mirror of
https://github.com/scinote-eln/scinote-web.git
synced 2024-09-20 06:35:56 +08:00
Merge pull request #806 from ZmagoD/disable_tiny_mce_asset_unless_step
Fixes bug with embedded images [SCI-1624]
This commit is contained in:
commit
00be4460cc
|
@ -34,7 +34,8 @@ class ResultTextsController < ApplicationController
|
|||
def create
|
||||
@result_text = ResultText.new(result_params[:result_text_attributes])
|
||||
# gerate a tag that replaces img tag in database
|
||||
@result_text.text = parse_tiny_mce_asset_to_token(@result_text.text)
|
||||
@result_text.text = parse_tiny_mce_asset_to_token(@result_text.text,
|
||||
@result_text)
|
||||
@result = Result.new(
|
||||
user: current_user,
|
||||
my_module: @my_module,
|
||||
|
@ -88,7 +89,8 @@ class ResultTextsController < ApplicationController
|
|||
end
|
||||
|
||||
def edit
|
||||
@result_text.text = generate_image_tag_from_token(@result_text.text)
|
||||
@result_text.text = generate_image_tag_from_token(@result_text.text,
|
||||
@result_text)
|
||||
respond_to do |format|
|
||||
format.json {
|
||||
render json: {
|
||||
|
|
|
@ -30,7 +30,7 @@ class StepsController < ApplicationController
|
|||
def create
|
||||
@step = Step.new(step_params)
|
||||
# gerate a tag that replaces img tag in database
|
||||
@step.description = parse_tiny_mce_asset_to_token(@step.description)
|
||||
@step.description = parse_tiny_mce_asset_to_token(@step.description, @step)
|
||||
@step.completed = false
|
||||
@step.position = @protocol.number_of_steps
|
||||
@step.protocol = @protocol
|
||||
|
@ -118,7 +118,7 @@ class StepsController < ApplicationController
|
|||
end
|
||||
|
||||
def edit
|
||||
@step.description = generate_image_tag_from_token(@step.description)
|
||||
@step.description = generate_image_tag_from_token(@step.description, @step)
|
||||
respond_to do |format|
|
||||
format.json do
|
||||
render json: {
|
||||
|
|
|
@ -1,29 +1,30 @@
|
|||
module TinyMceHelper
|
||||
def parse_tiny_mce_asset_to_token(text, ref = nil)
|
||||
def parse_tiny_mce_asset_to_token(text, obj)
|
||||
ids = []
|
||||
html = Nokogiri::HTML(text)
|
||||
html = Nokogiri::HTML(remove_pasted_tokens(text))
|
||||
html.search('img').each do |img|
|
||||
next unless img['data-token']
|
||||
img_id = Base62.decode(img['data-token'])
|
||||
ids << img_id
|
||||
token = "[~tiny_mce_id:#{img_id}]"
|
||||
img.replace(token)
|
||||
next unless ref
|
||||
next unless obj
|
||||
tiny_img = TinyMceAsset.find_by_id(img_id)
|
||||
tiny_img.reference = ref unless tiny_img.step || tiny_img.result_text
|
||||
tiny_img.reference = obj unless tiny_img.step || tiny_img.result_text
|
||||
tiny_img.save
|
||||
end
|
||||
destroy_removed_tiny_mce_assets(ids, ref) if ref
|
||||
destroy_removed_tiny_mce_assets(ids, obj) if obj
|
||||
html
|
||||
end
|
||||
|
||||
def generate_image_tag_from_token(text)
|
||||
def generate_image_tag_from_token(text, obj)
|
||||
return unless text
|
||||
regex = /\[~tiny_mce_id:([0-9a-zA-Z]+)\]/
|
||||
regex = Constants::TINY_MCE_ASSET_REGEX
|
||||
text.gsub(regex) do |el|
|
||||
match = el.match(regex)
|
||||
img = TinyMceAsset.find_by_id(match[1])
|
||||
next unless img
|
||||
next unless img && img.team == current_team
|
||||
next unless check_image_permissions(obj, img)
|
||||
image_tag img.url,
|
||||
class: 'img-responsive',
|
||||
data: { token: Base62.encode(img.id) }
|
||||
|
@ -32,7 +33,7 @@ module TinyMceHelper
|
|||
|
||||
def link_tiny_mce_assets(text, ref)
|
||||
ids = []
|
||||
regex = /\[~tiny_mce_id:([0-9a-zA-Z]+)\]/
|
||||
regex = Constants::TINY_MCE_ASSET_REGEX
|
||||
text.gsub(regex) do |img|
|
||||
match = img.match(regex)
|
||||
tiny_img = TinyMceAsset.find_by_id(match[1])
|
||||
|
@ -62,4 +63,17 @@ module TinyMceHelper
|
|||
ref.tiny_mce_assets.where.not('id IN (?)', ids).destroy_all
|
||||
end
|
||||
end
|
||||
|
||||
def check_image_permissions(obj, img)
|
||||
if obj.class == Step
|
||||
img.step == obj
|
||||
elsif obj.class == ResultText
|
||||
img.result_text == obj
|
||||
end
|
||||
end
|
||||
|
||||
def remove_pasted_tokens(text)
|
||||
regex = Constants::TINY_MCE_ASSET_REGEX
|
||||
text.gsub(regex, ' ')
|
||||
end
|
||||
end
|
||||
|
|
|
@ -41,7 +41,7 @@ module ProtocolsExporter
|
|||
|
||||
def get_tiny_mce_assets(text)
|
||||
return unless text
|
||||
regex = /\[~tiny_mce_id:([0-9a-zA-Z]+)\]/
|
||||
regex = Constants::TINY_MCE_ASSET_REGEX
|
||||
tiny_assets_xml = "<descriptionAssets>\n"
|
||||
text.gsub(regex) do |el|
|
||||
match = el.match(regex)
|
||||
|
|
|
@ -170,6 +170,6 @@ module ProtocolsImporter
|
|||
# handle import from legacy exports
|
||||
def populate_rte_legacy(step_json)
|
||||
return unless step_json['description'] && step_json['description'].present?
|
||||
step_json['description'].gsub(/\[~tiny_mce_id:([0-9a-zA-Z]+)\]/, '')
|
||||
step_json['description'].gsub(Constants::TINY_MCE_ASSET_REGEX, '')
|
||||
end
|
||||
end
|
||||
|
|
|
@ -85,7 +85,7 @@
|
|||
<em><%= t("protocols.steps.no_description") %></em>
|
||||
<% else %>
|
||||
<div class="ql-editor">
|
||||
<%= sanitize_input(generate_image_tag_from_token(step.description), ['img']) %>
|
||||
<%= sanitize_input(generate_image_tag_from_token(step.description, step), ['img']) %>
|
||||
</div>
|
||||
<% end %>
|
||||
</div>
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
<div class="report-element-body">
|
||||
<div class="row">
|
||||
<div class="col-xs-12 text-container ql-editor">
|
||||
<%= custom_auto_link(generate_image_tag_from_token(result_text.text),
|
||||
<%= custom_auto_link(generate_image_tag_from_token(result_text.text, result_text),
|
||||
simple_format: false,
|
||||
tags: %w(img)) %>
|
||||
</div>
|
||||
|
|
|
@ -30,7 +30,7 @@
|
|||
<div class="row">
|
||||
<div class="col-xs-12 ql-editor">
|
||||
<% if strip_tags(step.description).present? %>
|
||||
<%= custom_auto_link(generate_image_tag_from_token(step.description),
|
||||
<%= custom_auto_link(generate_image_tag_from_token(step.description, step),
|
||||
simple_format: false,
|
||||
tags: %w(img)) %>
|
||||
<% else %>
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
<div class="ql-editor">
|
||||
<%= custom_auto_link(generate_image_tag_from_token(result.result_text.text),
|
||||
<%= custom_auto_link(generate_image_tag_from_token(result.result_text.text, result.result_text),
|
||||
simple_format: false,
|
||||
tags: %w(img)) %>
|
||||
</div>
|
||||
|
|
|
@ -54,7 +54,7 @@
|
|||
<em><%= t('protocols.steps.no_description') %></em>
|
||||
<% else %>
|
||||
<div class="ql-editor">
|
||||
<%= custom_auto_link(generate_image_tag_from_token(step.description),
|
||||
<%= custom_auto_link(generate_image_tag_from_token(step.description, step),
|
||||
simple_format: false,
|
||||
tags: %w(img)) %>
|
||||
</div>
|
||||
|
|
|
@ -864,6 +864,8 @@ class Constants
|
|||
# Very basic regex to check for validity of emails
|
||||
BASIC_EMAIL_REGEX = URI::MailTo::EMAIL_REGEXP
|
||||
|
||||
TINY_MCE_ASSET_REGEX = /\[~tiny_mce_id:([0-9a-zA-Z]+)\]/
|
||||
|
||||
# Team name for default admin user
|
||||
DEFAULT_PRIVATE_TEAM_NAME = 'My projects'.freeze
|
||||
|
||||
|
|
Loading…
Reference in a new issue