fix display of v2 pastes in JS, fixing parsing of comments in PHP, avoid exposing expiration date (we provide time_to_live, would allow calculation of creation date of paste)
This commit is contained in:
El RIDO
parent
cc1c55129f
commit
09162a3c57
10 changed files with 136 additions and 92 deletions
|
|
@ -1621,11 +1621,11 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||
*
|
||||
* @name PasteStatus.showRemainingTime
|
||||
* @function
|
||||
* @param {object} pasteMetaData
|
||||
* @param {object} paste
|
||||
*/
|
||||
me.showRemainingTime = function(pasteMetaData)
|
||||
me.showRemainingTime = function(paste)
|
||||
{
|
||||
if (pasteMetaData.burnafterreading) {
|
||||
if ((paste.adata && paste.adata[3]) || paste.meta.burnafterreading) {
|
||||
// display paste "for your eyes only" if it is deleted
|
||||
|
||||
// the paste has been deleted when the JSON with the ciphertext
|
||||
|
|
@ -1637,9 +1637,9 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||
// discourage cloning (it cannot really be prevented)
|
||||
TopNav.hideCloneButton();
|
||||
|
||||
} else if (pasteMetaData.expire_date) {
|
||||
} else if (paste.meta.time_to_live || paste.meta.remaining_time) {
|
||||
// display paste expiration
|
||||
let expiration = Helper.secondsToHuman(pasteMetaData.time_to_live || pasteMetaData.remaining_time),
|
||||
let expiration = Helper.secondsToHuman(paste.meta.time_to_live || paste.meta.remaining_time),
|
||||
expirationLabel = [
|
||||
'This document will expire in %d ' + expiration[1] + '.',
|
||||
'This document will expire in %d ' + expiration[1] + 's.'
|
||||
|
|
@ -2885,14 +2885,14 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||
|
||||
// set date
|
||||
$commentEntry.find('span.commentdate')
|
||||
.text(' (' + (new Date(comment.meta.postdate * 1000).toLocaleString()) + ')')
|
||||
.text(' (' + (new Date((comment.meta.created || comment.meta.postdate) * 1000).toLocaleString()) + ')')
|
||||
.attr('title', 'CommentID: ' + comment.id);
|
||||
|
||||
// if an avatar is available, display it
|
||||
if (comment.meta.vizhash) {
|
||||
if (comment.meta.icon || comment.meta.vizhash) {
|
||||
$commentEntry.find('span.nickname')
|
||||
.before(
|
||||
'<img src="' + comment.meta.vizhash + '" class="vizhash" /> '
|
||||
'<img src="' + (comment.meta.icon || comment.meta.vizhash) + '" class="vizhash" /> '
|
||||
);
|
||||
$(document).on('languageLoaded', function () {
|
||||
$commentEntry.find('img.vizhash')
|
||||
|
|
@ -4038,6 +4038,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||
}
|
||||
|
||||
await ServerInteraction.setCipherMessage(cipherMessage).catch(Alert.showError);
|
||||
ServerInteraction.run();
|
||||
};
|
||||
|
||||
/**
|
||||
|
|
@ -4246,7 +4247,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||
if (paste.comments[i].hasOwnProperty('v') && paste.comments[i].v === 2) {
|
||||
// version 2 comment
|
||||
commentDecryptionPromises.push(
|
||||
CryptTool.decipher(key, password, paste.comments[i].ct)
|
||||
CryptTool.decipher(key, password, [paste.comments[i].ct, paste.comments[i].adata])
|
||||
.then((commentJson) => {
|
||||
const commentMessage = JSON.parse(commentJson);
|
||||
return [
|
||||
|
|
@ -4335,12 +4336,12 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||
decryptionPromises.push(decryptPaste(paste, key, password))
|
||||
|
||||
// if the discussion is opened on this paste, display it
|
||||
if (paste.meta.opendiscussion) {
|
||||
if ((paste.adata && paste.adata[2]) || paste.meta.opendiscussion) {
|
||||
decryptionPromises.push(decryptComments(paste, key, password));
|
||||
}
|
||||
|
||||
// shows the remaining time (until) deletion
|
||||
PasteStatus.showRemainingTime(paste.meta);
|
||||
PasteStatus.showRemainingTime(paste);
|
||||
|
||||
Promise.all(decryptionPromises)
|
||||
.then(() => {
|
||||
|
|
|
|||
|
|
@ -44,7 +44,45 @@ describe('PasteStatus', function () {
|
|||
});
|
||||
|
||||
jsc.property(
|
||||
'shows burn after reading message or remaining time',
|
||||
'shows burn after reading message or remaining time v1',
|
||||
'bool',
|
||||
'nat',
|
||||
jsc.nearray(common.jscA2zString()),
|
||||
jsc.nearray(common.jscA2zString()),
|
||||
jsc.nearray(common.jscQueryString()),
|
||||
'string',
|
||||
function (
|
||||
burnafterreading, remainingTime,
|
||||
schema, address, query, fragment
|
||||
) {
|
||||
var clean = jsdom('', {
|
||||
url: schema.join('') + '://' + address.join('') +
|
||||
'/?' + query.join('') + '#' + fragment
|
||||
}),
|
||||
result;
|
||||
$('body').html('<div id="remainingtime" class="hidden"></div>');
|
||||
$.PrivateBin.PasteStatus.init();
|
||||
$.PrivateBin.PasteStatus.showRemainingTime({'meta': {
|
||||
'burnafterreading': burnafterreading,
|
||||
'remaining_time': remainingTime
|
||||
}});
|
||||
if (burnafterreading) {
|
||||
result = $('#remainingtime').hasClass('foryoureyesonly') &&
|
||||
!$('#remainingtime').hasClass('hidden');
|
||||
} else if (remainingTime) {
|
||||
result =!$('#remainingtime').hasClass('foryoureyesonly') &&
|
||||
!$('#remainingtime').hasClass('hidden');
|
||||
} else {
|
||||
result = $('#remainingtime').hasClass('hidden') &&
|
||||
!$('#remainingtime').hasClass('foryoureyesonly');
|
||||
}
|
||||
clean();
|
||||
return result;
|
||||
}
|
||||
);
|
||||
|
||||
jsc.property(
|
||||
'shows burn after reading message or remaining time v2',
|
||||
'bool',
|
||||
'nat',
|
||||
jsc.nearray(common.jscA2zString()),
|
||||
|
|
@ -63,9 +101,10 @@ describe('PasteStatus', function () {
|
|||
$('body').html('<div id="remainingtime" class="hidden"></div>');
|
||||
$.PrivateBin.PasteStatus.init();
|
||||
$.PrivateBin.PasteStatus.showRemainingTime({
|
||||
'burnafterreading': burnafterreading,
|
||||
'remaining_time': remainingTime,
|
||||
'expire_date': remainingTime ? ((new Date()).getTime() / 1000) + remainingTime : 0
|
||||
'adata': [null, null, null, burnafterreading],
|
||||
'meta': {
|
||||
'time_to_live': remainingTime
|
||||
}
|
||||
});
|
||||
if (burnafterreading) {
|
||||
result = $('#remainingtime').hasClass('foryoureyesonly') &&
|
||||
|
|
|
|||
|
|
@ -213,7 +213,7 @@ class Controller
|
|||
array_key_exists('parentid', $data) &&
|
||||
!empty($data['parentid']);
|
||||
if (!FormatV2::isValid($data, $isComment)) {
|
||||
return $this->_return_message(1, 'Invalid data.');
|
||||
return $this->_return_message(1, I18n::_('Invalid data.'));
|
||||
}
|
||||
$sizelimit = $this->_conf->getKey('sizelimit');
|
||||
// Ensure content is not too big.
|
||||
|
|
@ -240,7 +240,7 @@ class Controller
|
|||
}
|
||||
$this->_return_message(0, $comment->getId());
|
||||
} else {
|
||||
$this->_return_message(1, 'Invalid data.');
|
||||
$this->_return_message(1, I18n::_('Invalid data.'));
|
||||
}
|
||||
}
|
||||
// The user posts a standard paste.
|
||||
|
|
|
|||
|
|
@ -52,13 +52,15 @@ class FormatV2
|
|||
}
|
||||
}
|
||||
|
||||
$cipherParams = $isComment ? $message['adata'] : $message['adata'][0];
|
||||
|
||||
// Make sure some fields are base64 data:
|
||||
// - initialization vector
|
||||
if (!base64_decode($message['adata'][0][0], true)) {
|
||||
if (!base64_decode($cipherParams[0], true)) {
|
||||
return false;
|
||||
}
|
||||
// - salt
|
||||
if (!base64_decode($message['adata'][0][1], true)) {
|
||||
if (!base64_decode($cipherParams[1], true)) {
|
||||
return false;
|
||||
}
|
||||
// - cipher text
|
||||
|
|
@ -68,11 +70,11 @@ class FormatV2
|
|||
|
||||
// Make sure some fields have a reasonable size:
|
||||
// - initialization vector
|
||||
if (strlen($message['adata'][0][0]) > 24) {
|
||||
if (strlen($cipherParams[0]) > 24) {
|
||||
return false;
|
||||
}
|
||||
// - salt
|
||||
if (strlen($message['adata'][0][1]) > 14) {
|
||||
if (strlen($cipherParams[1]) > 14) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
@ -82,27 +84,27 @@ class FormatV2
|
|||
return false;
|
||||
}
|
||||
// - iterations, refuse less then 10000 iterations (minimum NIST recommendation)
|
||||
if (!is_int($message['adata'][0][2]) || $message['adata'][0][2] <= 10000) {
|
||||
if (!is_int($cipherParams[2]) || $cipherParams[2] <= 10000) {
|
||||
return false;
|
||||
}
|
||||
// - key size
|
||||
if (!in_array($message['adata'][0][3], array(128, 192, 256), true)) {
|
||||
if (!in_array($cipherParams[3], array(128, 192, 256), true)) {
|
||||
return false;
|
||||
}
|
||||
// - tag size
|
||||
if (!in_array($message['adata'][0][4], array(64, 96, 128), true)) {
|
||||
if (!in_array($cipherParams[4], array(64, 96, 128), true)) {
|
||||
return false;
|
||||
}
|
||||
// - algorithm, must be AES
|
||||
if ($message['adata'][0][5] !== 'aes') {
|
||||
if ($cipherParams[5] !== 'aes') {
|
||||
return false;
|
||||
}
|
||||
// - mode
|
||||
if (!in_array($message['adata'][0][6], array('ctr', 'cbc', 'gcm'), true)) {
|
||||
if (!in_array($cipherParams[6], array('ctr', 'cbc', 'gcm'), true)) {
|
||||
return false;
|
||||
}
|
||||
// - compression
|
||||
if (!in_array($message['adata'][0][7], array('zlib', 'none'), true)) {
|
||||
if (!in_array($cipherParams[7], array('zlib', 'none'), true)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -45,6 +45,7 @@ class Paste extends AbstractModel
|
|||
}
|
||||
// We kindly provide the remaining time before expiration (in seconds)
|
||||
$data['meta']['time_to_live'] = $data['meta']['expire_date'] - time();
|
||||
unset($data['meta']['expire_date']);
|
||||
}
|
||||
|
||||
// check if non-expired burn after reading paste needs to be deleted
|
||||
|
|
|
|||
|
|
@ -71,7 +71,7 @@ if ($MARKDOWN):
|
|||
endif;
|
||||
?>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.7.js" integrity="sha512-VnKJHLosO8z2ojNvWk9BEKYqnhZyWK9rM90FgZUUEp/PRnUqR5OLLKE0a3BkVmn7YgB7LXRrjHgFHQYKd6DAIA==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-YCn+cUn5IWzAnD+URrUMfDVZ9SjPtPw//qVIYf7ZIMxmh+oODCN/NbZq30K/8ldA1Al0udP5RQg4PyE6j6wdBQ==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-h1C1N6TZ+iqfDWbftNalmtkkjmOfeFM7UB5ozNkH7zvaE4LkyCxhpvMGLObFycpCdA0W7VF8nVoLhRkRTmrQmg==" crossorigin="anonymous"></script>
|
||||
<!--[if lt IE 10]>
|
||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||
<![endif]-->
|
||||
|
|
|
|||
|
|
@ -49,7 +49,7 @@ if ($MARKDOWN):
|
|||
endif;
|
||||
?>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.7.js" integrity="sha512-VnKJHLosO8z2ojNvWk9BEKYqnhZyWK9rM90FgZUUEp/PRnUqR5OLLKE0a3BkVmn7YgB7LXRrjHgFHQYKd6DAIA==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-YCn+cUn5IWzAnD+URrUMfDVZ9SjPtPw//qVIYf7ZIMxmh+oODCN/NbZq30K/8ldA1Al0udP5RQg4PyE6j6wdBQ==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-h1C1N6TZ+iqfDWbftNalmtkkjmOfeFM7UB5ozNkH7zvaE4LkyCxhpvMGLObFycpCdA0W7VF8nVoLhRkRTmrQmg==" crossorigin="anonymous"></script>
|
||||
<!--[if lt IE 10]>
|
||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||
<![endif]-->
|
||||
|
|
|
|||
|
|
@ -192,6 +192,7 @@ class Helper
|
|||
{
|
||||
$example = $version === 1 ? self::$commentV1 : self::$pasteV2;
|
||||
if ($version === 2) {
|
||||
$example['adata'] = $example['adata'][0];
|
||||
$example['pasteid'] = $example['parentid'] = self::getPasteId();
|
||||
$example['meta']['created'] = self::$commentV1['meta']['postdate'];
|
||||
$example['meta']['icon'] = self::$commentV1['meta']['vizhash'];
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ use PrivateBin\Request;
|
|||
|
||||
class ControllerTest extends PHPUnit_Framework_TestCase
|
||||
{
|
||||
protected $_model;
|
||||
protected $_data;
|
||||
|
||||
protected $_path;
|
||||
|
||||
|
|
@ -16,7 +16,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
{
|
||||
/* Setup Routine */
|
||||
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
|
||||
$this->_model = Filesystem::getInstance(array('dir' => $this->_path));
|
||||
$this->_data = Filesystem::getInstance(array('dir' => $this->_path));
|
||||
$this->reset();
|
||||
}
|
||||
|
||||
|
|
@ -33,8 +33,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$_POST = array();
|
||||
$_GET = array();
|
||||
$_SERVER = array();
|
||||
if ($this->_model->exists(Helper::getPasteId())) {
|
||||
$this->_model->delete(Helper::getPasteId());
|
||||
if ($this->_data->exists(Helper::getPasteId())) {
|
||||
$this->_data->delete(Helper::getPasteId());
|
||||
}
|
||||
$options = parse_ini_file(CONF_SAMPLE, true);
|
||||
$options['purge']['dir'] = $this->_path;
|
||||
|
|
@ -180,8 +180,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(0, $response['status'], 'outputs status');
|
||||
$this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data');
|
||||
$paste = $this->_model->read($response['id']);
|
||||
$this->assertTrue($this->_data->exists($response['id']), 'paste exists after posting data');
|
||||
$paste = $this->_data->read($response['id']);
|
||||
$this->assertEquals(
|
||||
hash_hmac('sha256', $response['id'], $paste['meta']['salt']),
|
||||
$response['deletetoken'],
|
||||
|
|
@ -211,8 +211,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(0, $response['status'], 'outputs status');
|
||||
$this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data');
|
||||
$paste = $this->_model->read($response['id']);
|
||||
$this->assertTrue($this->_data->exists($response['id']), 'paste exists after posting data');
|
||||
$paste = $this->_data->read($response['id']);
|
||||
$this->assertEquals(
|
||||
hash_hmac('sha256', $response['id'], $paste['meta']['salt']),
|
||||
$response['deletetoken'],
|
||||
|
|
@ -242,7 +242,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(1, $response['status'], 'outputs error status');
|
||||
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data');
|
||||
$this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste exists after posting data');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -267,8 +267,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(0, $response['status'], 'outputs status');
|
||||
$this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data');
|
||||
$paste = $this->_model->read($response['id']);
|
||||
$this->assertTrue($this->_data->exists($response['id']), 'paste exists after posting data');
|
||||
$paste = $this->_data->read($response['id']);
|
||||
$this->assertEquals(
|
||||
hash_hmac('sha256', $response['id'], $paste['meta']['salt']),
|
||||
$response['deletetoken'],
|
||||
|
|
@ -284,7 +284,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->_data->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$paste = Helper::getPasteJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $paste);
|
||||
|
|
@ -298,7 +298,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(1, $response['status'], 'outputs error status');
|
||||
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data');
|
||||
$this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists after posting data');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -323,8 +323,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(0, $response['status'], 'outputs status');
|
||||
$this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data');
|
||||
$paste = $this->_model->read($response['id']);
|
||||
$this->assertTrue($this->_data->exists($response['id']), 'paste exists after posting data');
|
||||
$paste = $this->_data->read($response['id']);
|
||||
$this->assertEquals(
|
||||
hash_hmac('sha256', $response['id'], $paste['meta']['salt']),
|
||||
$response['deletetoken'],
|
||||
|
|
@ -355,8 +355,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(0, $response['status'], 'outputs status');
|
||||
$this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data');
|
||||
$paste = $this->_model->read($response['id']);
|
||||
$this->assertTrue($this->_data->exists($response['id']), 'paste exists after posting data');
|
||||
$paste = $this->_data->read($response['id']);
|
||||
$this->assertEquals(
|
||||
hash_hmac('sha256', $response['id'], $paste['meta']['salt']),
|
||||
$response['deletetoken'],
|
||||
|
|
@ -387,8 +387,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(0, $response['status'], 'outputs status');
|
||||
$this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data');
|
||||
$paste = $this->_model->read($response['id']);
|
||||
$this->assertTrue($this->_data->exists($response['id']), 'paste exists after posting data');
|
||||
$paste = $this->_data->read($response['id']);
|
||||
$this->assertEquals(
|
||||
hash_hmac('sha256', $response['id'], $paste['meta']['salt']),
|
||||
$response['deletetoken'],
|
||||
|
|
@ -418,7 +418,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(1, $response['status'], 'outputs error status');
|
||||
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data');
|
||||
$this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste exists after posting data');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -443,7 +443,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(1, $response['status'], 'outputs error status');
|
||||
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data');
|
||||
$this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste exists after posting data');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -463,9 +463,9 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not exists before posting data');
|
||||
$this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste does not exists before posting data');
|
||||
new Controller;
|
||||
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data');
|
||||
$this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste exists after posting data');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -483,14 +483,14 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
ob_start();
|
||||
new Controller;
|
||||
ob_end_clean();
|
||||
$this->_model->delete(Helper::getPasteId());
|
||||
$this->_data->delete(Helper::getPasteId());
|
||||
ob_start();
|
||||
new Controller;
|
||||
$content = ob_get_contents();
|
||||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(1, $response['status'], 'outputs error status');
|
||||
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data');
|
||||
$this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste exists after posting data');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -508,14 +508,14 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->_data->create(Helper::getPasteId(), Helper::getPaste());
|
||||
ob_start();
|
||||
new Controller;
|
||||
$content = ob_get_contents();
|
||||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(0, $response['status'], 'outputs status');
|
||||
$this->assertTrue($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), $response['id']), 'paste exists after posting data');
|
||||
$this->assertTrue($this->_data->existsComment(Helper::getPasteId(), Helper::getPasteId(), $response['id']), 'paste exists after posting data');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -534,14 +534,14 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->_data->create(Helper::getPasteId(), Helper::getPaste());
|
||||
ob_start();
|
||||
new Controller;
|
||||
$content = ob_get_contents();
|
||||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(1, $response['status'], 'outputs error status');
|
||||
$this->assertFalse($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'paste exists after posting data');
|
||||
$this->assertFalse($this->_data->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'paste exists after posting data');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -561,14 +561,14 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$_SERVER['REMOTE_ADDR'] = '::1';
|
||||
$paste = Helper::getPaste();
|
||||
$paste['adata'][2] = 0;
|
||||
$this->_model->create(Helper::getPasteId(), $paste);
|
||||
$this->_data->create(Helper::getPasteId(), $paste);
|
||||
ob_start();
|
||||
new Controller;
|
||||
$content = ob_get_contents();
|
||||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(1, $response['status'], 'outputs error status');
|
||||
$this->assertFalse($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'paste exists after posting data');
|
||||
$this->assertFalse($this->_data->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'paste exists after posting data');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -592,7 +592,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(1, $response['status'], 'outputs error status');
|
||||
$this->assertFalse($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'paste exists after posting data');
|
||||
$this->assertFalse($this->_data->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'paste exists after posting data');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -603,9 +603,9 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$options = parse_ini_file(CONF, true);
|
||||
$options['traffic']['limit'] = 0;
|
||||
Helper::createIniFile(CONF, $options);
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId(), Helper::getComment());
|
||||
$this->assertTrue($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId()), 'comment exists before posting data');
|
||||
$this->_data->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->_data->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId(), Helper::getComment());
|
||||
$this->assertTrue($this->_data->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId()), 'comment exists before posting data');
|
||||
$comment = Helper::getCommentJson();
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, $comment);
|
||||
|
|
@ -619,7 +619,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(1, $response['status'], 'outputs error status');
|
||||
$this->assertTrue($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId()), 'paste exists after posting data');
|
||||
$this->assertTrue($this->_data->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId()), 'paste exists after posting data');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -662,7 +662,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
public function testReadExpired()
|
||||
{
|
||||
$expiredPaste = Helper::getPaste(2, array('expire_date' => 1344803344));
|
||||
$this->_model->create(Helper::getPasteId(), $expiredPaste);
|
||||
$this->_data->create(Helper::getPasteId(), $expiredPaste);
|
||||
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
||||
$_GET[Helper::getPasteId()] = '';
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
|
|
@ -682,7 +682,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
{
|
||||
$paste = Helper::getPaste();
|
||||
$paste['adata'][3] = 1;
|
||||
$this->_model->create(Helper::getPasteId(), $paste);
|
||||
$this->_data->create(Helper::getPasteId(), $paste);
|
||||
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
||||
$_GET[Helper::getPasteId()] = '';
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
|
|
@ -702,7 +702,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$this->assertEquals(0, $response['comment_count'], 'outputs comment_count correctly');
|
||||
$this->assertEquals(0, $response['comment_offset'], 'outputs comment_offset correctly');
|
||||
// by default it will be deleted instantly after it is read
|
||||
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste exists after reading');
|
||||
$this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste exists after reading');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -711,7 +711,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
public function testReadJson()
|
||||
{
|
||||
$paste = Helper::getPaste();
|
||||
$this->_model->create(Helper::getPasteId(), $paste);
|
||||
$this->_data->create(Helper::getPasteId(), $paste);
|
||||
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
||||
$_GET[Helper::getPasteId()] = '';
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
|
|
@ -743,7 +743,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
'postdate' => $paste['meta']['postdate'],
|
||||
'opendiscussion' => $paste['meta']['opendiscussion'],
|
||||
);
|
||||
$this->_model->create(Helper::getPasteId(), $paste);
|
||||
$this->_data->create(Helper::getPasteId(), $paste);
|
||||
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
||||
$_GET[Helper::getPasteId()] = '';
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
|
|
@ -770,8 +770,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
{
|
||||
$burnPaste = Helper::getPaste();
|
||||
$burnPaste['adata'][3] = 1;
|
||||
$this->_model->create(Helper::getPasteId(), $burnPaste);
|
||||
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
$this->_data->create(Helper::getPasteId(), $burnPaste);
|
||||
$this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
|
||||
$_GET[Helper::getPasteId()] = '';
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
|
|
@ -781,7 +781,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(0, $response['status'], 'outputs status');
|
||||
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted');
|
||||
$this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste successfully deleted');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -789,9 +789,9 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
*/
|
||||
public function testDelete()
|
||||
{
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
$paste = $this->_model->read(Helper::getPasteId());
|
||||
$this->_data->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
$paste = $this->_data->read(Helper::getPasteId());
|
||||
$_GET['pasteid'] = Helper::getPasteId();
|
||||
$_GET['deletetoken'] = hash_hmac('sha256', Helper::getPasteId(), $paste['meta']['salt']);
|
||||
ob_start();
|
||||
|
|
@ -803,7 +803,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$content,
|
||||
'outputs deleted status correctly'
|
||||
);
|
||||
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted');
|
||||
$this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste successfully deleted');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -811,7 +811,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
*/
|
||||
public function testDeleteInvalidId()
|
||||
{
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->_data->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$_GET['pasteid'] = 'foo';
|
||||
$_GET['deletetoken'] = 'bar';
|
||||
ob_start();
|
||||
|
|
@ -823,7 +823,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$content,
|
||||
'outputs delete error correctly'
|
||||
);
|
||||
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists after failing to delete data');
|
||||
$this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists after failing to delete data');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -849,7 +849,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
*/
|
||||
public function testDeleteInvalidToken()
|
||||
{
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->_data->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$_GET['pasteid'] = Helper::getPasteId();
|
||||
$_GET['deletetoken'] = 'bar';
|
||||
ob_start();
|
||||
|
|
@ -861,7 +861,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$content,
|
||||
'outputs delete error correctly'
|
||||
);
|
||||
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists after failing to delete data');
|
||||
$this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists after failing to delete data');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -869,8 +869,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
*/
|
||||
public function testDeleteInvalidBurnAfterReading()
|
||||
{
|
||||
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
$this->_data->create(Helper::getPasteId(), Helper::getPaste());
|
||||
$this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, json_encode(array(
|
||||
'deletetoken' => 'burnafterreading',
|
||||
|
|
@ -886,7 +886,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
ob_end_clean();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(1, $response['status'], 'outputs status');
|
||||
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists after failing to delete data');
|
||||
$this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists after failing to delete data');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -895,9 +895,9 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
public function testDeleteExpired()
|
||||
{
|
||||
$expiredPaste = Helper::getPaste(2, array('expire_date' => 1000));
|
||||
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not exist before being created');
|
||||
$this->_model->create(Helper::getPasteId(), $expiredPaste);
|
||||
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
$this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste does not exist before being created');
|
||||
$this->_data->create(Helper::getPasteId(), $expiredPaste);
|
||||
$this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
$_GET['pasteid'] = Helper::getPasteId();
|
||||
$_GET['deletetoken'] = 'does not matter in this context, but has to be set';
|
||||
ob_start();
|
||||
|
|
@ -909,7 +909,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$content,
|
||||
'outputs error correctly'
|
||||
);
|
||||
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted');
|
||||
$this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste successfully deleted');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -919,8 +919,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
{
|
||||
$paste = Helper::getPaste();
|
||||
unset($paste['meta']['salt']);
|
||||
$this->_model->create(Helper::getPasteId(), $paste);
|
||||
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
$this->_data->create(Helper::getPasteId(), $paste);
|
||||
$this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists before deleting data');
|
||||
$_GET['pasteid'] = Helper::getPasteId();
|
||||
$_GET['deletetoken'] = hash_hmac('sha256', Helper::getPasteId(), ServerSalt::get());
|
||||
ob_start();
|
||||
|
|
@ -932,6 +932,6 @@ class ControllerTest extends PHPUnit_Framework_TestCase
|
|||
$content,
|
||||
'outputs deleted status correctly'
|
||||
);
|
||||
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted');
|
||||
$this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste successfully deleted');
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ class ControllerWithDbTest extends ControllerTest
|
|||
mkdir($this->_path);
|
||||
}
|
||||
$this->_options['dsn'] = 'sqlite:' . $this->_path . DIRECTORY_SEPARATOR . 'tst.sq3';
|
||||
$this->_model = Database::getInstance($this->_options);
|
||||
$this->_data = Database::getInstance($this->_options);
|
||||
$this->reset();
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue