From 50c9c2971ed3ebc1041521900ea38caed524b4af Mon Sep 17 00:00:00 2001
From: Antonio Terceiro <terceiro@colivre.coop.br>
Date: Tue, 16 Aug 2011 10:17:09 -0700
Subject: [PATCH] Don't sanitize abstract and body in TextArticle

---
 app/models/text_article.rb     |  2 +-
 test/unit/text_article_test.rb | 12 +-----------
 2 files changed, 2 insertions(+), 12 deletions(-)

diff --git a/app/models/text_article.rb b/app/models/text_article.rb
index e07e787..194cc5a 100644
--- a/app/models/text_article.rb
+++ b/app/models/text_article.rb
@@ -1,7 +1,7 @@
 # a base class for all text article types.  
 class TextArticle < Article
 
-  xss_terminate :only => [ :name, :abstract, :body ], :on => 'validation'
+  xss_terminate :only => [ :name ], :on => 'validation'
 
   include Noosfero::TranslatableContent
 
diff --git a/test/unit/text_article_test.rb b/test/unit/text_article_test.rb
index 34c5da7..e1437f6 100644
--- a/test/unit/text_article_test.rb
+++ b/test/unit/text_article_test.rb
@@ -20,23 +20,13 @@ class TextArticleTest < Test::Unit::TestCase
     assert_equal TextileArticle.find_by_contents('found'), TextArticle.find_by_contents('found')
   end
 
-  should 'remove comments from TextArticle body' do
-    person = create_user('testuser').person
-    article = TextArticle.create!(:profile => person, :name => 'article', :body => "the <!-- comment --> article ...")
-    assert_equal "the  article ...", article.body
-  end
-
-  should 'escape malformed html tags' do
+  should 'remove HTML from name' do
     person = create_user('testuser').person
     article = TextArticle.new(:profile => person)
     article.name = "<h1 Malformed >> html >>></a>< tag"
-    article.abstract = "<h1 Malformed <<h1>>< html >< tag"
-    article.body = "<h1><</h2< Malformed >> html >< tag"
     article.valid?
 
     assert_no_match /[<>]/, article.name
-    assert_no_match /[<>]/, article.abstract
-    assert_no_match /[<>]/, article.body
   end
 
   should 'be translatable' do
--
libgit2 0.21.2