def test_paste_creation(self): p = Paste.new("Look, we're testing!", password='******') # Pasting succeeded assert p is not None assert p['id'] == 1 # Check passwords are being hashed # bcrypt outputs 60 bytes assert p['password'] != 'hunter2' assert len(p['password']) == 60 # Now check paste creation using the web r = self.client.post('/', data=dict(paste='test', title='', password='', language='text', unlisted=None)) # Grab the newly made paste p = Paste.by_id(2) assert p['text'] == 'test' assert p['password'] is None assert r.status_code == 302
def test_paste_creation(self): p = Paste.new("Look, we're testing!", password='******') # Pasting succeeded assert p is not None assert p['id'] == 1 # Check passwords are being hashed # bcrypt outputs 60 bytes assert p['password'] != 'hunter2' assert len(p['password']) == 60 # Now check paste creation using the web r = self.client.post('/', data=dict( paste='test', title='', password='', language='text', unlisted=None )) # Grab the newly made paste p = Paste.by_id(2) assert p['text'] == 'test' assert p['password'] is None assert r.status_code == 302
def view_paste(unlisted, attr, raw=None): if unlisted: paste = Paste.by_hash(attr) else: paste = Paste.by_id(attr) if paste is None or paste['unlisted']: abort(404) if paste is None: abort(404) # Check if paste is password protected, and if so, # whether the client is allowed to access it or not authorised = session.get('authorised_pastes', []) if (paste['password'] is not None and paste['hash'] not in authorised): return render_template('enter_password.html', paste=paste, form=PastePassword()), 401 if raw is not None: r = make_response(paste['text']) r.mimetype = 'text/plain' return r return render_template( 'view_paste.html', title=paste['title'], paste=paste, )
def get(): p_id = request.args.get('id', None, type=int) p_hash = request.args.get('hash', None) password = request.args.get('password') if p_hash: paste = Paste.by_hash(p_hash) elif p_id: paste = Paste.by_id(p_id) else: return jsonify(error='no id or hash supplied'), 400 if paste is None: return jsonify(error='paste not found'), 404 elif not p_hash and paste['unlisted']: return jsonify(error='paste is unlisted'), 400 if paste['password']: if not password: return jsonify(error='paste is password protected'), 401 elif not Paste.password_match(paste['hash'], password): return jsonify(error='incorrect password'), 401 return jsonify(create_paste_dict(paste), shorturl=paste['shortlink'], url=create_paste_url(paste))
def test_honeypot(self): self.client.post('/', data=dict(text='test', title='', password='', language='text', unlisted=None, uid='invalid')) assert Paste.by_id(1) is None
def test_honeypot(self): self.client.post('/', data=dict( text='test', title='', password='', language='text', unlisted=None, uid='invalid' )) assert Paste.by_id(1) is None
def view_paste(unlisted, attr, raw=None): if unlisted: paste = Paste.by_hash(attr) else: paste = Paste.by_id(attr) if paste is None or paste["unlisted"]: abort(404) if paste is None: abort(404) # Check if paste is password protected, and if so, # whether the client is allowed to access it or not authorised = session.get("authorised_pastes", []) if paste["password"] is not None and paste["hash"] not in authorised: return render_template("enter_password.html", paste=paste, form=PastePassword()), 401 if raw is not None: r = make_response(paste["text"]) r.mimetype = "text/plain" return r return render_template("view_paste.html", title=paste["title"], paste=paste)
def get(): p_id = request.args.get("id", None, type=int) p_hash = request.args.get("hash", None) password = request.args.get("password") if p_hash: paste = Paste.by_hash(p_hash) elif p_id: paste = Paste.by_id(p_id) else: return jsonify(error="no id or hash supplied"), 400 if paste is None: return jsonify(error="paste not found"), 404 elif not p_hash and paste["unlisted"]: return jsonify(error="paste is unlisted"), 400 if paste["password"]: if not password: return jsonify(error="paste is password protected"), 401 elif not Paste.password_match(paste["hash"], password): return jsonify(error="incorrect password"), 401 return jsonify(create_paste_dict(paste), shorturl=paste["shortlink"], url=create_paste_url(paste))