From 8a286d369bc612c4047d9219e065969f5e66349a Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 11:13:15 +0200
Subject: [PATCH 01/31] moved source app into source_app/__init__.py, change
 resource paths

---
 Makefile                                       |  1 +
 .../files/usr.sbin.apache2                     |  3 +++
 securedrop/.rsync-filter                       |  2 ++
 securedrop/i18n.py                             | 14 +++++++++++++-
 securedrop/source.py                           |  8 +++-----
 securedrop/source_app/__init__.py              | 18 ++++++++++++++++++
 securedrop/tests/test_i18n.py                  |  3 +--
 7 files changed, 41 insertions(+), 8 deletions(-)
 create mode 100644 securedrop/source_app/__init__.py

diff --git a/Makefile b/Makefile
index 5fd3b0e934..eff59fb7c1 100644
--- a/Makefile
+++ b/Makefile
@@ -43,6 +43,7 @@ docs: ## Build project documentation in live reload for editing
 flake8: ## Validates PEP8 compliance for Python source files.
 	flake8 --exclude='config.py' testinfra securedrop-admin \
 		securedrop/*.py securedrop/management \
+		securedrop/source_app/*.py \
 		securedrop/tests/functional securedrop/tests/*.py
 
 .PHONY: html-lint
diff --git a/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2 b/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
index 166d6a023b..3ddcfd181a 100644
--- a/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
+++ b/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
@@ -154,6 +154,9 @@
   /var/www/securedrop/i18n.pyc rw,
   /var/www/securedrop/source.py r,
   /var/www/securedrop/source.pyc rw,
+  /var/www/securedrop/source_app/__init__.py r,
+  /var/www/securedrop/source_app/__init__.pyc rw,
+  /var/www/securedrop/source_app/__pycache__/** rw,
   /var/www/securedrop/source_templates/banner_warning_flashed.html r,
   /var/www/securedrop/source_templates/base.html r,
   /var/www/securedrop/source_templates/error.html r,
diff --git a/securedrop/.rsync-filter b/securedrop/.rsync-filter
index 0b740682f1..3b29a14012 100644
--- a/securedrop/.rsync-filter
+++ b/securedrop/.rsync-filter
@@ -10,6 +10,8 @@ include management/
 include management/*.py
 include requirements/
 include requirements/**.txt
+include source_app/
+include source_app/*.py
 include source_templates/
 include source_templates/*.html
 include static/
diff --git a/securedrop/i18n.py b/securedrop/i18n.py
index 7e2e5c929b..2dd6fa56a9 100644
--- a/securedrop/i18n.py
+++ b/securedrop/i18n.py
@@ -24,6 +24,8 @@
 import os
 import re
 
+from os import path
+
 LOCALE_SPLIT = re.compile('(-|_)')
 LOCALES = set(['en_US'])
 babel = None
@@ -34,8 +36,18 @@ class LocaleNotFound(Exception):
     """Raised when the desired locale is not in the translations directory"""
 
 
-def setup_app(app):
+def setup_app(app, translation_dirs=None):
     global babel
+
+    if translation_dirs is None:
+            translation_dirs = \
+                    path.join(path.dirname(path.realpath(__file__)),
+                              'translations')
+
+    # `babel.translation_directories` is a nightmare
+    # We need to set this manually via an absolute path
+    app.config['BABEL_TRANSLATION_DIRECTORIES'] = translation_dirs
+
     babel = Babel(app)
     assert len(list(babel.translation_directories)) == 1
     for dirname in os.listdir(next(babel.translation_directories)):
diff --git a/securedrop/source.py b/securedrop/source.py
index e7181cda73..6d298a8f72 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -6,7 +6,7 @@
 import subprocess
 from threading import Thread
 import operator
-from flask import (Flask, request, render_template, session, redirect, url_for,
+from flask import (request, render_template, session, redirect, url_for,
                    flash, abort, g, send_file, Markup, make_response)
 from flask_wtf.csrf import CSRFProtect
 from flask_assets import Environment
@@ -24,17 +24,15 @@
 import store
 import template_filters
 from db import db_session, Source, Submission, Reply, get_one_or_else
-from request_that_secures_file_uploads import RequestThatSecuresFileUploads
 from jinja2 import evalcontextfilter
+from source_app import create_app
 
 import logging
 # This module's logger is explicitly labeled so the correct logger is used,
 # even when this is run from the command line (e.g. during development)
 log = logging.getLogger('source')
 
-app = Flask(__name__, template_folder=config.SOURCE_TEMPLATES_DIR)
-app.request_class = RequestThatSecuresFileUploads
-app.config.from_object(config.SourceInterfaceFlaskConfig)
+app = create_app()
 
 i18n.setup_app(app)
 
diff --git a/securedrop/source_app/__init__.py b/securedrop/source_app/__init__.py
new file mode 100644
index 0000000000..ebeac32a76
--- /dev/null
+++ b/securedrop/source_app/__init__.py
@@ -0,0 +1,18 @@
+from flask import Flask
+from os import path
+
+import config as global_config
+from request_that_secures_file_uploads import RequestThatSecuresFileUploads
+
+
+def create_app(config=None):
+    if config is None:
+        config = global_config
+
+    app = Flask(__name__,
+                template_folder=config.SOURCE_TEMPLATES_DIR,
+                static_folder=path.join(config.SECUREDROP_ROOT, 'static'))
+    app.request_class = RequestThatSecuresFileUploads
+    app.config.from_object(config.SourceInterfaceFlaskConfig)
+
+    return app
diff --git a/securedrop/tests/test_i18n.py b/securedrop/tests/test_i18n.py
index 3dd93ec19e..b65c630716 100644
--- a/securedrop/tests/test_i18n.py
+++ b/securedrop/tests/test_i18n.py
@@ -206,8 +206,7 @@ def test_i18n(self):
             if supported:
                 del config.SUPPORTED_LOCALES
             for app in (journalist.app, source.app):
-                app.config['BABEL_TRANSLATION_DIRECTORIES'] = config.TEMP_DIR
-                i18n.setup_app(app)
+                i18n.setup_app(app, translation_dirs=config.TEMP_DIR)
                 self.verify_i18n(app)
         finally:
             if supported:

From 5c759e50bfd126c0004812f7dfd97b933e0c0417 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 11:20:44 +0200
Subject: [PATCH 02/31] move csrf protection, assets into create_app function

---
 securedrop/source.py              |  9 ---------
 securedrop/source_app/__init__.py | 10 ++++++++++
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index 6d298a8f72..c7cbb9d9fd 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -8,8 +8,6 @@
 import operator
 from flask import (request, render_template, session, redirect, url_for,
                    flash, abort, g, send_file, Markup, make_response)
-from flask_wtf.csrf import CSRFProtect
-from flask_assets import Environment
 
 from sqlalchemy.orm.exc import MultipleResultsFound, NoResultFound
 from sqlalchemy.exc import IntegrityError
@@ -33,15 +31,8 @@
 log = logging.getLogger('source')
 
 app = create_app()
-
 i18n.setup_app(app)
 
-assets = Environment(app)
-
-# The default CSRF token expiration is 1 hour. Since large uploads can
-# take longer than an hour over Tor, we increase the valid window to 24h.
-app.config['WTF_CSRF_TIME_LIMIT'] = 60 * 60 * 24
-CSRFProtect(app)
 
 app.jinja_env.globals['version'] = version.__version__
 if getattr(config, 'CUSTOM_HEADER_IMAGE', None):
diff --git a/securedrop/source_app/__init__.py b/securedrop/source_app/__init__.py
index ebeac32a76..5027943e60 100644
--- a/securedrop/source_app/__init__.py
+++ b/securedrop/source_app/__init__.py
@@ -1,4 +1,6 @@
 from flask import Flask
+from flask_assets import Environment
+from flask_wtf.csrf import CSRFProtect
 from os import path
 
 import config as global_config
@@ -15,4 +17,12 @@ def create_app(config=None):
     app.request_class = RequestThatSecuresFileUploads
     app.config.from_object(config.SourceInterfaceFlaskConfig)
 
+    # The default CSRF token expiration is 1 hour. Since large uploads can
+    # take longer than an hour over Tor, we increase the valid window to 24h.
+    app.config['WTF_CSRF_TIME_LIMIT'] = 60 * 60 * 24
+    CSRFProtect(app)
+
+    assets = Environment(app)
+    app.config['assets'] = assets
+
     return app

From 943a117a31935e5332c54cf2c1697a7a2eeb7e87 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 12:31:48 +0200
Subject: [PATCH 03/31] moved jinja filters into create_app

---
 securedrop/source.py              | 16 ----------------
 securedrop/source_app/__init__.py | 20 ++++++++++++++++++++
 2 files changed, 20 insertions(+), 16 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index c7cbb9d9fd..f5a4684fff 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -20,9 +20,7 @@
 from rm import srm
 import i18n
 import store
-import template_filters
 from db import db_session, Source, Submission, Reply, get_one_or_else
-from jinja2 import evalcontextfilter
 from source_app import create_app
 
 import logging
@@ -31,20 +29,6 @@
 log = logging.getLogger('source')
 
 app = create_app()
-i18n.setup_app(app)
-
-
-app.jinja_env.globals['version'] = version.__version__
-if getattr(config, 'CUSTOM_HEADER_IMAGE', None):
-    app.jinja_env.globals['header_image'] = config.CUSTOM_HEADER_IMAGE
-    app.jinja_env.globals['use_custom_header_image'] = True
-else:
-    app.jinja_env.globals['header_image'] = 'logo.png'
-    app.jinja_env.globals['use_custom_header_image'] = False
-
-app.jinja_env.filters['datetimeformat'] = template_filters.datetimeformat
-app.jinja_env.filters['nl2br'] = evalcontextfilter(template_filters.nl2br)
-app.jinja_env.filters['filesizeformat'] = template_filters.filesizeformat
 
 
 @app.teardown_appcontext
diff --git a/securedrop/source_app/__init__.py b/securedrop/source_app/__init__.py
index 5027943e60..62babc5407 100644
--- a/securedrop/source_app/__init__.py
+++ b/securedrop/source_app/__init__.py
@@ -1,10 +1,14 @@
 from flask import Flask
 from flask_assets import Environment
 from flask_wtf.csrf import CSRFProtect
+from jinja2 import evalcontextfilter
 from os import path
 
 import config as global_config
+import i18n
 from request_that_secures_file_uploads import RequestThatSecuresFileUploads
+import template_filters
+import version
 
 
 def create_app(config=None):
@@ -25,4 +29,20 @@ def create_app(config=None):
     assets = Environment(app)
     app.config['assets'] = assets
 
+    # this set needs to happen *before* we set the jinja filters otherwise
+    # we get name collisions
+    i18n.setup_app(app)
+
+    app.jinja_env.globals['version'] = version.__version__
+    if getattr(config, 'CUSTOM_HEADER_IMAGE', None):
+        app.jinja_env.globals['header_image'] = config.CUSTOM_HEADER_IMAGE
+        app.jinja_env.globals['use_custom_header_image'] = True
+    else:
+        app.jinja_env.globals['header_image'] = 'logo.png'
+        app.jinja_env.globals['use_custom_header_image'] = False
+
+    app.jinja_env.filters['datetimeformat'] = template_filters.datetimeformat
+    app.jinja_env.filters['nl2br'] = evalcontextfilter(template_filters.nl2br)
+    app.jinja_env.filters['filesizeformat'] = template_filters.filesizeformat
+
     return app

From f5f0c934418edc4910cb31d1f66273534ed0bce0 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 12:44:57 +0200
Subject: [PATCH 04/31] move error handlers to create_app

---
 securedrop/source.py              | 10 ----------
 securedrop/source_app/__init__.py | 10 +++++++++-
 2 files changed, 9 insertions(+), 11 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index f5a4684fff..e77dce547e 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -429,16 +429,6 @@ def metadata():
     return resp
 
 
-@app.errorhandler(404)
-def page_not_found(error):
-    return render_template('notfound.html'), 404
-
-
-@app.errorhandler(500)
-def internal_error(error):
-    return render_template('error.html'), 500
-
-
 if __name__ == "__main__":  # pragma: no cover
     debug = getattr(config, 'env', 'prod') != 'prod'
     app.run(debug=debug, host='0.0.0.0', port=8080)
diff --git a/securedrop/source_app/__init__.py b/securedrop/source_app/__init__.py
index 62babc5407..dfb5f946ed 100644
--- a/securedrop/source_app/__init__.py
+++ b/securedrop/source_app/__init__.py
@@ -1,4 +1,4 @@
-from flask import Flask
+from flask import Flask, render_template
 from flask_assets import Environment
 from flask_wtf.csrf import CSRFProtect
 from jinja2 import evalcontextfilter
@@ -45,4 +45,12 @@ def create_app(config=None):
     app.jinja_env.filters['nl2br'] = evalcontextfilter(template_filters.nl2br)
     app.jinja_env.filters['filesizeformat'] = template_filters.filesizeformat
 
+    @app.errorhandler(404)
+    def page_not_found(error):
+        return render_template('notfound.html'), 404
+
+    @app.errorhandler(500)
+    def internal_error(error):
+        return render_template('error.html'), 500
+
     return app

From b617ec22ccf4a2a4df6a75ecc4fd2f967b363be0 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 13:06:12 +0200
Subject: [PATCH 05/31] moved index route into blueprint, init blueprints

---
 securedrop/source.py                   |  9 ++-------
 securedrop/source_app/__init__.py      |  6 +++++-
 securedrop/source_app/views.py         | 15 +++++++++++++++
 securedrop/source_templates/base.html  |  2 +-
 securedrop/source_templates/login.html |  2 +-
 5 files changed, 24 insertions(+), 10 deletions(-)
 create mode 100644 securedrop/source_app/views.py

diff --git a/securedrop/source.py b/securedrop/source.py
index e77dce547e..e7237d6461 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -92,7 +92,7 @@ def setup_g():
                 (e,))
             del session['logged_in']
             del session['codename']
-            return redirect(url_for('index'))
+            return redirect(url_for('main.index'))
         g.loc = store.path(g.filesystem_id)
 
 
@@ -109,11 +109,6 @@ def check_tor2web():
               "banner-warning")
 
 
-@app.route('/')
-def index():
-    return render_template('index.html')
-
-
 def generate_unique_codename():
     """Generate random codenames until we get an unused one"""
     while True:
@@ -392,7 +387,7 @@ def logout():
         session.clear()
         msg = render_template('logout_flashed_message.html')
         flash(Markup(msg), "important hide-if-not-tor-browser")
-    return redirect(url_for('index'))
+    return redirect(url_for('main.index'))
 
 
 @app.route('/tor2web-warning')
diff --git a/securedrop/source_app/__init__.py b/securedrop/source_app/__init__.py
index dfb5f946ed..63cad4c13e 100644
--- a/securedrop/source_app/__init__.py
+++ b/securedrop/source_app/__init__.py
@@ -6,10 +6,12 @@
 
 import config as global_config
 import i18n
-from request_that_secures_file_uploads import RequestThatSecuresFileUploads
 import template_filters
 import version
 
+from request_that_secures_file_uploads import RequestThatSecuresFileUploads
+from source_app import views
+
 
 def create_app(config=None):
     if config is None:
@@ -45,6 +47,8 @@ def create_app(config=None):
     app.jinja_env.filters['nl2br'] = evalcontextfilter(template_filters.nl2br)
     app.jinja_env.filters['filesizeformat'] = template_filters.filesizeformat
 
+    views.add_blueprints(app)
+
     @app.errorhandler(404)
     def page_not_found(error):
         return render_template('notfound.html'), 404
diff --git a/securedrop/source_app/views.py b/securedrop/source_app/views.py
new file mode 100644
index 0000000000..ee18962698
--- /dev/null
+++ b/securedrop/source_app/views.py
@@ -0,0 +1,15 @@
+from flask import Blueprint, render_template
+
+
+def add_blueprints(app):
+    app.register_blueprint(_main_blueprint())
+
+
+def _main_blueprint():
+    view = Blueprint('main', 'main')
+
+    @view.route('/')
+    def index():
+        return render_template('index.html')
+
+    return view
diff --git a/securedrop/source_templates/base.html b/securedrop/source_templates/base.html
index b8e6f7ddc1..81289bf6e6 100644
--- a/securedrop/source_templates/base.html
+++ b/securedrop/source_templates/base.html
@@ -15,7 +15,7 @@
     <div class="content">
       {% block header %}
       <div id="header">
-        <a href="{% if 'logged_in' in session %}{{ url_for('lookup') }}{% else %}{{ url_for('index') }}{% endif %}">
+        <a href="{% if 'logged_in' in session %}{{ url_for('lookup') }}{% else %}{{ url_for('main.index') }}{% endif %}">
           <img src="/static/i/{{ header_image }}" class="logo small" alt="SecureDrop" width="250px">
         </a>
         {% include 'locales.html' %}
diff --git a/securedrop/source_templates/login.html b/securedrop/source_templates/login.html
index a4d3ada886..4a0ee65244 100644
--- a/securedrop/source_templates/login.html
+++ b/securedrop/source_templates/login.html
@@ -10,7 +10,7 @@ <h1>{{ gettext('Enter Codename') }}</h1>
 
 <p class="center"><input id="login-with-existing-codename" type="password" name="codename" class="codename-box" autocomplete="off" placeholder="{{ gettext('Enter your codename') }}" autofocus></p>
 <div class="pull-right">
-  <a href="{{ url_for('index') }}" class="sd-button btn secondary" id="cancel">{{ gettext('CANCEL') }}</a>
+  <a href="{{ url_for('main.index') }}" class="sd-button btn secondary" id="cancel">{{ gettext('CANCEL') }}</a>
   <button type="submit" class="sd-button btn primary" id="login">
     <img class="icon off-hover" src="{{ url_for('static', filename='i/font-awesome/fa-arrow-circle-o-right-white.png') }}" width="18px" height="18px">
     <img class="icon on-hover" src="{{ url_for('static', filename='i/font-awesome/fa-arrow-circle-o-right-blue.png') }}" width="18px" height="18px">

From f86323d5d0c614ae67092f0a0dc2756937f023e8 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 13:24:12 +0200
Subject: [PATCH 06/31] moved logged_id to source_app/utils.py

---
 .../build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2 | 2 ++
 securedrop/source.py                                         | 5 +----
 securedrop/source_app/utils.py                               | 5 +++++
 3 files changed, 8 insertions(+), 4 deletions(-)
 create mode 100644 securedrop/source_app/utils.py

diff --git a/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2 b/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
index 3ddcfd181a..374f4f6534 100644
--- a/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
+++ b/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
@@ -157,6 +157,8 @@
   /var/www/securedrop/source_app/__init__.py r,
   /var/www/securedrop/source_app/__init__.pyc rw,
   /var/www/securedrop/source_app/__pycache__/** rw,
+  /var/www/securedrop/source_app/utils.py r,
+  /var/www/securedrop/source_app/utils.pyc rw,
   /var/www/securedrop/source_templates/banner_warning_flashed.html r,
   /var/www/securedrop/source_templates/base.html r,
   /var/www/securedrop/source_templates/error.html r,
diff --git a/securedrop/source.py b/securedrop/source.py
index e7237d6461..17be553175 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -22,6 +22,7 @@
 import store
 from db import db_session, Source, Submission, Reply, get_one_or_else
 from source_app import create_app
+from source_app.utils import logged_in
 
 import logging
 # This module's logger is explicitly labeled so the correct logger is used,
@@ -38,10 +39,6 @@ def shutdown_session(exception=None):
     db_session.remove()
 
 
-def logged_in():
-    return 'logged_in' in session
-
-
 def login_required(f):
     @wraps(f)
     def decorated_function(*args, **kwargs):
diff --git a/securedrop/source_app/utils.py b/securedrop/source_app/utils.py
new file mode 100644
index 0000000000..5042f19d43
--- /dev/null
+++ b/securedrop/source_app/utils.py
@@ -0,0 +1,5 @@
+from flask import session
+
+
+def logged_in():
+    return 'logged_in' in session

From 1c231bb35de2ac10b9fcc68f94e8ebf2426bd46d Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 13:30:49 +0200
Subject: [PATCH 07/31] move login_required to source_app/decorators.py

---
 .../files/usr.sbin.apache2                          |  2 ++
 securedrop/source.py                                | 10 +---------
 securedrop/source_app/decorators.py                 | 13 +++++++++++++
 3 files changed, 16 insertions(+), 9 deletions(-)
 create mode 100644 securedrop/source_app/decorators.py

diff --git a/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2 b/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
index 374f4f6534..65140e2663 100644
--- a/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
+++ b/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
@@ -157,6 +157,8 @@
   /var/www/securedrop/source_app/__init__.py r,
   /var/www/securedrop/source_app/__init__.pyc rw,
   /var/www/securedrop/source_app/__pycache__/** rw,
+  /var/www/securedrop/source_app/decorators.py r,
+  /var/www/securedrop/source_app/decorators.pyc rw,
   /var/www/securedrop/source_app/utils.py r,
   /var/www/securedrop/source_app/utils.pyc rw,
   /var/www/securedrop/source_templates/banner_warning_flashed.html r,
diff --git a/securedrop/source.py b/securedrop/source.py
index 17be553175..a4dba05f87 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -22,6 +22,7 @@
 import store
 from db import db_session, Source, Submission, Reply, get_one_or_else
 from source_app import create_app
+from source_app.decorators import login_required
 from source_app.utils import logged_in
 
 import logging
@@ -39,15 +40,6 @@ def shutdown_session(exception=None):
     db_session.remove()
 
 
-def login_required(f):
-    @wraps(f)
-    def decorated_function(*args, **kwargs):
-        if not logged_in():
-            return redirect(url_for('login'))
-        return f(*args, **kwargs)
-    return decorated_function
-
-
 def ignore_static(f):
     """Only executes the wrapped function if we're not loading
     a static resource."""
diff --git a/securedrop/source_app/decorators.py b/securedrop/source_app/decorators.py
new file mode 100644
index 0000000000..29f46bd5c4
--- /dev/null
+++ b/securedrop/source_app/decorators.py
@@ -0,0 +1,13 @@
+from flask import redirect, url_for
+from functools import wraps
+
+from source_app.utils import logged_in
+
+
+def login_required(f):
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        if not logged_in():
+            return redirect(url_for('login'))
+        return f(*args, **kwargs)
+    return decorated_function

From 5af2cd3cff95f8bb9068438276b1c00bb7ec3b16 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 13:37:36 +0200
Subject: [PATCH 08/31] moved ignore_static to source_app/decorators.py

---
 securedrop/source.py                | 14 +-------------
 securedrop/source_app/decorators.py | 13 ++++++++++++-
 2 files changed, 13 insertions(+), 14 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index a4dba05f87..bd5d7e4d42 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -1,7 +1,6 @@
 # -*- coding: utf-8 -*-
 import os
 from datetime import datetime
-from functools import wraps
 from cStringIO import StringIO
 import subprocess
 from threading import Thread
@@ -22,7 +21,7 @@
 import store
 from db import db_session, Source, Submission, Reply, get_one_or_else
 from source_app import create_app
-from source_app.decorators import login_required
+from source_app.decorators import login_required, ignore_static
 from source_app.utils import logged_in
 
 import logging
@@ -40,17 +39,6 @@ def shutdown_session(exception=None):
     db_session.remove()
 
 
-def ignore_static(f):
-    """Only executes the wrapped function if we're not loading
-    a static resource."""
-    @wraps(f)
-    def decorated_function(*args, **kwargs):
-        if request.path.startswith('/static'):
-            return  # don't execute the decorated function
-        return f(*args, **kwargs)
-    return decorated_function
-
-
 @app.before_request
 @ignore_static
 def setup_g():
diff --git a/securedrop/source_app/decorators.py b/securedrop/source_app/decorators.py
index 29f46bd5c4..9ec36cdae5 100644
--- a/securedrop/source_app/decorators.py
+++ b/securedrop/source_app/decorators.py
@@ -1,4 +1,4 @@
-from flask import redirect, url_for
+from flask import redirect, url_for, request
 from functools import wraps
 
 from source_app.utils import logged_in
@@ -11,3 +11,14 @@ def decorated_function(*args, **kwargs):
             return redirect(url_for('login'))
         return f(*args, **kwargs)
     return decorated_function
+
+
+def ignore_static(f):
+    """Only executes the wrapped function if we're not loading
+    a static resource."""
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        if request.path.startswith('/static'):
+            return  # don't execute the decorated function
+        return f(*args, **kwargs)
+    return decorated_function

From 092255d1886e8d4e21c4a1ea183e3f89819eac23 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 13:40:25 +0200
Subject: [PATCH 09/31] moved valid_codename to source_app/utils.py

---
 securedrop/source.py           | 21 +--------------------
 securedrop/source_app/utils.py | 25 ++++++++++++++++++++++++-
 2 files changed, 25 insertions(+), 21 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index bd5d7e4d42..025805d7cd 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -22,7 +22,7 @@
 from db import db_session, Source, Submission, Reply, get_one_or_else
 from source_app import create_app
 from source_app.decorators import login_required, ignore_static
-from source_app.utils import logged_in
+from source_app.utils import logged_in, valid_codename
 
 import logging
 # This module's logger is explicitly labeled so the correct logger is used,
@@ -324,25 +324,6 @@ def batch_delete():
     return redirect(url_for('lookup'))
 
 
-def valid_codename(codename):
-    # Ignore codenames that are too long to avoid DoS
-    if len(codename) > Source.MAX_CODENAME_LEN:
-        app.logger.info(
-                "Ignored attempted login because the codename was too long.")
-        return False
-
-    try:
-        filesystem_id = crypto_util.hash_codename(codename)
-    except crypto_util.CryptoException as e:
-        app.logger.info(
-                "Could not compute filesystem ID for codename '{}': {}".format(
-                    codename, e))
-        abort(500)
-
-    source = Source.query.filter_by(filesystem_id=filesystem_id).first()
-    return source is not None
-
-
 @app.route('/login', methods=('GET', 'POST'))
 def login():
     if request.method == 'POST':
diff --git a/securedrop/source_app/utils.py b/securedrop/source_app/utils.py
index 5042f19d43..a4bb71f1b6 100644
--- a/securedrop/source_app/utils.py
+++ b/securedrop/source_app/utils.py
@@ -1,5 +1,28 @@
-from flask import session
+from flask import session, current_app, abort
+
+import crypto_util
+
+from db import Source
 
 
 def logged_in():
     return 'logged_in' in session
+
+
+def valid_codename(codename):
+    # Ignore codenames that are too long to avoid DoS
+    if len(codename) > Source.MAX_CODENAME_LEN:
+        current_app.logger.info(
+                "Ignored attempted login because the codename was too long.")
+        return False
+
+    try:
+        filesystem_id = crypto_util.hash_codename(codename)
+    except crypto_util.CryptoException as e:
+        current_app.logger.info(
+                "Could not compute filesystem ID for codename '{}': {}".format(
+                    codename, e))
+        abort(500)
+
+    source = Source.query.filter_by(filesystem_id=filesystem_id).first()
+    return source is not None

From 121fa3fab0cce869c367f2f7fea446e9f2fb06ed Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 13:44:07 +0200
Subject: [PATCH 10/31] moved generate_unique_codename to source_app/utils.py

---
 securedrop/source.py           | 28 ++--------------------------
 securedrop/source_app/utils.py | 25 +++++++++++++++++++++++++
 2 files changed, 27 insertions(+), 26 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index 025805d7cd..cb0eb03e55 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -22,7 +22,8 @@
 from db import db_session, Source, Submission, Reply, get_one_or_else
 from source_app import create_app
 from source_app.decorators import login_required, ignore_static
-from source_app.utils import logged_in, valid_codename
+from source_app.utils import (logged_in, valid_codename,
+                              generate_unique_codename)
 
 import logging
 # This module's logger is explicitly labeled so the correct logger is used,
@@ -86,31 +87,6 @@ def check_tor2web():
               "banner-warning")
 
 
-def generate_unique_codename():
-    """Generate random codenames until we get an unused one"""
-    while True:
-        codename = crypto_util.genrandomid(Source.NUM_WORDS)
-
-        # The maximum length of a word in the wordlist is 9 letters and the
-        # codename length is 7 words, so it is currently impossible to
-        # generate a codename that is longer than the maximum codename length
-        # (currently 128 characters). This code is meant to be defense in depth
-        # to guard against potential future changes, such as modifications to
-        # the word list or the maximum codename length.
-        if len(codename) > Source.MAX_CODENAME_LEN:
-            app.logger.warning(
-                    "Generated a source codename that was too long, "
-                    "skipping it. This should not happen. "
-                    "(Codename='{}')".format(codename))
-            continue
-
-        filesystem_id = crypto_util.hash_codename(codename)  # scrypt (slow)
-        matching_sources = Source.query.filter(
-            Source.filesystem_id == filesystem_id).all()
-        if len(matching_sources) == 0:
-            return codename
-
-
 @app.route('/generate', methods=('GET', 'POST'))
 def generate():
     if logged_in():
diff --git a/securedrop/source_app/utils.py b/securedrop/source_app/utils.py
index a4bb71f1b6..f0e08448aa 100644
--- a/securedrop/source_app/utils.py
+++ b/securedrop/source_app/utils.py
@@ -26,3 +26,28 @@ def valid_codename(codename):
 
     source = Source.query.filter_by(filesystem_id=filesystem_id).first()
     return source is not None
+
+
+def generate_unique_codename():
+    """Generate random codenames until we get an unused one"""
+    while True:
+        codename = crypto_util.genrandomid(Source.NUM_WORDS)
+
+        # The maximum length of a word in the wordlist is 9 letters and the
+        # codename length is 7 words, so it is currently impossible to
+        # generate a codename that is longer than the maximum codename length
+        # (currently 128 characters). This code is meant to be defense in depth
+        # to guard against potential future changes, such as modifications to
+        # the word list or the maximum codename length.
+        if len(codename) > Source.MAX_CODENAME_LEN:
+            current_app.logger.warning(
+                    "Generated a source codename that was too long, "
+                    "skipping it. This should not happen. "
+                    "(Codename='{}')".format(codename))
+            continue
+
+        filesystem_id = crypto_util.hash_codename(codename)  # scrypt (slow)
+        matching_sources = Source.query.filter(
+            Source.filesystem_id == filesystem_id).all()
+        if len(matching_sources) == 0:
+            return codename

From 6aeb73e3ef5e9d829708a1f74d7a4dca1c538762 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 13:48:38 +0200
Subject: [PATCH 11/31] moved aysnc & async_genkey to source_app/utils.py

---
 securedrop/source.py           | 27 +--------------------------
 securedrop/source_app/utils.py | 29 ++++++++++++++++++++++++++++-
 2 files changed, 29 insertions(+), 27 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index cb0eb03e55..59e8efdcb4 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -3,7 +3,6 @@
 from datetime import datetime
 from cStringIO import StringIO
 import subprocess
-from threading import Thread
 import operator
 from flask import (request, render_template, session, redirect, url_for,
                    flash, abort, g, send_file, Markup, make_response)
@@ -22,7 +21,7 @@
 from db import db_session, Source, Submission, Reply, get_one_or_else
 from source_app import create_app
 from source_app.decorators import login_required, ignore_static
-from source_app.utils import (logged_in, valid_codename,
+from source_app.utils import (logged_in, valid_codename, async_genkey,
                               generate_unique_codename)
 
 import logging
@@ -120,30 +119,6 @@ def create():
     return redirect(url_for('lookup'))
 
 
-def async(f):
-    def wrapper(*args, **kwargs):
-        thread = Thread(target=f, args=args, kwargs=kwargs)
-        thread.start()
-    return wrapper
-
-
-@async
-def async_genkey(filesystem_id, codename):
-    crypto_util.genkeypair(filesystem_id, codename)
-
-    # Register key generation as update to the source, so sources will
-    # filter to the top of the list in the journalist interface if a
-    # flagged source logs in and has a key generated for them. #789
-    try:
-        source = Source.query.filter(Source.filesystem_id == filesystem_id) \
-                       .one()
-        source.last_updated = datetime.utcnow()
-        db_session.commit()
-    except Exception as e:
-        app.logger.error("async_genkey for source "
-                         "(filesystem_id={}): {}".format(filesystem_id, e))
-
-
 @app.route('/lookup', methods=('GET',))
 @login_required
 def lookup():
diff --git a/securedrop/source_app/utils.py b/securedrop/source_app/utils.py
index f0e08448aa..4166fea4fd 100644
--- a/securedrop/source_app/utils.py
+++ b/securedrop/source_app/utils.py
@@ -1,8 +1,10 @@
+from datetime import datetime
 from flask import session, current_app, abort
+from threading import Thread
 
 import crypto_util
 
-from db import Source
+from db import Source, db_session
 
 
 def logged_in():
@@ -51,3 +53,28 @@ def generate_unique_codename():
             Source.filesystem_id == filesystem_id).all()
         if len(matching_sources) == 0:
             return codename
+
+
+def async(f):
+    def wrapper(*args, **kwargs):
+        thread = Thread(target=f, args=args, kwargs=kwargs)
+        thread.start()
+    return wrapper
+
+
+@async
+def async_genkey(filesystem_id, codename):
+    crypto_util.genkeypair(filesystem_id, codename)
+
+    # Register key generation as update to the source, so sources will
+    # filter to the top of the list in the journalist interface if a
+    # flagged source logs in and has a key generated for them. #789
+    try:
+        source = Source.query.filter(Source.filesystem_id == filesystem_id) \
+                       .one()
+        source.last_updated = datetime.utcnow()
+        db_session.commit()
+    except Exception as e:
+        current_app.logger.error(
+                "async_genkey for source (filesystem_id={}): {}"
+                .format(filesystem_id, e))

From 456bca47974c64cef274b416f209ec308939c66a Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 13:52:13 +0200
Subject: [PATCH 12/31] moved normalize_timestamps to source_app/utils.py

---
 securedrop/source.py           | 22 +---------------------
 securedrop/source_app/utils.py | 24 +++++++++++++++++++++++-
 2 files changed, 24 insertions(+), 22 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index 59e8efdcb4..f81fa331a6 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -2,7 +2,6 @@
 import os
 from datetime import datetime
 from cStringIO import StringIO
-import subprocess
 import operator
 from flask import (request, render_template, session, redirect, url_for,
                    flash, abort, g, send_file, Markup, make_response)
@@ -22,7 +21,7 @@
 from source_app import create_app
 from source_app.decorators import login_required, ignore_static
 from source_app.utils import (logged_in, valid_codename, async_genkey,
-                              generate_unique_codename)
+                              generate_unique_codename, normalize_timestamps)
 
 import logging
 # This module's logger is explicitly labeled so the correct logger is used,
@@ -154,25 +153,6 @@ def lookup():
             g.filesystem_id))
 
 
-def normalize_timestamps(filesystem_id):
-    """
-    Update the timestamps on all of the source's submissions to match that of
-    the latest submission. This minimizes metadata that could be useful to
-    investigators. See #301.
-    """
-    sub_paths = [store.path(filesystem_id, submission.filename)
-                 for submission in g.source.submissions]
-    if len(sub_paths) > 1:
-        args = ["touch"]
-        args.extend(sub_paths[:-1])
-        rc = subprocess.call(args)
-        if rc != 0:
-            app.logger.warning(
-                "Couldn't normalize submission "
-                "timestamps (touch exited with %d)" %
-                rc)
-
-
 @app.route('/submit', methods=('POST',))
 @login_required
 def submit():
diff --git a/securedrop/source_app/utils.py b/securedrop/source_app/utils.py
index 4166fea4fd..bf96d552a9 100644
--- a/securedrop/source_app/utils.py
+++ b/securedrop/source_app/utils.py
@@ -1,8 +1,11 @@
+import subprocess
+
 from datetime import datetime
-from flask import session, current_app, abort
+from flask import session, current_app, abort, g
 from threading import Thread
 
 import crypto_util
+import store
 
 from db import Source, db_session
 
@@ -78,3 +81,22 @@ def async_genkey(filesystem_id, codename):
         current_app.logger.error(
                 "async_genkey for source (filesystem_id={}): {}"
                 .format(filesystem_id, e))
+
+
+def normalize_timestamps(filesystem_id):
+    """
+    Update the timestamps on all of the source's submissions to match that of
+    the latest submission. This minimizes metadata that could be useful to
+    investigators. See #301.
+    """
+    sub_paths = [store.path(filesystem_id, submission.filename)
+                 for submission in g.source.submissions]
+    if len(sub_paths) > 1:
+        args = ["touch"]
+        args.extend(sub_paths[:-1])
+        rc = subprocess.call(args)
+        if rc != 0:
+            current_app.logger.warning(
+                "Couldn't normalize submission "
+                "timestamps (touch exited with %d)" %
+                rc)

From cd0e50650df1353b886abdb2d10342ca16981c5d Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 13:59:12 +0200
Subject: [PATCH 13/31] moved app.before_request to source_app

---
 securedrop/source.py              | 13 -------------
 securedrop/source_app/__init__.py | 16 +++++++++++++++-
 2 files changed, 15 insertions(+), 14 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index f81fa331a6..8afc8987d5 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -72,19 +72,6 @@ def setup_g():
         g.loc = store.path(g.filesystem_id)
 
 
-@app.before_request
-@ignore_static
-def check_tor2web():
-    # ignore_static here so we only flash a single message warning
-    # about Tor2Web, corresponding to the initial page load.
-    if 'X-tor2web' in request.headers:
-        flash(Markup(gettext(
-            '<strong>WARNING:</strong> You appear to be using Tor2Web. '
-            'This <strong>does not</strong> provide anonymity. '
-            '<a href="/tor2web-warning">Why is this dangerous?</a>')),
-              "banner-warning")
-
-
 @app.route('/generate', methods=('GET', 'POST'))
 def generate():
     if logged_in():
diff --git a/securedrop/source_app/__init__.py b/securedrop/source_app/__init__.py
index 63cad4c13e..51cec806f7 100644
--- a/securedrop/source_app/__init__.py
+++ b/securedrop/source_app/__init__.py
@@ -1,4 +1,5 @@
-from flask import Flask, render_template
+from flask import Flask, render_template, flash, Markup, request
+from flask_babel import gettext
 from flask_assets import Environment
 from flask_wtf.csrf import CSRFProtect
 from jinja2 import evalcontextfilter
@@ -11,6 +12,7 @@
 
 from request_that_secures_file_uploads import RequestThatSecuresFileUploads
 from source_app import views
+from source_app.decorators import ignore_static
 
 
 def create_app(config=None):
@@ -49,6 +51,18 @@ def create_app(config=None):
 
     views.add_blueprints(app)
 
+    @app.before_request
+    @ignore_static
+    def check_tor2web():
+        # ignore_static here so we only flash a single message warning
+        # about Tor2Web, corresponding to the initial page load.
+        if 'X-tor2web' in request.headers:
+            flash(Markup(gettext(
+                '<strong>WARNING:</strong> You appear to be using Tor2Web. '
+                'This <strong>does not</strong> provide anonymity. '
+                '<a href="/tor2web-warning">Why is this dangerous?</a>')),
+                  "banner-warning")
+
     @app.errorhandler(404)
     def page_not_found(error):
         return render_template('notfound.html'), 404

From fe54d6bc63feba6306aed9277fc895725865fa52 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 18:37:48 +0200
Subject: [PATCH 14/31] moved setup_g to source_app

---
 securedrop/source.py              | 38 +---------------------------
 securedrop/source_app/__init__.py | 42 ++++++++++++++++++++++++++++++-
 2 files changed, 42 insertions(+), 38 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index 8afc8987d5..aa73907e7c 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -6,7 +6,6 @@
 from flask import (request, render_template, session, redirect, url_for,
                    flash, abort, g, send_file, Markup, make_response)
 
-from sqlalchemy.orm.exc import MultipleResultsFound, NoResultFound
 from sqlalchemy.exc import IntegrityError
 
 import config
@@ -15,11 +14,10 @@
 import crypto_util
 from flask_babel import gettext
 from rm import srm
-import i18n
 import store
 from db import db_session, Source, Submission, Reply, get_one_or_else
 from source_app import create_app
-from source_app.decorators import login_required, ignore_static
+from source_app.decorators import login_required
 from source_app.utils import (logged_in, valid_codename, async_genkey,
                               generate_unique_codename, normalize_timestamps)
 
@@ -38,40 +36,6 @@ def shutdown_session(exception=None):
     db_session.remove()
 
 
-@app.before_request
-@ignore_static
-def setup_g():
-    """Store commonly used values in Flask's special g object"""
-    g.locale = i18n.get_locale()
-    g.text_direction = i18n.get_text_direction(g.locale)
-    g.html_lang = i18n.locale_to_rfc_5646(g.locale)
-    g.locales = i18n.get_locale2name()
-
-    # ignore_static here because `crypto_util.hash_codename` is scrypt (very
-    # time consuming), and we don't need to waste time running if we're just
-    # serving a static resource that won't need to access these common values.
-    if logged_in():
-        g.codename = session['codename']
-        g.filesystem_id = crypto_util.hash_codename(g.codename)
-        try:
-            g.source = Source.query \
-                             .filter(Source.filesystem_id == g.filesystem_id) \
-                             .one()
-        except MultipleResultsFound as e:
-            app.logger.error(
-                "Found multiple Sources when one was expected: %s" %
-                (e,))
-            abort(500)
-        except NoResultFound as e:
-            app.logger.error(
-                "Found no Sources when one was expected: %s" %
-                (e,))
-            del session['logged_in']
-            del session['codename']
-            return redirect(url_for('main.index'))
-        g.loc = store.path(g.filesystem_id)
-
-
 @app.route('/generate', methods=('GET', 'POST'))
 def generate():
     if logged_in():
diff --git a/securedrop/source_app/__init__.py b/securedrop/source_app/__init__.py
index 51cec806f7..f2b949db66 100644
--- a/securedrop/source_app/__init__.py
+++ b/securedrop/source_app/__init__.py
@@ -1,18 +1,24 @@
-from flask import Flask, render_template, flash, Markup, request
+from flask import (Flask, render_template, flash, Markup, request, g, session,
+                   abort, url_for, redirect)
 from flask_babel import gettext
 from flask_assets import Environment
 from flask_wtf.csrf import CSRFProtect
 from jinja2 import evalcontextfilter
 from os import path
+from sqlalchemy.orm.exc import MultipleResultsFound, NoResultFound
 
 import config as global_config
+import crypto_util
 import i18n
+import store
 import template_filters
 import version
 
+from db import Source
 from request_that_secures_file_uploads import RequestThatSecuresFileUploads
 from source_app import views
 from source_app.decorators import ignore_static
+from source_app.utils import logged_in
 
 
 def create_app(config=None):
@@ -63,6 +69,40 @@ def check_tor2web():
                 '<a href="/tor2web-warning">Why is this dangerous?</a>')),
                   "banner-warning")
 
+    @app.before_request
+    @ignore_static
+    def setup_g():
+        """Store commonly used values in Flask's special g object"""
+        g.locale = i18n.get_locale()
+        g.text_direction = i18n.get_text_direction(g.locale)
+        g.html_lang = i18n.locale_to_rfc_5646(g.locale)
+        g.locales = i18n.get_locale2name()
+
+        # ignore_static here because `crypto_util.hash_codename` is scrypt
+        # (very time consuming), and we don't need to waste time running if
+        # we're just serving a static resource that won't need to access
+        # these common values.
+        if logged_in():
+            g.codename = session['codename']
+            g.filesystem_id = crypto_util.hash_codename(g.codename)
+            try:
+                g.source = Source.query \
+                            .filter(Source.filesystem_id == g.filesystem_id) \
+                            .one()
+            except MultipleResultsFound as e:
+                app.logger.error(
+                    "Found multiple Sources when one was expected: %s" %
+                    (e,))
+                abort(500)
+            except NoResultFound as e:
+                app.logger.error(
+                    "Found no Sources when one was expected: %s" %
+                    (e,))
+                del session['logged_in']
+                del session['codename']
+                return redirect(url_for('main.index'))
+            g.loc = store.path(g.filesystem_id)
+
     @app.errorhandler(404)
     def page_not_found(error):
         return render_template('notfound.html'), 404

From 4aa7edb60996163b97d18f2fc7ed15e74aa7be16 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 18:56:53 +0200
Subject: [PATCH 15/31] moved teardown_appcontext to source_app

---
 securedrop/source.py              | 7 -------
 securedrop/source_app/__init__.py | 8 +++++++-
 2 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index aa73907e7c..34f38f7982 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -29,13 +29,6 @@
 app = create_app()
 
 
-@app.teardown_appcontext
-def shutdown_session(exception=None):
-    """Automatically remove database sessions at the end of the request, or
-    when the application shuts down"""
-    db_session.remove()
-
-
 @app.route('/generate', methods=('GET', 'POST'))
 def generate():
     if logged_in():
diff --git a/securedrop/source_app/__init__.py b/securedrop/source_app/__init__.py
index f2b949db66..5e321dd3a7 100644
--- a/securedrop/source_app/__init__.py
+++ b/securedrop/source_app/__init__.py
@@ -14,7 +14,7 @@
 import template_filters
 import version
 
-from db import Source
+from db import Source, db_session
 from request_that_secures_file_uploads import RequestThatSecuresFileUploads
 from source_app import views
 from source_app.decorators import ignore_static
@@ -103,6 +103,12 @@ def setup_g():
                 return redirect(url_for('main.index'))
             g.loc = store.path(g.filesystem_id)
 
+    @app.teardown_appcontext
+    def shutdown_session(exception=None):
+        """Automatically remove database sessions at the end of the request, or
+        when the application shuts down"""
+        db_session.remove()
+
     @app.errorhandler(404)
     def page_not_found(error):
         return render_template('notfound.html'), 404

From ef0d2d87b5fa8155c14fdfb40108d0da670567e0 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 19:07:09 +0200
Subject: [PATCH 16/31] move generate route to source_app/views.py

---
 securedrop/source.py                   | 16 +---------------
 securedrop/source_app/views.py         | 20 +++++++++++++++++++-
 securedrop/source_templates/index.html |  2 +-
 3 files changed, 21 insertions(+), 17 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index 34f38f7982..5073260bee 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -19,7 +19,7 @@
 from source_app import create_app
 from source_app.decorators import login_required
 from source_app.utils import (logged_in, valid_codename, async_genkey,
-                              generate_unique_codename, normalize_timestamps)
+                              normalize_timestamps)
 
 import logging
 # This module's logger is explicitly labeled so the correct logger is used,
@@ -29,20 +29,6 @@
 app = create_app()
 
 
-@app.route('/generate', methods=('GET', 'POST'))
-def generate():
-    if logged_in():
-        flash(gettext(
-            "You were redirected because you are already logged in. "
-            "If you want to create a new account, you should log out first."),
-              "notification")
-        return redirect(url_for('lookup'))
-
-    codename = generate_unique_codename()
-    session['codename'] = codename
-    return render_template('generate.html', codename=codename)
-
-
 @app.route('/create', methods=['POST'])
 def create():
     filesystem_id = crypto_util.hash_codename(session['codename'])
diff --git a/securedrop/source_app/views.py b/securedrop/source_app/views.py
index ee18962698..d6c8394cf1 100644
--- a/securedrop/source_app/views.py
+++ b/securedrop/source_app/views.py
@@ -1,4 +1,8 @@
-from flask import Blueprint, render_template
+from flask import (Blueprint, render_template, flash, redirect, url_for,
+                   session)
+from flask_babel import gettext
+
+from source_app.utils import logged_in, generate_unique_codename
 
 
 def add_blueprints(app):
@@ -12,4 +16,18 @@ def _main_blueprint():
     def index():
         return render_template('index.html')
 
+    @view.route('/generate', methods=('GET', 'POST'))
+    def generate():
+        if logged_in():
+            flash(gettext(
+                "You were redirected because you are already logged in. "
+                "If you want to create a new account, you should log out "
+                "first."),
+                  "notification")
+            return redirect(url_for('lookup'))
+
+        codename = generate_unique_codename()
+        session['codename'] = codename
+        return render_template('generate.html', codename=codename)
+
     return view
diff --git a/securedrop/source_templates/index.html b/securedrop/source_templates/index.html
index ae914e6e71..e05103a21b 100644
--- a/securedrop/source_templates/index.html
+++ b/securedrop/source_templates/index.html
@@ -59,7 +59,7 @@ <h2 class="welcome-text">
             </div>
 
             <div class="index-column index-left index-bottom">
-              <a href="/generate" id="submit-documents-button" class="sd-button btn alt">
+              <a href="{{ url_for('main.generate') }}" id="submit-documents-button" class="sd-button btn alt">
                 <img class="icon off-hover" src="{{ url_for('static', filename='i/font-awesome/cloud-upload-white.png') }}" width="20px" height="14px">
                 <img class="icon on-hover" src="{{ url_for('static', filename='i/font-awesome/cloud-upload-blue.png') }}" width="20px" height="14px">
                 {{ gettext('SUBMIT DOCUMENTS') }}

From 1f005261572180d23e7e976019883e43aafd3de1 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 19:19:36 +0200
Subject: [PATCH 17/31] move create route to source_app/views.py

---
 securedrop/source.py           | 23 +----------------------
 securedrop/source_app/views.py | 27 ++++++++++++++++++++++++++-
 2 files changed, 27 insertions(+), 23 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index 5073260bee..c23a535975 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -6,8 +6,6 @@
 from flask import (request, render_template, session, redirect, url_for,
                    flash, abort, g, send_file, Markup, make_response)
 
-from sqlalchemy.exc import IntegrityError
-
 import config
 import json
 import version
@@ -15,7 +13,7 @@
 from flask_babel import gettext
 from rm import srm
 import store
-from db import db_session, Source, Submission, Reply, get_one_or_else
+from db import db_session, Submission, Reply, get_one_or_else
 from source_app import create_app
 from source_app.decorators import login_required
 from source_app.utils import (logged_in, valid_codename, async_genkey,
@@ -29,25 +27,6 @@
 app = create_app()
 
 
-@app.route('/create', methods=['POST'])
-def create():
-    filesystem_id = crypto_util.hash_codename(session['codename'])
-
-    source = Source(filesystem_id, crypto_util.display_id())
-    db_session.add(source)
-    try:
-        db_session.commit()
-    except IntegrityError as e:
-        app.logger.error(
-            "Attempt to create a source with duplicate codename: %s" %
-            (e,))
-    else:
-        os.mkdir(store.path(filesystem_id))
-
-    session['logged_in'] = True
-    return redirect(url_for('lookup'))
-
-
 @app.route('/lookup', methods=('GET',))
 @login_required
 def lookup():
diff --git a/securedrop/source_app/views.py b/securedrop/source_app/views.py
index d6c8394cf1..69f8a3c57b 100644
--- a/securedrop/source_app/views.py
+++ b/securedrop/source_app/views.py
@@ -1,7 +1,14 @@
+import os
+
 from flask import (Blueprint, render_template, flash, redirect, url_for,
-                   session)
+                   session, current_app)
 from flask_babel import gettext
+from sqlalchemy.exc import IntegrityError
+
+import crypto_util
+import store
 
+from db import Source, db_session
 from source_app.utils import logged_in, generate_unique_codename
 
 
@@ -30,4 +37,22 @@ def generate():
         session['codename'] = codename
         return render_template('generate.html', codename=codename)
 
+    @view.route('/create', methods=['POST'])
+    def create():
+        filesystem_id = crypto_util.hash_codename(session['codename'])
+
+        source = Source(filesystem_id, crypto_util.display_id())
+        db_session.add(source)
+        try:
+            db_session.commit()
+        except IntegrityError as e:
+            current_app.logger.error(
+                "Attempt to create a source with duplicate codename: %s" %
+                (e,))
+        else:
+            os.mkdir(store.path(filesystem_id))
+
+        session['logged_in'] = True
+        return redirect(url_for('lookup'))
+
     return view

From 7a117bc3e0cdf4ace43f5843a0f4ced8e98bcba3 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 19:27:01 +0200
Subject: [PATCH 18/31] moved lookup route to source_app/views.py

---
 securedrop/source.py                    | 49 +++----------------------
 securedrop/source_app/views.py          | 46 +++++++++++++++++++++--
 securedrop/source_templates/base.html   |  2 +-
 securedrop/source_templates/lookup.html |  2 +-
 4 files changed, 50 insertions(+), 49 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index c23a535975..2c2d0f9ef7 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -1,8 +1,6 @@
 # -*- coding: utf-8 -*-
-import os
 from datetime import datetime
 from cStringIO import StringIO
-import operator
 from flask import (request, render_template, session, redirect, url_for,
                    flash, abort, g, send_file, Markup, make_response)
 
@@ -27,41 +25,6 @@
 app = create_app()
 
 
-@app.route('/lookup', methods=('GET',))
-@login_required
-def lookup():
-    replies = []
-    for reply in g.source.replies:
-        reply_path = store.path(g.filesystem_id, reply.filename)
-        try:
-            reply.decrypted = crypto_util.decrypt(
-                g.codename,
-                open(reply_path).read()).decode('utf-8')
-        except UnicodeDecodeError:
-            app.logger.error("Could not decode reply %s" % reply.filename)
-        else:
-            reply.date = datetime.utcfromtimestamp(
-                os.stat(reply_path).st_mtime)
-            replies.append(reply)
-
-    # Sort the replies by date
-    replies.sort(key=operator.attrgetter('date'), reverse=True)
-
-    # Generate a keypair to encrypt replies from the journalist
-    # Only do this if the journalist has flagged the source as one
-    # that they would like to reply to. (Issue #140.)
-    if not crypto_util.getkey(g.filesystem_id) and g.source.flagged:
-        async_genkey(g.filesystem_id, g.codename)
-
-    return render_template(
-        'lookup.html',
-        codename=g.codename,
-        replies=replies,
-        flagged=g.source.flagged,
-        haskey=crypto_util.getkey(
-            g.filesystem_id))
-
-
 @app.route('/submit', methods=('POST',))
 @login_required
 def submit():
@@ -73,7 +36,7 @@ def submit():
         flash(gettext(
             "You must enter a message or choose a file to submit."),
               "error")
-        return redirect(url_for('lookup'))
+        return redirect(url_for('main.lookup'))
 
     fnames = []
     journalist_filename = g.source.journalist_filename
@@ -131,7 +94,7 @@ def submit():
     db_session.commit()
     normalize_timestamps(g.filesystem_id)
 
-    return redirect(url_for('lookup'))
+    return redirect(url_for('main.lookup'))
 
 
 @app.route('/delete', methods=('POST',))
@@ -145,7 +108,7 @@ def delete():
     db_session.commit()
 
     flash(gettext("Reply deleted"), "notification")
-    return redirect(url_for('lookup'))
+    return redirect(url_for('main.lookup'))
 
 
 @app.route('/delete-all', methods=('POST',))
@@ -154,14 +117,14 @@ def batch_delete():
     replies = g.source.replies
     if len(replies) == 0:
         app.logger.error("Found no replies when at least one was expected")
-        return redirect(url_for('lookup'))
+        return redirect(url_for('main.lookup'))
     for reply in replies:
         srm(store.path(g.filesystem_id, reply.filename))
         db_session.delete(reply)
     db_session.commit()
 
     flash(gettext("All replies have been deleted"), "notification")
-    return redirect(url_for('lookup'))
+    return redirect(url_for('main.lookup'))
 
 
 @app.route('/login', methods=('GET', 'POST'))
@@ -170,7 +133,7 @@ def login():
         codename = request.form['codename'].strip()
         if valid_codename(codename):
             session.update(codename=codename, logged_in=True)
-            return redirect(url_for('lookup', from_login='1'))
+            return redirect(url_for('main.lookup', from_login='1'))
         else:
             app.logger.info(
                     "Login failed for invalid codename".format(codename))
diff --git a/securedrop/source_app/views.py b/securedrop/source_app/views.py
index 69f8a3c57b..8a197c111c 100644
--- a/securedrop/source_app/views.py
+++ b/securedrop/source_app/views.py
@@ -1,6 +1,8 @@
+import operator
 import os
 
-from flask import (Blueprint, render_template, flash, redirect, url_for,
+from datetime import datetime
+from flask import (Blueprint, render_template, flash, redirect, url_for, g,
                    session, current_app)
 from flask_babel import gettext
 from sqlalchemy.exc import IntegrityError
@@ -9,7 +11,8 @@
 import store
 
 from db import Source, db_session
-from source_app.utils import logged_in, generate_unique_codename
+from source_app.decorators import login_required
+from source_app.utils import logged_in, generate_unique_codename, async_genkey
 
 
 def add_blueprints(app):
@@ -31,7 +34,7 @@ def generate():
                 "If you want to create a new account, you should log out "
                 "first."),
                   "notification")
-            return redirect(url_for('lookup'))
+            return redirect(url_for('.lookup'))
 
         codename = generate_unique_codename()
         session['codename'] = codename
@@ -53,6 +56,41 @@ def create():
             os.mkdir(store.path(filesystem_id))
 
         session['logged_in'] = True
-        return redirect(url_for('lookup'))
+        return redirect(url_for('.lookup'))
+
+    @view.route('/lookup', methods=('GET',))
+    @login_required
+    def lookup():
+        replies = []
+        for reply in g.source.replies:
+            reply_path = store.path(g.filesystem_id, reply.filename)
+            try:
+                reply.decrypted = crypto_util.decrypt(
+                    g.codename,
+                    open(reply_path).read()).decode('utf-8')
+            except UnicodeDecodeError:
+                current_app.logger.error("Could not decode reply %s" %
+                                         reply.filename)
+            else:
+                reply.date = datetime.utcfromtimestamp(
+                    os.stat(reply_path).st_mtime)
+                replies.append(reply)
+
+        # Sort the replies by date
+        replies.sort(key=operator.attrgetter('date'), reverse=True)
+
+        # Generate a keypair to encrypt replies from the journalist
+        # Only do this if the journalist has flagged the source as one
+        # that they would like to reply to. (Issue #140.)
+        if not crypto_util.getkey(g.filesystem_id) and g.source.flagged:
+            async_genkey(g.filesystem_id, g.codename)
+
+        return render_template(
+            'lookup.html',
+            codename=g.codename,
+            replies=replies,
+            flagged=g.source.flagged,
+            haskey=crypto_util.getkey(
+                g.filesystem_id))
 
     return view
diff --git a/securedrop/source_templates/base.html b/securedrop/source_templates/base.html
index 81289bf6e6..0dd5dac188 100644
--- a/securedrop/source_templates/base.html
+++ b/securedrop/source_templates/base.html
@@ -15,7 +15,7 @@
     <div class="content">
       {% block header %}
       <div id="header">
-        <a href="{% if 'logged_in' in session %}{{ url_for('lookup') }}{% else %}{{ url_for('main.index') }}{% endif %}">
+        <a href="{% if 'logged_in' in session %}{{ url_for('main.lookup') }}{% else %}{{ url_for('main.index') }}{% endif %}">
           <img src="/static/i/{{ header_image }}" class="logo small" alt="SecureDrop" width="250px">
         </a>
         {% include 'locales.html' %}
diff --git a/securedrop/source_templates/lookup.html b/securedrop/source_templates/lookup.html
index 34d370061a..d8909980d4 100644
--- a/securedrop/source_templates/lookup.html
+++ b/securedrop/source_templates/lookup.html
@@ -38,7 +38,7 @@ <h1 class="headline">{{ gettext('Submit Materials') }}</h1>
 
   <hr class="no-line">
   <div class="pull-right">
-    <a href="{{ url_for('lookup') }}" class="btn secondary" id="cancel">{{ gettext('CANCEL') }}</a>
+    <a href="{{ url_for('main.lookup') }}" class="btn secondary" id="cancel">{{ gettext('CANCEL') }}</a>
     <button type="submit" class="sd-button btn primary" id="submit-doc-button">
       <img class="icon off-hover" src="{{ url_for('static', filename='i/font-awesome/cloud-upload-white.png') }}" width="20px" height="14px">
       <img class="icon on-hover" src="{{ url_for('static', filename='i/font-awesome/cloud-upload-blue.png') }}" width="20px" height="14px">

From 99368c49fe5d2f4aebf8b441b8c83f49f210fa1a Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 19:34:30 +0200
Subject: [PATCH 19/31] moved submit route to source_app/views.py

---
 securedrop/source.py                    | 78 +------------------------
 securedrop/source_app/views.py          | 78 ++++++++++++++++++++++++-
 securedrop/source_templates/lookup.html |  2 +-
 3 files changed, 78 insertions(+), 80 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index 2c2d0f9ef7..1cbfa8a0e7 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -1,5 +1,4 @@
 # -*- coding: utf-8 -*-
-from datetime import datetime
 from cStringIO import StringIO
 from flask import (request, render_template, session, redirect, url_for,
                    flash, abort, g, send_file, Markup, make_response)
@@ -11,11 +10,10 @@
 from flask_babel import gettext
 from rm import srm
 import store
-from db import db_session, Submission, Reply, get_one_or_else
+from db import db_session, Reply, get_one_or_else
 from source_app import create_app
 from source_app.decorators import login_required
-from source_app.utils import (logged_in, valid_codename, async_genkey,
-                              normalize_timestamps)
+from source_app.utils import logged_in, valid_codename
 
 import logging
 # This module's logger is explicitly labeled so the correct logger is used,
@@ -25,78 +23,6 @@
 app = create_app()
 
 
-@app.route('/submit', methods=('POST',))
-@login_required
-def submit():
-    msg = request.form['msg']
-    fh = request.files['fh']
-
-    # Don't bother submitting anything if it was an "empty" submission. #878.
-    if not (msg or fh):
-        flash(gettext(
-            "You must enter a message or choose a file to submit."),
-              "error")
-        return redirect(url_for('main.lookup'))
-
-    fnames = []
-    journalist_filename = g.source.journalist_filename
-    first_submission = g.source.interaction_count == 0
-
-    if msg:
-        g.source.interaction_count += 1
-        fnames.append(
-            store.save_message_submission(
-                g.filesystem_id,
-                g.source.interaction_count,
-                journalist_filename,
-                msg))
-    if fh:
-        g.source.interaction_count += 1
-        fnames.append(
-            store.save_file_submission(
-                g.filesystem_id,
-                g.source.interaction_count,
-                journalist_filename,
-                fh.filename,
-                fh.stream))
-
-    if first_submission:
-        msg = render_template('first_submission_flashed_message.html')
-        flash(Markup(msg), "success")
-
-    else:
-        if msg and not fh:
-            html_contents = gettext('Thanks! We received your message.')
-        elif not msg and fh:
-            html_contents = gettext('Thanks! We received your document.')
-        else:
-            html_contents = gettext('Thanks! We received your message and '
-                                    'document.')
-
-        msg = render_template('next_submission_flashed_message.html',
-                              html_contents=html_contents)
-        flash(Markup(msg), "success")
-
-    for fname in fnames:
-        submission = Submission(g.source, fname)
-        db_session.add(submission)
-
-    if g.source.pending:
-        g.source.pending = False
-
-        # Generate a keypair now, if there's enough entropy (issue #303)
-        entropy_avail = int(
-            open('/proc/sys/kernel/random/entropy_avail').read())
-        if entropy_avail >= 2400:
-            async_genkey(g.filesystem_id, g.codename)
-
-    g.source.last_updated = datetime.utcnow()
-    db_session.commit()
-    normalize_timestamps(g.filesystem_id)
-
-    return redirect(url_for('main.lookup'))
-
-
 @app.route('/delete', methods=('POST',))
 @login_required
 def delete():
diff --git a/securedrop/source_app/views.py b/securedrop/source_app/views.py
index 8a197c111c..4bda97d3bf 100644
--- a/securedrop/source_app/views.py
+++ b/securedrop/source_app/views.py
@@ -3,16 +3,17 @@
 
 from datetime import datetime
 from flask import (Blueprint, render_template, flash, redirect, url_for, g,
-                   session, current_app)
+                   session, current_app, request, Markup)
 from flask_babel import gettext
 from sqlalchemy.exc import IntegrityError
 
 import crypto_util
 import store
 
-from db import Source, db_session
+from db import Source, db_session, Submission
 from source_app.decorators import login_required
-from source_app.utils import logged_in, generate_unique_codename, async_genkey
+from source_app.utils import (logged_in, generate_unique_codename,
+                              async_genkey, normalize_timestamps)
 
 
 def add_blueprints(app):
@@ -93,4 +94,75 @@ def lookup():
             haskey=crypto_util.getkey(
                 g.filesystem_id))
 
+    @view.route('/submit', methods=('POST',))
+    @login_required
+    def submit():
+        msg = request.form['msg']
+        fh = request.files['fh']
+
+        # Don't submit anything if it was an "empty" submission. #878
+        if not (msg or fh):
+            flash(gettext(
+                "You must enter a message or choose a file to submit."),
+                  "error")
+            return redirect(url_for('main.lookup'))
+
+        fnames = []
+        journalist_filename = g.source.journalist_filename
+        first_submission = g.source.interaction_count == 0
+
+        if msg:
+            g.source.interaction_count += 1
+            fnames.append(
+                store.save_message_submission(
+                    g.filesystem_id,
+                    g.source.interaction_count,
+                    journalist_filename,
+                    msg))
+        if fh:
+            g.source.interaction_count += 1
+            fnames.append(
+                store.save_file_submission(
+                    g.filesystem_id,
+                    g.source.interaction_count,
+                    journalist_filename,
+                    fh.filename,
+                    fh.stream))
+
+        if first_submission:
+            msg = render_template('first_submission_flashed_message.html')
+            flash(Markup(msg), "success")
+
+        else:
+            if msg and not fh:
+                html_contents = gettext('Thanks! We received your message.')
+            elif not msg and fh:
+                html_contents = gettext('Thanks! We received your document.')
+            else:
+                html_contents = gettext('Thanks! We received your message and '
+                                        'document.')
+
+            msg = render_template('next_submission_flashed_message.html',
+                                  html_contents=html_contents)
+            flash(Markup(msg), "success")
+
+        for fname in fnames:
+            submission = Submission(g.source, fname)
+            db_session.add(submission)
+
+        if g.source.pending:
+            g.source.pending = False
+
+            # Generate a keypair now, if there's enough entropy (issue #303)
+            entropy_avail = int(
+                open('/proc/sys/kernel/random/entropy_avail').read())
+            if entropy_avail >= 2400:
+                async_genkey(g.filesystem_id, g.codename)
+
+        g.source.last_updated = datetime.utcnow()
+        db_session.commit()
+        normalize_timestamps(g.filesystem_id)
+
+        return redirect(url_for('main.lookup'))
+
     return view
diff --git a/securedrop/source_templates/lookup.html b/securedrop/source_templates/lookup.html
index d8909980d4..a114315a46 100644
--- a/securedrop/source_templates/lookup.html
+++ b/securedrop/source_templates/lookup.html
@@ -23,7 +23,7 @@ <h1 class="headline">{{ gettext('Submit Materials') }}</h1>
 <p class="explanation">{{ gettext('You can send a file, a message, or both.') }}</p>
 <hr class="no-line">
 
-<form id="upload" method="post" action="/submit" enctype="multipart/form-data" autocomplete="off">
+<form id="upload" method="post" action="{{ url_for('main.submit') }}" enctype="multipart/form-data" autocomplete="off">
   <input name="csrf_token" type="hidden" value="{{ csrf_token() }}">
   <div class="snippet">
     <div class="attachment grid-item center">

From c39ff16d49e5132f7b46a90aff3b73a1b1f90c81 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 19:39:06 +0200
Subject: [PATCH 20/31] moved delete route to source_app/views.py

---
 securedrop/source.py                    | 18 ++----------------
 securedrop/source_app/views.py          | 18 ++++++++++++++++--
 securedrop/source_templates/lookup.html |  2 +-
 3 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index 1cbfa8a0e7..5f864459cd 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -1,7 +1,7 @@
 # -*- coding: utf-8 -*-
 from cStringIO import StringIO
 from flask import (request, render_template, session, redirect, url_for,
-                   flash, abort, g, send_file, Markup, make_response)
+                   flash, g, send_file, Markup, make_response)
 
 import config
 import json
@@ -10,7 +10,7 @@
 from flask_babel import gettext
 from rm import srm
 import store
-from db import db_session, Reply, get_one_or_else
+from db import db_session
 from source_app import create_app
 from source_app.decorators import login_required
 from source_app.utils import logged_in, valid_codename
@@ -23,20 +23,6 @@
 app = create_app()
 
 
-@app.route('/delete', methods=('POST',))
-@login_required
-def delete():
-    query = Reply.query.filter(
-        Reply.filename == request.form['reply_filename'])
-    reply = get_one_or_else(query, app.logger, abort)
-    srm(store.path(g.filesystem_id, reply.filename))
-    db_session.delete(reply)
-    db_session.commit()
-
-    flash(gettext("Reply deleted"), "notification")
-    return redirect(url_for('main.lookup'))
-
-
 @app.route('/delete-all', methods=('POST',))
 @login_required
 def batch_delete():
diff --git a/securedrop/source_app/views.py b/securedrop/source_app/views.py
index 4bda97d3bf..388eeaf9fb 100644
--- a/securedrop/source_app/views.py
+++ b/securedrop/source_app/views.py
@@ -3,14 +3,15 @@
 
 from datetime import datetime
 from flask import (Blueprint, render_template, flash, redirect, url_for, g,
-                   session, current_app, request, Markup)
+                   session, current_app, request, Markup, abort)
 from flask_babel import gettext
 from sqlalchemy.exc import IntegrityError
 
 import crypto_util
 import store
 
-from db import Source, db_session, Submission
+from db import Source, db_session, Submission, Reply, get_one_or_else
+from rm import srm
 from source_app.decorators import login_required
 from source_app.utils import (logged_in, generate_unique_codename,
                               async_genkey, normalize_timestamps)
@@ -165,4 +166,17 @@ def submit():
 
         return redirect(url_for('main.lookup'))
 
+    @view.route('/delete', methods=('POST',))
+    @login_required
+    def delete():
+        query = Reply.query.filter(
+            Reply.filename == request.form['reply_filename'])
+        reply = get_one_or_else(query, current_app.logger, abort)
+        srm(store.path(g.filesystem_id, reply.filename))
+        db_session.delete(reply)
+        db_session.commit()
+
+        flash(gettext("Reply deleted"), "notification")
+        return redirect(url_for('.lookup'))
+
     return view
diff --git a/securedrop/source_templates/lookup.html b/securedrop/source_templates/lookup.html
index a114315a46..bc8732f109 100644
--- a/securedrop/source_templates/lookup.html
+++ b/securedrop/source_templates/lookup.html
@@ -60,7 +60,7 @@ <h2 class="headline">{{ gettext('Get Replies') }}</h2>
     {% for reply in replies %}
       <div class="reply">
         <time class="date" title="{{ reply.date|datetimeformat }}" datetime="{{ reply.date }}">{{ reply.date|datetimeformat(relative=True) }}</time>
-        <form id="delete" class="message" method="post" action="/delete" autocomplete="off">
+        <form id="delete" class="message" method="post" action="{{ url_for('main.delete') }}" autocomplete="off">
           <input name="csrf_token" type="hidden" value="{{ csrf_token() }}">
           <input type="hidden" name="reply_filename" value="{{ reply.filename }}" autocomplete="off">
           <a href="#confirm-delete-{{ reply.filename }}" class="delete">

From 4b9044be80a32448e85a7228cf1504c6702d9108 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 19:45:15 +0200
Subject: [PATCH 21/31] moved batch_delete route to source_app/views.py

---
 securedrop/source.py                    | 22 +---------------------
 securedrop/source_app/views.py          | 17 +++++++++++++++++
 securedrop/source_templates/lookup.html |  2 +-
 3 files changed, 19 insertions(+), 22 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index 5f864459cd..1f502f9f1e 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -1,18 +1,14 @@
 # -*- coding: utf-8 -*-
 from cStringIO import StringIO
 from flask import (request, render_template, session, redirect, url_for,
-                   flash, g, send_file, Markup, make_response)
+                   flash, send_file, Markup, make_response)
 
 import config
 import json
 import version
 import crypto_util
 from flask_babel import gettext
-from rm import srm
-import store
-from db import db_session
 from source_app import create_app
-from source_app.decorators import login_required
 from source_app.utils import logged_in, valid_codename
 
 import logging
@@ -23,22 +19,6 @@
 app = create_app()
 
 
-@app.route('/delete-all', methods=('POST',))
-@login_required
-def batch_delete():
-    replies = g.source.replies
-    if len(replies) == 0:
-        app.logger.error("Found no replies when at least one was expected")
-        return redirect(url_for('main.lookup'))
-    for reply in replies:
-        srm(store.path(g.filesystem_id, reply.filename))
-        db_session.delete(reply)
-    db_session.commit()
-
-    flash(gettext("All replies have been deleted"), "notification")
-    return redirect(url_for('main.lookup'))
-
-
 @app.route('/login', methods=('GET', 'POST'))
 def login():
     if request.method == 'POST':
diff --git a/securedrop/source_app/views.py b/securedrop/source_app/views.py
index 388eeaf9fb..6c005ee796 100644
--- a/securedrop/source_app/views.py
+++ b/securedrop/source_app/views.py
@@ -179,4 +179,21 @@ def delete():
         flash(gettext("Reply deleted"), "notification")
         return redirect(url_for('.lookup'))
 
+    @view.route('/delete-all', methods=('POST',))
+    @login_required
+    def batch_delete():
+        replies = g.source.replies
+        if len(replies) == 0:
+            current_app.logger.error("Found no replies when at least one was "
+                                     "expected")
+            return redirect(url_for('.lookup'))
+
+        for reply in replies:
+            srm(store.path(g.filesystem_id, reply.filename))
+            db_session.delete(reply)
+        db_session.commit()
+
+        flash(gettext("All replies have been deleted"), "notification")
+        return redirect(url_for('.lookup'))
+
     return view
diff --git a/securedrop/source_templates/lookup.html b/securedrop/source_templates/lookup.html
index bc8732f109..13345a82c9 100644
--- a/securedrop/source_templates/lookup.html
+++ b/securedrop/source_templates/lookup.html
@@ -77,7 +77,7 @@ <h2 class="headline">{{ gettext('Get Replies') }}</h2>
         <div class="clearfix"></div>
       </div>
     {% endfor %}
-    <form id="delete-all" method="post" action="/delete-all">
+    <form id="delete-all" method="post" action="{{ url_for('main.batch_delete') }}">
       <a class="sd-button btn" href="#delete-all-confirm">{{ gettext('DELETE ALL REPLIES') }}</a>
       <input name="csrf_token" type="hidden" value="{{ csrf_token() }}">
       <div id="delete-all-confirm" class="hidden-prompt">

From e899624934e34d37f54449cd38c6b792528ec7c1 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 19:57:17 +0200
Subject: [PATCH 22/31] moved login route to source_app/views.py

---
 securedrop/source.py                      | 20 ++------------------
 securedrop/source_app/decorators.py       |  2 +-
 securedrop/source_app/views.py            | 17 ++++++++++++++++-
 securedrop/source_templates/error.html    |  2 +-
 securedrop/source_templates/generate.html |  2 +-
 securedrop/source_templates/index.html    |  2 +-
 securedrop/source_templates/login.html    |  2 +-
 securedrop/source_templates/notfound.html |  2 +-
 8 files changed, 24 insertions(+), 25 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index 1f502f9f1e..5163b8d3bd 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -1,15 +1,14 @@
 # -*- coding: utf-8 -*-
 from cStringIO import StringIO
-from flask import (request, render_template, session, redirect, url_for,
+from flask import (render_template, session, redirect, url_for,
                    flash, send_file, Markup, make_response)
 
 import config
 import json
 import version
 import crypto_util
-from flask_babel import gettext
 from source_app import create_app
-from source_app.utils import logged_in, valid_codename
+from source_app.utils import logged_in
 
 import logging
 # This module's logger is explicitly labeled so the correct logger is used,
@@ -19,21 +18,6 @@
 app = create_app()
 
 
-@app.route('/login', methods=('GET', 'POST'))
-def login():
-    if request.method == 'POST':
-        codename = request.form['codename'].strip()
-        if valid_codename(codename):
-            session.update(codename=codename, logged_in=True)
-            return redirect(url_for('main.lookup', from_login='1'))
-        else:
-            app.logger.info(
-                    "Login failed for invalid codename".format(codename))
-            flash(gettext("Sorry, that is not a recognized codename."),
-                  "error")
-    return render_template('login.html')
-
-
 @app.route('/logout')
 def logout():
     if logged_in():
diff --git a/securedrop/source_app/decorators.py b/securedrop/source_app/decorators.py
index 9ec36cdae5..4a769f72ab 100644
--- a/securedrop/source_app/decorators.py
+++ b/securedrop/source_app/decorators.py
@@ -8,7 +8,7 @@ def login_required(f):
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if not logged_in():
-            return redirect(url_for('login'))
+            return redirect(url_for('main.login'))
         return f(*args, **kwargs)
     return decorated_function
 
diff --git a/securedrop/source_app/views.py b/securedrop/source_app/views.py
index 6c005ee796..20b4fe21ab 100644
--- a/securedrop/source_app/views.py
+++ b/securedrop/source_app/views.py
@@ -14,7 +14,8 @@
 from rm import srm
 from source_app.decorators import login_required
 from source_app.utils import (logged_in, generate_unique_codename,
-                              async_genkey, normalize_timestamps)
+                              async_genkey, normalize_timestamps,
+                              valid_codename)
 
 
 def add_blueprints(app):
@@ -196,4 +197,18 @@ def batch_delete():
         flash(gettext("All replies have been deleted"), "notification")
         return redirect(url_for('.lookup'))
 
+    @view.route('/login', methods=('GET', 'POST'))
+    def login():
+        if request.method == 'POST':
+            codename = request.form['codename'].strip()
+            if valid_codename(codename):
+                session.update(codename=codename, logged_in=True)
+                return redirect(url_for('.lookup', from_login='1'))
+            else:
+                current_app.logger.info(
+                        "Login failed for invalid codename".format(codename))
+                flash(gettext("Sorry, that is not a recognized codename."),
+                      "error")
+        return render_template('login.html')
+
     return view
diff --git a/securedrop/source_templates/error.html b/securedrop/source_templates/error.html
index 497b1c4b2a..fa83ed90bd 100644
--- a/securedrop/source_templates/error.html
+++ b/securedrop/source_templates/error.html
@@ -4,5 +4,5 @@ <h1>{{ gettext('Server error') }}</h1>
 
 <p>{{ gettext('Sorry, the website encountered an error and was unable to complete your request.') }}</p>
 
-<p><a href="/login">{{ gettext('Look up a codename...') }}</a></p>
+<p><a href="{{ url_for('main.login') }}">{{ gettext('Look up a codename...') }}</a></p>
 {% endblock %}
diff --git a/securedrop/source_templates/generate.html b/securedrop/source_templates/generate.html
index 1462e28384..efd06cd55a 100644
--- a/securedrop/source_templates/generate.html
+++ b/securedrop/source_templates/generate.html
@@ -39,7 +39,7 @@ <h1>{{ gettext('Welcome') }}</h1>
 <div class="pull-right">
 <form id="create-form" method="post" action="/create" autocomplete="off">
   <input name="csrf_token" type="hidden" value="{{ csrf_token() }}">
-  <a id="already-have-codename" href="/login" class="sd-button btn secondary">{{ gettext('ALREADY HAVE A CODENAME?') }}</a>
+  <a id="already-have-codename" href="{{ url_for('main.login') }}" class="sd-button btn secondary">{{ gettext('ALREADY HAVE A CODENAME?') }}</a>
   <button type="submit" class="sd-button btn primary" id="continue-button">
     <img class="icon off-hover" src="{{ url_for('static', filename='i/font-awesome/fa-arrow-circle-o-right-white.png') }}" width="17px" height="17px">
     <img class="icon on-hover" src="{{ url_for('static', filename='i/font-awesome/fa-arrow-circle-o-right-blue.png') }}" width="17px" height="17px">
diff --git a/securedrop/source_templates/index.html b/securedrop/source_templates/index.html
index e05103a21b..2dbc903d3c 100644
--- a/securedrop/source_templates/index.html
+++ b/securedrop/source_templates/index.html
@@ -67,7 +67,7 @@ <h2 class="welcome-text">
             </div>
 
             <div class="index-column index-bottom">
-              <a href="/login" id="login-button" class="sd-button btn primary">
+              <a href="{{ url_for('main.login') }}" id="login-button" class="sd-button btn primary">
                 <img class="icon off-hover" src="{{ url_for('static', filename='i/font-awesome/comments-white.png') }}" width="20px" height="16px">
                 <img class="icon on-hover" src="{{ url_for('static', filename='i/font-awesome/comments-blue.png') }}" width="20px" height="16px">
                 {{ gettext('CHECK FOR A RESPONSE') }}
diff --git a/securedrop/source_templates/login.html b/securedrop/source_templates/login.html
index 4a0ee65244..84acfe9ba5 100644
--- a/securedrop/source_templates/login.html
+++ b/securedrop/source_templates/login.html
@@ -5,7 +5,7 @@ <h1>{{ gettext('Enter Codename') }}</h1>
 
 {% include 'flashed.html' %}
 
-<form method="post" action="/login" autocomplete="off">
+<form method="post" action="{{ url_for('main.login') }}" autocomplete="off">
 <input name="csrf_token" type="hidden" value="{{ csrf_token() }}">
 
 <p class="center"><input id="login-with-existing-codename" type="password" name="codename" class="codename-box" autocomplete="off" placeholder="{{ gettext('Enter your codename') }}" autofocus></p>
diff --git a/securedrop/source_templates/notfound.html b/securedrop/source_templates/notfound.html
index dda02ef0a2..b57d3fb8de 100644
--- a/securedrop/source_templates/notfound.html
+++ b/securedrop/source_templates/notfound.html
@@ -4,5 +4,5 @@ <h1>{{ gettext('Page not found') }}</h1>
 
 <p id="page-not-found">{{ gettext("Sorry, we couldn't locate what you requested.") }}</p>
 
-<p><a href="/login">{{ gettext('Look up a codename...') }}</a></p>
+<p><a href="{{ url_for('main.login') }}">{{ gettext('Look up a codename...') }}</a></p>
 {% endblock %}

From cb6e56417bb0a18881c4f7671f0158ba055fdf0f Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 20:01:48 +0200
Subject: [PATCH 23/31] moved logout route to source_app/views.py

---
 securedrop/source.py                  | 13 +------------
 securedrop/source_app/views.py        |  8 ++++++++
 securedrop/source_templates/base.html |  2 +-
 3 files changed, 10 insertions(+), 13 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index 5163b8d3bd..74ea8a3751 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -1,14 +1,12 @@
 # -*- coding: utf-8 -*-
 from cStringIO import StringIO
-from flask import (render_template, session, redirect, url_for,
-                   flash, send_file, Markup, make_response)
+from flask import render_template, send_file, make_response
 
 import config
 import json
 import version
 import crypto_util
 from source_app import create_app
-from source_app.utils import logged_in
 
 import logging
 # This module's logger is explicitly labeled so the correct logger is used,
@@ -18,15 +16,6 @@
 app = create_app()
 
 
-@app.route('/logout')
-def logout():
-    if logged_in():
-        session.clear()
-        msg = render_template('logout_flashed_message.html')
-        flash(Markup(msg), "important hide-if-not-tor-browser")
-    return redirect(url_for('main.index'))
-
-
 @app.route('/tor2web-warning')
 def tor2web_warning():
     return render_template("tor2web-warning.html")
diff --git a/securedrop/source_app/views.py b/securedrop/source_app/views.py
index 20b4fe21ab..c36dfdad43 100644
--- a/securedrop/source_app/views.py
+++ b/securedrop/source_app/views.py
@@ -211,4 +211,12 @@ def login():
                       "error")
         return render_template('login.html')
 
+    @view.route('/logout')
+    def logout():
+        if logged_in():
+            session.clear()
+            msg = render_template('logout_flashed_message.html')
+            flash(Markup(msg), "important hide-if-not-tor-browser")
+        return redirect(url_for('.index'))
+
     return view
diff --git a/securedrop/source_templates/base.html b/securedrop/source_templates/base.html
index 0dd5dac188..6b6d4b1a59 100644
--- a/securedrop/source_templates/base.html
+++ b/securedrop/source_templates/base.html
@@ -30,7 +30,7 @@
 
       <div class="panel selected">
       {% if 'logged_in' in session %}
-        <a href="{{ url_for('logout') }}" class="sd-button btn pull-right" id="logout">{{ gettext('LOG OUT') }}</a>
+        <a href="{{ url_for('main.logout') }}" class="sd-button btn pull-right" id="logout">{{ gettext('LOG OUT') }}</a>
       {% endif %}
         <hr class="no-line">
 

From 117cc064d2adcb571e38ffe1ba059e0a7a6c25a3 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 21:37:01 +0200
Subject: [PATCH 24/31] moved tor2web_warning route to blueprint

---
 securedrop/source.py              |  5 -----
 securedrop/source_app/__init__.py |  3 ++-
 securedrop/source_app/views.py    | 11 +++++++++++
 3 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index 74ea8a3751..19801f10d2 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -16,11 +16,6 @@
 app = create_app()
 
 
-@app.route('/tor2web-warning')
-def tor2web_warning():
-    return render_template("tor2web-warning.html")
-
-
 @app.route('/use-tor')
 def recommend_tor_browser():
     return render_template("use-tor-browser.html")
diff --git a/securedrop/source_app/__init__.py b/securedrop/source_app/__init__.py
index 5e321dd3a7..5b6e902789 100644
--- a/securedrop/source_app/__init__.py
+++ b/securedrop/source_app/__init__.py
@@ -66,7 +66,8 @@ def check_tor2web():
             flash(Markup(gettext(
                 '<strong>WARNING:</strong> You appear to be using Tor2Web. '
                 'This <strong>does not</strong> provide anonymity. '
-                '<a href="/tor2web-warning">Why is this dangerous?</a>')),
+                '<a href="{url}">Why is this dangerous?</a>')
+                .format(url=url_for('info.tor2web_warning'))),
                   "banner-warning")
 
     @app.before_request
diff --git a/securedrop/source_app/views.py b/securedrop/source_app/views.py
index c36dfdad43..8a141f8f06 100644
--- a/securedrop/source_app/views.py
+++ b/securedrop/source_app/views.py
@@ -20,6 +20,7 @@
 
 def add_blueprints(app):
     app.register_blueprint(_main_blueprint())
+    app.register_blueprint(_info_blueprint())
 
 
 def _main_blueprint():
@@ -220,3 +221,13 @@ def logout():
         return redirect(url_for('.index'))
 
     return view
+
+
+def _info_blueprint():
+    view = Blueprint('info', 'info')
+
+    @view.route('/tor2web-warning')
+    def tor2web_warning():
+        return render_template("tor2web-warning.html")
+
+    return view

From 8b159ebebbe85ff72051de353bc7e44a29a2520b Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 21:52:07 +0200
Subject: [PATCH 25/31] split views.py into main.py and info.py

---
 .../files/usr.sbin.apache2                    |  4 ++++
 securedrop/source_app/__init__.py             |  5 +++--
 securedrop/source_app/info.py                 | 11 +++++++++++
 securedrop/source_app/{views.py => main.py}   | 19 ++-----------------
 4 files changed, 20 insertions(+), 19 deletions(-)
 create mode 100644 securedrop/source_app/info.py
 rename securedrop/source_app/{views.py => main.py} (95%)

diff --git a/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2 b/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
index 65140e2663..2d7f2cd274 100644
--- a/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
+++ b/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
@@ -159,6 +159,10 @@
   /var/www/securedrop/source_app/__pycache__/** rw,
   /var/www/securedrop/source_app/decorators.py r,
   /var/www/securedrop/source_app/decorators.pyc rw,
+  /var/www/securedrop/source_app/info.py r,
+  /var/www/securedrop/source_app/info.pyc rw,
+  /var/www/securedrop/source_app/main.py r,
+  /var/www/securedrop/source_app/main.pyc rw,
   /var/www/securedrop/source_app/utils.py r,
   /var/www/securedrop/source_app/utils.pyc rw,
   /var/www/securedrop/source_templates/banner_warning_flashed.html r,
diff --git a/securedrop/source_app/__init__.py b/securedrop/source_app/__init__.py
index 5b6e902789..eb7447c901 100644
--- a/securedrop/source_app/__init__.py
+++ b/securedrop/source_app/__init__.py
@@ -16,7 +16,7 @@
 
 from db import Source, db_session
 from request_that_secures_file_uploads import RequestThatSecuresFileUploads
-from source_app import views
+from source_app import main, info
 from source_app.decorators import ignore_static
 from source_app.utils import logged_in
 
@@ -55,7 +55,8 @@ def create_app(config=None):
     app.jinja_env.filters['nl2br'] = evalcontextfilter(template_filters.nl2br)
     app.jinja_env.filters['filesizeformat'] = template_filters.filesizeformat
 
-    views.add_blueprints(app)
+    for blueprint in [main.make_blueprint(), info.make_blueprint()]:
+        app.register_blueprint(blueprint)
 
     @app.before_request
     @ignore_static
diff --git a/securedrop/source_app/info.py b/securedrop/source_app/info.py
new file mode 100644
index 0000000000..885f5b5550
--- /dev/null
+++ b/securedrop/source_app/info.py
@@ -0,0 +1,11 @@
+from flask import Blueprint, render_template
+
+
+def make_blueprint():
+    view = Blueprint('info', __name__)
+
+    @view.route('/tor2web-warning')
+    def tor2web_warning():
+        return render_template("tor2web-warning.html")
+
+    return view
diff --git a/securedrop/source_app/views.py b/securedrop/source_app/main.py
similarity index 95%
rename from securedrop/source_app/views.py
rename to securedrop/source_app/main.py
index 8a141f8f06..96761d2c18 100644
--- a/securedrop/source_app/views.py
+++ b/securedrop/source_app/main.py
@@ -18,13 +18,8 @@
                               valid_codename)
 
 
-def add_blueprints(app):
-    app.register_blueprint(_main_blueprint())
-    app.register_blueprint(_info_blueprint())
-
-
-def _main_blueprint():
-    view = Blueprint('main', 'main')
+def make_blueprint():
+    view = Blueprint('main', __name__)
 
     @view.route('/')
     def index():
@@ -221,13 +216,3 @@ def logout():
         return redirect(url_for('.index'))
 
     return view
-
-
-def _info_blueprint():
-    view = Blueprint('info', 'info')
-
-    @view.route('/tor2web-warning')
-    def tor2web_warning():
-        return render_template("tor2web-warning.html")
-
-    return view

From acdc0d71586d0fceea167302e491144f13c2c683 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 21:58:11 +0200
Subject: [PATCH 26/31] moved recommend_tor_browser to source_app/info.py

---
 securedrop/source.py                   | 5 -----
 securedrop/source_app/info.py          | 4 ++++
 securedrop/source_templates/index.html | 2 +-
 3 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index 19801f10d2..7c0caa16c3 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -16,11 +16,6 @@
 app = create_app()
 
 
-@app.route('/use-tor')
-def recommend_tor_browser():
-    return render_template("use-tor-browser.html")
-
-
 @app.route('/journalist-key')
 def download_journalist_pubkey():
     journalist_pubkey = crypto_util.gpg.export_keys(config.JOURNALIST_KEY)
diff --git a/securedrop/source_app/info.py b/securedrop/source_app/info.py
index 885f5b5550..05ae959e41 100644
--- a/securedrop/source_app/info.py
+++ b/securedrop/source_app/info.py
@@ -8,4 +8,8 @@ def make_blueprint():
     def tor2web_warning():
         return render_template("tor2web-warning.html")
 
+    @view.route('/use-tor')
+    def recommend_tor_browser():
+        return render_template("use-tor-browser.html")
+
     return view
diff --git a/securedrop/source_templates/index.html b/securedrop/source_templates/index.html
index 2dbc903d3c..3efe965d53 100644
--- a/securedrop/source_templates/index.html
+++ b/securedrop/source_templates/index.html
@@ -15,7 +15,7 @@
   </head>
   <body>
     <div class="js-warning warning">{{ gettext('<strong>We recommend turning the Security Slider to High to protect your anonymity:</strong> <a id="disable-js" href="">Learn how to set it to high</a>, or ignore this warning to continue.') }} <img id="js-warning-close" src="{{ url_for('static', filename='i/font-awesome/times-white.png') }}" width="12px" height="12px"></div>
-    <div class="use-tor-browser warning">{{ gettext('<strong>We recommend using Tor Browser to access SecureDrop:</strong> <a id="recommend-tor" href="{tor_browser_url}">Learn how to install it</a>, or ignore this warning to continue.').format(tor_browser_url=url_for('recommend_tor_browser')) }} <img id="use-tor-browser-close" src="{{ url_for('static', filename='i/font-awesome/times-white.png') }}" width="12px" height="12px"></div>
+    <div class="use-tor-browser warning">{{ gettext('<strong>We recommend using Tor Browser to access SecureDrop:</strong> <a id="recommend-tor" href="{tor_browser_url}">Learn how to install it</a>, or ignore this warning to continue.').format(tor_browser_url=url_for('info.recommend_tor_browser')) }} <img id="use-tor-browser-close" src="{{ url_for('static', filename='i/font-awesome/times-white.png') }}" width="12px" height="12px"></div>
 
     {% include 'banner_warning_flashed.html' %}
 

From fe1ff1b3a778c6145b5ffd9b06dcf06abb40e514 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 22:32:13 +0200
Subject: [PATCH 27/31] moved download_journalist_pubkey to source_app/info.py

---
 securedrop/source.py                              | 13 +------------
 securedrop/source_app/__init__.py                 |  2 +-
 securedrop/source_app/info.py                     | 15 +++++++++++++--
 securedrop/source_templates/lookup.html           |  3 ++-
 .../source_templates/why-journalist-key.html      |  2 +-
 5 files changed, 18 insertions(+), 17 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index 7c0caa16c3..c2e9651848 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -1,11 +1,9 @@
 # -*- coding: utf-8 -*-
-from cStringIO import StringIO
-from flask import render_template, send_file, make_response
+from flask import render_template, make_response
 
 import config
 import json
 import version
-import crypto_util
 from source_app import create_app
 
 import logging
@@ -16,15 +14,6 @@
 app = create_app()
 
 
-@app.route('/journalist-key')
-def download_journalist_pubkey():
-    journalist_pubkey = crypto_util.gpg.export_keys(config.JOURNALIST_KEY)
-    return send_file(StringIO(journalist_pubkey),
-                     mimetype="application/pgp-keys",
-                     attachment_filename=config.JOURNALIST_KEY + ".asc",
-                     as_attachment=True)
-
-
 @app.route('/why-journalist-key')
 def why_download_journalist_pubkey():
     return render_template("why-journalist-key.html")
diff --git a/securedrop/source_app/__init__.py b/securedrop/source_app/__init__.py
index eb7447c901..929d2dabc8 100644
--- a/securedrop/source_app/__init__.py
+++ b/securedrop/source_app/__init__.py
@@ -55,7 +55,7 @@ def create_app(config=None):
     app.jinja_env.filters['nl2br'] = evalcontextfilter(template_filters.nl2br)
     app.jinja_env.filters['filesizeformat'] = template_filters.filesizeformat
 
-    for blueprint in [main.make_blueprint(), info.make_blueprint()]:
+    for blueprint in [main.make_blueprint(), info.make_blueprint(config)]:
         app.register_blueprint(blueprint)
 
     @app.before_request
diff --git a/securedrop/source_app/info.py b/securedrop/source_app/info.py
index 05ae959e41..1e854b9828 100644
--- a/securedrop/source_app/info.py
+++ b/securedrop/source_app/info.py
@@ -1,7 +1,10 @@
-from flask import Blueprint, render_template
+from cStringIO import StringIO
+from flask import Blueprint, render_template, send_file
 
+import crypto_util
 
-def make_blueprint():
+
+def make_blueprint(config):
     view = Blueprint('info', __name__)
 
     @view.route('/tor2web-warning')
@@ -12,4 +15,12 @@ def tor2web_warning():
     def recommend_tor_browser():
         return render_template("use-tor-browser.html")
 
+    @view.route('/journalist-key')
+    def download_journalist_pubkey():
+        journalist_pubkey = crypto_util.gpg.export_keys(config.JOURNALIST_KEY)
+        return send_file(StringIO(journalist_pubkey),
+                         mimetype="application/pgp-keys",
+                         attachment_filename=config.JOURNALIST_KEY + ".asc",
+                         as_attachment=True)
+
     return view
diff --git a/securedrop/source_templates/lookup.html b/securedrop/source_templates/lookup.html
index 13345a82c9..84ccc1718a 100644
--- a/securedrop/source_templates/lookup.html
+++ b/securedrop/source_templates/lookup.html
@@ -18,7 +18,8 @@
 </div>
 
 <h1 class="headline">{{ gettext('Submit Materials') }}</h1>
-<p class="explanation">{{ gettext('If you are already familiar with GPG, you can optionally encrypt your files and messages with our <a href="/journalist-key" class="text-link">public key</a> before submission. Files are encrypted as they are received by SecureDrop.') }} {{ gettext('<a href="/why-journalist-key" class="text-link">Learn more</a>.') }}</p>
+<p class="explanation">{{ gettext('If you are already familiar with GPG, you can optionally encrypt your files and messages with our <a href="{url}" class="text-link">public key</a> before submission. Files are encrypted as they are received by SecureDrop.').format(url=url_for('info.download_journalist_pubkey')) }}
+{{ gettext('<a href="/why-journalist-key" class="text-link">Learn more</a>.') }}</p>
 
 <p class="explanation">{{ gettext('You can send a file, a message, or both.') }}</p>
 <hr class="no-line">
diff --git a/securedrop/source_templates/why-journalist-key.html b/securedrop/source_templates/why-journalist-key.html
index 2cbcec6ca8..fed6d43738 100644
--- a/securedrop/source_templates/why-journalist-key.html
+++ b/securedrop/source_templates/why-journalist-key.html
@@ -4,7 +4,7 @@ <h1>{{ gettext("Why download the journalist's public key?") }}</h1>
 <p>{{ gettext("SecureDrop encrypts files and messages after they are submitted. Encrypting messages and files before submission can provide an extra layer of security before your data reaches the SecureDrop server.") }}</p>
 <p>{{ gettext("If you are already familiar with the GPG encryption software, you may wish to encrypt your submissions yourself. To do so:") }}
 <ol>
-<li>{{ gettext('<a href="/journalist-key">Download</a> the public key. The public key is a text file with the extension <code>.asc</code>')|safe }}</li>
+    <li>{{ gettext('<a href="{url}">Download</a> the public key. The public key is a text file with the extension <code>.asc</code>').format(url=url_for('info.download_journalist_pubkey'))|safe }}</li>
 <li>{{ gettext('Import it into your GPG keyring.') }}
 <ul>
 <li>{{ gettext('If you are using <a href="tails.boum.org">Tails</a>, you can double-click the <code>.asc</code> file you just downloaded and it will be automatically imported to your keyring.') }}</li>

From a71c2d922beb3ee59e3717bdae0f172c6e59872b Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 22:37:13 +0200
Subject: [PATCH 28/31] moved why_download_journalist_pubkey to
 souce_app/info.py

---
 securedrop/source.py                    | 5 -----
 securedrop/source_app/info.py           | 4 ++++
 securedrop/source_templates/lookup.html | 2 +-
 3 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index c2e9651848..ac52ebca91 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -14,11 +14,6 @@
 app = create_app()
 
 
-@app.route('/why-journalist-key')
-def why_download_journalist_pubkey():
-    return render_template("why-journalist-key.html")
-
-
 @app.route('/metadata')
 def metadata():
     meta = {'gpg_fpr': config.JOURNALIST_KEY,
diff --git a/securedrop/source_app/info.py b/securedrop/source_app/info.py
index 1e854b9828..8d5a51bc25 100644
--- a/securedrop/source_app/info.py
+++ b/securedrop/source_app/info.py
@@ -23,4 +23,8 @@ def download_journalist_pubkey():
                          attachment_filename=config.JOURNALIST_KEY + ".asc",
                          as_attachment=True)
 
+    @view.route('/why-journalist-key')
+    def why_download_journalist_pubkey():
+        return render_template("why-journalist-key.html")
+
     return view
diff --git a/securedrop/source_templates/lookup.html b/securedrop/source_templates/lookup.html
index 84ccc1718a..b86d2c135d 100644
--- a/securedrop/source_templates/lookup.html
+++ b/securedrop/source_templates/lookup.html
@@ -19,7 +19,7 @@
 
 <h1 class="headline">{{ gettext('Submit Materials') }}</h1>
 <p class="explanation">{{ gettext('If you are already familiar with GPG, you can optionally encrypt your files and messages with our <a href="{url}" class="text-link">public key</a> before submission. Files are encrypted as they are received by SecureDrop.').format(url=url_for('info.download_journalist_pubkey')) }}
-{{ gettext('<a href="/why-journalist-key" class="text-link">Learn more</a>.') }}</p>
+{{ gettext('<a href="{url}" class="text-link">Learn more</a>.').format(url=url_for('info.why_download_journalist_pubkey')) }}</p>
 
 <p class="explanation">{{ gettext('You can send a file, a message, or both.') }}</p>
 <hr class="no-line">

From 7733254e7b3ce39e24acb32a658afd24487cb070 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 22:38:44 +0200
Subject: [PATCH 29/31] fixed broken url

---
 securedrop/source_templates/why-journalist-key.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/securedrop/source_templates/why-journalist-key.html b/securedrop/source_templates/why-journalist-key.html
index fed6d43738..b9920073f3 100644
--- a/securedrop/source_templates/why-journalist-key.html
+++ b/securedrop/source_templates/why-journalist-key.html
@@ -7,7 +7,7 @@ <h1>{{ gettext("Why download the journalist's public key?") }}</h1>
     <li>{{ gettext('<a href="{url}">Download</a> the public key. The public key is a text file with the extension <code>.asc</code>').format(url=url_for('info.download_journalist_pubkey'))|safe }}</li>
 <li>{{ gettext('Import it into your GPG keyring.') }}
 <ul>
-<li>{{ gettext('If you are using <a href="tails.boum.org">Tails</a>, you can double-click the <code>.asc</code> file you just downloaded and it will be automatically imported to your keyring.') }}</li>
+<li>{{ gettext('If you are using <a href="{url}">Tails</a>, you can double-click the <code>.asc</code> file you just downloaded and it will be automatically imported to your keyring.').format(url='https://tails.boum.org') }}</li>
 <li>{{ gettext('If you are using Mac/Linux, open the terminal. You can import the key with <code>gpg --import /path/to/key.asc</code>.') }}</li>
 </ul>
 </li>

From 657061082a3fb103169e6573b930bef597738782 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sat, 23 Sep 2017 22:47:29 +0200
Subject: [PATCH 30/31] moved metadata route into source_app/api.py

---
 .../files/usr.sbin.apache2                    |  2 ++
 securedrop/source.py                          | 20 +------------------
 securedrop/source_app/__init__.py             |  6 +++---
 securedrop/source_app/api.py                  | 20 +++++++++++++++++++
 securedrop/source_app/main.py                 |  2 +-
 5 files changed, 27 insertions(+), 23 deletions(-)
 create mode 100644 securedrop/source_app/api.py

diff --git a/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2 b/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
index 2d7f2cd274..46285071a4 100644
--- a/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
+++ b/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
@@ -157,6 +157,8 @@
   /var/www/securedrop/source_app/__init__.py r,
   /var/www/securedrop/source_app/__init__.pyc rw,
   /var/www/securedrop/source_app/__pycache__/** rw,
+  /var/www/securedrop/source_app/api.py r,
+  /var/www/securedrop/source_app/api.pyc rw,
   /var/www/securedrop/source_app/decorators.py r,
   /var/www/securedrop/source_app/decorators.pyc rw,
   /var/www/securedrop/source_app/info.py r,
diff --git a/securedrop/source.py b/securedrop/source.py
index ac52ebca91..afcbfdf0ef 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -1,29 +1,11 @@
 # -*- coding: utf-8 -*-
-from flask import render_template, make_response
-
 import config
-import json
-import version
-from source_app import create_app
 
-import logging
-# This module's logger is explicitly labeled so the correct logger is used,
-# even when this is run from the command line (e.g. during development)
-log = logging.getLogger('source')
+from source_app import create_app
 
 app = create_app()
 
 
-@app.route('/metadata')
-def metadata():
-    meta = {'gpg_fpr': config.JOURNALIST_KEY,
-            'sd_version': version.__version__,
-            }
-    resp = make_response(json.dumps(meta))
-    resp.headers['Content-Type'] = 'application/json'
-    return resp
-
-
 if __name__ == "__main__":  # pragma: no cover
     debug = getattr(config, 'env', 'prod') != 'prod'
     app.run(debug=debug, host='0.0.0.0', port=8080)
diff --git a/securedrop/source_app/__init__.py b/securedrop/source_app/__init__.py
index 929d2dabc8..5585b73ec6 100644
--- a/securedrop/source_app/__init__.py
+++ b/securedrop/source_app/__init__.py
@@ -16,7 +16,7 @@
 
 from db import Source, db_session
 from request_that_secures_file_uploads import RequestThatSecuresFileUploads
-from source_app import main, info
+from source_app import main, info, api
 from source_app.decorators import ignore_static
 from source_app.utils import logged_in
 
@@ -55,8 +55,8 @@ def create_app(config=None):
     app.jinja_env.filters['nl2br'] = evalcontextfilter(template_filters.nl2br)
     app.jinja_env.filters['filesizeformat'] = template_filters.filesizeformat
 
-    for blueprint in [main.make_blueprint(), info.make_blueprint(config)]:
-        app.register_blueprint(blueprint)
+    for module in [main, info, api]:
+        app.register_blueprint(module.make_blueprint(config))
 
     @app.before_request
     @ignore_static
diff --git a/securedrop/source_app/api.py b/securedrop/source_app/api.py
new file mode 100644
index 0000000000..53661f6dbf
--- /dev/null
+++ b/securedrop/source_app/api.py
@@ -0,0 +1,20 @@
+import json
+
+from flask import Blueprint, make_response
+
+import version
+
+
+def make_blueprint(config):
+    view = Blueprint('api', __name__)
+
+    @view.route('/metadata')
+    def metadata():
+        meta = {'gpg_fpr': config.JOURNALIST_KEY,
+                'sd_version': version.__version__,
+                }
+        resp = make_response(json.dumps(meta))
+        resp.headers['Content-Type'] = 'application/json'
+        return resp
+
+    return view
diff --git a/securedrop/source_app/main.py b/securedrop/source_app/main.py
index 96761d2c18..eb97258fc7 100644
--- a/securedrop/source_app/main.py
+++ b/securedrop/source_app/main.py
@@ -18,7 +18,7 @@
                               valid_codename)
 
 
-def make_blueprint():
+def make_blueprint(config):
     view = Blueprint('main', __name__)
 
     @view.route('/')

From dd8dea744452debfd84b2777bd9af7bafb98fd91 Mon Sep 17 00:00:00 2001
From: heartsucker <heartsucker@autistici.org>
Date: Sun, 24 Sep 2017 09:05:04 +0200
Subject: [PATCH 31/31] inject config, never allow global

---
 securedrop/source.py              | 2 +-
 securedrop/source_app/__init__.py | 6 +-----
 2 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/securedrop/source.py b/securedrop/source.py
index afcbfdf0ef..60e4de8153 100644
--- a/securedrop/source.py
+++ b/securedrop/source.py
@@ -3,7 +3,7 @@
 
 from source_app import create_app
 
-app = create_app()
+app = create_app(config)
 
 
 if __name__ == "__main__":  # pragma: no cover
diff --git a/securedrop/source_app/__init__.py b/securedrop/source_app/__init__.py
index 5585b73ec6..9aa937e3ac 100644
--- a/securedrop/source_app/__init__.py
+++ b/securedrop/source_app/__init__.py
@@ -7,7 +7,6 @@
 from os import path
 from sqlalchemy.orm.exc import MultipleResultsFound, NoResultFound
 
-import config as global_config
 import crypto_util
 import i18n
 import store
@@ -21,10 +20,7 @@
 from source_app.utils import logged_in
 
 
-def create_app(config=None):
-    if config is None:
-        config = global_config
-
+def create_app(config):
     app = Flask(__name__,
                 template_folder=config.SOURCE_TEMPLATES_DIR,
                 static_folder=path.join(config.SECUREDROP_ROOT, 'static'))