Ejemplo n.º 1
0
def view_retr(request):
    if request.method == 'POST':
        return Response('Method not allowed', content_type='text/plain', status_int=405)

    if len(request.matchdict['uniqid']) != 32:
        return Response('Bad request', content_type='text/plain', status_int=400)
    
    session = DBSession()
    uniqid = request.matchdict['uniqid']

    hasher = SHA256.new()
    hasher.update('{}{}'.format(uniqid, uniqid))
    uniqhash = hasher.hexdigest()

    try:
        result = session.query(Secret).\
            filter(Secret.UniqHash == uniqhash,\
                   Secret.ExpiryTime >= datetime.datetime.now(),\
                   Secret.LifetimeReads > 0).one()
    except NoResultFound as e:
        return HTTPFound(location=request.route_url('expired'))

    sd = SecretDecrypter()
    data = sd.decrypt_model(result, uniqid )
    try:
        session.query(Secret).\
            filter(Secret.UniqHash == uniqhash).\
            update({"LifetimeReads":result.LifetimeReads - 1})
    except Exception, e:
        logger.error("Error updating LifetimeReads value for this snippet: %s" % e)
        pass
Ejemplo n.º 2
0
def CleanupDatabase(request):
    if request.matched_route is None:
        return
    routename = request.matched_route.name
    if (routename == "save") or (routename == "retr"):
        logger.debug("Route matched for cleanup: %s" % routename)
        try:
            session = DBSession()
            result = session.query(Secret).\
                filter((Secret.ExpiryTime < datetime.datetime.now()) | (Secret.LifetimeReads == 0)).\
                delete()
            session.flush()
            session.close()
        except (OperationalError, DBAPIError), exc:
            logger.error("CleanupDatabase(): DBAPIError %s" % exc)
            pass
Ejemplo n.º 3
0
def view_save(request):
    if not request.method == 'POST':
        return Response('Method not allowed', content_type='text/plain', status_int=405)

    se = SecretEncrypter()
    logger.debug(request.POST['data'])
    uid = se.encrypt(request.POST['data'])
    model = se.ret_secret_model()

    choices = ('', 'as3','shell','cf','csharp','cpp','css','delphi','diff','erl',
        'groovy','js','java','jfx','pl','php','plain','ps','py','ruby',
        'scala','sql','vb','xml'
        )

    hours_to_expire = is_intinrangeor(request.POST['hours_until_expiration'], 1, 168, 4)
    model.ExpiryTime = datetime.datetime.now() + timedelta(hours=hours_to_expire)

    model.LifetimeReads = is_intinrangeor(request.POST['maximum_views'], 1, 5, 2)
    model.Snippet = is_valisinchoices(request.POST['snippet_type'], choices, 'plain')

    if len(request.POST['data']) < 1:
        #invalid form (no data to save was given)
        return HTTPFound(location=request.route_url('home'))

    friendly_time = '{}d {}h'.format(hours_to_expire // 24, hours_to_expire % 24) 

    session = DBSession()

    try:
        logger.debug("Attempting to save snippet")
        session.add(model)

        logger.debug("Attempting to flush to database")
        session.flush()

    except DBAPIError, exc:
        logger.error("DBAPIError: %s" % exc)
        return HTTPFound(location=request.route_url('sorry'))