bofh/fetsite
9
0
Fork 1
Code Issues Pull Requests Releases Wiki Activity

sanitize document

Browse Source
This commit is contained in:
Andreas Stephanides
2015-04-29 16:07:39 +02:00
parent 19959b083e
commit 8a32bff399
4 changed files with 23 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/controllers/documents_controller.rb
View File

@@ -24,7 +24,12 @@ class DocumentsController < ApplicationController
format.html format.html
end end
end end
def sanitize
@document = Document.find(params[:id])
@document.sanitize
@parent=@document.parent
render :write
end
def show def show
@document = Document.find(params[:id]) @document = Document.find(params[:id])
respond_to do |format| respond_to do |format|

12
app/models/document.rb
View File

@@ -45,7 +45,19 @@ class Document < ActiveRecord::Base
Rails.logger.puts(serr.read) Rails.logger.puts(serr.read)
file file
end end
def sanitize
trans_icons= lambda do |env|
node=env[:node]
node_name=env[:node_name]
return if env[:is_whitelisted] || !node.element?
return unless node_name == 'span'
# return unless node["class"] =~ /.*ffi.*/
Sanitize.node!(node,{:elements=>["span"],:attributes=>{"span"=>["class","style"]},:css=>{:properties=>["color"]}})
{:node_whitelist=>[node]}
end
self.text = Sanitize.fragment(self.text, {:elements=>['table','tr','td','p','h1','h2','h3','h4','h5','a','th','img','ul','li','i','b','em','pre','code'],:attributes=>{'p'=>['class'],'table'=>['class'],'a'=>['href','data'],'img'=>['src','width','height'],:all=>['class']},:css=>{:properties=>['float']},:transformers=>[trans_icons]})
end
def ether def ether
if @ep.nil? if @ep.nil?

5
app/views/documents/show.html.erb
View File

@@ -2,6 +2,8 @@
<%= link_to "Back to parent" , @document.parent, class: "btn" %> <%= link_to "Back to parent" , @document.parent, class: "btn" %>
<div class="btn-group"> <div class="btn-group">
<%= link_to "PDF", document_path(@document, :format=>"pdf"),class: "btn" %> <%= link_to "PDF", document_path(@document, :format=>"pdf"),class: "btn" %>
<%= link_to "sanitize", document_path(@document),class: "btn" if can? :sanitize, @document %>
<%= link_to ff_icon("icon-pencil") + "Edit", write_document_path(@document), class: "btn" %> <%= link_to ff_icon("icon-pencil") + "Edit", write_document_path(@document), class: "btn" %>
<%= link_to ff_icon("icon-refresh")+"Refresh from Etherpad", read_from_etherpad_document_path(@document), class: "btn" if @document.is_etherpad? %> <%= link_to ff_icon("icon-refresh")+"Refresh from Etherpad", read_from_etherpad_document_path(@document), class: "btn" if @document.is_etherpad? %>
<%= link_to "Copy Document to Etherpad", dump_to_etherpad_document_path(@document) , confirm: "Sicher? Löscht alle Änderungen im Etherpad" , class: "btn" %> <%= link_to "Copy Document to Etherpad", dump_to_etherpad_document_path(@document) , confirm: "Sicher? Löscht alle Änderungen im Etherpad" , class: "btn" %>
@@ -9,11 +11,12 @@
</div> </div>
</div> </div>
<div style="background:white; border: thin #ccc solid; padding: 15px;-webkit-box-shadow: 10px 10px 10px 0px rgba(0,0,0,0.5); -moz-box-shadow: 10px 10px 10px 0px rgba(0,0,0,0.5); box-shadow: 10px 10px 10px 0px rgba(0,0,0,0.5);">
<h2><%= @document.name %></h2> <h2><%= @document.name %></h2>
<div id=""> <div id="">
<%= raw(@document.text) %> <%= raw(@document.text) %>
</div> </div>
</div>
<% if can?(:edit, @document) %> <% if can?(:edit, @document) %>
<ul class='breadcrumb hidden-print'> <ul class='breadcrumb hidden-print'>
<% @document.versions.each do |v| %> <% @document.versions.each do |v| %>

1
config/routes.rb
View File

@@ -188,6 +188,7 @@
resources :calentries resources :calentries
resources :documents do resources :documents do
member do member do
get :sanitize
get :write get :write
get :write_etherpad get :write_etherpad
get :read_from_etherpad get :read_from_etherpad