2015-10-11 16:50:48 +00:00
|
|
|
<?php
|
2016-07-21 15:09:48 +00:00
|
|
|
|
2020-10-10 10:08:58 +00:00
|
|
|
use PHPUnit\Framework\TestCase;
|
2018-07-29 14:15:52 +00:00
|
|
|
use PrivateBin\Controller;
|
2016-08-09 09:54:42 +00:00
|
|
|
use PrivateBin\Data\Filesystem;
|
2016-10-29 08:24:08 +00:00
|
|
|
use PrivateBin\Persistence\ServerSalt;
|
2016-08-09 09:54:42 +00:00
|
|
|
use PrivateBin\Request;
|
2016-07-21 15:09:48 +00:00
|
|
|
|
2020-10-10 10:08:58 +00:00
|
|
|
class JsonApiTest extends TestCase
|
2015-10-11 16:50:48 +00:00
|
|
|
{
|
|
|
|
protected $_model;
|
|
|
|
|
2016-08-09 09:54:42 +00:00
|
|
|
protected $_path;
|
|
|
|
|
2020-10-10 10:22:20 +00:00
|
|
|
public function setUp(): void
|
2015-10-11 16:50:48 +00:00
|
|
|
{
|
|
|
|
/* Setup Routine */
|
2016-10-29 08:24:08 +00:00
|
|
|
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
|
2022-10-23 11:09:54 +00:00
|
|
|
if (!is_dir($this->_path)) {
|
|
|
|
mkdir($this->_path);
|
|
|
|
}
|
2022-10-27 23:01:02 +00:00
|
|
|
$this->_model = new Filesystem(array('dir' => $this->_path));
|
2021-06-08 20:01:29 +00:00
|
|
|
ServerSalt::setStore($this->_model);
|
2015-10-11 16:50:48 +00:00
|
|
|
|
2016-10-29 08:24:08 +00:00
|
|
|
$_POST = array();
|
|
|
|
$_GET = array();
|
2015-10-11 16:50:48 +00:00
|
|
|
$_SERVER = array();
|
2016-08-09 09:54:42 +00:00
|
|
|
if ($this->_model->exists(Helper::getPasteId())) {
|
|
|
|
$this->_model->delete(Helper::getPasteId());
|
2016-07-26 06:19:35 +00:00
|
|
|
}
|
2017-10-08 09:03:17 +00:00
|
|
|
$options = parse_ini_file(CONF_SAMPLE, true);
|
2016-08-09 09:54:42 +00:00
|
|
|
$options['model_options']['dir'] = $this->_path;
|
|
|
|
Helper::confBackup();
|
|
|
|
Helper::createIniFile(CONF, $options);
|
2015-10-11 16:50:48 +00:00
|
|
|
}
|
|
|
|
|
2020-10-10 10:22:20 +00:00
|
|
|
public function tearDown(): void
|
2017-10-08 09:03:17 +00:00
|
|
|
{
|
|
|
|
/* Tear Down Routine */
|
|
|
|
unlink(CONF);
|
|
|
|
Helper::confRestore();
|
|
|
|
Helper::rmDir($this->_path);
|
|
|
|
}
|
|
|
|
|
2015-10-11 16:50:48 +00:00
|
|
|
/**
|
|
|
|
* @runInSeparateProcess
|
|
|
|
*/
|
|
|
|
public function testCreate()
|
|
|
|
{
|
2016-10-29 08:24:08 +00:00
|
|
|
$options = parse_ini_file(CONF, true);
|
2015-10-11 16:50:48 +00:00
|
|
|
$options['traffic']['limit'] = 0;
|
2016-08-09 09:54:42 +00:00
|
|
|
Helper::createIniFile(CONF, $options);
|
2019-05-13 20:31:52 +00:00
|
|
|
$paste = Helper::getPasteJson();
|
|
|
|
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
|
|
|
file_put_contents($file, $paste);
|
|
|
|
Request::setInputStream($file);
|
2015-10-11 16:50:48 +00:00
|
|
|
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
2016-10-29 08:24:08 +00:00
|
|
|
$_SERVER['REQUEST_METHOD'] = 'POST';
|
|
|
|
$_SERVER['REMOTE_ADDR'] = '::1';
|
2019-05-11 20:18:35 +00:00
|
|
|
$_SERVER['REQUEST_URI'] = '/';
|
2015-10-11 16:50:48 +00:00
|
|
|
ob_start();
|
2018-07-29 13:17:35 +00:00
|
|
|
new Controller;
|
2015-10-11 16:50:48 +00:00
|
|
|
$content = ob_get_contents();
|
2016-08-02 08:29:25 +00:00
|
|
|
ob_end_clean();
|
2015-10-11 16:50:48 +00:00
|
|
|
$response = json_decode($content, true);
|
|
|
|
$this->assertEquals(0, $response['status'], 'outputs status');
|
2016-07-06 09:37:13 +00:00
|
|
|
$this->assertStringEndsWith('?' . $response['id'], $response['url'], 'returned URL points to new paste');
|
|
|
|
$this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data');
|
|
|
|
$paste = $this->_model->read($response['id']);
|
2015-10-11 16:50:48 +00:00
|
|
|
$this->assertEquals(
|
2019-05-08 20:11:21 +00:00
|
|
|
hash_hmac('sha256', $response['id'], $paste['meta']['salt']),
|
2015-10-11 16:50:48 +00:00
|
|
|
$response['deletetoken'],
|
|
|
|
'outputs valid delete token'
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @runInSeparateProcess
|
|
|
|
*/
|
|
|
|
public function testPut()
|
|
|
|
{
|
2016-10-29 08:24:08 +00:00
|
|
|
$options = parse_ini_file(CONF, true);
|
2015-10-11 16:50:48 +00:00
|
|
|
$options['traffic']['limit'] = 0;
|
2016-08-09 09:54:42 +00:00
|
|
|
Helper::createIniFile(CONF, $options);
|
2019-05-13 20:31:52 +00:00
|
|
|
$paste = Helper::getPasteJson();
|
2019-05-10 19:45:34 +00:00
|
|
|
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
2019-05-13 20:31:52 +00:00
|
|
|
file_put_contents($file, $paste);
|
2016-08-09 09:54:42 +00:00
|
|
|
Request::setInputStream($file);
|
2016-10-29 08:24:08 +00:00
|
|
|
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
2019-01-21 22:49:33 +00:00
|
|
|
$_GET[Helper::getPasteId()] = '';
|
2015-10-11 16:50:48 +00:00
|
|
|
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
2016-10-29 08:24:08 +00:00
|
|
|
$_SERVER['REQUEST_METHOD'] = 'PUT';
|
|
|
|
$_SERVER['REMOTE_ADDR'] = '::1';
|
2015-10-11 16:50:48 +00:00
|
|
|
ob_start();
|
2018-07-29 13:17:35 +00:00
|
|
|
new Controller;
|
2015-10-11 16:50:48 +00:00
|
|
|
$content = ob_get_contents();
|
2016-08-02 08:29:25 +00:00
|
|
|
ob_end_clean();
|
2017-03-24 22:42:11 +00:00
|
|
|
unlink($file);
|
2015-10-11 16:50:48 +00:00
|
|
|
$response = json_decode($content, true);
|
|
|
|
$this->assertEquals(0, $response['status'], 'outputs status');
|
2016-08-09 09:54:42 +00:00
|
|
|
$this->assertEquals(Helper::getPasteId(), $response['id'], 'outputted paste ID matches input');
|
2016-07-06 09:37:13 +00:00
|
|
|
$this->assertStringEndsWith('?' . $response['id'], $response['url'], 'returned URL points to new paste');
|
|
|
|
$this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data');
|
|
|
|
$paste = $this->_model->read($response['id']);
|
2015-10-11 16:50:48 +00:00
|
|
|
$this->assertEquals(
|
2019-05-08 20:11:21 +00:00
|
|
|
hash_hmac('sha256', $response['id'], $paste['meta']['salt']),
|
2015-10-11 16:50:48 +00:00
|
|
|
$response['deletetoken'],
|
|
|
|
'outputs valid delete token'
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2015-10-11 19:22:00 +00:00
|
|
|
/**
|
|
|
|
* @runInSeparateProcess
|
|
|
|
*/
|
|
|
|
public function testDelete()
|
|
|
|
{
|
2016-08-09 09:54:42 +00:00
|
|
|
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
|
|
|
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
|
|
|
$paste = $this->_model->read(Helper::getPasteId());
|
2016-10-29 08:24:08 +00:00
|
|
|
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
2019-05-13 20:31:52 +00:00
|
|
|
file_put_contents($file, json_encode(array(
|
2019-05-08 20:11:21 +00:00
|
|
|
'deletetoken' => hash_hmac('sha256', Helper::getPasteId(), $paste['meta']['salt']),
|
2015-10-11 19:22:00 +00:00
|
|
|
)));
|
2016-08-09 09:54:42 +00:00
|
|
|
Request::setInputStream($file);
|
2016-10-29 08:24:08 +00:00
|
|
|
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
2019-01-21 22:49:33 +00:00
|
|
|
$_GET[Helper::getPasteId()] = '';
|
2015-10-11 19:22:00 +00:00
|
|
|
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
2016-10-29 08:24:08 +00:00
|
|
|
$_SERVER['REQUEST_METHOD'] = 'DELETE';
|
2015-10-11 19:22:00 +00:00
|
|
|
ob_start();
|
2018-07-29 13:17:35 +00:00
|
|
|
new Controller;
|
2015-10-11 19:22:00 +00:00
|
|
|
$content = ob_get_contents();
|
2016-08-02 08:29:25 +00:00
|
|
|
ob_end_clean();
|
2017-03-24 22:42:11 +00:00
|
|
|
unlink($file);
|
2015-10-11 19:22:00 +00:00
|
|
|
$response = json_decode($content, true);
|
|
|
|
$this->assertEquals(0, $response['status'], 'outputs status');
|
2016-08-09 09:54:42 +00:00
|
|
|
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted');
|
2015-10-11 19:22:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @runInSeparateProcess
|
|
|
|
*/
|
|
|
|
public function testDeleteWithPost()
|
|
|
|
{
|
2016-08-09 09:54:42 +00:00
|
|
|
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
|
|
|
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
|
|
|
$paste = $this->_model->read(Helper::getPasteId());
|
2019-05-13 20:31:52 +00:00
|
|
|
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
|
|
|
file_put_contents($file, json_encode(array(
|
2017-02-22 20:42:14 +00:00
|
|
|
'pasteid' => Helper::getPasteId(),
|
2019-05-08 20:11:21 +00:00
|
|
|
'deletetoken' => hash_hmac('sha256', Helper::getPasteId(), $paste['meta']['salt']),
|
2019-05-13 20:31:52 +00:00
|
|
|
)));
|
|
|
|
Request::setInputStream($file);
|
2015-10-11 19:22:00 +00:00
|
|
|
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
2016-10-29 08:24:08 +00:00
|
|
|
$_SERVER['REQUEST_METHOD'] = 'POST';
|
2015-10-11 19:22:00 +00:00
|
|
|
ob_start();
|
2018-07-29 13:17:35 +00:00
|
|
|
new Controller;
|
2015-10-11 19:22:00 +00:00
|
|
|
$content = ob_get_contents();
|
2016-08-02 08:29:25 +00:00
|
|
|
ob_end_clean();
|
2015-10-11 19:22:00 +00:00
|
|
|
$response = json_decode($content, true);
|
|
|
|
$this->assertEquals(0, $response['status'], 'outputs status');
|
2016-08-09 09:54:42 +00:00
|
|
|
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted');
|
2015-10-11 19:22:00 +00:00
|
|
|
}
|
|
|
|
|
2015-10-15 20:04:57 +00:00
|
|
|
/**
|
|
|
|
* @runInSeparateProcess
|
|
|
|
*/
|
|
|
|
public function testRead()
|
|
|
|
{
|
2019-05-08 20:11:21 +00:00
|
|
|
$paste = Helper::getPaste();
|
2016-08-09 09:54:42 +00:00
|
|
|
$this->_model->create(Helper::getPasteId(), $paste);
|
2016-10-29 08:24:08 +00:00
|
|
|
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
2019-01-21 22:49:33 +00:00
|
|
|
$_GET[Helper::getPasteId()] = '';
|
2015-10-15 20:04:57 +00:00
|
|
|
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
|
|
|
ob_start();
|
2018-07-29 13:17:35 +00:00
|
|
|
new Controller;
|
2015-10-15 20:04:57 +00:00
|
|
|
$content = ob_get_contents();
|
2016-08-02 08:29:25 +00:00
|
|
|
ob_end_clean();
|
2015-10-15 20:04:57 +00:00
|
|
|
$response = json_decode($content, true);
|
|
|
|
$this->assertEquals(0, $response['status'], 'outputs success status');
|
2016-08-09 09:54:42 +00:00
|
|
|
$this->assertEquals(Helper::getPasteId(), $response['id'], 'outputs data correctly');
|
2015-10-18 09:08:28 +00:00
|
|
|
$this->assertStringEndsWith('?' . $response['id'], $response['url'], 'returned URL points to new paste');
|
2019-05-08 20:11:21 +00:00
|
|
|
$this->assertEquals($paste['ct'], $response['ct'], 'outputs data correctly');
|
|
|
|
$this->assertEquals($paste['meta']['created'], $response['meta']['created'], 'outputs postdate correctly');
|
2015-10-18 09:08:28 +00:00
|
|
|
$this->assertEquals(0, $response['comment_count'], 'outputs comment_count correctly');
|
|
|
|
$this->assertEquals(0, $response['comment_offset'], 'outputs comment_offset correctly');
|
2015-10-15 20:04:57 +00:00
|
|
|
}
|
|
|
|
|
2015-10-18 12:37:58 +00:00
|
|
|
/**
|
|
|
|
* @runInSeparateProcess
|
|
|
|
*/
|
|
|
|
public function testJsonLdPaste()
|
|
|
|
{
|
|
|
|
$_GET['jsonld'] = 'paste';
|
|
|
|
ob_start();
|
2018-07-29 13:17:35 +00:00
|
|
|
new Controller;
|
2015-10-18 12:37:58 +00:00
|
|
|
$content = ob_get_contents();
|
2016-08-02 08:29:25 +00:00
|
|
|
ob_end_clean();
|
2015-10-18 12:46:07 +00:00
|
|
|
$this->assertEquals(str_replace(
|
|
|
|
'?jsonld=',
|
|
|
|
'/?jsonld=',
|
|
|
|
file_get_contents(PUBLIC_PATH . '/js/paste.jsonld')
|
|
|
|
), $content, 'outputs data correctly');
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @runInSeparateProcess
|
|
|
|
*/
|
|
|
|
public function testJsonLdComment()
|
|
|
|
{
|
|
|
|
$_GET['jsonld'] = 'comment';
|
|
|
|
ob_start();
|
2018-07-29 13:17:35 +00:00
|
|
|
new Controller;
|
2015-10-18 12:46:07 +00:00
|
|
|
$content = ob_get_contents();
|
2016-08-02 08:29:25 +00:00
|
|
|
ob_end_clean();
|
2015-10-18 12:46:07 +00:00
|
|
|
$this->assertEquals(str_replace(
|
|
|
|
'?jsonld=',
|
|
|
|
'/?jsonld=',
|
|
|
|
file_get_contents(PUBLIC_PATH . '/js/comment.jsonld')
|
|
|
|
), $content, 'outputs data correctly');
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @runInSeparateProcess
|
|
|
|
*/
|
|
|
|
public function testJsonLdPasteMeta()
|
|
|
|
{
|
|
|
|
$_GET['jsonld'] = 'pastemeta';
|
|
|
|
ob_start();
|
2018-07-29 13:17:35 +00:00
|
|
|
new Controller;
|
2015-10-18 12:46:07 +00:00
|
|
|
$content = ob_get_contents();
|
2016-08-02 08:29:25 +00:00
|
|
|
ob_end_clean();
|
2015-10-18 12:46:07 +00:00
|
|
|
$this->assertEquals(str_replace(
|
|
|
|
'?jsonld=',
|
|
|
|
'/?jsonld=',
|
|
|
|
file_get_contents(PUBLIC_PATH . '/js/pastemeta.jsonld')
|
|
|
|
), $content, 'outputs data correctly');
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @runInSeparateProcess
|
|
|
|
*/
|
|
|
|
public function testJsonLdCommentMeta()
|
|
|
|
{
|
|
|
|
$_GET['jsonld'] = 'commentmeta';
|
|
|
|
ob_start();
|
2018-07-29 13:17:35 +00:00
|
|
|
new Controller;
|
2015-10-18 12:46:07 +00:00
|
|
|
$content = ob_get_contents();
|
2016-08-02 08:29:25 +00:00
|
|
|
ob_end_clean();
|
2015-10-18 12:46:07 +00:00
|
|
|
$this->assertEquals(str_replace(
|
|
|
|
'?jsonld=',
|
|
|
|
'/?jsonld=',
|
|
|
|
file_get_contents(PUBLIC_PATH . '/js/commentmeta.jsonld')
|
|
|
|
), $content, 'outputs data correctly');
|
2015-10-18 12:37:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @runInSeparateProcess
|
|
|
|
*/
|
|
|
|
public function testJsonLdInvalid()
|
|
|
|
{
|
2017-09-29 16:59:02 +00:00
|
|
|
$_GET['jsonld'] = CONF;
|
2015-10-18 12:37:58 +00:00
|
|
|
ob_start();
|
2018-07-29 13:17:35 +00:00
|
|
|
new Controller;
|
2015-10-18 12:37:58 +00:00
|
|
|
$content = ob_get_contents();
|
2016-08-02 08:29:25 +00:00
|
|
|
ob_end_clean();
|
2015-10-18 12:37:58 +00:00
|
|
|
$this->assertEquals('{}', $content, 'does not output nasty data');
|
|
|
|
}
|
2022-10-23 11:09:54 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @runInSeparateProcess
|
|
|
|
*/
|
|
|
|
public function testShortenViaYourls()
|
|
|
|
{
|
|
|
|
$mock_yourls_service = $this->_path . DIRECTORY_SEPARATOR . 'yourls.json';
|
|
|
|
$options = parse_ini_file(CONF, true);
|
2022-11-03 06:47:50 +00:00
|
|
|
$options['main']['basepath'] = 'https://example.com/path'; // missing slash gets added by Configuration constructor
|
2022-10-23 11:09:54 +00:00
|
|
|
$options['main']['urlshortener'] = 'https://example.com/path/shortenviayourls?link=';
|
|
|
|
$options['yourls']['apiurl'] = $mock_yourls_service;
|
|
|
|
Helper::createIniFile(CONF, $options);
|
|
|
|
|
|
|
|
// the real service answer is more complex, but we only look for the shorturl & statusCode
|
|
|
|
file_put_contents($mock_yourls_service, '{"shorturl":"https:\/\/example.com\/1","statusCode":200}');
|
|
|
|
|
|
|
|
$_SERVER['REQUEST_URI'] = '/path/shortenviayourls?link=https%3A%2F%2Fexample.com%2Fpath%2F%3Ffoo%23bar';
|
2022-10-23 11:14:27 +00:00
|
|
|
$_GET['link'] = 'https://example.com/path/?foo#bar';
|
2022-10-23 11:09:54 +00:00
|
|
|
ob_start();
|
|
|
|
new Controller;
|
|
|
|
$content = ob_get_contents();
|
|
|
|
ob_end_clean();
|
2022-10-25 04:55:24 +00:00
|
|
|
$this->assertStringContainsString('id="pasteurl" href="https://example.com/1"', $content, 'outputs shortened URL correctly');
|
2022-10-23 11:09:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @runInSeparateProcess
|
|
|
|
*/
|
|
|
|
public function testShortenViaYourlsFailure()
|
|
|
|
{
|
|
|
|
$_SERVER['REQUEST_URI'] = '/path/shortenviayourls?link=https%3A%2F%2Fexample.com%2Fpath%2F%3Ffoo%23bar';
|
2022-10-23 11:13:12 +00:00
|
|
|
$_GET['link'] = 'https://example.com/path/?foo#bar';
|
2022-10-23 11:09:54 +00:00
|
|
|
ob_start();
|
|
|
|
new Controller;
|
|
|
|
$content = ob_get_contents();
|
|
|
|
ob_end_clean();
|
2022-10-25 04:55:24 +00:00
|
|
|
$this->assertStringContainsString('Error calling YOURLS.', $content, 'outputs error correctly');
|
2022-10-23 11:09:54 +00:00
|
|
|
}
|
2016-07-06 09:37:13 +00:00
|
|
|
}
|