/** * Tests the postRevision method of the controller */ public function testPostRevision() { $this->initTestStep(); $paste = Paste::createNew('web', array('title' => 'UnitTest::Title', 'data' => 'UnitTest::Data', 'language' => 'text')); $this->session(array('paste.revision' => $paste->id)); $response = $this->call('POST', 'revise', array('id' => $paste->id, 'title' => 'UnitTest::Title', 'data' => 'UnitTest::Revision', 'language' => 'text')); $this->assertRedirectedTo($response->getTargetUrl()); $this->assertEquals(Revision::where('urlkey', $paste->urlkey)->count(), 1); }
/** * Displays the default view page * * @access public * @param string $urlkey * @param string $hash * @param string $action * @param string $extra * @return \Illuminate\Support\Facades\View|\Illuminate\Support\Facades\Redirect|null */ public function getPaste($urlkey, $hash = '', $action = '', $extra = '') { $site = Site::config('general'); $paste = Paste::where('urlkey', $urlkey)->first(); // Paste was not found if (is_null($paste)) { App::abort(404); // Not found } // Check if the logged in user is the owner of the paste $owner = Auth::access($paste->author_id); // We do not make password prompt mandatory for owners if (!$owner) { // Require hash to be passed for private pastes if ($paste->private and $paste->hash != $hash) { App::abort(401); // Unauthorized } // Check if paste is password protected and user hasn't entered // the password yet if ($paste->password and !Session::has('paste.password' . $paste->id)) { return View::make('site/password', array()); } } // Increment the hit counter if (!Session::has('paste.viewed' . $paste->id)) { $paste->hits++; $paste->save(); Session::put('paste.viewed' . $paste->id, TRUE); } // Let's do some action! switch ($action) { case 'delete': if (empty($extra)) { // Delete the paste if the user has access if ($site->allowPasteDel and $owner) { Revision::where('urlkey', $paste->urlkey)->delete(); $paste->comments()->delete(); $attachment = storage_path() . "/uploads/{$paste->urlkey}"; if ($paste->attachment and File::exists($attachment)) { File::delete($attachment); } $paste->delete(); Session::flash('messages.success', Lang::get('global.paste_deleted')); return Redirect::to('/'); } else { App::abort(401); // Unauthorized } } else { if (is_numeric($extra)) { $comment = Comment::findOrFail($extra); // Delete the comment if the user has access if ($owner or Auth::user()->username == $comment->author) { $comment->delete(); } else { App::abort(401); // Unauthorized } } } return Redirect::to(URL::previous()); case 'raw': $response = Response::make($paste->data); $response->header('Content-Type', 'text/plain'); return $response; case 'toggle': if ($owner) { Revision::where('urlkey', $paste->urlkey)->delete(); $paste->private = $paste->private ? 0 : 1; $paste->password = ''; $paste->save(); } return Redirect::to(URL::previous()); case 'flag': if ($site->flagPaste == 'all' or $site->flagPaste == 'user' and Auth::roles()->user) { $paste->flagged = 1; $paste->save(); Cache::forget('global.flags'); Session::flash('messages.success', Lang::get('global.paste_flagged')); } else { App::abort(401); // Unauthorized } return Redirect::to(URL::previous()); case 'unflag': if (Auth::roles()->admin) { $paste->flagged = 0; $paste->save(); Cache::forget('global.flags'); Session::flash('messages.success', Lang::get('global.paste_unflagged')); } else { App::abort(401); // Unauthorized } return Redirect::to(URL::previous()); } // Build the sharing subject for the paste $subject = sprintf(Lang::get('mail.share_subject'), $site->title, URL::current()); // Build data for show paste page $data = array('paste' => $paste, 'revisions' => $paste->revisions, 'comments' => $paste->comments()->paginate($site->perPage), 'share' => 'mailto:?subject=' . urlencode($subject), 'attachment' => sprintf(Lang::get('show.download_attachment'), Lang::get('show.unknown'))); // If paste has an attachment, get the file type if ($paste->attachment) { $pathToFile = storage_path() . "/uploads/{$paste->urlkey}"; if (File::exists($pathToFile)) { $file = new Symfony\Component\HttpFoundation\File\File($pathToFile); $data['attachment'] = sprintf(Lang::get('show.download_attachment'), $file->getMimeType()); } } // Display the show paste view return View::make('site/show', $data); }
/** * Tests the postRevision method of the controller without * guest posts enabled */ public function testPostRevisionNoGuest() { $this->initTestStep(FALSE); $paste = Paste::createNew('web', array('title' => 'UnitTest::Title', 'data' => 'UnitTest::Data', 'language' => 'text')); $this->session(array('paste.revision' => $paste->id)); $response = $this->call('POST', 'revise', array('id' => $paste->id, 'title' => 'UnitTest::Title', 'data' => 'UnitTest::Revision', 'language' => 'text')); $this->assertSessionHas('messages.error'); $this->assertEquals(Revision::where('urlkey', $paste->urlkey)->count(), 0); }
/** * Generates a list of the last $limit revisions made to any objects of the class it is being called from. * * @param int $limit * @param string $order * @return mixed */ public static function classRevisionHistory($limit = 100, $order = 'desc') { return Revision::where('revisionable_type', get_called_class())->orderBy('created_at', $order)->limit($limit)->get(); }
/** * Handles POST actions for the user module * * @return \Illuminate\Support\Facades\Redirect */ public function postUser() { if (Input::has('_save')) { $id = Input::get('id'); // Define validation rules $validator = Validator::make(Input::all(), array('username' => 'required|max:50|alpha_dash|unique:users,username,' . $id . ',id,type,db', 'email' => 'required|max:100|email|unique:users,email,' . $id . ',id,type,db', 'dispname' => 'max:100', 'password' => empty($id) ? 'required|min:5' : 'min:5')); // Run the validator if ($validator->passes()) { // If ID is there, it is an update operation if (!empty($id)) { $user = User::findOrFail($id); $origUsername = $user->username; } else { $user = new User(); $origUsername = NULL; } $user->username = Input::get('username'); $user->email = Input::get('email'); $user->dispname = Input::get('dispname'); $user->salt = $user->salt ?: str_random(5); // The first user is always immutable $isFounder = $user->id == User::min('id'); $user->admin = $isFounder ?: Input::has('admin'); $user->active = $isFounder ?: Input::has('active'); if (Input::has('password')) { $user->password = PHPass::make()->create(Input::get('password'), $user->salt); } $user->save(); // Username is cached in the main, comment and revision tables, update them too if (!empty($id)) { Paste::where('author_id', $id)->update(array('author' => $user->username)); Revision::where('author', $origUsername)->update(array('author' => $user->username)); Comment::where('author', $origUsername)->update(array('author' => $user->username)); } Cache::flush(); Session::flash('messages.success', Lang::get('admin.user_saved')); return Redirect::to('admin/user'); } else { Session::flash('messages.error', $validator->messages()->all('<p>:message</p>')); return Redirect::to(URL::previous())->withInput(); } } else { if (Input::has('search')) { $username = Input::get('search'); return Redirect::to('admin/user/edit/' . urlencode($username)); } else { return Redirect::to('admin/user'); } } }
/** * Handles POST requests on the user profile * * @access public * @return \Illuminate\Support\Facades\Redirect */ public function postProfile() { $user = Auth::user(); // Define validation rules $rules = array('username' => 'max:50|alpha_dash|unique:users,username,' . $user->id . ',id,type,db', 'email' => 'required|max:100|email|unique:users,email,' . $user->id . ',id,type,db', 'dispname' => 'max:100', 'password' => 'min:5'); $validator = Validator::make(Input::all(), $rules); // Run the validator if ($validator->passes()) { $origUsername = $user->username; $user->username = $user->admin ? Input::get('username') : $user->username; $user->email = Input::get('email'); $user->dispname = Input::get('dispname'); if (Input::has('password')) { $user->password = PHPass::make()->create(Input::get('password'), $user->salt); } $user->save(); // Update cached username in the main table Paste::where('author_id', $user->id)->update(array('author' => $user->username)); // Update cached username in the revisions table Revision::where('author', $origUsername)->update(array('author' => $user->username)); // Update cached username in the comments table Comment::where('author', $origUsername)->update(array('author' => $user->username)); Session::flash('messages.success', Lang::get('user.profile_saved')); return Redirect::to('user/profile'); } else { Session::flash('messages.error', $validator->messages()->all('<p>:message</p>')); return Redirect::to('user/profile')->withInput(); } }