Update metadata info view

This commit is contained in:
Daan Sprenkels 2019-12-16 10:19:17 +05:30
parent 824c6f41e2
commit d34ac11d5e
3 changed files with 57 additions and 14 deletions

View File

@ -1,3 +1,36 @@
{{define "title"}} {{define "title"}}
'{{.Paste.Key}}' meta info - rushlink '{{.Paste.Key}}{{.FileExt}}' metadata - rushlink
{{end}}
{{define "body"}}
<pre>
<a href="{{.Host}}/{{.Paste.Key}}{{.FileExt}}">{{.Host}}/{{.Paste.Key}}{{.FileExt}}</a>
---
{{if and (ne .Paste.State.String "deleted") .CanDelete.Bool}}
with delete token: <a href="{{.Host}}/{{.Paste.Key}}{{.FileExt}}?deleteToken={{.Request.URL.Query.Get "deleteToken"}}">{{.Host}}/{{.Paste.Key}}{{.FileExt}}?deleteToken={{.Request.URL.Query.Get "deleteToken"}}</a>
{{else -}}
with delete token: &lt;unknown&gt;
{{end -}}
type: {{.Paste.Type}}
state: {{.Paste.State}}
{{if .Paste.TimeCreated.IsZero -}}
created: unknown
{{else -}}
created: {{.Paste.TimeCreated}}
{{end -}}
delete token: {{.CanDelete.String}}
{{if and (ne .Paste.State.String "deleted") .CanDelete.Bool}}
```
# To delete this {{.Paste.Type}}, execute:
{{- /*
We have the option here to take the deleteToken from the user request or
from .Paste. Both are equivalent as long as .CanDelete is correct. We
use the .Request value, because leaking the deleteToken would be a more
dramatic vulnerability.
*/}}
curl --request "DELETE" "<a href="{{.Host}}/{{.Paste.Key}}{{.FileExt}}?deleteToken={{.Request.URL.Query.Get "deleteToken"}}">{{.Host}}/{{.Paste.Key}}{{.FileExt}}?deleteToken={{.Request.URL.Query.Get "deleteToken"}}"</a>
```
</pre>
{{end}}
{{end}} {{end}}

View File

@ -1,17 +1,27 @@
METADATA on <{{.Host}}/{{.Paste.Key}}>: {{.Host}}/{{.Paste.Key}}{{.FileExt}}
---
TYPE: {{.Paste.Type}} {{if and (ne .Paste.State.String "deleted") .CanDelete.Bool}}
STATE: {{.Paste.State}} with delete token: {{.Host}}/{{.Paste.Key}}{{.FileExt}}?deleteToken={{.Request.URL.Query.Get "deleteToken"}}
{{if .Paste.TimeCreated.IsZero -}}
CREATED: undefined
{{else -}} {{else -}}
CREATED: {{.Paste.TimeCreated}} with delete token: <unknown>
{{end -}}type: {{.Paste.Type}}
state: {{.Paste.State}}
{{if .Paste.TimeCreated.IsZero -}}
created: unknown
{{else -}}
created: {{.Paste.TimeCreated}}
{{end -}} {{end -}}
DELETE TOKEN: {{.CanDelete.String}} delete token: {{.CanDelete.String}}
{{if and (ne .Paste.State.String "deleted") .CanDelete.Bool}} {{if and (ne .Paste.State.String "deleted") .CanDelete.Bool}}
``` ```
# To delete this {{.Paste.Type}}, execute: # To delete this {{.Paste.Type}}, execute:
curl --request "DELETE" "{{.Host}}/{{.Paste.Key}}?deleteToken={{.Request.URL.Query.Get "deleteToken"}}" {{- /*
We have the option here to take the deleteToken from the user request or
from .Paste. Both are equivalent as long as .CanDelete is correct. We
use the .Request value, because leaking the deleteToken would be a more
dramatic vulnerability.
*/ -}}
curl --request "DELETE" "{{.Host}}/{{.Paste.Key}}{{.FileExt}}?deleteToken={{.Request.URL.Query.Get "deleteToken"}}"
``` ```
{{end}} {{end}}

View File

@ -93,6 +93,7 @@ func (rl *rushlink) viewPasteHandlerInner(w http.ResponseWriter, r *http.Request
var p *db.Paste var p *db.Paste
var fuID *uuid.UUID var fuID *uuid.UUID
var fu *db.FileUpload var fu *db.FileUpload
var fileExt string
if err := rl.db.Bolt.View(func(tx *bolt.Tx) error { if err := rl.db.Bolt.View(func(tx *bolt.Tx) error {
var err error var err error
p, err = db.GetPaste(tx, key) p, err = db.GetPaste(tx, key)
@ -107,6 +108,7 @@ func (rl *rushlink) viewPasteHandlerInner(w http.ResponseWriter, r *http.Request
if err != nil { if err != nil {
return err return err
} }
fileExt = filepath.Ext(fu.FileName)
} }
return nil return nil
}); err != nil { }); err != nil {
@ -137,6 +139,7 @@ func (rl *rushlink) viewPasteHandlerInner(w http.ResponseWriter, r *http.Request
data := map[string]interface{}{ data := map[string]interface{}{
"Paste": p, "Paste": p,
"FileExt": fileExt,
"CanDelete": canDelete, "CanDelete": canDelete,
} }
rl.render(w, r, "pasteMeta", data) rl.render(w, r, "pasteMeta", data)
@ -210,10 +213,7 @@ func (rl *rushlink) newFileUploadPasteHandler(w http.ResponseWriter, r *http.Req
}); err != nil { }); err != nil {
panic(err) panic(err)
} }
data := map[string]interface{}{ data := map[string]interface{}{"Paste": paste, "FileUpload": fu}
"Paste": paste,
"FileUpload": fu,
"FileExt": filepath.Ext(fu.FileName)}
rl.render(w, r, "newFileUploadPasteSuccess", data) rl.render(w, r, "newFileUploadPasteSuccess", data)
} }