Fixing validation error when try to approve published events

- Event.body should be string as all other article types - Removed Event.description - Moving existing data in description field to body (ActionItem1865)

Fixing validation error when try to approve published events
- Event.body should be string as all other article types - Removed Event.description - Moving existing data in description field to body (ActionItem1865)
Joenio Costa · Daniela Feitosa
1 parent 49e084f8
Showing 6 changed files with 72 additions and 42 deletions Show diff stats
app/models/event.rb
app/views/cms/_event.rhtml
db/migrate/20110215153624_move_data_serialized_hash_to_setting_field_for_articles.rb
db/schema.rb
test/unit/approve_article_test.rb
test/unit/event_test.rb
 class Event < Article
  
-  acts_as_having_settings :field => :body
-
-  settings_items :description, :type => :string
-  settings_items :link, :type => :string
   settings_items :address, :type => :string
  
+  def link=(value)
+    self.setting[:link] = maybe_add_http(value)
+  end
+
+  def link
+    maybe_add_http(self.setting[:link])
+  end
+
   xss_terminate :only => [ :link ], :on => 'validation'
-  xss_terminate :only => [ :description, :link, :address ], :with => 'white_list', :on => 'validation'
+  xss_terminate :only => [ :body, :link, :address ], :with => 'white_list', :on => 'validation'
  
   def initialize(*args)
     super(*args)
@@ -27,7 +31,7 @@ class Event &lt; Article
   }
  
   include WhiteListFilter
-  filter_iframes :description, :link, :address, :whitelist => lambda { profile && profile.environment && profile.environment.trusted_sites_for_iframe }
+  filter_iframes :body, :link, :address, :whitelist => lambda { profile && profile.environment && profile.environment.trusted_sites_for_iframe }
  
   def self.description
     _('A calendar event')
@@ -96,26 +100,18 @@ class Event &lt; Article
         }
       }
  
-      if self.description
+      if self.body
         html.div('_____XXXX_DESCRIPTION_GOES_HERE_XXXX_____', :class => 'event-description') 
       end
     }
  
-    if self.description
-      result.sub!('_____XXXX_DESCRIPTION_GOES_HERE_XXXX_____', self.description)
+    if self.body
+      result.sub!('_____XXXX_DESCRIPTION_GOES_HERE_XXXX_____', self.body)
     end
  
     result
   end
  
-  def link=(value)
-    self.body[:link] = maybe_add_http(value)
-  end
-
-  def link
-    maybe_add_http(self.body[:link])
-  end
-
   def event?
     true
   end
@@ -15,5 +15,5 @@
  
 <%= labelled_form_field(_('Address:'), text_field(:article, :address)) %>
  
-<%= labelled_form_field(_('Information about the event:'), text_area(:article, :description, :cols => 64)) %>
+<%= labelled_form_field(_('Information about the event:'), text_area(:article, :body, :cols => 64)) %>
  
@@ -0,0 +1,26 @@
+class MoveDataSerializedHashToSettingFieldForArticles < ActiveRecord::Migration
+  def self.up
+    select_all("SELECT id FROM tasks WHERE type = 'ApproveArticle' AND status = 1").each do |data|
+      article = Task.find(data['id']).article
+      next unless article.kind_of?(Event)
+      body = ''
+      begin
+        body = YAML.load(article.body)
+      rescue
+        # do nothing
+        next
+      end
+      if body.kind_of?(Hash)
+        settings = article.setting.merge(body)
+        body = ActiveRecord::Base.sanitize_sql_for_assignment(:body => settings[:description])
+        update("UPDATE articles set %s WHERE id = %d" % [body, article.id])
+        setting = ActiveRecord::Base.sanitize_sql_for_assignment(:setting => settings.to_yaml)
+        update("UPDATE articles set %s WHERE id = %d" % [setting, article.id])
+      end
+    end
+  end
+
+  def self.down
+    say "Nothing to undo"
+  end
+end
@@ -9,7 +9,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
  
-ActiveRecord::Schema.define(:version => 20110203160153) do
+ActiveRecord::Schema.define(:version => 20110215153624) do
  
   create_table "action_tracker", :force => true do |t|
     t.integer  "user_id"
@@ -362,4 +362,12 @@ class ApproveArticleTest &lt; ActiveSupport::TestCase
     assert_match(/#{task.requestor.name} wants to publish the article: #{article.name}/, email.subject)
   end
  
+  should 'approve an event' do
+    event = fast_create(Event, :profile_id => profile.id, :name => 'Event test', :slug => 'event-test', :abstract => 'Lead of article', :body => 'This is my event')
+    task = ApproveArticle.create!(:name => 'Event test', :article => event, :target => community, :requestor => profile)
+    assert_difference event.class, :count do
+      task.finish
+    end
+  end
+
 end
@@ -14,9 +14,9 @@ class EventTest &lt; ActiveSupport::TestCase
     assert_kind_of String, Event.short_description
   end
  
-  should 'have a description' do
-    e = Event.new(:description => 'some useful description')
-    assert_equal 'some useful description', e.description
+  should 'have a body' do
+    e = Event.new(:body => 'some useful description')
+    assert_equal 'some useful description', e.body
   end
  
   should 'have a link' do
@@ -62,9 +62,9 @@ class EventTest &lt; ActiveSupport::TestCase
     assert_includes Event.find_by_contents('surprisingly'), e
   end
  
-  should 'be indexed by description' do
+  should 'be indexed by body' do
     profile = create_user('testuser').person
-    e = Event.create!(:name => 'bli', :start_date => Date.new(2008, 06, 06), :profile => profile, :description => 'my surprisingly long description about my freaking nice event')
+    e = Event.create!(:name => 'bli', :start_date => Date.new(2008, 06, 06), :profile => profile, :body => 'my surprisingly long description about my freaking nice event')
     assert_includes Event.find_by_contents('surprisingly'), e
   end
  
@@ -123,7 +123,7 @@ class EventTest &lt; ActiveSupport::TestCase
   end
  
   should 'provide nice display format' do
-    e = Event.new(:start_date => Date.new(2008,1,1), :end_date => Date.new(2008,1,1), :link => 'http://www.myevent.org', :description => 'my somewhat short description')
+    e = Event.new(:start_date => Date.new(2008,1,1), :end_date => Date.new(2008,1,1), :link => 'http://www.myevent.org', :body => 'my somewhat short description')
  
     assert_tag_in_string e.to_html, :content => Regexp.new("January 1, 2008")
     assert_tag_in_string e.to_html, :content => 'my somewhat short description'
@@ -131,9 +131,9 @@ class EventTest &lt; ActiveSupport::TestCase
  
   end
  
-  should 'not crash when description is blank' do
+  should 'not crash when body is blank' do
     e = Event.new
-    assert_nil e.description
+    assert_nil e.body
     assert_no_match(/_____XXXX_DESCRIPTION_GOES_HERE_XXXX_____/, e.to_html)
   end
  
@@ -144,30 +144,30 @@ class EventTest &lt; ActiveSupport::TestCase
  
   should 'add http:// when reading link' do
     a = Event.new
-    a.body[:link] = 'www.gnu.org'
+    a.setting[:link] = 'www.gnu.org'
     assert_equal 'http://www.gnu.org', a.link
   end
  
   should 'not add http:// to empty link' do
     a = Event.new
-    a.body[:link] = ''
+    a.setting[:link] = ''
     assert_equal '', a.link
-    a.body[:link] = nil
+    a.setting[:link] = nil
     assert_equal '', a.link
   end
  
-  should 'not escape HTML in description' do
-    a = Event.new(:description => '<p>a paragraph of text</p>', :link => 'www.gnu.org')
+  should 'not escape HTML in body' do
+    a = Event.new(:body => '<p>a paragraph of text</p>', :link => 'www.gnu.org')
  
     assert_match '<p>a paragraph of text</p>', a.to_html
   end
  
-  should 'filter HTML in description' do
+  should 'filter HTML in body' do
     profile = create_user('testuser').person
-    e = Event.create!(:profile => profile, :name => 'test', :description => '<p>a paragraph (valid)</p><script type="text/javascript">/* this is invalid */</script>"', :link => 'www.colivre.coop.br', :start_date => Date.today)
+    e = Event.create!(:profile => profile, :name => 'test', :body => '<p>a paragraph (valid)</p><script type="text/javascript">/* this is invalid */</script>"', :link => 'www.colivre.coop.br', :start_date => Date.today)
  
-    assert_tag_in_string e.description, :tag => 'p', :content => 'a paragraph (valid)'
-    assert_no_tag_in_string e.description, :tag => 'script'
+    assert_tag_in_string e.body, :tag => 'p', :content => 'a paragraph (valid)'
+    assert_no_tag_in_string e.body, :tag => 'script'
   end
  
   should 'nil to link' do
@@ -238,31 +238,31 @@ class EventTest &lt; ActiveSupport::TestCase
  
   should 'filter fields with white_list filter' do
     event = Event.new
-    event.description = "<h1> Description </h1>"
+    event.body = "<h1> Description </h1>"
     event.address = "<strong> Address <strong>"
     event.valid?
  
-    assert_equal "<h1> Description </h1>", event.description
+    assert_equal "<h1> Description </h1>", event.body
     assert_equal "<strong> Address <strong>", event.address
   end
  
   should 'escape malformed html tags' do
     event = Event.new
-    event.description = "<h1<< Description >>/h1>"
+    event.body = "<h1<< Description >>/h1>"
     event.address = "<strong>><< Address <strong>"
     event.valid?
  
-    assert_no_match /[<>]/, event.description
+    assert_no_match /[<>]/, event.body
     assert_no_match /[<>]/, event.address
   end
  
   should 'not sanitize html comments' do
     event = Event.new
-    event.description = '<p><!-- <asdf> << aasdfa >>> --> <h1> Wellformed html code </h1>'
+    event.body = '<p><!-- <asdf> << aasdfa >>> --> <h1> Wellformed html code </h1>'
     event.address = '<p><!-- <asdf> << aasdfa >>> --> <h1> Wellformed html code </h1>'
     event.valid?
  
-    assert_match  /<!-- .* --> <h1> Wellformed html code <\/h1>/, event.description
+    assert_match  /<!-- .* --> <h1> Wellformed html code <\/h1>/, event.body
     assert_match  /<!-- .* --> <h1> Wellformed html code <\/h1>/, event.address
   end
1	1	class Event < Article
2	2
3		- acts_as_having_settings :field => :body
4		-
5		- settings_items :description, :type => :string
6		- settings_items :link, :type => :string
7	3	settings_items :address, :type => :string
8	4
	5	+ def link=(value)
	6	+ self.setting[:link] = maybe_add_http(value)
	7	+ end
	8	+
	9	+ def link
	10	+ maybe_add_http(self.setting[:link])
	11	+ end
	12	+
9	13	xss_terminate :only => [ :link ], :on => 'validation'
10		- xss_terminate :only => [ :description, :link, :address ], :with => 'white_list', :on => 'validation'
	14	+ xss_terminate :only => [ :body, :link, :address ], :with => 'white_list', :on => 'validation'
11	15
12	16	def initialize(*args)
13	17	super(*args)
...	...	@@ -27,7 +31,7 @@ class Event < Article
27	31	}
28	32
29	33	include WhiteListFilter
30		- filter_iframes :description, :link, :address, :whitelist => lambda { profile && profile.environment && profile.environment.trusted_sites_for_iframe }
	34	+ filter_iframes :body, :link, :address, :whitelist => lambda { profile && profile.environment && profile.environment.trusted_sites_for_iframe }
31	35
32	36	def self.description
33	37	_('A calendar event')
...	...	@@ -96,26 +100,18 @@ class Event < Article
96	100	}
97	101	}
98	102
99		- if self.description
	103	+ if self.body
100	104	html.div('_____XXXX_DESCRIPTION_GOES_HERE_XXXX_____', :class => 'event-description')
101	105	end
102	106	}
103	107
104		- if self.description
105		- result.sub!('_____XXXX_DESCRIPTION_GOES_HERE_XXXX_____', self.description)
	108	+ if self.body
	109	+ result.sub!('_____XXXX_DESCRIPTION_GOES_HERE_XXXX_____', self.body)
106	110	end
107	111
108	112	result
109	113	end
110	114
111		- def link=(value)
112		- self.body[:link] = maybe_add_http(value)
113		- end
114		-
115		- def link
116		- maybe_add_http(self.body[:link])
117		- end
118		-
119	115	def event?
120	116	true
121	117	end
...	...
...	...	@@ -15,5 +15,5 @@
15	15
16	16	<%= labelled_form_field(_('Address:'), text_field(:article, :address)) %>
17	17
18		-<%= labelled_form_field(_('Information about the event:'), text_area(:article, :description, :cols => 64)) %>
	18	+<%= labelled_form_field(_('Information about the event:'), text_area(:article, :body, :cols => 64)) %>
19	19
...	...
...	...	@@ -0,0 +1,26 @@
	1	+class MoveDataSerializedHashToSettingFieldForArticles < ActiveRecord::Migration
	2	+ def self.up
	3	+ select_all("SELECT id FROM tasks WHERE type = 'ApproveArticle' AND status = 1").each do \|data\|
	4	+ article = Task.find(data['id']).article
	5	+ next unless article.kind_of?(Event)
	6	+ body = ''
	7	+ begin
	8	+ body = YAML.load(article.body)
	9	+ rescue
	10	+ # do nothing
	11	+ next
	12	+ end
	13	+ if body.kind_of?(Hash)
	14	+ settings = article.setting.merge(body)
	15	+ body = ActiveRecord::Base.sanitize_sql_for_assignment(:body => settings[:description])
	16	+ update("UPDATE articles set %s WHERE id = %d" % [body, article.id])
	17	+ setting = ActiveRecord::Base.sanitize_sql_for_assignment(:setting => settings.to_yaml)
	18	+ update("UPDATE articles set %s WHERE id = %d" % [setting, article.id])
	19	+ end
	20	+ end
	21	+ end
	22	+
	23	+ def self.down
	24	+ say "Nothing to undo"
	25	+ end
	26	+end
...	...
...	...	@@ -9,7 +9,7 @@
9	9	#
10	10	# It's strongly recommended to check this file into your version control system.
11	11
12		-ActiveRecord::Schema.define(:version => 20110203160153) do
	12	+ActiveRecord::Schema.define(:version => 20110215153624) do
13	13
14	14	create_table "action_tracker", :force => true do \|t\|
15	15	t.integer "user_id"
...	...
...	...	@@ -362,4 +362,12 @@ class ApproveArticleTest < ActiveSupport::TestCase
362	362	assert_match(/#{task.requestor.name} wants to publish the article: #{article.name}/, email.subject)
363	363	end
364	364
	365	+ should 'approve an event' do
	366	+ event = fast_create(Event, :profile_id => profile.id, :name => 'Event test', :slug => 'event-test', :abstract => 'Lead of article', :body => 'This is my event')
	367	+ task = ApproveArticle.create!(:name => 'Event test', :article => event, :target => community, :requestor => profile)
	368	+ assert_difference event.class, :count do
	369	+ task.finish
	370	+ end
	371	+ end
	372	+
365	373	end
...	...
...	...	@@ -14,9 +14,9 @@ class EventTest < ActiveSupport::TestCase
14	14	assert_kind_of String, Event.short_description
15	15	end
16	16
17		- should 'have a description' do
18		- e = Event.new(:description => 'some useful description')
19		- assert_equal 'some useful description', e.description
	17	+ should 'have a body' do
	18	+ e = Event.new(:body => 'some useful description')
	19	+ assert_equal 'some useful description', e.body
20	20	end
21	21
22	22	should 'have a link' do
...	...	@@ -62,9 +62,9 @@ class EventTest < ActiveSupport::TestCase
62	62	assert_includes Event.find_by_contents('surprisingly'), e
63	63	end
64	64
65		- should 'be indexed by description' do
	65	+ should 'be indexed by body' do
66	66	profile = create_user('testuser').person
67		- e = Event.create!(:name => 'bli', :start_date => Date.new(2008, 06, 06), :profile => profile, :description => 'my surprisingly long description about my freaking nice event')
	67	+ e = Event.create!(:name => 'bli', :start_date => Date.new(2008, 06, 06), :profile => profile, :body => 'my surprisingly long description about my freaking nice event')
68	68	assert_includes Event.find_by_contents('surprisingly'), e
69	69	end
70	70
...	...	@@ -123,7 +123,7 @@ class EventTest < ActiveSupport::TestCase
123	123	end
124	124
125	125	should 'provide nice display format' do
126		- e = Event.new(:start_date => Date.new(2008,1,1), :end_date => Date.new(2008,1,1), :link => 'http://www.myevent.org', :description => 'my somewhat short description')
	126	+ e = Event.new(:start_date => Date.new(2008,1,1), :end_date => Date.new(2008,1,1), :link => 'http://www.myevent.org', :body => 'my somewhat short description')
127	127
128	128	assert_tag_in_string e.to_html, :content => Regexp.new("January 1, 2008")
129	129	assert_tag_in_string e.to_html, :content => 'my somewhat short description'
...	...	@@ -131,9 +131,9 @@ class EventTest < ActiveSupport::TestCase
131	131
132	132	end
133	133
134		- should 'not crash when description is blank' do
	134	+ should 'not crash when body is blank' do
135	135	e = Event.new
136		- assert_nil e.description
	136	+ assert_nil e.body
137	137	assert_no_match(/_____XXXX_DESCRIPTION_GOES_HERE_XXXX_____/, e.to_html)
138	138	end
139	139
...	...	@@ -144,30 +144,30 @@ class EventTest < ActiveSupport::TestCase
144	144
145	145	should 'add http:// when reading link' do
146	146	a = Event.new
147		- a.body[:link] = 'www.gnu.org'
	147	+ a.setting[:link] = 'www.gnu.org'
148	148	assert_equal 'http://www.gnu.org', a.link
149	149	end
150	150
151	151	should 'not add http:// to empty link' do
152	152	a = Event.new
153		- a.body[:link] = ''
	153	+ a.setting[:link] = ''
154	154	assert_equal '', a.link
155		- a.body[:link] = nil
	155	+ a.setting[:link] = nil
156	156	assert_equal '', a.link
157	157	end
158	158
159		- should 'not escape HTML in description' do
160		- a = Event.new(:description => '<p>a paragraph of text</p>', :link => 'www.gnu.org')
	159	+ should 'not escape HTML in body' do
	160	+ a = Event.new(:body => '<p>a paragraph of text</p>', :link => 'www.gnu.org')
161	161
162	162	assert_match '<p>a paragraph of text</p>', a.to_html
163	163	end
164	164
165		- should 'filter HTML in description' do
	165	+ should 'filter HTML in body' do
166	166	profile = create_user('testuser').person
167		- e = Event.create!(:profile => profile, :name => 'test', :description => '<p>a paragraph (valid)</p><script type="text/javascript">/* this is invalid */</script>"', :link => 'www.colivre.coop.br', :start_date => Date.today)
	167	+ e = Event.create!(:profile => profile, :name => 'test', :body => '<p>a paragraph (valid)</p><script type="text/javascript">/* this is invalid */</script>"', :link => 'www.colivre.coop.br', :start_date => Date.today)
168	168
169		- assert_tag_in_string e.description, :tag => 'p', :content => 'a paragraph (valid)'
170		- assert_no_tag_in_string e.description, :tag => 'script'
	169	+ assert_tag_in_string e.body, :tag => 'p', :content => 'a paragraph (valid)'
	170	+ assert_no_tag_in_string e.body, :tag => 'script'
171	171	end
172	172
173	173	should 'nil to link' do
...	...	@@ -238,31 +238,31 @@ class EventTest < ActiveSupport::TestCase
238	238
239	239	should 'filter fields with white_list filter' do
240	240	event = Event.new
241		- event.description = "<h1> Description </h1>"
	241	+ event.body = "<h1> Description </h1>"
242	242	event.address = "<strong> Address <strong>"
243	243	event.valid?
244	244
245		- assert_equal "<h1> Description </h1>", event.description
	245	+ assert_equal "<h1> Description </h1>", event.body
246	246	assert_equal "<strong> Address <strong>", event.address
247	247	end
248	248
249	249	should 'escape malformed html tags' do
250	250	event = Event.new
251		- event.description = "<h1<< Description >>/h1>"
	251	+ event.body = "<h1<< Description >>/h1>"
252	252	event.address = "<strong>><< Address <strong>"
253	253	event.valid?
254	254
255		- assert_no_match /[<>]/, event.description
	255	+ assert_no_match /[<>]/, event.body
256	256	assert_no_match /[<>]/, event.address
257	257	end
258	258
259	259	should 'not sanitize html comments' do
260	260	event = Event.new
261		- event.description = '<p><!-- <asdf> << aasdfa >>> --> <h1> Wellformed html code </h1>'
	261	+ event.body = '<p><!-- <asdf> << aasdfa >>> --> <h1> Wellformed html code </h1>'
262	262	event.address = '<p><!-- <asdf> << aasdfa >>> --> <h1> Wellformed html code </h1>'
263	263	event.valid?
264	264
265		- assert_match /<!-- .* --> <h1> Wellformed html code <\/h1>/, event.description
	265	+ assert_match /<!-- .* --> <h1> Wellformed html code <\/h1>/, event.body
266	266	assert_match /<!-- .* --> <h1> Wellformed html code <\/h1>/, event.address
267	267	end
268	268
...	...