BigW Consortium Gitlab

Move `unescape_html_entities` from LabelsHelper to Label model

parent ab811b6a
module LabelsHelper
include ActionView::Helpers::TagHelper
TABLE_FOR_ESCAPE_HTML_ENTITIES = {
'&' => '&',
'<' => '&lt;',
'>' => '&gt;'
}
# Link to a Label
#
# label - Label object to link to
......@@ -136,11 +130,7 @@ module LabelsHelper
label.subscribed?(current_user) ? 'Unsubscribe' : 'Subscribe'
end
def unescape_html_entities(value)
value.to_s.gsub(/(&gt;)|(&lt;)|(&amp;)/, TABLE_FOR_ESCAPE_HTML_ENTITIES.invert)
end
# Required for Banzai::Filter::LabelReferenceFilter
module_function :render_colored_label, :render_colored_cross_project_label,
:text_color_for_bg, :escape_once, :unescape_html_entities
:text_color_for_bg, :escape_once
end
......@@ -10,6 +10,12 @@ class Label < ActiveRecord::Base
DEFAULT_COLOR = '#428BCA'
TABLE_FOR_ESCAPE_HTML_ENTITIES = {
'&' => '&amp;',
'<' => '&lt;',
'>' => '&gt;'
}
default_value_for :color, DEFAULT_COLOR
belongs_to :project
......@@ -134,6 +140,10 @@ class Label < ActiveRecord::Base
end
def sanitize_title(value)
LabelsHelper.unescape_html_entities(Sanitize.clean(value.to_s))
unescape_html_entities(Sanitize.clean(value.to_s))
end
def unescape_html_entities(value)
value.to_s.gsub(/(&gt;)|(&lt;)|(&amp;)/, TABLE_FOR_ESCAPE_HTML_ENTITIES.invert)
end
end
......@@ -68,7 +68,7 @@ module Banzai
end
def unescape_html_entities(text)
LabelsHelper.unescape_html_entities(text)
text.to_s.gsub(/(&gt;)|(&lt;)|(&amp;)/, Label::TABLE_FOR_ESCAPE_HTML_ENTITIES.invert)
end
end
end
......
......@@ -77,10 +77,4 @@ describe LabelsHelper do
expect(text_color_for_bg('#000')).to eq '#FFFFFF'
end
end
describe 'unescape_html_entities' do
it 'decodes &, <, and > named entities' do
expect(unescape_html_entities('foo &amp; bar &lt; zoo &gt; boo &eacute;')).to eq 'foo & bar < zoo > boo &eacute;'
end
end
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment