annotate app/models/paste.rb @ 325:45bf99bfd48b

Remove authenticity token from form.
author edogawaconan <me@myconan.net>
date Sun, 06 Apr 2014 18:25:59 +0900
parents 61f7f258a6fb
children 96631607785f
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2
42de15334db1 Added the pastes.
Edho Arief <edho@myconan.net>
parents:
diff changeset
1 class Paste < ActiveRecord::Base
210
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
2 attr_accessor :is_private
70
8f0fb869e770 Limit pastes to 100/hour per IP address.
Edho Arief <edho@myconan.net>
parents: 51
diff changeset
3 before_validation :paste_limit
22
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
4 before_validation :convert_newlines
2
42de15334db1 Added the pastes.
Edho Arief <edho@myconan.net>
parents:
diff changeset
5 before_validation :set_paste_hash
176
a9dba6a3008b Initial work to add paste deletion.
Edho Arief <edho@myconan.net>
parents: 71
diff changeset
6 before_validation :set_paste_key
210
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
7 before_validation :set_paste_secret
176
a9dba6a3008b Initial work to add paste deletion.
Edho Arief <edho@myconan.net>
parents: 71
diff changeset
8 validates :paste, :paste_hash, :key, :ip, :presence => true
267
0bf1d6f75baa Accidentally limited pastes to 0 characters.
edogawaconan <me@myconan.net>
parents: 265
diff changeset
9 validates :paste, :length => { :maximum => 1_000_000 }
2
42de15334db1 Added the pastes.
Edho Arief <edho@myconan.net>
parents:
diff changeset
10
210
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
11 def to_param
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
12 path
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
13 end
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
14
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
15 def self.safe_find(raw_id)
247
9aa67da381b0 Make sure to split a string.
edogawaconan <me@myconan.net>
parents: 230
diff changeset
16 id, secret = raw_id.to_s.split("-")
210
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
17 return unless id.to_i.to_s == id
229
388504e43bcf Properly return 404 when requesting invalid paste.
Edho Arief <edho@myconan.net>
parents: 210
diff changeset
18 begin
290
d68cb68da802 Use hash rocket.
edogawaconan <me@myconan.net>
parents: 267
diff changeset
19 self.where(:secret => secret).find(id)
229
388504e43bcf Properly return 404 when requesting invalid paste.
Edho Arief <edho@myconan.net>
parents: 210
diff changeset
20 rescue ActiveRecord::RecordNotFound
388504e43bcf Properly return 404 when requesting invalid paste.
Edho Arief <edho@myconan.net>
parents: 210
diff changeset
21 nil
388504e43bcf Properly return 404 when requesting invalid paste.
Edho Arief <edho@myconan.net>
parents: 210
diff changeset
22 end
210
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
23 end
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
24
316
61f7f258a6fb Move from-gzip paste parsing to model.
edogawaconan <me@myconan.net>
parents: 290
diff changeset
25 def paste_gzip=(paste)
61f7f258a6fb Move from-gzip paste parsing to model.
edogawaconan <me@myconan.net>
parents: 290
diff changeset
26 self.paste = ActiveSupport::Gzip.decompress paste
61f7f258a6fb Move from-gzip paste parsing to model.
edogawaconan <me@myconan.net>
parents: 290
diff changeset
27 end
61f7f258a6fb Move from-gzip paste parsing to model.
edogawaconan <me@myconan.net>
parents: 290
diff changeset
28
61f7f258a6fb Move from-gzip paste parsing to model.
edogawaconan <me@myconan.net>
parents: 290
diff changeset
29 def paste_gzip_base64=(paste)
61f7f258a6fb Move from-gzip paste parsing to model.
edogawaconan <me@myconan.net>
parents: 290
diff changeset
30 self.paste_gzip = Base64.decode64(paste)
61f7f258a6fb Move from-gzip paste parsing to model.
edogawaconan <me@myconan.net>
parents: 290
diff changeset
31 end
61f7f258a6fb Move from-gzip paste parsing to model.
edogawaconan <me@myconan.net>
parents: 290
diff changeset
32
265
6cca1ab53337 Infinitely better error messages and notice.
edogawaconan <me@myconan.net>
parents: 255
diff changeset
33 def safe_destroy(param_key)
6cca1ab53337 Infinitely better error messages and notice.
edogawaconan <me@myconan.net>
parents: 255
diff changeset
34 if key == param_key
6cca1ab53337 Infinitely better error messages and notice.
edogawaconan <me@myconan.net>
parents: 255
diff changeset
35 destroy
6cca1ab53337 Infinitely better error messages and notice.
edogawaconan <me@myconan.net>
parents: 255
diff changeset
36 else
6cca1ab53337 Infinitely better error messages and notice.
edogawaconan <me@myconan.net>
parents: 255
diff changeset
37 errors.add(:key, "is invalid")
6cca1ab53337 Infinitely better error messages and notice.
edogawaconan <me@myconan.net>
parents: 255
diff changeset
38 false
6cca1ab53337 Infinitely better error messages and notice.
edogawaconan <me@myconan.net>
parents: 255
diff changeset
39 end
6cca1ab53337 Infinitely better error messages and notice.
edogawaconan <me@myconan.net>
parents: 255
diff changeset
40 end
6cca1ab53337 Infinitely better error messages and notice.
edogawaconan <me@myconan.net>
parents: 255
diff changeset
41
210
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
42 def path
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
43 [id, secret.presence].compact.join("-")
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
44 end
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
45
2
42de15334db1 Added the pastes.
Edho Arief <edho@myconan.net>
parents:
diff changeset
46 def set_paste_hash
51
36d07f047ec2 Or maybe not. Still too long with b62. Backed out changeset ba29d6394863
Edho Arief <edho@myconan.net>
parents: 46
diff changeset
47 self.paste_hash = Digest::SHA512.hexdigest("#{paste}\n")
2
42de15334db1 Added the pastes.
Edho Arief <edho@myconan.net>
parents:
diff changeset
48 end
22
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
49
176
a9dba6a3008b Initial work to add paste deletion.
Edho Arief <edho@myconan.net>
parents: 71
diff changeset
50 def set_paste_key
a9dba6a3008b Initial work to add paste deletion.
Edho Arief <edho@myconan.net>
parents: 71
diff changeset
51 self.key ||= SecureRandom.hex(4)
a9dba6a3008b Initial work to add paste deletion.
Edho Arief <edho@myconan.net>
parents: 71
diff changeset
52 end
a9dba6a3008b Initial work to add paste deletion.
Edho Arief <edho@myconan.net>
parents: 71
diff changeset
53
210
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
54 def set_paste_secret
230
1c750d3cde1b Correct way to test is_private flag.
Edho Arief <edho@myconan.net>
parents: 229
diff changeset
55 self.secret = SecureRandom.hex(4) if self.is_private?
1c750d3cde1b Correct way to test is_private flag.
Edho Arief <edho@myconan.net>
parents: 229
diff changeset
56 end
1c750d3cde1b Correct way to test is_private flag.
Edho Arief <edho@myconan.net>
parents: 229
diff changeset
57
1c750d3cde1b Correct way to test is_private flag.
Edho Arief <edho@myconan.net>
parents: 229
diff changeset
58 def is_private?
1c750d3cde1b Correct way to test is_private flag.
Edho Arief <edho@myconan.net>
parents: 229
diff changeset
59 self.is_private == "1"
210
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
60 end
d59731c3c7bf Add support for is_private flag
Edho Arief <edho@myconan.net>
parents: 197
diff changeset
61
22
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
62 def convert_newlines
71
7bb46d9febad Ensure we're gsubbing a string.
Edho Arief <edho@myconan.net>
parents: 70
diff changeset
63 self.paste = self.paste.to_s.gsub("\r\n", "\n").gsub("\r", "\n")
22
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
64 end
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
65
70
8f0fb869e770 Limit pastes to 100/hour per IP address.
Edho Arief <edho@myconan.net>
parents: 51
diff changeset
66 def paste_limit
8f0fb869e770 Limit pastes to 100/hour per IP address.
Edho Arief <edho@myconan.net>
parents: 51
diff changeset
67 ip_post_recent_count = self.class.where(:ip => self.ip).where('created_at > ?', Time.now - 1.hour).count
8f0fb869e770 Limit pastes to 100/hour per IP address.
Edho Arief <edho@myconan.net>
parents: 51
diff changeset
68 errors.add :base, :limit if ip_post_recent_count > 100
8f0fb869e770 Limit pastes to 100/hour per IP address.
Edho Arief <edho@myconan.net>
parents: 51
diff changeset
69 end
8f0fb869e770 Limit pastes to 100/hour per IP address.
Edho Arief <edho@myconan.net>
parents: 51
diff changeset
70
22
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
71 def self.fix_all
255
a894d7696b7e More useful return of Paste.fix_all.
edogawaconan <me@myconan.net>
parents: 247
diff changeset
72 stats = Hash.new(0)
22
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
73 self.all.each do |p|
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
74 p.save
255
a894d7696b7e More useful return of Paste.fix_all.
edogawaconan <me@myconan.net>
parents: 247
diff changeset
75 stats[:count] += 1
a894d7696b7e More useful return of Paste.fix_all.
edogawaconan <me@myconan.net>
parents: 247
diff changeset
76 stats[:private] += 1 if p.secret
22
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
77 end
255
a894d7696b7e More useful return of Paste.fix_all.
edogawaconan <me@myconan.net>
parents: 247
diff changeset
78 return stats
22
032686a0c995 Added newline converter, integrity fixups.
Edho Arief <edho@myconan.net>
parents: 2
diff changeset
79 end
2
42de15334db1 Added the pastes.
Edho Arief <edho@myconan.net>
parents:
diff changeset
80 end