Chapril/paste.chapril.org-privatebin
Chapril/paste.chapril.org-privatebin
24
0
Fork 0
Code Issues Releases Wiki Activity

refactoring delete API, added external JSON-LD context

Browse Source
This commit is contained in:
El RIDO 2015-10-11 21:22:00 +02:00
parent 9e6e29bc93
commit 1d6cfb7f3b
8 changed files with 102 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
js/comment.jsonld Normal file
View File

@ -0,0 +1,10 @@
{
"@context": {
"status": "http://schema.org/Integer",
"id": "http://schema.org/name",
"url: {
"@id": "http://schema.org/url",
"@type": "@id"
}
}
}

11
js/paste.jsonld Normal file
View File

@ -0,0 +1,11 @@
{
"@context": {
"status": http://schema.org/Integer",
"id": "http://schema.org/name",
"deletetoken": "http://schema.org/Text",
"url: {
"@id": "http://schema.org/url",
"@type": "@id"
}
}
}

6
js/zerobin.js
View File

@ -671,9 +671,11 @@ $(function() {
}
if (comments[0].meta.burnafterreading)
{
// unfortunately many web servers don't support DELETE (and PUT) out of the box
$.ajax({
// type: 'DELETE', // unfortunately many web servers will not support DELETE and PUT by default
url: this.scriptLocation() + '?pasteid=' + this.pasteID() + '&deletetoken=burnafterreading',
type: 'POST',
url: this.scriptLocation() + '?' + this.pasteID(),
data: {deletetoken: 'burnafterreading'},
dataType: 'json',
headers: this.headers
})

29
lib/request.php
View File

@ -79,8 +79,8 @@ class request
// parse parameters, depending on request type
switch (array_key_exists('REQUEST_METHOD', $_SERVER) ? $_SERVER['REQUEST_METHOD'] : 'GET')
{
case 'DELETE':
case 'PUT':
$this->_operation = 'create';
parse_str(file_get_contents(self::$_inputStream), $this->_params);
break;
case 'POST':
@ -89,8 +89,12 @@ class request
default:
$this->_params = $_GET;
}
if (array_key_exists('QUERY_STRING', $_SERVER) && !empty($_SERVER['QUERY_STRING']))
{
$this->_params['pasteid'] = $_SERVER['QUERY_STRING'];
}
// prepare parameters, depending on current operation
// prepare operation, depending on current parameters
if (
(array_key_exists('data', $this->_params) && !empty($this->_params['data'])) ||
(array_key_exists('attachment', $this->_params) && !empty($this->_params['attachment']))
@ -98,18 +102,17 @@ class request
{
$this->_operation = 'create';
}
elseif (
array_key_exists('pasteid', $this->_params) && !empty($this->_params['pasteid']) &&
array_key_exists('deletetoken', $this->_params) && !empty($this->_params['deletetoken'])
)
elseif (array_key_exists('pasteid', $this->_params) && !empty($this->_params['pasteid']))
{
$this->_operation = 'delete';
}
// display an existing paste
elseif (array_key_exists('QUERY_STRING', $_SERVER) && !empty($_SERVER['QUERY_STRING']))
{
if ($this->_operation != 'create') $this->_operation = 'read';
$this->_params['pasteid'] = $_SERVER['QUERY_STRING'];
if (array_key_exists('deletetoken', $this->_params) && !empty($this->_params['deletetoken']))
{
$this->_operation = 'delete';
}
else
{
$this->_operation = 'read';
}
}
}

4
lib/zerobin.php
View File

@ -446,6 +446,10 @@ class zerobin
else
{
$result['id'] = $message;
$result['url'] = (
array_key_exists('REQUEST_URI', $_SERVER) ? $_SERVER['REQUEST_URI'] : '/'
) . '?' . $message;
$result['@context'] = 'js/paste.jsonld';
}
$result += $other;
$this->_json = json_encode($result);

49
tst/jsonApi.php
View File

@ -65,9 +65,9 @@ class jsonApiTest extends PHPUnit_Framework_TestCase
$options['traffic']['limit'] = 0;
helper::confBackup();
helper::createIniFile(CONF, $options);
$file = tempnam(sys_get_temp_dir(), 'FOO');
$paste = helper::getPaste();
unset($paste['meta']);
$file = tempnam(sys_get_temp_dir(), 'FOO');
file_put_contents($file, http_build_query($paste));
request::setInputStream($file);
$_SERVER['QUERY_STRING'] = helper::getPasteId();
@ -89,4 +89,51 @@ class jsonApiTest extends PHPUnit_Framework_TestCase
$this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data');
}
/**
* @runInSeparateProcess
*/
public function testDelete()
{
$this->reset();
$this->_model->create(helper::getPasteId(), helper::getPaste());
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
$file = tempnam(sys_get_temp_dir(), 'FOO');
file_put_contents($file, http_build_query(array(
'deletetoken' => hash_hmac('sha1', helper::getPasteId(), serversalt::get()),
)));
request::setInputStream($file);
$_SERVER['QUERY_STRING'] = helper::getPasteId();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
$_SERVER['REQUEST_METHOD'] = 'DELETE';
ob_start();
new zerobin;
$content = ob_get_contents();
$response = json_decode($content, true);
$this->assertEquals(0, $response['status'], 'outputs status');
$this->assertFalse($this->_model->exists(helper::getPasteId()), 'paste successfully deleted');
}
/**
* @runInSeparateProcess
*/
public function testDeleteWithPost()
{
$this->reset();
$this->_model->create(helper::getPasteId(), helper::getPaste());
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
$_POST = array(
'action' => 'delete',
'deletetoken' => hash_hmac('sha1', helper::getPasteId(), serversalt::get()),
);
$_SERVER['QUERY_STRING'] = helper::getPasteId();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
$_SERVER['REQUEST_METHOD'] = 'POST';
ob_start();
new zerobin;
$content = ob_get_contents();
$response = json_decode($content, true);
$this->assertEquals(0, $response['status'], 'outputs status');
$this->assertFalse($this->_model->exists(helper::getPasteId()), 'paste successfully deleted');
}
}

6
tst/request.php
View File

@ -94,10 +94,10 @@ class requestTest extends PHPUnit_Framework_TestCase
public function testApiDelete()
{
$this->reset();
$_SERVER['REQUEST_METHOD'] = 'DELETE';
$_SERVER['REQUEST_METHOD'] = 'POST';
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
$_GET['pasteid'] = 'foo';
$_GET['deletetoken'] = 'bar';
$_SERVER['QUERY_STRING'] = 'foo';
$_POST['deletetoken'] = 'bar';
$request = new request;
$this->assertTrue($request->isJsonApiCall(), 'is JSON Api call');
$this->assertEquals('delete', $request->getOperation());

12
tst/zerobin.php
View File

@ -862,10 +862,10 @@ class zerobinTest extends PHPUnit_Framework_TestCase
$burnPaste = helper::getPaste(array('burnafterreading' => true));
$this->_model->create(helper::getPasteId(), $burnPaste);
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
$_GET['pasteid'] = helper::getPasteId();
$_GET['deletetoken'] = 'burnafterreading';
$_POST['deletetoken'] = 'burnafterreading';
$_SERVER['QUERY_STRING'] = helper::getPasteId();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
$_SERVER['REQUEST_METHOD'] = 'DELETE';
$_SERVER['REQUEST_METHOD'] = 'POST';
ob_start();
new zerobin;
$content = ob_get_contents();
@ -882,10 +882,10 @@ class zerobinTest extends PHPUnit_Framework_TestCase
$this->reset();
$this->_model->create(helper::getPasteId(), helper::getPaste());
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
$_GET['pasteid'] = helper::getPasteId();
$_GET['deletetoken'] = 'burnafterreading';
$_POST['deletetoken'] = 'burnafterreading';
$_SERVER['QUERY_STRING'] = helper::getPasteId();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
$_SERVER['REQUEST_METHOD'] = 'DELETE';
$_SERVER['REQUEST_METHOD'] = 'POST';
ob_start();
new zerobin;
$content = ob_get_contents();