def db_create_whistleblower_tip(store, internaltip): """ The plaintext receipt is returned only now, and then is stored hashed in the WBtip table """ wbtip = models.WhistleblowerTip() receipt = unicode(rstr.xeger(GLSettings.receipt_regexp)) wbtip.receipt_hash = hash_password(receipt, GLSettings.memory_copy.receipt_salt) wbtip.access_counter = 0 wbtip.internaltip_id = internaltip.id store.add(wbtip) created_rtips = [ db_create_receivertip(store, receiver, internaltip) for receiver in internaltip.receivers ] internaltip.new = False if len(created_rtips): log.debug( "The finalized submissions had created %d models.ReceiverTip(s)" % len(created_rtips)) return receipt, wbtip
def db_create_user(store, request, language): fill_localized_keys(request, models.User.localized_keys, language) user = models.User({ 'username': request['username'], 'role': request['role'], 'state': u'enabled', 'deletable': request['deletable'], 'name': request['name'], 'description': request['description'], 'public_name': request['public_name'] if request['public_name'] != '' else request['name'], 'language': language, 'password_change_needed': request['password_change_needed'], 'mail_address': request['mail_address'] }) if request['username'] == '': user.username = user.id password = request['password'] if len(password) == 0: password = GLSettings.memory_copy.default_password user.salt = security.generateRandomSalt() user.password = security.hash_password(password, user.salt) # The various options related in manage PGP keys are used here. parse_pgp_options(user, request) store.add(user) return user
def db_admin_update_user(store, user_id, request, language): """ Updates the specified user. raises: globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist. """ user = models.User.get(store, user_id) if not user: raise errors.UserIdNotFound fill_localized_keys(request, models.User.localized_keys, language) user.name = request['name'] user.description = request['description'] user.state = request['state'] user.password_change_needed = request['password_change_needed'] user.mail_address = request['mail_address'] user.language = request.get('language', GLSettings.memory_copy.default_language) user.timezone = request.get('timezone', GLSettings.memory_copy.default_timezone) password = request['password'] if len(password): security.check_password_format(password) user.password = security.hash_password(password, user.salt) user.password_change_date = datetime_now() # The various options related in manage PGP keys are used here. parse_pgp_options(user, request) return user
def db_admin_update_user(store, user_id, request, language): """ Updates the specified user. raises: globaleaks.errors.UserIdNotFound` if the user does not exist. """ user = models.User.get(store, user_id) if not user: raise errors.UserIdNotFound fill_localized_keys(request, models.User.localized_keys, language) user.update(request) password = request['password'] if len(password) > 0: user.password = security.hash_password(password, user.salt) user.password_change_date = datetime_now() # The various options related in manage PGP keys are used here. parse_pgp_options(user, request) if user.role == 'admin': db_refresh_exception_delivery_list(store) return user
def db_create_whistleblower_tip(store, internaltip): """ The plaintext receipt is returned only now, and then is stored hashed in the WBtip table """ wbtip = WhistleblowerTip() node = store.find(Node).one() receipt = unicode(rstr.xeger(GLSettings.receipt_regexp)) wbtip.receipt_hash = hash_password(receipt, node.receipt_salt) wbtip.access_counter = 0 wbtip.internaltip_id = internaltip.id store.add(wbtip) created_rtips = [] for receiver in internaltip.receivers: rtip_id = db_create_receivertip(store, receiver, internaltip) internaltip.new = False if len(created_rtips): log.debug("The finalized submissions had created %d ReceiverTip(s)" % len(created_rtips)) return receipt
def db_create_user(store, request, language): fill_localized_keys(request, models.User.localized_keys, language) user = models.User({ 'username': request['username'], 'role': request['role'], 'state': u'enabled', 'deletable': request['deletable'], 'name': request['name'], 'description': request['description'], 'public_name': request['public_name'] if request['public_name'] else request['name'], 'language': language, 'password_change_needed': request['password_change_needed'], 'mail_address': request['mail_address'] }) if not request['username']: user.username = user.id password = request['password'] if request['password'] else State.tenant_cache[1].default_password user.salt = security.generateRandomSalt() user.password = security.hash_password(password, user.salt) # The various options related in manage PGP keys are used here. parse_pgp_options(user, request) store.add(user) return user
def login_whistleblower(store, receipt, using_tor2web): """ login_whistleblower returns the WhistleblowerTip.id """ hashed_receipt = security.hash_password( receipt, GLSettings.memory_copy.private.receipt_salt) wbtip = store.find( WhistleblowerTip, WhistleblowerTip.receipt_hash == unicode(hashed_receipt)).one() if not wbtip: log.debug("Whistleblower login: Invalid receipt") GLSettings.failed_login_attempts += 1 raise errors.InvalidAuthentication if using_tor2web and not GLSettings.memory_copy.accept_tor2web_access[ 'whistleblower']: log.err("Denied login request on Tor2web for role 'whistleblower'") raise errors.TorNetworkRequired else: log.debug("Accepted login request on Tor2web for role 'whistleblower'") log.debug("Whistleblower login: Valid receipt") wbtip.last_access = datetime_now() store.commit( ) # the transact was read only! on success we apply the commit() return wbtip.id
def update_receiver(store, receiver_id, request, language=GLSetting.memory_copy.default_language): """ Updates the specified receiver with the details. raises :class:`globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist. """ receiver = models.Receiver.get(store, receiver_id) if not receiver: raise errors.ReceiverIdNotFound fill_localized_keys(request, models.Receiver.localized_strings, language) mail_address = request['mail_address'] homonymous = store.find(models.User, models.User.username == mail_address).one() if homonymous and homonymous.id != receiver.user_id: log.err("Update error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) receiver.mail_address = mail_address # the email address it's also the username, stored in User receiver.user.username = mail_address receiver.user.state = request['state'] # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) receiver.user.language = request.get('language', GLSetting.memory_copy.default_language) receiver.user.timezone = request.get('timezone', GLSetting.memory_copy.default_timezone) password = request['password'] if len(password): security.check_password_format(password) receiver.user.password = security.hash_password(password, receiver.user.salt) receiver.user.password_change_date = datetime_now() contexts = request.get('contexts', []) for context in receiver.contexts: receiver.contexts.remove(context) for context_id in contexts: context = models.Context.get(store, context_id) if not context: log.err("Update error: unexistent context can't be associated") raise errors.ContextIdNotFound receiver.contexts.add(context) receiver.last_update = datetime_now() try: receiver.update(request) except DatabaseError as dberror: log.err("Unable to update receiver %s: %s" % (receiver.name, dberror)) raise errors.InvalidInputFormat(dberror) return admin_serialize_receiver(receiver, language)
def test_pass_hash(self): dummy_password = "******" dummy_salt_input = "*****@*****.**" sure_bin = scrypt.hash(dummy_password, get_salt(dummy_salt_input)) sure = binascii.b2a_hex(sure_bin) not_sure = hash_password(dummy_password, dummy_salt_input) self.assertEqual(sure, not_sure)
def test_001_pass_hash(self): dummy_password = "******" dummy_salt_input = "*****@*****.**" sure_bin = scrypt.hash(dummy_password, get_salt(dummy_salt_input) ) sure = binascii.b2a_hex(sure_bin) not_sure = hash_password(dummy_password, dummy_salt_input) self.assertEqual(sure, not_sure)
def db_create_receiver(store, request, language): """ Creates a new receiver. Returns: (dict) the configured receiver """ fill_localized_keys(request, models.Receiver.localized_strings, language) password = request['password'] if len(password) and password != GLSettings.default_password: security.check_password_format(password) else: password = GLSettings.default_password receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}')) receiver_password = security.hash_password(password, receiver_salt) # ping_mail_address is duplicated at creation time from mail_address request.update({'ping_mail_address': request['mail_address']}) receiver = models.Receiver(request) receiver_user_dict = { 'username': uuid4(), 'password': receiver_password, 'salt': receiver_salt, 'role': u'receiver', 'state': u'enabled', 'language': u'en', 'timezone': 0, 'password_change_needed': True, 'mail_address': request['mail_address'] } receiver_user = models.User(receiver_user_dict) # The various options related in manage PGP keys are used here. pgp_options_parse(receiver, request) # Set receiver.id = receiver.user.username = receiver.user.id receiver.id = receiver_user.username = receiver_user.id store.add(receiver_user) store.add(receiver) create_random_receiver_portrait(receiver.id) contexts = request.get('contexts', []) for context_id in contexts: context = models.Context.get(store, context_id) if not context: log.err("Creation error: invalid Context can't be associated") raise errors.ContextIdNotFound context.receivers.add(receiver) log.debug("Created receiver %s" % receiver.user.username) return admin_serialize_receiver(receiver, language)
def db_create_receiver(store, request, language): """ Creates a new receiver. Returns: (dict) the configured receiver """ fill_localized_keys(request, models.Receiver.localized_strings, language) password = request['password'] if len(password) and password != GLSetting.default_password: security.check_password_format(password) else: password = GLSetting.default_password receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}')) receiver_password = security.hash_password(password, receiver_salt) receiver_user_dict = { 'username': uuid4(), 'password': receiver_password, 'salt': receiver_salt, 'role': u'receiver', 'state': u'enabled', 'language': u"en", 'timezone': 0, 'password_change_needed': True, } receiver_user = models.User(receiver_user_dict) receiver_user.last_login = datetime_null() receiver_user.password_change_date = datetime_null() store.add(receiver_user) # ping_mail_address is duplicated at creation time from mail_address request.update({'ping_mail_address': request['mail_address']}) receiver = models.Receiver(request) receiver.user = receiver_user # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) log.debug("Creating receiver %s" % receiver.user.username) store.add(receiver) create_random_receiver_portrait(receiver.id) contexts = request.get('contexts', []) for context_id in contexts: context = models.Context.get(store, context_id) if not context: log.err("Creation error: invalid Context can't be associated") raise errors.ContextIdNotFound context.receivers.add(receiver) return admin_serialize_receiver(receiver, language)
def update_receiver(store, id, request, language=GLSetting.memory_copy.default_language): """ Updates the specified receiver with the details. raises :class:`globaleaks.errors.ReceiverGusNotFound` if the receiver does not exist. """ receiver = store.find(Receiver, Receiver.id == unicode(id)).one() v = dict(request) for attr in getattr(Receiver, "localized_strings"): v[attr] = getattr(receiver, attr) v[attr][language] = unicode(request[attr]) request = v if not receiver: raise errors.ReceiverGusNotFound mail_address = utility.acquire_mail_address(request) if not mail_address: raise errors.NoEmailSpecified homonymous = store.find(User, User.username == mail_address).one() if homonymous and homonymous.id != receiver.user_id: log.err("Update error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) receiver.notification_fields = request['notification_fields'] receiver.tags = request['tags'] # the email address it's also the username, stored in User receiver.user.username = mail_address # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) password = request.get('password') if len(password): security.check_password_format(password) receiver.user.password = security.hash_password(password, receiver.user.salt) contexts = request.get('contexts', []) for context in receiver.contexts: receiver.contexts.remove(context) for context_id in contexts: context = store.find(Context, Context.id == context_id).one() if not context: log.err("Update error: unexistent context can't be associated") raise errors.ContextGusNotFound receiver.contexts.add(context) receiver.update(request) receiver.last_update = utility.datetime_now() return admin_serialize_receiver(receiver, language)
def test_pass_hash(self): dummy_password = "******" dummy_salt = generateRandomSalt() sure_bin = scrypt.hash(dummy_password, dummy_salt) sure = binascii.b2a_hex(sure_bin) not_sure = hash_password(dummy_password, dummy_salt) self.assertEqual(sure, not_sure)
def update_receiver(store, receiver_id, request, language=GLSetting.memory_copy.default_language): """ Updates the specified receiver with the details. raises :class:`globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist. """ receiver = store.find(Receiver, Receiver.id == unicode(receiver_id)).one() if not receiver: raise errors.ReceiverIdNotFound mo = structures.Rosetta() mo.acquire_request(language, request, Receiver) for attr in mo.get_localized_attrs(): request[attr] = mo.get_localized_dict(attr) mail_address = request['mail_address'] homonymous = store.find(User, User.username == mail_address).one() if homonymous and homonymous.id != receiver.user_id: log.err("Update error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) receiver.mail_address = mail_address receiver.tags = request['tags'] # the email address it's also the username, stored in User receiver.user.username = mail_address # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) password = request['password'] if len(password): security.check_password_format(password) receiver.user.password = security.hash_password(password, receiver.user.salt) contexts = request.get('contexts', []) for context in receiver.contexts: receiver.contexts.remove(context) for context_id in contexts: context = store.find(Context, Context.id == context_id).one() if not context: log.err("Update error: unexistent context can't be associated") raise errors.ContextIdNotFound receiver.contexts.add(context) receiver.last_update = datetime_now() try: receiver.update(request) except Exception as dberror: log.err("Unable to update receiver %s: %s" % (receiver.name, dberror)) raise errors.InvalidInputFormat(dberror) return admin_serialize_receiver(receiver, language)
def login_wb(store, receipt): try: node = store.find(Node).one() hashed_receipt = security.hash_password(receipt, node.receipt_salt) wb_tip = store.find(WhistleblowerTip, WhistleblowerTip.receipt_hash == unicode(hashed_receipt)).one() except NotOneError, e: # This is one of the fatal error that never need to happen log.err("Expected unique fields (receipt) not unique when hashed %s" % receipt) return False
def db_create_whistleblowertip(store, internaltip): """ The plaintext receipt is returned only now, and then is stored hashed in the WBtip table """ receipt = unicode(generateRandomReceipt()) wbtip = models.WhistleblowerTip() wbtip.id = internaltip.id wbtip.receipt_hash = hash_password(receipt, GLSettings.memory_copy.private.receipt_salt) store.add(wbtip) return receipt, wbtip
def update_receiver(store, receiver_id, request, language): """ Updates the specified receiver with the details. raises :class:`globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist. """ receiver = models.Receiver.get(store, receiver_id) if not receiver: raise errors.ReceiverIdNotFound fill_localized_keys(request, models.Receiver.localized_strings, language) receiver.user.state = request['state'] receiver.user.password_change_needed = request['password_change_needed'] receiver.user.mail_address = request['mail_address'] # The various options related in manage PGP keys are used here. pgp_options_parse(receiver, request) receiver.user.language = request.get( 'language', GLSettings.memory_copy.default_language) receiver.user.timezone = request.get( 'timezone', GLSettings.memory_copy.default_timezone) password = request['password'] if len(password): security.check_password_format(password) receiver.user.password = security.hash_password( password, receiver.user.salt) receiver.user.password_change_date = datetime_now() contexts = request.get('contexts', []) for context in receiver.contexts: receiver.contexts.remove(context) for context_id in contexts: context = models.Context.get(store, context_id) if not context: raise errors.ContextIdNotFound receiver.contexts.add(context) try: receiver.update(request) except DatabaseError as dberror: log.err("Unable to update receiver %s: %s" % (receiver.name, dberror)) raise errors.InvalidInputFormat(dberror) return admin_serialize_receiver(receiver, language)
def update_receiver(store, receiver_id, request, language): """ Updates the specified receiver with the details. raises :class:`globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist. """ receiver = models.Receiver.get(store, receiver_id) if not receiver: raise errors.ReceiverIdNotFound fill_localized_keys(request, models.Receiver.localized_strings, language) receiver.user.state = request['state'] receiver.user.password_change_needed = request['password_change_needed'] # The various options related in manage PGP keys are used here. pgp_options_parse(receiver, request) receiver.user.language = request.get('language', GLSetting.memory_copy.language) receiver.user.timezone = request.get('timezone', GLSetting.memory_copy.default_timezone) password = request['password'] if len(password): security.check_password_format(password) receiver.user.password = security.hash_password(password, receiver.user.salt) receiver.user.password_change_date = datetime_now() contexts = request.get('contexts', []) for context in receiver.contexts: receiver.contexts.remove(context) for context_id in contexts: context = models.Context.get(store, context_id) if not context: raise errors.ContextIdNotFound receiver.contexts.add(context) receiver.last_update = datetime_now() try: receiver.update(request) except DatabaseError as dberror: log.err("Unable to update receiver %s: %s" % (receiver.name, dberror)) raise errors.InvalidInputFormat(dberror) return admin_serialize_receiver(receiver, language)
def db_create_whistleblowertip(store, internaltip): """ The plaintext receipt is returned only now, and then is stored hashed in the WBtip table """ log.debug("Creating whistleblowertip") receipt = unicode(generateRandomReceipt()) wbtip = models.WhistleblowerTip() wbtip.id = internaltip.id wbtip.receipt_hash = hash_password( receipt, State.tenant_cache[1].private.receipt_salt) store.add(wbtip) return receipt
def login_wb(store, receipt): """ Login wb return the WhistleblowerTip.id """ node = store.find(Node).one() hashed_receipt = security.hash_password(receipt, node.receipt_salt) wb_tip = store.find(WhistleblowerTip, WhistleblowerTip.receipt_hash == unicode(hashed_receipt)).one() if not wb_tip: log.debug("Whistleblower login: Invalid receipt") return None, None, None log.debug("Whistleblower login: Valid receipt") wb_tip.last_access = utility.datetime_now() store.commit() # the transact was read only! on success we apply the commit() return wb_tip.id, 'enabled', False
def db_create_whistleblower_tip(store, submission_desc): """ The plaintext receipt is returned only now, and then is stored hashed in the WBtip table """ wbtip = WhistleblowerTip() node = store.find(Node).one() receipt = unicode(rstr.xeger(GLSetting.receipt_regexp)) wbtip.receipt_hash = security.hash_password(receipt, node.receipt_salt) wbtip.access_counter = 0 wbtip.internaltip_id = submission_desc['id'] store.add(wbtip) return receipt
def db_create_whistleblower_tip(store, submission_desc): """ The plaintext receipt is returned only now, and then is stored hashed in the WBtip table """ wbtip = WhistleblowerTip() node = store.find(Node).one() return_value_receipt = unicode(rstr.xeger(node.receipt_regexp)) wbtip.receipt_hash = security.hash_password(return_value_receipt, node.receipt_salt) wbtip.access_counter = 0 wbtip.internaltip_id = submission_desc['id'] store.add(wbtip) return return_value_receipt
def create_whistleblower_tip(store, submission_desc): """ The plaintext receipt is returned only now, and then is stored hashed in the WBtip table """ assert submission_desc is not None and submission_desc.has_key("id") wbtip = WhistleblowerTip() node = store.find(Node).one() return_value_receipt = unicode(rstr.xeger(node.receipt_regexp)) wbtip.receipt_hash = security.hash_password(return_value_receipt, node.receipt_salt) wbtip.access_counter = 0 wbtip.internaltip_id = submission_desc["id"] store.add(wbtip) return return_value_receipt
def login_wb(store, receipt): """ Login wb return the WhistleblowerTip.id """ node = store.find(Node).one() hashed_receipt = security.hash_password(receipt, node.receipt_salt) wb_tip = store.find( WhistleblowerTip, WhistleblowerTip.receipt_hash == unicode(hashed_receipt)).one() if not wb_tip: log.debug("Whistleblower login: Invalid receipt") return False log.debug("Whistleblower login: Valid receipt") wb_tip.last_access = utility.datetime_now() store.commit( ) # the transact was read only! on success we apply the commit() return wb_tip.id
def login_whistleblower(store, receipt, client_using_tor): """ login_whistleblower returns the WhistleblowerTip.id """ hashed_receipt = security.hash_password(receipt, GLSettings.memory_copy.private.receipt_salt) wbtip = store.find(WhistleblowerTip, WhistleblowerTip.receipt_hash == unicode(hashed_receipt)).one() if not wbtip: log.debug("Whistleblower login: Invalid receipt") GLSettings.failed_login_attempts += 1 raise errors.InvalidAuthentication if not client_using_tor and not GLSettings.memory_copy.accept_tor2web_access['whistleblower']: log.err("Denied login request over clear Web for role 'whistleblower'") raise errors.TorNetworkRequired log.debug("Whistleblower login: Valid receipt") wbtip.last_access = datetime_now() return wbtip.id
def init_db(store, result, node_dict, appdata_dict): """ TODO refactor with languages the email_template, develop a dedicated function outside the node, and inquire f*****g YHWH about the callbacks existence/usage """ node = models.Node(node_dict) node.languages_enabled = GLSetting.defaults.languages_enabled node.receipt_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}')) node.wizard_done = GLSetting.skip_wizard for k in appdata_dict['node']: setattr(node, k, appdata_dict['node'][k]) store.add(node) admin_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}')) admin_password = hash_password(u"globaleaks", admin_salt) admin_dict = { 'username': u'admin', 'password': admin_password, 'salt': admin_salt, 'role': u'admin', 'state': u'enabled', 'language': u"en", 'timezone': 0, 'password_change_needed': False, } admin = models.User(admin_dict) store.add(admin) notification = models.Notification() for k in appdata_dict['templates']: setattr(notification, k, appdata_dict['templates'][k]) store.add(notification)
def login_whistleblower(store, receipt, using_tor2web): """ login_whistleblower returns the WhistleblowerTip.id """ hashed_receipt = security.hash_password(receipt, GLSettings.memory_copy.private.receipt_salt) wbtip = store.find(WhistleblowerTip, WhistleblowerTip.receipt_hash == unicode(hashed_receipt)).one() if not wbtip: log.debug("Whistleblower login: Invalid receipt") GLSettings.failed_login_attempts += 1 raise errors.InvalidAuthentication if using_tor2web and not GLSettings.memory_copy.accept_tor2web_access['whistleblower']: log.err("Denied login request on Tor2web for role 'whistleblower'") raise errors.TorNetworkRequired else: log.debug("Accepted login request on Tor2web for role 'whistleblower'") log.debug("Whistleblower login: Valid receipt") wbtip.last_access = datetime_now() return wbtip.id
def db_admin_update_user(store, user_id, request, language): """ Updates the specified user. raises: globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist. """ user = models.User.get(store, user_id) if not user: raise errors.UserIdNotFound fill_localized_keys(request, models.User.localized_keys, language) user.update(request) password = request['password'] if len(password) > 0: user.password = security.hash_password(password, user.salt) user.password_change_date = datetime_now() # The various options related in manage PGP keys are used here. parse_pgp_options(user, request) return user
def db_create_whistleblower_tip(store, internaltip): """ The plaintext receipt is returned only now, and then is stored hashed in the WBtip table """ wbtip = models.WhistleblowerTip() receipt = unicode(generateRandomReceipt()) wbtip.receipt_hash = hash_password(receipt, GLSettings.memory_copy.receipt_salt) wbtip.internaltip_id = internaltip.id store.add(wbtip) created_rtips = [db_create_receivertip(store, receiver, internaltip) for receiver in internaltip.receivers] internaltip.new = False if len(created_rtips): log.debug("The finalized submissions had created %d models.ReceiverTip(s)" % len(created_rtips)) return receipt, wbtip
def db_create_user(store, request, language): fill_localized_keys(request, models.User.localized_keys, language) password = request['password'] if len(password) and password != GLSettings.default_password: security.check_password_format(password) else: password = GLSettings.default_password password_salt = security.generateRandomSalt() password_hash = security.hash_password(password, password_salt) user = models.User({ 'username': request['username'], 'password': password_hash, 'salt': password_salt, 'role': request['role'], 'state': u'enabled', 'deletable': request['deletable'], 'name': request['name'], 'description': request['description'], 'language': u'en', 'timezone': 0, 'password_change_needed': True, 'mail_address': request['mail_address'] }) if request['username'] == '': user.username = user.id # The various options related in manage PGP keys are used here. parse_pgp_options(user, request) create_user_picture(user.id) store.add(user) return user
def db_create_user(store, request, language): fill_localized_keys(request, models.User.localized_keys, language) password = request['password'] if len(password) and password != GLSettings.default_password: security.check_password_format(password) else: password = GLSettings.default_password password_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}')) password_hash = security.hash_password(password, password_salt) user = models.User({ 'username': request['username'], 'password': password_hash, 'salt': password_salt, 'role': request['role'], 'state': u'enabled', 'deletable': request['deletable'], 'name': request['name'], 'description': request['description'], 'language': u'en', 'timezone': 0, 'password_change_needed': True, 'mail_address': request['mail_address'] }) if request['username'] == '': user.username = user.id # The various options related in manage PGP keys are used here. parse_pgp_options(user, request) create_user_picture(user.id) store.add(user) return user
def create_whistleblower_tip(store, submission_desc): """ The plaintext receipt is returned only now, and then is stored hashed in the WBtip table """ from Crypto import Random Random.atfork() assert submission_desc is not None and submission_desc.has_key('id') wbtip = WhistleblowerTip() context = store.find(Context, Context.id == submission_desc['context_gus']).one() return_value_receipt = unicode( rstr.xeger(context.receipt_regexp) ) node = store.find(Node).one() wbtip.receipt_hash = security.hash_password(return_value_receipt, node.receipt_salt) wbtip.access_counter = 0 wbtip.internaltip_id = submission_desc['id'] store.add(wbtip) return return_value_receipt
def init_db(store, result, node_dict, appdata_dict): """ """ node = models.Node(node_dict) node.languages_enabled = GLSettings.defaults.languages_enabled node.receipt_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}')) node.wizard_done = GLSettings.skip_wizard for k in appdata_dict['node']: setattr(node, k, appdata_dict['node'][k]) store.add(node) admin_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}')) admin_password = hash_password(u"globaleaks", admin_salt) admin_dict = { 'username': u'admin', 'password': admin_password, 'salt': admin_salt, 'role': u'admin', 'state': u'enabled', 'mail_address': u'', 'language': u"en", 'timezone': 0, 'password_change_needed': False, } admin = models.User(admin_dict) store.add(admin) notification = models.Notification() for k in appdata_dict['templates']: setattr(notification, k, appdata_dict['templates'][k]) store.add(notification)
def initialize_node(store, results, only_node, appdata): """ TODO refactor with languages the email_template, develop a dedicated function outside the node, and inquire f*****g YHWH about the callbacks existence/usage """ node = models.Node(only_node) log.debug("Inizializing ApplicationData") new_appdata = ApplicationData() new_appdata.fields = appdata['fields'] new_appdata.version = appdata['version'] store.add(new_appdata) for k in appdata['node']: setattr(node, k, appdata['node'][k]) node.languages_enabled = GLSetting.defaults.languages_enabled node.receipt_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}')) node.wizard_done = GLSetting.skip_wizard node.creation_date = datetime_now() store.add(node) admin_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}')) admin_password = hash_password(u"globaleaks", admin_salt) admin_dict = { 'username': u'admin', 'password': admin_password, 'salt': admin_salt, 'role': u'admin', 'state': u'enabled', 'language': u"en", 'timezone': 0, 'password_change_needed': False, } admin = models.User(admin_dict) admin.last_login = datetime_null() admin.password_change_date = datetime_null() store.add(admin) notification = models.Notification() # our defaults for free, because we're like Gandhi of the mail accounts. notification.server = "mail.headstrong.de" notification.port = 587 # port 587/SMTP-TLS or 465/SMTPS notification.username = "******" notification.password = "******" notification.security = "TLS" notification.source_name = "Default GlobaLeaks sender" notification.source_email = notification.username # Those fields are sets as default in order to show to the Admin the various # 'variables' used in the template. for k in appdata['templates']: # Todo handle pgp_expiration_alert and pgp_expiration_notice already included in client/app/data/txt # and internationalized with right support on backend db. if k in appdata['templates']: setattr(notification, k, appdata['templates'][k]) # Todo handle pgp_expiration_alert and pgp_expiration_notice already included in client/app/data/txt # and internationalized with right support on backend db. store.add(notification)
def db_get_wbtip_by_receipt(store, receipt): hashed_receipt = security.hash_password( receipt, State.tenant_cache[1].private.receipt_salt) return store.find( WhistleblowerTip, WhistleblowerTip.receipt_hash == unicode(hashed_receipt)).one()
def create_receiver(store, request, language=GLSetting.memory_copy.default_language): """ Creates a new receiver. Returns: (dict) the configured receiver """ v = dict(request) for attr in getattr(Receiver, "localized_strings"): v[attr] = {} v[attr][language] = unicode(request[attr]) request = v mail_address = utility.acquire_mail_address(request) if not mail_address: raise errors.NoEmailSpecified # Pretend that username is unique: homonymous = store.find(User, User.username == mail_address).count() if homonymous: log.err("Creation error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) password = request.get('password') security.check_password_format(password) receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}')) receiver_password = security.hash_password(password, receiver_salt) receiver_user_dict = { 'username': mail_address, 'password': receiver_password, 'salt': receiver_salt, 'role': u'receiver', 'state': u'enabled', 'failed_login_count': 0, } receiver_user = models.User(receiver_user_dict) receiver_user.last_login = utility.datetime_null() store.add(receiver_user) receiver = Receiver(request) receiver.user = receiver_user receiver.notification_fields = request.get('notification_fields') receiver.tags = request.get('tags') # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) log.debug("Creating receiver %s" % receiver.user.username) store.add(receiver) create_random_receiver_portrait(receiver.id) contexts = request.get('contexts', []) for context_id in contexts: context = store.find(Context, Context.id == context_id).one() if not context: log.err("Creation error: invalid Context can't be associated") raise errors.ContextGusNotFound context.receivers.add(receiver) return admin_serialize_receiver(receiver, language)
def db_create_receiver(store, request, language=GLSetting.memory_copy.default_language): """ Creates a new receiver. Returns: (dict) the configured receiver """ mo = structures.Rosetta() mo.acquire_request(language, request, Receiver) for attr in mo.get_localized_attrs(): request[attr] = mo.get_localized_dict(attr) mail_address = request['mail_address'] # Pretend that username is unique: homonymous = store.find(User, User.username == mail_address).count() if homonymous: log.err( "Creation error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) password = request.get('password') security.check_password_format(password) receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}')) receiver_password = security.hash_password(password, receiver_salt) receiver_user_dict = { 'username': mail_address, 'password': receiver_password, 'salt': receiver_salt, 'role': u'receiver', 'state': u'enabled', } receiver_user = models.User(receiver_user_dict) receiver_user.last_login = datetime_null() store.add(receiver_user) receiver = Receiver(request) receiver.user = receiver_user receiver.mail_address = mail_address receiver.tags = request['tags'] # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) log.debug("Creating receiver %s" % receiver.user.username) store.add(receiver) create_random_receiver_portrait(receiver.id) contexts = request.get('contexts', []) for context_id in contexts: context = store.find(Context, Context.id == context_id).one() if not context: log.err("Creation error: invalid Context can't be associated") raise errors.ContextIdNotFound context.receivers.add(receiver) return admin_serialize_receiver(receiver, language)
def db_create_receiver(store, request, language=GLSetting.memory_copy.default_language): """ Creates a new receiver. Returns: (dict) the configured receiver """ mo = structures.Rosetta() mo.acquire_request(language, request, Receiver) for attr in mo.get_localized_attrs(): request[attr] = mo.get_localized_dict(attr) mail_address = request['mail_address'] # Pretend that username is unique: homonymous = store.find(User, User.username == mail_address).count() if homonymous: log.err("Creation error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) password = request.get('password') security.check_password_format(password) receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}')) receiver_password = security.hash_password(password, receiver_salt) receiver_user_dict = { 'username': mail_address, 'password': receiver_password, 'salt': receiver_salt, 'role': u'receiver', 'state': u'enabled', } receiver_user = models.User(receiver_user_dict) receiver_user.last_login = datetime_null() store.add(receiver_user) receiver = Receiver(request) receiver.user = receiver_user receiver.mail_address = mail_address receiver.tags = request['tags'] # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) log.debug("Creating receiver %s" % receiver.user.username) store.add(receiver) create_random_receiver_portrait(receiver.id) contexts = request.get('contexts', []) for context_id in contexts: context = store.find(Context, Context.id == context_id).one() if not context: log.err("Creation error: invalid Context can't be associated") raise errors.ContextIdNotFound context.receivers.add(receiver) return admin_serialize_receiver(receiver, language)
def init_db(store, result, node_dict, appdata_dict): """ TODO refactor with languages the email_template, develop a dedicated function outside the node, and inquire f*****g YHWH about the callbacks existence/usage """ node = models.Node(node_dict) for k in appdata_dict['node']: setattr(node, k, appdata_dict['node'][k]) node.languages_enabled = GLSetting.defaults.languages_enabled node.receipt_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}')) node.wizard_done = GLSetting.skip_wizard node.creation_date = datetime_now() store.add(node) admin_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}')) admin_password = hash_password(u"globaleaks", admin_salt) admin_dict = { 'username': u'admin', 'password': admin_password, 'salt': admin_salt, 'role': u'admin', 'state': u'enabled', 'language': u"en", 'timezone': 0, 'password_change_needed': False, } admin = models.User(admin_dict) admin.last_login = datetime_null() admin.password_change_date = datetime_null() store.add(admin) notification = models.Notification() # our defaults for free, because we're like Gandhi of the mail accounts. notification.server = "mail.headstrong.de" notification.port = 587 # port 587/SMTP-TLS or 465/SMTPS notification.username = "******" notification.password = "******" notification.security = "TLS" notification.source_name = "Default GlobaLeaks sender" notification.source_email = notification.username # Those fields are sets as default in order to show to the Admin the various # 'variables' used in the template. for k in appdata_dict['templates']: setattr(notification, k, appdata_dict['templates'][k]) store.add(notification)
def initialize_node(store, results, only_node, templates, appdata): """ TODO refactor with languages the email_template, develop a dedicated function outside the node, and inquire f*****g YHWH about the callbacks existence/usage """ node = models.Node(only_node) log.debug("Inizializing ApplicationData") new_appdata = ApplicationData() new_appdata.fields = appdata['fields'] new_appdata.version = appdata['version'] store.add(new_appdata) if 'node_presentation' in appdata: node.presentation = appdata['node_presentation'] if 'node_footer' in appdata: node.footer = appdata['node_footer'] if 'node_subtitle' in appdata: node.subtitle = appdata['node_subtitle'] node.languages_enabled = GLSetting.defaults.languages_enabled node.receipt_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}')) node.wizard_done = GLSetting.skip_wizard node.creation_date = datetime_now() store.add(node) admin_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}')) admin_password = hash_password(u"globaleaks", admin_salt) admin_dict = { 'username': u'admin', 'password': admin_password, 'salt': admin_salt, 'role': u'admin', 'state': u'enabled', } admin = models.User(admin_dict) admin.last_login = datetime_null() store.add(admin) notification = models.Notification() # our defaults for free, because we're like Gandhi of the mail accounts. notification.server = "mail.headstrong.de" notification.port = 587 # port 587/SMTP-TLS or 465/SMTPS notification.username = "******" notification.password = "******" notification.security = "TLS" notification.source_name = "Default GlobaLeaks sender" notification.source_email = notification.username # Those fields are sets as default in order to show to the Admin the various # 'variables' used in the template. notification.encrypted_tip_template = { GLSetting.memory_copy.default_language: templates['encrypted_tip'] } notification.encrypted_tip_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: new Tip (Encrypted)" } notification.plaintext_tip_template = { GLSetting.memory_copy.default_language: templates['plaintext_tip'] } notification.plaintext_tip_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: new ClearText" } notification.encrypted_message_template = { GLSetting.memory_copy.default_language: templates['encrypted_message'] } notification.encrypted_message_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: New message (Encrypted)" } notification.plaintext_message_template = { GLSetting.memory_copy.default_language: templates['plaintext_message'] } notification.plaintext_message_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: New message" } notification.encrypted_file_template = { GLSetting.memory_copy.default_language: templates['encrypted_file'] } notification.encrypted_file_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: File attached (Encrypted)" } notification.plaintext_file_template = { GLSetting.memory_copy.default_language: templates['plaintext_file'] } notification.plaintext_file_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: File attached" } notification.encrypted_comment_template = { GLSetting.memory_copy.default_language: templates['encrypted_comment'] } notification.encrypted_comment_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: New comment (Encrypted)" } notification.plaintext_comment_template = { GLSetting.memory_copy.default_language: templates['plaintext_comment'] } notification.plaintext_comment_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: New comment" } notification.zip_description = { GLSetting.memory_copy.default_language: templates['zip_collection'] } store.add(notification)
def initialize_node(store, results, only_node, templates, appdata): """ TODO refactor with languages the email_template, develop a dedicated function outside the node, and inquire f*****g YHWH about the callbacks existence/usage """ node = models.Node(only_node) log.debug("Inizializing ApplicationData") new_appdata = ApplicationData() new_appdata.fields = appdata['fields'] new_appdata.version = appdata['version'] store.add(new_appdata) if 'node_presentation' in appdata: node.presentation = appdata['node_presentation'] if 'node_footer' in appdata: node.footer = appdata['node_footer'] if 'node_subtitle' in appdata: node.subtitle = appdata['node_subtitle'] node.languages_enabled = GLSetting.defaults.languages_enabled node.receipt_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}')) node.wizard_done = GLSetting.skip_wizard node.creation_date = datetime_now() store.add(node) admin_salt = get_salt(rstr.xeger('[A-Za-z0-9]{56}')) admin_password = hash_password(u"globaleaks", admin_salt) admin_dict = { 'username': u'admin', 'password': admin_password, 'salt': admin_salt, 'role': u'admin', 'state': u'enabled', } admin = models.User(admin_dict) admin.last_login = datetime_null() store.add(admin) notification = models.Notification() # our defaults for free, because we're like Gandhi of the mail accounts. notification.server = "mail.headstrong.de" notification.port = 587 # port 587/SMTP-TLS or 465/SMTPS notification.username = "******" notification.password = "******" notification.security = "TLS" notification.source_name = "Default GlobaLeaks sender" notification.source_email = notification.username # Those fields are sets as default in order to show to the Admin the various # 'variables' used in the template. notification.encrypted_tip_template = { GLSetting.memory_copy.default_language: templates['encrypted_tip'] } notification.encrypted_tip_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: new Tip (Encrypted)" } notification.plaintext_tip_template= { GLSetting.memory_copy.default_language: templates['plaintext_tip'] } notification.plaintext_tip_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: new ClearText" } notification.encrypted_message_template = { GLSetting.memory_copy.default_language: templates['encrypted_message'] } notification.encrypted_message_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: New message (Encrypted)" } notification.plaintext_message_template = { GLSetting.memory_copy.default_language: templates['plaintext_message'] } notification.plaintext_message_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: New message" } notification.encrypted_file_template = { GLSetting.memory_copy.default_language: templates['encrypted_file'] } notification.encrypted_file_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: File attached (Encrypted)" } notification.plaintext_file_template = { GLSetting.memory_copy.default_language: templates['plaintext_file'] } notification.plaintext_file_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: File attached" } notification.encrypted_comment_template = { GLSetting.memory_copy.default_language: templates['encrypted_comment'] } notification.encrypted_comment_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: New comment (Encrypted)" } notification.plaintext_comment_template = { GLSetting.memory_copy.default_language: templates['plaintext_comment'] } notification.plaintext_comment_mail_title = { GLSetting.memory_copy.default_language: "[Tip %TipNum%] for %ReceiverName% in %ContextName%: New comment" } notification.zip_description = { GLSetting.memory_copy.default_language: templates['zip_collection'] } store.add(notification)
def initialize_node(store, results, only_node, email_templates): """ TODO refactor with languages the email_template, develop a dedicated function outside the node, and inquire f*****g YHWH about the callbacks existence/usage """ from Crypto import Random Random.atfork() node = models.Node(only_node) # by default, only english is the surely present language node.languages_enabled = GLSetting.defaults.languages_enabled node.receipt_salt = get_salt(rstr.xeger("[A-Za-z0-9]{56}")) node.creation_date = datetime_now() store.add(node) admin_salt = get_salt(rstr.xeger("[A-Za-z0-9]{56}")) admin_password = hash_password(u"globaleaks", admin_salt) admin_dict = { "username": u"admin", "password": admin_password, "salt": admin_salt, "role": u"admin", "state": u"enabled", "failed_login_count": 0, } admin = models.User(admin_dict) admin.last_login = datetime_null() store.add(admin) notification = models.Notification() # our defaults for free, because we're like Gandhi of the mail accounts. notification.server = "mail.headstrong.de" notification.port = 587 # port 587/SMTP-TLS or 465/SMTPS notification.username = "******" notification.password = "******" notification.security = "TLS" notification.source_name = "Default GlobaLeaks sender" notification.source_email = notification.username # Those fields are sets as default in order to show to the Admin the various 'variables' # used in the template. notification.tip_template = {GLSetting.memory_copy.default_language: email_templates["tip"]} notification.tip_mail_title = {GLSetting.memory_copy.default_language: "From %NodeName% a new Tip"} notification.file_template = {GLSetting.memory_copy.default_language: email_templates["file"]} notification.file_mail_title = { GLSetting.memory_copy.default_language: "From %NodeName% a new file appended to a tip" } notification.comment_template = {GLSetting.memory_copy.default_language: email_templates["comment"]} notification.comment_mail_title = {GLSetting.memory_copy.default_language: "From %NodeName% a new comment"} notification.activation_template = {GLSetting.memory_copy.default_language: "*Not Yet implemented*"} notification.activation_mail_title = {GLSetting.memory_copy.default_language: "**Not Yet implemented"} store.add(notification)
def db_create_receiver(store, request, language=GLSetting.memory_copy.default_language): """ Creates a new receiver. Returns: (dict) the configured receiver """ fill_localized_keys(request, models.Receiver.localized_strings, language) mail_address = request['mail_address'] # Pretend that username is unique: homonymous = store.find(models.User, models.User.username == mail_address).count() if homonymous: log.err("Creation error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) password = request['password'] if len(password) and password != GLSetting.default_password: security.check_password_format(password) else: password = GLSetting.default_password receiver_salt = security.get_salt(rstr.xeger('[A-Za-z0-9]{56}')) receiver_password = security.hash_password(password, receiver_salt) receiver_user_dict = { 'username': mail_address, 'password': receiver_password, 'salt': receiver_salt, 'role': u'receiver', 'state': u'enabled', 'language': u"en", 'timezone': 0, 'password_change_needed': True, } receiver_user = models.User(receiver_user_dict) receiver_user.last_login = datetime_null() receiver_user.password_change_needed = request['password_change_needed'] receiver_user.password_change_date = datetime_null() store.add(receiver_user) receiver = models.Receiver(request) receiver.user = receiver_user receiver.mail_address = mail_address # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) log.debug("Creating receiver %s" % receiver.user.username) store.add(receiver) create_random_receiver_portrait(receiver.id) contexts = request.get('contexts', []) for context_id in contexts: context = models.Context.get(store, context_id) if not context: log.err("Creation error: invalid Context can't be associated") raise errors.ContextIdNotFound context.receivers.add(receiver) return admin_serialize_receiver(receiver, language)
def update_receiver(store, receiver_id, request, language=GLSetting.memory_copy.default_language): """ Updates the specified receiver with the details. raises :class:`globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist. """ receiver = store.find(Receiver, Receiver.id == unicode(receiver_id)).one() if not receiver: raise errors.ReceiverIdNotFound mo = structures.Rosetta() mo.acquire_request(language, request, Receiver) for attr in mo.get_localized_attrs(): request[attr] = mo.get_localized_dict(attr) mail_address = request['mail_address'] homonymous = store.find(User, User.username == mail_address).one() if homonymous and homonymous.id != receiver.user_id: log.err( "Update error: already present receiver with the requested username: %s" % mail_address) raise errors.ExpectedUniqueField('mail_address', mail_address) receiver.mail_address = mail_address receiver.tags = request['tags'] # the email address it's also the username, stored in User receiver.user.username = mail_address # The various options related in manage GPG keys are used here. gpg_options_parse(receiver, request) password = request['password'] if len(password): security.check_password_format(password) receiver.user.password = security.hash_password( password, receiver.user.salt) contexts = request.get('contexts', []) for context in receiver.contexts: receiver.contexts.remove(context) for context_id in contexts: context = store.find(Context, Context.id == context_id).one() if not context: log.err("Update error: unexistent context can't be associated") raise errors.ContextIdNotFound receiver.contexts.add(context) receiver.last_update = datetime_now() try: receiver.update(request) except Exception as dberror: log.err("Unable to update receiver %s: %s" % (receiver.name, dberror)) raise errors.InvalidInputFormat(dberror) return admin_serialize_receiver(receiver, language)
from globaleaks.rest.apicache import GLApiCache from globaleaks.settings import GLSettings, transact, transact_ro from globaleaks.security import GLSecureTemporaryFile from globaleaks.third_party import rstr from globaleaks.utils import token from globaleaks.utils.structures import fill_localized_keys from globaleaks.utils.utility import datetime_null, log from . import TEST_DIR ## constants VALID_PASSWORD1 = u'justapasswordwithaletterandanumberandbiggerthan8chars' VALID_PASSWORD2 = u'justap455w0rdwithaletterandanumberandbiggerthan8chars' VALID_SALT1 = security.get_salt(rstr.xeger(r'[A-Za-z0-9]{56}')) VALID_SALT2 = security.get_salt(rstr.xeger(r'[A-Za-z0-9]{56}')) VALID_HASH1 = security.hash_password(VALID_PASSWORD1, VALID_SALT1) VALID_HASH2 = security.hash_password(VALID_PASSWORD2, VALID_SALT2) INVALID_PASSWORD = u'antani' FIXTURES_PATH = os.path.join(TEST_DIR, 'fixtures') with open(os.path.join(TEST_DIR, 'keys/valid_pgp_key1.txt')) as pgp_file: VALID_PGP_KEY1 = unicode(pgp_file.read()) with open(os.path.join(TEST_DIR, 'keys/valid_pgp_key2.txt')) as pgp_file: VALID_PGP_KEY2 = unicode(pgp_file.read()) with open(os.path.join(TEST_DIR, 'keys/expired_pgp_key.txt')) as pgp_file: EXPIRED_PGP_KEY = unicode(pgp_file.read()) transact.tp = FakeThreadPool()
def db_get_wbtip_by_receipt(store, receipt): hashed_receipt = security.hash_password(receipt, GLSettings.memory_copy.private.receipt_salt) return store.find(WhistleblowerTip, WhistleblowerTip.receipt_hash == unicode(hashed_receipt)).one()