public static void MigratePastes(TeknikEntities db, Config config)
{
if (!Directory.Exists(config.PasteConfig.PasteDirectory))
{
Directory.CreateDirectory(config.PasteConfig.PasteDirectory);
}
var pastes = db.Pastes.Select(p => p.PasteId).ToList();
foreach (var pasteId in pastes)
{
var paste = db.Pastes.Where(p => p.PasteId == pasteId).FirstOrDefault();
if (!string.IsNullOrEmpty(paste.Content) && string.IsNullOrEmpty(paste.FileName) && string.IsNullOrEmpty(paste.HashedPassword))
{
// Generate a unique file name that does not currently exist
string filePath = FileHelper.GenerateRandomFileName(config.PasteConfig.PasteDirectory, config.PasteConfig.FileExtension, 10);
string fileName = Path.GetFileName(filePath);
string key = PasteHelper.GenerateKey(config.PasteConfig.KeySize);
string iv = PasteHelper.GenerateIV(config.PasteConfig.BlockSize);
// Encrypt the contents to the file
PasteHelper.EncryptContents(paste.Content, filePath, null, key, iv, config.PasteConfig.KeySize, config.PasteConfig.ChunkSize);
// Generate a deletion key
paste.DeleteKey = StringHelper.RandomString(config.PasteConfig.DeleteKeyLength);
paste.Key = key;
paste.KeySize = config.PasteConfig.KeySize;
paste.IV = iv;
paste.BlockSize = config.PasteConfig.BlockSize;
paste.FileName = fileName;
paste.Content = string.Empty;
db.Entry(paste).State = EntityState.Modified;
db.SaveChanges();
}
}
}
public IActionResult EditSubmit([Bind("Content, Title, Syntax, Url")] PasteEditViewModel model)
{
if (_config.PasteConfig.Enabled)
{
try
{
Models.Paste paste = _dbContext.Pastes.Where(p => p.Url == model.Url).FirstOrDefault();
if (paste != null)
{
if (paste.User?.Username != User.Identity.Name)
{
return(new StatusCodeResult(StatusCodes.Status403Forbidden));
}
string password = null;
// The paste has a password set
if (!string.IsNullOrEmpty(paste.HashedPassword))
{
// Try to get the password from the session
password = GetCachedPassword(model.Url);
string hash = string.Empty;
if (!string.IsNullOrEmpty(password))
{
hash = PasteHelper.HashPassword(paste.Key, password);
}
if (string.IsNullOrEmpty(password) || hash != paste.HashedPassword)
{
PasswordViewModel passModel = new PasswordViewModel();
passModel.ActionUrl = Url.SubRouteUrl("p", "Paste.Edit");
passModel.Url = model.Url;
if (!string.IsNullOrEmpty(password) && hash != paste.HashedPassword)
{
passModel.Error = true;
passModel.ErrorMessage = "Invalid Password";
}
// Redirect them to the password request page
return(View("~/Areas/Paste/Views/Paste/PasswordNeeded.cshtml", passModel));
}
}
// get the old file
string subDir = paste.FileName[0].ToString();
string oldFile = Path.Combine(_config.PasteConfig.PasteDirectory, subDir, paste.FileName);
// Generate a unique file name that does not currently exist
string newFilePath = FileHelper.GenerateRandomFileName(_config.PasteConfig.PasteDirectory, _config.PasteConfig.FileExtension, 10);
string fileName = Path.GetFileName(newFilePath);
string key = PasteHelper.GenerateKey(_config.PasteConfig.KeySize);
string iv = PasteHelper.GenerateIV(_config.PasteConfig.BlockSize);
PasteHelper.EncryptContents(model.Content, newFilePath, password, key, iv, _config.PasteConfig.KeySize, _config.PasteConfig.ChunkSize);
paste.Key = key;
paste.KeySize = _config.PasteConfig.KeySize;
paste.IV = iv;
paste.BlockSize = _config.PasteConfig.BlockSize;
if (!string.IsNullOrEmpty(password))
{
paste.HashedPassword = PasteHelper.HashPassword(paste.Key, password);
}
paste.FileName = fileName;
paste.Title = model.Title;
paste.Syntax = model.Syntax;
paste.DateEdited = DateTime.Now;
_dbContext.Entry(paste).State = EntityState.Modified;
_dbContext.SaveChanges();
// Delete the old file
if (System.IO.File.Exists(oldFile))
{
System.IO.File.Delete(oldFile);
}
return(Redirect(Url.SubRouteUrl("p", "Paste.View", new { type = "Full", url = paste.Url })));
}
}
catch (Exception ex)
{
return(Redirect(Url.SubRouteUrl("error", "Error.500", new { exception = ex })));
}
}
return(new StatusCodeResult(StatusCodes.Status403Forbidden));
}
