forked from freedomofpress/securedrop
-
Notifications
You must be signed in to change notification settings - Fork 0
/
journalist.py
82 lines (67 loc) · 2.48 KB
/
journalist.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
# -*- coding: utf-8 -*-
import os, time, datetime
import web
import config, crypto, store
urls = (
'/', 'index',
'/reply/', 'reply',
'/([a-f0-9]+)/', 'col',
'/([a-f0-9]+)/([0-9]+\.[0-9]+(?:_msg|_doc|)\.gpg)', 'doc'
)
render = web.template.render(config.JOURNALIST_TEMPLATES_DIR, base='base')
class index:
def GET(self):
dirs = os.listdir(config.STORE_DIR)
cols = []
for d in dirs:
if not os.listdir(store.path(d)): continue
cols.append(web.storage(name=d, codename=crypto.displayid(d), date=
str(datetime.datetime.fromtimestamp(
os.stat(store.path(d)).st_mtime
)).split('.')[0]
))
cols.sort(lambda x,y: cmp(x.date, y.date), reverse=True)
web.header('Cache-Control', 'no-cache, no-store, must-revalidate')
web.header('Pragma', 'no-cache')
web.header('Expires', '-1')
return render.index(cols)
class col:
def GET(self, sid):
fns = os.listdir(store.path(sid))
docs = []
for f in fns:
docs.append(web.storage(
name=f,
date=str(datetime.datetime.fromtimestamp(float(store.cleanname(f)))).split('.')[0]
))
docs.sort(lambda x,y: cmp(x.date, y.date))
haskey = bool(crypto.getkey(sid))
web.header('Cache-Control', 'no-cache, no-store, must-revalidate')
web.header('Pragma', 'no-cache')
web.header('Expires', '-1')
return render.col(docs, sid, haskey, codename=crypto.displayid(sid))
class doc:
def GET(self, sid, fn):
web.header('Content-Disposition', 'attachment; filename="' +
crypto.displayid(sid).replace(' ', '_') + '_' + fn + '"')
web.header('Cache-Control', 'no-cache, no-store, must-revalidate')
web.header('Pragma', 'no-cache')
web.header('Expires', '-1')
return file(store.path(sid, fn)).read()
class reply:
def GET(self):
raise web.seeother('/')
def POST(self):
i = web.input('sid', 'msg')
crypto.encrypt(crypto.getkey(i.sid), i.msg, output=
store.path(i.sid, 'reply-%s.gpg' % time.time())
)
web.header('Cache-Control', 'no-cache, no-store, must-revalidate')
web.header('Pragma', 'no-cache')
web.header('Expires', '-1')
return render.reply(i.sid)
web.config.debug = False
app = web.application(urls, locals())
application = app.wsgifunc()
if __name__ == "__main__":
app.run()