2019-12-03 23:08:58 +01:00
|
|
|
package db
|
2019-09-22 14:03:27 +02:00
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/rand"
|
2019-12-03 23:08:58 +01:00
|
|
|
"encoding/base64"
|
2019-09-22 14:03:27 +02:00
|
|
|
"encoding/hex"
|
2019-11-10 19:03:57 +01:00
|
|
|
"net/url"
|
2019-09-22 14:03:27 +02:00
|
|
|
"strings"
|
|
|
|
"time"
|
|
|
|
|
2019-12-03 23:08:58 +01:00
|
|
|
gobmarsh "gitea.hashru.nl/dsprenkels/rushlink/pkg/gobmarsh"
|
2019-11-22 18:41:54 +01:00
|
|
|
"github.com/google/uuid"
|
2019-09-22 14:03:27 +02:00
|
|
|
"github.com/pkg/errors"
|
|
|
|
bolt "go.etcd.io/bbolt"
|
|
|
|
)
|
|
|
|
|
2019-12-03 23:08:58 +01:00
|
|
|
type PasteType int
|
|
|
|
type PasteState int
|
2019-09-22 14:03:27 +02:00
|
|
|
|
2019-12-03 23:08:58 +01:00
|
|
|
type Paste struct {
|
|
|
|
Type PasteType
|
|
|
|
State PasteState
|
2019-09-22 14:03:27 +02:00
|
|
|
Content []byte
|
|
|
|
Key string
|
|
|
|
DeleteToken string
|
|
|
|
TimeCreated time.Time
|
|
|
|
}
|
|
|
|
|
2019-12-03 23:08:58 +01:00
|
|
|
// ReservedPasteKeys keys are designated reserved, and will not be randomly chosen
|
|
|
|
var ReservedPasteKeys = []string{"xd42", "example"}
|
|
|
|
|
|
|
|
// Note: we use iota here. That means removals of PasteType* are not allowed,
|
2019-11-29 18:36:27 +01:00
|
|
|
// because this changes the value of the constant. Please add the comment
|
|
|
|
// "// deprecated" if you want to remove the constant. Additions are only
|
|
|
|
// allowed at the bottom of this block, for the same reason.
|
2019-09-22 14:03:27 +02:00
|
|
|
const (
|
2019-12-03 23:08:58 +01:00
|
|
|
PasteTypeUndef PasteType = iota
|
|
|
|
PasteTypePaste
|
|
|
|
PasteTypeRedirect
|
|
|
|
PasteTypeFileUpload
|
2019-09-22 14:03:27 +02:00
|
|
|
)
|
|
|
|
|
2019-12-03 23:08:58 +01:00
|
|
|
// Note: we use iota here. See the comment above PasteType*
|
2019-09-22 14:03:27 +02:00
|
|
|
const (
|
2019-12-03 23:08:58 +01:00
|
|
|
PasteStateUndef PasteState = iota
|
|
|
|
PasteStatePresent
|
|
|
|
PasteStateDeleted
|
2019-09-22 14:03:27 +02:00
|
|
|
)
|
|
|
|
|
2019-12-03 23:08:58 +01:00
|
|
|
// Base64 encoding and decoding
|
|
|
|
var base64Alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"
|
|
|
|
var base64Encoder = base64.RawURLEncoding.WithPadding(base64.NoPadding)
|
|
|
|
|
|
|
|
func (t PasteType) String() string {
|
2019-11-10 19:03:57 +01:00
|
|
|
switch t {
|
2019-12-03 23:08:58 +01:00
|
|
|
case PasteTypeUndef:
|
2019-11-10 19:03:57 +01:00
|
|
|
return "unknown"
|
2019-12-03 23:08:58 +01:00
|
|
|
case PasteTypePaste:
|
2019-11-10 19:03:57 +01:00
|
|
|
return "paste"
|
2019-12-03 23:08:58 +01:00
|
|
|
case PasteTypeRedirect:
|
2019-11-10 19:03:57 +01:00
|
|
|
return "redirect"
|
2019-12-03 23:08:58 +01:00
|
|
|
case PasteTypeFileUpload:
|
2019-11-22 18:41:54 +01:00
|
|
|
return "file"
|
2019-11-10 19:03:57 +01:00
|
|
|
default:
|
|
|
|
return "invalid"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-12-03 23:08:58 +01:00
|
|
|
func (t PasteState) String() string {
|
2019-11-10 19:03:57 +01:00
|
|
|
switch t {
|
2019-12-03 23:08:58 +01:00
|
|
|
case PasteStateUndef:
|
2019-11-10 19:03:57 +01:00
|
|
|
return "unknown"
|
2019-12-03 23:08:58 +01:00
|
|
|
case PasteStatePresent:
|
2019-11-10 19:03:57 +01:00
|
|
|
return "present"
|
2019-12-03 23:08:58 +01:00
|
|
|
case PasteStateDeleted:
|
2019-11-10 19:03:57 +01:00
|
|
|
return "deleted"
|
|
|
|
default:
|
|
|
|
return "invalid"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-12-03 23:08:58 +01:00
|
|
|
// GetPaste retrieves a paste from the database.
|
|
|
|
func GetPaste(tx *bolt.Tx, key string) (*Paste, error) {
|
|
|
|
pastesBucket := tx.Bucket([]byte(BucketPastes))
|
2019-09-22 14:03:27 +02:00
|
|
|
if pastesBucket == nil {
|
2019-12-03 23:08:58 +01:00
|
|
|
return nil, errors.Errorf("bucket %v does not exist", BucketPastes)
|
2019-09-22 14:03:27 +02:00
|
|
|
}
|
|
|
|
storedBytes := pastesBucket.Get([]byte(key))
|
|
|
|
if storedBytes == nil {
|
|
|
|
return nil, nil
|
|
|
|
}
|
2019-12-03 23:08:58 +01:00
|
|
|
p := &Paste{}
|
|
|
|
err := gobmarsh.Unmarshal(storedBytes, p)
|
2019-09-22 14:03:27 +02:00
|
|
|
return p, err
|
|
|
|
}
|
|
|
|
|
2019-12-03 23:08:58 +01:00
|
|
|
func (p *Paste) Save(tx *bolt.Tx) error {
|
|
|
|
bucket := tx.Bucket([]byte(BucketPastes))
|
2019-09-22 14:03:27 +02:00
|
|
|
if bucket == nil {
|
2019-12-03 23:08:58 +01:00
|
|
|
return errors.Errorf("bucket %v does not exist", BucketPastes)
|
2019-09-22 14:03:27 +02:00
|
|
|
}
|
|
|
|
|
2019-12-03 23:08:58 +01:00
|
|
|
buf, err := gobmarsh.Marshal(p)
|
2019-09-22 14:03:27 +02:00
|
|
|
if err != nil {
|
|
|
|
return errors.Wrap(err, "encoding for database failed")
|
|
|
|
}
|
|
|
|
if err := bucket.Put([]byte(p.Key), buf); err != nil {
|
|
|
|
return errors.Wrap(err, "database transaction failed")
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2019-12-03 23:08:58 +01:00
|
|
|
func (p *Paste) Delete(tx *bolt.Tx, fs *FileStore) error {
|
2019-11-22 18:41:54 +01:00
|
|
|
// Remove the (maybe) attached file
|
2019-12-03 23:08:58 +01:00
|
|
|
if p.Type == PasteTypeFileUpload {
|
2019-11-22 18:41:54 +01:00
|
|
|
fuID, err := uuid.FromBytes(p.Content)
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrap(err, "failed to parse uuid")
|
|
|
|
}
|
2019-12-03 23:08:58 +01:00
|
|
|
fu, err := GetFileUpload(tx, fuID)
|
2019-11-22 18:41:54 +01:00
|
|
|
if err != nil {
|
|
|
|
return errors.Wrap(err, "failed to find file in database")
|
|
|
|
}
|
2019-12-03 23:08:58 +01:00
|
|
|
if err := fu.Delete(tx, fs); err != nil {
|
2019-11-22 18:41:54 +01:00
|
|
|
return errors.Wrap(err, "failed to remove file")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-09-22 14:03:27 +02:00
|
|
|
// Replace the old paste with a new empty paste
|
2019-12-03 23:08:58 +01:00
|
|
|
p.Type = PasteTypeUndef
|
|
|
|
p.State = PasteStateDeleted
|
2019-11-22 18:41:54 +01:00
|
|
|
p.Content = []byte{}
|
2019-12-03 23:08:58 +01:00
|
|
|
if err := p.Save(tx); err != nil {
|
2019-11-22 18:41:54 +01:00
|
|
|
return errors.Wrap(err, "failed to delete paste in database")
|
|
|
|
}
|
|
|
|
return nil
|
2019-09-22 14:03:27 +02:00
|
|
|
}
|
|
|
|
|
2019-12-03 23:08:58 +01:00
|
|
|
// RedirectURL returns the URL from this paste.
|
2019-11-10 19:03:57 +01:00
|
|
|
//
|
|
|
|
// This function assumes that the paste is valid. If the paste struct is
|
|
|
|
// corrupted in some way, this function will panic.
|
2019-12-03 23:08:58 +01:00
|
|
|
func (p *Paste) RedirectURL() *url.URL {
|
|
|
|
if p.Type != PasteTypeRedirect {
|
|
|
|
panic("expected p.Type to be PasteTypeRedirect")
|
2019-11-10 19:03:57 +01:00
|
|
|
}
|
|
|
|
rawurl := string(p.Content)
|
|
|
|
urlParse, err := url.Parse(rawurl)
|
|
|
|
if err != nil {
|
|
|
|
panic(errors.Wrapf(err, "invalid URL ('%v') in database for key '%v'", rawurl, p.Key))
|
|
|
|
}
|
|
|
|
return urlParse
|
|
|
|
}
|
|
|
|
|
2019-12-03 23:08:58 +01:00
|
|
|
// GeneratePasteKey generates a key until it is not in the database, the
|
|
|
|
// running time of this function is in O(log N), where N is the amount of
|
|
|
|
// keys stored in the url-shorten database.
|
|
|
|
func GeneratePasteKey(tx *bolt.Tx) (string, error) {
|
|
|
|
pastesBucket := tx.Bucket([]byte(BucketPastes))
|
2019-09-22 14:03:27 +02:00
|
|
|
if pastesBucket == nil {
|
2019-12-03 23:08:58 +01:00
|
|
|
return "", errors.Errorf("bucket %v does not exist", BucketPastes)
|
2019-09-22 14:03:27 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
epoch := 0
|
|
|
|
var key string
|
|
|
|
for {
|
|
|
|
var err error
|
|
|
|
key, err = generatePasteKeyInner(epoch)
|
|
|
|
if err != nil {
|
|
|
|
return "", errors.Wrap(err, "url-key generation failed")
|
|
|
|
}
|
|
|
|
|
|
|
|
found := pastesBucket.Get([]byte(key))
|
|
|
|
if found == nil {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
|
|
|
|
isReserved := false
|
|
|
|
for _, reservedKey := range ReservedPasteKeys {
|
|
|
|
if strings.HasPrefix(key, reservedKey) {
|
|
|
|
isReserved = true
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if !isReserved {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
|
|
|
|
epoch++
|
|
|
|
}
|
|
|
|
return key, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func generatePasteKeyInner(epoch int) (string, error) {
|
|
|
|
urlKey := make([]byte, 4+epoch)
|
|
|
|
_, err := rand.Read(urlKey)
|
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
// Put all the values in the range 0..64 for easier base64-encoding
|
|
|
|
for i := 0; i < len(urlKey); i++ {
|
|
|
|
urlKey[i] &= 0x3F
|
|
|
|
}
|
|
|
|
// Implement truncate-resistance by forcing the prefix to
|
|
|
|
// 0b111110xxxxxxxxxx
|
|
|
|
// ^----- {epoch} ones followed by a single 0
|
|
|
|
//
|
|
|
|
// Example when epoch is 1: prefix is 0b10.
|
|
|
|
i := 0
|
|
|
|
for i < epoch {
|
|
|
|
// Set this bit to 1
|
|
|
|
limb := i / 6
|
|
|
|
bit := i % 6
|
|
|
|
urlKey[limb] |= 1 << uint(5-bit)
|
|
|
|
i++
|
|
|
|
}
|
|
|
|
// Finally set the next bit to 0
|
|
|
|
limb := i / 6
|
|
|
|
bit := i % 6
|
|
|
|
urlKey[limb] &= ^(1 << uint(5-bit))
|
|
|
|
|
|
|
|
// Convert this ID to a canonical base64 notation
|
|
|
|
for i := range urlKey {
|
|
|
|
urlKey[i] = base64Alphabet[urlKey[i]]
|
|
|
|
}
|
|
|
|
return string(urlKey), nil
|
|
|
|
}
|
|
|
|
|
2019-12-03 23:08:58 +01:00
|
|
|
func GenerateDeleteToken() (string, error) {
|
2019-09-22 14:03:27 +02:00
|
|
|
var deleteToken [16]byte
|
|
|
|
_, err := rand.Read(deleteToken[:])
|
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
return hex.EncodeToString(deleteToken[:]), nil
|
|
|
|
}
|