adva 0.1.4 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/adva.gemspec +3 -0
- data/app/assets/config/manifest.js +6 -0
- data/app/assets/javascripts/adva_cms/ckeditor.js.erb +12 -0
- data/app/assets/javascripts/adva_cms/concat_main_menus.js +13 -0
- data/app/assets/javascripts/adva_cms/jquery.table_tree.js +704 -0
- data/app/assets/javascripts/adva_cms.js +7 -0
- data/app/assets/javascripts/ckeditor/config.js.erb +94 -0
- data/app/assets/stylesheets/adva_cms/admin/common.scss +15 -1
- data/app/assets/stylesheets/adva_cms/admin/projection.scss +2 -5
- data/app/assets/stylesheets/adva_cms/admin/sidebar.scss +30 -9
- data/app/assets/stylesheets/adva_cms/admin.scss +1 -1
- data/app/controllers/admin/base_controller.rb +10 -24
- data/app/controllers/admin/page/articles_controller.rb +8 -27
- data/app/controllers/admin/page/categories_controller.rb +6 -9
- data/app/controllers/admin/page/links_controller.rb +6 -9
- data/app/controllers/admin/sections_controller.rb +7 -9
- data/app/controllers/admin/sites_controller.rb +9 -12
- data/app/controllers/admin/users_controller.rb +6 -9
- data/app/controllers/articles_controller.rb +30 -57
- data/app/controllers/base_controller.rb +8 -8
- data/app/controllers/password_controller.rb +3 -5
- data/app/controllers/session_controller.rb +3 -5
- data/app/helpers/activities_helper.rb +9 -20
- data/app/helpers/admin/base_helper.rb +4 -22
- data/app/helpers/base_helper.rb +1 -1
- data/app/helpers/content_helper.rb +7 -5
- data/app/helpers/resource_helper.rb +4 -5
- data/app/helpers/users_helper.rb +1 -1
- data/app/models/activity.rb +3 -0
- data/app/models/article.rb +0 -11
- data/app/models/category.rb +3 -3
- data/app/models/content.rb +10 -39
- data/app/models/link.rb +0 -1
- data/app/models/password_mailer.rb +6 -9
- data/app/models/section.rb +6 -7
- data/app/models/site.rb +0 -2
- data/app/models/user.rb +1 -2
- data/app/views/activity_notifier/new_content_notification.html.erb +5 -5
- data/app/views/admin/activities/_activities.html.erb +4 -4
- data/app/views/admin/activities/_comment.html.erb +21 -21
- data/app/views/admin/activities/_content.html.erb +4 -3
- data/app/views/admin/activities/_topic.html.erb +5 -5
- data/app/views/admin/install/confirmation.html.erb +3 -3
- data/app/views/admin/install/index.html.erb +14 -14
- data/app/views/admin/page/articles/_form.html.erb +28 -25
- data/app/views/admin/page/articles/_options.html.erb +3 -4
- data/app/views/admin/page/articles/edit.html.erb +3 -3
- data/app/views/admin/page/articles/new.html.erb +4 -4
- data/app/views/admin/page/categories/edit.html.erb +9 -9
- data/app/views/admin/page/categories/index.html.erb +16 -16
- data/app/views/admin/page/categories/new.html.erb +5 -3
- data/app/views/admin/page/contents/index.html.erb +3 -18
- data/app/views/admin/page/links/_form.html.erb +17 -17
- data/app/views/admin/page/links/_options.html.erb +16 -19
- data/app/views/admin/page/links/edit.html.erb +3 -3
- data/app/views/admin/page/links/new.html.erb +3 -3
- data/app/views/admin/sections/_form.html.haml +5 -5
- data/app/views/admin/sections/edit.html.haml +2 -2
- data/app/views/admin/sections/index.html.erb +18 -18
- data/app/views/admin/sections/new.html.erb +15 -13
- data/app/views/admin/sections/settings/_page.html.haml +4 -6
- data/app/views/admin/shared/_header.html.erb +5 -4
- data/app/views/admin/shared/_section_tree.html.erb +2 -2
- data/app/views/admin/sites/_email_notifications.html.erb +6 -7
- data/app/views/admin/sites/_form.html.erb +7 -7
- data/app/views/admin/sites/_recent_users.html.erb +4 -2
- data/app/views/admin/sites/_unapproved_comments.html.erb +1 -1
- data/app/views/admin/sites/index.html.erb +1 -1
- data/app/views/admin/sites/new.html.erb +2 -2
- data/app/views/admin/sites/show.html.erb +7 -8
- data/app/views/admin/users/edit.html.erb +1 -1
- data/app/views/admin/users/index.html.erb +10 -10
- data/app/views/admin/users/new.html.erb +1 -1
- data/app/views/admin/users/show.html.erb +7 -7
- data/app/views/layouts/admin.html.haml +3 -5
- data/app/views/layouts/login.html.erb +1 -1
- data/app/views/password/edit.html.erb +12 -5
- data/app/views/password/new.html.erb +7 -7
- data/app/views/password_mailer/reset_password_email.html.erb +21 -1
- data/app/views/password_mailer/updated_password_email.html.erb +3 -1
- data/app/views/session/new.html.erb +9 -9
- data/app/views/shared/_flash.html.erb +2 -2
- data/app/views/shared/_sidebar.html.erb +2 -2
- data/config/initializers/ckeditor.rb +61 -0
- data/config/initializers/time_format.rb +2 -0
- data/lib/adva/authenticate_user.rb +193 -0
- data/lib/{active_record → adva}/belongs_to_author.rb +4 -4
- data/lib/adva/event.rb +34 -0
- data/lib/adva/extensible_forms.rb +285 -0
- data/lib/{has_options.rb → adva/has_options.rb} +5 -7
- data/lib/adva/has_permalink.rb +36 -0
- data/lib/adva/version.rb +1 -1
- data/lib/adva.rb +10 -36
- data/lib/rails_ext/action_controller/event_helper.rb +1 -1
- data/lib/rails_ext.rb +0 -9
- data/vendor/gems/cacheable_flash/.gitignore +8 -0
- data/vendor/gems/cacheable_flash/Gemfile +8 -0
- data/vendor/gems/cacheable_flash/README.md +35 -0
- data/vendor/gems/cacheable_flash/Rakefile +4 -0
- data/vendor/gems/cacheable_flash/bin/console +15 -0
- data/vendor/gems/cacheable_flash/bin/setup +8 -0
- data/vendor/gems/cacheable_flash/cacheable_flash.gemspec +38 -0
- data/vendor/gems/cacheable_flash/lib/cacheable_flash/controller.rb +29 -0
- data/vendor/gems/cacheable_flash/lib/cacheable_flash/javascript.js +19 -0
- data/vendor/gems/cacheable_flash/lib/cacheable_flash/middleware.rb +30 -0
- data/vendor/gems/cacheable_flash/lib/cacheable_flash/version.rb +5 -0
- data/vendor/gems/cacheable_flash/lib/cacheable_flash.rb +12 -0
- data/vendor/gems/simple_taggable/lib/tag_list.rb +1 -1
- data/vendor/gems/tags/lib/menu.rb +1 -1
- data/vendor/gems/tags/lib/tags/tag.rb +1 -1
- metadata +71 -144
- data/app/assets/javascripts/adva_cms/admin/jquery.admin.js +0 -23
- data/app/assets/javascripts/adva_cms/admin/jquery.article.js +0 -22
- data/app/assets/javascripts/adva_cms/admin/jquery.cached_pages.js +0 -14
- data/app/assets/javascripts/adva_cms/admin/jquery.table_tree.js +0 -7
- data/app/assets/javascripts/adva_cms/application.js +0 -13
- data/app/assets/javascripts/adva_cms/base.js +0 -4
- data/app/assets/javascripts/adva_cms/cookie.js +0 -49
- data/app/assets/javascripts/adva_cms/jquery/jquery-lowpro.js +0 -224
- data/app/assets/javascripts/adva_cms/jquery/jquery.qtip.js +0 -2085
- data/app/assets/javascripts/adva_cms/jquery/jquery.table_tree.js +0 -307
- data/app/assets/javascripts/adva_cms/jquery/jquery.tablednd_0_5.js +0 -386
- data/app/assets/javascripts/adva_cms/jquery.common.js +0 -41
- data/app/assets/javascripts/adva_cms/jquery.dates.js +0 -51
- data/app/assets/javascripts/adva_cms/jquery.flash.js +0 -59
- data/app/assets/javascripts/adva_cms/jquery.roles.js +0 -25
- data/app/assets/javascripts/adva_cms/json.js +0 -139
- data/app/controllers/admin/base_account_controller.rb +0 -13
- data/app/controllers/admin/install_controller.rb +0 -61
- data/app/controllers/admin/plugins_controller.rb +0 -38
- data/app/helpers/meta_tags_helper.rb +0 -30
- data/app/models/account.rb +0 -7
- data/app/models/event.rb +0 -34
- data/app/views/admin/articles/_meta_tags.html.erb +0 -7
- data/app/views/admin/cached_pages/_filter.html.erb +0 -8
- data/app/views/admin/cached_pages/destroy.js.erb +0 -18
- data/app/views/admin/cached_pages/index.html.erb +0 -26
- data/app/views/admin/plugins/_form.html.erb +0 -11
- data/app/views/admin/plugins/index.html.erb +0 -16
- data/app/views/admin/plugins/show.html.erb +0 -43
- data/app/views/admin/shared/_language_select.html.erb +0 -6
- data/app/views/admin/shared/_section_summary.html.erb +0 -23
- data/app/views/admin/sites/_meta_tags.html.erb +0 -15
- data/app/views/layouts/default.html.erb +0 -38
- data/app/views/layouts/simple.html.erb +0 -22
- data/app/views/shared/_footer.html.erb +0 -4
- data/app/views/shared/messages/insufficient_permissions.html.erb +0 -4
- data/config/initializers/article.rb +0 -8
- data/config/initializers/has_options.rb +0 -2
- data/config/initializers/has_permalink.rb +0 -2
- data/config/initializers/site.rb +0 -8
- data/config/locales/en.yml +0 -1319
- data/lib/action_controller/authenticate_anonymous.rb +0 -69
- data/lib/action_controller/authenticate_user.rb +0 -203
- data/lib/core_ext.rb +0 -7
- data/lib/extensible_forms.rb +0 -284
- data/lib/has_permalink.rb +0 -33
- data/lib/login/helper_integration.rb +0 -11
- data/lib/login/mail_config.rb +0 -39
- data/lib/rails_ext/action_controller/cacheable_flash.rb +0 -30
- data/lib/rails_ext/action_controller/content_for_assignments.rb +0 -106
- data/lib/rails_ext/action_controller/page_caching.rb +0 -23
- data/lib/rails_ext/action_controller/responds_to_parent.rb +0 -46
- data/lib/rails_ext/active_record/exists.rb +0 -5
- data/lib/rails_ext/active_record/sti_instantiation.rb +0 -35
- data/lib/rails_ext/active_record/sticky_changes.rb +0 -30
- data/lib/rails_ext/railties/plugin.rb +0 -58
- data/lib/rails_ext/railties/plugin_configuration.rb +0 -72
- data/lib/registry.rb +0 -49
- data/lib/tasks/translation.rake +0 -69
- data/lib/time_hacks.rb +0 -57
- data/lib/webrat_patch.rb +0 -11
- data/test/meta_tags_test.rb +0 -42
- data/vendor/gems/has_counter/.gitignore +0 -17
- data/vendor/gems/has_counter/Gemfile +0 -4
- data/vendor/gems/has_counter/LICENSE +0 -22
- data/vendor/gems/has_counter/MIT-LICENSE +0 -20
- data/vendor/gems/has_counter/README.markdown +0 -64
- data/vendor/gems/has_counter/README.md +0 -29
- data/vendor/gems/has_counter/Rakefile +0 -2
- data/vendor/gems/has_counter/db/migrate/20080601194338_create_counters_table.rb.rb +0 -13
- data/vendor/gems/has_counter/has_counter.gemspec +0 -17
- data/vendor/gems/has_counter/lib/active_record/has_counter.rb +0 -67
- data/vendor/gems/has_counter/lib/counter.rb +0 -23
- data/vendor/gems/has_counter/lib/has_counter/version.rb +0 -3
- data/vendor/gems/has_counter/lib/has_counter.rb +0 -4
- data/vendor/gems/has_counter/spec/has_counter.sqlite3.db +0 -0
- data/vendor/gems/has_counter/spec/has_counter_spec.rb +0 -55
- data/vendor/gems/has_counter/spec/spec_helper.rb +0 -117
- data/vendor/gems/has_filter/.gitignore +0 -17
- data/vendor/gems/has_filter/Gemfile +0 -4
- data/vendor/gems/has_filter/LICENSE +0 -22
- data/vendor/gems/has_filter/README.md +0 -29
- data/vendor/gems/has_filter/Rakefile +0 -2
- data/vendor/gems/has_filter/app/assets/images/has_filter/filter_add.png +0 -0
- data/vendor/gems/has_filter/app/assets/images/has_filter/filter_button_left.png +0 -0
- data/vendor/gems/has_filter/app/assets/images/has_filter/filter_button_right.png +0 -0
- data/vendor/gems/has_filter/app/assets/images/has_filter/filter_remove.png +0 -0
- data/vendor/gems/has_filter/app/assets/javascripts/has_filter/filter.js +0 -35
- data/vendor/gems/has_filter/app/assets/javascripts/has_filter/jquery.filter.js +0 -23
- data/vendor/gems/has_filter/app/assets/stylesheets/has_filter/alternate/filter.scss +0 -102
- data/vendor/gems/has_filter/app/assets/stylesheets/has_filter/filter.scss +0 -100
- data/vendor/gems/has_filter/app/helpers/filter_helper.rb +0 -3
- data/vendor/gems/has_filter/has_filter.gemspec +0 -17
- data/vendor/gems/has_filter/init.rb +0 -3
- data/vendor/gems/has_filter/lib/has_filter/active_record/act_macro.rb +0 -102
- data/vendor/gems/has_filter/lib/has_filter/filter/base.rb +0 -67
- data/vendor/gems/has_filter/lib/has_filter/filter/categorized.rb +0 -24
- data/vendor/gems/has_filter/lib/has_filter/filter/chain.rb +0 -45
- data/vendor/gems/has_filter/lib/has_filter/filter/set.rb +0 -80
- data/vendor/gems/has_filter/lib/has_filter/filter/state.rb +0 -25
- data/vendor/gems/has_filter/lib/has_filter/filter/tagged.rb +0 -22
- data/vendor/gems/has_filter/lib/has_filter/filter/text.rb +0 -55
- data/vendor/gems/has_filter/lib/has_filter/filter.rb +0 -17
- data/vendor/gems/has_filter/lib/has_filter/version.rb +0 -3
- data/vendor/gems/has_filter/lib/has_filter.rb +0 -22
- data/vendor/gems/has_filter/test/db/setup.rb +0 -45
- data/vendor/gems/has_filter/test/db/test.sqlite3.db +0 -0
- data/vendor/gems/has_filter/test/fixtures.rb +0 -15
- data/vendor/gems/has_filter/test/has_filter/filter_chain_test.rb +0 -41
- data/vendor/gems/has_filter/test/has_filter/filter_scopes_test.rb +0 -102
- data/vendor/gems/has_filter/test/has_filter/filter_tags_test.rb +0 -113
- data/vendor/gems/has_filter/test/has_filter/integration.rb +0 -15
- data/vendor/gems/has_filter/test/has_filter/scopes_test.rb +0 -48
- data/vendor/gems/has_filter/test/log/test.log +0 -34346
- data/vendor/gems/has_filter/test/models.rb +0 -23
- data/vendor/gems/has_filter/test/templates/has_filter/test/index.html.erb +0 -5
- data/vendor/gems/has_filter/test/test_helper.rb +0 -66
- data/vendor/gems/xss_terminate/.gitignore +0 -17
- data/vendor/gems/xss_terminate/Gemfile +0 -4
- data/vendor/gems/xss_terminate/LICENSE +0 -22
- data/vendor/gems/xss_terminate/MIT-LICENSE +0 -20
- data/vendor/gems/xss_terminate/README +0 -94
- data/vendor/gems/xss_terminate/README.md +0 -29
- data/vendor/gems/xss_terminate/Rakefile +0 -23
- data/vendor/gems/xss_terminate/lib/html5lib_sanitize.rb +0 -2453
- data/vendor/gems/xss_terminate/lib/rails_sanitize.rb +0 -8
- data/vendor/gems/xss_terminate/lib/xss_terminate/version.rb +0 -3
- data/vendor/gems/xss_terminate/lib/xss_terminate.rb +0 -141
- data/vendor/gems/xss_terminate/tasks/xss_terminate_tasks.rake +0 -7
- data/vendor/gems/xss_terminate/test/models/comment.rb +0 -5
- data/vendor/gems/xss_terminate/test/models/entry.rb +0 -7
- data/vendor/gems/xss_terminate/test/models/message.rb +0 -3
- data/vendor/gems/xss_terminate/test/models/person.rb +0 -5
- data/vendor/gems/xss_terminate/test/models/review.rb +0 -5
- data/vendor/gems/xss_terminate/test/schema.rb +0 -34
- data/vendor/gems/xss_terminate/test/setup_test.rb +0 -16
- data/vendor/gems/xss_terminate/test/xss_terminate_test.rb +0 -50
- data/vendor/gems/xss_terminate/xss_terminate.gemspec +0 -17
- /data/lib/tasks/{adva_cms.rake → adva.rake} +0 -0
@@ -1,23 +0,0 @@
|
|
1
|
-
class HasFilterArticle < ActiveRecord::Base
|
2
|
-
self.table_name = 'has_filter_articles'
|
3
|
-
acts_as_taggable
|
4
|
-
|
5
|
-
has_filter :tagged, :categorized,
|
6
|
-
:text => { :attributes => [:title, :body, :excerpt] },
|
7
|
-
:state => { :states => [:published, :unpublished] }
|
8
|
-
|
9
|
-
has_many :categorizations, :class_name => 'HasFilterCategorization', :dependent => :destroy
|
10
|
-
has_many :categories, :through => :categorizations, :class_name => 'HasFilterCategory'
|
11
|
-
|
12
|
-
scope :published, -> { where(published: true) }
|
13
|
-
scope :approved, -> { where(approved: true) }
|
14
|
-
end
|
15
|
-
|
16
|
-
class HasFilterCategorization < ActiveRecord::Base
|
17
|
-
belongs_to :article, :class_name => 'HasFilterArticle'
|
18
|
-
belongs_to :category, :class_name => 'HasFilterCategory'
|
19
|
-
end
|
20
|
-
|
21
|
-
class HasFilterCategory < ActiveRecord::Base
|
22
|
-
end
|
23
|
-
|
@@ -1,66 +0,0 @@
|
|
1
|
-
# require File.expand_path(File.dirname(__FILE__) + '/../../../../test/test_helper')
|
2
|
-
# Rails.backtrace_cleaner.remove_silencers!
|
3
|
-
|
4
|
-
unless defined?(Rails)
|
5
|
-
$: << File.expand_path(File.dirname(__FILE__) + '/../lib')
|
6
|
-
|
7
|
-
require 'rubygems'
|
8
|
-
require 'action_controller'
|
9
|
-
require 'active_record'
|
10
|
-
require 'active_support'
|
11
|
-
require 'active_support/test_case'
|
12
|
-
require 'action_view'
|
13
|
-
require 'mocha'
|
14
|
-
|
15
|
-
require 'has_filter'
|
16
|
-
require 'has_filter/active_record/act_macro'
|
17
|
-
ActiveRecord::Base.send :extend, HasFilter::ActiveRecord::ActMacro
|
18
|
-
|
19
|
-
$: << File.expand_path(File.dirname(__FILE__) + '/../../simple_taggable/lib')
|
20
|
-
require 'simple_taggable'
|
21
|
-
end
|
22
|
-
|
23
|
-
class Test::Unit::TestCase
|
24
|
-
include ActionController::Assertions::SelectorAssertions
|
25
|
-
|
26
|
-
def assert_html(html, *args, &block)
|
27
|
-
assert_select(HTML::Document.new(html).root, *args, &block)
|
28
|
-
end
|
29
|
-
end
|
30
|
-
|
31
|
-
require File.dirname(__FILE__) + '/db/setup'
|
32
|
-
require File.dirname(__FILE__) + '/models'
|
33
|
-
require File.dirname(__FILE__) + '/fixtures'
|
34
|
-
|
35
|
-
module HasFilter
|
36
|
-
class TestController < ActionController::Base
|
37
|
-
include HasFilter
|
38
|
-
helper_method :filter_for
|
39
|
-
def index
|
40
|
-
prepend_view_path File.dirname(__FILE__) + '/templates'
|
41
|
-
end
|
42
|
-
end
|
43
|
-
|
44
|
-
module TestHelper
|
45
|
-
def text_filter
|
46
|
-
Filter::Text.new(:attribute => :body)
|
47
|
-
end
|
48
|
-
|
49
|
-
def categorized_filter
|
50
|
-
Filter::Categorized.new
|
51
|
-
end
|
52
|
-
|
53
|
-
def tagged_filter
|
54
|
-
Filter::Tagged.new
|
55
|
-
end
|
56
|
-
|
57
|
-
def state_filter
|
58
|
-
Filter::State.new(:state, :states => [:published, :unpublished])
|
59
|
-
end
|
60
|
-
end
|
61
|
-
end
|
62
|
-
|
63
|
-
ActionController::Routing::Routes.draw do |map|
|
64
|
-
map.connect 'has_filter', :controller => 'has_filter/test', :action => 'index'
|
65
|
-
end
|
66
|
-
|
@@ -1,22 +0,0 @@
|
|
1
|
-
Copyright (c) 2012 Micah Geisel
|
2
|
-
|
3
|
-
MIT License
|
4
|
-
|
5
|
-
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
-
a copy of this software and associated documentation files (the
|
7
|
-
"Software"), to deal in the Software without restriction, including
|
8
|
-
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
-
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
-
permit persons to whom the Software is furnished to do so, subject to
|
11
|
-
the following conditions:
|
12
|
-
|
13
|
-
The above copyright notice and this permission notice shall be
|
14
|
-
included in all copies or substantial portions of the Software.
|
15
|
-
|
16
|
-
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
-
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
-
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
-
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
-
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
-
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
-
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
@@ -1,20 +0,0 @@
|
|
1
|
-
Copyright (c) 2008 Luke Francl
|
2
|
-
|
3
|
-
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
-
a copy of this software and associated documentation files (the
|
5
|
-
"Software"), to deal in the Software without restriction, including
|
6
|
-
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
-
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
-
permit persons to whom the Software is furnished to do so, subject to
|
9
|
-
the following conditions:
|
10
|
-
|
11
|
-
The above copyright notice and this permission notice shall be
|
12
|
-
included in all copies or substantial portions of the Software.
|
13
|
-
|
14
|
-
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
-
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
-
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
-
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
-
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
-
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
-
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
@@ -1,94 +0,0 @@
|
|
1
|
-
= xss_terminate
|
2
|
-
|
3
|
-
+xss_terminate+ is a plugin in that makes stripping and sanitizing HTML
|
4
|
-
stupid-simple. Install and forget. And forget about forgetting to <tt>h()</tt>
|
5
|
-
your output, because you won't need to anymore.
|
6
|
-
|
7
|
-
But +xss_terminate+ is also flexible. By default, it will strip all HTML tags
|
8
|
-
from user input. This is usually what you want, but sometimes you need users to be
|
9
|
-
able to enter HTML. The plugin allows you remove bad HTML with your choice
|
10
|
-
of two whitelist-based sanitizers, or to skip HTML sanitization entirely on
|
11
|
-
a per-field basis.
|
12
|
-
|
13
|
-
To install, do:
|
14
|
-
|
15
|
-
script/plugin install http://xssterminate.googlecode.com/svn/trunk/xss_terminate
|
16
|
-
|
17
|
-
== HTML sanitization
|
18
|
-
|
19
|
-
A note on your choices.
|
20
|
-
|
21
|
-
* Strip tags: removes all HTML using Rails's built-in +strip_tags+ method. Tags are removed, but their content is not.
|
22
|
-
* Rails sanitization: Removes bad HTML with Rails's built-in sanitize method. Bad tags are removed completely, including their content.
|
23
|
-
* HTML5lib sanitization: Removes bad HTML after parsing it with {HTML5lib}[http://code.google.com/p/html5lib/], a library that parses HTML like browsers do. It should be very tolerant of invalid HTML. Bad tags are escaped, not removed.
|
24
|
-
* Do nothing. You can chose not to process given fields.
|
25
|
-
|
26
|
-
== Usage
|
27
|
-
|
28
|
-
Installing the plugin creates a +before_save+ hook that will strip HTML tags
|
29
|
-
from all string and text fields. No further configuration is necessary if this
|
30
|
-
is what you want. To customize the behavior, you use the +xss_terminate+ class
|
31
|
-
method.
|
32
|
-
|
33
|
-
To exempt some fields from sanitization, use the <tt>:except</tt> option
|
34
|
-
with a list of fields not to process:
|
35
|
-
|
36
|
-
class Comment < ActiveRecord::Base
|
37
|
-
xss_terminate :except => [ :body ]
|
38
|
-
end
|
39
|
-
|
40
|
-
To sanitize HTML with Rails's built-in sanitization, use the <tt>:sanitize</tt> option:
|
41
|
-
|
42
|
-
class Review < ActiveRecord::Base
|
43
|
-
xss_sanitize :sanitize => [ :body, :author_name]
|
44
|
-
end
|
45
|
-
|
46
|
-
To sanitize HTML with {HTML5Lib}[http://code.google.com/p/html5lib/]
|
47
|
-
(<tt>gem install html5</tt> to get it), use the <tt>:html5lib_sanitize</tt>
|
48
|
-
option with a list of fields to sanitize:
|
49
|
-
|
50
|
-
class Entry < ActiveRecord::Base
|
51
|
-
xss_terminate :html5lib_sanitize => [ :body, :author_name ]
|
52
|
-
end
|
53
|
-
|
54
|
-
You can combine multiple options if you have some fields you would like skipped
|
55
|
-
and others sanitized. Fields not listed in the option arrays will be stripped.
|
56
|
-
|
57
|
-
class Message < ActiveRecord::Base
|
58
|
-
xss_terminate :except => [ :body ], :sanitize => [ :title ]
|
59
|
-
end
|
60
|
-
|
61
|
-
== Sanitizing existing records
|
62
|
-
|
63
|
-
After installing +xss_terminate+ and configuring it to your liking, you can
|
64
|
-
run <tt>rake xss_terminate MODELS=Foo,Bar,Baz</tt> to execute it against your
|
65
|
-
existing records. This will load each model found and save it again to invoke
|
66
|
-
the before_save hook.
|
67
|
-
|
68
|
-
== Unique features
|
69
|
-
|
70
|
-
+xss_terminate+ is based on +acts_as_sanitized+. Here is what's different:
|
71
|
-
|
72
|
-
* Rails 2.0-ready.
|
73
|
-
* Automatic. It is included with default options in <tt>ActiveReord::Base</tt> so all your models are sanitized.
|
74
|
-
* It works with migrations. Columns are fetched when model is saved, not when the class is loaded.
|
75
|
-
* You can decide whether to sanitize or strip tags on a field-by-field basis instead of model-by-model.
|
76
|
-
* HTML5lib support.
|
77
|
-
|
78
|
-
== TODO
|
79
|
-
|
80
|
-
* Performance tests
|
81
|
-
* Test suites with "real world" HTML
|
82
|
-
* Test/make work with Rails 1.2.x (Rails 1.2 sanitization is crap, so you'd want to use HTML5lib)
|
83
|
-
|
84
|
-
== Credits
|
85
|
-
|
86
|
-
Written by {Luke Francl}[http://railspikes.com] and based on acts_as_sanitized by
|
87
|
-
{Alex Payne}[http://www.al3x.net].
|
88
|
-
|
89
|
-
HTML5Lib sanitization by {Jacques Distler}[http://golem.ph.utexas.edu/~distler].
|
90
|
-
|
91
|
-
== License
|
92
|
-
|
93
|
-
MIT License, except for lib/html5lib_sanitize.rb which is under the
|
94
|
-
Ruby license and copyright to Jacques Distler.
|
@@ -1,29 +0,0 @@
|
|
1
|
-
# XssTerminate
|
2
|
-
|
3
|
-
TODO: Write a gem description
|
4
|
-
|
5
|
-
## Installation
|
6
|
-
|
7
|
-
Add this line to your application's Gemfile:
|
8
|
-
|
9
|
-
gem 'xss_terminate'
|
10
|
-
|
11
|
-
And then execute:
|
12
|
-
|
13
|
-
$ bundle
|
14
|
-
|
15
|
-
Or install it yourself as:
|
16
|
-
|
17
|
-
$ gem install xss_terminate
|
18
|
-
|
19
|
-
## Usage
|
20
|
-
|
21
|
-
TODO: Write usage instructions here
|
22
|
-
|
23
|
-
## Contributing
|
24
|
-
|
25
|
-
1. Fork it
|
26
|
-
2. Create your feature branch (`git checkout -b my-new-feature`)
|
27
|
-
3. Commit your changes (`git commit -am 'Added some feature'`)
|
28
|
-
4. Push to the branch (`git push origin my-new-feature`)
|
29
|
-
5. Create new Pull Request
|
@@ -1,23 +0,0 @@
|
|
1
|
-
+ #!/usr/bin/env rake
|
2
|
-
require "bundler/gem_tasks"
|
3
|
-
require 'rake/testtask'
|
4
|
-
require 'rake/rdoctask'
|
5
|
-
|
6
|
-
desc 'Default: run unit tests.'
|
7
|
-
task :default => :test
|
8
|
-
|
9
|
-
desc 'Test the xss_terminate plugin.'
|
10
|
-
Rake::TestTask.new(:test) do |t|
|
11
|
-
t.libs << 'lib'
|
12
|
-
t.pattern = 'test/**/*_test.rb'
|
13
|
-
t.verbose = true
|
14
|
-
end
|
15
|
-
|
16
|
-
desc 'Generate documentation for the xss_terminate plugin.'
|
17
|
-
Rake::RDocTask.new(:rdoc) do |rdoc|
|
18
|
-
rdoc.rdoc_dir = 'rdoc'
|
19
|
-
rdoc.title = 'xss_terminate'
|
20
|
-
rdoc.options << '--line-numbers' << '--inline-source'
|
21
|
-
rdoc.rdoc_files.include('README')
|
22
|
-
rdoc.rdoc_files.include('lib/**/*.rb')
|
23
|
-
end
|