[Git][noosfero/noosfero][rails4] 24 commits: favorite-enterprises-block: add view-all class to footer link and fix translation
Bráulio Bhavamitra
gitlab at gitlab.com
Wed Oct 7 22:11:54 BRT 2015
Bráulio Bhavamitra pushed to branch rails4 at Noosfero / noosfero
Commits:
09c3d5b0 by Rodrigo Souto at 2015-09-25T12:53:09Z
favorite-enterprises-block: add view-all class to footer link and fix translation
- - - - -
2d94b1d5 by Rodrigo Souto at 2015-09-25T12:53:38Z
profile-list-block: move view-all link to the bottom
With some translations the view all button gets overlaped by the title.
- - - - -
20bb3721 by Rodrigo Souto at 2015-09-25T12:55:04Z
favorite-enterprises-block: add its class to the proper css definition
- - - - -
56400709 by Rodrigo Souto at 2015-10-02T11:27:36Z
avoid html double escape
This is already handled on rails 3.
Fix #62
- - - - -
41bd7519 by Antonio Terceiro at 2015-10-05T09:19:42Z
plugins: drop `require 'rubygems'` statements
On Ruby 1.9+ these are no-ops
- - - - -
9c497c0b by Antonio Terceiro at 2015-10-05T09:22:01Z
plugins/ldap: add missing dependency declaration
- - - - -
7d617038 by Rodrigo Souto at 2015-10-05T10:27:09Z
backup: make tasks rails_env aware
- - - - -
e01744f2 by Antonio Terceiro at 2015-10-05T14:12:53Z
vagrant: setup catch-all email alias for @localhost.localdomain
this helps local tests, since one can use ANYTHING at localhost.localdomain
for registering users
- - - - -
a6178cf3 by Antonio Terceiro at 2015-10-05T14:12:53Z
remove obsolete script
plugin translations have already been moved to the plugin sub-trees
- - - - -
83d52192 by Antonio Terceiro at 2015-10-05T14:12:53Z
restore:remove_emails: removes actual emails from database
This is useful when you are loading a database dump from a production
database for local tests, and you don't want people's emails there in
order to avoid accidental outgoing email.
- - - - -
4dd11514 by Daniela Feitosa at 2015-10-05T18:46:58Z
Give more space to text-editor-sidebar
- - - - -
eb417840 by Daniela Feitosa at 2015-10-05T21:28:14Z
Remove "Manage Roles" option for person
Only organizations can manage roles
- - - - -
70d40ab5 by Thiago Ribeiro at 2015-10-06T15:23:49Z
Fix image address in highlightBlock when in subdir
Signed-off-by: Thiago Ribeiro <thiagitosouza at gmail.com>
Signed-off-by: Simião Carvalho <simiaosimis at gmail.com>
Signed-off-by: Daniela Soares Feitosa <danielafeitosa at colivre.coop.br>
Closes merge request !688
- - - - -
117471e2 by Larissa Reis at 2015-10-06T15:56:33Z
newsletter: Fixes string internationalization for mailing
Only marking the strings for translation with `N_()` wasn't enough and
strings weren't being translated for mailing.
- - - - -
48b50f88 by Arthur Del Esposte at 2015-10-06T21:30:22Z
Consider subdirectory in some images path
Signed-off-by: Rodrigo Souto <rodrigo at colivre.coop.br>
Signed-off-by: Arthur Del Esposte <arthurmde at gmail.com>
- - - - -
c62a8f56 by Arthur Del Esposte at 2015-10-06T22:49:40Z
Include missed helper in Environment Notification Plugin
- - - - -
b14e6888 by Daniela Feitosa at 2015-10-06T23:34:52Z
Merge branch 'notification_plugin_fix' into 'master'
Include missed helper in Environment Notification Plugin
The Environment Notification Plugin's popup feature was broken since the following commit: 1414c2864df4e2d73c8b01f1b7c0c437ee2279b5
See merge request !695
- - - - -
792227eb by Antonio Terceiro at 2015-10-07T12:33:25Z
Merge branch 'image-subpath' into 'master'
Consider subdirectory in some images path
Small fixies to allow blog posts present images when Noosfero is running in a subdirectory
See merge request !694
- - - - -
c7903fb7 by Antonio Terceiro at 2015-10-07T12:37:39Z
Merge branch 'newsletter-mail-strings-translation' into 'master'
newsletter: Fixes string internationalization for mailing
Only marking the strings for translation with `N_()` wasn't enough and strings weren't being translated for mailing.
See merge request !693
- - - - -
d570e770 by Antonio Terceiro at 2015-10-07T13:45:22Z
Merge branch 'favorite-enterprises' into 'master'
Favorite enterprises block footer and content fixes
Before:
After:
Had to move the "view all" button to the bottom because of this problem:
See merge request !676
- - - - -
b5af2224 by Antonio Terceiro at 2015-10-07T13:50:22Z
Merge branch 'remove-emails' into 'master'
restore:remove_emails: removes actual emails from database
This is useful when you are loading a database dump from a production
database for local tests, and you don't want people's emails there in
order to avoid accidental outgoing email.
See merge request !692
- - - - -
92476194 by Antonio Terceiro at 2015-10-07T13:53:05Z
Merge branch 'comment-encode' into 'master'
avoid html double escape
This is already handled on rails 3.
Fix #64
See merge request !687
- - - - -
1b6f9e37 by Braulio Bhavamitra at 2015-10-07T11:10:13Z
Merge branch 'noosfero' into rails4
- - - - -
c9c81cfa by Braulio Bhavamitra at 2015-10-07T21:17:54Z
rails4: apply associations extensions to child classes
- - - - -
42 changed files:
- app/models/article.rb
- app/models/favorite_enterprises_block.rb
- app/views/blocks/highlights.html.erb
- app/views/cms/media_panel/_image.html.erb
- app/views/profile_editor/index.html.erb
- lib/noosfero/core_ext.rb
- + lib/noosfero/core_ext/active_record/reflection.rb
- lib/tasks/backup.rake
- plugins/environment_notification/controllers/public/environment_notification_plugin_public_controller.rb
- plugins/lattes_curriculum/lib/html_parser.rb
- plugins/ldap/Gemfile
- plugins/ldap/dependencies.rb
- plugins/ldap/lib/ldap_authentication.rb
- plugins/newsletter/lib/newsletter_plugin/newsletter.rb
- plugins/solr/dependencies.rb
- plugins/solr/install.rb
- plugins/solr/vendor/plugins/acts_as_solr_reloaded/Rakefile
- plugins/solr/vendor/plugins/acts_as_solr_reloaded/lib/acts_as_solr/tasks.rb
- plugins/solr/vendor/plugins/acts_as_solr_reloaded/lib/solr/xml.rb
- plugins/solr/vendor/plugins/acts_as_solr_reloaded/solr_test_rakefile.rb
- plugins/solr/vendor/plugins/acts_as_solr_reloaded/test/test_helper.rb
- plugins/solr/vendor/plugins/acts_as_solr_reloaded/test/unit/test_helper.rb
- plugins/spaminator/dependencies.rb
- public/designs/themes/base/style.scss
- public/stylesheets/cms/media-panel.scss
- − script/move-translations-to-plugins.rb
- script/vagrant
- test/functional/profile_editor_controller_test.rb
- test/unit/article_test.rb
- test/unit/comment_test.rb
- test/unit/community_test.rb
- test/unit/environment_test.rb
- test/unit/event_test.rb
- test/unit/folder_test.rb
- test/unit/gallery_test.rb
- test/unit/highlights_block_test.rb
- test/unit/organization_test.rb
- test/unit/product_test.rb
- test/unit/profile_test.rb
- test/unit/text_article_test.rb
- test/unit/validation_info_test.rb
- vendor/plugins/xss_terminate/lib/xss_terminate.rb
Changes:
=====================================
app/models/article.rb
=====================================
--- a/app/models/article.rb
+++ b/app/models/article.rb
@@ -811,7 +811,7 @@ class Article < ActiveRecord::Base
end
def first_image
- img = ( image.present? && { 'src' => image.public_filename } ) ||
+ img = ( image.present? && { 'src' => File.join([Noosfero.root, image.public_filename].join) } ) ||
Nokogiri::HTML.fragment(self.lead.to_s).css('img[src]').first ||
Nokogiri::HTML.fragment(self.body.to_s).search('img').first
img.nil? ? '' : img['src']
=====================================
app/models/favorite_enterprises_block.rb
=====================================
--- a/app/models/favorite_enterprises_block.rb
+++ b/app/models/favorite_enterprises_block.rb
@@ -16,7 +16,7 @@ class FavoriteEnterprisesBlock < ProfileListBlock
owner = self.owner
return '' unless owner.kind_of?(Person)
proc do
- link_to _('View all'), :profile => owner.identifier, :controller => 'profile', :action => 'favorite_enterprises'
+ link_to _('enterprises|View all'), {:profile => owner.identifier, :controller => 'profile', :action => 'favorite_enterprises'}, :class => 'view-all'
end
end
=====================================
app/views/blocks/highlights.html.erb
=====================================
--- a/app/views/blocks/highlights.html.erb
+++ b/app/views/blocks/highlights.html.erb
@@ -4,7 +4,7 @@
<div class='highlights-container'>
<% block.featured_images.each do |img| %>
<a href="<%= img[:address] %>" title="<%= img[:title] %>" class="highlights-image-link">
- <%= content_tag :img, nil, :src => img[:image_src], :alt => img[:title] %>
+ <%= image_tag [Noosfero.root, img[:image_src]].join, alt: img[:title] %>
<p class="highlights-label"><%= img[:title] %></p>
</a>
<% end %>
=====================================
app/views/cms/media_panel/_image.html.erb
=====================================
--- a/app/views/cms/media_panel/_image.html.erb
+++ b/app/views/cms/media_panel/_image.html.erb
@@ -1,6 +1,6 @@
<div class="item image" data-item="span" title="<%= @file.name %>">
<span>
- <img src="<%= @file.public_filename(:uploaded) %>"/>
+ <%= image_tag(@file.public_filename(:uploaded)) %>
</span>
<div class="controls image-controls">
<a class="button icon-add add-to-text" href="#"><span><%= _('Add to the text') %></span></a>
=====================================
app/views/profile_editor/index.html.erb
=====================================
--- a/app/views/profile_editor/index.html.erb
+++ b/app/views/profile_editor/index.html.erb
@@ -28,7 +28,7 @@
<%= control_panel_button(_('Manage Content'), 'cms', :controller => 'cms') %>
- <%= control_panel_button(_('Manage Roles'), 'roles', :controller => 'profile_roles') %>
+ <%= control_panel_button(_('Manage Roles'), 'roles', :controller => 'profile_roles') if profile.organization? %>
<% unless profile.enterprise? %>
<%= case profile.blogs.count
=====================================
lib/noosfero/core_ext.rb
=====================================
--- a/lib/noosfero/core_ext.rb
+++ b/lib/noosfero/core_ext.rb
@@ -1,3 +1,5 @@
require 'noosfero/core_ext/string'
require 'noosfero/core_ext/integer'
require 'noosfero/core_ext/active_record'
+require 'noosfero/core_ext/active_record/reflection'
+
=====================================
lib/noosfero/core_ext/active_record/reflection.rb
=====================================
--- /dev/null
+++ b/lib/noosfero/core_ext/active_record/reflection.rb
@@ -0,0 +1,20 @@
+
+# on STI classes tike Article and Profile, plugins' extensions
+# on associations should be reflected on descendants
+module ActiveRecord
+ module Reflection
+
+ class << self
+
+ def add_reflection_with_descendants(ar, name, reflection)
+ self.add_reflection_without_descendants ar, name, reflection
+ ar.descendants.each do |k|
+ k._reflections.merge!(name.to_s => reflection)
+ end if ar.base_class == ar
+ end
+
+ alias_method_chain :add_reflection, :descendants
+
+ end
+ end
+end
=====================================
lib/tasks/backup.rake
=====================================
--- a/lib/tasks/backup.rake
+++ b/lib/tasks/backup.rake
@@ -18,14 +18,15 @@ backup_dirs = [
desc "Creates a backup of the database and uploaded files"
task :backup => :check_backup_support do
dirs = backup_dirs.select { |d| File.exists?(d) }
+ rails_env = ENV["RAILS_ENV"] || 'production'
backup_name = Time.now.strftime('%Y-%m-%d-%R')
backup_file = File.join('tmp/backup', backup_name) + '.tar.gz'
mkdir_p 'tmp/backup'
dump = File.join('tmp/backup', backup_name) + '.sql'
- database = $config['production']['database']
- host = $config['production']['host']
+ database = $config[rails_env]['database']
+ host = $config[rails_env]['host']
host = host && "-h #{host}" || ""
sh "pg_dump #{host} #{database} > #{dump}"
@@ -52,6 +53,7 @@ end
desc "Restores a backup created previousy with \`rake backup\`"
task :restore => :check_backup_support do
backup = ENV["BACKUP"]
+ rails_env = ENV["RAILS_ENV"] || 'production'
unless backup
puts "usage: rake restore BACKUP=/path/to/backup"
exit 1
@@ -81,9 +83,9 @@ task :restore => :check_backup_support do
end
dump = dumps.first
- database = $config['production']['database']
- username = $config['production']['username']
- host = $config['production']['host']
+ database = $config[rails_env]['database']
+ username = $config[rails_env]['username']
+ host = $config[rails_env]['host']
host = host && "-h #{host}" || ""
puts "WARNING: backups should be restored to an empty database, otherwise"
@@ -102,10 +104,39 @@ task :restore => :check_backup_support do
end
sh 'tar', 'xaf', backup
- sh "rails dbconsole production < #{dump}"
+ sh "rails dbconsole #{rails_env} < #{dump}"
rm_f dump
puts "****************************************************"
puts "Backup restored!"
puts "****************************************************"
end
+
+desc 'Removes emails from database'
+task 'restore:remove_emails' => :environment do
+ connection = ActiveRecord::Base.connection
+ [
+ "UPDATE users SET email = concat('user', id, '@localhost.localdomain')",
+ "UPDATE environments SET contact_email = concat('environment', id, '@localhost.localdomain')",
+ ].each do |update|
+ puts update
+ connection.execute(update)
+ end
+
+ profiles = connection.execute("select id, data from profiles")
+ profiles.each do |profile|
+ if profile['data']
+ data = YAML.load(profile['data'])
+ if data[:contact_email] && data[:contact_email] !~ /@localhost.localdomain$/
+ data[:contact_email] = ['profile', profile['id'], '@localhost.localdomain'].join
+ sql = Environment.send(:sanitize_sql, [
+ "UPDATE profiles SET data = ? WHERE id = ?",
+ YAML.dump(data),
+ profile['id'],
+ ])
+ puts sql
+ connection.execute(sql)
+ end
+ end
+ end
+end
=====================================
plugins/environment_notification/controllers/public/environment_notification_plugin_public_controller.rb
=====================================
--- a/plugins/environment_notification/controllers/public/environment_notification_plugin_public_controller.rb
+++ b/plugins/environment_notification/controllers/public/environment_notification_plugin_public_controller.rb
@@ -1,6 +1,7 @@
class EnvironmentNotificationPluginPublicController < PublicController
helper EnvironmentNotificationHelper
+ include EnvironmentNotificationHelper
def notifications_with_popup
@hide_notifications = hide_notifications
=====================================
plugins/lattes_curriculum/lib/html_parser.rb
=====================================
--- a/plugins/lattes_curriculum/lib/html_parser.rb
+++ b/plugins/lattes_curriculum/lib/html_parser.rb
@@ -1,4 +1,3 @@
-require 'rubygems'
require 'nokogiri'
require 'open-uri'
=====================================
plugins/ldap/Gemfile
=====================================
--- a/plugins/ldap/Gemfile
+++ b/plugins/ldap/Gemfile
@@ -1 +1,2 @@
gem "net-ldap"
+gem "magic", ">= 0.2.8"
=====================================
plugins/ldap/dependencies.rb
=====================================
--- a/plugins/ldap/dependencies.rb
+++ b/plugins/ldap/dependencies.rb
@@ -1,2 +1 @@
-require 'rubygems'
require 'net/ldap'
=====================================
plugins/ldap/lib/ldap_authentication.rb
=====================================
--- a/plugins/ldap/lib/ldap_authentication.rb
+++ b/plugins/ldap/lib/ldap_authentication.rb
@@ -15,7 +15,6 @@
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-require 'rubygems'
require 'iconv'
require 'net/ldap'
require 'net/ldap/dn'
=====================================
plugins/newsletter/lib/newsletter_plugin/newsletter.rb
=====================================
--- a/plugins/newsletter/lib/newsletter_plugin/newsletter.rb
+++ b/plugins/newsletter/lib/newsletter_plugin/newsletter.rb
@@ -111,15 +111,15 @@ class NewsletterPlugin::Newsletter < Noosfero::Plugin::ActiveRecord
include DatesHelper
def message_to_public_link
- content_tag(:p, N_("If you can't view this email, %s.") % link_to(N_('click here'), '{mailing_url}'), :id => 'newsletter-public-link')
+ content_tag(:p, _("If you can't view this email, %s.") % link_to(_('click here'), '{mailing_url}'), :id => 'newsletter-public-link')
end
def message_to_unsubscribe
- content_tag(:div, N_("This is an automatically generated email, please do not reply. If you do not wish to receive future newsletter emails, %s.") % link_to(N_("cancel your subscription here"), self.unsubscribe_url, :style => CSS['public-link']), :style => CSS['newsletter-unsubscribe'], :id => 'newsletter-unsubscribe')
+ content_tag(:div, _("This is an automatically generated email, please do not reply. If you do not wish to receive future newsletter emails, %s.") % link_to(_("cancel your subscription here"), self.unsubscribe_url, :style => CSS['public-link']), :style => CSS['newsletter-unsubscribe'], :id => 'newsletter-unsubscribe')
end
def read_more(link_address)
- content_tag(:p, link_to(N_('Read more'), link_address, :style => CSS['read-more-link']), :style => CSS['read-more-line'])
+ content_tag(:p, link_to(_('Read more'), link_address, :style => CSS['read-more-link']), :style => CSS['read-more-line'])
end
def post_with_image(post)
@@ -141,7 +141,7 @@ class NewsletterPlugin::Newsletter < Noosfero::Plugin::ActiveRecord
end
def default_subject
- N_('Breaking news')
+ _('Breaking news')
end
def subject
=====================================
plugins/solr/dependencies.rb
=====================================
--- a/plugins/solr/dependencies.rb
+++ b/plugins/solr/dependencies.rb
@@ -1,4 +1,3 @@
-require 'rubygems'
require 'active_record'
require "#{File.dirname(__FILE__)}/lib/acts_as_searchable"
require "#{File.dirname(__FILE__)}/lib/acts_as_faceted"
=====================================
plugins/solr/install.rb
=====================================
--- a/plugins/solr/install.rb
+++ b/plugins/solr/install.rb
@@ -1,5 +1,4 @@
#raise "Not ready yet. Some tests are failing."
-require 'rubygems'
require 'rake'
tasks_dir = File.join(File.dirname(__FILE__), 'vendor', 'plugins', 'acts_as_solr_reloaded', 'lib', 'tasks', '*.rake')
=====================================
plugins/solr/vendor/plugins/acts_as_solr_reloaded/Rakefile
=====================================
--- a/plugins/solr/vendor/plugins/acts_as_solr_reloaded/Rakefile
+++ b/plugins/solr/vendor/plugins/acts_as_solr_reloaded/Rakefile
@@ -1,4 +1,3 @@
-require 'rubygems'
require 'rake'
require 'rake/testtask'
require 'rdoc/task'
=====================================
plugins/solr/vendor/plugins/acts_as_solr_reloaded/lib/acts_as_solr/tasks.rb
=====================================
--- a/plugins/solr/vendor/plugins/acts_as_solr_reloaded/lib/acts_as_solr/tasks.rb
+++ b/plugins/solr/vendor/plugins/acts_as_solr_reloaded/lib/acts_as_solr/tasks.rb
@@ -1,5 +1,4 @@
dir = File.dirname(__FILE__)
-require 'rubygems'
require 'rake'
require 'net/http'
require 'active_record'
=====================================
plugins/solr/vendor/plugins/acts_as_solr_reloaded/lib/solr/xml.rb
=====================================
--- a/plugins/solr/vendor/plugins/acts_as_solr_reloaded/lib/solr/xml.rb
+++ b/plugins/solr/vendor/plugins/acts_as_solr_reloaded/lib/solr/xml.rb
@@ -16,7 +16,6 @@ end
begin
# If we can load rubygems and libxml-ruby...
- require 'rubygems'
require 'xml/libxml'
raise "acts_as_solr requires libxml-ruby 0.7 or greater" unless XML::Node.public_instance_methods.collect{|x| x.to_sym}.include?(:attributes)
=====================================
plugins/solr/vendor/plugins/acts_as_solr_reloaded/solr_test_rakefile.rb
=====================================
--- a/plugins/solr/vendor/plugins/acts_as_solr_reloaded/solr_test_rakefile.rb
+++ b/plugins/solr/vendor/plugins/acts_as_solr_reloaded/solr_test_rakefile.rb
@@ -1,4 +1,3 @@
-require 'rubygems'
require 'rake'
dir = File.dirname(__FILE__)
$:.unshift("#{dir}/lib")
=====================================
plugins/solr/vendor/plugins/acts_as_solr_reloaded/test/test_helper.rb
=====================================
--- a/plugins/solr/vendor/plugins/acts_as_solr_reloaded/test/test_helper.rb
+++ b/plugins/solr/vendor/plugins/acts_as_solr_reloaded/test/test_helper.rb
@@ -1,4 +1,3 @@
-require 'rubygems'
require 'test/unit'
require 'active_record'
require 'active_record/fixtures'
=====================================
plugins/solr/vendor/plugins/acts_as_solr_reloaded/test/unit/test_helper.rb
=====================================
--- a/plugins/solr/vendor/plugins/acts_as_solr_reloaded/test/unit/test_helper.rb
+++ b/plugins/solr/vendor/plugins/acts_as_solr_reloaded/test/unit/test_helper.rb
@@ -1,7 +1,6 @@
dir = File.dirname(__FILE__)
$:.unshift(File.join(File.expand_path(dir), "..", "..", "lib"))
-require 'rubygems'
require 'test/unit'
require 'acts_as_solr'
require 'mocha'
=====================================
plugins/spaminator/dependencies.rb
=====================================
--- a/plugins/spaminator/dependencies.rb
+++ b/plugins/spaminator/dependencies.rb
@@ -1,2 +1 @@
-require 'rubygems'
require 'benchmark'
=====================================
public/designs/themes/base/style.scss
=====================================
--- a/public/designs/themes/base/style.scss
+++ b/public/designs/themes/base/style.scss
@@ -484,6 +484,7 @@ div#notice {
#content .profile-list-block ul,
#content .enterprises-block ul,
#content .communities-block ul,
+#content .favorite-enterprises-block ul,
#content .fans-block ul {
min-width: 196px;
width: 192px;
@@ -499,15 +500,14 @@ div#notice {
display: block;
}
+.block-footer-content {
+ text-align: center;
+ padding-top: 3px;
+}
+
.block-footer-content a.view-all {
- position: absolute;
- top: 2px;
- right: 0px;
font-size: 11px;
color: #000;
- text-decoration: none;
- padding-right: 15px;
- background: url(imgs/arrow-right-p.png) 100% 50% no-repeat;
}
#content .profile-list-block .block-title {
=====================================
public/stylesheets/cms/media-panel.scss
=====================================
--- a/public/stylesheets/cms/media-panel.scss
+++ b/public/stylesheets/cms/media-panel.scss
@@ -5,7 +5,7 @@
}
.controller-cms .show-media-panel .with_media_panel {
- width: 600px;
+ width: 540px;
transition: 1s;
}
@@ -77,7 +77,7 @@
.text-editor-sidebar {
position: absolute;
- width: 280px;
+ width: 340px;
right: 20px;
top: 70px;
max-height: 45px;
@@ -141,7 +141,7 @@
}
.text-editor-sidebar .image {
- width: 80px;
+ width: 100px;
margin: 2px;
height: 80px;
line-height: 80px;
=====================================
script/move-translations-to-plugins.rb deleted
=====================================
--- a/script/move-translations-to-plugins.rb
+++ /dev/null
@@ -1,34 +0,0 @@
-languages = Dir.glob('po/*').reject { |f| f =~ /pot$/ }.map { |f| File.basename(f) }
-
-core_files = `grep '#:' po/noosfero.pot | cut -d ':' -f 2 | sed 's/^\s*//' | grep -v '^plugins' | sort -u`.split.map { |f| [ '-N', f] }.flatten
-
-languages.each do |lang|
-
- lang_plugins_po = "tmp/#{lang}_plugins.po"
- system('msggrep', '-v', *core_files, '--output-file', lang_plugins_po, "po/#{lang}/noosfero.po")
-
- Dir.glob('plugins/*').each do |plugindir|
- plugin = File.basename(plugindir)
- po = File.join(plugindir, 'po', lang, plugin + '.po')
-
- files = []
- Dir.glob("#{plugindir}/**/*.{rb,html.erb}").each do |f|
- files << '-N' << f
- end
-
- system('mkdir', '-p', File.dirname(po))
- system('msggrep', *files, '--output-file', po, lang_plugins_po)
-
- if system("msgfmt --statistics -o /dev/null #{po} 2>&1 | grep -q '^0 translated message'")
- # empty .po
- system('rm', '-f', po)
- puts "[#{lang}] #{plugin}: PO file empty, deleted"
- else
- puts "[#{lang}] #{plugin}"
- end
-
- end
-
- system('rm', '-f', lang_plugins_po)
- system('find plugins/*/po -type d -empty -delete')
-end
=====================================
script/vagrant
=====================================
--- a/script/vagrant
+++ b/script/vagrant
@@ -12,5 +12,13 @@ for ip in 10.0.2.2 192.168.122.1; do
fi
done
+sudo apt-get install -qy postfix
+sudo postconf virtual_alias_maps=hash:/etc/postfix/virtual
+sudo tee /etc/postfix/virtual <<EOF
+ at localhost.localdomain vagrant
+EOF
+sudo postmap /etc/postfix/virtual
+sudo service postfix reload
+
cd /vagrant
./script/quick-start
=====================================
test/functional/profile_editor_controller_test.rb
=====================================
--- a/test/functional/profile_editor_controller_test.rb
+++ b/test/functional/profile_editor_controller_test.rb
@@ -1207,4 +1207,10 @@ class ProfileEditorControllerTest < ActionController::TestCase
get :header_footer, :profile => user.identifier
assert_response :success
end
+
+ should 'not display button to manage roles on control panel of person' do
+ get :index, :profile => profile.identifier
+ assert_no_tag :tag => 'a', :attributes => { :href => "/myprofile/default_user/profile_roles" }
+ end
+
end
=====================================
test/unit/article_test.rb
=====================================
--- a/test/unit/article_test.rb
+++ b/test/unit/article_test.rb
@@ -931,14 +931,6 @@ class ArticleTest < ActiveSupport::TestCase
assert_no_match(/<script>/, a.name)
end
- should 'escape malformed html tags' do
- article = Article.new
- article.name = "<h1 Malformed >> html >< tag"
- article.valid?
-
- assert_equal '<h1>> html ></h1>', article.name
- end
-
should 'return truncated title in short_title' do
article = Article.new
article.name = 'a123456789abcdefghij'
=====================================
test/unit/comment_test.rb
=====================================
--- a/test/unit/comment_test.rb
+++ b/test/unit/comment_test.rb
@@ -202,17 +202,6 @@ class CommentTest < ActiveSupport::TestCase
assert comment.errors[:body.to_s].present?
end
- should 'escape malformed html tags' do
- owner = create_user('testuser').person
- article = owner.articles.create(:name => 'test', :body => '...')
- comment = build(Comment, :article => article, :title => '<h1 title </h1>>> sd f <<', :body => '<h1>> sdf><asd>< body </h1>', :name => '<h1 name </h1>>><<dfsf<sd', :email => 'cracker at test.org')
- comment.valid?
-
- assert_no_match /[<>]/, comment.title
- assert_no_match /[<>]/, comment.body
- assert_no_match /[<>]/, comment.name
- end
-
should 'use an existing image for deleted comments' do
image = Comment.new.removed_user_image[1..-1]
assert File.exists?(Rails.root.join('public', image)), "#{image} does not exist."
@@ -755,6 +744,18 @@ class CommentTest < ActiveSupport::TestCase
comment.destroy
end
+ should 'not double escape html content after validation' do
+ comment = create_comment
+ body = 'Comment with "quotes"'
+ comment.body = body
+
+ comment.valid?
+ assert_equal body, comment.body
+
+ comment.valid?
+ assert_equal body, comment.body
+ end
+
private
def create_comment(args = {})
=====================================
test/unit/community_test.rb
=====================================
--- a/test/unit/community_test.rb
+++ b/test/unit/community_test.rb
@@ -242,20 +242,6 @@ class CommunityTest < ActiveSupport::TestCase
end
end
- should 'escape malformed html tags' do
- community = Community.new
- community.name = "<h1 Malformed >> html >< tag"
- community.address = "<h1 Malformed >,<<<asfdf> html >< tag"
- community.contact_phone = "<h1 Malformed<<> >> html >><>< tag"
- community.description = "<h1 Malformed /h1>>><<> html ><>h1< tag"
- community.valid?
-
- assert_no_match /[<>]/, community.name
- assert_no_match /[<>]/, community.address
- assert_no_match /[<>]/, community.contact_phone
- assert_no_match /[<>]/, community.description
- end
-
should "the followed_by method be protected and true to the community members by default" do
c = fast_create(Community)
p1 = fast_create(Person)
=====================================
test/unit/environment_test.rb
=====================================
--- a/test/unit/environment_test.rb
+++ b/test/unit/environment_test.rb
@@ -1140,14 +1140,6 @@ class EnvironmentTest < ActiveSupport::TestCase
assert_equal "<h1> Disabled Enterprise </h1>", environment.message_for_disabled_enterprise
end
- should 'escape malformed html tags' do
- environment = Environment.new
- environment.message_for_disabled_enterprise = "<h1> Disabled Enterprise /h1>"
- environment.valid?
-
- assert_match /<h1> Disabled Enterprise \/h1><\/h1>/, environment.message_for_disabled_enterprise
- end
-
should 'not sanitize html comments' do
environment = Environment.new
environment.message_for_disabled_enterprise = '<p><!-- <asdf> << aasdfa >>> --> <h1> Wellformed html code </h1>'
=====================================
test/unit/event_test.rb
=====================================
--- a/test/unit/event_test.rb
+++ b/test/unit/event_test.rb
@@ -263,24 +263,6 @@ class EventTest < ActiveSupport::TestCase
assert_not_includes profile.events.by_day(today), event_out_of_range
end
- should 'filter fields with full filter' do
- event = Event.new
- event.link = "<h1 Malformed >> html >< tag"
- event.valid?
-
- assert_no_match /[<>]/, event.link
- end
-
- should 'filter fields with white_list filter' do
- event = Event.new
- event.body = "<h1> Description </h1>"
- event.address = "<strong> Address </strong>"
- event.valid?
-
- assert_equal "<h1> Description </h1>", event.body
- assert_equal "<strong> Address </strong>", event.address
- end
-
should 'not filter & on link field' do
event = Event.new
event.link = 'myevent.com/?param1=value¶m2=value2'
@@ -289,16 +271,6 @@ class EventTest < ActiveSupport::TestCase
assert_equal "http://myevent.com/?param1=value¶m2=value2", event.link
end
- should 'escape malformed html tags' do
- event = Event.new
- event.body = "<h1<< Description >>/h1>"
- event.address = "<strong>><< Address <strong>"
- event.valid?
-
- assert_match /<h1>>\/h1><\/h1>/, event.body
- assert_match /<strong>><\/strong>/, event.address
- end
-
should 'not sanitize html comments' do
event = Event.new
event.body = '<p><!-- <asdf> << aasdfa >>> --> <h1> Wellformed html code </h1>'
=====================================
test/unit/folder_test.rb
=====================================
--- a/test/unit/folder_test.rb
+++ b/test/unit/folder_test.rb
@@ -133,14 +133,6 @@ class FolderTest < ActiveSupport::TestCase
assert_match /<p><!-- .* --> <\/p><h1> Wellformed html code <\/h1>/, folder.body
end
- should 'escape malformed html tags' do
- folder = Folder.new
- folder.body = "<h1<< Description >>/h1>"
- folder.valid?
-
- assert_match /<h1>>\/h1><\/h1>/, folder.body
- end
-
should 'not have a blog as parent' do
folder = Folder.new
folder.parent = Blog.new
=====================================
test/unit/gallery_test.rb
=====================================
--- a/test/unit/gallery_test.rb
+++ b/test/unit/gallery_test.rb
@@ -134,14 +134,6 @@ class GalleryTest < ActiveSupport::TestCase
assert_match /<p><!-- .* --> <\/p><h1> Wellformed html code <\/h1>/, gallery.body
end
- should 'escape malformed html tags' do
- gallery = Gallery.new
- gallery.body = "<h1<< Description >>/h1>"
- gallery.valid?
-
- assert_match /<h1>>\/h1><\/h1>/, gallery.body
- end
-
should 'accept uploads' do
folder = fast_create(Gallery)
assert folder.accept_uploads?
=====================================
test/unit/highlights_block_test.rb
=====================================
--- a/test/unit/highlights_block_test.rb
+++ b/test/unit/highlights_block_test.rb
@@ -132,6 +132,19 @@ class HighlightsBlockTest < ActiveSupport::TestCase
assert_equal block.images.first[:address], "/social/address"
end
+ should 'display images with subdir src' do
+ Noosfero.stubs(:root).returns("/social")
+ f1 = mock()
+ f1.expects(:public_filename).returns('/img_address')
+ UploadedFile.expects(:find).with(1).returns(f1)
+ block = HighlightsBlock.new
+ i1 = {:image_id => 1, :address => '/address'}
+ block.images = [i1]
+ block.save!
+
+ assert_tag_in_string instance_eval(& block.content), :tag => 'img', :attributes => { :src => "/social/img_address" }
+ end
+
[Environment, Profile].each do |klass|
should "choose between owner galleries when owner is #{klass.name}" do
owner = fast_create(klass)
=====================================
test/unit/organization_test.rb
=====================================
--- a/test/unit/organization_test.rb
+++ b/test/unit/organization_test.rb
@@ -253,25 +253,6 @@ class OrganizationTest < ActiveSupport::TestCase
assert organization.closed
end
- should 'escape malformed html tags' do
- organization = Organization.new
- organization.acronym = "<h1 Malformed >> html >< tag"
- organization.contact_person = "<h1 Malformed >,<<<asfdf> html >< tag"
- organization.contact_email = "<h1<malformed at html.com>>"
- organization.description = "<h1 Malformed /h1>>><<> html ><>h1< tag"
- organization.legal_form = "<h1 Malformed /h1>>><<> html ><>h1< tag"
- organization.economic_activity = "<h1 Malformed /h1>>><<> html ><>h1< tag"
- organization.management_information = "<h1 Malformed /h1>>><<> html ><>h1< tag"
- organization.valid?
-
- assert_no_match /[<>]/, organization.acronym
- assert_no_match /[<>]/, organization.contact_person
- assert_no_match /[<>]/, organization.contact_email
- assert_no_match /[<>]/, organization.legal_form
- assert_no_match /[<>]/, organization.economic_activity
- assert_no_match /[<>]/, organization.management_information
- end
-
should "the followed_by? be true only to members" do
o = fast_create(Organization)
p1 = fast_create(Person)
=====================================
test/unit/product_test.rb
=====================================
--- a/test/unit/product_test.rb
+++ b/test/unit/product_test.rb
@@ -171,16 +171,6 @@ class ProductTest < ActiveSupport::TestCase
assert_equal @product_category.name, product.name
end
- should 'escape malformed html tags' do
- product = build(Product, :product_category => @product_category)
- product.name = "<h1 Malformed >> html >< tag"
- product.description = "<h1 Malformed</h1>><<<a>> >> html >< tag"
- product.valid?
-
- assert_no_match /[<>]/, product.name
- assert_match /<h1>>> >> html ><\/h1>/, product.description
- end
-
should 'use name of category when has no name yet' do
product = Product.new
product.product_category = @product_category
=====================================
test/unit/profile_test.rb
=====================================
--- a/test/unit/profile_test.rb
+++ b/test/unit/profile_test.rb
@@ -1699,34 +1699,6 @@ class ProfileTest < ActiveSupport::TestCase
assert_equal "<strong> Custom Footer <strong>", profile.custom_footer
end
- should 'escape malformed html tags' do
- profile = Profile.new
- profile.name = "<h1 Malformed >> html >>></a>< tag"
- profile.nickname = "<h1 Malformed <<h1>>< html >< tag"
- profile.address = "<h1><</h2< Malformed >> html >< tag"
- profile.contact_phone = "<h1<< Malformed ><>>> html >< tag"
- profile.description = "<h1<a> Malformed >> html ></a>< tag"
- profile.valid?
-
- assert_no_match /[<>]/, profile.name
- assert_no_match /[<>]/, profile.nickname
- assert_no_match /[<>]/, profile.address
- assert_no_match /[<>]/, profile.contact_phone
- assert_no_match /[<>]/, profile.description
- assert_no_match /[<>]/, profile.custom_header
- assert_no_match /[<>]/, profile.custom_footer
- end
-
- should 'escape malformed html tags in header and footer' do
- profile = fast_create(Profile)
- profile.custom_header = "<h1<a>><<> Malformed >> html ></a>< tag"
- profile.custom_footer = "<h1> Malformed <><< html ></a>< tag"
- profile.save
-
- assert_match /<h1>> Malformed >> html ><\/h1>/, profile.custom_header
- assert_match /<h1> Malformed <\/h1>/, profile.custom_footer
- end
-
should 'not sanitize html comments' do
profile = Profile.new
profile.custom_header = '<p><!-- <asdf> << aasdfa >>> --> <h1> Wellformed html code </h1>'
=====================================
test/unit/text_article_test.rb
=====================================
--- a/test/unit/text_article_test.rb
+++ b/test/unit/text_article_test.rb
@@ -14,15 +14,6 @@ class TextArticleTest < ActiveSupport::TestCase
assert_includes TextArticle.find(:all), article
end
- should 'remove HTML from name' do
- person = create_user('testuser').person
- article = TextArticle.new(:profile => person)
- article.name = "<h1 Malformed >> html >>></a>< tag"
- article.valid?
-
- assert_no_match /[<>]/, article.name
- end
-
should 'be translatable' do
assert_kind_of Noosfero::TranslatableContent, TextArticle.new
end
=====================================
test/unit/validation_info_test.rb
=====================================
--- a/test/unit/validation_info_test.rb
+++ b/test/unit/validation_info_test.rb
@@ -21,14 +21,4 @@ class ValidationInfoTest < ActiveSupport::TestCase
end
end
- should 'escape malformed html tags' do
- info = ValidationInfo.new
- info.validation_methodology = "<h1 Malformed >> html >< tag"
- info.restrictions = "<h1 Malformed >> html >< tag"
- info.valid?
-
- assert_no_match /[<>]/, info.validation_methodology
- assert_no_match /[<>]/, info.restrictions
- end
-
end
=====================================
vendor/plugins/xss_terminate/lib/xss_terminate.rb
=====================================
--- a/vendor/plugins/xss_terminate/lib/xss_terminate.rb
+++ b/vendor/plugins/xss_terminate/lib/xss_terminate.rb
@@ -38,7 +38,7 @@ module XssTerminate
module InstanceMethods
- def sanitize_field(sanitizer, field, serialized = false, with= :full)
+ def sanitize_field(sanitizer, field, serialized = false)
field = field.to_sym
if serialized
puts field
@@ -49,25 +49,11 @@ module XssTerminate
else
if self[field]
self[field] = sanitizer.sanitize(self[field])
-
- if with == :full
- self[field] = CGI.escapeHTML(self[field])
- elsif with == :white_list
- self[field] = CGI.escapeHTML(self[field]) if !wellformed_html_code?(self[field])
- end
-
else
value = self.send("#{field}")
return unless value
value = sanitizer.sanitize(value)
self.send("#{field}=", value)
-
- if with == :full
- self.send("#{field}=", CGI.escapeHTML(value))
- elsif with == :white_list
- self.send("#{field}=", CGI.escapeHTML(value)) if !wellformed_html_code?(value)
- end
-
end
end
end
@@ -86,7 +72,7 @@ module XssTerminate
sanitizer = ActionView::Base.full_sanitizer
columns, columns_serialized = sanitize_columns(:full)
columns.each do |column|
- sanitize_field(sanitizer, column.to_sym, columns_serialized.include?(column), :full)
+ sanitize_field(sanitizer, column.to_sym, columns_serialized.include?(column))
end
end
@@ -94,7 +80,7 @@ module XssTerminate
sanitizer = ActionView::Base.white_list_sanitizer
columns, columns_serialized = sanitize_columns(:white_list)
columns.each do |column|
- sanitize_field(sanitizer, column.to_sym, columns_serialized.include?(column), :white_list)
+ sanitize_field(sanitizer, column.to_sym, columns_serialized.include?(column))
end
end
@@ -102,38 +88,8 @@ module XssTerminate
sanitizer = HTML5libSanitize.new
columns = sanitize_columns(:html5lib)
columns.each do |column|
- sanitize_field(sanitizer, column.to_sym, columns_serialized.include?(column), :html5lib)
- end
- end
-
- def wellformed_html_code?(field)
- return true if !field
- counter = 0
- in_comment = false
- field=field.split(//)
- for i in 0..field.length-1
- if !in_comment
- if field[i] == '<'
- if field[i+1..i+3] == ["!","-","-"]
- in_comment = true
- else
- counter += 1
- end
- elsif field[i] == '>'
- counter -= 1
- end
- else
- if field[i-2..i] == ["-","-",">"]
- in_comment = false
- end
- end
-
- if counter < 0 || 1 < counter
- return false
- end
+ sanitize_field(sanitizer, column.to_sym, columns_serialized.include?(column))
end
-
- return counter == 0
end
end
View it on GitLab: https://gitlab.com/noosfero/noosfero/compare/36a9133522aa162143791d97e51f63c0905085b7...c9c81cfa67b812a4624765f22b28b6c1b88a2aa5
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20151008/69e10bb0/attachment-0001.html>
More information about the Noosfero-dev
mailing list