Code Coverage for lib/Model/Paste.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	100.00% covered (success)	100.00%	74 / 74	100.00% covered (success)	100.00%	10 / 10	CRAP	100.00% covered (success)	100.00%	1 / 1
Paste	100.00% covered (success)	100.00%	74 / 74	100.00% covered (success)	100.00%	10 / 10	43	100.00% covered (success)	100.00%	1 / 1
get	100.00% covered (success)	100.00%	24 / 24	100.00% covered (success)	100.00%	1 / 1	13
store	100.00% covered (success)	100.00%	9 / 9	100.00% covered (success)	100.00%	1 / 1	3
delete	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
exists	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
getComment	100.00% covered (success)	100.00%	8 / 8	100.00% covered (success)	100.00%	1 / 1	3
getComments	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
getDeleteToken	100.00% covered (success)	100.00%	7 / 7	100.00% covered (success)	100.00%	1 / 1	3
isOpendiscussion	100.00% covered (success)	100.00%	5 / 5	100.00% covered (success)	100.00%	1 / 1	6
_sanitize	100.00% covered (success)	100.00%	9 / 9	100.00% covered (success)	100.00%	1 / 1	3
_validate	100.00% covered (success)	100.00%	9 / 9	100.00% covered (success)	100.00%	1 / 1	9

1	<?php
2	/**
3	* PrivateBin
4	*
5	* a zero-knowledge paste bin
6	*
7	* @link https://github.com/PrivateBin/PrivateBin
8	* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
9	* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
10	* @version 1.7.0
11	*/
12
13	namespace PrivateBin\Model;
14
15	use Exception;
16	use PrivateBin\Controller;
17	use PrivateBin\Persistence\ServerSalt;
18
19	/**
20	* Paste
21	*
22	* Model of a PrivateBin paste.
23	*/
24	class Paste extends AbstractModel
25	{
26	/**
27	* Get paste data.
28	*
29	* @access public
30	* @throws Exception
31	* @return array
32	*/
33	public function get()
34	{
35	$data = $this->_store->read($this->getId());
36	if ($data === false) {
37	throw new Exception(Controller::GENERIC_ERROR, 64);
38	}
39
40	// check if paste has expired and delete it if neccessary.
41	if (array_key_exists('expire_date', $data['meta'])) {
42	if ($data['meta']['expire_date'] < time()) {
43	$this->delete();
44	throw new Exception(Controller::GENERIC_ERROR, 63);
45	}
46	// We kindly provide the remaining time before expiration (in seconds)
47	$data['meta']['time_to_live'] = $data['meta']['expire_date'] - time();
48	unset($data['meta']['expire_date']);
49	}
50
51	// check if non-expired burn after reading paste needs to be deleted
52	if (
53	(array_key_exists('adata', $data) && $data['adata'][3] === 1) \|\|
54	(array_key_exists('burnafterreading', $data['meta']) && $data['meta']['burnafterreading'])
55	) {
56	$this->delete();
57	}
58
59	// set formatter for the view in version 1 pastes.
60	if (array_key_exists('data', $data) && !array_key_exists('formatter', $data['meta'])) {
61	// support < 0.21 syntax highlighting
62	if (array_key_exists('syntaxcoloring', $data['meta']) && $data['meta']['syntaxcoloring'] === true) {
63	$data['meta']['formatter'] = 'syntaxhighlighting';
64	} else {
65	$data['meta']['formatter'] = $this->_conf->getKey('defaultformatter');
66	}
67	}
68
69	// support old paste format with server wide salt
70	if (!array_key_exists('salt', $data['meta'])) {
71	$data['meta']['salt'] = ServerSalt::get();
72	}
73	$data['comments'] = array_values($this->getComments());
74	$data['comment_count'] = count($data['comments']);
75	$data['comment_offset'] = 0;
76	$data['@context'] = '?jsonld=paste';
77	$this->_data = $data;
78
79	return $this->_data;
80	}
81
82	/**
83	* Store the paste's data.
84	*
85	* @access public
86	* @throws Exception
87	*/
88	public function store()
89	{
90	// Check for improbable collision.
91	if ($this->exists()) {
92	throw new Exception('You are unlucky. Try again.', 75);
93	}
94
95	$this->_data['meta']['created'] = time();
96	$this->_data['meta']['salt'] = ServerSalt::generate();
97
98	// store paste
99	if (
100	$this->_store->create(
101	$this->getId(),
102	$this->_data
103	) === false
104	) {
105	throw new Exception('Error saving paste. Sorry.', 76);
106	}
107	}
108
109	/**
110	* Delete the paste.
111	*
112	* @access public
113	* @throws Exception
114	*/
115	public function delete()
116	{
117	$this->_store->delete($this->getId());
118	}
119
120	/**
121	* Test if paste exists in store.
122	*
123	* @access public
124	* @return bool
125	*/
126	public function exists()
127	{
128	return $this->_store->exists($this->getId());
129	}
130
131	/**
132	* Get a comment, optionally a specific instance.
133	*
134	* @access public
135	* @param string $parentId
136	* @param string $commentId
137	* @throws Exception
138	* @return Comment
139	*/
140	public function getComment($parentId, $commentId = '')
141	{
142	if (!$this->exists()) {
143	throw new Exception('Invalid data.', 62);
144	}
145	$comment = new Comment($this->_conf, $this->_store);
146	$comment->setPaste($this);
147	$comment->setParentId($parentId);
148	if ($commentId !== '') {
149	$comment->setId($commentId);
150	}
151	return $comment;
152	}
153
154	/**
155	* Get all comments, if any.
156	*
157	* @access public
158	* @return array
159	*/
160	public function getComments()
161	{
162	return $this->_store->readComments($this->getId());
163	}
164
165	/**
166	* Generate the "delete" token.
167	*
168	* The token is the hmac of the pastes ID signed with the server salt.
169	* The paste can be deleted by calling:
170	* https://example.com/privatebin/?pasteid=<pasteid>&deletetoken=<deletetoken>
171	*
172	* @access public
173	* @return string
174	*/
175	public function getDeleteToken()
176	{
177	if (!array_key_exists('salt', $this->_data['meta'])) {
178	$this->get();
179	}
180	return hash_hmac(
181	$this->_conf->getKey('zerobincompatibility') ? 'sha1' : 'sha256',
182	$this->getId(),
183	$this->_data['meta']['salt']
184	);
185	}
186
187	/**
188	* Check if paste has discussions enabled.
189	*
190	* @access public
191	* @throws Exception
192	* @return bool
193	*/
194	public function isOpendiscussion()
195	{
196	if (!array_key_exists('adata', $this->_data) && !array_key_exists('data', $this->_data)) {
197	$this->get();
198	}
199	return
200	(array_key_exists('adata', $this->_data) && $this->_data['adata'][2] === 1) \|\|
201	(array_key_exists('opendiscussion', $this->_data['meta']) && $this->_data['meta']['opendiscussion']);
202	}
203
204	/**
205	* Sanitizes data to conform with current configuration.
206	*
207	* @access protected
208	* @param array $data
209	* @return array
210	*/
211	protected function _sanitize(array $data)
212	{
213	$expiration = $data['meta']['expire'];
214	unset($data['meta']['expire']);
215	$expire_options = $this->_conf->getSection('expire_options');
216	if (array_key_exists($expiration, $expire_options)) {
217	$expire = $expire_options[$expiration];
218	} else {
219	// using getKey() to ensure a default value is present
220	$expire = $this->_conf->getKey($this->_conf->getKey('default', 'expire'), 'expire_options');
221	}
222	if ($expire > 0) {
223	$data['meta']['expire_date'] = time() + $expire;
224	}
225	return $data;
226	}
227
228	/**
229	* Validate data.
230	*
231	* @access protected
232	* @param array $data
233	* @throws Exception
234	*/
235	protected function _validate(array $data)
236	{
237	// reject invalid or disabled formatters
238	if (!array_key_exists($data['adata'][1], $this->_conf->getSection('formatter_options'))) {
239	throw new Exception('Invalid data.', 75);
240	}
241
242	// discussion requested, but disabled in config or burn after reading requested as well, or invalid integer
243	if (
244	($data['adata'][2] === 1 && ( // open discussion flag
245	!$this->_conf->getKey('discussion') \|\|
246	$data['adata'][3] === 1 // burn after reading flag
247	)) \|\|
248	($data['adata'][2] !== 0 && $data['adata'][2] !== 1)
249	) {
250	throw new Exception('Invalid data.', 74);
251	}
252
253	// reject invalid burn after reading
254	if ($data['adata'][3] !== 0 && $data['adata'][3] !== 1) {
255	throw new Exception('Invalid data.', 73);
256	}
257	}
258	}