mirror of
https://github.com/PrivateBin/PrivateBin.git
synced 2024-12-24 06:49:29 -05:00
refactoring delete API, added external JSON-LD context
This commit is contained in:
parent
9e6e29bc93
commit
1d6cfb7f3b
10
js/comment.jsonld
Normal file
10
js/comment.jsonld
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
{
|
||||||
|
"@context": {
|
||||||
|
"status": "http://schema.org/Integer",
|
||||||
|
"id": "http://schema.org/name",
|
||||||
|
"url: {
|
||||||
|
"@id": "http://schema.org/url",
|
||||||
|
"@type": "@id"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
11
js/paste.jsonld
Normal file
11
js/paste.jsonld
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
{
|
||||||
|
"@context": {
|
||||||
|
"status": http://schema.org/Integer",
|
||||||
|
"id": "http://schema.org/name",
|
||||||
|
"deletetoken": "http://schema.org/Text",
|
||||||
|
"url: {
|
||||||
|
"@id": "http://schema.org/url",
|
||||||
|
"@type": "@id"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
@ -671,9 +671,11 @@ $(function() {
|
|||||||
}
|
}
|
||||||
if (comments[0].meta.burnafterreading)
|
if (comments[0].meta.burnafterreading)
|
||||||
{
|
{
|
||||||
|
// unfortunately many web servers don't support DELETE (and PUT) out of the box
|
||||||
$.ajax({
|
$.ajax({
|
||||||
// type: 'DELETE', // unfortunately many web servers will not support DELETE and PUT by default
|
type: 'POST',
|
||||||
url: this.scriptLocation() + '?pasteid=' + this.pasteID() + '&deletetoken=burnafterreading',
|
url: this.scriptLocation() + '?' + this.pasteID(),
|
||||||
|
data: {deletetoken: 'burnafterreading'},
|
||||||
dataType: 'json',
|
dataType: 'json',
|
||||||
headers: this.headers
|
headers: this.headers
|
||||||
})
|
})
|
||||||
|
@ -79,8 +79,8 @@ class request
|
|||||||
// parse parameters, depending on request type
|
// parse parameters, depending on request type
|
||||||
switch (array_key_exists('REQUEST_METHOD', $_SERVER) ? $_SERVER['REQUEST_METHOD'] : 'GET')
|
switch (array_key_exists('REQUEST_METHOD', $_SERVER) ? $_SERVER['REQUEST_METHOD'] : 'GET')
|
||||||
{
|
{
|
||||||
|
case 'DELETE':
|
||||||
case 'PUT':
|
case 'PUT':
|
||||||
$this->_operation = 'create';
|
|
||||||
parse_str(file_get_contents(self::$_inputStream), $this->_params);
|
parse_str(file_get_contents(self::$_inputStream), $this->_params);
|
||||||
break;
|
break;
|
||||||
case 'POST':
|
case 'POST':
|
||||||
@ -89,8 +89,12 @@ class request
|
|||||||
default:
|
default:
|
||||||
$this->_params = $_GET;
|
$this->_params = $_GET;
|
||||||
}
|
}
|
||||||
|
if (array_key_exists('QUERY_STRING', $_SERVER) && !empty($_SERVER['QUERY_STRING']))
|
||||||
|
{
|
||||||
|
$this->_params['pasteid'] = $_SERVER['QUERY_STRING'];
|
||||||
|
}
|
||||||
|
|
||||||
// prepare parameters, depending on current operation
|
// prepare operation, depending on current parameters
|
||||||
if (
|
if (
|
||||||
(array_key_exists('data', $this->_params) && !empty($this->_params['data'])) ||
|
(array_key_exists('data', $this->_params) && !empty($this->_params['data'])) ||
|
||||||
(array_key_exists('attachment', $this->_params) && !empty($this->_params['attachment']))
|
(array_key_exists('attachment', $this->_params) && !empty($this->_params['attachment']))
|
||||||
@ -98,18 +102,17 @@ class request
|
|||||||
{
|
{
|
||||||
$this->_operation = 'create';
|
$this->_operation = 'create';
|
||||||
}
|
}
|
||||||
elseif (
|
elseif (array_key_exists('pasteid', $this->_params) && !empty($this->_params['pasteid']))
|
||||||
array_key_exists('pasteid', $this->_params) && !empty($this->_params['pasteid']) &&
|
|
||||||
array_key_exists('deletetoken', $this->_params) && !empty($this->_params['deletetoken'])
|
|
||||||
)
|
|
||||||
{
|
{
|
||||||
$this->_operation = 'delete';
|
if (array_key_exists('deletetoken', $this->_params) && !empty($this->_params['deletetoken']))
|
||||||
}
|
{
|
||||||
// display an existing paste
|
$this->_operation = 'delete';
|
||||||
elseif (array_key_exists('QUERY_STRING', $_SERVER) && !empty($_SERVER['QUERY_STRING']))
|
}
|
||||||
{
|
else
|
||||||
if ($this->_operation != 'create') $this->_operation = 'read';
|
{
|
||||||
$this->_params['pasteid'] = $_SERVER['QUERY_STRING'];
|
$this->_operation = 'read';
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -446,6 +446,10 @@ class zerobin
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
$result['id'] = $message;
|
$result['id'] = $message;
|
||||||
|
$result['url'] = (
|
||||||
|
array_key_exists('REQUEST_URI', $_SERVER) ? $_SERVER['REQUEST_URI'] : '/'
|
||||||
|
) . '?' . $message;
|
||||||
|
$result['@context'] = 'js/paste.jsonld';
|
||||||
}
|
}
|
||||||
$result += $other;
|
$result += $other;
|
||||||
$this->_json = json_encode($result);
|
$this->_json = json_encode($result);
|
||||||
|
@ -65,9 +65,9 @@ class jsonApiTest extends PHPUnit_Framework_TestCase
|
|||||||
$options['traffic']['limit'] = 0;
|
$options['traffic']['limit'] = 0;
|
||||||
helper::confBackup();
|
helper::confBackup();
|
||||||
helper::createIniFile(CONF, $options);
|
helper::createIniFile(CONF, $options);
|
||||||
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
|
||||||
$paste = helper::getPaste();
|
$paste = helper::getPaste();
|
||||||
unset($paste['meta']);
|
unset($paste['meta']);
|
||||||
|
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||||
file_put_contents($file, http_build_query($paste));
|
file_put_contents($file, http_build_query($paste));
|
||||||
request::setInputStream($file);
|
request::setInputStream($file);
|
||||||
$_SERVER['QUERY_STRING'] = helper::getPasteId();
|
$_SERVER['QUERY_STRING'] = helper::getPasteId();
|
||||||
@ -89,4 +89,51 @@ class jsonApiTest extends PHPUnit_Framework_TestCase
|
|||||||
$this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data');
|
$this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @runInSeparateProcess
|
||||||
|
*/
|
||||||
|
public function testDelete()
|
||||||
|
{
|
||||||
|
$this->reset();
|
||||||
|
$this->_model->create(helper::getPasteId(), helper::getPaste());
|
||||||
|
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
|
||||||
|
$file = tempnam(sys_get_temp_dir(), 'FOO');
|
||||||
|
file_put_contents($file, http_build_query(array(
|
||||||
|
'deletetoken' => hash_hmac('sha1', helper::getPasteId(), serversalt::get()),
|
||||||
|
)));
|
||||||
|
request::setInputStream($file);
|
||||||
|
$_SERVER['QUERY_STRING'] = helper::getPasteId();
|
||||||
|
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||||
|
$_SERVER['REQUEST_METHOD'] = 'DELETE';
|
||||||
|
ob_start();
|
||||||
|
new zerobin;
|
||||||
|
$content = ob_get_contents();
|
||||||
|
$response = json_decode($content, true);
|
||||||
|
$this->assertEquals(0, $response['status'], 'outputs status');
|
||||||
|
$this->assertFalse($this->_model->exists(helper::getPasteId()), 'paste successfully deleted');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @runInSeparateProcess
|
||||||
|
*/
|
||||||
|
public function testDeleteWithPost()
|
||||||
|
{
|
||||||
|
$this->reset();
|
||||||
|
$this->_model->create(helper::getPasteId(), helper::getPaste());
|
||||||
|
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
|
||||||
|
$_POST = array(
|
||||||
|
'action' => 'delete',
|
||||||
|
'deletetoken' => hash_hmac('sha1', helper::getPasteId(), serversalt::get()),
|
||||||
|
);
|
||||||
|
$_SERVER['QUERY_STRING'] = helper::getPasteId();
|
||||||
|
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||||
|
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||||
|
ob_start();
|
||||||
|
new zerobin;
|
||||||
|
$content = ob_get_contents();
|
||||||
|
$response = json_decode($content, true);
|
||||||
|
$this->assertEquals(0, $response['status'], 'outputs status');
|
||||||
|
$this->assertFalse($this->_model->exists(helper::getPasteId()), 'paste successfully deleted');
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
@ -94,10 +94,10 @@ class requestTest extends PHPUnit_Framework_TestCase
|
|||||||
public function testApiDelete()
|
public function testApiDelete()
|
||||||
{
|
{
|
||||||
$this->reset();
|
$this->reset();
|
||||||
$_SERVER['REQUEST_METHOD'] = 'DELETE';
|
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||||
$_GET['pasteid'] = 'foo';
|
$_SERVER['QUERY_STRING'] = 'foo';
|
||||||
$_GET['deletetoken'] = 'bar';
|
$_POST['deletetoken'] = 'bar';
|
||||||
$request = new request;
|
$request = new request;
|
||||||
$this->assertTrue($request->isJsonApiCall(), 'is JSON Api call');
|
$this->assertTrue($request->isJsonApiCall(), 'is JSON Api call');
|
||||||
$this->assertEquals('delete', $request->getOperation());
|
$this->assertEquals('delete', $request->getOperation());
|
||||||
|
@ -862,10 +862,10 @@ class zerobinTest extends PHPUnit_Framework_TestCase
|
|||||||
$burnPaste = helper::getPaste(array('burnafterreading' => true));
|
$burnPaste = helper::getPaste(array('burnafterreading' => true));
|
||||||
$this->_model->create(helper::getPasteId(), $burnPaste);
|
$this->_model->create(helper::getPasteId(), $burnPaste);
|
||||||
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
|
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
|
||||||
$_GET['pasteid'] = helper::getPasteId();
|
$_POST['deletetoken'] = 'burnafterreading';
|
||||||
$_GET['deletetoken'] = 'burnafterreading';
|
$_SERVER['QUERY_STRING'] = helper::getPasteId();
|
||||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||||
$_SERVER['REQUEST_METHOD'] = 'DELETE';
|
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||||
ob_start();
|
ob_start();
|
||||||
new zerobin;
|
new zerobin;
|
||||||
$content = ob_get_contents();
|
$content = ob_get_contents();
|
||||||
@ -882,10 +882,10 @@ class zerobinTest extends PHPUnit_Framework_TestCase
|
|||||||
$this->reset();
|
$this->reset();
|
||||||
$this->_model->create(helper::getPasteId(), helper::getPaste());
|
$this->_model->create(helper::getPasteId(), helper::getPaste());
|
||||||
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
|
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
|
||||||
$_GET['pasteid'] = helper::getPasteId();
|
$_POST['deletetoken'] = 'burnafterreading';
|
||||||
$_GET['deletetoken'] = 'burnafterreading';
|
$_SERVER['QUERY_STRING'] = helper::getPasteId();
|
||||||
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
|
||||||
$_SERVER['REQUEST_METHOD'] = 'DELETE';
|
$_SERVER['REQUEST_METHOD'] = 'POST';
|
||||||
ob_start();
|
ob_start();
|
||||||
new zerobin;
|
new zerobin;
|
||||||
$content = ob_get_contents();
|
$content = ob_get_contents();
|
||||||
|
Loading…
Reference in New Issue
Block a user