make blog/instance description a SafeString

long_description & short_description's documentation say they can be
Markdown, but they are String, not SafeString.

This led to escaped strings being printed in the editor
https://github.com/Plume-org/Plume/issues/220
This commit is contained in:
Igor Galić 2018-09-14 15:14:24 +02:00
parent d355379e01
commit f5c299f23c
No known key found for this signature in database
GPG key ID: ACFEFF7F6A123A86
5 changed files with 15 additions and 12 deletions

View file

@ -22,6 +22,7 @@ use plume_common::activity_pub::{
inbox::WithInbox, inbox::WithInbox,
sign sign
}; };
use safe_string::SafeString;
use instance::*; use instance::*;
use users::User; use users::User;
use schema::blogs; use schema::blogs;
@ -142,8 +143,8 @@ impl Blog {
name: inst.clone(), name: inst.clone(),
local: false, local: false,
// We don't really care about all the following for remote instances // We don't really care about all the following for remote instances
long_description: String::new(), long_description: SafeString::new(&<String>::new()),
short_description: String::new(), short_description: SafeString::new(&<String>::new()),
default_license: String::new(), default_license: String::new(),
open_registrations: true, open_registrations: true,
short_description_html: String::new(), short_description_html: String::new(),

View file

@ -3,6 +3,7 @@ use diesel::{self, QueryDsl, RunQueryDsl, ExpressionMethods, PgConnection};
use std::iter::Iterator; use std::iter::Iterator;
use plume_common::utils::md_to_html; use plume_common::utils::md_to_html;
use safe_string::SafeString;
use ap_url; use ap_url;
use users::User; use users::User;
use schema::{instances, users}; use schema::{instances, users};
@ -16,8 +17,8 @@ pub struct Instance {
pub blocked: bool, pub blocked: bool,
pub creation_date: NaiveDateTime, pub creation_date: NaiveDateTime,
pub open_registrations: bool, pub open_registrations: bool,
pub short_description: String, pub short_description: SafeString,
pub long_description: String, pub long_description: SafeString,
pub default_license : String, pub default_license : String,
pub long_description_html: String, pub long_description_html: String,
pub short_description_html: String pub short_description_html: String
@ -30,8 +31,8 @@ pub struct NewInstance {
pub name: String, pub name: String,
pub local: bool, pub local: bool,
pub open_registrations: bool, pub open_registrations: bool,
pub short_description: String, pub short_description: SafeString,
pub long_description: String, pub long_description: SafeString,
pub default_license : String, pub default_license : String,
pub long_description_html: String, pub long_description_html: String,
pub short_description_html: String pub short_description_html: String

View file

@ -205,8 +205,8 @@ impl User {
public_domain: inst.clone(), public_domain: inst.clone(),
local: false, local: false,
// We don't really care about all the following for remote instances // We don't really care about all the following for remote instances
long_description: String::new(), long_description: SafeString::new(&<String>::new()),
short_description: String::new(), short_description: SafeString::new(&<String>::new()),
default_license: String::new(), default_license: String::new(),
open_registrations: true, open_registrations: true,
short_description_html: String::new(), short_description_html: String::new(),

View file

@ -125,8 +125,8 @@ fn update_settings(conn: DbConn, admin: Admin, form: LenientForm<InstanceSetting
instance.update(&*conn, instance.update(&*conn,
form.name.clone(), form.name.clone(),
form.open_registrations, form.open_registrations,
form.short_description.clone(), form.short_description.clone().to_string(),
form.long_description.clone()); form.long_description.clone().to_string());
Redirect::to(uri!(admin)) Redirect::to(uri!(admin))
}) })
.map_err(|e| Template::render("instance/admin", json!({ .map_err(|e| Template::render("instance/admin", json!({

View file

@ -6,6 +6,7 @@ use std::io;
use std::path::Path; use std::path::Path;
use std::process::{exit, Command}; use std::process::{exit, Command};
use rpassword; use rpassword;
use plume_models::safe_string::SafeString;
use plume_models::{ use plume_models::{
DB_URL, DB_URL,
@ -152,8 +153,8 @@ fn quick_setup(conn: DbConn) {
public_domain: domain, public_domain: domain,
name: name, name: name,
local: true, local: true,
long_description: String::new(), long_description: SafeString::new(&<String>::new()),
short_description: String::new(), short_description: SafeString::new(&<String>::new()),
default_license: String::from("CC-0"), default_license: String::from("CC-0"),
open_registrations: true, open_registrations: true,
short_description_html: String::new(), short_description_html: String::new(),