/**
* Tests the postRevision method of the controller
*/
public function testPostRevision()
{
$this->initTestStep();
$paste = Paste::createNew('web', array('title' => 'UnitTest::Title', 'data' => 'UnitTest::Data', 'language' => 'text'));
$this->session(array('paste.revision' => $paste->id));
$response = $this->call('POST', 'revise', array('id' => $paste->id, 'title' => 'UnitTest::Title', 'data' => 'UnitTest::Revision', 'language' => 'text'));
$this->assertRedirectedTo($response->getTargetUrl());
$this->assertEquals(Revision::where('urlkey', $paste->urlkey)->count(), 1);
}
/**
* Displays the default view page
*
* @access public
* @param string $urlkey
* @param string $hash
* @param string $action
* @param string $extra
* @return \Illuminate\Support\Facades\View|\Illuminate\Support\Facades\Redirect|null
*/
public function getPaste($urlkey, $hash = '', $action = '', $extra = '')
{
$site = Site::config('general');
$paste = Paste::where('urlkey', $urlkey)->first();
// Paste was not found
if (is_null($paste)) {
App::abort(404);
// Not found
}
// Check if the logged in user is the owner of the paste
$owner = Auth::access($paste->author_id);
// We do not make password prompt mandatory for owners
if (!$owner) {
// Require hash to be passed for private pastes
if ($paste->private and $paste->hash != $hash) {
App::abort(401);
// Unauthorized
}
// Check if paste is password protected and user hasn't entered
// the password yet
if ($paste->password and !Session::has('paste.password' . $paste->id)) {
return View::make('site/password', array());
}
}
// Increment the hit counter
if (!Session::has('paste.viewed' . $paste->id)) {
$paste->hits++;
$paste->save();
Session::put('paste.viewed' . $paste->id, TRUE);
}
// Let's do some action!
switch ($action) {
case 'delete':
if (empty($extra)) {
// Delete the paste if the user has access
if ($site->allowPasteDel and $owner) {
Revision::where('urlkey', $paste->urlkey)->delete();
$paste->comments()->delete();
$attachment = storage_path() . "/uploads/{$paste->urlkey}";
if ($paste->attachment and File::exists($attachment)) {
File::delete($attachment);
}
$paste->delete();
Session::flash('messages.success', Lang::get('global.paste_deleted'));
return Redirect::to('/');
} else {
App::abort(401);
// Unauthorized
}
} else {
if (is_numeric($extra)) {
$comment = Comment::findOrFail($extra);
// Delete the comment if the user has access
if ($owner or Auth::user()->username == $comment->author) {
$comment->delete();
} else {
App::abort(401);
// Unauthorized
}
}
}
return Redirect::to(URL::previous());
case 'raw':
$response = Response::make($paste->data);
$response->header('Content-Type', 'text/plain');
return $response;
case 'toggle':
if ($owner) {
Revision::where('urlkey', $paste->urlkey)->delete();
$paste->private = $paste->private ? 0 : 1;
$paste->password = '';
$paste->save();
}
return Redirect::to(URL::previous());
case 'flag':
if ($site->flagPaste == 'all' or $site->flagPaste == 'user' and Auth::roles()->user) {
$paste->flagged = 1;
$paste->save();
Cache::forget('global.flags');
Session::flash('messages.success', Lang::get('global.paste_flagged'));
} else {
App::abort(401);
// Unauthorized
}
return Redirect::to(URL::previous());
case 'unflag':
if (Auth::roles()->admin) {
$paste->flagged = 0;
$paste->save();
Cache::forget('global.flags');
Session::flash('messages.success', Lang::get('global.paste_unflagged'));
} else {
App::abort(401);
// Unauthorized
}
return Redirect::to(URL::previous());
}
// Build the sharing subject for the paste
$subject = sprintf(Lang::get('mail.share_subject'), $site->title, URL::current());
// Build data for show paste page
$data = array('paste' => $paste, 'revisions' => $paste->revisions, 'comments' => $paste->comments()->paginate($site->perPage), 'share' => 'mailto:?subject=' . urlencode($subject), 'attachment' => sprintf(Lang::get('show.download_attachment'), Lang::get('show.unknown')));
// If paste has an attachment, get the file type
if ($paste->attachment) {
$pathToFile = storage_path() . "/uploads/{$paste->urlkey}";
if (File::exists($pathToFile)) {
$file = new Symfony\Component\HttpFoundation\File\File($pathToFile);
$data['attachment'] = sprintf(Lang::get('show.download_attachment'), $file->getMimeType());
}
}
// Display the show paste view
return View::make('site/show', $data);
}
/**
* Tests the postRevision method of the controller without
* guest posts enabled
*/
public function testPostRevisionNoGuest()
{
$this->initTestStep(FALSE);
$paste = Paste::createNew('web', array('title' => 'UnitTest::Title', 'data' => 'UnitTest::Data', 'language' => 'text'));
$this->session(array('paste.revision' => $paste->id));
$response = $this->call('POST', 'revise', array('id' => $paste->id, 'title' => 'UnitTest::Title', 'data' => 'UnitTest::Revision', 'language' => 'text'));
$this->assertSessionHas('messages.error');
$this->assertEquals(Revision::where('urlkey', $paste->urlkey)->count(), 0);
}
/**
* Generates a list of the last $limit revisions made to any objects of the class it is being called from.
*
* @param int $limit
* @param string $order
* @return mixed
*/
public static function classRevisionHistory($limit = 100, $order = 'desc')
{
return Revision::where('revisionable_type', get_called_class())->orderBy('created_at', $order)->limit($limit)->get();
}
/**
* Handles POST actions for the user module
*
* @return \Illuminate\Support\Facades\Redirect
*/
public function postUser()
{
if (Input::has('_save')) {
$id = Input::get('id');
// Define validation rules
$validator = Validator::make(Input::all(), array('username' => 'required|max:50|alpha_dash|unique:users,username,' . $id . ',id,type,db', 'email' => 'required|max:100|email|unique:users,email,' . $id . ',id,type,db', 'dispname' => 'max:100', 'password' => empty($id) ? 'required|min:5' : 'min:5'));
// Run the validator
if ($validator->passes()) {
// If ID is there, it is an update operation
if (!empty($id)) {
$user = User::findOrFail($id);
$origUsername = $user->username;
} else {
$user = new User();
$origUsername = NULL;
}
$user->username = Input::get('username');
$user->email = Input::get('email');
$user->dispname = Input::get('dispname');
$user->salt = $user->salt ?: str_random(5);
// The first user is always immutable
$isFounder = $user->id == User::min('id');
$user->admin = $isFounder ?: Input::has('admin');
$user->active = $isFounder ?: Input::has('active');
if (Input::has('password')) {
$user->password = PHPass::make()->create(Input::get('password'), $user->salt);
}
$user->save();
// Username is cached in the main, comment and revision tables, update them too
if (!empty($id)) {
Paste::where('author_id', $id)->update(array('author' => $user->username));
Revision::where('author', $origUsername)->update(array('author' => $user->username));
Comment::where('author', $origUsername)->update(array('author' => $user->username));
}
Cache::flush();
Session::flash('messages.success', Lang::get('admin.user_saved'));
return Redirect::to('admin/user');
} else {
Session::flash('messages.error', $validator->messages()->all('<p>:message</p>'));
return Redirect::to(URL::previous())->withInput();
}
} else {
if (Input::has('search')) {
$username = Input::get('search');
return Redirect::to('admin/user/edit/' . urlencode($username));
} else {
return Redirect::to('admin/user');
}
}
}
/**
* Handles POST requests on the user profile
*
* @access public
* @return \Illuminate\Support\Facades\Redirect
*/
public function postProfile()
{
$user = Auth::user();
// Define validation rules
$rules = array('username' => 'max:50|alpha_dash|unique:users,username,' . $user->id . ',id,type,db', 'email' => 'required|max:100|email|unique:users,email,' . $user->id . ',id,type,db', 'dispname' => 'max:100', 'password' => 'min:5');
$validator = Validator::make(Input::all(), $rules);
// Run the validator
if ($validator->passes()) {
$origUsername = $user->username;
$user->username = $user->admin ? Input::get('username') : $user->username;
$user->email = Input::get('email');
$user->dispname = Input::get('dispname');
if (Input::has('password')) {
$user->password = PHPass::make()->create(Input::get('password'), $user->salt);
}
$user->save();
// Update cached username in the main table
Paste::where('author_id', $user->id)->update(array('author' => $user->username));
// Update cached username in the revisions table
Revision::where('author', $origUsername)->update(array('author' => $user->username));
// Update cached username in the comments table
Comment::where('author', $origUsername)->update(array('author' => $user->username));
Session::flash('messages.success', Lang::get('user.profile_saved'));
return Redirect::to('user/profile');
} else {
Session::flash('messages.error', $validator->messages()->all('<p>:message</p>'));
return Redirect::to('user/profile')->withInput();
}
}
