mirror of
https://github.com/PrivateBin/PrivateBin.git
synced 2024-12-23 14:29:29 -05:00
refactoring delete API, added external JSON-LD context
This commit is contained in:
parent
9e6e29bc93
commit
1d6cfb7f3b
10
js/comment.jsonld
Normal file
10
js/comment.jsonld
Normal file
@ -0,0 +1,10 @@
|
||||
{
|
||||
"@context": {
|
||||
"status": "http://schema.org/Integer",
|
||||
"id": "http://schema.org/name",
|
||||
"url: {
|
||||
"@id": "http://schema.org/url",
|
||||
"@type": "@id"
|
||||
}
|
||||
}
|
||||
}
|
11
js/paste.jsonld
Normal file
11
js/paste.jsonld
Normal file
@ -0,0 +1,11 @@
|
||||
{
|
||||
"@context": {
|
||||
"status": http://schema.org/Integer",
|
||||
"id": "http://schema.org/name",
|
||||
"deletetoken": "http://schema.org/Text",
|
||||
"url: {
|
||||
"@id": "http://schema.org/url",
|
||||
"@type": "@id"
|
||||
}
|
||||
}
|
||||
}
|
@ -671,9 +671,11 @@ $(function() {
|
||||
}
|
||||
if (comments[0].meta.burnafterreading)
|
||||
{
|
||||
// unfortunately many web servers don't support DELETE (and PUT) out of the box
|
||||
$.ajax({
|
||||
// type: 'DELETE', // unfortunately many web servers will not support DELETE and PUT by default
|
||||
url: this.scriptLocation() + '?pasteid=' + this.pasteID() + '&deletetoken=burnafterreading',
|
||||
type: 'POST',
|
||||
url: this.scriptLocation() + '?' + this.pasteID(),
|
||||
data: {deletetoken: 'burnafterreading'},
|
||||
dataType: 'json',
|
||||
headers: this.headers
|
||||
})
|
||||
|
@ -79,8 +79,8 @@ class request
|
||||
// parse parameters, depending on request type
|
||||
switch (array_key_exists('REQUEST_METHOD', $_SERVER) ? $_SERVER['REQUEST_METHOD'] : 'GET')
|
||||
{
|
||||
case 'DELETE':
|
||||
case 'PUT':
|
||||
$this->_operation = 'create';
|
||||
parse_str(file_get_contents(self::$_inputStream), $this->_params);
|
||||
break;
|
||||
case 'POST':
|
||||
@ -89,8 +89,12 @@ class request
|
||||
default:
|
||||
$this->_params = $_GET;
|
||||
}
|
||||
if (array_key_exists('QUERY_STRING', $_SERVER) && !empty($_SERVER['QUERY_STRING']))
|
||||
{
|
||||
$this->_params['pasteid'] = $_SERVER['QUERY_STRING'];
|
||||
}
|
||||
|
||||
// prepare parameters, depending on current operation
|
||||
// prepare operation, depending on current parameters
|
||||
if (
|
||||
(array_key_exists('data', $this->_params) && !empty($this->_params['data'])) ||
|
||||
(array_key_exists('attachment', $this->_params) && !empty($this->_params['attachment']))
|
||||
@ -98,18 +102,17 @@ class request
|
||||
{
|
||||
$this->_operation = 'create';
|
||||
}
|
||||
elseif (
|
||||
array_key_exists('pasteid', $this->_params) && !empty($this->_params['pasteid']) &&
|
||||
array_key_exists('deletetoken', $this->_params) && !empty($this->_params['deletetoken'])
|
||||
)
|
||||
elseif (array_key_exists('pasteid', $this->_params) && !empty($this->_params['pasteid']))
|
||||
{
|
||||
$this->_operation = 'delete';
|
||||
}
|
||||
// display an existing paste
|
||||
elseif (array_key_exists('QUERY_STRING', $_SERVER) && !empty($_SERVER['QUERY_STRING']))
|
||||
{
|
||||
if ($this->_operation != 'create') $this->_operation = 'read';
|
||||
$this->_params['pasteid'] = $_SERVER['QUERY_STRING'];
|
||||
if (array_key_exists('deletetoken', $this->_params) && !empty($this->_params['deletetoken']))
|
||||
{
|
||||
$this->_operation = 'delete';
|
||||
}
|
||||
else
|
||||
{
|
||||
$this->_operation = 'read';
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -446,6 +446,10 @@ class zerobin
|
||||
else
|
||||
{
|
||||
$result['id'] = $message;
|
||||
$result['url'] = (
|
||||
array_key_exists('REQUEST_URI', $_SERVER) ? $_SERVER['REQUEST_URI'] : '/'
|
||||
) . '?' . $message;
|
||||
$result['@context'] = 'js/paste.jsonld';
|
||||
}
|
||||
$result += $other;
|
||||
$this->_json = json_encode($result);
|
||||
|
@ -65,9 +65,9 @@ class jsonApiTest extends PHPUnit_Framework_TestCase
|
||||
$options['traffic']['limit'] = 0;
|
||||
helper::confBackup();
|
||||
helper::createIniFile(CONF, $options);
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
$paste = helper::getPaste();
|
||||
unset($paste['meta']);
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, http_build_query($paste));
|
||||
request::setInputStream($file);
|
||||
$_SERVER['QUERY_STRING'] = helper::getPasteId();
|
||||
@ -89,4 +89,51 @@ class jsonApiTest extends PHPUnit_Framework_TestCase
|
||||
$this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data');
|
||||
}
|
||||
|
||||
/**
|
||||
* @runInSeparateProcess
|
||||
*/
|
||||
public function testDelete()
|
||||
{
|
||||
$this->reset();
|
||||
$this->_model->create(helper::getPasteId(), helper::getPaste());
|
||||
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
|
||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||
file_put_contents($file, http_build_query(array(
|
||||
'deletetoken' => hash_hmac('sha1', helper::getPasteId(), serversalt::get()),
|
||||
)));
|
||||
request::setInputStream($file);
|
||||
$_SERVER['QUERY_STRING'] = helper::getPasteId();
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'DELETE';
|
||||
ob_start();
|
||||
new zerobin;
|
||||
$content = ob_get_contents();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(0, $response['status'], 'outputs status');
|
||||
$this->assertFalse($this->_model->exists(helper::getPasteId()), 'paste successfully deleted');
|
||||
}
|
||||
|
||||
/**
|
||||
* @runInSeparateProcess
|
||||
*/
|
||||
public function testDeleteWithPost()
|
||||
{
|
||||
$this->reset();
|
||||
$this->_model->create(helper::getPasteId(), helper::getPaste());
|
||||
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
|
||||
$_POST = array(
|
||||
'action' => 'delete',
|
||||
'deletetoken' => hash_hmac('sha1', helper::getPasteId(), serversalt::get()),
|
||||
);
|
||||
$_SERVER['QUERY_STRING'] = helper::getPasteId();
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
ob_start();
|
||||
new zerobin;
|
||||
$content = ob_get_contents();
|
||||
$response = json_decode($content, true);
|
||||
$this->assertEquals(0, $response['status'], 'outputs status');
|
||||
$this->assertFalse($this->_model->exists(helper::getPasteId()), 'paste successfully deleted');
|
||||
}
|
||||
|
||||
}
|
@ -94,10 +94,10 @@ class requestTest extends PHPUnit_Framework_TestCase
|
||||
public function testApiDelete()
|
||||
{
|
||||
$this->reset();
|
||||
$_SERVER['REQUEST_METHOD'] = 'DELETE';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_GET['pasteid'] = 'foo';
|
||||
$_GET['deletetoken'] = 'bar';
|
||||
$_SERVER['QUERY_STRING'] = 'foo';
|
||||
$_POST['deletetoken'] = 'bar';
|
||||
$request = new request;
|
||||
$this->assertTrue($request->isJsonApiCall(), 'is JSON Api call');
|
||||
$this->assertEquals('delete', $request->getOperation());
|
||||
|
@ -862,10 +862,10 @@ class zerobinTest extends PHPUnit_Framework_TestCase
|
||||
$burnPaste = helper::getPaste(array('burnafterreading' => true));
|
||||
$this->_model->create(helper::getPasteId(), $burnPaste);
|
||||
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
|
||||
$_GET['pasteid'] = helper::getPasteId();
|
||||
$_GET['deletetoken'] = 'burnafterreading';
|
||||
$_POST['deletetoken'] = 'burnafterreading';
|
||||
$_SERVER['QUERY_STRING'] = helper::getPasteId();
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'DELETE';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
ob_start();
|
||||
new zerobin;
|
||||
$content = ob_get_contents();
|
||||
@ -882,10 +882,10 @@ class zerobinTest extends PHPUnit_Framework_TestCase
|
||||
$this->reset();
|
||||
$this->_model->create(helper::getPasteId(), helper::getPaste());
|
||||
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
|
||||
$_GET['pasteid'] = helper::getPasteId();
|
||||
$_GET['deletetoken'] = 'burnafterreading';
|
||||
$_POST['deletetoken'] = 'burnafterreading';
|
||||
$_SERVER['QUERY_STRING'] = helper::getPasteId();
|
||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||
$_SERVER['REQUEST_METHOD'] = 'DELETE';
|
||||
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||
ob_start();
|
||||
new zerobin;
|
||||
$content = ob_get_contents();
|
||||
|
Loading…
Reference in New Issue
Block a user