web_site.ml 52.7 KB
Newer Older
Stephane Glondu's avatar
Stephane Glondu committed
1 2 3
(**************************************************************************)
(*                                BELENIOS                                *)
(*                                                                        *)
Stephane Glondu's avatar
Stephane Glondu committed
4
(*  Copyright © 2012-2016 Inria                                           *)
Stephane Glondu's avatar
Stephane Glondu committed
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
(*                                                                        *)
(*  This program is free software: you can redistribute it and/or modify  *)
(*  it under the terms of the GNU Affero General Public License as        *)
(*  published by the Free Software Foundation, either version 3 of the    *)
(*  License, or (at your option) any later version, with the additional   *)
(*  exemption that compiling, linking, and/or using OpenSSL is allowed.   *)
(*                                                                        *)
(*  This program is distributed in the hope that it will be useful, but   *)
(*  WITHOUT ANY WARRANTY; without even the implied warranty of            *)
(*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU     *)
(*  Affero General Public License for more details.                       *)
(*                                                                        *)
(*  You should have received a copy of the GNU Affero General Public      *)
(*  License along with this program.  If not, see                         *)
(*  <http://www.gnu.org/licenses/>.                                       *)
(**************************************************************************)

22
open Lwt
23
open Platform
24
open Serializable_j
25
open Signatures
26
open Common
27
open Web_serializable_builtin_t
Stephane Glondu's avatar
Stephane Glondu committed
28
open Web_serializable_j
29
open Web_common
30
open Web_services
Stephane Glondu's avatar
Stephane Glondu committed
31

32
let source_file = ref "belenios.tar.gz"
Stephane Glondu's avatar
Stephane Glondu committed
33

34 35
let ( / ) = Filename.concat

Stephane Glondu's avatar
Stephane Glondu committed
36
module PString = String
Stephane Glondu's avatar
Stephane Glondu committed
37

Stephane Glondu's avatar
Stephane Glondu committed
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53
open Eliom_service
open Eliom_registration

module LwtRandom = MakeLwtRandom (struct let rng = make_rng () end)

(* Table with elections in setup mode. *)
let election_stable = Ocsipersist.open_table "site_setup"

(* Table with tokens given to trustees. *)
let election_pktokens = Ocsipersist.open_table "site_pktokens"

(* Table with tokens given to credential authorities. *)
let election_credtokens = Ocsipersist.open_table "site_credtokens"

module T = Web_templates

Stephane Glondu's avatar
Stephane Glondu committed
54
let raw_find_election uuid =
55
  let%lwt raw_election = Web_persist.get_raw_election uuid in
56 57 58 59
  match raw_election with
  | Some raw_election ->
     return (Group.election_params_of_string raw_election)
  | _ -> Lwt.fail Not_found
Stephane Glondu's avatar
Stephane Glondu committed
60

Stephane Glondu's avatar
Stephane Glondu committed
61 62
module WCacheTypes = struct
  type key = string
63
  type value = (module ELECTION_DATA)
Stephane Glondu's avatar
Stephane Glondu committed
64 65 66 67 68 69 70 71
end

module WCache = Ocsigen_cache.Make (WCacheTypes)

let find_election =
  let cache = new WCache.cache raw_find_election 100 in
  fun x -> cache#find x

72
let get_setup_election uuid_s =
73
  let%lwt se = Ocsipersist.find election_stable uuid_s in
74
  return (setup_election_of_string se)
75 76

let set_setup_election uuid_s se =
77
  Ocsipersist.add election_stable uuid_s (string_of_setup_election se)
78

Stephane Glondu's avatar
Stephane Glondu committed
79
let dump_passwords dir table =
Stephane Glondu's avatar
Stephane Glondu committed
80 81 82 83 84 85
  Lwt_io.(with_file Output (dir / "passwords.csv") (fun oc ->
    Ocsipersist.iter_step (fun voter (salt, hashed) ->
      write_line oc (voter ^ "," ^ salt ^ "," ^ hashed)
    ) table
  ))

86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108
let finalize_election uuid se =
  let uuid_s = Uuidm.to_string uuid in
  (* voters *)
  let () =
    if se.se_voters = [] then failwith "no voters"
  in
  (* passwords *)
  let () =
    match se.se_metadata.e_auth_config with
    | Some [{auth_system = "password"; _}] ->
       if not @@ List.for_all (fun v -> v.sv_password <> None) se.se_voters then
         failwith "some passwords are missing"
    | _ -> ()
  in
  (* credentials *)
  let () =
    if not se.se_public_creds_received then
      failwith "public credentials are missing"
  in
  (* trustees *)
  let group = Group.of_string se.se_group in
  let module G = (val group : GROUP) in
  let module KG = Election.MakeSimpleDistKeyGen (G) (LwtRandom) in
109
  let%lwt trustees, public_keys, private_key =
110 111
    match se.se_public_keys with
    | [] ->
112
       let%lwt private_key, public_key = KG.generate_and_prove () in
113
       return (None, [public_key], Some private_key)
114
    | _ :: _ ->
115 116 117
       return (
         Some (List.map (fun {st_id; _} -> st_id) se.se_public_keys),
         (List.map
118 119 120
            (fun {st_public_key; _} ->
              if st_public_key = "" then failwith "some public keys are missing";
              trustee_public_key_of_string G.read st_public_key
121 122
            ) se.se_public_keys),
         None)
123 124 125
  in
  let y = KG.combine (Array.of_list public_keys) in
  (* election parameters *)
126
  let metadata = { se.se_metadata with e_trustees = trustees } in
127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150
  let template = se.se_questions in
  let params = {
    e_description = template.t_description;
    e_name = template.t_name;
    e_public_key = {wpk_group = G.group; wpk_y = y};
    e_questions = template.t_questions;
    e_uuid = uuid;
  } in
  let raw_election = string_of_params (write_wrapped_pubkey G.write_group G.write) params in
  (* write election files to disk *)
  let dir = !spool_dir / uuid_s in
  let create_file fname what xs =
    Lwt_io.with_file
      ~flags:(Unix.([O_WRONLY; O_NONBLOCK; O_CREAT; O_TRUNC]))
      ~perm:0o600 ~mode:Lwt_io.Output (dir / fname)
      (fun oc ->
        Lwt_list.iter_s
          (fun v ->
            Lwt_io.write oc (what v) >>
              Lwt_io.write oc "\n") xs)
  in
  Lwt_unix.mkdir dir 0o700 >>
  create_file "public_keys.jsons" (string_of_trustee_public_key G.write) public_keys >>
  create_file "voters.txt" (fun x -> x.sv_id) se.se_voters >>
151
  create_file "metadata.json" string_of_metadata [metadata] >>
152 153
  create_file "election.json" (fun x -> x) [raw_election] >>
  (* construct Web_election instance *)
154
  let election = Group.election_params_of_string raw_election in
155 156
  let module W = Web_election.Make ((val election)) (LwtRandom) in
  (* set up authentication *)
157
  let%lwt () =
158
    match metadata.e_auth_config with
159 160 161 162 163 164 165 166 167 168
    | None -> return ()
    | Some xs ->
       let auth_config =
         List.map (fun {auth_system; auth_instance; auth_config} ->
           auth_instance, (auth_system, List.map snd auth_config)
         ) xs
       in
       Web_persist.set_auth_config uuid_s auth_config
  in
  (* inject credentials *)
169
  let%lwt () =
170 171 172 173 174 175 176
    let fname = !spool_dir / uuid_s ^ ".public_creds.txt" in
    Lwt_io.lines_of_file fname |>
    Lwt_stream.iter_s W.B.inject_cred >>
    W.B.update_files () >>
    Lwt_unix.unlink fname
  in
  (* create file with private key, if any *)
177
  let%lwt () =
178 179 180 181 182 183 184
    match private_key with
    | None -> return_unit
    | Some x -> create_file "private_key.json" string_of_number [x]
  in
  (* clean up setup database *)
  Ocsipersist.remove election_credtokens se.se_public_creds >>
  Lwt_list.iter_s
185 186
    (fun {st_token; _} ->
      Ocsipersist.remove election_pktokens st_token)
187 188 189
    se.se_public_keys >>
  Ocsipersist.remove election_stable uuid_s >>
  (* inject passwords *)
190
  (match metadata.e_auth_config with
191 192 193 194 195 196 197 198 199 200
  | Some [{auth_system = "password"; _}] ->
     let table = "password_" ^ underscorize uuid_s in
     let table = Ocsipersist.open_table table in
     Lwt_list.iter_s
       (fun v ->
         let _, login = split_identity v.sv_id in
         match v.sv_password with
         | Some x -> Ocsipersist.add table login x
         | None -> return_unit
       ) se.se_voters >>
201
       dump_passwords (!spool_dir / uuid_s) table
202 203
  | _ -> return_unit) >>
  (* finish *)
Stephane Glondu's avatar
Stephane Glondu committed
204
  Web_persist.set_election_state uuid_s `Open >>
205
  Web_persist.set_election_date uuid_s (now ())
Stephane Glondu's avatar
Stephane Glondu committed
206

Stephane Glondu's avatar
Stephane Glondu committed
207 208 209 210
let cleanup_table ?uuid_s table =
  let table = Ocsipersist.open_table table in
  match uuid_s with
  | None ->
211
     let%lwt indexes = Ocsipersist.fold_step (fun k _ accu ->
Stephane Glondu's avatar
Stephane Glondu committed
212 213 214 215 216 217
       return (k :: accu)) table []
     in
     Lwt_list.iter_s (Ocsipersist.remove table) indexes
  | Some u -> Ocsipersist.remove table u

let cleanup_file f =
218
  try%lwt Lwt_unix.unlink f
Stephane Glondu's avatar
Stephane Glondu committed
219 220 221 222
  with _ -> return_unit

let archive_election uuid_s =
  let uuid_u = underscorize uuid_s in
223 224 225 226 227 228 229 230
  let%lwt () = cleanup_table ~uuid_s "election_states" in
  let%lwt () = cleanup_table ~uuid_s "election_pds" in
  let%lwt () = cleanup_table ~uuid_s "auth_configs" in
  let%lwt () = cleanup_table ("password_" ^ uuid_u) in
  let%lwt () = cleanup_table ("records_" ^ uuid_u) in
  let%lwt () = cleanup_table ("creds_" ^ uuid_u) in
  let%lwt () = cleanup_table ("ballots_" ^ uuid_u) in
  let%lwt () = cleanup_file (!spool_dir / uuid_s / "private_key.json") in
Stephane Glondu's avatar
Stephane Glondu committed
231 232
  return_unit

Stephane Glondu's avatar
Stephane Glondu committed
233 234
let () = Any.register ~service:home
  (fun () () ->
235
    Eliom_reference.unset Web_state.cont >>
236
    T.home () >>= Html5.send
Stephane Glondu's avatar
Stephane Glondu committed
237 238
  )

239
let get_finalized_elections_by_owner u =
240
  let%lwt elections, tallied, archived =
241 242
    Web_persist.get_elections_by_owner u >>=
    Lwt_list.fold_left_s (fun accu uuid_s ->
243 244 245
        let%lwt w = find_election uuid_s in
        let%lwt state = Web_persist.get_election_state uuid_s in
        let%lwt date = Web_persist.get_election_date uuid_s in
Stephane Glondu's avatar
Stephane Glondu committed
246
        let elections, tallied, archived = accu in
247
        match state with
Stephane Glondu's avatar
Stephane Glondu committed
248 249 250 251
        | `Tallied _ -> return (elections, (date, w) :: tallied, archived)
        | `Archived -> return (elections, tallied, (date, w) :: archived)
        | _ -> return ((date, w) :: elections, tallied, archived)
    ) ([], [], [])
252 253 254 255 256
  in
  let sort l =
    List.sort (fun (x, _) (y, _) -> datetime_compare x y) l |>
    List.map (fun (_, x) -> x)
  in
Stephane Glondu's avatar
Stephane Glondu committed
257
  return (sort elections, sort tallied, sort archived)
258

Stephane Glondu's avatar
Stephane Glondu committed
259 260
let () = Html5.register ~service:admin
  (fun () () ->
Stephane Glondu's avatar
Stephane Glondu committed
261
    let cont () = Redirection.send admin in
262
    Eliom_reference.set Web_state.cont [cont] >>
263 264
    let%lwt site_user = Web_state.get_site_user () in
    let%lwt elections =
265
      match site_user with
266
      | None -> return None
Stephane Glondu's avatar
Stephane Glondu committed
267
      | Some u ->
268 269
         let%lwt elections, tallied, archived = get_finalized_elections_by_owner u in
         let%lwt setup_elections =
270
           Ocsipersist.fold_step (fun k v accu ->
271
             let v = setup_election_of_string v in
272
             if v.se_owner = u
273
             then return ((uuid_of_string k, v.se_questions.t_name) :: accu)
274 275
             else return accu
           ) election_stable []
276
         in
Stephane Glondu's avatar
Stephane Glondu committed
277
         return @@ Some (elections, tallied, archived, setup_elections)
Stephane Glondu's avatar
Stephane Glondu committed
278
    in
279
    T.admin ~elections ()
Stephane Glondu's avatar
Stephane Glondu committed
280 281 282 283 284 285 286 287
  )

let () = File.register
  ~service:source_code
  ~content_type:"application/x-gzip"
  (fun () () -> return !source_file)

let do_get_randomness =
288
  let prng = Lazy.from_fun (Lwt_preemptive.detach (fun () ->
Stephane Glondu's avatar
Stephane Glondu committed
289 290 291 292 293
    pseudo_rng (random_string secure_rng 16)
  )) in
  let mutex = Lwt_mutex.create () in
  fun () ->
    Lwt_mutex.with_lock mutex (fun () ->
294
      let%lwt prng = Lazy.force prng in
Stephane Glondu's avatar
Stephane Glondu committed
295
      return (random_string prng 32)
296 297
    )

298 299 300
let b64_encode_compact x =
  Cryptokit.(transform_string (Base64.encode_compact ()) x)

Stephane Glondu's avatar
Stephane Glondu committed
301 302 303
let () = String.register
  ~service:get_randomness
  (fun () () ->
304
    let%lwt r = do_get_randomness () in
Stephane Glondu's avatar
Stephane Glondu committed
305 306 307 308 309 310 311
    b64_encode_compact r |>
    (fun x -> string_of_randomness { randomness=x }) |>
    (fun x -> return (x, "application/json"))
  )

let generate_uuid = Uuidm.v4_gen (Random.State.make_self_init ())

Stephane Glondu's avatar
Stephane Glondu committed
312 313 314 315 316 317 318 319 320 321 322 323
let create_new_election owner cred auth =
  let e_cred_authority = match cred with
    | `Automatic -> Some "server"
    | `Manual -> None
  in
  let e_auth_config = match auth with
    | `Password -> Some [{auth_system = "password"; auth_instance = "password"; auth_config = []}]
    | `Dummy -> Some [{auth_system = "dummy"; auth_instance = "dummy"; auth_config = []}]
    | `CAS server -> Some [{auth_system = "cas"; auth_instance = "cas"; auth_config = ["server", server]}]
  in
  let uuid = generate_uuid () in
  let uuid_s = Uuidm.to_string uuid in
324
  let%lwt token = generate_token () in
Stephane Glondu's avatar
Stephane Glondu committed
325 326 327 328
  let se_metadata = {
    e_owner = Some owner;
    e_auth_config;
    e_cred_authority;
329
    e_trustees = None;
330
    e_languages = None;
Stephane Glondu's avatar
Stephane Glondu committed
331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350
  } in
  let question = {
    q_answers = [| "Answer 1"; "Answer 2"; "Blank" |];
    q_min = 1;
    q_max = 1;
    q_question = "Question 1?";
  } in
  let se_questions = {
    t_description = "Description of the election.";
    t_name = "Name of the election";
    t_questions = [| question |];
  } in
  let se = {
    se_owner = owner;
    se_group = "{\"g\":\"14887492224963187634282421537186040801304008017743492304481737382571933937568724473847106029915040150784031882206090286938661464458896494215273989547889201144857352611058572236578734319505128042602372864570426550855201448111746579871811249114781674309062693442442368697449970648232621880001709535143047913661432883287150003429802392229361583608686643243349727791976247247948618930423866180410558458272606627111270040091203073580238905303994472202930783207472394578498507764703191288249547659899997131166130259700604433891232298182348403175947450284433411265966789131024573629546048637848902243503970966798589660808533\",\"p\":\"16328632084933010002384055033805457329601614771185955389739167309086214800406465799038583634953752941675645562182498120750264980492381375579367675648771293800310370964745767014243638518442553823973482995267304044326777047662957480269391322789378384619428596446446984694306187644767462460965622580087564339212631775817895958409016676398975671266179637898557687317076177218843233150695157881061257053019133078545928983562221396313169622475509818442661047018436264806901023966236718367204710755935899013750306107738002364137917426595737403871114187750804346564731250609196846638183903982387884578266136503697493474682071\",\"q\":\"61329566248342901292543872769978950870633559608669337131139375508370458778917\"}";
    se_voters = [];
    se_questions;
    se_public_keys = [];
    se_metadata;
    se_public_creds = token;
351
    se_public_creds_received = false;
Stephane Glondu's avatar
Stephane Glondu committed
352
  } in
353 354
  let%lwt () = set_setup_election uuid_s se in
  let%lwt () = Ocsipersist.add election_credtokens token uuid_s in
Stephane Glondu's avatar
Stephane Glondu committed
355 356 357 358 359
  return (preapply election_setup uuid)

let () = Html5.register ~service:election_setup_pre
  (fun () () -> T.election_setup_pre ())

Stephane Glondu's avatar
Stephane Glondu committed
360
let () = Redirection.register ~service:election_setup_new
Stephane Glondu's avatar
Stephane Glondu committed
361
  (fun () (credmgmt, (auth, cas_server)) ->
362
   match%lwt Web_state.get_site_user () with
Stephane Glondu's avatar
Stephane Glondu committed
363
   | Some u ->
364
      let%lwt credmgmt = match credmgmt with
Stephane Glondu's avatar
Stephane Glondu committed
365 366 367 368
        | Some "auto" -> return `Automatic
        | Some "manual" -> return `Manual
        | _ -> fail_http 400
      in
369
      let%lwt auth = match auth with
Stephane Glondu's avatar
Stephane Glondu committed
370 371 372 373 374 375 376
        | Some "password" -> return `Password
        | Some "dummy" -> return `Dummy
        | Some "cas" -> return @@ `CAS cas_server
        | _ -> fail_http 400
      in
      create_new_election u credmgmt auth
   | None -> forbidden ())
Stephane Glondu's avatar
Stephane Glondu committed
377

378
let generic_setup_page f uuid () =
379
  match%lwt Web_state.get_site_user () with
380 381
  | Some u ->
     let uuid_s = Uuidm.to_string uuid in
382
     let%lwt se = get_setup_election uuid_s in
383 384 385 386 387
     if se.se_owner = u
     then f uuid se ()
     else forbidden ()
  | None -> forbidden ()

Stephane Glondu's avatar
Stephane Glondu committed
388
let () = Html5.register ~service:election_setup
389
  (generic_setup_page T.election_setup)
Stephane Glondu's avatar
Stephane Glondu committed
390

391
let () = Html5.register ~service:election_setup_trustees
392 393 394 395
  (generic_setup_page T.election_setup_trustees)

let () = Html5.register ~service:election_setup_credential_authority
  (generic_setup_page T.election_setup_credential_authority)
396

Stephane Glondu's avatar
Stephane Glondu committed
397 398
let election_setup_mutex = Lwt_mutex.create ()

399
let handle_setup f uuid x =
400
  match%lwt Web_state.get_site_user () with
Stephane Glondu's avatar
Stephane Glondu committed
401 402 403
  | Some u ->
     let uuid_s = Uuidm.to_string uuid in
     Lwt_mutex.with_lock election_setup_mutex (fun () ->
404
       let%lwt se = get_setup_election uuid_s in
Stephane Glondu's avatar
Stephane Glondu committed
405
       if se.se_owner = u then (
406 407
         try%lwt
           let%lwt cont = f se x u uuid in
408
           set_setup_election uuid_s se >>
409
           cont ()
Stephane Glondu's avatar
Stephane Glondu committed
410
         with e ->
411 412
           let service = preapply election_setup uuid in
           T.generic_page ~title:"Error" ~service (Printexc.to_string e) () >>= Html5.send
Stephane Glondu's avatar
Stephane Glondu committed
413 414 415
       ) else forbidden ()
     )
  | None -> forbidden ()
416

417 418
let redir_preapply s u () = Redirection.send (preapply s u)

419 420 421 422 423 424 425 426 427 428 429
let () =
  Any.register
    ~service:election_setup_languages
    (handle_setup
       (fun se languages _ uuid ->
         se.se_metadata <- {
            se.se_metadata with
            e_languages = languages_of_string languages
          };
         return (redir_preapply election_setup uuid)))

430 431 432 433
let () =
  Any.register
    ~service:election_setup_description
    (handle_setup
434
       (fun se (name, description) _ uuid ->
435 436 437
         se.se_questions <- {se.se_questions with
           t_name = name;
           t_description = description;
438 439
         };
         return (redir_preapply election_setup uuid)))
440

Stephane Glondu's avatar
Stephane Glondu committed
441
let generate_password langs title url id =
442
  let email, login = split_identity id in
443 444
  let%lwt salt = generate_token () in
  let%lwt password = generate_token () in
445
  let hashed = sha256_hex (salt ^ password) in
Stephane Glondu's avatar
Stephane Glondu committed
446 447 448 449 450 451
  let bodies = List.map (fun lang ->
    let module L = (val Web_i18n.get_lang lang) in
    Printf.sprintf L.mail_password title login password url
  ) langs in
  let body = PString.concat "\n\n----------\n\n" bodies in
  let body = body ^ "\n\n-- \nBelenios" in
Stephane Glondu's avatar
Stephane Glondu committed
452 453 454 455 456
  let subject =
    let lang = List.hd langs in
    let module L = (val Web_i18n.get_lang lang) in
    Printf.sprintf L.mail_password_subject title
  in
457
  send_email email subject body >>
458
  return (salt, hashed)
459

460 461 462 463 464
let handle_password se uuid ~force voters =
  let title = se.se_questions.t_name in
  let url = Eliom_uri.make_string_uri ~absolute:true ~service:election_home
    (uuid, ()) |> rewrite_prefix
  in
465
  let langs = get_languages se.se_metadata.e_languages in
466 467 468 469
  Lwt_list.iter_s (fun id ->
    match id.sv_password with
    | Some _ when not force -> return_unit
    | None | Some _ ->
470
       let%lwt x = generate_password langs title url id.sv_id in
471 472 473
       return (id.sv_password <- Some x)
  ) voters >>
  return (fun () ->
Stephane Glondu's avatar
Stephane Glondu committed
474
    let service = preapply election_setup uuid in
475
    T.generic_page ~title:"Success" ~service
476 477
      "Passwords have been generated and mailed!" () >>= Html5.send)

478 479 480 481 482
let () =
  Any.register
    ~service:election_setup_auth_genpwd
    (handle_setup
       (fun se () _ uuid ->
483
         handle_password se uuid ~force:false se.se_voters))
484

485 486 487
let () =
  Any.register
    ~service:election_regenpwd
Stephane Glondu's avatar
Stephane Glondu committed
488
    (fun (uuid, ()) () ->
489 490 491 492 493 494
      T.regenpwd uuid () >>= Html5.send)

let () =
  Any.register
    ~service:election_regenpwd_post
    (fun (uuid, ()) user ->
495
      let uuid_s = Uuidm.to_string uuid in
496 497
      let%lwt w = find_election uuid_s in
      let%lwt metadata = Web_persist.get_election_metadata uuid_s in
498
      let module W = (val w) in
499
      let%lwt site_user = Web_state.get_site_user () in
500
      match site_user with
501
      | Some u when metadata.e_owner = Some u ->
502 503 504 505 506 507 508
         let table = "password_" ^ underscorize uuid_s in
         let table = Ocsipersist.open_table table in
         let title = W.election.e_params.e_name in
         let url = Eliom_uri.make_string_uri
           ~absolute:true ~service:election_home
           (uuid, ()) |> rewrite_prefix
         in
509
         let service = preapply election_admin (uuid, ()) in
510 511
         begin try%lwt
           let%lwt _ = Ocsipersist.find table user in
512
           let langs = get_languages metadata.e_languages in
513
           let%lwt x = generate_password langs title url user in
514
           Ocsipersist.add table user x >>
515
           dump_passwords (!spool_dir / uuid_s) table >>
516
           T.generic_page ~title:"Success" ~service
517 518 519
             ("A new password has been mailed to " ^ user ^ ".") ()
           >>= Html5.send
         with Not_found ->
520
           T.generic_page ~title:"Error" ~service
521 522 523 524 525 526
             (user ^ " is not a registered user for this election.") ()
           >>= Html5.send
         end
      | _ -> forbidden ()
    )

Stephane Glondu's avatar
Stephane Glondu committed
527 528 529 530
let () =
  Html5.register
    ~service:election_setup_questions
    (fun uuid () ->
531
     match%lwt Web_state.get_site_user () with
532 533
     | Some u ->
        let uuid_s = Uuidm.to_string uuid in
534
        let%lwt se = get_setup_election uuid_s in
Stephane Glondu's avatar
Stephane Glondu committed
535
        if se.se_owner = u
536
        then T.election_setup_questions uuid se ()
Stephane Glondu's avatar
Stephane Glondu committed
537 538
        else forbidden ()
     | None -> forbidden ()
539 540
    )

Stephane Glondu's avatar
Stephane Glondu committed
541 542 543 544
let () =
  Any.register
    ~service:election_setup_questions_post
    (handle_setup
545 546 547
       (fun se x _ uuid ->
        se.se_questions <- template_of_string x;
         return (redir_preapply election_setup_questions uuid)))
Stephane Glondu's avatar
Stephane Glondu committed
548

Stephane Glondu's avatar
Stephane Glondu committed
549 550 551 552
let () =
  Html5.register
    ~service:election_setup_voters
    (fun uuid () ->
553
      match%lwt Web_state.get_site_user () with
Stephane Glondu's avatar
Stephane Glondu committed
554 555
      | Some u ->
         let uuid_s = Uuidm.to_string uuid in
556
         let%lwt se = get_setup_election uuid_s in
Stephane Glondu's avatar
Stephane Glondu committed
557
         if se.se_owner = u
558
         then T.election_setup_voters uuid se ()
Stephane Glondu's avatar
Stephane Glondu committed
559 560 561 562 563
         else forbidden ()
      | None -> forbidden ()
    )

(* see http://www.regular-expressions.info/email.html *)
Stephane Glondu's avatar
Stephane Glondu committed
564
let identity_rex = Pcre.regexp
Stephane Glondu's avatar
Stephane Glondu committed
565
  ~flags:[`CASELESS]
566
  "^[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,7}(,[A-Z0-9._%+-]+)?$"
Stephane Glondu's avatar
Stephane Glondu committed
567

Stephane Glondu's avatar
Stephane Glondu committed
568 569
let is_identity x =
  try ignore (Pcre.pcre_exec ~rex:identity_rex x); true
Stephane Glondu's avatar
Stephane Glondu committed
570 571
  with Not_found -> false

572 573 574 575 576 577 578 579
let email_rex = Pcre.regexp
  ~flags:[`CASELESS]
  "^[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,7}$"

let is_email x =
  try ignore (Pcre.pcre_exec ~rex:email_rex x); true
  with Not_found -> false

580 581
module SSet = Set.Make (PString)

582
let merge_voters a b f =
583 584 585 586 587 588 589
  let existing = List.fold_left (fun accu sv ->
    SSet.add sv.sv_id accu
  ) SSet.empty a in
  let _, res = List.fold_left (fun (existing, accu) sv_id ->
    if SSet.mem sv_id existing then
      (existing, accu)
    else
590
      (SSet.add sv_id existing, {sv_id; sv_password = f sv_id} :: accu)
591 592 593
  ) (existing, List.rev a) b in
  List.rev res

Stephane Glondu's avatar
Stephane Glondu committed
594 595
let () =
  Any.register
596
    ~service:election_setup_voters_add
Stephane Glondu's avatar
Stephane Glondu committed
597
    (handle_setup
598
       (fun se x _ uuid ->
599
         if se.se_public_creds_received then forbidden () else (
Stephane Glondu's avatar
Stephane Glondu committed
600 601 602
         let xs = Pcre.split x in
         let () =
           try
Stephane Glondu's avatar
Stephane Glondu committed
603 604
             let bad = List.find (fun x -> not (is_identity x)) xs in
             Printf.ksprintf failwith "%S is not a valid identity" bad
Stephane Glondu's avatar
Stephane Glondu committed
605 606
           with Not_found -> ()
         in
607
         se.se_voters <- merge_voters se.se_voters xs (fun _ -> None);
608
         return (redir_preapply election_setup_voters uuid))))
609 610 611 612 613 614

let () =
  Any.register
    ~service:election_setup_voters_remove
    (handle_setup
       (fun se voter _ uuid ->
615
         if se.se_public_creds_received then forbidden () else (
616 617 618
         se.se_voters <- List.filter (fun v ->
           v.sv_id <> voter
         ) se.se_voters;
619
         return (redir_preapply election_setup_voters uuid))))
Stephane Glondu's avatar
Stephane Glondu committed
620

621 622 623 624 625 626 627
let () =
  Any.register ~service:election_setup_voters_passwd
    (handle_setup
       (fun se voter _ uuid ->
         let voter = List.filter (fun v -> v.sv_id = voter) se.se_voters in
         handle_password se uuid ~force:true voter))

Stephane Glondu's avatar
Stephane Glondu committed
628
let () =
629
  Any.register
Stephane Glondu's avatar
Stephane Glondu committed
630
    ~service:election_setup_trustee_add
631 632
    (fun uuid st_id ->
     if is_email st_id then
633
     match%lwt Web_state.get_site_user () with
634 635
     | Some u ->
        let uuid_s = Uuidm.to_string uuid in
Stephane Glondu's avatar
Stephane Glondu committed
636
        Lwt_mutex.with_lock election_setup_mutex (fun () ->
637
          let%lwt se = get_setup_election uuid_s in
Stephane Glondu's avatar
Stephane Glondu committed
638 639
          if se.se_owner = u
          then (
640
            let%lwt st_token = generate_token () in
641 642
            let trustee = {st_id; st_token; st_public_key = ""} in
            se.se_public_keys <- se.se_public_keys @ [trustee];
643
            set_setup_election uuid_s se >>
644
            Ocsipersist.add election_pktokens st_token uuid_s
Stephane Glondu's avatar
Stephane Glondu committed
645 646
          ) else forbidden ()
        ) >>
647
        Redirection.send (preapply election_setup_trustees uuid)
648
     | None -> forbidden ()
649 650
     else
       let msg = st_id ^ " is not a valid e-mail address!" in
651 652
       let service = preapply election_setup_trustees uuid in
       T.generic_page ~title:"Error" ~service msg () >>= Html5.send
653 654 655 656 657
    )

let () =
  Redirection.register
    ~service:election_setup_trustee_del
658
    (fun uuid index ->
659
     match%lwt Web_state.get_site_user () with
660 661 662
     | Some u ->
        let uuid_s = Uuidm.to_string uuid in
        Lwt_mutex.with_lock election_setup_mutex (fun () ->
663
          let%lwt se = get_setup_election uuid_s in
664 665
          if se.se_owner = u
          then (
666 667 668 669 670 671 672
            let trustees, old =
              se.se_public_keys |>
              List.mapi (fun i x -> i, x) |>
              List.partition (fun (i, _) -> i <> index) |>
              (fun (x, y) -> List.map snd x, List.map snd y)
            in
            se.se_public_keys <- trustees;
673
            set_setup_election uuid_s se >>
674 675 676
            Lwt_list.iter_s (fun {st_token; _} ->
              Ocsipersist.remove election_pktokens st_token
            ) old
677 678
          ) else forbidden ()
        ) >>
679
        return (preapply election_setup_trustees uuid)
680 681 682
     | None -> forbidden ()
    )

Stephane Glondu's avatar
Stephane Glondu committed
683 684 685 686
let () =
  Html5.register
    ~service:election_setup_credentials
    (fun token () ->
687 688
     let%lwt uuid = Ocsipersist.find election_credtokens token in
     let%lwt se = get_setup_election uuid in
Stephane Glondu's avatar
Stephane Glondu committed
689 690
     T.election_setup_credentials token uuid se ()
    )
691

Stephane Glondu's avatar
Stephane Glondu committed
692 693 694 695 696
let () =
  File.register
    ~service:election_setup_credentials_download
    ~content_type:"text/plain"
    (fun token () ->
697
     let%lwt uuid = Ocsipersist.find election_credtokens token in
Stephane Glondu's avatar
Stephane Glondu committed
698 699
     return (!spool_dir / uuid ^ ".public_creds.txt")
    )
700

Stephane Glondu's avatar
Stephane Glondu committed
701
let wrap_handler f =
702
  try%lwt f ()
Stephane Glondu's avatar
Stephane Glondu committed
703
  with
704
  | e -> T.generic_page ~title:"Error" (Printexc.to_string e) () >>= Html5.send
Stephane Glondu's avatar
Stephane Glondu committed
705 706

let handle_credentials_post token creds =
707 708
  let%lwt uuid = Ocsipersist.find election_credtokens token in
  let%lwt se = get_setup_election uuid in
709
  if se.se_public_creds_received then forbidden () else
Stephane Glondu's avatar
Stephane Glondu committed
710 711 712 713 714 715 716 717 718 719
  let module G = (val Group.of_string se.se_group : GROUP) in
  let fname = !spool_dir / uuid ^ ".public_creds.txt" in
  Lwt_mutex.with_lock
    election_setup_mutex
    (fun () ->
     Lwt_io.with_file
       ~flags:(Unix.([O_WRONLY; O_NONBLOCK; O_CREAT; O_TRUNC]))
       ~perm:0o600 ~mode:Lwt_io.Output fname
       (fun oc -> Lwt_io.write_chars oc creds)
    ) >>
720
  let%lwt () =
Stephane Glondu's avatar
Stephane Glondu committed
721 722 723 724 725 726 727 728 729 730 731
    let i = ref 1 in
    Lwt_stream.iter
      (fun x ->
       try
         let x = G.of_string x in
         if not (G.check x) then raise Exit;
         incr i
       with _ ->
         Printf.ksprintf failwith "invalid credential at line %d" !i)
      (Lwt_io.lines_of_file fname)
  in
732
  let () = se.se_metadata <- {se.se_metadata with e_cred_authority = None} in
733
  let () = se.se_public_creds_received <- true in
734
  set_setup_election uuid se >>
735
  T.generic_page ~title:"Success" ~service:home
736
    "Credentials have been received and checked!" () >>= Html5.send
Stephane Glondu's avatar
Stephane Glondu committed
737 738 739 740 741 742 743

let () =
  Any.register
    ~service:election_setup_credentials_post
    (fun token creds ->
     let s = Lwt_stream.of_string creds in
     wrap_handler (fun () -> handle_credentials_post token s))
744

Stephane Glondu's avatar
Stephane Glondu committed
745 746 747 748 749 750 751
let () =
  Any.register
    ~service:election_setup_credentials_post_file
    (fun token creds ->
     let s = Lwt_io.chars_of_file creds.Ocsigen_extensions.tmp_filename in
     wrap_handler (fun () -> handle_credentials_post token s))

752
module CG = Credential.MakeGenerate (LwtRandom)
753 754 755 756

let () =
  Any.register
    ~service:election_setup_credentials_server
757
    (handle_setup (fun se () _ uuid ->
758
      if se.se_public_creds_received then forbidden () else
759 760 761
      let () = se.se_metadata <- {se.se_metadata with
        e_cred_authority = Some "server"
      } in
762
      let uuid_s = Uuidm.to_string uuid in
763 764 765 766 767
      let title = se.se_questions.t_name in
      let url = Eliom_uri.make_string_uri
        ~absolute:true ~service:election_home
        (uuid, ()) |> rewrite_prefix
      in
768 769
      let module S = Set.Make (PString) in
      let module G = (val Group.of_string se.se_group : GROUP) in
770
      let module CD = Credential.MakeDerive (G) in
771
      let%lwt creds =
772 773
        Lwt_list.fold_left_s (fun accu v ->
          let email, login = split_identity v.sv_id in
774
          let%lwt cred = CG.generate () in
775
          let pub_cred =
776
            let x = CD.derive uuid cred in
777 778 779
            let y = G.(g **~ x) in
            G.to_string y
          in
780
          let langs = get_languages se.se_metadata.e_languages in
Stephane Glondu's avatar
Stephane Glondu committed
781 782 783 784 785 786
          let bodies = List.map (fun lang ->
            let module L = (val Web_i18n.get_lang lang) in
            Printf.sprintf L.mail_credential title login cred url
          ) langs in
          let body = PString.concat "\n\n----------\n\n" bodies in
          let body = body ^ "\n\n-- \nBelenios" in
Stephane Glondu's avatar
Stephane Glondu committed
787 788 789 790 791
          let subject =
            let lang = List.hd langs in
            let module L = (val Web_i18n.get_lang lang) in
            Printf.sprintf L.mail_credential_subject title
          in
792
          let%lwt () = send_email email subject body in
793 794 795 796 797
          return @@ S.add pub_cred accu
        ) S.empty se.se_voters
      in
      let creds = S.elements creds in
      let fname = !spool_dir / uuid_s ^ ".public_creds.txt" in
798
      let%lwt () =
799 800 801 802
          Lwt_io.with_file
            ~flags:(Unix.([O_WRONLY; O_NONBLOCK; O_CREAT; O_TRUNC]))
            ~perm:0o600 ~mode:Lwt_io.Output fname
            (fun oc ->
803
              Lwt_list.iter_s (Lwt_io.write_line oc) creds)
804
      in
805
      se.se_public_creds_received <- true;
806
      return (fun () ->
807 808
        let service = preapply election_setup uuid in
        T.generic_page ~title:"Success" ~service
809
          "Credentials have been generated and mailed!" () >>= Html5.send)))
810

Stephane Glondu's avatar
Stephane Glondu committed
811 812 813 814
let () =
  Html5.register
    ~service:election_setup_trustee
    (fun token () ->
815 816
     let%lwt uuid = Ocsipersist.find election_pktokens token in
     let%lwt se = get_setup_election uuid in
Stephane Glondu's avatar
Stephane Glondu committed
817
     T.election_setup_trustee token se ()
Stephane Glondu's avatar
Stephane Glondu committed
818 819 820 821 822 823 824 825
    )

let () =
  Any.register
    ~service:election_setup_trustee_post
    (fun token public_key ->
     wrap_handler
       (fun () ->
826
        let%lwt uuid = Ocsipersist.find election_pktokens token in
Stephane Glondu's avatar
Stephane Glondu committed
827 828 829
        Lwt_mutex.with_lock
          election_setup_mutex
          (fun () ->
830
           let%lwt se = get_setup_election uuid in
831
           let t = List.find (fun x -> token = x.st_token) se.se_public_keys in
Stephane Glondu's avatar
Stephane Glondu committed
832 833 834 835 836
           let module G = (val Group.of_string se.se_group : GROUP) in
           let pk = trustee_public_key_of_string G.read public_key in
           let module KG = Election.MakeSimpleDistKeyGen (G) (LwtRandom) in
           if not (KG.check pk) then failwith "invalid public key";
           (* we keep pk as a string because of G.t *)
837
           t.st_public_key <- public_key;
838
           set_setup_election uuid se
839
          ) >> T.generic_page ~title:"Success"
840 841
            "Your key has been received and checked!"
            () >>= Html5.send
Stephane Glondu's avatar
Stephane Glondu committed
842 843 844
       )
    )

845 846 847 848
let () =
  Any.register
    ~service:election_setup_confirm
    (fun uuid () ->
849
      match%lwt Web_state.get_site_user () with
850 851 852
      | None -> forbidden ()
      | Some u ->
         let uuid_s = Uuidm.to_string uuid in
853
         let%lwt se = get_setup_election uuid_s in
854 855 856
         if se.se_owner <> u then forbidden () else
         T.election_setup_confirm uuid se () >>= Html5.send)

Stephane Glondu's avatar
Stephane Glondu committed
857 858 859 860
let () =
  Any.register
    ~service:election_setup_create
    (fun uuid () ->
861
     match%lwt Web_state.get_site_user () with
Stephane Glondu's avatar
Stephane Glondu committed
862 863
     | None -> forbidden ()
     | Some u ->
864
        begin try%lwt
865 866
          let uuid_s = Uuidm.to_string uuid in
          Lwt_mutex.with_lock election_setup_mutex (fun () ->
867
            let%lwt se = get_setup_election uuid_s in
Stephane Glondu's avatar
Stephane Glondu committed
868
            if se.se_owner <> u then forbidden () else
869 870
            finalize_election uuid se >>
            Redirection.send (preapply election_admin (uuid, ()))
Stephane Glondu's avatar
Stephane Glondu committed
871 872
          )
        with e ->
873
          T.new_election_failure (`Exception e) () >>= Html5.