Merge pull request #223 from igalic/fix/safe-string

make blog/instance description a SafeString
This commit is contained in:
Baptiste Gelez 2018-09-14 20:56:13 +01:00 committed by GitHub
commit eb24ba1774
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 32 additions and 15 deletions

View file

@ -22,6 +22,7 @@ use plume_common::activity_pub::{
inbox::WithInbox, inbox::WithInbox,
sign sign
}; };
use safe_string::SafeString;
use instance::*; use instance::*;
use users::User; use users::User;
use schema::blogs; use schema::blogs;
@ -142,8 +143,8 @@ impl Blog {
name: inst.clone(), name: inst.clone(),
local: false, local: false,
// We don't really care about all the following for remote instances // We don't really care about all the following for remote instances
long_description: String::new(), long_description: SafeString::new(""),
short_description: String::new(), short_description: SafeString::new(""),
default_license: String::new(), default_license: String::new(),
open_registrations: true, open_registrations: true,
short_description_html: String::new(), short_description_html: String::new(),

View file

@ -3,6 +3,7 @@ use diesel::{self, QueryDsl, RunQueryDsl, ExpressionMethods, PgConnection};
use std::iter::Iterator; use std::iter::Iterator;
use plume_common::utils::md_to_html; use plume_common::utils::md_to_html;
use safe_string::SafeString;
use ap_url; use ap_url;
use users::User; use users::User;
use schema::{instances, users}; use schema::{instances, users};
@ -16,8 +17,8 @@ pub struct Instance {
pub blocked: bool, pub blocked: bool,
pub creation_date: NaiveDateTime, pub creation_date: NaiveDateTime,
pub open_registrations: bool, pub open_registrations: bool,
pub short_description: String, pub short_description: SafeString,
pub long_description: String, pub long_description: SafeString,
pub default_license : String, pub default_license : String,
pub long_description_html: String, pub long_description_html: String,
pub short_description_html: String pub short_description_html: String
@ -30,8 +31,8 @@ pub struct NewInstance {
pub name: String, pub name: String,
pub local: bool, pub local: bool,
pub open_registrations: bool, pub open_registrations: bool,
pub short_description: String, pub short_description: SafeString,
pub long_description: String, pub long_description: SafeString,
pub default_license : String, pub default_license : String,
pub long_description_html: String, pub long_description_html: String,
pub short_description_html: String pub short_description_html: String
@ -114,7 +115,7 @@ impl Instance {
)) ))
} }
pub fn update(&self, conn: &PgConnection, name: String, open_registrations: bool, short_description: String, long_description: String) -> Instance { pub fn update(&self, conn: &PgConnection, name: String, open_registrations: bool, short_description: SafeString, long_description: SafeString) -> Instance {
let (sd, _) = md_to_html(short_description.as_ref()); let (sd, _) = md_to_html(short_description.as_ref());
let (ld, _) = md_to_html(long_description.as_ref()); let (ld, _) = md_to_html(long_description.as_ref());
diesel::update(self) diesel::update(self)

View file

@ -101,3 +101,15 @@ impl AsRef<str> for SafeString {
&self.value &self.value
} }
} }
use rocket::request::FromFormValue;
use rocket::http::RawStr;
impl<'v> FromFormValue<'v> for SafeString {
type Error = &'v RawStr;
fn from_form_value(form_value: &'v RawStr) -> Result<SafeString, &'v RawStr> {
let val = String::from_form_value(form_value)?;
Ok(SafeString::new(&val))
}
}

View file

@ -205,8 +205,8 @@ impl User {
public_domain: inst.clone(), public_domain: inst.clone(),
local: false, local: false,
// We don't really care about all the following for remote instances // We don't really care about all the following for remote instances
long_description: String::new(), long_description: SafeString::new(""),
short_description: String::new(), short_description: SafeString::new(""),
default_license: String::new(), default_license: String::new(),
open_registrations: true, open_registrations: true,
short_description_html: String::new(), short_description_html: String::new(),

View file

@ -10,7 +10,9 @@ use plume_models::{
db_conn::DbConn, db_conn::DbConn,
posts::Post, posts::Post,
users::User, users::User,
safe_string::SafeString,
instance::* instance::*
}; };
use inbox::Inbox; use inbox::Inbox;
use routes::Page; use routes::Page;
@ -110,8 +112,8 @@ struct InstanceSettingsForm {
#[validate(length(min = "1"))] #[validate(length(min = "1"))]
name: String, name: String,
open_registrations: bool, open_registrations: bool,
short_description: String, short_description: SafeString,
long_description: String, long_description: SafeString,
#[validate(length(min = "1"))] #[validate(length(min = "1"))]
default_license: String default_license: String
} }

View file

@ -6,6 +6,7 @@ use std::io;
use std::path::Path; use std::path::Path;
use std::process::{exit, Command}; use std::process::{exit, Command};
use rpassword; use rpassword;
use plume_models::safe_string::SafeString;
use plume_models::{ use plume_models::{
DB_URL, DB_URL,
@ -152,8 +153,8 @@ fn quick_setup(conn: DbConn) {
public_domain: domain, public_domain: domain,
name: name, name: name,
local: true, local: true,
long_description: String::new(), long_description: SafeString::new(""),
short_description: String::new(), short_description: SafeString::new(""),
default_license: String::from("CC-0"), default_license: String::from("CC-0"),
open_registrations: true, open_registrations: true,
short_description_html: String::new(), short_description_html: String::new(),

View file

@ -23,10 +23,10 @@
</label> </label>
<label for="short_description">{{ "Short description" | _ }}<small>{{ "Markdown is supported" | _ }}</small></label> <label for="short_description">{{ "Short description" | _ }}<small>{{ "Markdown is supported" | _ }}</small></label>
<textarea id="short_description" name="short_description">{{ form.short_description | default(value=instance.short_description) }}</textarea> <textarea id="short_description" name="short_description">{{ form.short_description | default(value=instance.short_description | safe) }}</textarea>
<label for="long_description">{{ "Long description" | _ }}<small>{{ "Markdown is supported" | _ }}</small></label> <label for="long_description">{{ "Long description" | _ }}<small>{{ "Markdown is supported" | _ }}</small></label>
<textarea id="long_description" name="long_description">{{ form.long_description | default(value=instance.long_description) }}</textarea> <textarea id="long_description" name="long_description">{{ form.long_description | default(value=instance.long_description | safe) }}</textarea>
{{ macros::input(name="default_license", label="Default license", errors=errors, form=form, props='minlenght="1"', default=instance) }} {{ macros::input(name="default_license", label="Default license", errors=errors, form=form, props='minlenght="1"', default=instance) }}