 'whistleblowing_button', language) ret['enable_disclaimer'] = root_tenant_node.get_val( 'enable_disclaimer') ret['disclaimer_title'] = root_tenant_l10n.get_val( 'disclaimer_title', language) ret['disclaimer_text'] = root_tenant_l10n.get_val( 'disclaimer_text', language) for x in special_files: if not ret[x]: ret[x] = session.query(models.File.id).filter( models.File.tid == 1, models.File.name == x).one_or_none() return ret