def db_update_node(store, request, language): """ Update and serialize the node infos :param store: the store on which perform queries. :param language: the language in which to localize data :return: a dictionary representing the serialization of the node """ enable_disable_languages(store, request) if language in request["languages_enabled"]: node_l10n = NodeL10NFactory(store) node_l10n.update(request, language) node = NodeFactory(store) node.update(request) if request["basic_auth"] and request["basic_auth_username"] != "" and request["basic_auth_password"] != "": node.set_val("basic_auth", True) node.set_val("basic_auth_username", request["basic_auth_username"]) node.set_val("basic_auth_password", request["basic_auth_password"]) else: node.set_val("basic_auth", False) db_refresh_memory_variables(store) # TODO pass instance of db_update_node into admin_serialize return db_admin_serialize_node(store, language)
def update_notification(session, tid, request, language): ConfigFactory(session, tid).update('notification', request) ConfigL10NFactory(session, tid).update('notification', request, language) db_refresh_memory_variables(session, [tid]) return db_get_notification(session, tid, language)
def db_update_node(session, tid, user_session, request, language): """ Transaction to update the node configuration :param session: An ORM session :param tid: A tenant ID :param user_session: The current user session :param request: The request data :param language: the language in which to localize data :return: Return the serialized configuration for the specified tenant """ config = ConfigFactory(session, tid) enable_escrow = not config.get_val('escrow') and request.get('escrow', False) disable_escrow = user_session.ek and config.get_val('escrow') and not request.get('escrow', False) config.update('node', request) if request['enable_ricochet_panel'] and not request['ricochet_address']: request['enable_ricochet_panel'] = False # Validate that IP addresses/ranges we're getting are goo if 'ip_filter_admin' in request and request['ip_filter_admin_enable'] and request['ip_filter_admin']: parse_csv_ip_ranges_to_ip_networks(request['ip_filter_admin']) if 'languages_enabled' in request and 'default_language' in request: db_update_enabled_languages(session, tid, request['languages_enabled'], request['default_language']) if language in db_get_languages(session, tid): ConfigL10NFactory(session, tid).update('node', request, language) if enable_escrow: crypto_escrow_prv_key, State.tenant_cache[tid].crypto_escrow_pub_key = GCE.generate_keypair() user = db_get(session, models.User, models.User.id == user_session.user_id) user.crypto_escrow_prv_key = Base64Encoder.encode(GCE.asymmetric_encrypt(user.crypto_pub_key, crypto_escrow_prv_key)) if tid == 1: session.query(models.User).update({'password_change_needed': True}, synchronize_session=False) else: session.query(models.User).filter(models.User.tid == tid).update({'password_change_needed': True}, synchronize_session=False) if disable_escrow: if tid == 1: session.query(models.User).update({'crypto_escrow_bkp1_key': ''}, synchronize_session=False) else: session.query(models.User).update({'crypto_escrow_bkp2_key': ''}, synchronize_session=False) session.query(models.User).filter(models.User.tid == tid).update({'crypto_escrow_prv_key': ''}, synchronize_session=False) config.set_val('crypto_escrow_pub_key', State.tenant_cache[tid].crypto_escrow_pub_key) db_refresh_memory_variables(session, [tid]) if tid == 1: log.setloglevel(config.get_val('log_level')) return db_admin_serialize_node(session, tid, language)
def db_admin_update_user(session, tid, user_id, request, language): """ Updates the specified user. """ fill_localized_keys(request, models.User.localized_keys, language) user = db_get_user(session, tid, user_id) if user.username != request['username']: check = session.query(models.User).filter(models.User.username == text_type(request['username']), models.UserTenant.user_id == models.User.id, models.UserTenant.tenant_id == tid).one_or_none() if check is not None: raise errors.InputValidationError('Username already in use') user.update(request) password = request['password'] if password: user.hash_alg = GCE.HASH user.salt = GCE.generate_salt() user.password = GCE.hash_password(password, user.salt) user.password_change_date = datetime_now() user.crypto_prv_key = b'' user.crypto_pub_key = b'' # The various options related in manage PGP keys are used here. parse_pgp_options(user, request) if user.role == 'admin': db_refresh_memory_variables(session, [tid]) return user
def db_update_node(session, tid, request, language): """ Update and serialize the node infos :param session: the session on which perform queries. :param language: the language in which to localize data :return: a dictionary representing the serialization of the node """ node = ConfigFactory(session, tid, 'node') if tid != 1: request['enable_signup'] = False node.update(request) if request['basic_auth'] and request['basic_auth_username'] and request[ 'basic_auth_password']: node.set_val(u'basic_auth', True) node.set_val(u'basic_auth_username', request['basic_auth_username']) node.set_val(u'basic_auth_password', request['basic_auth_password']) else: node.set_val(u'basic_auth', False) db_update_enabled_languages(session, tid, request['languages_enabled'], request['default_language']) if language in request['languages_enabled']: node_l10n = NodeL10NFactory(session, tid) node_l10n.update(request, language) db_refresh_memory_variables(session, [tid]) # TODO pass instance of db_update_node into admin_serialize return db_admin_serialize_node(session, tid, language)
def db_admin_update_user(session, tid, user_id, request, language): """ Updates the specified user. """ fill_localized_keys(request, models.User.localized_keys, language) user = db_get_user(session, tid, user_id) if user.username != request['username']: check = session.query(models.User).filter( models.User.username == str(request['username']), models.User.tid == tid).one_or_none() if check is not None: raise errors.InputValidationError('Username already in use') user.update(request) password = request['password'] if password and not user.crypto_pub_key: user.hash_alg = 'ARGON2' user.salt = GCE.generate_salt() user.password = GCE.hash_password(password, user.salt) user.password_change_date = datetime_now() # The various options related in manage PGP keys are used here. parse_pgp_options(user, request) if user.role == 'admin': db_refresh_memory_variables(session, [tid]) return user
def db_create(session, desc): t = models.Tenant() t.active = desc['active'] session.add(t) # required to generate the tenant id session.flush() appdata = load_appdata() if t.id == 1: db_load_defaults(session) models.config.initialize_config(session, t.id, desc['mode']) for var in ['mode', 'name', 'subdomain']: db_set_config_variable(session, t.id, var, desc[var]) models.config.add_new_lang(session, t.id, 'en', appdata) db_initialize_tenant_submission_statuses(session, t.id) db_refresh_memory_variables(session, [t.id]) return t
def db_create(session, desc): appdata = load_appdata() t = models.db_forge_obj(session, models.Tenant, desc) # required to generate/retrive the id session.flush() db_update_defaults(session) models.config.system_cfg_init(session, tid=t.id) models.config.add_new_lang(session, t.id, u'en', appdata) file_descs = [ (u'logo', 'data/logo.png'), (u'favicon', 'data/favicon.ico') ] for file_desc in file_descs: with open(os.path.join(Settings.client_path, file_desc[1]), 'r') as f: data = base64.b64encode(f.read()) file.db_add_file(session, t.id, file_desc[0], u'', data) db_refresh_memory_variables(session, [t.id]) return t
def db_update_node(store, request, language): """ Update and serialize the node infos :param store: the store on which perform queries. :param language: the language in which to localize data :return: a dictionary representing the serialization of the node """ enable_disable_languages(store, request) if language in request['languages_enabled']: node_l10n = NodeL10NFactory(store) node_l10n.update(request, language) node = NodeFactory(store) node.update(request) if request[ 'basic_auth'] and request['basic_auth_username'] != '' and request[ 'basic_auth_password'] != '': node.set_val('basic_auth', True) node.set_val('basic_auth_username', request['basic_auth_username']) node.set_val('basic_auth_password', request['basic_auth_password']) else: node.set_val('basic_auth', False) db_refresh_memory_variables(store) # TODO pass instance of db_update_node into admin_serialize return db_admin_serialize_node(store, language)
def _setUp(self, session): valid_setup = test_tls.get_valid_setup() config.db_set_config_variable(session, 1, 'https_cert', valid_setup['cert']) config.db_set_config_variable(session, 1, 'https_enabled', True) db_refresh_memory_variables(session)
def db_admin_update_user(session, state, tid, user_id, request, language): """ Updates the specified user. """ fill_localized_keys(request, models.User.localized_keys, language) user = db_get_user(session, tid, user_id) if user.username != request['username']: check = session.query(models.User).filter( models.User.username == text_type(request['username']), models.UserTenant.user_id == models.User.id, models.UserTenant.tenant_id == tid).one_or_none() if check is not None: raise errors.InputValidationError('Username already in use') user.update(request) password = request['password'] if password: user.password = security.hash_password(password, user.salt) user.password_change_date = datetime_now() # The various options related in manage PGP keys are used here. parse_pgp_options(state, user, request) if user.role == 'admin': db_refresh_memory_variables(session, [tid]) return user
def _setUp(self, session): valid_setup = test_tls.get_valid_setup() config = ConfigFactory(session, 1, 'node') config.set_val(u'https_cert', valid_setup['cert']) config.set_val(u'https_enabled', True) db_refresh_memory_variables(session)
def db_create(session, desc): t = db_preallocate(session, desc) db_initialize(session, t, desc['mode']) db_refresh_memory_variables(session, [t.id]) return t
def _setUp(self, store): valid_setup = test_tls.get_valid_setup() prv_fact = PrivateFactory(store) prv_fact.set_val(u'https_cert', valid_setup['cert']) prv_fact.set_val(u'https_enabled', True) db_refresh_memory_variables(store)
def db_create(session, desc): t = db_preallocate(session, desc) t.active = True db_initialize(session, t.id) db_refresh_memory_variables(session, [t.id]) return t
def update(session, tid, request): t = db_get(session, models.Tenant, models.Tenant.id == tid) t.active = request['active'] for var in ['mode', 'name', 'subdomain']: db_set_config_variable(session, tid, var, request[var]) db_refresh_memory_variables(session, [t.id]) return serialize_tenant(session, t)
def update(session, id, request): tenant = models.db_get(session, models.Tenant, models.Tenant.id == id) tenant.update(request) # A tenant created via signup but not activated may require initialization if not session.query(models.Config).filter(models.Config.tid == id).count(): db_initialize(session, tenant, 'default') db_refresh_memory_variables(session, [id]) return serialize_tenant(session, tenant)
def wizard(store, request, language): node = NodeFactory(store) if node.get_val('wizard_done'): # TODO report as anomaly log.err("DANGER: Wizard already initialized!") raise errors.ForbiddenOperation node._query_group() node.set_val('name', request['node']['name']) node.set_val('default_language', language) node.set_val('wizard_done', True) if GLSettings.memory_copy.onionservice is not None: node.set_val('onionservice', GLSettings.memory_copy.onionservice) node_l10n = NodeL10NFactory(store) node_l10n.set_val('description', language, request['node']['description']) node_l10n.set_val('header_title_homepage', language, request['node']['name']) context = db_create_context(store, request['context'], language) langs_to_drop = EnabledLanguage.list(store) langs_to_drop.remove(language) if len(langs_to_drop): EnabledLanguage.remove_old_langs(store, langs_to_drop) request['receiver']['contexts'] = [context.id] request['receiver']['language'] = language db_create_receiver(store, request['receiver'], language) admin_dict = { 'username': u'admin', 'password': request['admin']['password'], 'role': u'admin', 'state': u'enabled', 'deletable': False, 'name': u'Admin', 'public_name': u'Admin', 'description': u'', 'mail_address': request['admin']['mail_address'], 'language': language, 'password_change_needed': False, 'pgp_key_remove': False, 'pgp_key_fingerprint': '', 'pgp_key_public': '', 'pgp_key_expiration': datetime_null() } db_create_admin_user(store, admin_dict, language) db_refresh_memory_variables(store)
def update(session, id, request): tenant = models.db_get(session, models.Tenant, models.Tenant.id == id) tenant.update(request) # A tenant created via signup but not activate may require initialization if not session.query(models.Config).filter(models.Config.tid == id).count(): db_initialize(session, id) db_refresh_memory_variables(session, [id]) return serialize_tenant(session, tenant)
def wizard(store, request, language): models.db_delete(store, l10n.EnabledLanguage, l10n.EnabledLanguage.name != language) node = config.NodeFactory(store) if node.get_val(u'wizard_done'): log.err("DANGER: Wizard already initialized!") raise errors.ForbiddenOperation node._query_group() node.set_val(u'name', request['node_name']) node.set_val(u'default_language', language) node.set_val(u'wizard_done', True) node_l10n = l10n.NodeL10NFactory(store) node_l10n.set_val(u'header_title_homepage', language, request['node_name']) profiles.load_profile(store, request['profile']) receiver_desc = models.User().dict(language) receiver_desc['username'] = u'recipient' receiver_desc['name'] = receiver_desc['public_name'] = request['receiver_name'] receiver_desc['mail_address'] = request['receiver_mail_address'] receiver_desc['language'] = language receiver_desc['role'] =u'receiver' receiver_desc['deletable'] = True receiver_desc['pgp_key_remove'] = False _, receiver = db_create_receiver_user(store, receiver_desc, language) context_desc = models.Context().dict(language) context_desc['name'] = u'Default' context_desc['receivers'] = [receiver.id] context = db_create_context(store, context_desc, language) admin_desc = models.User().dict(language) admin_desc['username'] = u'admin' admin_desc['password'] = request['admin_password'] admin_desc['name'] = admin_desc['public_name'] = request['admin_name'] admin_desc['mail_address'] = request['admin_mail_address'] admin_desc['language'] = language admin_desc['role'] =u'admin' admin_desc['deletable'] = False admin_desc['pgp_key_remove'] = False admin_desc['password_change_needed'] = False db_create_admin_user(store, admin_desc, language) db_refresh_memory_variables(store)
def wizard(store, request, language): models.db_delete(store, l10n.EnabledLanguage, l10n.EnabledLanguage.name != language) node = config.NodeFactory(store) if node.get_val(u'wizard_done'): log.err("DANGER: Wizard already initialized!") raise errors.ForbiddenOperation node._query_group() node.set_val(u'name', request['node']['name']) node.set_val(u'default_language', language) node.set_val(u'wizard_done', True) node_l10n = l10n.NodeL10NFactory(store) node_l10n.set_val(u'description', language, request['node']['description']) node_l10n.set_val(u'header_title_homepage', language, request['node']['name']) profiles.load_profile(store, request['profile']) context = db_create_context(store, request['context'], language) request['receiver']['username'] = u'recipient' request['receiver']['contexts'] = [context.id] request['receiver']['language'] = language db_create_receiver_user(store, request['receiver'], language) admin_dict = { 'username': u'admin', 'password': request['admin']['password'], 'role': u'admin', 'state': u'enabled', 'deletable': False, 'name': u'Admin', 'public_name': u'Admin', 'description': u'', 'mail_address': request['admin']['mail_address'], 'language': language, 'password_change_needed': False, 'pgp_key_remove': False, 'pgp_key_fingerprint': '', 'pgp_key_public': '', 'pgp_key_expiration': datetime_null() } db_create_admin_user(store, admin_dict, language) db_refresh_memory_variables(store)
def db_create_admin_user(store, request, language): """ Creates a new admin Returns: (dict) the admin descriptor """ user = db_create_user(store, request, language) log.debug("Created new admin") db_refresh_memory_variables(store) return user
def update_notification(session, tid, request, language): config = ConfigFactory(session, tid) if request['smtp_password'] == '': del request['smtp_password'] config.update('notification', request) config_l10n = ConfigL10NFactory(session, tid) config_l10n.update('notification', request, language) db_refresh_memory_variables(session, [tid]) return db_get_notification(session, tid, language)
def db_update_node(store, request, wizard_done, language): """ Update and serialize the node infos :param store: the store on which perform queries. :param language: the language in which to localize data :return: a dictionary representing the serialization of the node """ node = store.find(models.Node).one() fill_localized_keys(request, models.Node.localized_keys, language) # verify that the languages enabled are valid 'code' in the languages supported node.languages_enabled = [] for lang_code in request['languages_enabled']: if lang_code in LANGUAGES_SUPPORTED_CODES: node.languages_enabled.append(lang_code) else: raise errors.InvalidInputFormat("Invalid lang code enabled: %s" % lang_code) if not len(node.languages_enabled): raise errors.InvalidInputFormat("Missing enabled languages") # enforcing of default_language usage (need to be set, need to be _enabled) if request['default_language']: if request['default_language'] not in node.languages_enabled: raise errors.InvalidInputFormat("Invalid lang code as default") node.default_language = request['default_language'] else: node.default_language = node.languages_enabled[0] log.err("Default language not set!? fallback on %s" % node.default_language) node.basic_auth = request['basic_auth'] if request['basic_auth'] and request['basic_auth_username'] != '' and request['basic_auth_password'] != '': node.basic_auth = True node.basic_auth_username = request['basic_auth_username'] node.basic_auth_password = request['basic_auth_password'] else: node.basic_auth = False if wizard_done: node.wizard_done = True node.update(request) db_refresh_memory_variables(store) return db_admin_serialize_node(store, language)
def db_update_node(session, tid, request, language): """ Update and serialize the node infos :param tid: :param request: :param session: the session on which perform queries. :param language: the language in which to localize data :return: a dictionary representing the serialization of the node """ config = ConfigFactory(session, tid) config.update('node', request) if 'basic_auth' in request and request['basic_auth'] and request[ 'basic_auth_username'] and request['basic_auth_password']: config.set_val('basic_auth', True) config.set_val('basic_auth_username', request['basic_auth_username']) config.set_val('basic_auth_password', request['basic_auth_password']) else: config.set_val('basic_auth', False) config.set_val('basic_auth_username', '') config.set_val('basic_auth_password', '') if request['enable_ricochet_panel'] and not request['ricochet_address']: request['enable_ricochet_panel'] = False # Validate that IP addresses/ranges we're getting are goo if 'ip_filter_admin' in request and request[ 'ip_filter_admin_enable'] and request['ip_filter_admin']: parse_csv_ip_ranges_to_ip_networks(request['ip_filter_admin']) if 'ip_filter_whistleblower_enable' in request and request[ 'ip_filter_whistleblower_enable'] and request[ 'ip_filter_whistleblower']: parse_csv_ip_ranges_to_ip_networks(request['ip_filter_whistleblower']) if 'languages_enabled' in request and 'default_language' in request: db_update_enabled_languages(session, tid, request['languages_enabled'], request['default_language']) if language in models.EnabledLanguage.list(session, tid): ConfigL10NFactory(session, tid).update('node', request, language) db_refresh_memory_variables(session, [tid]) if tid == 1: log.setloglevel(config.get_val('log_level')) return db_admin_serialize_node(session, tid, language)
def update_notification(session, tid, request, language): config = ConfigFactory(session, tid) if request['smtp_password'] == '': del request['smtp_password'] config.update('notification', request) config_l10n = ConfigL10NFactory(session, tid) config_l10n.update('notification', request, language) if request.pop('reset_templates'): config_l10n.reset('notification', load_appdata()) db_refresh_memory_variables(session, [tid]) return admin_serialize_notification(session, tid, language)
def update_notification(session, tid, request, language): notif = ConfigFactory(session, tid, 'notification') if request['smtp_password'] == '': del request['smtp_password'] notif.update(request) notif_l10n = NotificationL10NFactory(session, tid) notif_l10n.update(request, language) if request.pop('reset_templates'): notif_l10n.reset_templates(load_appdata()) db_refresh_memory_variables(session, [tid]) return admin_serialize_notification(session, tid, language)
def update_notification(store, request, language): notif = store.find(Notification).one() fill_localized_keys(request, Notification.localized_keys, language) if request['reset_templates']: appdata_dict = load_appdata() for k in appdata_dict['templates']: request[k] = appdata_dict['templates'][k] notif.update(request) parse_pgp_options(notif, request) db_refresh_memory_variables(store) return admin_serialize_notification(notif, language)
def update_notification(store, request, language): notif = NotificationFactory(store) notif.update(request) smtp_pw = request.pop('smtp_password', u'') if smtp_pw != u'': PrivateFactory(store).set_val(u'smtp_password', smtp_pw) notif_l10n = NotificationL10NFactory(store) notif_l10n.update(request, language) if request.pop('reset_templates'): notif_l10n.reset_templates(load_appdata()) # Since the Notification object has been changed refresh the global copy. db_refresh_memory_variables(store) return admin_serialize_notification(store, language)
def db_update_node(store, request, wizard_done, language): """ Update and serialize the node infos :param store: the store on which perform queries. :param language: the language in which to localize data :return: a dictionary representing the serialization of the node """ node = store.find(models.Node).one() fill_localized_keys(request, models.Node.localized_keys, language) # verify that the languages enabled are valid 'code' in the languages supported node.languages_enabled = [] for lang_code in request['languages_enabled']: if lang_code in LANGUAGES_SUPPORTED_CODES: node.languages_enabled.append(lang_code) else: raise errors.InvalidInputFormat("Invalid lang code enabled: %s" % lang_code) if not len(node.languages_enabled): raise errors.InvalidInputFormat("Missing enabled languages") # enforcing of default_language usage (need to be set, need to be _enabled) if request['default_language']: if request['default_language'] not in node.languages_enabled: raise errors.InvalidInputFormat("Invalid lang code as default") node.default_language = request['default_language'] else: node.default_language = node.languages_enabled[0] log.err("Default language not set!? fallback on %s" % node.default_language) if wizard_done: node.wizard_done = True node.update(request) db_refresh_memory_variables(store) return db_admin_serialize_node(store, language)
def db_update_node(session, tid, request, language, config_node): """ Update and serialize the node infos :param session: the session on which perform queries. :param language: the language in which to localize data :return: a dictionary representing the serialization of the node """ node = ConfigFactory(session, tid, config_node) node.update(request) if 'basic_auth' in request: if request['basic_auth'] and request[ 'basic_auth_username'] and request['basic_auth_password']: node.set_val(u'basic_auth', True) node.set_val(u'basic_auth_username', request['basic_auth_username']) node.set_val(u'basic_auth_password', request['basic_auth_password']) else: node.set_val(u'basic_auth', False) # Validate that IP addresses/ranges we're getting are goo if 'ip_filter_authenticated' in request: if request['ip_filter_authenticated_enable'] and request[ 'ip_filter_authenticated']: # Make sure we can validate and parse the whole thing parse_csv_ip_ranges_to_ip_networks( request['ip_filter_authenticated']) if 'languages_enabled' in request and 'default_language' in request: db_update_enabled_languages(session, tid, request['languages_enabled'], request['default_language']) if language in models.EnabledLanguage.list(session, tid): node_l10n = NodeL10NFactory(session, tid) node_l10n.update(request, language) db_refresh_memory_variables(session, [tid]) return db_admin_serialize_node(session, tid, language)
def update_notification(store, request, language): notif_l10n = NotificationL10NFactory(store) notif_l10n.update(request, language) if request.pop('reset_templates'): appdata = load_appdata() notif_l10n.reset_templates(appdata) smtp_pw = request.pop('smtp_password', u'') if smtp_pw != u'': PrivateFactory(store).set_val('smtp_password', smtp_pw) notif = NotificationFactory(store) notif.update(request) parse_pgp_options(notif, request) # Since the Notification object has been changed refresh the global copy. db_refresh_memory_variables(store) return admin_serialize_notification(store, language)
def update_notification(store, request, language): notif = store.find(Notification).one() fill_localized_keys(request, Notification.localized_keys, language) if request['reset_templates']: appdata_dict = load_appdata() for k in appdata_dict['templates']: request[k] = appdata_dict['templates'][k] if request['password'] == u'': log.debug('No password set. Using pw already in the DB.') request['password'] = notif.password notif.update(request) parse_pgp_options(notif, request) # Since the Notification object has been changed refresh the global copy. db_refresh_memory_variables(store) return admin_serialize_notification(notif, language)
def db_admin_update_user(session, state, tid, user_id, request, language): """ Updates the specified user. """ fill_localized_keys(request, models.User.localized_keys, language) user = models.db_get(session, models.User, models.User.tid == tid, models.User.id == user_id) user.update(request) password = request['password'] if password: user.password = security.hash_password(password, user.salt) user.password_change_date = datetime_now() # The various options related in manage PGP keys are used here. parse_pgp_options(state, user, request) if user.role == 'admin': db_refresh_memory_variables(session, [tid]) return user
def db_admin_update_user(store, user_id, request, language): """ Updates the specified user. raises: globaleaks.errors.UserIdNotFound` if the user does not exist. """ fill_localized_keys(request, models.User.localized_keys, language) user = models.db_get(store, models.User, id=user_id) user.update(request) password = request['password'] if password: user.password = security.hash_password(password, user.salt) user.password_change_date = datetime_now() # The various options related in manage PGP keys are used here. parse_pgp_options(user, request) if user.role == 'admin': db_refresh_memory_variables(store) return user
def delete(session, id): models.db_delete(session, models.Tenant, models.Tenant.id == id) db_refresh_memory_variables(session, [id])
def db_wizard(session, state, tid, request, client_using_tor, language): node = config.ConfigFactory(session, tid, 'node') if node.get_val(u'wizard_done'): log.err("DANGER: Wizard already initialized!", tid=tid) raise errors.ForbiddenOperation db_update_enabled_languages(session, tid, [language], language) tenant = models.db_get(session, models.Tenant, models.Tenant.id == tid) tenant.label = request['node_name'] node.set_val(u'name', request['node_name']) node.set_val(u'default_language', language) node.set_val(u'wizard_done', True) node.set_val(u'enable_developers_exception_notification', request['enable_developers_exception_notification']) # Guess Tor configuration from thee media used on first configuration and # if the user is using Tor preserve node anonymity and perform outgoing connections via Tor node.set_val(u'reachable_via_web', not client_using_tor) node.set_val(u'allow_unencrypted', not client_using_tor) node.set_val(u'anonymize_outgoing_connections', client_using_tor) node.set_val(u'disable_encryption_warnings', not client_using_tor) node_l10n = config.NodeL10NFactory(session, tid) node_l10n.set_val(u'header_title_homepage', language, request['node_name']) profiles.load_profile(session, tid, request['profile']) receiver_desc = models.User().dict(language) receiver_desc['name'] = request['receiver_name'] receiver_desc['username'] = u'recipient' receiver_desc['name'] = request['receiver_name'] receiver_desc['mail_address'] = request['receiver_mail_address'] receiver_desc['language'] = language receiver_desc['role'] = u'receiver' receiver_desc['deletable'] = True receiver_desc['pgp_key_remove'] = False _, receiver = db_create_receiver_user(session, state, tid, receiver_desc, language) context_desc = models.Context().dict(language) context_desc['name'] = u'Default' context_desc['receivers'] = [receiver.id] db_create_context(session, state, tid, context_desc, language) admin_desc = models.User().dict(language) admin_desc['name'] = request['admin_name'] admin_desc['username'] = u'admin' admin_desc['password'] = request['admin_password'] admin_desc['name'] = request['admin_name'] admin_desc['mail_address'] = request['admin_mail_address'] admin_desc['language'] = language admin_desc['role'] = u'admin' admin_desc['deletable'] = False admin_desc['pgp_key_remove'] = False admin_desc['password_change_needed'] = False db_create_user(session, state, tid, admin_desc, language) db_refresh_memory_variables(session, [tid])
def set_config_variable(session, tid, var, val): db_set_config_variable(session, tid, var, val) db_refresh_memory_variables(session, [tid])
def db_wizard(session, tid, request, client_using_tor, language): language = request['node_language'] node = config.ConfigFactory(session, tid) if tid != 1: root_tenant_node = config.ConfigFactory(session, 1) else: root_tenant_node = node if node.get_val(u'wizard_done'): log.err("DANGER: Wizard already initialized!", tid=tid) raise errors.ForbiddenOperation db_update_enabled_languages(session, tid, [language], language) node.set_val(u'name', request['node_name']) node.set_val(u'default_language', language) node.set_val(u'wizard_done', True) node.set_val(u'enable_developers_exception_notification', request['enable_developers_exception_notification']) # Guess Tor configuration from thee media used on first configuration and # if the user is using Tor preserve node anonymity and perform outgoing connections via Tor node.set_val(u'reachable_via_web', not client_using_tor) node.set_val(u'allow_unencrypted', not client_using_tor) node.set_val(u'anonymize_outgoing_connections', client_using_tor) node_l10n = config.ConfigL10NFactory(session, tid) node_l10n.set_val(u'header_title_homepage', language, request['node_name']) profiles.load_profile(session, tid, request['profile']) admin_desc = models.User().dict(language) admin_desc['name'] = request['admin_name'] admin_desc['username'] = u'admin' admin_desc['password'] = request['admin_password'] admin_desc['name'] = request['admin_name'] admin_desc['mail_address'] = request['admin_mail_address'] admin_desc['language'] = language admin_desc['role'] =u'admin' admin_desc['deletable'] = False admin_desc['pgp_key_remove'] = False admin_user = db_create_user(session, tid, admin_desc, language) admin_user.password_change_needed = False admin_user.password_change_date = datetime_now() receiver_desc = models.User().dict(language) receiver_desc['name'] = request['receiver_name'] receiver_desc['username'] = u'recipient' receiver_desc['password'] = request['receiver_password'] receiver_desc['name'] = request['receiver_name'] receiver_desc['mail_address'] = request['receiver_mail_address'] receiver_desc['language'] = language receiver_desc['role'] =u'receiver' receiver_desc['deletable'] = True receiver_desc['pgp_key_remove'] = False receiver_user = db_create_user(session, tid, receiver_desc, language) context_desc = models.Context().dict(language) context_desc['status'] = 1 context_desc['name'] = u'Default' context_desc['receivers'] = [receiver_user.id] context = db_create_context(session, tid, context_desc, language) # Root tenants initialization terminates here if tid == 1: db_refresh_memory_variables(session, [tid]) return # Secondary tenants initialization starts here tenant = models.db_get(session, models.Tenant, models.Tenant.id == tid) tenant.label = request['node_name'] mode = node.get_val(u'mode') if mode != u'default': node.set_val(u'hostname', tenant.subdomain + '.' + node.get_val(u'rootdomain')) node.set_val(u'reachable_via_web', True) node.set_val(u'allow_unencrypted', True) node.set_val(u'anonymize_outgoing_connections', True) node.set_val(u'allow_iframes_inclusion', True) context.questionnaire_id = root_tenant_node.get_val(u'default_questionnaire') # Apply the specific fixes related to whistleblowing.it projects if mode == u'whistleblowing.it': node.set_val(u'disable_key_code_hint', True) node.set_val(u'disable_privacy_badge', True) node.set_val(u'disable_donation_panel', True) node.set_val(u'simplified_login', True) node.set_val(u'can_delete_submission', False) node.set_val(u'enable_user_pgp_key_upload', False) node.set_val(u'tor', False) # Delete the admin user session.delete(admin_user) # Set the recipient name equal to the node name receiver_user.name = request['node_name'] # Enable the recipient user to configure platform general settings receiver_user.can_edit_general_settings = True # Set data retention policy to 18 months context.tip_timetolive = 540 # Enable recipients to load files to the whistleblower context.enable_rc_to_wb_files = True db_refresh_memory_variables(session, [tid])