annotate app/models/paste.rb @ 229:388504e43bcf

Properly return 404 when requesting invalid paste.
author Edho Arief <edho@myconan.net>
date Wed, 15 May 2013 14:10:35 +0900
parents d59731c3c7bf
children 1c750d3cde1b
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2
42de15334db1 Added the pastes.
Edho Arief <edho@myconan.net>
parents:
diff changeset
1 class Paste < ActiveRecord::Base
210
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
2 attr_accessor :is_private
70
8f0fb869e770 Limit pastes to 100/hour per IP address.
Edho Arief <edho@myconan.net>
parents: 51
diff changeset
3 before_validation :paste_limit
22
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
4 before_validation :convert_newlines
2
42de15334db1 Added the pastes.
Edho Arief <edho@myconan.net>
parents:
diff changeset
5 before_validation :set_paste_hash
176
a9dba6a3008b Initial work to add paste deletion.
Edho Arief <edho@myconan.net>
parents: 71
diff changeset
6 before_validation :set_paste_key
210
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
7 before_validation :set_paste_secret
176
a9dba6a3008b Initial work to add paste deletion.
Edho Arief <edho@myconan.net>
parents: 71
diff changeset
8 validates :paste, :paste_hash, :key, :ip, :presence => true
2
42de15334db1 Added the pastes.
Edho Arief <edho@myconan.net>
parents:
diff changeset
9 validates :paste, :length => { :maximum => 1_000_000 }
42de15334db1 Added the pastes.
Edho Arief <edho@myconan.net>
parents:
diff changeset
10
210
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
11 def to_param
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
12 path
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
13 end
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
14
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
15 def self.safe_find(raw_id)
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
16 id, secret = raw_id.split("-")
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
17 return unless id.to_i.to_s == id
229
388504e43bcf Properly return 404 when requesting invalid paste.
Edho Arief <edho@myconan.net>
parents: 210
diff changeset
18 begin
388504e43bcf Properly return 404 when requesting invalid paste.
Edho Arief <edho@myconan.net>
parents: 210
diff changeset
19 self.where(secret: secret).find(id)
388504e43bcf Properly return 404 when requesting invalid paste.
Edho Arief <edho@myconan.net>
parents: 210
diff changeset
20 rescue ActiveRecord::RecordNotFound
388504e43bcf Properly return 404 when requesting invalid paste.
Edho Arief <edho@myconan.net>
parents: 210
diff changeset
21 nil
388504e43bcf Properly return 404 when requesting invalid paste.
Edho Arief <edho@myconan.net>
parents: 210
diff changeset
22 end
210
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
23 end
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
24
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
25 def path
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
26 [id, secret.presence].compact.join("-")
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
27 end
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
28
2
42de15334db1 Added the pastes.
Edho Arief <edho@myconan.net>
parents:
diff changeset
29 def set_paste_hash
51
36d07f047ec2 Or maybe not. Still too long with b62. Backed out changeset ba29d6394863
Edho Arief <edho@myconan.net>
parents: 46
diff changeset
30 self.paste_hash = Digest::SHA512.hexdigest("#{paste}\n")
2
42de15334db1 Added the pastes.
Edho Arief <edho@myconan.net>
parents:
diff changeset
31 end
22
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
32
176
a9dba6a3008b Initial work to add paste deletion.
Edho Arief <edho@myconan.net>
parents: 71
diff changeset
33 def set_paste_key
a9dba6a3008b Initial work to add paste deletion.
Edho Arief <edho@myconan.net>
parents: 71
diff changeset
34 self.key ||= SecureRandom.hex(4)
a9dba6a3008b Initial work to add paste deletion.
Edho Arief <edho@myconan.net>
parents: 71
diff changeset
35 end
a9dba6a3008b Initial work to add paste deletion.
Edho Arief <edho@myconan.net>
parents: 71
diff changeset
36
210
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
37 def set_paste_secret
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
38 self.secret = SecureRandom.hex(4) if self.is_private
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
39 end
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
40
22
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
41 def convert_newlines
71
7bb46d9febad Ensure we're gsubbing a string.
Edho Arief <edho@myconan.net>
parents: 70
diff changeset
42 self.paste = self.paste.to_s.gsub("\r\n", "\n").gsub("\r", "\n")
22
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
43 end
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
44
70
8f0fb869e770 Limit pastes to 100/hour per IP address.
Edho Arief <edho@myconan.net>
parents: 51
diff changeset
45 def paste_limit
8f0fb869e770 Limit pastes to 100/hour per IP address.
Edho Arief <edho@myconan.net>
parents: 51
diff changeset
46 ip_post_recent_count = self.class.where(:ip => self.ip).where('created_at > ?', Time.now - 1.hour).count
8f0fb869e770 Limit pastes to 100/hour per IP address.
Edho Arief <edho@myconan.net>
parents: 51
diff changeset
47 errors.add :base, :limit if ip_post_recent_count > 100
8f0fb869e770 Limit pastes to 100/hour per IP address.
Edho Arief <edho@myconan.net>
parents: 51
diff changeset
48 end
8f0fb869e770 Limit pastes to 100/hour per IP address.
Edho Arief <edho@myconan.net>
parents: 51
diff changeset
49
22
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
50 def self.fix_all
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
51 self.all.each do |p|
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
52 p.save
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
53 end
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
54 end
2
42de15334db1 Added the pastes.
Edho Arief <edho@myconan.net>
parents:
diff changeset
55 end