Code Coverage
 
Classes and Traits
Functions and Methods
Lines
Total
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
10 / 10
CRAP
100.00% covered (success)
100.00%
75 / 75
Paste
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
10 / 10
43
100.00% covered (success)
100.00%
75 / 75
 get
100.00% covered (success)
100.00%
1 / 1
13
100.00% covered (success)
100.00%
24 / 24
 store
100.00% covered (success)
100.00%
1 / 1
3
100.00% covered (success)
100.00%
10 / 10
 delete
100.00% covered (success)
100.00%
1 / 1
1
100.00% covered (success)
100.00%
2 / 2
 exists
100.00% covered (success)
100.00%
1 / 1
1
100.00% covered (success)
100.00%
1 / 1
 getComment
100.00% covered (success)
100.00%
1 / 1
3
100.00% covered (success)
100.00%
8 / 8
 getComments
100.00% covered (success)
100.00%
1 / 1
1
100.00% covered (success)
100.00%
1 / 1
 getDeleteToken
100.00% covered (success)
100.00%
1 / 1
3
100.00% covered (success)
100.00%
6 / 6
 isOpendiscussion
100.00% covered (success)
100.00%
1 / 1
6
100.00% covered (success)
100.00%
4 / 4
 _sanitize
100.00% covered (success)
100.00%
1 / 1
3
100.00% covered (success)
100.00%
9 / 9
 _validate
100.00% covered (success)
100.00%
1 / 1
9
100.00% covered (success)
100.00%
10 / 10
<?php
/**
 * PrivateBin
 *
 * a zero-knowledge paste bin
 *
 * @link      https://github.com/PrivateBin/PrivateBin
 * @copyright 2012 S├ębastien SAUVAGE (sebsauvage.net)
 * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
 * @version   1.5.1
 */
namespace PrivateBin\Model;
use Exception;
use PrivateBin\Controller;
use PrivateBin\Persistence\ServerSalt;
/**
 * Paste
 *
 * Model of a PrivateBin paste.
 */
class Paste extends AbstractModel
{
    /**
     * Get paste data.
     *
     * @access public
     * @throws Exception
     * @return array
     */
    public function get()
    {
        $data = $this->_store->read($this->getId());
        if ($data === false) {
            throw new Exception(Controller::GENERIC_ERROR, 64);
        }
        // check if paste has expired and delete it if neccessary.
        if (array_key_exists('expire_date', $data['meta'])) {
            if ($data['meta']['expire_date'] < time()) {
                $this->delete();
                throw new Exception(Controller::GENERIC_ERROR, 63);
            }
            // We kindly provide the remaining time before expiration (in seconds)
            $data['meta']['time_to_live'] = $data['meta']['expire_date'] - time();
            unset($data['meta']['expire_date']);
        }
        // check if non-expired burn after reading paste needs to be deleted
        if (
            (array_key_exists('adata', $data) && $data['adata'][3] === 1) ||
            (array_key_exists('burnafterreading', $data['meta']) && $data['meta']['burnafterreading'])
        ) {
            $this->delete();
        }
        // set formatter for the view in version 1 pastes.
        if (array_key_exists('data', $data) && !array_key_exists('formatter', $data['meta'])) {
            // support < 0.21 syntax highlighting
            if (array_key_exists('syntaxcoloring', $data['meta']) && $data['meta']['syntaxcoloring'] === true) {
                $data['meta']['formatter'] = 'syntaxhighlighting';
            } else {
                $data['meta']['formatter'] = $this->_conf->getKey('defaultformatter');
            }
        }
        // support old paste format with server wide salt
        if (!array_key_exists('salt', $data['meta'])) {
            $data['meta']['salt'] = ServerSalt::get();
        }
        $data['comments']       = array_values($this->getComments());
        $data['comment_count']  = count($data['comments']);
        $data['comment_offset'] = 0;
        $data['@context']       = '?jsonld=paste';
        $this->_data            = $data;
        return $this->_data;
    }
    /**
     * Store the paste's data.
     *
     * @access public
     * @throws Exception
     */
    public function store()
    {
        // Check for improbable collision.
        if ($this->exists()) {
            throw new Exception('You are unlucky. Try again.', 75);
        }
        $this->_data['meta']['created'] = time();
        $this->_data['meta']['salt']    = ServerSalt::generate();
        // store paste
        if (
            $this->_store->create(
                $this->getId(),
                $this->_data
            ) === false
        ) {
            throw new Exception('Error saving paste. Sorry.', 76);
        }
    }
    /**
     * Delete the paste.
     *
     * @access public
     * @throws Exception
     */
    public function delete()
    {
        $this->_store->delete($this->getId());
    }
    /**
     * Test if paste exists in store.
     *
     * @access public
     * @return bool
     */
    public function exists()
    {
        return $this->_store->exists($this->getId());
    }
    /**
     * Get a comment, optionally a specific instance.
     *
     * @access public
     * @param string $parentId
     * @param string $commentId
     * @throws Exception
     * @return Comment
     */
    public function getComment($parentId, $commentId = '')
    {
        if (!$this->exists()) {
            throw new Exception('Invalid data.', 62);
        }
        $comment = new Comment($this->_conf, $this->_store);
        $comment->setPaste($this);
        $comment->setParentId($parentId);
        if ($commentId !== '') {
            $comment->setId($commentId);
        }
        return $comment;
    }
    /**
     * Get all comments, if any.
     *
     * @access public
     * @return array
     */
    public function getComments()
    {
        return $this->_store->readComments($this->getId());
    }
    /**
     * Generate the "delete" token.
     *
     * The token is the hmac of the pastes ID signed with the server salt.
     * The paste can be deleted by calling:
     * https://example.com/privatebin/?pasteid=<pasteid>&deletetoken=<deletetoken>
     *
     * @access public
     * @return string
     */
    public function getDeleteToken()
    {
        if (!array_key_exists('salt', $this->_data['meta'])) {
            $this->get();
        }
        return hash_hmac(
            $this->_conf->getKey('zerobincompatibility') ? 'sha1' : 'sha256',
            $this->getId(),
            $this->_data['meta']['salt']
        );
    }
    /**
     * Check if paste has discussions enabled.
     *
     * @access public
     * @throws Exception
     * @return bool
     */
    public function isOpendiscussion()
    {
        if (!array_key_exists('adata', $this->_data) && !array_key_exists('data', $this->_data)) {
            $this->get();
        }
        return
            (array_key_exists('adata', $this->_data) && $this->_data['adata'][2] === 1) ||
            (array_key_exists('opendiscussion', $this->_data['meta']) && $this->_data['meta']['opendiscussion']);
    }
    /**
     * Sanitizes data to conform with current configuration.
     *
     * @access protected
     * @param  array $data
     * @return array
     */
    protected function _sanitize(array $data)
    {
        $expiration = $data['meta']['expire'];
        unset($data['meta']['expire']);
        $expire_options = $this->_conf->getSection('expire_options');
        if (array_key_exists($expiration, $expire_options)) {
            $expire = $expire_options[$expiration];
        } else {
            // using getKey() to ensure a default value is present
            $expire = $this->_conf->getKey($this->_conf->getKey('default', 'expire'), 'expire_options');
        }
        if ($expire > 0) {
            $data['meta']['expire_date'] = time() + $expire;
        }
        return $data;
    }
    /**
     * Validate data.
     *
     * @access protected
     * @param  array $data
     * @throws Exception
     */
    protected function _validate(array $data)
    {
        // reject invalid or disabled formatters
        if (!array_key_exists($data['adata'][1], $this->_conf->getSection('formatter_options'))) {
            throw new Exception('Invalid data.', 75);
        }
        // discussion requested, but disabled in config or burn after reading requested as well, or invalid integer
        if (
            ($data['adata'][2] === 1 && ( // open discussion flag
                !$this->_conf->getKey('discussion') ||
                $data['adata'][3] === 1  // burn after reading flag
            )) ||
            ($data['adata'][2] !== 0 && $data['adata'][2] !== 1)
        ) {
            throw new Exception('Invalid data.', 74);
        }
        // reject invalid burn after reading
        if ($data['adata'][3] !== 0 && $data['adata'][3] !== 1) {
            throw new Exception('Invalid data.', 73);
        }
    }
}