html_terminator 2.0.2 → 3.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -4
  3. data/lib/html_terminator/version.rb +2 -2
  4. data/lib/html_terminator.rb +25 -20
  5. data/spec/html_terminator_spec.rb +44 -41
  6. data/spec/support/active_record.rb +4 -3
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: bd4d0609098d033eece8510d9bee3dbd0cb09966
4
- data.tar.gz: 96b86b54353b1b72afe70eac1fbed82257cc2896
3
+ metadata.gz: 0bb5210795341af31d333be566cb6ff673a4dce3
4
+ data.tar.gz: 00589ce6418e7af7f0ef38670eaf3fce10abfbd2
5
5
  SHA512:
6
- metadata.gz: 650230f42f73afa03d5bcf6c37dc76e3cd253a5704a6bef83196a49b49d9847b39141b6f47be404681df422272cbd024f379f0b42595e17bee79eedcf4d55115
7
- data.tar.gz: 4e0fa09f6dbb339404b9fd2c95d167ede09980151ff8f82c0bd3eb78c1eccc2067a05c256b993efdff4a1bfd513516ea7e323254b5ca31409b9a31931b695ebc
6
+ metadata.gz: 9426fa5939c9b35d2bdc8b5c2944b02554fd005179db9b24c4312640aa6e8aa4cadd6c929a6a46eb813a514afae51074c3e58c2090020b79fc55710b75ac9d92
7
+ data.tar.gz: dd1f6ad48c8326aee8c3b22e5c2709ebba530e64e55200673ffecbd2212358e374f569eecffe49d8e6f2e4c47a0a932a13d2c09d53d795810c2f01a4d8d9fcfd
data/README.md CHANGED
@@ -52,15 +52,13 @@ In your Rails models:
52
52
 
53
53
  terminate_html :field1, :field2, :field3
54
54
 
55
- or
56
-
57
- terminate_html :except => [:field8, :field9]
58
-
59
55
  ## Options
60
56
 
61
57
  Out of the box, HTML Terminator will strip out ALL html. You can pass in specific elements you want to preserve like this:
62
58
 
63
59
  terminate_html :field1, :elements => ["b", "i", "em"]
60
+ terminate_html :field2, :elements => ["br"]
61
+ terminate_html :field3, :elements => ["em"]
64
62
 
65
63
  Learn more about configuration options [Here](https://github.com/rgrove/sanitize#custom-configuration)
66
64
 
data/lib/html_terminator/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module HtmlTerminator
2
- VERSION = "2.0.2"
3
- end
2
+ VERSION = "3.0.0"
3
+ end
data/lib/html_terminator.rb CHANGED
@@ -18,37 +18,42 @@ module HtmlTerminator
18
18
  end
19
19
 
20
20
  module ClassMethods
21
- def terminate_html(*args)
22
- class_attribute :html_terminator_fields
23
- class_attribute :html_terminator_options
21
+ def fields
22
+ self.columns.inject([]) do |list, col|
23
+ if col.type == :string or col.type == :text
24
+ list << col.name.to_sym
25
+ end
26
+
27
+ list
28
+ end
29
+ end
24
30
 
31
+ def terminate_html(*args)
25
32
  # Table may not exist yet when schema is initially getting loaded
26
33
  if self.table_exists?
27
- # By default all fields are to be seen by the terminator
28
- self.html_terminator_fields = self.columns.inject([]) do |list, col|
29
- if col.type == :string or col.type == :text
30
- list << col.name.to_sym
31
- end
32
-
33
- list
34
+ # object key/value of field => options
35
+ unless method_defined?(:html_terminator_fields)
36
+ class_attribute :html_terminator_fields
37
+ self.html_terminator_fields = {}
34
38
  end
35
39
 
36
- self.html_terminator_options = SANITIZE_OPTIONS.merge(args.extract_options!)
37
- self.html_terminator_fields = args if args.length > 0
40
+ options = args.extract_options!
41
+ options = SANITIZE_OPTIONS.clone.merge(options)
38
42
 
39
- # Handle exceptions
40
- exceptions = self.html_terminator_options.delete(:except) || []
41
- self.html_terminator_fields -= (exceptions)
43
+ valid_fields = self.fields & args
44
+
45
+ valid_fields.each do |field|
46
+ self.html_terminator_fields[field] = options.deep_dup
47
+ end
42
48
 
43
49
  unless self.html_terminator_fields.empty?
44
- # sanitize writes
45
50
  before_validation :terminate_html
46
51
 
47
52
  # sanitize reads
48
- self.html_terminator_fields.each do |attr|
53
+ valid_fields.each do |attr|
49
54
  define_method(attr) do |*rargs|
50
55
  # sanitize it
51
- HtmlTerminator.sanitize super(*rargs), self.html_terminator_options
56
+ HtmlTerminator.sanitize super(*rargs), options
52
57
  end
53
58
  end
54
59
  end
@@ -58,11 +63,11 @@ module HtmlTerminator
58
63
 
59
64
  module InstanceMethods
60
65
  def terminate_html
61
- self.html_terminator_fields.each do |field|
66
+ self.html_terminator_fields.each do |field, options|
62
67
  value = self[field]
63
68
 
64
69
  unless value.nil?
65
- self[field] = HtmlTerminator.sanitize(value, self.html_terminator_options)
70
+ self[field] = HtmlTerminator.sanitize(value, options)
66
71
  end
67
72
  end
68
73
  end
data/spec/html_terminator_spec.rb CHANGED
@@ -1,69 +1,53 @@
1
- require 'spec_helper'
1
+ require "spec_helper"
2
2
 
3
3
  describe HtmlTerminator do
4
4
  it "sanitizes only fields specified" do
5
- @user = OnlyFirstName.new
5
+ user = OnlyFirstName.new
6
6
 
7
- @user.first_name = "Hello <img>"
8
- @user.first_name.should == "Hello"
7
+ user.first_name = "Hello <img>"
8
+ user.first_name.should == "Hello"
9
9
 
10
- @user.last_name = "Hello <img>"
11
- @user.last_name.should == "Hello <img>"
10
+ user.last_name = "Hello <img>"
11
+ user.last_name.should == "Hello <img>"
12
12
 
13
- @user.age = 3
14
- @user.age.should == 3
13
+ user.age = 3
14
+ user.age.should == 3
15
15
  end
16
16
 
17
17
  it "doesn't escape ampersands" do
18
- @user = OnlyFirstName.new
18
+ user = OnlyFirstName.new
19
19
 
20
- @user.first_name = "A & B & C"
21
- @user.first_name.should == "A & B & C"
20
+ user.first_name = "A & B & C"
21
+ user.first_name.should == "A & B & C"
22
22
  end
23
23
 
24
24
  it "skips sanitize when only one bracket" do
25
- @user = OnlyFirstName.new
25
+ user = OnlyFirstName.new
26
26
 
27
- @user.first_name = "1 < 2"
28
- @user.first_name.should == "1 < 2"
27
+ user.first_name = "1 < 2"
28
+ user.first_name.should == "1 < 2"
29
29
 
30
- @user.first_name = "2 > 1"
31
- @user.first_name.should == "2 > 1"
30
+ user.first_name = "2 > 1"
31
+ user.first_name.should == "2 > 1"
32
32
  end
33
33
 
34
34
  it "handles ampersands" do
35
- @user = OnlyFirstName.new
35
+ user = OnlyFirstName.new
36
36
 
37
- @user.first_name = "Mr. & Mrs. Smith"
38
- @user.first_name.should == "Mr. & Mrs. Smith"
39
- end
40
-
41
- it "sanitizes all except what is specified" do
42
- @user = ExceptFirstName.new
43
-
44
- @user.first_name = "Hello <img>"
45
- @user.first_name.should == "Hello <img>"
46
-
47
- @user.last_name = "Hello <img>"
48
- @user.last_name.should == "Hello"
49
- end
50
-
51
- it "doesn't blow up if value is nil" do
52
- @user = ExceptFirstName.new
53
- @user.first_name = nil
54
- @user.first_name.should == nil
37
+ user.first_name = "Mr. & Mrs. Smith"
38
+ user.first_name.should == "Mr. & Mrs. Smith"
55
39
  end
56
40
 
57
41
  it "doesn't blow up if value is not a string" do
58
- @user = OnlyFirstName.new
59
- @user.first_name = 1
60
- @user.first_name.should == "1"
42
+ user = OnlyFirstName.new
43
+ user.first_name = 1
44
+ user.first_name.should == "1"
61
45
  end
62
46
 
63
47
  it "honors options that are passed in" do
64
- @user = FirstNameWithOptions.new
65
- @user.first_name = "Hello <flexbox></flexbox><hr><br><img>"
66
- @user.first_name.should == "Hello <flexbox></flexbox>"
48
+ user = FirstNameWithOptions.new
49
+ user.first_name = "Hello <flexbox></flexbox><hr><br><img>"
50
+ user.first_name.should == "Hello <flexbox></flexbox>"
67
51
  end
68
52
 
69
53
  describe "#sanitize" do
@@ -77,4 +61,23 @@ describe HtmlTerminator do
77
61
  val.html_safe?.should == true
78
62
  end
79
63
  end
64
+
65
+ it "sanitizes different fields with different options" do
66
+ user = TwoFieldsWithOptions.new
67
+ user.first_name = "Hello <br><strong>strong</strong><em>em</em>"
68
+ user.last_name = "Hello <br><strong>strong</strong><em>em</em>"
69
+
70
+ user.first_name.should == "Hello <strong>strong</strong>em"
71
+ user.last_name.should == "Hello strong<em>em</em>"
72
+ end
73
+
74
+ it "sanitizes on validation" do
75
+ user = TwoFieldsWithOptions.new
76
+ user.first_name = "Hello <br><strong>strong</strong><em>em</em>"
77
+ user.last_name = "Hello <br><strong>strong</strong><em>em</em>"
78
+ user.valid?
79
+
80
+ user.read_attribute(:first_name).should == "Hello <strong>strong</strong>em"
81
+ user.read_attribute(:last_name).should == "Hello strong<em>em</em>"
82
+ end
80
83
  end
data/spec/support/active_record.rb CHANGED
@@ -13,7 +13,7 @@ ActiveRecord::Schema.define do
13
13
  t.column "age", :integer
14
14
  end
15
15
 
16
- create_table "except_first_names", :force => true do |t|
16
+ create_table "two_fields_with_options", :force => true do |t|
17
17
  t.column "first_name", :text
18
18
  t.column "last_name", :text
19
19
  t.column "age", :integer
@@ -32,10 +32,11 @@ class OnlyFirstName < ActiveRecord::Base
32
32
  terminate_html :first_name
33
33
  end
34
34
 
35
- class ExceptFirstName < ActiveRecord::Base
35
+ class TwoFieldsWithOptions < ActiveRecord::Base
36
36
  include HtmlTerminator
37
37
 
38
- terminate_html :except => [:first_name]
38
+ terminate_html :first_name, elements: ["strong"]
39
+ terminate_html :last_name, elements: ["em"]
39
40
  end
40
41
 
41
42
  class FirstNameWithOptions < ActiveRecord::Base
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: html_terminator
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.2
4
+ version: 3.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Steel Fu
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2016-02-03 00:00:00.000000000 Z
12
+ date: 2016-02-04 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: bundler