def view_paste(unlisted, attr, raw=None):
if unlisted:
paste = Paste.by_hash(attr)
else:
paste = Paste.by_id(attr)
if paste is None or paste['unlisted']:
abort(404)
if paste is None:
abort(404)
# Check if paste is password protected, and if so,
# whether the client is allowed to access it or not
authorised = session.get('authorised_pastes', [])
if (paste['password'] is not None and paste['hash'] not in authorised):
return render_template('enter_password.html',
paste=paste,
form=PastePassword()), 401
if raw is not None:
r = make_response(paste['text'])
r.mimetype = 'text/plain'
return r
return render_template(
'view_paste.html',
title=paste['title'],
paste=paste,
)
def get():
p_id = request.args.get('id', None, type=int)
p_hash = request.args.get('hash', None)
password = request.args.get('password')
if p_hash:
paste = Paste.by_hash(p_hash)
elif p_id:
paste = Paste.by_id(p_id)
else:
return jsonify(error='no id or hash supplied'), 400
if paste is None:
return jsonify(error='paste not found'), 404
elif not p_hash and paste['unlisted']:
return jsonify(error='paste is unlisted'), 400
if paste['password']:
if not password:
return jsonify(error='paste is password protected'), 401
elif not Paste.password_match(paste['hash'], password):
return jsonify(error='incorrect password'), 401
return jsonify(create_paste_dict(paste),
shorturl=paste['shortlink'],
url=create_paste_url(paste))
def test_paste_deletion(self):
self.add_account()
p = Paste.new(text='test')
self.client.post('/a/in',
data=dict(username='******', password='******'))
self.client.post('/a/del/' + p['hash'],
data=dict(paste_hash=p['hash']))
paste = Paste.by_hash(p['hash'])
assert paste is None
def test_paste_deletion(self):
self.add_account()
p = Paste.new(text='test')
self.client.post('/a/in', data=dict(
username='******',
password='******'
))
self.client.post('/a/del/' + p['hash'], data=dict(
paste_hash=p['hash']
))
paste = Paste.by_hash(p['hash'])
assert paste is None
def view_paste(unlisted, attr, raw=None):
if unlisted:
paste = Paste.by_hash(attr)
else:
paste = Paste.by_id(attr)
if paste is None or paste["unlisted"]:
abort(404)
if paste is None:
abort(404)
# Check if paste is password protected, and if so,
# whether the client is allowed to access it or not
authorised = session.get("authorised_pastes", [])
if paste["password"] is not None and paste["hash"] not in authorised:
return render_template("enter_password.html", paste=paste, form=PastePassword()), 401
if raw is not None:
r = make_response(paste["text"])
r.mimetype = "text/plain"
return r
return render_template("view_paste.html", title=paste["title"], paste=paste)
def get():
p_id = request.args.get("id", None, type=int)
p_hash = request.args.get("hash", None)
password = request.args.get("password")
if p_hash:
paste = Paste.by_hash(p_hash)
elif p_id:
paste = Paste.by_id(p_id)
else:
return jsonify(error="no id or hash supplied"), 400
if paste is None:
return jsonify(error="paste not found"), 404
elif not p_hash and paste["unlisted"]:
return jsonify(error="paste is unlisted"), 400
if paste["password"]:
if not password:
return jsonify(error="paste is password protected"), 401
elif not Paste.password_match(paste["hash"], password):
return jsonify(error="incorrect password"), 401
return jsonify(create_paste_dict(paste), shorturl=paste["shortlink"], url=create_paste_url(paste))
