def db_get_questionnaire(session, tid, questionnaire_id, language, serialize_templates=True):
questionnaire = models.db_get(session,
models.Questionnaire,
models.Questionnaire.tid.in_(set([1, tid])),
models.Questionnaire.id == questionnaire_id)
return serialize_questionnaire(session, tid, questionnaire, language, serialize_templates=serialize_templates)
def db_update_field(session, tid, field_id, field_dict, language):
field = models.db_get(session, models.Field, models.Field.tid == tid,
models.Field.id == field_id)
check_field_association(session, tid, field_dict)
fill_localized_keys(field_dict, models.Field.localized_keys, language)
db_update_fieldattrs(session, tid, field.id, field_dict['attrs'], language)
if field_dict['instance'] != 'reference':
db_update_fieldoptions(session, tid, field.id, field_dict['options'],
language)
# full update
field.update(field_dict)
else:
# partial update
field.update({
'label': field_dict['label'],
'hint': field_dict['hint'],
'description': field_dict['description'],
'template_override_id': field_dict['template_override_id'],
'x': field_dict['x'],
'y': field_dict['y'],
'width': field_dict['width'],
'required': field_dict['required']
})
return field
def db_update_field(session, tid, field_id, field_dict, language):
field = models.db_get(session, models.Field, models.Field.tid == tid,
models.Field.id == field_id)
check_field_association(session, tid, field_dict)
db_update_fieldattrs(session, tid, field.id, field_dict['attrs'], language)
# make not possible to change field type
field_dict['type'] = field.type
if field_dict['instance'] != 'reference':
fill_localized_keys(field_dict, models.Field.localized_keys, language)
db_update_fieldoptions(session, tid, field.id, field_dict['options'],
language)
# full update
field.update(field_dict)
else:
# partial update
field.update({
'x': field_dict['x'],
'y': field_dict['y'],
'width': field_dict['width'],
'multi_entry': field_dict['multi_entry']
})
return field
def update_identity_information(session, tid, tip_id, identity_field_id,
identity_field_answers, language):
internaltip = models.db_get(session, models.InternalTip,
models.InternalTip.id == tip_id,
models.InternalTip.tid == tid)
if internaltip.identity_provided:
return
aqs = session.query(models.ArchivedSchema).filter(
models.ArchivedSchema.hash == internaltip.questionnaire_hash).one()
questionnaire = db_serialize_archived_questionnaire_schema(
session, aqs.schema, language)
for step in questionnaire:
for field in step['children']:
if field['id'] == identity_field_id and field[
'id'] == 'whistleblower_identity':
db_save_questionnaire_answers(
session, tid, internaltip.id,
{identity_field_id: [identity_field_answers]})
now = datetime_now()
internaltip.update_date = now
internaltip.wb_last_access = now
internaltip.identity_provided = True
internaltip.identity_provided_date = now
return
def db_update_field(session, tid, field_id, field_dict, language):
field = models.db_get(session, models.Field, models.Field.tid == tid, models.Field.id == field_id)
check_field_association(session, tid, field_dict)
fill_localized_keys(field_dict, models.Field.localized_keys, language)
db_update_fieldattrs(session, field.id, field_dict['attrs'], language)
db_reset_option_triggers(session, 'field', field.id)
for trigger in field_dict.get('triggered_by_options', []):
db_create_trigger(session, tid, trigger['option'], 'field', field.id, trigger.get('sufficient', True))
if field_dict['instance'] != 'reference':
db_update_fieldoptions(session, field.id, field_dict['options'], language)
# full update
field.update(field_dict)
else:
# partial update
field.update({
'label': field_dict['label'],
'hint': field_dict['hint'],
'description': field_dict['description'],
'placeholder': field_dict['placeholder'],
'template_override_id': field_dict['template_override_id'],
'x': field_dict['x'],
'y': field_dict['y'],
'width': field_dict['width'],
'required': field_dict['required']
})
return field
def delete_field(session, tid, field_id):
"""
Delete the field object corresponding to field_id
If the field has children, remove them as well.
If the field is immediately attached to a step object, remove it as well.
:param session: the session on which perform queries.
:param field_id: the id corresponding to the field.
"""
field = models.db_get(session, models.Field, models.Field.tid == tid,
models.Field.id == field_id)
if not field.editable:
raise errors.ForbiddenOperation
if field.instance == 'template' and session.query(models.Field).filter(
models.Field.tid == tid, models.Field.template_id
== field.id).count():
raise errors.InputValidationError(
"Cannot remove the field template as it is used by one or more questionnaires"
)
if field.template_id == 'whistleblower_identity' and field.step_id is not None:
step_id = session.query(
models.Step.id).filter(models.Step.id == field.step_id)
session.query(models.Questionnaire).filter(
models.Questionnaire.id == step_id.subquery()).update(
{'enable_whistleblower_identity': False},
synchronize_session='fetch')
session.delete(field)
def db_admin_update_user(session, state, tid, user_id, request, language):
"""
Updates the specified user.
"""
fill_localized_keys(request, models.User.localized_keys, language)
user = models.db_get(session, models.User, models.User.tid == tid,
models.User.id == user_id)
if user.username != request['username']:
check = session.query(models.User).filter(
models.User.tid == tid, models.User.username == text_type(
request['username'])).one_or_none()
if check is not None:
raise errors.InputValidationError('Username already in use')
user.update(request)
password = request['password']
if password:
user.password = security.hash_password(password, user.salt)
user.password_change_date = datetime_now()
# The various options related in manage PGP keys are used here.
parse_pgp_options(state, user, request)
if user.role == 'admin':
db_refresh_memory_variables(session, [tid])
return user
def db_user_update_user(store, user_id, request):
"""
Updates the specified user.
This version of the function is specific for users that with comparison with
admins can change only few things:
- preferred language
- the password (with old password check)
- pgp key
raises: globaleaks.errors.ReceiverIdNotFound` if the receiver does not exist.
"""
user = models.db_get(store, models.User, id=user_id)
user.language = request.get('language',
State.tenant_cache[1].default_language)
new_password = request['password']
old_password = request['old_password']
if new_password and old_password:
user.password = change_password(user.password, old_password,
new_password, user.salt)
if user.password_change_needed:
user.password_change_needed = False
user.password_change_date = datetime_now()
# The various options related in manage PGP keys are used here.
parse_pgp_options(user, request)
return user
def db_user_update_user(session, state, tid, user_id, request):
"""
Updates the specified user.
This version of the function is specific for users that with comparison with
admins can change only few things:
- real name
- email address
- preferred language
- the password (with old password check)
- pgp key
raises: globaleaks.errors.ResourceNotFound` if the receiver does not exist.
"""
from globaleaks.handlers.admin.notification import db_get_notification
from globaleaks.handlers.admin.node import db_admin_serialize_node
user = models.db_get(session,
models.User,
models.User.id == user_id)
user.language = request.get('language', State.tenant_cache[tid].default_language)
user.name = request['name']
new_password = request['password']
old_password = request['old_password']
if new_password:
if user.password_change_needed:
user.password_change_needed = False
else:
if not check_password(old_password,
user.salt,
user.password):
raise errors.InvalidOldPassword
user.password = hash_password(new_password, user.salt)
user.password_change_date = datetime_now()
# If the email address changed, send a validation email
if request['mail_address'] != user.mail_address:
user.change_email_address = request['mail_address']
user.change_email_date = datetime_now()
user.change_email_token = generateRandomKey(32)
user_desc = user_serialize_user(session, user, user.language)
template_vars = {
'type': 'email_validation',
'user': user_desc,
'new_email_address': request['mail_address'],
'validation_token': user.change_email_token,
'node': db_admin_serialize_node(session, 1, user.language),
'notification': db_get_notification(session, tid, user.language)
}
state.format_and_send_mail(session, tid, user_desc, template_vars)
# If the platform allows users to change PGP keys, process it
if State.tenant_cache[tid]['enable_user_pgp_key_upload'] is True:
parse_pgp_options(state, user, request)
return user
def db_update_step(session, tid, step_id, request, language):
"""
Transaction for updating a step
:param session: An ORM session
:param tid: The tenant ID
:param step_id: the step_id of the step to update
:param request: the step definition dict
:param language: the language of the step definition dict
:return: a serialization of the object
"""
step = models.db_get(
session, models.Step, models.Step.id == step_id,
models.Questionnaire.id == models.Step.questionnaire_id,
models.Questionnaire.tid == tid)
fill_localized_keys(request, models.Step.localized_keys, language)
step.update(request)
for child in request['children']:
db_update_field(session, tid, child['id'], child, language)
db_reset_option_triggers(session, 'step', step.id)
for trigger in request.get('triggered_by_options', []):
db_create_option_trigger(session, trigger['option'], 'step', step.id,
trigger.get('sufficient', True))
return serialize_step(session, tid, step, language)
def db_update_step(session, tid, step_id, step_dict, language):
"""
Update the specified step with the details.
:param tid:
:param session: the session on which perform queries.
:param step_id: the step_id of the step to update
:param step_dict: the step definition dict
:param language: the language of the step definition dict
:return: a serialization of the object
"""
step = models.db_get(
session, models.Step, models.Step.id == step_id,
models.Questionnaire.id == models.Step.questionnaire_id,
models.Questionnaire.tid == tid)
fill_localized_keys(step_dict, models.Step.localized_keys, language)
step.update(step_dict)
for child in step_dict['children']:
db_update_field(session, tid, child['id'], child, language)
db_reset_option_triggers(session, 'step', step.id)
for trigger in step_dict.get('triggered_by_options', []):
db_create_trigger(session, tid, trigger['option'], 'step', step.id,
trigger.get('sufficient', True))
return step
def db_access_rtip(session, tid, user_id, rtip_id):
return models.db_get(session,
(models.ReceiverTip, models.InternalTip),
models.ReceiverTip.id == rtip_id,
models.ReceiverTip.receiver_id == user_id,
models.ReceiverTip.internaltip_id == models.InternalTip.id,
models.InternalTip.tid == tid)
def db_update_step(session, tid, step_id, step_dict, language):
"""
Update the specified step with the details.
:param session: the session on which perform queries.
:param step_id: the step_id of the step to update
:param step_dict: the step definition dict
:param language: the language of the step definition dict
:return: a serialization of the object
"""
step = models.db_get(session, models.Step, models.Step.id == step_id,
models.Questionnaire.id == models.Step.questionnaire_id,
models.Questionnaire.tid == tid)
fill_localized_keys(step_dict, models.Step.localized_keys, language)
step.update(step_dict)
for child in step_dict['children']:
db_update_field(session, tid, child['id'], child, language)
db_reset_option_triggers(session, 'step', step.id)
for trigger in step_dict.get('triggered_by_options', []):
db_create_trigger(session, tid, trigger['option'], 'step', step.id, trigger.get('sufficient', True))
return step
def delete_user(store, user_id):
user = models.db_get(store, models.User, id=user_id)
if not user.deletable:
raise errors.UserNotDeletable
store.remove(user)
def perform_tips_operation(session, tid, receiver_id, operation, rtips_ids):
"""
Transaction for performing operation on submissions (postpone/delete)
:param session: An ORM session
:param tid: A tenant ID
:param receiver_id: A recipient ID
:param operation: An operation command (postpone/delete)
:param rtips_ids: The set of submissions on which performing the specified operation
"""
receiver = models.db_get(session, models.User,
models.User.id == receiver_id)
can_postpone_expiration = State.tenant_cache[
tid].can_postpone_expiration or receiver.can_postpone_expiration
can_delete_submission = State.tenant_cache[
tid].can_delete_submission or receiver.can_delete_submission
itips = session.query(models.InternalTip) \
.filter(models.ReceiverTip.receiver_id == receiver_id,
models.ReceiverTip.id.in_(rtips_ids),
models.InternalTip.id == models.ReceiverTip.internaltip_id,
models.InternalTip.tid == tid)
if operation == 'postpone' and can_postpone_expiration:
for itip in itips:
db_postpone_expiration(session, itip)
elif operation == 'delete' and can_delete_submission:
db_delete_itips(session, [itip.id for itip in itips])
else:
raise errors.ForbiddenOperation
def db_access_rtip(session, tid, user_id, rtip_id):
return models.db_get(session,
(models.ReceiverTip, models.InternalTip),
models.ReceiverTip.id == rtip_id,
models.ReceiverTip.receiver_id == user_id,
models.ReceiverTip.internaltip_id == models.InternalTip.id,
models.InternalTip.tid == tid)
def db_update_field(session, tid, field_id, field_dict, language):
field = models.db_get(session, models.Field, models.Field.tid == tid, models.Field.id == field_id)
check_field_association(session, tid, field_dict)
fill_localized_keys(field_dict, models.Field.localized_keys, language)
db_update_fieldattrs(session, field.id, field_dict['attrs'], language)
db_reset_option_triggers(session, 'field', field.id)
for trigger in field_dict.get('triggered_by_options', []):
db_create_trigger(session, tid, trigger['option'], 'field', field.id, trigger.get('sufficient', True))
if field_dict['instance'] != 'reference':
db_update_fieldoptions(session, field.id, field_dict['options'], language)
# full update
field.update(field_dict)
else:
# partial update
field.update({
'label': field_dict['label'],
'hint': field_dict['hint'],
'description': field_dict['description'],
'placeholder': field_dict['placeholder'],
'template_override_id': field_dict['template_override_id'],
'x': field_dict['x'],
'y': field_dict['y'],
'width': field_dict['width'],
'required': field_dict['required']
})
return field
def delete_field(store, field_id):
"""
Delete the field object corresponding to field_id
If the field has children, remove them as well.
If the field is immediately attached to a step object, remove it as well.
:param store: the store on which perform queries.
:param field_id: the id corresponding to the field.
"""
field = models.db_get(store, models.Field, id=field_id)
if not field.editable:
raise errors.FieldNotEditable
if field.instance == 'template':
if store.find(models.Field,
models.Field.template_id == field.id).count():
raise errors.InvalidInputFormat(
"Cannot remove the field template as it is used by one or more questionnaires"
)
if field.template_id == 'whistleblower_identity' and field.step_id is not None:
store.find(
models.Questionnaire, models.Step.id == field.step_id,
models.Questionnaire.id == models.Step.questionnaire_id).set(
enable_whistleblower_identity=False)
store.remove(field)
def get_context(store, context_id, language):
"""
Returns:
(dict) the context with the specified id.
"""
context = models.db_get(store, models.Context, id=context_id)
return admin_serialize_context(store, context, language)
def db_get_questionnaire(session, tid, questionnaire_id, language, serialize_templates=True):
"""
Returns:
(dict) the questionnaire with the specified id.
"""
questionnaire = models.db_get(session, models.Questionnaire, models.Questionnaire.tid.in_(set([1, tid])), models.Questionnaire.id == questionnaire_id)
return serialize_questionnaire(session, tid, questionnaire, language, serialize_templates=serialize_templates)
def db_get_user(session, tid, user_id):
user = models.db_get(session,
models.User,
models.User.id == user_id,
models.UserTenant.user_id == user_id,
models.UserTenant.tenant_id == tid)
return user
def db_get_user(session, tid, user_id):
user = models.db_get(session,
models.User,
models.User.id == user_id,
models.UserTenant.user_id == user_id,
models.UserTenant.tenant_id == tid)
return user
def db_get_questionnaire(session, tid, questionnaire_id, language, serialize_templates=True):
"""
Returns:
(dict) the questionnaire with the specified id.
"""
questionnaire = models.db_get(session, models.Questionnaire, models.Questionnaire.tid.in_(set([1, tid])), models.Questionnaire.id == questionnaire_id)
return serialize_questionnaire(session, tid, questionnaire, language, serialize_templates=serialize_templates)
def get_user_settings(session, tid, user_id, language):
user = models.db_get(session,
models.User,
models.User.id == user_id,
models.UserTenant.user_id == user_id,
models.UserTenant.tenant_id == tid)
return user_serialize_user(session, user, language)
def db_user_update_user(session, state, tid, user_id, request):
"""
Updates the specified user.
This version of the function is specific for users that with comparison with
admins can change only few things:
- real name
- email address
- preferred language
- the password (with old password check)
- pgp key
raises: globaleaks.errors.ResourceNotFound` if the receiver does not exist.
"""
from globaleaks.handlers.admin.notification import db_get_notification
from globaleaks.handlers.admin.node import db_admin_serialize_node
from globaleaks.handlers.admin.user import get_user
user = models.db_get(session, models.User, models.User.id == user_id,
models.User.tid == tid)
user.language = request.get('language',
State.tenant_cache[tid].default_language)
user.name = request['name']
new_password = request['password']
old_password = request['old_password']
if new_password and old_password:
user.password = change_password(user.password, old_password,
new_password, user.salt)
if user.password_change_needed:
user.password_change_needed = False
user.password_change_date = datetime_now()
# If the email address changed, send a validation email
if request['mail_address'] != user.mail_address:
user.change_email_address = request['mail_address']
user.change_email_date = datetime_now()
user.change_email_token = generateRandomKey(32)
user_desc = user_serialize_user(session, user, user.language)
template_vars = {
'type': 'email_validation',
'user': user_desc,
'new_email_address': request['mail_address'],
'validation_token': user.change_email_token,
'node': db_admin_serialize_node(session, 1, user.language),
'notification': db_get_notification(session, tid, user.language)
}
state.format_and_send_mail(session, tid, user_desc, template_vars)
# We don't directly change user email addresses, if a user
# The various options related in manage PGP keys are used here.
parse_pgp_options(state, user, request)
return user
def db_get_receiver(store, receiver_id):
"""
Returns:
(dict) the receiver
"""
return models.db_get(store, (models.Receiver, models.User),
models.Receiver.id == receiver_id,
models.User.id == receiver_id)
def db_user_update_user(session, tid, user_session, request):
"""
Transaction for updating an existing user
:param session: An ORM session
:param tid: A tenant ID
:param user_session: A session of the user invoking the transaction
:param request: A user request data
:return: A user model
"""
from globaleaks.handlers.admin.notification import db_get_notification
from globaleaks.handlers.admin.node import db_admin_serialize_node
user = models.db_get(session, models.User,
models.User.id == user_session.user_id)
user.language = request.get('language',
State.tenant_cache[tid].default_language)
user.name = request['name']
user.public_name = request['public_name'] if request[
'public_name'] else request['name']
if request['password']:
if user.password_change_needed:
user.password_change_needed = False
else:
if not GCE.check_password(user.hash_alg, request['old_password'],
user.salt, user.password):
raise errors.InvalidOldPassword
user_session.cc = set_user_password(tid, user, request['password'],
user_session.cc)
# If the email address changed, send a validation email
if request['mail_address'] != user.mail_address:
user.change_email_address = request['mail_address']
user.change_email_date = datetime_now()
user.change_email_token = generateRandomKey()
user_desc = user_serialize_user(session, user, user.language)
user_desc['mail_address'] = request['mail_address']
template_vars = {
'type': 'email_validation',
'user': user_desc,
'new_email_address': request['mail_address'],
'validation_token': user.change_email_token,
'node': db_admin_serialize_node(session, tid, user.language),
'notification': db_get_notification(session, tid, user.language)
}
State.format_and_send_mail(session, tid, user_desc, template_vars)
parse_pgp_options(user, request)
return user
def db_get_wbtip(session, itip_id, language):
itip = models.db_get(session,
models.InternalTip,
models.InternalTip.id == itip_id)
itip.wb_access_counter += 1
itip.wb_last_access = datetime_now()
return serialize_wbtip(session, itip, language)
def set_internaltip_variable(session, tid, user_id, rtip_id, key, value):
rtip, itip = db_access_rtip(session, tid, user_id, rtip_id)
receiver = models.db_get(session, models.Receiver, models.Receiver.id == rtip.receiver_id)
if not (State.tenant_cache[tid].can_grant_permissions or
receiver.can_grant_permissions):
raise errors.ForbiddenOperation
setattr(itip, key, value)
def update_receiver_settings(store, receiver_id, request, language):
db_user_update_user(store, receiver_id, request)
receiver, user = models.db_get(store, (models.Receiver, models.User),
models.Receiver.id == receiver_id,
models.User.id == receiver_id)
receiver.tip_notification = request['tip_notification']
return receiver_serialize_receiver(store, receiver, user, language)
def set_internaltip_variable(session, tid, user_id, rtip_id, key, value):
rtip, itip = db_access_rtip(session, tid, user_id, rtip_id)
receiver = models.db_get(session, models.User, models.User.id == rtip.receiver_id)
if not (State.tenant_cache[tid].can_grant_permissions or
receiver.can_grant_permissions):
raise errors.ForbiddenOperation
setattr(itip, key, value)
def postpone_expiration_date(session, tid, user_id, rtip_id):
rtip, itip = db_access_rtip(session, tid, user_id, rtip_id)
receiver = models.db_get(session, models.Receiver, models.Receiver.id == rtip.receiver_id)
if not (State.tenant_cache[tid].can_postpone_expiration or
receiver.can_postpone_expiration):
raise errors.ForbiddenOperation
db_postpone_expiration_date(session, tid, itip)
def postpone_expiration_date(store, user_id, rtip_id):
rtip, itip = db_access_rtip(store, user_id, rtip_id)
receiver = models.db_get(store, models.Receiver, id=rtip.receiver_id)
if not (State.tenant_cache[1].can_postpone_expiration or
receiver.can_postpone_expiration):
raise errors.ExtendTipLifeNotEnabled
db_postpone_expiration_date(store, itip)
def postpone_expiration_date(session, tid, user_id, rtip_id):
rtip, itip = db_access_rtip(session, tid, user_id, rtip_id)
receiver = models.db_get(session, models.User, models.User.id == rtip.receiver_id)
if not (State.tenant_cache[tid].can_postpone_expiration or
receiver.can_postpone_expiration):
raise errors.ForbiddenOperation
db_postpone_expiration_date(session, tid, itip)
def postpone_expiration_date(store, user_id, rtip_id):
rtip, itip = db_access_rtip(store, user_id, rtip_id)
receiver = models.db_get(store, models.Receiver, id=rtip.receiver_id)
if not (GLSettings.memory_copy.can_postpone_expiration or
receiver.can_postpone_expiration):
raise errors.ExtendTipLifeNotEnabled
db_postpone_expiration_date(store, itip)
def set_internaltip_variable(store, user_id, rtip_id, key, value):
rtip, itip = db_access_rtip(store, user_id, rtip_id)
receiver = models.db_get(store, models.Receiver, id=rtip.receiver_id)
if not (GLSettings.memory_copy.can_grant_permissions or
receiver.can_grant_permissions):
raise errors.ForbiddenOperation
setattr(itip, key, value)
def db_get_wbtip(session, itip_id, language):
wbtip, itip = models.db_get(session,
(models.WhistleblowerTip, models.InternalTip),
models.WhistleblowerTip.id == models.InternalTip.id,
models.InternalTip.id == itip_id)
itip.wb_access_counter += 1
itip.wb_last_access = datetime_now()
return serialize_wbtip(session, wbtip, itip, language), wbtip.crypto_tip_prv_key
def db_get_wbtip(session, itip_id, language):
wbtip, itip = models.db_get(session,
(models.WhistleblowerTip, models.InternalTip),
models.WhistleblowerTip.id == models.InternalTip.id,
models.InternalTip.id == itip_id)
itip.wb_access_counter += 1
itip.wb_last_access = datetime_now()
return serialize_wbtip(session, wbtip, itip, language), wbtip.crypto_tip_prv_key
def update(session, id, request):
tenant = models.db_get(session, models.Tenant, models.Tenant.id == id)
tenant.update(request)
# A tenant created via signup but not activated may require initialization
if not session.query(models.Config).filter(models.Config.tid == id).count():
db_initialize(session, tenant, 'default')
db_refresh_memory_variables(session, [id])
return serialize_tenant(session, tenant)
def update_identity_information(session, tid, tip_id, identity_field_id, wbi, language):
itip = models.db_get(session, models.InternalTip, models.InternalTip.id == tip_id, models.InternalTip.tid == tid)
if itip.crypto_tip_pub_key:
wbi = base64.b64encode(GCE.asymmetric_encrypt(itip.crypto_tip_pub_key, json.dumps(wbi).encode())).decode()
db_set_internaltip_data(session, itip.id, 'identity_provided', True, False)
db_set_internaltip_data(session, itip.id, 'whistleblower_identity', wbi, True)
now = datetime_now()
itip.update_date = now
itip.wb_last_access = now
def delete_field(session, tid, field_id):
"""
Delete the field object corresponding to field_id
"""
field = models.db_get(session, models.Field, models.Field.tid == tid, models.Field.id == field_id)
if not field.editable:
raise errors.ForbiddenOperation
if field.instance == 'template' and session.query(models.Field).filter(models.Field.tid == tid, models.Field.template_id == field.id).count():
raise errors.InputValidationError("Cannot remove the field template as it is used by one or more questionnaires")
session.delete(field)
def receiver_serialize_wbfile(session, wbfile):
rtip = models.db_get(session, models.ReceiverTip, models.ReceiverTip.id == wbfile.receivertip_id)
return {
'id': wbfile.id,
'creation_date': datetime_to_ISO8601(wbfile.creation_date),
'name': wbfile.name,
'description': wbfile.description,
'size': wbfile.size,
'content_type': wbfile.content_type,
'downloads': wbfile.downloads,
'author': rtip.receiver_id
}
def delete_rtip(session, tid, user_id, rtip_id):
"""
Delete internalTip is possible only to Receiver with
the dedicated property.
"""
rtip, itip = db_access_rtip(session, tid, user_id, rtip_id)
receiver = models.db_get(session, models.User, models.User.id == rtip.receiver_id)
if not (State.tenant_cache[tid].can_delete_submission or
receiver.can_delete_submission):
raise errors.ForbiddenOperation
db_delete_itip(session, itip)
def update_context(session, tid, context_id, request, language):
"""
Updates the specified context. If the key receivers is specified we remove
the current receivers of the Context and reset set it to the new specified
ones.
Args:
context_id:
request:
(dict) the request to use to set the attributes of the Context
Returns:
(dict) the serialized object updated
"""
context = models.db_get(session, models.Context, models.Context.tid == tid, models.Context.id == context_id)
context = db_update_context(session, tid, context, request, language)
return admin_serialize_context(session, context, language)
def perform_tips_operation(session, tid, receiver_id, operation, rtips_ids):
receiver = models.db_get(session, models.User, models.User.id == receiver_id)
can_postpone_expiration = State.tenant_cache[tid].can_postpone_expiration or receiver.can_postpone_expiration
can_delete_submission = State.tenant_cache[tid].can_delete_submission or receiver.can_delete_submission
for itip in session.query(models.InternalTip) \
.filter(models.ReceiverTip.receiver_id == receiver_id,
models.ReceiverTip.id.in_(rtips_ids),
models.InternalTip.id == models.ReceiverTip.internaltip_id,
models.InternalTip.tid == tid):
if operation == 'postpone' and can_postpone_expiration:
db_postpone_expiration_date(session, tid, itip)
elif operation == 'delete' and can_delete_submission:
db_delete_itip(session, itip)
else:
raise errors.ForbiddenOperation
def update_questionnaire(session, tid, questionnaire_id, request, language):
"""
Updates the specified questionnaire. If the key receivers is specified we remove
the current receivers of the Questionnaire and reset set it to the new specified
ones.
Args:
questionnaire_id:
request:
(dict) the request to use to set the attributes of the Questionnaire
Returns:
(dict) the serialized object updated
"""
questionnaire = models.db_get(session, models.Questionnaire, models.Questionnaire.tid == tid, models.Questionnaire.id == questionnaire_id)
questionnaire = db_update_questionnaire(session, questionnaire, request, language)
return serialize_questionnaire(session, tid, questionnaire, language)
def set_reset_token(session, user_id, validation_token):
user = models.db_get(session, models.User, models.User.id == user_id)
user.change_email_date = datetime_now()
user.reset_password_token = validation_token
user.reset_password_date = datetime_now()
def get_user(session, user_id):
user = models.db_get(session, models.User, models.User.id == user_id)
session.expunge(user)
return user
def db_wizard(session, tid, request, client_using_tor, language):
language = request['node_language']
node = config.ConfigFactory(session, tid)
if tid != 1:
root_tenant_node = config.ConfigFactory(session, 1)
else:
root_tenant_node = node
if node.get_val(u'wizard_done'):
log.err("DANGER: Wizard already initialized!", tid=tid)
raise errors.ForbiddenOperation
db_update_enabled_languages(session, tid, [language], language)
node.set_val(u'name', request['node_name'])
node.set_val(u'default_language', language)
node.set_val(u'wizard_done', True)
node.set_val(u'enable_developers_exception_notification', request['enable_developers_exception_notification'])
# Guess Tor configuration from thee media used on first configuration and
# if the user is using Tor preserve node anonymity and perform outgoing connections via Tor
node.set_val(u'reachable_via_web', not client_using_tor)
node.set_val(u'allow_unencrypted', not client_using_tor)
node.set_val(u'anonymize_outgoing_connections', client_using_tor)
node_l10n = config.ConfigL10NFactory(session, tid)
node_l10n.set_val(u'header_title_homepage', language, request['node_name'])
profiles.load_profile(session, tid, request['profile'])
admin_desc = models.User().dict(language)
admin_desc['name'] = request['admin_name']
admin_desc['username'] = u'admin'
admin_desc['password'] = request['admin_password']
admin_desc['name'] = request['admin_name']
admin_desc['mail_address'] = request['admin_mail_address']
admin_desc['language'] = language
admin_desc['role'] =u'admin'
admin_desc['deletable'] = False
admin_desc['pgp_key_remove'] = False
admin_user = db_create_user(session, tid, admin_desc, language)
admin_user.password_change_needed = False
admin_user.password_change_date = datetime_now()
receiver_desc = models.User().dict(language)
receiver_desc['name'] = request['receiver_name']
receiver_desc['username'] = u'recipient'
receiver_desc['password'] = request['receiver_password']
receiver_desc['name'] = request['receiver_name']
receiver_desc['mail_address'] = request['receiver_mail_address']
receiver_desc['language'] = language
receiver_desc['role'] =u'receiver'
receiver_desc['deletable'] = True
receiver_desc['pgp_key_remove'] = False
receiver_user = db_create_user(session, tid, receiver_desc, language)
context_desc = models.Context().dict(language)
context_desc['status'] = 1
context_desc['name'] = u'Default'
context_desc['receivers'] = [receiver_user.id]
context = db_create_context(session, tid, context_desc, language)
# Root tenants initialization terminates here
if tid == 1:
db_refresh_memory_variables(session, [tid])
return
# Secondary tenants initialization starts here
tenant = models.db_get(session, models.Tenant, models.Tenant.id == tid)
tenant.label = request['node_name']
mode = node.get_val(u'mode')
if mode != u'default':
node.set_val(u'hostname', tenant.subdomain + '.' + node.get_val(u'rootdomain'))
node.set_val(u'reachable_via_web', True)
node.set_val(u'allow_unencrypted', True)
node.set_val(u'anonymize_outgoing_connections', True)
node.set_val(u'allow_iframes_inclusion', True)
context.questionnaire_id = root_tenant_node.get_val(u'default_questionnaire')
# Apply the specific fixes related to whistleblowing.it projects
if mode == u'whistleblowing.it':
node.set_val(u'disable_key_code_hint', True)
node.set_val(u'disable_privacy_badge', True)
node.set_val(u'disable_donation_panel', True)
node.set_val(u'simplified_login', True)
node.set_val(u'can_delete_submission', False)
node.set_val(u'enable_user_pgp_key_upload', False)
node.set_val(u'tor', False)
# Delete the admin user
session.delete(admin_user)
# Set the recipient name equal to the node name
receiver_user.name = request['node_name']
# Enable the recipient user to configure platform general settings
receiver_user.can_edit_general_settings = True
# Set data retention policy to 18 months
context.tip_timetolive = 540
# Enable recipients to load files to the whistleblower
context.enable_rc_to_wb_files = True
db_refresh_memory_variables(session, [tid])
def get(session, id):
return serialize_tenant(session, models.db_get(session, models.Tenant, models.Tenant.id == id))
def db_user_update_user(session, tid, user_session, request):
"""
Updates the specified user.
This version of the function is specific for users that with comparison with
admins can change only few things:
- real name
- email address
- preferred language
- the password (with old password check)
- pgp key
raises: globaleaks.errors.ResourceNotFound` if the receiver does not exist.
"""
from globaleaks.handlers.admin.notification import db_get_notification
from globaleaks.handlers.admin.node import db_admin_serialize_node
user = models.db_get(session,
models.User,
models.User.id == user_session.user_id)
user.language = request.get('language', State.tenant_cache[tid].default_language)
user.name = request['name']
new_password = request['password']
old_password = request['old_password']
if new_password:
if user.password_change_needed:
user.password_change_needed = False
else:
if not GCE.check_password(user.hash_alg,
old_password,
user.salt,
user.password):
raise errors.InvalidOldPassword
user.hash_alg = GCE.HASH
user.salt = GCE.generate_salt()
user.password = GCE.hash_password(new_password, user.salt)
user.password_change_date = datetime_now()
if State.tenant_cache[1].encryption:
enc_key = GCE.derive_key(request['password'].encode(), user.salt)
if not user_session.cc:
user_session.cc, user.crypto_pub_key = GCE.generate_keypair()
user.crypto_prv_key = GCE.symmetric_encrypt(enc_key, user_session.cc)
# If the email address changed, send a validation email
if request['mail_address'] != user.mail_address:
user.change_email_address = request['mail_address']
user.change_email_date = datetime_now()
user.change_email_token = generateRandomKey(32)
user_desc = user_serialize_user(session, user, user.language)
template_vars = {
'type': 'email_validation',
'user': user_desc,
'new_email_address': request['mail_address'],
'validation_token': user.change_email_token,
'node': db_admin_serialize_node(session, 1, user.language),
'notification': db_get_notification(session, tid, user.language)
}
State.format_and_send_mail(session, tid, user_desc, template_vars)
# If the platform allows users to change PGP keys, process it
if State.tenant_cache[tid]['enable_user_pgp_key_upload'] is True:
parse_pgp_options(user, request)
return user
def set_email_token(session, user_id, validation_token, email):
user = models.db_get(session, models.User, models.User.id == user_id)
user.change_email_date = datetime_now()
user.change_email_token = validation_token
user.change_email_address = email
