Commit 68660d326afa1550ee5659c8edc49bf2faa9932e
1 parent
847b2a09
Exists in
ratings_minor_fixes
and in
3 other branches
should not parse html of body and abstract display content plugin
Showing
3 changed files
with
62 additions
and
3 deletions
Show diff stats
plugins/display_content/test/unit/display_content_block_test.rb
| @@ -774,4 +774,63 @@ class DisplayContentBlockViewTest < ActionView::TestCase | @@ -774,4 +774,63 @@ class DisplayContentBlockViewTest < ActionView::TestCase | ||
| 774 | assert render_block_content(block).index(en_article.name).present? | 774 | assert render_block_content(block).index(en_article.name).present? |
| 775 | assert_nil render_block_content(block).index(pt_article.name) | 775 | assert_nil render_block_content(block).index(pt_article.name) |
| 776 | end | 776 | end |
| 777 | + | ||
| 778 | + should 'not escape abstract html of articles' do | ||
| 779 | + profile = create_user('testuser').person | ||
| 780 | + a1 = fast_create(TextileArticle, abstract: "<p class='test-article-abstract'>Test</p>", name: 'test article 1', profile_id: profile.id, published_at: DateTime.current) | ||
| 781 | + | ||
| 782 | + block = DisplayContentBlock.new | ||
| 783 | + block.sections = [{:value => 'abstract', :checked => true}] | ||
| 784 | + block.nodes = [a1.id] | ||
| 785 | + box = mock() | ||
| 786 | + block.stubs(:box).returns(box) | ||
| 787 | + box.stubs(:owner).returns(profile) | ||
| 788 | + assert_tag_in_string render_block_content(block), tag: 'p', attributes: { class: 'test-article-abstract' } | ||
| 789 | + end | ||
| 790 | + | ||
| 791 | + should 'not raise if abstract of article is nil' do | ||
| 792 | + profile = create_user('testuser').person | ||
| 793 | + a1 = fast_create(TextileArticle, name: 'test article 1', profile_id: profile.id, published_at: DateTime.current) | ||
| 794 | + | ||
| 795 | + block = DisplayContentBlock.new | ||
| 796 | + block.sections = [{:value => 'abstract', :checked => true}] | ||
| 797 | + block.nodes = [a1.id] | ||
| 798 | + box = mock() | ||
| 799 | + block.stubs(:box).returns(box) | ||
| 800 | + box.stubs(:owner).returns(profile) | ||
| 801 | + assert_nil a1.abstract | ||
| 802 | + assert_nothing_raised do | ||
| 803 | + render_block_content(block) | ||
| 804 | + end | ||
| 805 | + end | ||
| 806 | + | ||
| 807 | + should 'not escape body html of articles' do | ||
| 808 | + profile = create_user('testuser').person | ||
| 809 | + a1 = fast_create(TextileArticle, body: "<p class='test-article-body'>Test</p>", name: 'test article 1', profile_id: profile.id, published_at: DateTime.current) | ||
| 810 | + | ||
| 811 | + block = DisplayContentBlock.new | ||
| 812 | + block.sections = [{:value => 'body', :checked => true}] | ||
| 813 | + block.nodes = [a1.id] | ||
| 814 | + box = mock() | ||
| 815 | + block.stubs(:box).returns(box) | ||
| 816 | + box.stubs(:owner).returns(profile) | ||
| 817 | + assert_tag_in_string render_block_content(block), tag: 'p', attributes: { class: 'test-article-body' } | ||
| 818 | + end | ||
| 819 | + | ||
| 820 | + should 'not raise if body of article is nil' do | ||
| 821 | + profile = create_user('testuser').person | ||
| 822 | + a1 = fast_create(TextileArticle, name: 'test article 1', profile_id: profile.id, published_at: DateTime.current) | ||
| 823 | + | ||
| 824 | + block = DisplayContentBlock.new | ||
| 825 | + block.sections = [{:value => 'abstract', :checked => true}] | ||
| 826 | + block.nodes = [a1.id] | ||
| 827 | + box = mock() | ||
| 828 | + block.stubs(:box).returns(box) | ||
| 829 | + box.stubs(:owner).returns(profile) | ||
| 830 | + assert_nil a1.body | ||
| 831 | + assert_nothing_raised do | ||
| 832 | + render_block_content(block) | ||
| 833 | + end | ||
| 834 | + end | ||
| 835 | + | ||
| 777 | end | 836 | end |
plugins/display_content/views/blocks/display_content/_document.slim
| 1 | li | 1 | li |
| 2 | - unless item.folder? || item.class == RssFeed | 2 | - unless item.folder? || item.class == RssFeed |
| 3 | = render partial: 'blocks/display_content/section', collection: block.sections, locals: { block: block, item: item } | 3 | = render partial: 'blocks/display_content/section', collection: block.sections, locals: { block: block, item: item } |
| 4 | - = render partial: 'blocks/display_content/read_more', locals: { item: item, abstract_section: block.sections.bsearch { |section| section[:value] == 'abstract' }, block: block } | ||
| 5 | \ No newline at end of file | 4 | \ No newline at end of file |
| 5 | + = render partial: 'blocks/display_content/read_more', locals: { item: item, abstract_section: block.sections.bsearch { |section| section[:value] == 'abstract' }, block: block } |
plugins/display_content/views/blocks/display_content/_section.slim
| @@ -8,10 +8,10 @@ | @@ -8,10 +8,10 @@ | ||
| 8 | = link_to(h(item.title), item.url) | 8 | = link_to(h(item.title), item.url) |
| 9 | - when 'abstract' | 9 | - when 'abstract' |
| 10 | div class='lead' | 10 | div class='lead' |
| 11 | - = item.abstract | 11 | + = (item.abstract || '').html_safe |
| 12 | - when 'body' | 12 | - when 'body' |
| 13 | div class='body' | 13 | div class='body' |
| 14 | - = item.body | 14 | + = (item.body || '').html_safe |
| 15 | - when 'image' | 15 | - when 'image' |
| 16 | - unless item.image || item.image.public_filename | 16 | - unless item.image || item.image.public_filename |
| 17 | div class='image' | 17 | div class='image' |