hyrax 1.1.0 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/app/helpers/hyrax/citations_behaviors/formatters/chicago_formatter.rb +13 -4
- data/app/views/_flash_msg.html.erb +1 -1
- data/app/views/hyrax/batch_edits/edit.html.erb +1 -1
- data/app/views/hyrax/file_sets/_extra_fields_modal.html.erb +1 -1
- data/app/views/hyrax/file_sets/_show_characterization_details.html.erb +1 -1
- data/app/views/hyrax/permissions/confirm_access.html.erb +1 -1
- data/app/views/hyrax/stats/file.html.erb +1 -1
- data/app/views/hyrax/stats/work.html.erb +1 -1
- data/app/views/hyrax/users/_activity_log.html.erb +1 -1
- data/hyrax.gemspec +3 -1
- data/lib/hyrax/version.rb +1 -1
- data/spec/controllers/hyrax/admin/strategies_controller_spec.rb +13 -2
- data/spec/helpers/hyrax/citations_behaviors/formatters/chicago_formatter_spec.rb +10 -0
- data/template.rb +1 -1
- metadata +24 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8d3112e5f08e4c0da060fde290645a29b69bab62
|
4
|
+
data.tar.gz: d2b16f75eacb1a606a80dce93a86f93de4f5ef0c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4916d4b71847fa4e0fabd5a477f5efa6ba99484493b9ef3de440d379e967d7a09c2bbb054a24f6529561eef820713ef6059ba1571d74bc150b439df556fb6bef
|
7
|
+
data.tar.gz: 54f5e65e0105faf6cad75868409030eff13e52f72cffe3a4d1a0299a72eac339f9136bfe46116ec237878bf779cbea02633bc23368f312214d764e3068e47603
|
data/README.md
CHANGED
@@ -59,7 +59,7 @@ If you have questions or need help, please email [the Samvera community tech lis
|
|
59
59
|
# Getting started
|
60
60
|
|
61
61
|
This document contains instructions specific to setting up an app with __Hyrax
|
62
|
-
v1.1.
|
62
|
+
v1.1.1__. If you are looking for instructions on installing a different
|
63
63
|
version, be sure to select the appropriate branch or tag from the drop-down
|
64
64
|
menu above.
|
65
65
|
|
@@ -133,7 +133,7 @@ Rails requires that you have a JavaScript runtime -- for example, nodejs -- inst
|
|
133
133
|
Generate a new Rails application using the template.
|
134
134
|
|
135
135
|
```
|
136
|
-
rails new my_app -m https://raw.githubusercontent.com/samvera/hyrax/v1.1.
|
136
|
+
rails new my_app -m https://raw.githubusercontent.com/samvera/hyrax/v1.1.1/template.rb
|
137
137
|
```
|
138
138
|
|
139
139
|
Generating a new Rails application using Hyrax's template above takes cares of a number of steps for you, including:
|
@@ -16,17 +16,18 @@ module Hyrax
|
|
16
16
|
end
|
17
17
|
# Get Pub Date
|
18
18
|
pub_date = setup_pub_date(work)
|
19
|
-
text << " #{pub_date}." unless pub_date.nil?
|
19
|
+
text << " #{whitewash(pub_date)}." unless pub_date.nil?
|
20
20
|
|
21
21
|
text << format_title(work.to_s)
|
22
22
|
pub_info = setup_pub_info(work, false)
|
23
|
-
text << " #{pub_info}." if pub_info.present?
|
23
|
+
text << " #{whitewash(pub_info)}." if pub_info.present?
|
24
24
|
text.html_safe
|
25
25
|
end
|
26
26
|
|
27
27
|
def format_authors(authors_list = [])
|
28
|
+
text = ''
|
29
|
+
|
28
30
|
unless authors_list.blank?
|
29
|
-
text = ''
|
30
31
|
text << surname_first(authors_list.first) if authors_list.first
|
31
32
|
authors_list[1..6].each_with_index do |author, index|
|
32
33
|
text << if index + 2 == authors_list.length # we've skipped the first author
|
@@ -37,10 +38,11 @@ module Hyrax
|
|
37
38
|
end
|
38
39
|
text << " et al." if authors_list.length > 7
|
39
40
|
end
|
41
|
+
|
40
42
|
# if for some reason the first author ended with a comma
|
41
43
|
text.gsub!(',,', ',')
|
42
44
|
text << "." unless text =~ /\.$/
|
43
|
-
text
|
45
|
+
whitewash(text)
|
44
46
|
end
|
45
47
|
|
46
48
|
def format_date(pub_date); end
|
@@ -49,8 +51,15 @@ module Hyrax
|
|
49
51
|
return "" if title_info.blank?
|
50
52
|
title_text = chicago_citation_title(title_info)
|
51
53
|
title_text << '.' unless title_text =~ /\.$/
|
54
|
+
title_text = whitewash(title_text)
|
52
55
|
" <i class=\"citation-title\">#{title_text}</i>"
|
53
56
|
end
|
57
|
+
|
58
|
+
private
|
59
|
+
|
60
|
+
def whitewash(text)
|
61
|
+
Loofah.fragment(text.to_s).scrub!(:whitewash).to_s
|
62
|
+
end
|
54
63
|
end
|
55
64
|
end
|
56
65
|
end
|
@@ -2,7 +2,7 @@
|
|
2
2
|
<% if flash[type].present? %>
|
3
3
|
<div class="alert <%= flash_dom_class %> alert-dismissable" role="alert">
|
4
4
|
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button>
|
5
|
-
<%=
|
5
|
+
<%= sanitize Array.wrap(flash[type]).join(tag(:br)) %>
|
6
6
|
</div>
|
7
7
|
<% flash.delete(type) %>
|
8
8
|
<% end %>
|
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
<div class="scrollx scrolly fileHeight"> <!-- original values -->
|
4
4
|
<h3> <b>Changes will be applied to: (<%= @form.names.size %> works) </b></h3>
|
5
|
-
<%= @form.names.join(", ")
|
5
|
+
<%= sanitize @form.names.join(", ") %>
|
6
6
|
</div> <!-- /original values -->
|
7
7
|
|
8
8
|
<div >
|
@@ -11,7 +11,7 @@
|
|
11
11
|
<h2 id="extraFieldsModal_<%=name %>_Label">Additional <%= label %>(s)</h2>
|
12
12
|
</div>
|
13
13
|
<div class="modal-body">
|
14
|
-
<%= values.join("<br />")
|
14
|
+
<%= sanitize values.join("<br />") %>
|
15
15
|
</div>
|
16
16
|
<div class="modal-footer">
|
17
17
|
<button class="btn btn-primary" data-dismiss="modal">Close</button>
|
@@ -1,7 +1,7 @@
|
|
1
1
|
<% @presenter.characterization_metadata.keys.each do |term| %>
|
2
2
|
<div>
|
3
3
|
<% additional_values = @presenter.secondary_characterization_values(term) %>
|
4
|
-
<%= @presenter.label_for_term(term) %>: <%= @presenter.primary_characterization_values(term).join("<br />")
|
4
|
+
<%= @presenter.label_for_term(term) %>: <%= sanitize @presenter.primary_characterization_values(term).join("<br />") %>
|
5
5
|
<% unless additional_values.empty? %>
|
6
6
|
<%= render partial: "extra_fields_modal", locals: { name: term, values: additional_values } %>
|
7
7
|
<% end %>
|
@@ -3,7 +3,7 @@
|
|
3
3
|
<h4>Apply changes to contents?<h4>
|
4
4
|
</div>
|
5
5
|
<div class="panel-body">
|
6
|
-
<%= I18n.t("hyrax.upload.change_access_message_html", curation_concern: curation_concern)
|
6
|
+
<%= sanitize I18n.t("hyrax.upload.change_access_message_html", curation_concern: curation_concern) %>
|
7
7
|
</div>
|
8
8
|
<div class="form-actions panel-footer">
|
9
9
|
<%= button_to I18n.t("hyrax.upload.change_access_yes_message"), hyrax.copy_access_permission_path(curation_concern), class: 'btn btn-primary' %>
|
@@ -1,6 +1,6 @@
|
|
1
1
|
<!-- Adapted from jquery-flot examples https://github.com/flot/flot/blob/master/examples/visitors/index.html -->
|
2
2
|
<%= javascript_tag do %>
|
3
|
-
var hyrax_item_stats = <%= @stats.to_flot.to_json
|
3
|
+
var hyrax_item_stats = <%= raw json_escape @stats.to_flot.to_json %>;
|
4
4
|
<% end %>
|
5
5
|
|
6
6
|
<%= content_tag :h1, @file_set, class: "lower" %>
|
@@ -1,6 +1,6 @@
|
|
1
1
|
<!-- Adapted from jquery-flot examples https://github.com/flot/flot/blob/master/examples/visitors/index.html -->
|
2
2
|
<%= javascript_tag do %>
|
3
|
-
var hyrax_item_stats = <%= @stats.to_flot.to_json
|
3
|
+
var hyrax_item_stats = <%= raw json_escape @stats.to_flot.to_json %>;
|
4
4
|
<% end %>
|
5
5
|
|
6
6
|
<%= content_tag :h1, @stats, class: "lower" %>
|
@@ -9,7 +9,7 @@
|
|
9
9
|
<% events.each do |event| %>
|
10
10
|
<% next if event[:action].blank? or event[:timestamp].blank? %>
|
11
11
|
<tr>
|
12
|
-
<td><%= event[:action]
|
12
|
+
<td><%= sanitize event[:action] %></td>
|
13
13
|
<td><%= time_ago_in_words(Time.zone.at(event[:timestamp].to_i)) %> ago</td>
|
14
14
|
</tr>
|
15
15
|
<% end %>
|
data/hyrax.gemspec
CHANGED
@@ -55,6 +55,8 @@ EOF
|
|
55
55
|
spec.add_dependency 'rdf-rdfxml' # controlled vocabulary importer
|
56
56
|
spec.add_dependency 'railties', '~> 5.0'
|
57
57
|
spec.add_dependency 'clipboard-rails', '~> 1.5'
|
58
|
+
# Devise 4.5 removes the 'trackable' module, which we depend on
|
59
|
+
spec.add_dependency 'devise', '<= 4.4.99'
|
58
60
|
spec.add_dependency 'rails_autolink', '~> 1.1'
|
59
61
|
spec.add_dependency 'active_fedora-noid', '~> 2.0', '>= 2.0.2'
|
60
62
|
spec.add_dependency 'awesome_nested_set', '~> 3.1'
|
@@ -73,7 +75,7 @@ EOF
|
|
73
75
|
spec.add_development_dependency 'engine_cart', '~> 1.0'
|
74
76
|
spec.add_development_dependency 'mida', '~> 0.3'
|
75
77
|
spec.add_development_dependency 'database_cleaner', '~> 1.3'
|
76
|
-
spec.add_development_dependency 'solr_wrapper', '~> 0.5'
|
78
|
+
spec.add_development_dependency 'solr_wrapper', '~> 0.5', '< 3.0'
|
77
79
|
spec.add_development_dependency 'fcrepo_wrapper', '~> 0.5', '>= 0.5.1'
|
78
80
|
spec.add_development_dependency 'rspec-rails', '~> 3.1'
|
79
81
|
spec.add_development_dependency 'rspec-its', '~> 1.1'
|
data/lib/hyrax/version.rb
CHANGED
@@ -3,14 +3,25 @@ require 'spec_helper'
|
|
3
3
|
RSpec.describe Hyrax::Admin::StrategiesController do
|
4
4
|
describe "#update" do
|
5
5
|
before do
|
6
|
+
# Added when Flipflop bumped to 2.3.2. See also https://github.com/voormedia/flipflop/issues/26
|
7
|
+
Flipflop::FeatureSet.current.instance_variable_set(:@features, original_feature_hash.merge(feature_id => feature))
|
8
|
+
|
6
9
|
sign_in user
|
7
10
|
end
|
11
|
+
|
12
|
+
after do
|
13
|
+
Flipflop::FeatureSet.current.instance_variable_set(:@features, original_feature_hash)
|
14
|
+
end
|
15
|
+
|
16
|
+
let(:original_feature_hash) { Flipflop::FeatureSet.current.instance_variable_get(:@features) }
|
8
17
|
let(:user) { create(:user) }
|
9
18
|
let(:strategy) { Flipflop::Strategies::ActiveRecordStrategy.new(class: Hyrax::Feature).key }
|
19
|
+
let(:feature) { double('feature', id: feature_id, key: 'foo') }
|
20
|
+
let(:feature_id) { :my_feature }
|
10
21
|
|
11
22
|
context "when not authorized" do
|
12
23
|
it "redirects away" do
|
13
|
-
patch :update, params: { feature_id:
|
24
|
+
patch :update, params: { feature_id: feature.id, id: strategy }
|
14
25
|
expect(response).to redirect_to root_path
|
15
26
|
end
|
16
27
|
end
|
@@ -22,7 +33,7 @@ RSpec.describe Hyrax::Admin::StrategiesController do
|
|
22
33
|
end
|
23
34
|
|
24
35
|
it "is successful" do
|
25
|
-
patch :update, params: { feature_id:
|
36
|
+
patch :update, params: { feature_id: feature.id, id: strategy }
|
26
37
|
expect(response).to redirect_to Hyrax::Engine.routes.url_helpers.admin_features_path(locale: 'en')
|
27
38
|
end
|
28
39
|
end
|
@@ -0,0 +1,10 @@
|
|
1
|
+
RSpec.describe Hyrax::CitationsBehaviors::Formatters::ChicagoFormatter do
|
2
|
+
subject(:formatter) { described_class.new(:no_context) }
|
3
|
+
|
4
|
+
let(:presenter) { Hyrax::WorkShowPresenter.new(SolrDocument.new(work.to_solr), :no_ability) }
|
5
|
+
let(:work) { build(:generic_work, title: ['<ScrIPt>prompt("Confirm Password")</sCRIpt>']) }
|
6
|
+
|
7
|
+
it 'sanitizes input' do
|
8
|
+
expect(formatter.format(presenter)).not_to include 'prompt'
|
9
|
+
end
|
10
|
+
end
|
data/template.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hyrax
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.1.
|
4
|
+
version: 1.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Justin Coyne
|
@@ -14,7 +14,7 @@ authors:
|
|
14
14
|
autorequire:
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
|
-
date: 2018-
|
17
|
+
date: 2018-09-19 00:00:00.000000000 Z
|
18
18
|
dependencies:
|
19
19
|
- !ruby/object:Gem::Dependency
|
20
20
|
name: hydra-head
|
@@ -466,6 +466,20 @@ dependencies:
|
|
466
466
|
- - "~>"
|
467
467
|
- !ruby/object:Gem::Version
|
468
468
|
version: '1.5'
|
469
|
+
- !ruby/object:Gem::Dependency
|
470
|
+
name: devise
|
471
|
+
requirement: !ruby/object:Gem::Requirement
|
472
|
+
requirements:
|
473
|
+
- - "<="
|
474
|
+
- !ruby/object:Gem::Version
|
475
|
+
version: 4.4.99
|
476
|
+
type: :runtime
|
477
|
+
prerelease: false
|
478
|
+
version_requirements: !ruby/object:Gem::Requirement
|
479
|
+
requirements:
|
480
|
+
- - "<="
|
481
|
+
- !ruby/object:Gem::Version
|
482
|
+
version: 4.4.99
|
469
483
|
- !ruby/object:Gem::Dependency
|
470
484
|
name: rails_autolink
|
471
485
|
requirement: !ruby/object:Gem::Requirement
|
@@ -735,6 +749,9 @@ dependencies:
|
|
735
749
|
- - "~>"
|
736
750
|
- !ruby/object:Gem::Version
|
737
751
|
version: '0.5'
|
752
|
+
- - "<"
|
753
|
+
- !ruby/object:Gem::Version
|
754
|
+
version: '3.0'
|
738
755
|
type: :development
|
739
756
|
prerelease: false
|
740
757
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -742,6 +759,9 @@ dependencies:
|
|
742
759
|
- - "~>"
|
743
760
|
- !ruby/object:Gem::Version
|
744
761
|
version: '0.5'
|
762
|
+
- - "<"
|
763
|
+
- !ruby/object:Gem::Version
|
764
|
+
version: '3.0'
|
745
765
|
- !ruby/object:Gem::Dependency
|
746
766
|
name: fcrepo_wrapper
|
747
767
|
requirement: !ruby/object:Gem::Requirement
|
@@ -2247,6 +2267,7 @@ files:
|
|
2247
2267
|
- spec/helpers/dashboard_helper_spec.rb
|
2248
2268
|
- spec/helpers/hyrax/ability_helper_spec.rb
|
2249
2269
|
- spec/helpers/hyrax/charts_helper_spec.rb
|
2270
|
+
- spec/helpers/hyrax/citations_behaviors/formatters/chicago_formatter_spec.rb
|
2250
2271
|
- spec/helpers/hyrax/collections_helper_spec.rb
|
2251
2272
|
- spec/helpers/hyrax/content_block_helper_spec.rb
|
2252
2273
|
- spec/helpers/hyrax/file_set_helper_spec.rb
|
@@ -2837,6 +2858,7 @@ test_files:
|
|
2837
2858
|
- spec/helpers/dashboard_helper_spec.rb
|
2838
2859
|
- spec/helpers/hyrax/ability_helper_spec.rb
|
2839
2860
|
- spec/helpers/hyrax/charts_helper_spec.rb
|
2861
|
+
- spec/helpers/hyrax/citations_behaviors/formatters/chicago_formatter_spec.rb
|
2840
2862
|
- spec/helpers/hyrax/collections_helper_spec.rb
|
2841
2863
|
- spec/helpers/hyrax/content_block_helper_spec.rb
|
2842
2864
|
- spec/helpers/hyrax/file_set_helper_spec.rb
|