scinote-eln/scinote-web
1
1
Fork 0
mirror of https://github.com/scinote-eln/scinote-web.git synced 2025-09-06 21:24:23 +08:00
Code Issues Projects Releases Packages Wiki Activity

Added auto_link wrapper with custom sanitization [SCI-102]

Browse source
This commit is contained in:
Oleksii Kriuchykhin 2017-01-11 17:02:17 +01:00
parent 0546716a0b
commit d05c16b0ba
21 changed files with 59 additions and 60 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/my_module_comments_controller.rb
View file

@ -115,7 +115,7 @@ class MyModuleCommentsController < ApplicationController
)
)
render json: {
comment: auto_link(
comment: custom_auto_link(
simple_format(@comment.message),
link: :urls,
html: { target: '_blank' }

2
app/controllers/project_comments_controller.rb
View file

@ -112,7 +112,7 @@ class ProjectCommentsController < ApplicationController
)
)
render json: {
comment: auto_link(
comment: custom_auto_link(
simple_format(@comment.message),
link: :urls,
html: { target: '_blank' }

2
app/controllers/result_comments_controller.rb
View file

@ -113,7 +113,7 @@ class ResultCommentsController < ApplicationController
)
)
render json: {
comment: auto_link(
comment: custom_auto_link(
simple_format(@comment.message),
link: :urls,
html: { target: '_blank' }

2
app/controllers/step_comments_controller.rb
View file

@ -118,7 +118,7 @@ class StepCommentsController < ApplicationController
)
end
render json: {
comment: auto_link(
comment: custom_auto_link(
simple_format(@comment.message),
link: :urls,
html: { target: '_blank' }

7
app/datatables/sample_datatable.rb
View file

@ -130,11 +130,8 @@ class SampleDatatable < AjaxDatatablesRails::Base
# Add custom attributes
record.sample_custom_fields.each do |scf|
sample[@cf_mappings[scf.custom_field_id]] = auto_link(scf.value,
link: :urls,
html: {
target: '_blank'
})
sample[@cf_mappings[scf.custom_field_id]] =
custom_auto_link(scf.value, link: :urls, html: { target: '_blank' })
end
sample
end

5
app/helpers/input_sanitize_helper.rb
View file

@ -10,4 +10,9 @@ module InputSanitizeHelper
def escape_input(text)
ERB::Util.html_escape(text)
end
def custom_auto_link(text, args)
args[:sanitize] = false
sanitize_input(auto_link(text, args))
end
end

7
app/views/my_module_comments/_comment.html.erb
View file

@ -39,7 +39,8 @@
</div>
<strong><%= comment.user.full_name %>:</strong>
<div data-role="comment-message-container">
<div data-role="comment-message"><%= auto_link(simple_format(comment.message),
link: :urls,
html: { target: '_blank' }) %></div>
<div data-role="comment-message">
<%= custom_auto_link(simple_format(comment.message),
link: :urls, html: { target: '_blank' }) %>
</div>
</div>

5
app/views/my_modules/_description_label.html.erb
View file

@ -1,7 +1,6 @@
<% if @my_module.description.blank? %>
<em><%=t "experiments.canvas.popups.no_description" %></em>
<% else %>
<%= auto_link(simple_format(@my_module.description),
link: :urls,
html: { target: '_blank' }) %>
<%= custom_auto_link(simple_format(@my_module.description),
link: :urls, html: { target: '_blank' }) %>
<% end %>

7
app/views/project_comments/_comment.html.erb
View file

@ -39,7 +39,8 @@
</div>
<strong><%= comment.user.full_name %>:</strong>
<div data-role="comment-message-container">
<div data-role="comment-message"><%= auto_link(simple_format(comment.message),
link: :urls,
html: { target: '_blank' }) %></div>
<div data-role="comment-message">
<%= custom_auto_link(simple_format(comment.message),
link: :urls, html: { target: '_blank' }) %>
</div>
</div>

5
app/views/projects/show/_experiment.html.erb
View file

@ -49,9 +49,8 @@
</span>
<% if experiment.description? %>
<div class='experiment-description'>
<%= auto_link(simple_format(experiment.description),
link: :urls,
html: { target: '_blank' }) %>
<%= custom_auto_link(simple_format(experiment.description),
link: :urls, html: { target: '_blank' }) %>
</div>
<% else %>
<span class='experiment-no-description'>

5
app/views/reports/elements/_experiment_element.html.erb
View file

@ -27,9 +27,8 @@
<div class="row">
<div class="col-xs-12">
<% if experiment.description.present? %>
<%= auto_link(simple_format(experiment.description),
link: :urls,
html: { target: '_blank' }) %>
<%= custom_auto_link(simple_format(experiment.description),
link: :urls, html: { target: '_blank' }) %>
<% else %>
<em><%=t "projects.reports.elements.experiment.no_description" %></em>
<% end %>

5
app/views/reports/elements/_my_module_element.html.erb
View file

@ -30,9 +30,8 @@
<div class="row">
<div class="col-xs-12">
<% if my_module.description.present? %>
<%= auto_link(simple_format(my_module.description),
link: :urls,
html: { target: '_blank' }) %>
<%= custom_auto_link(simple_format(my_module.description),
link: :urls, html: { target: '_blank' }) %>
<% else %>
<em><%=t "projects.reports.elements.module.no_description" %></em>
<% end %>

6
app/views/reports/elements/_result_comments_element.html.erb
View file

@ -31,9 +31,9 @@
</span>
<span class="comment-message">
&nbsp;
<%= auto_link(simple_format(comment.message),
link: :urls,
html: { target: '_blank' }) %>
<%= custom_auto_link(simple_format(comment.message),
link: :urls,
html: { target: '_blank' }) %>
</span>
</li>
<% end %>

5
app/views/reports/elements/_result_text_element.html.erb
View file

@ -23,9 +23,8 @@
<div class="report-element-body">
<div class="row">
<div class="col-xs-12 text-container ql-editor">
<%= auto_link(result_text.text,
link: :urls,
html: { target: '_blank' }) %>
<%= custom_auto_link(result_text.text,
link: :urls, html: { target: '_blank' }) %>
</div>
</div>
</div>

7
app/views/reports/elements/_step_checklist_element.html.erb
View file

@ -24,10 +24,9 @@
<li>
<input type="checkbox" disabled="disabled" <%= "checked='checked'" if item.checked %>/>
<span class="<%= 'checked' if item.checked %>">
<%= auto_link(simple_format(item.text),
link: :urls,
html: { target: '_blank' }) %></span>
<%= custom_auto_link(simple_format(item.text),
link: :urls, html: { target: '_blank' }) %>
</span>
</li>
<% end %>
</ul>

6
app/views/reports/elements/_step_comments_element.html.erb
View file

@ -31,9 +31,9 @@
</span>
<span class="comment-message">
&nbsp;
<%= auto_link(simple_format(comment.message),
link: :urls,
html: { target: '_blank' }) %>
<%= custom_auto_link(simple_format(comment.message),
link: :urls,
html: { target: '_blank' }) %>
</span>
</li>
<% end %>

5
app/views/reports/elements/_step_element.html.erb
View file

@ -27,9 +27,8 @@
<div class="row">
<div class="col-xs-12 ql-editor">
<% if strip_tags(step.description).present? %>
<%= auto_link(step.description,
link: :urls,
html: { target: '_blank' }) %>
<%= custom_auto_link(step.description,
link: :urls, html: { target: '_blank' }) %>
<% else %>
<em><%=t "projects.reports.elements.step.no_description" %></em>
<% end %>

7
app/views/result_comments/_comment.html.erb
View file

@ -40,7 +40,8 @@
<% end %>
</div>
<div data-role="comment-message-container">
<div data-role="comment-message"><%= auto_link(simple_format(comment.message),
link: :urls,
html: { target: '_blank' }) %></div>
<div data-role="comment-message">
<%= custom_auto_link(simple_format(comment.message),
link: :urls, html: { target: '_blank' }) %>
</div>
</div>

5
app/views/results/_result_text.html.erb
View file

@ -1,5 +1,4 @@
<div class="ql-editor">
<%= auto_link(result.result_text.text,
link: :urls,
html: { target: '_blank' }) %>
<%= custom_auto_link(result.result_text.text,
link: :urls, html: { target: '_blank' }) %>
</div>

7
app/views/step_comments/_comment.html.erb
View file

@ -40,7 +40,8 @@
<% end %>
</div>
<div data-role="comment-message-container">
<div data-role="comment-message"><%= auto_link(simple_format(comment.message),
link: :urls,
html: { target: '_blank' }) %></div>
<div data-role="comment-message">
<%= custom_auto_link(simple_format(comment.message),
link: :urls, html: { target: '_blank' }) %>
</div>
</div>

17
app/views/steps/_step.html.erb
View file

@ -37,9 +37,8 @@
<em><%= t("protocols.steps.no_description") %></em>
<% else %>
<div class="ql-editor">
<%= auto_link(step.description,
link: :urls,
html: { target: '_blank' }) %>
<%= custom_auto_link(step.description,
link: :urls, html: { target: '_blank' }) %>
</div>
<% end %>
</div>
@ -88,9 +87,11 @@
<% unless step.checklists.blank? then %>
<div class="col-xs-12">
<% step.checklists.each do |checklist| %>
<strong><%= auto_link(simple_format(checklist.name),
<strong>
<%= custom_auto_link(simple_format(checklist.name),
link: :urls,
html: { target: '_blank' }) %></strong>
html: { target: '_blank' }) %>
</strong>
<% if checklist.checklist_items.empty? %>
</br>
<%= t("protocols.steps.empty_checklist") %>
@ -104,9 +105,9 @@
<% else %>
<input type="checkbox" value="" disabled="disabled" />
<% end %>
<%= auto_link(simple_format(checklist_item.text),
link: :urls,
html: { target: '_blank' }) %>
<%= custom_auto_link(simple_format(checklist_item.text),
link: :urls,
html: { target: '_blank' }) %>
</label>
</div>
<% end %>