diff --git a/lib/Controller.php b/lib/Controller.php index 2acab806..3401bf64 100644 --- a/lib/Controller.php +++ b/lib/Controller.php @@ -208,6 +208,13 @@ class Controller // Ensure content is not too big. $data = $this->_request->getData(); + $isComment = array_key_exists('pasteid', $data) && + !empty($data['pasteid']) && + array_key_exists('parentid', $data) && + !empty($data['parentid']); + if (!FormatV2::isValid($data, $isComment)) { + return $this->_return_message(1, 'Invalid data.'); + } $sizelimit = $this->_conf->getKey('sizelimit'); if (strlen($data['ct']) > $sizelimit) { return $this->_return_message( @@ -220,7 +227,7 @@ class Controller } // The user posts a comment. - if (!empty($data['pasteid']) && !empty($data['parentid'])) { + if ($isComment) { $paste = $this->_model->getPaste($data['pasteid']); if ($paste->exists()) { try { diff --git a/lib/Data/Filesystem.php b/lib/Data/Filesystem.php index 6df51207..a19408da 100644 --- a/lib/Data/Filesystem.php +++ b/lib/Data/Filesystem.php @@ -190,11 +190,11 @@ class Filesystem extends AbstractData $comment = DataStore::get($discdir . $filename); $items = explode('.', $filename); // Add some meta information not contained in file. - $comment->id = $items[1]; - $comment->parentid = $items[2]; + $comment['id'] = $items[1]; + $comment['parentid'] = $items[2]; // Store in array - $key = $this->getOpenSlot($comments, (int) $comment->meta->postdate); + $key = $this->getOpenSlot($comments, (int) $comment['meta']['created']); $comments[$key] = $comment; } } @@ -283,8 +283,8 @@ class Filesystem extends AbstractData if ($this->exists($pasteid)) { $data = $this->read($pasteid); if ( - property_exists($data->meta, 'expire_date') && - $data->meta->expire_date < time() + array_key_exists('expire_date', $data['meta']) && + $data['meta']['expire_date'] < time() ) { $pastes[] = $pasteid; if (count($pastes) >= $batchsize) { diff --git a/lib/Model/AbstractModel.php b/lib/Model/AbstractModel.php index ac17ee2f..ee3d3578 100644 --- a/lib/Model/AbstractModel.php +++ b/lib/Model/AbstractModel.php @@ -15,7 +15,6 @@ namespace PrivateBin\Model; use Exception; use PrivateBin\Configuration; use PrivateBin\Data\AbstractData; -use PrivateBin\FormatV2; /** * AbstractModel @@ -104,9 +103,6 @@ abstract class AbstractModel */ public function setData(array $data) { - if (!FormatV2::isValid($data, $this instanceof Comment)) { - throw new Exception('Invalid data.', 61); - } $data = $this->_sanitize($data); $this->_validate($data); $this->_data = $data; diff --git a/tst/Bootstrap.php b/tst/Bootstrap.php index d2cfc094..8a4f7cb9 100644 --- a/tst/Bootstrap.php +++ b/tst/Bootstrap.php @@ -114,7 +114,7 @@ class Helper } /** - * get example paste + * get example paste, as stored on server * * @param int $version * @param array $meta @@ -131,7 +131,7 @@ class Helper } /** - * get example paste + * get example paste with attachment, as stored on server * * @param int $version * @param array $meta @@ -146,38 +146,30 @@ class Helper } /** - * get example paste + * get example paste, as decoded from POST by the request object * * @param int $version * @param array $meta * @return array */ - public static function getPasteAsJson(int $version = 2, array $meta = array()) + public static function getPastePost(int $version = 2, array $meta = array()) { - $example = self::getPaste($version); - // the JSON shouldn't contain the salt - unset($example['meta']['salt']); - if (count($meta)) { - $example['meta'] = $meta; - } - $example['comments'] = array(); - $example['comment_count'] = 0; - $example['comment_offset'] = 0; - $example['@context'] = 'js/paste.jsonld'; - return json_encode($example); + $example = self::getPaste($version, $meta); + $example['meta'] = array('expire' => $example['meta']['expire']); + return $example; } - /** - * get example paste, as received via POST by user + * get example paste, as received via POST by the user * * @param int $version + * @param array $meta * @return array */ - public static function getPastePost() + public static function getPastePostJson(int $version = 2, array $meta = array()) { - $example = self::getPaste(); + $example = self::getPastePost($version, $meta); $example['adata'] = json_encode($example['adata']); - $example['meta'] = json_encode(array('expire' => $example['meta']['expire'])); + $example['meta'] = json_encode($example['meta']); return $example; } @@ -192,7 +184,7 @@ class Helper } /** - * get example comment, as stored on server / returned to user + * get example comment, as stored on server * * @param int $version * @param array $meta @@ -212,7 +204,7 @@ class Helper } /** - * get example comment, as received via POST by user + * get example comment, as decoded from POST by the request object * * @param int $version * @return array @@ -224,6 +216,19 @@ class Helper return $example; } + /** + * get example comment, as received via POST by user + * + * @param int $version + * @return array + */ + public static function getCommentPostJson() + { + $example = self::getCommentPost(); + $example['adata'] = json_encode($example['adata']); + return $example; + } + /** * delete directory and all its contents recursively * diff --git a/tst/ConfigurationTestGenerator.php b/tst/ConfigurationTestGenerator.php index 0aaec88a..b1a1fa22 100755 --- a/tst/ConfigurationTestGenerator.php +++ b/tst/ConfigurationTestGenerator.php @@ -516,7 +516,7 @@ EOT; $this->_model->create(Helper::getPasteId(), Helper::getPaste()); $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); $_GET['pasteid'] = Helper::getPasteId(); - $_GET['deletetoken'] = hash_hmac('sha256', Helper::getPasteId(), $this->_model->read(Helper::getPasteId())->meta->salt); + $_GET['deletetoken'] = hash_hmac('sha256', Helper::getPasteId(), $this->_model->read(Helper::getPasteId())['meta']['salt']); EOT; break; } diff --git a/tst/ControllerTest.php b/tst/ControllerTest.php index 88d53016..bcf1c9e3 100644 --- a/tst/ControllerTest.php +++ b/tst/ControllerTest.php @@ -134,7 +134,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $file = $this->_path . DIRECTORY_SEPARATOR . '.htaccess'; @unlink($file); - $_POST = Helper::getPaste(); + $_POST = Helper::getPastePostJson(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; @@ -163,7 +163,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $_POST = Helper::getPaste(); + $_POST = Helper::getPastePostJson(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; @@ -176,7 +176,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data'); $paste = $this->_model->read($response['id']); $this->assertEquals( - hash_hmac('sha256', $response['id'], $paste->meta->salt), + hash_hmac('sha256', $response['id'], $paste['meta']['salt']), $response['deletetoken'], 'outputs valid delete token' ); @@ -190,7 +190,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $_POST = Helper::getPaste(array('expire' => 25)); + $_POST = Helper::getPastePostJson(2, array('expire' => 25)); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; @@ -204,7 +204,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data'); $paste = $this->_model->read($response['id']); $this->assertEquals( - hash_hmac('sha256', $response['id'], $paste->meta->salt), + hash_hmac('sha256', $response['id'], $paste['meta']['salt']), $response['deletetoken'], 'outputs valid delete token' ); @@ -219,7 +219,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options['main']['sizelimit'] = 10; $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $_POST = Helper::getPaste(); + $_POST = Helper::getPastePostJson(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; @@ -240,7 +240,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['header'] = 'X_FORWARDED_FOR'; Helper::createIniFile(CONF, $options); - $_POST = Helper::getPaste(); + $_POST = Helper::getPastePostJson(); $_SERVER['HTTP_X_FORWARDED_FOR'] = '::2'; $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; @@ -254,7 +254,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data'); $paste = $this->_model->read($response['id']); $this->assertEquals( - hash_hmac('sha256', $response['id'], $paste->meta->salt), + hash_hmac('sha256', $response['id'], $paste['meta']['salt']), $response['deletetoken'], 'outputs valid delete token' ); @@ -269,7 +269,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); $this->_model->create(Helper::getPasteId(), Helper::getPaste()); - $_POST = Helper::getPaste(); + $_POST = Helper::getPastePostJson(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; @@ -290,7 +290,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $_POST = Helper::getPaste(); + $_POST = Helper::getPastePostJson(); $_POST['expire'] = '5min'; $_POST['formatter'] = 'foo'; $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; @@ -306,11 +306,11 @@ class ControllerTest extends PHPUnit_Framework_TestCase $this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data'); $paste = $this->_model->read($response['id']); $this->assertEquals( - hash_hmac('sha256', $response['id'], $paste->meta->salt), + hash_hmac('sha256', $response['id'], $paste['meta']['salt']), $response['deletetoken'], 'outputs valid delete token' ); - $this->assertGreaterThanOrEqual($time + 300, $paste->meta->expire_date, 'time is set correctly'); + $this->assertGreaterThanOrEqual($time + 300, $paste['meta']['expire_date'], 'time is set correctly'); } /** @@ -321,7 +321,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $_POST = Helper::getPaste(); + $_POST = Helper::getPastePostJson(); $_POST['expire'] = '5min'; $_POST['opendiscussion'] = '1'; $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; @@ -337,12 +337,12 @@ class ControllerTest extends PHPUnit_Framework_TestCase $this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data'); $paste = $this->_model->read($response['id']); $this->assertEquals( - hash_hmac('sha256', $response['id'], $paste->meta->salt), + hash_hmac('sha256', $response['id'], $paste['meta']['salt']), $response['deletetoken'], 'outputs valid delete token' ); - $this->assertGreaterThanOrEqual($time + 300, $paste->meta->expire_date, 'time is set correctly'); - $this->assertEquals(1, $paste->meta->opendiscussion, 'discussion is enabled'); + $this->assertGreaterThanOrEqual($time + 300, $paste['meta']['expire_date'], 'time is set correctly'); + $this->assertEquals(1, $paste['adata'][2], 'discussion is enabled'); } /** @@ -353,7 +353,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $_POST = Helper::getPaste(); + $_POST = Helper::getPastePostJson(); $_POST['expire'] = 'foo'; $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; @@ -367,7 +367,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data'); $paste = $this->_model->read($response['id']); $this->assertEquals( - hash_hmac('sha256', $response['id'], $paste->meta->salt), + hash_hmac('sha256', $response['id'], $paste['meta']['salt']), $response['deletetoken'], 'outputs valid delete token' ); @@ -381,8 +381,10 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $_POST = Helper::getPaste(); - $_POST['burnafterreading'] = 'neither 1 nor 0'; + $_POST = Helper::getPastePostJson(); + $adata = Helper::getPaste()['adata']; + $adata[3] = 'neither 1 nor 0'; + $_POST['adata'] = json_encode($adata); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; @@ -403,8 +405,10 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $_POST = Helper::getPaste(); - $_POST['opendiscussion'] = 'neither 1 nor 0'; + $_POST = Helper::getPastePostJson(); + $adata = Helper::getPaste()['adata']; + $adata[2] = 'neither 1 nor 0'; + $_POST['adata'] = json_encode($adata); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; @@ -417,56 +421,19 @@ class ControllerTest extends PHPUnit_Framework_TestCase $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data'); } - /** - * @runInSeparateProcess - */ - public function testCreateAttachment() - { - $options = parse_ini_file(CONF, true); - $options['traffic']['limit'] = 0; - $options['main']['fileupload'] = true; - Helper::createIniFile(CONF, $options); - $_POST = Helper::getPasteWithAttachment(); - $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; - $_SERVER['REQUEST_METHOD'] = 'POST'; - $_SERVER['REMOTE_ADDR'] = '::1'; - $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not exists before posting data'); - ob_start(); - new Controller; - $content = ob_get_contents(); - ob_end_clean(); - $response = json_decode($content, true); - $this->assertEquals(0, $response['status'], 'outputs status'); - $this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data'); - $original = json_decode(json_encode($_POST)); - $stored = $this->_model->read($response['id']); - foreach (array('data', 'attachment', 'attachmentname') as $key) { - $this->assertEquals($original->$key, $stored->$key); - } - $this->assertEquals( - hash_hmac('sha256', $response['id'], $stored->meta->salt), - $response['deletetoken'], - 'outputs valid delete token' - ); - } - /** * In some webserver setups (found with Suhosin) overly long POST params are * silently removed, check that this case is handled * * @runInSeparateProcess */ - public function testCreateBrokenAttachmentUpload() + public function testCreateBrokenUpload() { - $options = parse_ini_file(CONF, true); - $options['traffic']['limit'] = 0; - $options['main']['fileupload'] = true; - Helper::createIniFile(CONF, $options); - $_POST = Helper::getPasteWithAttachment(); - unset($_POST['attachment']); + $_POST = Helper::getPastePostJson(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; + $_POST['ct'] = ' '; $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not exists before posting data'); ob_start(); new Controller; @@ -482,7 +449,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase */ public function testCreateTooSoon() { - $_POST = Helper::getPaste(); + $_POST = Helper::getPastePostJson(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; @@ -499,59 +466,6 @@ class ControllerTest extends PHPUnit_Framework_TestCase $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data'); } - /** - * @runInSeparateProcess - */ - public function testCreateValidNick() - { - $options = parse_ini_file(CONF, true); - $options['traffic']['limit'] = 0; - Helper::createIniFile(CONF, $options); - $_POST = Helper::getPaste(); - $_POST['nickname'] = Helper::getComment()['meta']['nickname']; - $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; - $_SERVER['REQUEST_METHOD'] = 'POST'; - $_SERVER['REMOTE_ADDR'] = '::1'; - ob_start(); - new Controller; - $content = ob_get_contents(); - ob_end_clean(); - $response = json_decode($content, true); - $this->assertEquals(0, $response['status'], 'outputs status'); - $this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data'); - $paste = $this->_model->read($response['id']); - $this->assertEquals( - hash_hmac('sha256', $response['id'], $paste->meta->salt), - $response['deletetoken'], - 'outputs valid delete token' - ); - } - - /** - * @runInSeparateProcess - */ - public function testCreateInvalidNick() - { - $options = parse_ini_file(CONF, true); - $options['traffic']['limit'] = 0; - Helper::createIniFile(CONF, $options); - $_POST = Helper::getCommentPost(); - $_POST['pasteid'] = Helper::getPasteId(); - $_POST['parentid'] = Helper::getPasteId(); - $_POST['nickname'] = 'foo'; - $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; - $_SERVER['REQUEST_METHOD'] = 'POST'; - $_SERVER['REMOTE_ADDR'] = '::1'; - $this->_model->create(Helper::getPasteId(), Helper::getPaste()); - ob_start(); - new Controller; - $content = ob_get_contents(); - ob_end_clean(); - $response = json_decode($content, true); - $this->assertEquals(1, $response['status'], 'outputs error status'); - $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists after posting data'); - } - /** * @runInSeparateProcess */ @@ -560,9 +474,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $_POST = Helper::getCommentPost(); - $_POST['pasteid'] = Helper::getPasteId(); - $_POST['parentid'] = Helper::getPasteId(); + $_POST = Helper::getCommentPostJson(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; @@ -584,8 +496,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $_POST = Helper::getCommentPost(); - $_POST['pasteid'] = Helper::getPasteId(); + $_POST = Helper::getCommentPostJson(); $_POST['parentid'] = 'foo'; $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; @@ -608,13 +519,12 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $_POST = Helper::getCommentPost(); - $_POST['pasteid'] = Helper::getPasteId(); - $_POST['parentid'] = Helper::getPasteId(); + $_POST = Helper::getCommentPostJson(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; - $paste = Helper::getPaste(array('opendiscussion' => false)); + $paste = Helper::getPaste(); + $paste['adata'][2] = 0; $this->_model->create(Helper::getPasteId(), $paste); ob_start(); new Controller; @@ -633,9 +543,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $_POST = Helper::getCommentPost(); - $_POST['pasteid'] = Helper::getPasteId(); - $_POST['parentid'] = Helper::getPasteId(); + $_POST = Helper::getCommentPostJson(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; @@ -657,11 +565,9 @@ class ControllerTest extends PHPUnit_Framework_TestCase $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); $this->_model->create(Helper::getPasteId(), Helper::getPaste()); - $this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId(), Helper::getComment()); - $this->assertTrue($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'comment exists before posting data'); - $_POST = Helper::getCommentPost(); - $_POST['pasteid'] = Helper::getPasteId(); - $_POST['parentid'] = Helper::getPasteId(); + $this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId(), Helper::getComment()); + $this->assertTrue($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId()), 'comment exists before posting data'); + $_POST = Helper::getCommentPostJson(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; @@ -671,7 +577,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(1, $response['status'], 'outputs error status'); - $this->assertTrue($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'paste exists after posting data'); + $this->assertTrue($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getPasteId()), 'paste exists after posting data'); } /** @@ -713,7 +619,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase */ public function testReadExpired() { - $expiredPaste = Helper::getPaste(array('expire_date' => 1344803344)); + $expiredPaste = Helper::getPaste(2, array('expire_date' => 1344803344)); $this->_model->create(Helper::getPasteId(), $expiredPaste); $_SERVER['QUERY_STRING'] = Helper::getPasteId(); $_GET[Helper::getPasteId()] = ''; @@ -732,7 +638,8 @@ class ControllerTest extends PHPUnit_Framework_TestCase */ public function testReadBurn() { - $paste = Helper::getPaste(array('burnafterreading' => true)); + $paste = Helper::getPaste(); + $paste['adata'][3] = 1; $this->_model->create(Helper::getPasteId(), $paste); $_SERVER['QUERY_STRING'] = Helper::getPasteId(); $_GET[Helper::getPasteId()] = ''; @@ -745,11 +652,11 @@ class ControllerTest extends PHPUnit_Framework_TestCase $this->assertEquals(0, $response['status'], 'outputs success status'); $this->assertEquals(Helper::getPasteId(), $response['id'], 'outputs data correctly'); $this->assertStringEndsWith('?' . $response['id'], $response['url'], 'returned URL points to new paste'); - $this->assertEquals($paste['data'], $response['data'], 'outputs data correctly'); - $this->assertEquals($paste['meta']['formatter'], $response['meta']['formatter'], 'outputs format correctly'); - $this->assertEquals($paste['meta']['postdate'], $response['meta']['postdate'], 'outputs postdate correctly'); - $this->assertEquals($paste['meta']['opendiscussion'], $response['meta']['opendiscussion'], 'outputs opendiscussion correctly'); - $this->assertEquals(1, $response['meta']['burnafterreading'], 'outputs burnafterreading correctly'); + $this->assertEquals($paste['ct'], $response['ct'], 'outputs ct correctly'); + $this->assertEquals($paste['adata'][1], $response['adata'][1], 'outputs formatter correctly'); + $this->assertEquals($paste['adata'][2], $response['adata'][2], 'outputs opendiscussion correctly'); + $this->assertEquals($paste['adata'][3], $response['adata'][3], 'outputs burnafterreading correctly'); + $this->assertEquals($paste['meta']['created'], $response['meta']['created'], 'outputs created correctly'); $this->assertEquals(0, $response['comment_count'], 'outputs comment_count correctly'); $this->assertEquals(0, $response['comment_offset'], 'outputs comment_offset correctly'); // by default it will be deleted instantly after it is read @@ -774,10 +681,11 @@ class ControllerTest extends PHPUnit_Framework_TestCase $this->assertEquals(0, $response['status'], 'outputs success status'); $this->assertEquals(Helper::getPasteId(), $response['id'], 'outputs data correctly'); $this->assertStringEndsWith('?' . $response['id'], $response['url'], 'returned URL points to new paste'); - $this->assertEquals($paste['data'], $response['data'], 'outputs data correctly'); - $this->assertEquals($paste['meta']['formatter'], $response['meta']['formatter'], 'outputs format correctly'); - $this->assertEquals($paste['meta']['postdate'], $response['meta']['postdate'], 'outputs postdate correctly'); - $this->assertEquals($paste['meta']['opendiscussion'], $response['meta']['opendiscussion'], 'outputs opendiscussion correctly'); + $this->assertEquals($paste['ct'], $response['ct'], 'outputs ct correctly'); + $this->assertEquals($paste['adata'][1], $response['adata'][1], 'outputs formatter correctly'); + $this->assertEquals($paste['adata'][2], $response['adata'][2], 'outputs opendiscussion correctly'); + $this->assertEquals($paste['adata'][3], $response['adata'][3], 'outputs burnafterreading correctly'); + $this->assertEquals($paste['meta']['created'], $response['meta']['created'], 'outputs created correctly'); $this->assertEquals(0, $response['comment_count'], 'outputs comment_count correctly'); $this->assertEquals(0, $response['comment_offset'], 'outputs comment_offset correctly'); } @@ -787,7 +695,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase */ public function testReadOldSyntax() { - $paste = Helper::getPaste(); + $paste = Helper::getPaste(1); $paste['meta'] = array( 'syntaxcoloring' => true, 'postdate' => $paste['meta']['postdate'], @@ -813,6 +721,27 @@ class ControllerTest extends PHPUnit_Framework_TestCase $this->assertEquals(0, $response['comment_offset'], 'outputs comment_offset correctly'); } + /** + * @runInSeparateProcess + */ + public function testReadBurnAfterReading() + { + $burnPaste = Helper::getPaste(); + $burnPaste['adata'][3] = 1; + $this->_model->create(Helper::getPasteId(), $burnPaste); + $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); + $_SERVER['QUERY_STRING'] = Helper::getPasteId(); + $_GET[Helper::getPasteId()] = ''; + $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; + ob_start(); + new Controller; + $content = ob_get_contents(); + ob_end_clean(); + $response = json_decode($content, true); + $this->assertEquals(0, $response['status'], 'outputs status'); + $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted'); + } + /** * @runInSeparateProcess */ @@ -822,7 +751,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); $paste = $this->_model->read(Helper::getPasteId()); $_GET['pasteid'] = Helper::getPasteId(); - $_GET['deletetoken'] = hash_hmac('sha256', Helper::getPasteId(), $paste->meta->salt); + $_GET['deletetoken'] = hash_hmac('sha256', Helper::getPasteId(), $paste['meta']['salt']); ob_start(); new Controller; $content = ob_get_contents(); @@ -893,28 +822,6 @@ class ControllerTest extends PHPUnit_Framework_TestCase $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists after failing to delete data'); } - /** - * @runInSeparateProcess - */ - public function testDeleteBurnAfterReading() - { - $burnPaste = Helper::getPaste(array('burnafterreading' => true)); - $this->_model->create(Helper::getPasteId(), $burnPaste); - $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); - $_POST['deletetoken'] = 'burnafterreading'; - $_SERVER['QUERY_STRING'] = Helper::getPasteId(); - $_GET[Helper::getPasteId()] = ''; - $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; - $_SERVER['REQUEST_METHOD'] = 'POST'; - ob_start(); - new Controller; - $content = ob_get_contents(); - ob_end_clean(); - $response = json_decode($content, true); - $this->assertEquals(0, $response['status'], 'outputs status'); - $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted'); - } - /** * @runInSeparateProcess */ @@ -941,7 +848,7 @@ class ControllerTest extends PHPUnit_Framework_TestCase */ public function testDeleteExpired() { - $expiredPaste = Helper::getPaste(array('expire_date' => 1000)); + $expiredPaste = Helper::getPaste(2, array('expire_date' => 1000)); $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not exist before being created'); $this->_model->create(Helper::getPasteId(), $expiredPaste); $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); diff --git a/tst/Data/FilesystemTest.php b/tst/Data/FilesystemTest.php index 5e56b5f0..d4d6ec06 100644 --- a/tst/Data/FilesystemTest.php +++ b/tst/Data/FilesystemTest.php @@ -36,23 +36,23 @@ class FilesystemTest extends PHPUnit_Framework_TestCase $this->_model->delete(Helper::getPasteId()); // storing pastes - $paste = Helper::getPaste(array('expire_date' => 1344803344)); + $paste = Helper::getPaste(2, array('expire_date' => 1344803344)); $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not yet exist'); $this->assertTrue($this->_model->create(Helper::getPasteId(), $paste), 'store new paste'); $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists after storing it'); $this->assertFalse($this->_model->create(Helper::getPasteId(), $paste), 'unable to store the same paste twice'); - $this->assertEquals(json_decode(json_encode($paste)), $this->_model->read(Helper::getPasteId())); + $this->assertEquals($paste, $this->_model->read(Helper::getPasteId())); // storing comments $this->assertFalse($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'comment does not yet exist'); $this->assertTrue($this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId(), Helper::getComment()), 'store comment'); $this->assertTrue($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'comment exists after storing it'); $this->assertFalse($this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId(), Helper::getComment()), 'unable to store the same comment twice'); - $comment = json_decode(json_encode(Helper::getComment())); - $comment->id = Helper::getCommentId(); - $comment->parentid = Helper::getPasteId(); + $comment = Helper::getComment(); + $comment['id'] = Helper::getCommentId(); + $comment['parentid'] = Helper::getPasteId(); $this->assertEquals( - array($comment->meta->postdate => $comment), + array($comment['meta']['created'] => $comment), $this->_model->readComments(Helper::getPasteId()) ); @@ -66,7 +66,7 @@ class FilesystemTest extends PHPUnit_Framework_TestCase public function testFileBasedAttachmentStoreWorks() { $this->_model->delete(Helper::getPasteId()); - $original = $paste = Helper::getPasteWithAttachment(array('expire_date' => 1344803344)); + $original = $paste = Helper::getPasteWithAttachment(1, array('expire_date' => 1344803344)); $paste['meta']['attachment'] = $paste['attachment']; $paste['meta']['attachmentname'] = $paste['attachmentname']; unset($paste['attachment'], $paste['attachmentname']); @@ -74,7 +74,7 @@ class FilesystemTest extends PHPUnit_Framework_TestCase $this->assertTrue($this->_model->create(Helper::getPasteId(), $paste), 'store new paste'); $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists after storing it'); $this->assertFalse($this->_model->create(Helper::getPasteId(), $paste), 'unable to store the same paste twice'); - $this->assertEquals(json_decode(json_encode($original)), $this->_model->read(Helper::getPasteId())); + $this->assertEquals($original, $this->_model->read(Helper::getPasteId())); } /** @@ -83,8 +83,8 @@ class FilesystemTest extends PHPUnit_Framework_TestCase public function testPurge() { mkdir($this->_path . DIRECTORY_SEPARATOR . '00', 0777, true); - $expired = Helper::getPaste(array('expire_date' => 1344803344)); - $paste = Helper::getPaste(array('expire_date' => time() + 3600)); + $expired = Helper::getPaste(2, array('expire_date' => 1344803344)); + $paste = Helper::getPaste(2, array('expire_date' => time() + 3600)); $keys = array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'x', 'y', 'z'); $ids = array(); foreach ($keys as $key) { @@ -113,7 +113,7 @@ class FilesystemTest extends PHPUnit_Framework_TestCase public function testErrorDetection() { $this->_model->delete(Helper::getPasteId()); - $paste = Helper::getPaste(array('formatter' => "Invalid UTF-8 sequence: \xB1\x31")); + $paste = Helper::getPaste(2, array('expire' => "Invalid UTF-8 sequence: \xB1\x31")); $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not yet exist'); $this->assertFalse($this->_model->create(Helper::getPasteId(), $paste), 'unable to store broken paste'); $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does still not exist'); @@ -122,7 +122,7 @@ class FilesystemTest extends PHPUnit_Framework_TestCase public function testCommentErrorDetection() { $this->_model->delete(Helper::getPasteId()); - $comment = Helper::getComment(array('formatter' => "Invalid UTF-8 sequence: \xB1\x31")); + $comment = Helper::getComment(1, array('nickname' => "Invalid UTF-8 sequence: \xB1\x31")); $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not yet exist'); $this->assertTrue($this->_model->create(Helper::getPasteId(), Helper::getPaste()), 'store new paste'); $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists after storing it'); @@ -163,16 +163,16 @@ class FilesystemTest extends PHPUnit_Framework_TestCase $this->assertFileExists($storagedir . $dataid . '.php', "paste $dataid exists in new format"); $this->assertFileNotExists($storagedir . $dataid, "old format paste $dataid got removed"); $this->assertTrue($this->_model->exists($dataid), "paste $dataid exists"); - $this->assertEquals($this->_model->read($dataid), json_decode(json_encode($paste)), "paste $dataid wasn't modified in the conversion"); + $this->assertEquals($this->_model->read($dataid), $paste, "paste $dataid wasn't modified in the conversion"); $storagedir .= $dataid . '.discussion' . DIRECTORY_SEPARATOR; $this->assertFileExists($storagedir . $dataid . '.' . $commentid . '.' . $dataid . '.php', "comment of $dataid exists in new format"); $this->assertFileNotExists($storagedir . $dataid . '.' . $commentid . '.' . $dataid, "old format comment of $dataid got removed"); $this->assertTrue($this->_model->existsComment($dataid, $dataid, $commentid), "comment in paste $dataid exists"); - $comment = json_decode(json_encode($comment)); - $comment->id = $commentid; - $comment->parentid = $dataid; - $this->assertEquals($this->_model->readComments($dataid), array($comment->meta->postdate => $comment), "comment of $dataid wasn't modified in the conversion"); + $comment = $comment; + $comment['id'] = $commentid; + $comment['parentid'] = $dataid; + $this->assertEquals($this->_model->readComments($dataid), array($comment['meta']['created'] => $comment), "comment of $dataid wasn't modified in the conversion"); } } } diff --git a/tst/FormatV2Test.php b/tst/FormatV2Test.php index 020b1ce0..2718f969 100644 --- a/tst/FormatV2Test.php +++ b/tst/FormatV2Test.php @@ -6,69 +6,67 @@ class FormatV2Test extends PHPUnit_Framework_TestCase { public function testFormatV2ValidatorValidatesCorrectly() { - $paste = Helper::getPaste(); - $paste['meta'] = array('expire' => $paste['meta']['expire']); - $this->assertTrue(FormatV2::isValid($paste), 'valid format'); - $comment = Helper::getComment(); - unset($comment['meta']); - $this->assertTrue(FormatV2::isValid($comment, true), 'valid format'); + $this->assertTrue(FormatV2::isValid(Helper::getPastePost()), 'valid format'); + $this->assertTrue(FormatV2::isValid(Helper::getCommentPost(), true), 'valid format'); + $paste = Helper::getPastePost(); $paste['adata'][0][0] = '$'; $this->assertFalse(FormatV2::isValid($paste), 'invalid base64 encoding of iv'); - $paste = Helper::getPaste(); + $paste = Helper::getPastePost(); $paste['adata'][0][1] = '$'; $this->assertFalse(FormatV2::isValid($paste), 'invalid base64 encoding of salt'); - $paste = Helper::getPaste(); + $paste = Helper::getPastePost(); $paste['ct'] = '$'; $this->assertFalse(FormatV2::isValid($paste), 'invalid base64 encoding of ct'); - $paste = Helper::getPaste(); + $paste = Helper::getPastePost(); $paste['ct'] = 'bm9kYXRhbm9kYXRhbm9kYXRhbm9kYXRhbm9kYXRhCg=='; $this->assertFalse(FormatV2::isValid($paste), 'low ct entropy'); - $paste = Helper::getPaste(); + $paste = Helper::getPastePost(); $paste['adata'][0][0] = 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA='; $this->assertFalse(FormatV2::isValid($paste), 'iv too long'); - $paste = Helper::getPaste(); + $paste = Helper::getPastePost(); $paste['adata'][0][1] = 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA='; $this->assertFalse(FormatV2::isValid($paste), 'salt too long'); - $paste = Helper::getPaste(); + $paste = Helper::getPastePost(); $paste['foo'] = 'bar'; $this->assertFalse(FormatV2::isValid($paste), 'invalid additional key'); unset($paste['meta']); $this->assertFalse(FormatV2::isValid($paste), 'invalid missing key'); - $paste = Helper::getPaste(); + $paste = Helper::getPastePost(); $paste['v'] = 0.9; $this->assertFalse(FormatV2::isValid($paste), 'unsupported version'); - $paste = Helper::getPaste(); + $paste = Helper::getPastePost(); $paste['adata'][0][2] = 1000; $this->assertFalse(FormatV2::isValid($paste), 'not enough iterations'); - $paste = Helper::getPaste(); + $paste = Helper::getPastePost(); $paste['adata'][0][3] = 127; $this->assertFalse(FormatV2::isValid($paste), 'invalid key size'); - $paste = Helper::getPaste(); + $paste = Helper::getPastePost(); $paste['adata'][0][4] = 63; $this->assertFalse(FormatV2::isValid($paste), 'invalid tag length'); - $paste = Helper::getPaste(); + $paste = Helper::getPastePost(); $paste['adata'][0][5] = '!#@'; $this->assertFalse(FormatV2::isValid($paste), 'invalid algorithm'); - $paste = Helper::getPaste(); + $paste = Helper::getPastePost(); $paste['adata'][0][6] = '!#@'; $this->assertFalse(FormatV2::isValid($paste), 'invalid mode'); - $paste = Helper::getPaste(); + $paste = Helper::getPastePost(); $paste['adata'][0][7] = '!#@'; $this->assertFalse(FormatV2::isValid($paste), 'invalid compression'); + $this->assertFalse(FormatV2::isValid(Helper::getPaste()), 'invalid meta key'); } } diff --git a/tst/JsonApiTest.php b/tst/JsonApiTest.php index dc8988d8..cdba2322 100644 --- a/tst/JsonApiTest.php +++ b/tst/JsonApiTest.php @@ -48,7 +48,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $_POST = Helper::getPastePost(); + $_POST = Helper::getPastePostJson(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; @@ -76,7 +76,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; Helper::createIniFile(CONF, $options); - $paste = Helper::getPastePost(); + $paste = Helper::getPastePostJson(); $file = tempnam(sys_get_temp_dir(), 'FOO'); file_put_contents($file, http_build_query($paste)); Request::setInputStream($file); diff --git a/tst/ModelTest.php b/tst/ModelTest.php index 4f02bb4f..9673155e 100644 --- a/tst/ModelTest.php +++ b/tst/ModelTest.php @@ -191,16 +191,6 @@ class ModelTest extends PHPUnit_Framework_TestCase $this->_model->getPaste(''); } - /** - * @expectedException Exception - * @expectedExceptionCode 61 - */ - public function testInvalidData() - { - $paste = $this->_model->getPaste(); - $paste->setData(array()); - } - /** * @expectedException Exception * @expectedExceptionCode 62 diff --git a/tst/RequestTest.php b/tst/RequestTest.php index e5567d6f..d6bb7956 100644 --- a/tst/RequestTest.php +++ b/tst/RequestTest.php @@ -93,13 +93,13 @@ class RequestTest extends PHPUnit_Framework_TestCase $_SERVER['REQUEST_METHOD'] = 'PUT'; $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $file = tempnam(sys_get_temp_dir(), 'FOO'); - file_put_contents($file, 'data=foo'); + file_put_contents($file, 'ct=foo'); Request::setInputStream($file); $request = new Request; unlink($file); $this->assertTrue($request->isJsonApiCall(), 'is JSON Api call'); $this->assertEquals('create', $request->getOperation()); - $this->assertEquals('foo', $request->getParam('data')); + $this->assertEquals('foo', $request->getParam('ct')); } public function testApiCreateAlternative() @@ -107,11 +107,11 @@ class RequestTest extends PHPUnit_Framework_TestCase $this->reset(); $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['HTTP_ACCEPT'] = 'application/json, text/javascript, */*; q=0.01'; - $_POST['attachment'] = 'foo'; + $_POST['ct'] = 'foo'; $request = new Request; $this->assertTrue($request->isJsonApiCall(), 'is JSON Api call'); $this->assertEquals('create', $request->getOperation()); - $this->assertEquals('foo', $request->getParam('attachment')); + $this->assertEquals('foo', $request->getParam('ct')); } public function testApiRead()