add tinymce img importer and refactor input sanitize helper

2025-09-06 21:24:23 +08:00 · 2017-04-19 09:11:52 +02:00 · 2017-04-19 09:11:52 +02:00 · c25df63a14
commit c25df63a14
parent 3d805d529d
12 changed files with 36 additions and 16 deletions
--- a/1
+++ b/1
@ -66,6 +66,7 @@ gem 'delayed_job_active_record'
 gem 'devise-async'
 gem 'ruby-graphviz', '~> 1.2' # Graphviz for rails
 gem 'tinymce-rails' # Rich text editor
+gem 'tinymce-rails-imageupload', '~> 4.0.0.beta' 

 gem 'base62' # Used for smart annotations
 gem 'newrelic_rpm'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -311,6 +311,9 @@ GEM
    tilt (2.0.1)
    tinymce-rails (4.5.2)
      railties (>= 3.1.1)
+    tinymce-rails-imageupload (4.0.17.beta.2)
+      railties (>= 3.2, < 6)
+      tinymce-rails (~> 4.0)
    turbolinks (2.5.3)
      coffee-rails
    tzinfo (1.2.2)
@ -398,6 +401,7 @@ DEPENDENCIES
  spinjs-rails
  starscope
  tinymce-rails
+  tinymce-rails-imageupload (~> 4.0.0.beta)
  turbolinks
  tzinfo-data
  uglifier (>= 1.3.0)
--- a/app/assets/javascripts/sitewide/tiny_mce.js.erb
+++ b/app/assets/javascripts/sitewide/tiny_mce.js.erb
@ -13,14 +13,18 @@ var TinyMCE = (function() {
    });
  }

+  function getTinyMceAssetsUploadPath() {
+    return $('textarea.tinymce').attr('tiny_mce_upload_path');
+  }
+
  // returns a public API for TinyMCE editor
  return Object.freeze({
    init : function() {
      if (typeof tinyMCE != 'undefined') {
        tinyMCE.init({
-          selector: "textarea.tinymce",
-          toolbar: ["undo redo | insert | styleselect | bold italic | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | link | forecolor backcolor | codesample"],
-          plugins: "link,advlist,codesample,autolink,lists,charmap,hr,anchor,searchreplace,wordcount,visualblocks,visualchars,insertdatetime,nonbreaking,save,contextmenu,directionality,paste,textcolor,colorpicker,textpattern,imagetools",
+          selector: 'textarea.tinymce',
+          toolbar: ["undo redo | insert | styleselect | bold italic | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | link | forecolor backcolor | uploadimage | codesample"],
+          plugins: "uploadimage, link,advlist,codesample,autolink,lists,charmap,hr,anchor,searchreplace,wordcount,visualblocks,visualchars,insertdatetime,nonbreaking,save,contextmenu,directionality,paste,textcolor,colorpicker,textpattern,imagetools",
          codesample_languages: [{"text":"R","value":"r"},{"text":"MATLAB","value":"matlab"},{"text":"Python","value":"python"},{"text":"JSON","value":"javascript"},{"text":"HTML/XML","value":"markup"},{"text":"JavaScript","value":"javascript"},{"text":"CSS","value":"css"},{"text":"PHP","value":"php"},{"text":"Ruby","value":"ruby"},{"text":"Java","value":"java"},{"text":"C","value":"c"},{"text":"C#","value":"csharp"},{"text":"C++","value":"cpp"}],
          removed_menuitems: 'newdocument',
          elementpath: false,
@ -80,7 +84,8 @@ var TinyMCE = (function() {

            });
          },
-          codesample_content_css: '<%= asset_path('highlightjs-github-theme') %>'
+          codesample_content_css: '<%= asset_path('highlightjs-github-theme') %>',
+          uploadimage_form_url: getTinyMceAssetsUploadPath()
        });
      }
    },
--- a/app/datatables/sample_datatable.rb
+++ b/app/datatables/sample_datatable.rb
@ -129,9 +129,8 @@ class SampleDatatable < AjaxDatatablesRails::Base

      # Add custom attributes
      record.sample_custom_fields.each do |scf|
-        sample[@cf_mappings[scf.custom_field_id]] = custom_auto_link(scf.value,
-                                                                     true,
-                                                                     @team)
+        sample[@cf_mappings[scf.custom_field_id]] =
+          custom_auto_link(scf.value, simple_format: true, team: @team)
      end
      sample
    end
--- a/app/helpers/input_sanitize_helper.rb
+++ b/app/helpers/input_sanitize_helper.rb
@ -15,14 +15,18 @@ module InputSanitizeHelper
    ERB::Util.html_escape(text)
  end

-  def custom_auto_link(text, simple_format = true, org = nil, wrapper_tag = {})
+  def custom_auto_link(text, options = {})
+    simple_format = options.fetch(:simple_format) { true }
+    team = options[:team],
+    wrapper_tag = options.fetch(:wrapper_tag) { {} }
+    tags = options.fetch(:tags) { [] }
    text = if simple_format
             simple_format(sanitize_input(text), {}, wrapper_tag)
           else
-             sanitize_input(text)
+             sanitize_input(text, tags)
           end
    auto_link(
-      smart_annotation_parser(text, org),
+      smart_annotation_parser(text, team),
      link: :urls,
      sanitize: false,
      html: { target: '_blank' }
--- a/app/views/reports/elements/_my_module_result_text_element.html.erb
+++ b/app/views/reports/elements/_my_module_result_text_element.html.erb
@ -23,7 +23,7 @@
  <div class="report-element-body">
    <div class="row">
      <div class="col-xs-12 text-container ql-editor">
-        <%= custom_auto_link(result_text.text, false) %>
+        <%= custom_auto_link(result_text.text, simple_format: false) %>
      </div>
    </div>
  </div>
--- a/app/views/reports/elements/_my_module_step_element.html.erb
+++ b/app/views/reports/elements/_my_module_step_element.html.erb
@ -27,7 +27,7 @@
    <div class="row">
      <div class="col-xs-12 ql-editor">
        <% if strip_tags(step.description).present? %>
-          <%= custom_auto_link(step.description, false) %>
+          <%= custom_auto_link(step.description, simple_format: false) %>
        <% else %>
           <em><%=t "projects.reports.elements.step.no_description" %></em>
        <% end %>
--- a/app/views/reports/elements/_step_checklist_element.html.erb
+++ b/app/views/reports/elements/_step_checklist_element.html.erb
@ -24,7 +24,9 @@
        <li>
          <input type="checkbox" disabled="disabled" <%= "checked='checked'" if item.checked %>/>
          <span class="<%= 'checked' if item.checked %>">
-            <%= custom_auto_link(item.text, true, nil, {wrapper_tag: "span"}) %>
+            <%= custom_auto_link(item.text,
+                                 simple_format: true,
+                                 wrapper_tag: { wrapper_tag: 'span'}) %>
          </span>
        </li>
      <% end %>
--- a/app/views/results/_result_text.html.erb
+++ b/app/views/results/_result_text.html.erb
@ -1,3 +1,3 @@
 <div class="ql-editor">
-  <%= custom_auto_link(result.result_text.text, false) %>
+  <%= custom_auto_link(result.result_text.text, simple_format: false) %>
 </div>
--- a/app/views/steps/_empty_step.html.erb
+++ b/app/views/steps/_empty_step.html.erb
@ -27,7 +27,7 @@
  <div class="tab-pane active" role="tabpanel" id="new-step-main">
    <%= f.text_field :name, label: t("protocols.steps.new.name"), placeholder: t("protocols.steps.new.name_placeholder") %>
    <div class="form-group">
-      <%= f.tiny_mce_editor(:description) %>
+      <%= f.tiny_mce_editor(:description, tiny_mce_upload_path: tiny_mce_assets_path(step: @step)  ) %>
    </div>
  </div>
  <div class="tab-pane" role="tabpanel" id="new-step-checklists">
--- a/app/views/steps/_step.html.erb
+++ b/app/views/steps/_step.html.erb
@ -54,7 +54,9 @@
              <em><%= t('protocols.steps.no_description') %></em>
            <% else %>
              <div class="ql-editor">
-                <%= custom_auto_link(step.description, false) %>
+                <%= custom_auto_link(step.description,
+                                     simple_format: false,
+                                     tags: ['img']) %>
              </div>
            <% end %>
          </div>
--- a/config/routes.rb
+++ b/config/routes.rb
@ -321,6 +321,9 @@ Rails.application.routes.draw do
      end
    end

+    # tinyMCE image uploader endpoint
+    post '/tinymce_assets', to: 'tiny_mce_assets#create', as: :tiny_mce_assets
+
    resources :results, only: [:update, :destroy] do
      resources :result_comments,
                path: '/comments',