From dbdc5012c04555a50e54041c58476b78702ab147 Mon Sep 17 00:00:00 2001 From: Kushal Das Date: Tue, 30 Oct 2018 19:00:13 +0530 Subject: [PATCH 1/9] Keeps setup.py outside of codestyle checks --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 0c36d1783..3169fd92f 100644 --- a/Makefile +++ b/Makefile @@ -32,6 +32,6 @@ pyflakes: find . \( -name _build -o -name var -o -path ./docs -o -path \) -type d -prune -o -name '*.py' -print0 | $(XARGS) pyflakes pycodestyle: - find . \( -name _build -o -name var \) -type d -prune -o -name '*.py' -print0 | $(XARGS) -n 1 pycodestyle --repeat --exclude=build/*,docs/*,.vscode/* --ignore=E731,E402,W504 + find . \( -name _build -o -name var \) -type d -prune -o -name '*.py' -print0 | $(XARGS) -n 1 pycodestyle --repeat --exclude=build/*,docs/*,.vscode/*,setup.py --ignore=E731,E402,W504 check: clean pycodestyle pyflakes test From fe4ea9b4e339715c8cf120f59b3980e93f79efe1 Mon Sep 17 00:00:00 2001 From: Kushal Das Date: Tue, 30 Oct 2018 19:01:09 +0530 Subject: [PATCH 2/9] Adds setup.py and MANIFEST.in files --- MANIFEST.in | 15 +++++++++++++++ setup.py | 44 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 MANIFEST.in create mode 100644 setup.py diff --git a/MANIFEST.in b/MANIFEST.in new file mode 100644 index 000000000..5763841f1 --- /dev/null +++ b/MANIFEST.in @@ -0,0 +1,15 @@ +include requirements.txt +include README.md +include LICENSE +include setup.py +include Pipfile +include Pipfile.lock +include files/alembic.ini +include files/client.ini +include files/securedrop-client + +recursive-include alembic * +recursive-include securedrop_client * + +recursive-exclude alembic *.pyc +recursive-exclude securedrop_client *.pyc diff --git a/setup.py b/setup.py new file mode 100644 index 000000000..5d9deeab6 --- /dev/null +++ b/setup.py @@ -0,0 +1,44 @@ +import os +import setuptools + +with open("README.md", "r") as fh: + long_description = fh.read() + +# The CSS file +package_resources = ["securedrop_client/resources/css/sdclient.css"] + +# All other graphics used in the client +for name in os.listdir('./securedrop_client/resources/images/'): + package_resources.append(os.path.join( + "./securedrop_client/resources/images", name)) + +setuptools.setup( + name="securedrop-client", + version="0.0.1", + author="Freedom of the Press Foundation", + author_email="securedrop@freedom.press", + description="SecureDrop Workstation client application", + long_description=long_description, + long_description_content_type="text/markdown", + license="GPLv3+", + install_requires=["SQLALchemy", "alembic", "securedrop-sdk", + "pathlib2", "arrow", "certifi"], + python_requires=">=3.5", + url="https://github.com/freedomofpress/securedrop-proxy", + packages=["securedrop_client", "securedrop_client.gui", + "securedrop_client.resources"], + include_package_data=True, + classifiers=( + "Development Status :: 3 - Alpha", + "Programming Language :: Python :: 3", + "Topic :: Software Development :: Libraries :: Python Modules", + "License :: OSI Approved :: GNU General Public License v3 or later (GPLv3+)", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + ), + entry_points={ + 'console_scripts': [ + 'sd-client = securedrop_client.app:run', + ], + }, +) From 68dc14f077e8bfd1f744712bc797fccf7dd3d92e Mon Sep 17 00:00:00 2001 From: Kushal Das Date: Tue, 30 Oct 2018 19:02:05 +0530 Subject: [PATCH 3/9] Updates the required versions based on upstream releases --- Pipfile.lock | 14 +++++++------- requirements-build.txt | 18 +++++++++--------- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/Pipfile.lock b/Pipfile.lock index 1ffeb02cd..689f0db9e 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "09af453088bcd860c4289358e8bcae57a6aeeb23c663b5d793ccb4a28abdfe91" + "sha256": "6ad13a7879820d7a8e1f590818dbc2ee9aa428af018cff53a56adb91bfba4ef6" }, "pipfile-spec": 6, "requires": { @@ -74,10 +74,10 @@ }, "python-dateutil": { "hashes": [ - "sha256:2f13d3ea236aeb237e7258d5729c46eafe1506fd7f8507f34730734ed8b37454", - "sha256:f7cde3aecf8a797553d6ec49b65f0fbcffe7ffb971ccac452d181c28fd279936" + "sha256:063df5763652e21de43de7d9e00ccf239f953a832941e37be541614732cdfc93", + "sha256:88f9287c0174266bb0d8cedd395cfba9c58e87e5ad86b2ce58859bc11be3cf02" ], - "version": "==2.7.4" + "version": "==2.7.5" }, "python-editor": { "hashes": [ @@ -261,11 +261,11 @@ }, "pytest": { "hashes": [ - "sha256:212be78a6fa5352c392738a49b18f74ae9aeec1040f47c81cadbfd8d1233c310", - "sha256:6f6c1efc8d0ccc21f8f6c34d8330baca883cf109b66b3df954b0a117e5528fb4" + "sha256:a9e5e8d7ab9d5b0747f37740276eb362e6a76275d76cebbb52c6049d93b475db", + "sha256:bf47e8ed20d03764f963f0070ff1c8fda6e2671fc5dd562a4d3b7148ad60f5ca" ], "index": "pypi", - "version": "==3.9.2" + "version": "==3.9.3" }, "pytest-cov": { "hashes": [ diff --git a/requirements-build.txt b/requirements-build.txt index e12fd76e7..10549d3b4 100644 --- a/requirements-build.txt +++ b/requirements-build.txt @@ -1,15 +1,15 @@ -requests==2.20.0 --hash=sha256:99dcfdaaeb17caf6e526f32b6a7b780461512ab3f1d992187801694cba42770c --hash=sha256:a84b8c9ab6239b578f22d1c21d51b696dcfe004032bb80ea832398d6909d7279 -pathlib2==2.3.2 --hash=sha256:8eb170f8d0d61825e09a95b38be068299ddeda82f35e96c3301a8a5e7604cb83 --hash=sha256:d1aa2a11ba7b8f7b21ab852b1fb5afb277e1bb99d5dfc663380b5015c0d80c5a -python-editor==1.0.3 --hash=sha256:a3c066acee22a1c94f63938341d4fb374e3fdd69366ed6603d7b24bed1efc565 -certifi==2018.10.15 --hash=sha256:339dc09518b07e2fa7eda5450740925974815557727d6bd35d319c1524a04a4c --hash=sha256:6d58c986d22b038c8c0df30d639f23a3e6d172a05c3583e766f4c0b785c0986a idna==2.7 --hash=sha256:156a6814fb5ac1fc6850fb002e0852d56c0c8d2531923a51032d1b70760e186e --hash=sha256:684a38a6f903c1d71d6d5fac066b58d7768af4de2b832e426ec79c30daa94a16 -markupsafe==1.0 --hash=sha256:a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665 -python-dateutil==2.7.3 --hash=sha256:1adb80e7a782c12e52ef9a8182bebeb73f1d7e24e374397af06fb4956c8dc5c0 --hash=sha256:e27001de32f627c22380a688bcc43ce83504a7bc5da472209b4c70f02829f0b8 +pathlib2==2.3.2 --hash=sha256:8eb170f8d0d61825e09a95b38be068299ddeda82f35e96c3301a8a5e7604cb83 --hash=sha256:d1aa2a11ba7b8f7b21ab852b1fb5afb277e1bb99d5dfc663380b5015c0d80c5a mako==1.0.7 --hash=sha256:4e02fde57bd4abb5ec400181e4c314f56ac3e49ba4fb8b0d50bba18cb27d25ae +securedrop-sdk==0.0.3 --hash=sha256:5e3ebfde6ef63fc9a614da5b3b9820a93b827f2f7ecb4a72178ebe6d8e2f6d2a urllib3==1.24 --hash=sha256:41c3db2fc01e5b907288010dec72f9d0a74e37d6994e6eb56849f59fea2265ae --hash=sha256:8819bba37a02d143296a4d032373c4dd4aca11f6d4c9973335ca75f9c8475f59 +requests==2.20.0 --hash=sha256:99dcfdaaeb17caf6e526f32b6a7b780461512ab3f1d992187801694cba42770c --hash=sha256:a84b8c9ab6239b578f22d1c21d51b696dcfe004032bb80ea832398d6909d7279 +markupsafe==1.0 --hash=sha256:a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665 +python-dateutil==2.7.5 --hash=sha256:063df5763652e21de43de7d9e00ccf239f953a832941e37be541614732cdfc93 --hash=sha256:88f9287c0174266bb0d8cedd395cfba9c58e87e5ad86b2ce58859bc11be3cf02 --hash=sha256:78f89228bd45978e424099c06c597055ee6651d900ecd2df8e4c1d69b03ca5b6 arrow==0.12.1 --hash=sha256:a558d3b7b6ce7ffc74206a86c147052de23d3d4ef0e17c210dd478c53575c4cd -six==1.11.0 --hash=sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9 --hash=sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb +sqlalchemy==1.2.12 --hash=sha256:c5951d9ef1d5404ed04bae5a16b60a0779087378928f997a294d1229c6ca4d3e +python-editor==1.0.3 --hash=sha256:a3c066acee22a1c94f63938341d4fb374e3fdd69366ed6603d7b24bed1efc565 chardet==3.0.4 --hash=sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae --hash=sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691 alembic==1.0.1 --hash=sha256:0fe570f23dc48fb1bbda6f6a396f1c0c28d7045c0ad14018c104a511e6c1fe8a -sqlalchemy==1.2.12 --hash=sha256:c5951d9ef1d5404ed04bae5a16b60a0779087378928f997a294d1229c6ca4d3e -securedrop-sdk==0.0.1 --hash=sha256:82373118c49a141881332575c9ac1618973390a7d5c32ed29b3d64cb1f0d91e8 +certifi==2018.10.15 --hash=sha256:339dc09518b07e2fa7eda5450740925974815557727d6bd35d319c1524a04a4c --hash=sha256:6d58c986d22b038c8c0df30d639f23a3e6d172a05c3583e766f4c0b785c0986a +six==1.11.0 --hash=sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9 --hash=sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb \ No newline at end of file From 8777d8a6f0d23479d90f368174599cb9680354cf Mon Sep 17 00:00:00 2001 From: Kushal Das Date: Tue, 30 Oct 2018 19:02:43 +0530 Subject: [PATCH 4/9] Adds path for the debian package in sys.path --- alembic/env.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/alembic/env.py b/alembic/env.py index 20a3dae16..15a7477a9 100644 --- a/alembic/env.py +++ b/alembic/env.py @@ -16,6 +16,8 @@ # add your model's MetaData object here # for 'autogenerate' support sys.path.insert(0, path.realpath(path.join(path.dirname(__file__), '..'))) +# This path is purely for alembic to work on the packaged application +sys.path.insert(1, "/opt/venvs/securedrop-client/lib/python3.5/site-packages") from securedrop_client.models import Base # noqa target_metadata = Base.metadata From fc208f2ecb8b00e493c22ffff4ceeac90658af28 Mon Sep 17 00:00:00 2001 From: Kushal Das Date: Tue, 30 Oct 2018 19:03:17 +0530 Subject: [PATCH 5/9] Adds config files for packaging & securedrop-client script We need these config files for the Debian packaging. The securedrop-client script will make sure that we have the right database structure, or will apply the migration as required. We will need a future PR to fix ./run.sh to work with the changes related to Debian packaging. --- files/alembic.ini | 74 ++++++++++++++++++++++++++++++++++++++++ files/client.ini | 3 ++ files/securedrop-client | 13 +++++++ securedrop_client/app.py | 9 ++++- 4 files changed, 98 insertions(+), 1 deletion(-) create mode 100644 files/alembic.ini create mode 100644 files/client.ini create mode 100755 files/securedrop-client diff --git a/files/alembic.ini b/files/alembic.ini new file mode 100644 index 000000000..94c540bb1 --- /dev/null +++ b/files/alembic.ini @@ -0,0 +1,74 @@ +# A generic, single database configuration. + +[alembic] +# path to migration scripts +script_location = /usr/share/securedrop-client/alembic + +# template used to generate migration files +# file_template = %%(rev)s_%%(slug)s + +# timezone to use when rendering the date +# within the migration file as well as the filename. +# string value is passed to dateutil.tz.gettz() +# leave blank for localtime +# timezone = + +# max length of characters to apply to the +# "slug" field +#truncate_slug_length = 40 + +# set to 'true' to run the environment during +# the 'revision' command, regardless of autogenerate +# revision_environment = false + +# set to 'true' to allow .pyc and .pyo files without +# a source .py file to be detected as revisions in the +# versions/ directory +# sourceless = false + +# version location specification; this defaults +# to alembic/versions. When using multiple version +# directories, initial revisions must be specified with --version-path +# version_locations = %(here)s/bar %(here)s/bat alembic/versions + +# the output encoding used when revision files +# are written from script.py.mako +# output_encoding = utf-8 + +sqlalchemy.url = sqlite:////home/user/.securedrop_client/data/svs.sqlite + + +# Logging configuration +[loggers] +keys = root,sqlalchemy,alembic + +[handlers] +keys = console + +[formatters] +keys = generic + +[logger_root] +level = WARN +handlers = console +qualname = + +[logger_sqlalchemy] +level = WARN +handlers = +qualname = sqlalchemy.engine + +[logger_alembic] +level = INFO +handlers = +qualname = alembic + +[handler_console] +class = StreamHandler +args = (sys.stderr,) +level = NOTSET +formatter = generic + +[formatter_generic] +format = %(levelname)-5.5s [%(name)s] %(message)s +datefmt = %H:%M:%S diff --git a/files/client.ini b/files/client.ini new file mode 100644 index 000000000..0f3cf4d27 --- /dev/null +++ b/files/client.ini @@ -0,0 +1,3 @@ +[client] +homedir=~/.securedrop_client +use_securedrop_proxy=True \ No newline at end of file diff --git a/files/securedrop-client b/files/securedrop-client new file mode 100755 index 000000000..f2ec96ece --- /dev/null +++ b/files/securedrop-client @@ -0,0 +1,13 @@ +#!/bin/sh + +mkdir -p ~/.securedrop_client/logs +mkdir -p ~/.securedrop_client/data +chmod 0700 ~/.securedrop_client/logs +chmod 0700 ~/.securedrop_client/data +chmod 0700 ~/.securedrop_client +cd /opt/venvs/securedrop-client +# Now let us try to run alembic first +./bin/alembic -c /etc/securedrop-client/alembic.ini upgrade head + +# Now execute the actual client +./bin/sd-client \ No newline at end of file diff --git a/securedrop_client/app.py b/securedrop_client/app.py index 2059a82b5..dc860a3e8 100644 --- a/securedrop_client/app.py +++ b/securedrop_client/app.py @@ -22,6 +22,7 @@ import signal import sys import socket +import configparser from argparse import ArgumentParser from sqlalchemy.orm import sessionmaker from PyQt5.QtWidgets import QApplication, QMessageBox @@ -155,7 +156,7 @@ def start_app(args, qt_args) -> None: app.setWindowIcon(load_icon(gui.icon)) app.setStyleSheet(load_css('sdclient.css')) - engine = make_engine(args.sdc_home) + engine = make_engine(os.path.join(args.sdc_home, "data")) Session = sessionmaker(bind=engine) session = Session() @@ -171,7 +172,13 @@ def start_app(args, qt_args) -> None: def run() -> None: + config_file = "/etc/securdrop-client/client.ini" args, qt_args = arg_parser().parse_known_args() + if args.sdc_home == DEFAULT_SDC_HOME and \ + os.path.exists(config_file): # pragma: no cover + config = configparser.ConfigParser() + config.read(config_file) + args.sdc_home = config["client"]["homedir"] # reinsert the program's name qt_args.insert(0, 'securedrop-client') start_app(args, qt_args) From ca1c21b4ab8fd52ffc1de5d3412e18e0489d3605 Mon Sep 17 00:00:00 2001 From: Kushal Das Date: Tue, 30 Oct 2018 19:32:22 +0530 Subject: [PATCH 6/9] Adds createdb.py and updates run.sh to work for local instance We are now using the similar directory structure in run.sh and also in securdrop-client. We are also using the createdb.py to create the db in the local environment. --- createdb.py | 5 +++++ run.sh | 16 +++++++++++----- 2 files changed, 16 insertions(+), 5 deletions(-) create mode 100755 createdb.py diff --git a/createdb.py b/createdb.py new file mode 100755 index 000000000..33c4023ce --- /dev/null +++ b/createdb.py @@ -0,0 +1,5 @@ +#!/usr/bin/env python3 +import sys + +from securedrop_client.models import Base, make_engine +Base.metadata.create_all(make_engine(sys.argv[1])) diff --git a/run.sh b/run.sh index 1113c6995..405d73d55 100755 --- a/run.sh +++ b/run.sh @@ -16,14 +16,20 @@ while [ -n "$1" ]; do done SDC_HOME=${SDC_HOME:-$(mktemp -d)} +DB_HOME=$SDC_HOME/data +LOGS_HOME=$SDC_HOME/logs + +export SDC_HOME DB_HOME LOGS_HOME + +mkdir -p $DB_HOME +mkdir -p $LOGS_HOME +chmod 0700 $SDC_HOME +chmod 0700 $DB_HOME +chmod 0700 $LOGS_HOME echo "Running app with home directory: $SDC_HOME" # create the database for local testing - -python - << EOF -from securedrop_client.models import Base, make_engine -Base.metadata.create_all(make_engine("$SDC_HOME")) -EOF +./createdb.py $DB_HOME exec python -m securedrop_client --sdc-home "$SDC_HOME" $@ From f52192b66436778fd8d1da9ccec21bd1cd0caf2c Mon Sep 17 00:00:00 2001 From: Kushal Das Date: Tue, 30 Oct 2018 19:58:20 +0530 Subject: [PATCH 7/9] The Debian package tool now uses proxy by default Use ./run.sh --proxy to connect to the proxy vm. --- securedrop_client/app.py | 11 ++++++++--- securedrop_client/logic.py | 9 +++++---- tests/test_app.py | 3 ++- 3 files changed, 15 insertions(+), 8 deletions(-) diff --git a/securedrop_client/app.py b/securedrop_client/app.py index dc860a3e8..9a7c8c534 100644 --- a/securedrop_client/app.py +++ b/securedrop_client/app.py @@ -106,6 +106,9 @@ def arg_parser() -> ArgumentParser: type=expand_to_absolute, help=('SecureDrop Client home directory for storing files and state. ' '(Default {})'.format(DEFAULT_SDC_HOME))) + parser.add_argument( + '--proxy', action='store_true', + help='Use proxy AppVM name to connect to server.') return parser @@ -160,7 +163,8 @@ def start_app(args, qt_args) -> None: Session = sessionmaker(bind=engine) session = Session() - client = Client("http://localhost:8081/", gui, session, args.sdc_home) + client = Client("http://localhost:8081/", gui, session, + args.sdc_home, args.proxy) client.setup() configure_signal_handlers(app) @@ -172,13 +176,14 @@ def start_app(args, qt_args) -> None: def run() -> None: - config_file = "/etc/securdrop-client/client.ini" + config_file = "/etc/securedrop-client/client.ini" args, qt_args = arg_parser().parse_known_args() - if args.sdc_home == DEFAULT_SDC_HOME and \ + if args.sdc_home == expand_to_absolute(DEFAULT_SDC_HOME) and \ os.path.exists(config_file): # pragma: no cover config = configparser.ConfigParser() config.read(config_file) args.sdc_home = config["client"]["homedir"] + args.proxy = config["client"]["use_securedrop_proxy"] # reinsert the program's name qt_args.insert(0, 'securedrop-client') start_app(args, qt_args) diff --git a/securedrop_client/logic.py b/securedrop_client/logic.py index e90b2845b..024db6e18 100644 --- a/securedrop_client/logic.py +++ b/securedrop_client/logic.py @@ -87,7 +87,8 @@ class Client(QObject): timeout_api_call = pyqtSignal() # Indicates there was a timeout. - def __init__(self, hostname, gui, session, home: str) -> None: + def __init__(self, hostname, gui, session, + home: str, proxy: bool = False) -> None: """ The hostname, gui and session objects are used to coordinate with the various other layers of the application: the location of the SecureDrop @@ -106,6 +107,7 @@ def __init__(self, hostname, gui, session, home: str) -> None: self.home = home # The "home" directory for client files. self.data_dir = os.path.join(self.home, 'data') # File data. self.timer = None # call timeout timer + self.proxy = proxy def setup(self): """ @@ -187,9 +189,8 @@ def login(self, username, password, totp): Given a username, password and time based one-time-passcode (TOTP), create a new instance representing the SecureDrop api and authenticate. """ - - self.api = sdclientapi.API(self.hostname, username, password, totp) - + self.api = sdclientapi.API(self.hostname, username, + password, totp, self.proxy) self.call_api(self.api.authenticate, self.on_authenticate, self.on_login_timeout) diff --git a/tests/test_app.py b/tests/test_app.py index dc5f43949..c2696618e 100644 --- a/tests/test_app.py +++ b/tests/test_app.py @@ -103,6 +103,7 @@ def test_start_app(safe_tmpdir): mock_qt_args = mock.MagicMock() sdc_home = str(safe_tmpdir) mock_args.sdc_home = sdc_home + mock_args.proxy = False with mock.patch('securedrop_client.app.configure_logging') as conf_log, \ mock.patch('securedrop_client.app.QApplication') as mock_app, \ @@ -117,7 +118,7 @@ def test_start_app(safe_tmpdir): mock_win.assert_called_once_with() mock_client.assert_called_once_with('http://localhost:8081/', mock_win(), mock_session_class(), - sdc_home) + sdc_home, False) PERMISSIONS_CASES = [ From a3d0d72363528a746ba54f96700054f8c6340cf9 Mon Sep 17 00:00:00 2001 From: Kushal Das Date: Tue, 30 Oct 2018 21:00:49 +0530 Subject: [PATCH 8/9] Cleans up the default client config --- files/client.ini | 4 ++-- securedrop_client/app.py | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/files/client.ini b/files/client.ini index 0f3cf4d27..c42329495 100644 --- a/files/client.ini +++ b/files/client.ini @@ -1,3 +1,3 @@ [client] -homedir=~/.securedrop_client -use_securedrop_proxy=True \ No newline at end of file +homedir=/home/user/.securedrop_client +use_securedrop_proxy=True diff --git a/securedrop_client/app.py b/securedrop_client/app.py index 9a7c8c534..9926caa83 100644 --- a/securedrop_client/app.py +++ b/securedrop_client/app.py @@ -183,7 +183,8 @@ def run() -> None: config = configparser.ConfigParser() config.read(config_file) args.sdc_home = config["client"]["homedir"] - args.proxy = config["client"]["use_securedrop_proxy"] + sdc_home = config["client"]["use_securedrop_proxy"] + args.proxy = expand_to_absolute(sdc_home) # reinsert the program's name qt_args.insert(0, 'securedrop-client') start_app(args, qt_args) From c33103497f6aba8341be206a2629a6d60ccf3766 Mon Sep 17 00:00:00 2001 From: Kushal Das Date: Wed, 31 Oct 2018 11:39:13 +0530 Subject: [PATCH 9/9] Updates config locations and making proxy default for Client Now we have all the configurations under /usr/share/securedrop-client/ including the alembic.ini file. The database file is now located at ~/securedrop_client/ Based on the PR review comments. --- files/alembic.ini | 2 +- files/securedrop-client | 10 ++++------ run.sh | 12 +++--------- securedrop_client/app.py | 12 ++++++------ securedrop_client/logic.py | 2 +- 5 files changed, 15 insertions(+), 23 deletions(-) diff --git a/files/alembic.ini b/files/alembic.ini index 94c540bb1..4e08741d4 100644 --- a/files/alembic.ini +++ b/files/alembic.ini @@ -35,7 +35,7 @@ script_location = /usr/share/securedrop-client/alembic # are written from script.py.mako # output_encoding = utf-8 -sqlalchemy.url = sqlite:////home/user/.securedrop_client/data/svs.sqlite +sqlalchemy.url = sqlite:////home/user/.securedrop_client/svs.sqlite # Logging configuration diff --git a/files/securedrop-client b/files/securedrop-client index f2ec96ece..7f7e06c91 100755 --- a/files/securedrop-client +++ b/files/securedrop-client @@ -1,13 +1,11 @@ #!/bin/sh -mkdir -p ~/.securedrop_client/logs -mkdir -p ~/.securedrop_client/data -chmod 0700 ~/.securedrop_client/logs -chmod 0700 ~/.securedrop_client/data +mkdir -p ~/.securedrop_client chmod 0700 ~/.securedrop_client cd /opt/venvs/securedrop-client + # Now let us try to run alembic first -./bin/alembic -c /etc/securedrop-client/alembic.ini upgrade head +./bin/alembic -c /usr/share/securedrop-client/alembic.ini upgrade head # Now execute the actual client -./bin/sd-client \ No newline at end of file +./bin/sd-client diff --git a/run.sh b/run.sh index 405d73d55..ae8024423 100755 --- a/run.sh +++ b/run.sh @@ -16,20 +16,14 @@ while [ -n "$1" ]; do done SDC_HOME=${SDC_HOME:-$(mktemp -d)} -DB_HOME=$SDC_HOME/data -LOGS_HOME=$SDC_HOME/logs -export SDC_HOME DB_HOME LOGS_HOME +export SDC_HOME -mkdir -p $DB_HOME -mkdir -p $LOGS_HOME chmod 0700 $SDC_HOME -chmod 0700 $DB_HOME -chmod 0700 $LOGS_HOME echo "Running app with home directory: $SDC_HOME" # create the database for local testing -./createdb.py $DB_HOME +./createdb.py $SDC_HOME -exec python -m securedrop_client --sdc-home "$SDC_HOME" $@ +exec python -m securedrop_client --sdc-home "$SDC_HOME" --no-proxy $@ diff --git a/securedrop_client/app.py b/securedrop_client/app.py index 9926caa83..8645a1858 100644 --- a/securedrop_client/app.py +++ b/securedrop_client/app.py @@ -107,7 +107,7 @@ def arg_parser() -> ArgumentParser: help=('SecureDrop Client home directory for storing files and state. ' '(Default {})'.format(DEFAULT_SDC_HOME))) parser.add_argument( - '--proxy', action='store_true', + '--no-proxy', action='store_true', help='Use proxy AppVM name to connect to server.') return parser @@ -159,12 +159,12 @@ def start_app(args, qt_args) -> None: app.setWindowIcon(load_icon(gui.icon)) app.setStyleSheet(load_css('sdclient.css')) - engine = make_engine(os.path.join(args.sdc_home, "data")) + engine = make_engine(args.sdc_home) Session = sessionmaker(bind=engine) session = Session() client = Client("http://localhost:8081/", gui, session, - args.sdc_home, args.proxy) + args.sdc_home, not args.no_proxy) client.setup() configure_signal_handlers(app) @@ -176,15 +176,15 @@ def start_app(args, qt_args) -> None: def run() -> None: - config_file = "/etc/securedrop-client/client.ini" + config_file = "/usr/share/securedrop-client/client.ini" args, qt_args = arg_parser().parse_known_args() if args.sdc_home == expand_to_absolute(DEFAULT_SDC_HOME) and \ os.path.exists(config_file): # pragma: no cover config = configparser.ConfigParser() config.read(config_file) args.sdc_home = config["client"]["homedir"] - sdc_home = config["client"]["use_securedrop_proxy"] - args.proxy = expand_to_absolute(sdc_home) + use_proxy = config["client"].getboolean("use_securedrop_proxy") + args.no_proxy = not use_proxy # reinsert the program's name qt_args.insert(0, 'securedrop-client') start_app(args, qt_args) diff --git a/securedrop_client/logic.py b/securedrop_client/logic.py index 024db6e18..6d5d2cb12 100644 --- a/securedrop_client/logic.py +++ b/securedrop_client/logic.py @@ -88,7 +88,7 @@ class Client(QObject): timeout_api_call = pyqtSignal() # Indicates there was a timeout. def __init__(self, hostname, gui, session, - home: str, proxy: bool = False) -> None: + home: str, proxy: bool = True) -> None: """ The hostname, gui and session objects are used to coordinate with the various other layers of the application: the location of the SecureDrop