Commit 4ad91064632c8c1f5483a559d158d96b93e1a3c6
Exists in
master
and in
29 other branches
Merge branch 'stable'
Conflicts: test/unit/comment_test.rb
Showing
6 changed files
with
46 additions
and
4 deletions
Show diff stats
app/views/layouts/application-ng.rhtml
| @@ -22,7 +22,7 @@ | @@ -22,7 +22,7 @@ | ||
| 22 | DEFAULT_LOADING_MESSAGE = <%="'#{ _('loading...') }'" %>; | 22 | DEFAULT_LOADING_MESSAGE = <%="'#{ _('loading...') }'" %>; |
| 23 | </script> | 23 | </script> |
| 24 | </head> | 24 | </head> |
| 25 | - <body class="<%= body_classes %>"> | 25 | + <body class="<%= h body_classes %>"> |
| 26 | <a href="#content" id="link-go-content"><span><%= _("Go to the content") %></span></a> | 26 | <a href="#content" id="link-go-content"><span><%= _("Go to the content") %></span></a> |
| 27 | 27 | ||
| 28 | <%= | 28 | <%= |
debian/changelog
| 1 | +noosfero (0.45.2) unstable; urgency=low | ||
| 2 | + | ||
| 3 | + * Small release with a critical bugfix | ||
| 4 | + | ||
| 5 | + -- Rodrigo Souto <rodrigo@colivre.coop.br> Tue, 14 Jan 2014 13:25:18 +0000 | ||
| 6 | + | ||
| 1 | noosfero (0.45.1) unstable; urgency=low | 7 | noosfero (0.45.1) unstable; urgency=low |
| 2 | 8 | ||
| 3 | * Bugfix release | 9 | * Bugfix release |
lib/noosfero.rb
| @@ -3,7 +3,7 @@ require 'fast_gettext' | @@ -3,7 +3,7 @@ require 'fast_gettext' | ||
| 3 | 3 | ||
| 4 | module Noosfero | 4 | module Noosfero |
| 5 | PROJECT = 'noosfero' | 5 | PROJECT = 'noosfero' |
| 6 | - VERSION = '0.45.1' | 6 | + VERSION = '0.45.2' |
| 7 | 7 | ||
| 8 | def self.pattern_for_controllers_in_directory(dir) | 8 | def self.pattern_for_controllers_in_directory(dir) |
| 9 | disjunction = controllers_in_directory(dir).join('|') | 9 | disjunction = controllers_in_directory(dir).join('|') |
public/javascripts/jquery-latest.js
| @@ -36,7 +36,8 @@ var jQuery = function( selector, context ) { | @@ -36,7 +36,8 @@ var jQuery = function( selector, context ) { | ||
| 36 | 36 | ||
| 37 | // A simple way to check for HTML strings or ID strings | 37 | // A simple way to check for HTML strings or ID strings |
| 38 | // (both of which we optimize for) | 38 | // (both of which we optimize for) |
| 39 | - quickExpr = /^(?:[^<]*(<[\w\W]+>)[^>]*$|#([\w\-]+)$)/, | 39 | + //fix xss: http://ma.la/jquery_xss/ http://blog.jquery.com/2011/09/01/jquery-1-6-3-released/ |
| 40 | + quickExpr = /^(?:[^#<]*(<[\w\W]+>)[^>]*$|#([\w\-]*)$)/, | ||
| 40 | 41 | ||
| 41 | // Check if a string has a non-whitespace character in it | 42 | // Check if a string has a non-whitespace character in it |
| 42 | rnotwhite = /\S/, | 43 | rnotwhite = /\S/, |
test/unit/comment_test.rb
| @@ -285,6 +285,35 @@ class CommentTest < ActiveSupport::TestCase | @@ -285,6 +285,35 @@ class CommentTest < ActiveSupport::TestCase | ||
| 285 | assert_equal [c1,c3], c.reload.children | 285 | assert_equal [c1,c3], c.reload.children |
| 286 | end | 286 | end |
| 287 | 287 | ||
| 288 | + should "return activities comments as a thread" do | ||
| 289 | + person = fast_create(Person) | ||
| 290 | + a = TextileArticle.create!(:profile => person, :name => 'My article', :body => 'Article body') | ||
| 291 | + c0 = Comment.create!(:source => a, :body => 'My comment', :author => person) | ||
| 292 | + c1 = Comment.create!(:reply_of_id => c0.id, :source => a, :body => 'bla', :author => person) | ||
| 293 | + c2 = Comment.create!(:reply_of_id => c1.id, :source => a, :body => 'bla', :author => person) | ||
| 294 | + c3 = Comment.create!(:reply_of_id => c0.id, :source => a, :body => 'bla', :author => person) | ||
| 295 | + c4 = Comment.create!(:source => a, :body => 'My comment', :author => person) | ||
| 296 | + result = a.activity.comments_as_thread | ||
| 297 | + assert_equal c0, result[0] | ||
| 298 | + assert_equal [c1, c3], result[0].replies | ||
| 299 | + assert_equal [c2], result[0].replies[0].replies | ||
| 300 | + assert_equal c4, result[1] | ||
| 301 | + assert result[1].replies.empty? | ||
| 302 | + end | ||
| 303 | + | ||
| 304 | + should "return activities comments when some comment on thread is spam" do | ||
| 305 | + person = fast_create(Person) | ||
| 306 | + a = TextileArticle.create!(:profile => person, :name => 'My article', :body => 'Article body') | ||
| 307 | + c0 = Comment.create(:source => a, :body => 'Root comment', :author => person) | ||
| 308 | + c1 = Comment.create(:reply_of_id => c0.id, :source => a, :body => 'c1', :author => person) | ||
| 309 | + spam = Comment.create(:spam => true, :reply_of_id => c0.id, :source => a, :body => 'spam', :author => person) | ||
| 310 | + c2 = Comment.create(:reply_of_id => spam.id, :source => a, :body => 'c2', :author => person) | ||
| 311 | + result = a.activity.comments_as_thread | ||
| 312 | + assert_equal c0, result[0] | ||
| 313 | + assert_equal [c1], result[0].replies | ||
| 314 | + assert_equal c2, result[1] | ||
| 315 | + end | ||
| 316 | + | ||
| 288 | should 'provide author url for authenticated user' do | 317 | should 'provide author url for authenticated user' do |
| 289 | author = Person.new | 318 | author = Person.new |
| 290 | author.expects(:url).returns('http://blabla.net/author') | 319 | author.expects(:url).returns('http://blabla.net/author') |
vendor/plugins/action_tracker_has_comments/init.rb
| @@ -18,7 +18,13 @@ Rails.configuration.to_prepare do | @@ -18,7 +18,13 @@ Rails.configuration.to_prepare do | ||
| 18 | self.comments.each do |c| | 18 | self.comments.each do |c| |
| 19 | c.replies = [] | 19 | c.replies = [] |
| 20 | result[c.id] ||= c | 20 | result[c.id] ||= c |
| 21 | - c.reply_of_id.nil? ? root << c : result[c.reply_of_id].replies << c | 21 | + if c.reply_of_id.nil? |
| 22 | + root << c | ||
| 23 | + elsif result[c.reply_of_id] | ||
| 24 | + result[c.reply_of_id].replies << c | ||
| 25 | + else # Comment is a reply but the reply is not being displayed - is spam, for example | ||
| 26 | + root << c | ||
| 27 | + end | ||
| 22 | end | 28 | end |
| 23 | root | 29 | root |
| 24 | end | 30 | end |