html_terminator 2.0.2 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -4
  3. data/lib/html_terminator/version.rb +2 -2
  4. data/lib/html_terminator.rb +25 -20
  5. data/spec/html_terminator_spec.rb +44 -41
  6. data/spec/support/active_record.rb +4 -3
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: bd4d0609098d033eece8510d9bee3dbd0cb09966
4
- data.tar.gz: 96b86b54353b1b72afe70eac1fbed82257cc2896
3
+ metadata.gz: 0bb5210795341af31d333be566cb6ff673a4dce3
4
+ data.tar.gz: 00589ce6418e7af7f0ef38670eaf3fce10abfbd2
5
5
  SHA512:
6
- metadata.gz: 650230f42f73afa03d5bcf6c37dc76e3cd253a5704a6bef83196a49b49d9847b39141b6f47be404681df422272cbd024f379f0b42595e17bee79eedcf4d55115
7
- data.tar.gz: 4e0fa09f6dbb339404b9fd2c95d167ede09980151ff8f82c0bd3eb78c1eccc2067a05c256b993efdff4a1bfd513516ea7e323254b5ca31409b9a31931b695ebc
6
+ metadata.gz: 9426fa5939c9b35d2bdc8b5c2944b02554fd005179db9b24c4312640aa6e8aa4cadd6c929a6a46eb813a514afae51074c3e58c2090020b79fc55710b75ac9d92
7
+ data.tar.gz: dd1f6ad48c8326aee8c3b22e5c2709ebba530e64e55200673ffecbd2212358e374f569eecffe49d8e6f2e4c47a0a932a13d2c09d53d795810c2f01a4d8d9fcfd
data/README.md CHANGED
@@ -52,15 +52,13 @@ In your Rails models:
52
52
 
53
53
  terminate_html :field1, :field2, :field3
54
54
 
55
- or
56
-
57
- terminate_html :except => [:field8, :field9]
58
-
59
55
  ## Options
60
56
 
61
57
  Out of the box, HTML Terminator will strip out ALL html. You can pass in specific elements you want to preserve like this:
62
58
 
63
59
  terminate_html :field1, :elements => ["b", "i", "em"]
60
+ terminate_html :field2, :elements => ["br"]
61
+ terminate_html :field3, :elements => ["em"]
64
62
 
65
63
  Learn more about configuration options [Here](https://github.com/rgrove/sanitize#custom-configuration)
66
64
 
data/lib/html_terminator/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module HtmlTerminator
2
- VERSION = "2.0.2"
3
- end
2
+ VERSION = "3.0.0"
3
+ end
data/lib/html_terminator.rb CHANGED
@@ -18,37 +18,42 @@ module HtmlTerminator
18
18
  end
19
19
 
20
20
  module ClassMethods
21
- def terminate_html(*args)
22
- class_attribute :html_terminator_fields
23
- class_attribute :html_terminator_options
21
+ def fields
22
+ self.columns.inject([]) do |list, col|
23
+ if col.type == :string or col.type == :text
24
+ list << col.name.to_sym
25
+ end
26
+
27
+ list
28
+ end
29
+ end
24
30
 
31
+ def terminate_html(*args)
25
32
  # Table may not exist yet when schema is initially getting loaded
26
33
  if self.table_exists?
27
- # By default all fields are to be seen by the terminator
28
- self.html_terminator_fields = self.columns.inject([]) do |list, col|
29
- if col.type == :string or col.type == :text
30
- list << col.name.to_sym
31
- end
32
-
33
- list
34
+ # object key/value of field => options
35
+ unless method_defined?(:html_terminator_fields)
36
+ class_attribute :html_terminator_fields
37
+ self.html_terminator_fields = {}
34
38
  end
35
39
 
36
- self.html_terminator_options = SANITIZE_OPTIONS.merge(args.extract_options!)
37
- self.html_terminator_fields = args if args.length > 0
40
+ options = args.extract_options!
41
+ options = SANITIZE_OPTIONS.clone.merge(options)
38
42
 
39
- # Handle exceptions
40
- exceptions = self.html_terminator_options.delete(:except) || []
41
- self.html_terminator_fields -= (exceptions)
43
+ valid_fields = self.fields & args
44
+
45
+ valid_fields.each do |field|
46
+ self.html_terminator_fields[field] = options.deep_dup
47
+ end
42
48
 
43
49
  unless self.html_terminator_fields.empty?
44
- # sanitize writes
45
50
  before_validation :terminate_html
46
51
 
47
52
  # sanitize reads
48
- self.html_terminator_fields.each do |attr|
53
+ valid_fields.each do |attr|
49
54
  define_method(attr) do |*rargs|
50
55
  # sanitize it
51
- HtmlTerminator.sanitize super(*rargs), self.html_terminator_options
56
+ HtmlTerminator.sanitize super(*rargs), options
52
57
  end
53
58
  end
54
59
  end
@@ -58,11 +63,11 @@ module HtmlTerminator
58
63
 
59
64
  module InstanceMethods
60
65
  def terminate_html
61
- self.html_terminator_fields.each do |field|
66
+ self.html_terminator_fields.each do |field, options|
62
67
  value = self[field]
63
68
 
64
69
  unless value.nil?
65
- self[field] = HtmlTerminator.sanitize(value, self.html_terminator_options)
70
+ self[field] = HtmlTerminator.sanitize(value, options)
66
71
  end
67
72
  end
68
73
  end
data/spec/html_terminator_spec.rb CHANGED
@@ -1,69 +1,53 @@
1
- require 'spec_helper'
1
+ require "spec_helper"
2
2
 
3
3
  describe HtmlTerminator do
4
4
  it "sanitizes only fields specified" do
5
- @user = OnlyFirstName.new
5
+ user = OnlyFirstName.new
6
6
 
7
- @user.first_name = "Hello <img>"
8
- @user.first_name.should == "Hello"
7
+ user.first_name = "Hello <img>"
8
+ user.first_name.should == "Hello"
9
9
 
10
- @user.last_name = "Hello <img>"
11
- @user.last_name.should == "Hello <img>"
10
+ user.last_name = "Hello <img>"
11
+ user.last_name.should == "Hello <img>"
12
12
 
13
- @user.age = 3
14
- @user.age.should == 3
13
+ user.age = 3
14
+ user.age.should == 3
15
15
  end
16
16
 
17
17
  it "doesn't escape ampersands" do
18
- @user = OnlyFirstName.new
18
+ user = OnlyFirstName.new
19
19
 
20
- @user.first_name = "A & B & C"
21
- @user.first_name.should == "A & B & C"
20
+ user.first_name = "A & B & C"
21
+ user.first_name.should == "A & B & C"
22
22
  end
23
23
 
24
24
  it "skips sanitize when only one bracket" do
25
- @user = OnlyFirstName.new
25
+ user = OnlyFirstName.new
26
26
 
27
- @user.first_name = "1 < 2"
28
- @user.first_name.should == "1 < 2"
27
+ user.first_name = "1 < 2"
28
+ user.first_name.should == "1 < 2"
29
29
 
30
- @user.first_name = "2 > 1"
31
- @user.first_name.should == "2 > 1"
30
+ user.first_name = "2 > 1"
31
+ user.first_name.should == "2 > 1"
32
32
  end
33
33
 
34
34
  it "handles ampersands" do
35
- @user = OnlyFirstName.new
35
+ user = OnlyFirstName.new
36
36
 
37
- @user.first_name = "Mr. & Mrs. Smith"
38
- @user.first_name.should == "Mr. & Mrs. Smith"
39
- end
40
-
41
- it "sanitizes all except what is specified" do
42
- @user = ExceptFirstName.new
43
-
44
- @user.first_name = "Hello <img>"
45
- @user.first_name.should == "Hello <img>"
46
-
47
- @user.last_name = "Hello <img>"
48
- @user.last_name.should == "Hello"
49
- end
50
-
51
- it "doesn't blow up if value is nil" do
52
- @user = ExceptFirstName.new
53
- @user.first_name = nil
54
- @user.first_name.should == nil
37
+ user.first_name = "Mr. & Mrs. Smith"
38
+ user.first_name.should == "Mr. & Mrs. Smith"
55
39
  end
56
40
 
57
41
  it "doesn't blow up if value is not a string" do
58
- @user = OnlyFirstName.new
59
- @user.first_name = 1
60
- @user.first_name.should == "1"
42
+ user = OnlyFirstName.new
43
+ user.first_name = 1
44
+ user.first_name.should == "1"
61
45
  end
62
46
 
63
47
  it "honors options that are passed in" do
64
- @user = FirstNameWithOptions.new
65
- @user.first_name = "Hello <flexbox></flexbox><hr><br><img>"
66
- @user.first_name.should == "Hello <flexbox></flexbox>"
48
+ user = FirstNameWithOptions.new
49
+ user.first_name = "Hello <flexbox></flexbox><hr><br><img>"
50
+ user.first_name.should == "Hello <flexbox></flexbox>"
67
51
  end
68
52
 
69
53
  describe "#sanitize" do
@@ -77,4 +61,23 @@ describe HtmlTerminator do
77
61
  val.html_safe?.should == true
78
62
  end
79
63
  end
64
+
65
+ it "sanitizes different fields with different options" do
66
+ user = TwoFieldsWithOptions.new
67
+ user.first_name = "Hello <br><strong>strong</strong><em>em</em>"
68
+ user.last_name = "Hello <br><strong>strong</strong><em>em</em>"
69
+
70
+ user.first_name.should == "Hello <strong>strong</strong>em"
71
+ user.last_name.should == "Hello strong<em>em</em>"
72
+ end
73
+
74
+ it "sanitizes on validation" do
75
+ user = TwoFieldsWithOptions.new
76
+ user.first_name = "Hello <br><strong>strong</strong><em>em</em>"
77
+ user.last_name = "Hello <br><strong>strong</strong><em>em</em>"
78
+ user.valid?
79
+
80
+ user.read_attribute(:first_name).should == "Hello <strong>strong</strong>em"
81
+ user.read_attribute(:last_name).should == "Hello strong<em>em</em>"
82
+ end
80
83
  end
data/spec/support/active_record.rb CHANGED
@@ -13,7 +13,7 @@ ActiveRecord::Schema.define do
13
13
  t.column "age", :integer
14
14
  end
15
15
 
16
- create_table "except_first_names", :force => true do |t|
16
+ create_table "two_fields_with_options", :force => true do |t|
17
17
  t.column "first_name", :text
18
18
  t.column "last_name", :text
19
19
  t.column "age", :integer
@@ -32,10 +32,11 @@ class OnlyFirstName < ActiveRecord::Base
32
32
  terminate_html :first_name
33
33
  end
34
34
 
35
- class ExceptFirstName < ActiveRecord::Base
35
+ class TwoFieldsWithOptions < ActiveRecord::Base
36
36
  include HtmlTerminator
37
37
 
38
- terminate_html :except => [:first_name]
38
+ terminate_html :first_name, elements: ["strong"]
39
+ terminate_html :last_name, elements: ["em"]
39
40
  end
40
41
 
41
42
  class FirstNameWithOptions < ActiveRecord::Base
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: html_terminator
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.2
4
+ version: 3.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Steel Fu
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2016-02-03 00:00:00.000000000 Z
12
+ date: 2016-02-04 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: bundler