phoe
/
Teknik
forked from Teknikode/Teknik
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

- Changed uploads to auto generate deletion key. 

- Added delete button to the user profile page to delete uploads.
master
Teknikode 5 years ago
parent
d0628dd8df
commit
986dd37f71
11 changed files with 102 additions and 89 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      Teknik/Areas/API/Controllers/APIv1Controller.cs
  2. 45
      Teknik/Areas/Upload/Controllers/UploadController.cs
  3. 25
      Teknik/Areas/Upload/Scripts/Upload.js
  4. 8
      Teknik/Areas/Upload/UploadAreaRegistration.cs
  5. 4
      Teknik/Areas/Upload/Uploader.cs
  6. 5
      Teknik/Areas/Upload/Views/Upload/Index.cshtml
  7. 35
      Teknik/Areas/User/Scripts/Profile.js
  8. 5
      Teknik/Areas/User/UserAreaRegistration.cs
  9. 56
      Teknik/Areas/User/Views/User/Index.cshtml
  10. BIN
      Teknik/Scripts/_references.js
  11. 1
      Teknik/Teknik.csproj

7
Teknik/Areas/API/Controllers/APIv1Controller.cs
Unescape View File

@ -96,11 +96,10 @@ namespace Teknik.Areas.API.Controllers @@ -96,11 +96,10 @@ namespace Teknik.Areas.API.Controllers
}
}
// Generate delete key if asked to
if (model.genDeletionKey)
// Generate delete key only if asked to
if (!model.genDeletionKey)
{
string delKey = StringHelper.RandomString(Config.UploadConfig.DeleteKeyLength);
upload.DeleteKey = delKey;
upload.DeleteKey = string.Empty;
db.Entry(upload).State = EntityState.Modified;
db.SaveChanges();
}

45
Teknik/Areas/Upload/Controllers/UploadController.cs
Unescape View File

@ -95,7 +95,7 @@ namespace Teknik.Areas.Upload.Controllers @@ -95,7 +95,7 @@ namespace Teknik.Areas.Upload.Controllers
db.SaveChanges();
}
}
return Json(new { result = new { name = upload.Url, url = Url.SubRouteUrl("u", "Upload.Download", new { file = upload.Url }), contentType = upload.ContentType, contentLength = StringHelper.GetBytesReadable(upload.ContentLength) } }, "text/plain");
return Json(new { result = new { name = upload.Url, url = Url.SubRouteUrl("u", "Upload.Download", new { file = upload.Url }), contentType = upload.ContentType, contentLength = StringHelper.GetBytesReadable(upload.ContentLength), deleteUrl = Url.SubRouteUrl("u", "Upload.Delete", new { file = upload.Url, key = upload.DeleteKey }) } }, "text/plain");
}
return Json(new { error = new { message = "Unable to upload file" } });
}
@ -339,53 +339,22 @@ namespace Teknik.Areas.Upload.Controllers @@ -339,53 +339,22 @@ namespace Teknik.Areas.Upload.Controllers
}
[HttpPost]
[AllowAnonymous]
public ActionResult GenerateDeleteKey(string file)
{
Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();
if (upload != null)
{
string delKey = StringHelper.RandomString(Config.UploadConfig.DeleteKeyLength);
upload.DeleteKey = delKey;
db.Entry(upload).State = EntityState.Modified;
db.SaveChanges();
return Json(new { result = Url.SubRouteUrl("upload", "Upload.Delete", new { file = file, key = delKey }) });
}
return Json(new { error = "Invalid URL" });
}
[HttpPost]
[AllowAnonymous]
public ActionResult SaveFileKey(string file, string key)
{
Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();
if (upload != null)
{
upload.Key = key;
db.Entry(upload).State = EntityState.Modified;
db.SaveChanges();
return Json(new { result = Url.SubRouteUrl("upload", "Upload.Download", new { file = file }) });
}
return Json(new { error = "Invalid URL" });
}
[HttpPost]
[AllowAnonymous]
public ActionResult RemoveFileKey(string file, string key)
{
Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();
if (upload != null)
{
if (upload.Key == key)
if (upload.User.Username == User.Identity.Name)
{
upload.Key = null;
string delKey = StringHelper.RandomString(Config.UploadConfig.DeleteKeyLength);
upload.DeleteKey = delKey;
db.Entry(upload).State = EntityState.Modified;
db.SaveChanges();
return Json(new { result = Url.SubRouteUrl("upload", "Upload.Download", new { file = file }) });
return Json(new { result = new { url = Url.SubRouteUrl("u", "Upload.Delete", new { file = file, key = delKey }) } });
}
return Json(new { error = "Non-Matching Key" });
return Json(new { error = new { message = "You do not own this upload" } });
}
return Json(new { error = "Invalid URL" });
return Json(new { error = new { message = "Invalid URL" } });
}
}
}

25
Teknik/Areas/Upload/Scripts/Upload.js
Unescape View File

@ -8,25 +8,11 @@ @@ -8,25 +8,11 @@
linkCreateVault($('#create-vault'));
});
function linkUploadDelete(element, uploadID) {
function linkUploadDelete(element, deleteUrl) {
element.click(function () {
$.ajax({
type: "POST",
url: generateDeleteKeyURL,
data: { file: uploadID },
success: function (html) {
if (html.result) {
bootbox.dialog({
title: "Direct Deletion URL",
message: '<input type="text" class="form-control" id="deletionLink" onClick="this.select();" value="' + html.result + '">'
});
}
else {
$("#top_msg").css('display', 'inline', 'important');
$("#top_msg").html('<div class="alert alert-danger alert-dismissable"><button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>' + html.error + '</div>');
}
}
bootbox.dialog({
title: "Direct Deletion URL",
message: '<input type="text" class="form-control" id="deletionLink" onClick="this.select();" value="' + deleteUrl + '">'
});
return false;
});
@ -304,6 +290,7 @@ function uploadComplete(fileID, key, encrypt, evt) { @@ -304,6 +290,7 @@ function uploadComplete(fileID, key, encrypt, evt) {
}
var contentType = obj.result.contentType;
var contentLength = obj.result.contentLength;
var deleteUrl = obj.result.deleteUrl;
// Set progress bar
setProgress(fileID, 100, 'progress-bar-success', '', 'Complete');
@ -319,7 +306,7 @@ function uploadComplete(fileID, key, encrypt, evt) { @@ -319,7 +306,7 @@ function uploadComplete(fileID, key, encrypt, evt) {
itemDiv.find('#upload-contentLength').html(contentLength);
// Setup the buttons
linkUploadDelete(itemDiv.find('#generate-delete-link'), name);
linkUploadDelete(itemDiv.find('#delete-link'), deleteUrl);
linkShortenUrl(itemDiv.find('#shortenUrl'), fileID, fullName);
// Hide the progress bar

8
Teknik/Areas/Upload/UploadAreaRegistration.cs
Unescape View File

@ -36,6 +36,14 @@ namespace Teknik.Areas.Upload @@ -36,6 +36,14 @@ namespace Teknik.Areas.Upload
new { controller = "Default", action = "Favicon" },
new[] { typeof(DefaultController).Namespace }
);
context.MapSubdomainRoute(
"Upload.GenerateDeleteKey",
new List<string>() { "upload", "u", "user" }, // Subdomains
new List<string>() { config.Host }, // domains
"GenerateDeleteKey",
new { controller = "Upload", action = "GenerateDeleteKey" },
new[] { typeof(Controllers.UploadController).Namespace }
);
context.MapSubdomainRoute(
"Upload.Download",
new List<string>() { "upload", "u" }, // Subdomains

4
Teknik/Areas/Upload/Uploader.cs
Unescape View File

@ -74,6 +74,9 @@ namespace Teknik.Areas.Upload @@ -74,6 +74,9 @@ namespace Teknik.Areas.Upload
url = StringHelper.RandomString(config.UploadConfig.UrlLength) + extension;
}
// Generate a deletion key
string delKey = StringHelper.RandomString(config.UploadConfig.DeleteKeyLength);
// Now we need to update the database with the new upload information
Models.Upload upload = db.Uploads.Create();
upload.DateUploaded = DateTime.Now;
@ -85,6 +88,7 @@ namespace Teknik.Areas.Upload @@ -85,6 +88,7 @@ namespace Teknik.Areas.Upload
upload.IV = iv;
upload.KeySize = keySize;
upload.BlockSize = blockSize;
upload.DeleteKey = delKey;
db.Uploads.Add(upload);
db.SaveChanges();

5
Teknik/Areas/Upload/Views/Upload/Index.cshtml
Unescape View File

@ -5,9 +5,6 @@ @@ -5,9 +5,6 @@
<script>
var encScriptSrc = '@Scripts.Url("~/bundles/cryptoWorker")';
var aesScriptSrc = '@Scripts.Url("~/bundles/crypto")';
var generateDeleteKeyURL = '@Url.SubRouteUrl(Model.CurrentSub, "Upload.Action", new { action= "GenerateDeleteKey" })';
var saveKeyToServerURL = '@Url.SubRouteUrl(Model.CurrentSub, "Upload.Action", new { action= "SaveFileKey" })';
var removeKeyFromServerURL = '@Url.SubRouteUrl(Model.CurrentSub, "Upload.Action", new { action= "RemoveFileKey" })';
var uploadFileURL = '@Url.SubRouteUrl(Model.CurrentSub, "Upload.Action", new { action = "Upload" })';
var maxUploadSize = @Model.Config.UploadConfig.MaxUploadSize;
var chunkSize = @Model.Config.UploadConfig.ChunkSize;
@ -106,7 +103,7 @@ @@ -106,7 +103,7 @@
<div class="col-sm-4">
<div class="btn-group pull-right" role="group">
<button type="button" class="btn btn-default btn-sm" id="shortenUrl"><i class="fa fa-link"></i>&nbsp;Shorten</button>
<button type="button" class="btn btn-default btn-sm" id="generate-delete-link"><i class="fa fa-trash"></i>&nbsp;Deletion URL</button>
<button type="button" class="btn btn-default btn-sm" id="delete-link"><i class="fa fa-trash"></i>&nbsp;Deletion Link</button>
</div>
</div>
</div>

35
Teknik/Areas/User/Scripts/Profile.js
Unescape View File

@ -0,0 +1,35 @@ @@ -0,0 +1,35 @@
$(document).ready(function () {
$('.delete-upload-button').click(function () {
var deleteUrl = $(this).attr('id');
var uploadID = $(this).data('upload-id');
bootbox.confirm("Are you sure you want to delete this upload?", function (result) {
if (result) {
if (deleteUrl !== '') {
window.open(deleteUrl, '_blank');
window.location.reload();
}
else {
$.ajax({
type: "POST",
url: generateDeleteKeyURL,
data: { file: uploadID },
headers: { 'X-Requested-With': 'XMLHttpRequest' },
xhrFields: {
withCredentials: true
},
success: function (html) {
if (html.result) {
window.open(html.result.url, '_blank');
window.location.reload();
}
else {
$("#top_msg").css('display', 'inline', 'important');
$("#top_msg").html('<div class="alert alert-danger alert-dismissable"><button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>' + html.error.message + '</div>');
}
}
});
}
}
});
});
});

5
Teknik/Areas/User/UserAreaRegistration.cs
Unescape View File

@ -119,6 +119,11 @@ namespace Teknik.Areas.Users @@ -119,6 +119,11 @@ namespace Teknik.Areas.Users
BundleTable.Bundles.Add(new CdnScriptBundle("~/bundles/checkAuthCode", config.CdnHost).Include(
"~/Areas/User/Scripts/CheckAuthCode.js"));
// Register Script Bundle
BundleTable.Bundles.Add(new CdnScriptBundle("~/bundles/profile", config.CdnHost).Include(
"~/Scripts/bootbox/bootbox.min.js",
"~/Areas/User/Scripts/Profile.js"));
// Register Style Bundles
BundleTable.Bundles.Add(new CdnStyleBundle("~/Content/user", config.CdnHost).Include(
"~/Content/bootstrap-switch/bootstrap3/bootstrap-switch.css"));

56
Teknik/Areas/User/Views/User/Index.cshtml
Unescape View File

@ -2,6 +2,10 @@ @@ -2,6 +2,10 @@
@using Teknik.Utilities
<script>
var generateDeleteKeyURL = '@Url.SubRouteUrl("u", "Upload.GenerateDeleteKey")';
</script>
<div class="container">
@if (!Model.Error)
{
@ -126,33 +130,35 @@ @@ -126,33 +130,35 @@
<div class="tab-pane" id="uploads" style="overflow-y: auto; max-height: 500px;">
@foreach (Teknik.Areas.Upload.Models.Upload upload in Model.Uploads)
{
<div class="panel panel-default">
<div class="panel-heading text-center">
<a href="@Url.SubRouteUrl("upload", "Upload.Download", new { file = upload.Url })">@Url.SubRouteUrl("upload", "Upload.Download", new { file = upload.Url })</a>
<div class="panel panel-default">
<div class="panel-heading text-center">
<a id="upload-url" href="@Url.SubRouteUrl("u", "Upload.Download", new { file = upload.Url })">@Url.SubRouteUrl("u", "Upload.Download", new { file = upload.Url })</a>
</div>
<div class="panel-body">
<div class="col-sm-2 text-center">
<label for="size">Size</label>
<p id="size">@StringHelper.GetBytesReadable(upload.ContentLength)</p>
</div>
<div class="panel-body">
<div class="col-sm-2 text-center">
<label for="size">Size</label>
<p id="size">@StringHelper.GetBytesReadable(upload.ContentLength)</p>
</div>
<div class="col-sm-3 text-center">
<label for="type">Type</label>
<p id="type">@upload.ContentType</p>
</div>
<div class="col-sm-3 text-center">
<label for="dateUploaded">Date Uploaded</label>
<p id="dateUploaded"><time datetime="@upload.DateUploaded.ToString("s")">@upload.DateUploaded.ToString("MMMM dd, yyyy")</time></p>
</div>
<div class="col-sm-2 text-center">
<label for="downloads">Downloads</label>
<p id="downloads">@upload.Downloads</p>
</div>
<div class="col-sm-2 text-center">
<label for="deleteKey">Deletion Key</label>
<p id="deleteKey">@upload.DeleteKey</p>
</div>
<div class="col-sm-3 text-center">
<label for="type">Type</label>
<p id="type">@upload.ContentType</p>
</div>
<div class="col-sm-3 text-center">
<label for="dateUploaded">Date Uploaded</label>
<p id="dateUploaded"><time datetime="@upload.DateUploaded.ToString("s")">@upload.DateUploaded.ToString("MMMM dd, yyyy")</time></p>
</div>
<div class="col-sm-2 text-center">
<label for="downloads">Downloads</label>
<p id="downloads">@upload.Downloads</p>
</div>
<div class="col-sm-2 text-center" style="overflow-x: hidden">
@{
string deleteUrl = (string.IsNullOrEmpty(upload.DeleteKey)) ? string.Empty : Url.SubRouteUrl("u", "Upload.Delete", new { file = upload.Url, key = upload.DeleteKey });
}
<p id="delete-upload"><button role="button" class="btn btn-danger delete-upload-button" id="@deleteUrl" data-upload-id="@upload.Url">Delete</button></p>
</div>
</div>
</div>
}
</div><!--/tab-pane-->
<div class="tab-pane" id="pastes" style="overflow-y: auto; max-height: 500px;">
@ -242,3 +248,5 @@ @@ -242,3 +248,5 @@
</div>
}
</div>
@Scripts.Render("~/bundles/profile")

BIN
Teknik/Scripts/_references.js
View File

Binary file not shown.

1
Teknik/Teknik.csproj
Unescape View File

@ -338,6 +338,7 @@ @@ -338,6 +338,7 @@
<Content Include="Areas\Transparency\Scripts\Transparency.js" />
<Content Include="Areas\Upload\Content\Upload.css" />
<Content Include="Areas\User\Scripts\CheckAuthCode.js" />
<Content Include="Areas\User\Scripts\Profile.js" />
<Content Include="Areas\User\Scripts\User.js" />
<Content Include="Areas\Shortener\Scripts\Shortener.js" />
<Content Include="Areas\Upload\Scripts\Download.js" />

Write Preview
Loading…
Cancel
Save