RubyGems - govuk_content_models - Versions diffs - 22.1.2 → 22.2.0 - Mend

govuk_content_models 22.1.2 → 22.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

data/CHANGELOG.md +5 -0
data/app/models/artefact.rb +2 -1
data/app/validators/link_validator.rb +1 -12
data/app/validators/safe_html.rb +1 -0
data/lib/govuk_content_models/version.rb +1 -1
data/test/validators/safe_html_validator_test.rb +16 -32
metadata +4 -4

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,8 @@
+## 22.2.0
+* Allow new formats for raib_report for Artefacts
+* Validate only govspeak fields for safe html
 ## 22.1.2
 * Allow new formats for maib_report and for an Artefact

data/app/models/artefact.rb CHANGED Viewed

@@ -90,7 +90,8 @@ class Artefact
                                   "manual",
                                   "manual-change-history",
                                   "manual-section",
-                                  "medical_safety_alert"],
+                                  "medical_safety_alert",
+                                  "raib_report"],
     "finder-api"              => ["finder",
                                   "finder_email_signup"],
     "whitehall"               => ["announcement",

data/app/validators/link_validator.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 class LinkValidator < ActiveModel::Validator
   def validate(record)
-    govspeak_field_names(record).each do |govspeak_field_name|
+    record.class::GOVSPEAK_FIELDS.each do |govspeak_field_name|
       govspeak_field_value = record.read_attribute(govspeak_field_name)
       next if govspeak_field_value.blank?
@@ -36,15 +36,4 @@ class LinkValidator < ActiveModel::Validator
     end
     errors.to_a
   end
-  protected
-  def govspeak_field_names(record)
-    if record.class.const_defined?(:GOVSPEAK_FIELDS)
-      record.class.const_get(:GOVSPEAK_FIELDS)
-    else
-      []
-    end
-  end
 end

data/app/validators/safe_html.rb CHANGED Viewed

@@ -14,6 +14,7 @@ class SafeHtml < ActiveModel::Validator
   def validate(record)
     record.changes.each do |field_name, (old_value, new_value)|
+      next unless record.class::GOVSPEAK_FIELDS.include?(field_name.to_sym)
       check_struct(record, field_name, new_value)
     end
   end

data/lib/govuk_content_models/version.rb CHANGED Viewed

@@ -1,4 +1,4 @@
 module GovukContentModels
   # Changing this causes Jenkins to tag and release the gem into the wild
-  VERSION = "22.1.2"
+  VERSION = "22.2.0"
 end

data/test/validators/safe_html_validator_test.rb CHANGED Viewed

@@ -4,8 +4,7 @@ class SafeHtmlTest < ActiveSupport::TestCase
   class Dummy
     include Mongoid::Document
-    field "declared", type: String
-    field "i_am_govspeak", type: String
+    field :i_am_govspeak, type: String
     GOVSPEAK_FIELDS = [:i_am_govspeak]
@@ -17,66 +16,51 @@ class SafeHtmlTest < ActiveSupport::TestCase
   class DummyEmbeddedSingle
     include Mongoid::Document
-    GOVSPEAK_FIELDS = []
+    embedded_in :dummy, class_name: 'SafeHtmlTest::Dummy'
-    validates_with SafeHtml
+    field :i_am_govspeak, type: String
-    embedded_in :dummy, class_name: 'SafeHtmlTest::Dummy'
+    GOVSPEAK_FIELDS = [:i_am_govspeak]
+    validates_with SafeHtml
   end
   context "we don't quite trust mongoid (2)" do
-    should "embedded documents should be validated automatically" do
-      embedded = DummyEmbeddedSingle.new(dirty: "<script>")
-      dummy = Dummy.new(dummy_embedded_single: embedded)
+    should "validate embedded documents automatically" do
+      embedded = DummyEmbeddedSingle.new(i_am_govspeak: "<script>")
+      dummy = Dummy.new(i_am_govspeak: embedded)
       # Can't invoke embedded.valid? because that would run the validations
       assert dummy.invalid?
-      assert_includes dummy.errors.keys, :dummy_embedded_single
+      assert_includes dummy.errors.keys, :i_am_govspeak
     end
   end
   context "what to validate" do
-    should "test declared fields" do
-      dummy = Dummy.new(declared: "<script>alert('XSS')</script>")
-      assert dummy.invalid?
-      assert_includes dummy.errors.keys, :declared
-    end
-    should "test undeclared fields" do
-      dummy = Dummy.new(undeclared: "<script>")
-      assert dummy.invalid?
-      assert_includes dummy.errors.keys, :undeclared
-    end
     should "allow clean content in nested fields" do
-      dummy = Dummy.new(undeclared: { "clean" => ["plain text"] })
+      dummy = Dummy.new(i_am_govspeak: { "clean" => ["plain text"] })
       assert dummy.valid?
     end
-    should "disallow dirty content in nested fields" do
-      dummy = Dummy.new(undeclared: { "dirty" => ["<script>"] })
-      assert dummy.invalid?
-      assert_includes dummy.errors.keys, :undeclared
-    end
     should "disallow images not hosted by us" do
-      dummy = Dummy.new(undeclared: '<img src="http://evil.com/trollface"/>')
+      dummy = Dummy.new(i_am_govspeak: '<img src="http://evil.com/trollface"/>')
       assert dummy.invalid?
-      assert_includes dummy.errors.keys, :undeclared
+      assert_includes dummy.errors.keys, :i_am_govspeak
     end
     should "allow images hosted by us" do
-      dummy = Dummy.new(undeclared: '<img src="http://www.dev.gov.uk/trollface"/>')
+      dummy = Dummy.new(i_am_govspeak: '<img src="http://www.dev.gov.uk/trollface"/>')
       assert dummy.valid?
     end
     should "allow plain text" do
-      dummy = Dummy.new(declared: "foo bar")
+      dummy = Dummy.new(i_am_govspeak: "foo bar")
       assert dummy.valid?
     end
     should "check only specified fields as Govspeak" do
       nasty_govspeak = %q{[Numberwang](script:nasty(); "Wangernum")}
       assert ! Govspeak::Document.new(nasty_govspeak).valid?, "expected this to be identified as bad"
       dummy = Dummy.new(i_am_govspeak: nasty_govspeak)
       assert dummy.invalid?
     end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: govuk_content_models
 version: !ruby/object:Gem::Version
-  version: 22.1.2
+  version: 22.2.0
   prerelease:
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-10-27 00:00:00.000000000 Z
+date: 2014-10-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bson_ext
@@ -464,7 +464,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 2225036471084817263
+      hash: -4313756439197638091
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -473,7 +473,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 2225036471084817263
+      hash: -4313756439197638091
 requirements: []
 rubyforge_project:
 rubygems_version: 1.8.23