Compare commits

...

2 commits

Author SHA1 Message Date
Ada
fc8527d69f add(backend): possibility to delete paste
All checks were successful
ci/woodpecker/push/lint Pipeline was successful
2023-09-26 14:53:08 +02:00
Ada
df2837d3ff changes(backend): return 404 if paste not exist 2023-09-26 13:46:04 +02:00
4 changed files with 62 additions and 15 deletions

View file

@ -26,9 +26,10 @@ def check_content_exist(key: str) -> bool:
return db.exists(key)
def insert_content_db(url_id: str, expiration: int, content: str) -> None:
def insert_content_db(url_id: str, expiration: int, content: str, secret: str) -> None:
"""
:param secret: Secret key for delete url
:param url_id: key for access to content.
:param expiration: Content expiration in second.
:param content: Paste content
@ -36,7 +37,9 @@ def insert_content_db(url_id: str, expiration: int, content: str) -> None:
"""
if not check_content_exist(url_id):
db = connect_redis()
db.set(url_id, content)
data = {"content": content, "secret": secret}
for key, key_content in data.items():
db.hset(url_id, key, key_content)
db.expire(url_id, expiration)
else:
logging.error(f"Key : {url_id} already exist") # noqa: G004

View file

@ -1,6 +1,8 @@
"""Manage view and create paste."""
from flask import (
Blueprint,
abort,
flash,
redirect,
render_template,
@ -10,22 +12,24 @@ from flask import (
from werkzeug import Response
from paste.db import check_content_exist, connect_redis, insert_content_db
from paste.utils import generate_id
from paste.utils import generate_id, generate_secret
home = Blueprint("home", __name__, url_prefix="/")
def create_paste(content: str, time:int) -> str:
def create_paste(content: str, time: int) -> dict[str, str]:
"""
Create paste in DB.
:param time: Expiration time in second
:param content: Content to add in redis.
:return: None.
:return: A dict with url_id and delete secret.
"""
secret = generate_secret()
url_id = generate_id()
while check_content_exist(url_id):
url_id = generate_id()
insert_content_db(url_id, time, content)
return url_id
insert_content_db(url_id, time, content, secret)
return {"url_id": url_id, "secret": secret}
@home.route("/")
@ -47,11 +51,28 @@ def create() -> Response:
time = request.form.get("time")
time = 86400 if time == "" else int(time)
url_id = create_paste(content, time)
flash(f"{request.host_url}{url_id}")
flash_data = create_paste(content, time)
flash(flash_data["url_id"], category="create")
flash(flash_data["secret"], category="create")
return redirect(url_for("home.homepage"))
@home.route("/delete/<path:path>")
def delete_paste(path: str) -> Response:
"""
Delete a paste
:param path: path fetched from url
:return: forbidden (403) or homepage.
"""
db = connect_redis()
secret = request.args.get("secret")
if db.hget(path, "secret") == secret:
db.delete(path)
flash(path, category="delete")
return redirect(url_for("home.homepage"))
return abort(403)
@home.route("/<path:path>")
def get_content(path: str) -> str:
"""
@ -60,5 +81,9 @@ def get_content(path: str) -> str:
:return: Paste content.
"""
db = connect_redis()
flash(db.get(path))
data = db.hgetall(path)
if check_content_exist(path):
flash(data["content"])
return render_template("content.html.j2")
return abort(404)

View file

@ -4,8 +4,18 @@
<input id="time" name="time">
<input type="submit">
</form>
{% with messages = get_flashed_messages() %}
{% if messages %}
<p>Paste available at : <a href="{{ messages[0] }}">{{ messages[0] }}</a></p>
{% with messages = get_flashed_messages(category_filter=["create"]) %}
{% if messages[0] %}
<p>Paste available at : <a href="{{ request.base_url }}{{ messages[0] }}">{{ messages[0] }}</a></p>
{% endif %}
{% if messages[1] %}
<p>You can delete paste with : <a href="{{ request.base_url }}delete/{{ messages[0] }}?secret={{ messages[1] }}">delete</a></p>
{% endif %}
{% endwith %}
{% with messages = get_flashed_messages(category_filter=["delete"]) %}
{% if messages[0] %}
<p>Paste {{ messages[0] }} deleted </p>
{% endif %}
{% endwith %}

View file

@ -1,6 +1,7 @@
# ruff: noqa: S311
"""Shared utils function."""
import random
import secrets
import string
from paste import config
@ -15,3 +16,11 @@ def generate_id() -> str:
random.choices(string.ascii_letters + string.digits,
k=config.URL_LENGTH)
)
def generate_secret() -> str:
"""
Generate hex secret for delete paste.
:return: The secret.
"""
return secrets.token_hex()