From 9e1db139eb1387fa9658ed68592d93eca61efb6b Mon Sep 17 00:00:00 2001 From: Tomasz Maczukin Date: Tue, 3 Nov 2015 17:23:19 +0100 Subject: Move level_name resolving to Gitlan::VisibilityLevel --- lib/gitlab/visibility_level.rb | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'lib') diff --git a/lib/gitlab/visibility_level.rb b/lib/gitlab/visibility_level.rb index 335dc44be19..d0ffe24f827 100644 --- a/lib/gitlab/visibility_level.rb +++ b/lib/gitlab/visibility_level.rb @@ -51,6 +51,15 @@ module Gitlab def allowed_fork_levels(origin_level) [PRIVATE, INTERNAL, PUBLIC].select{ |level| level <= origin_level } end + + def level_name(level) + level_name = 'Unknown' + options.each do |name, lvl| + level_name = name if lvl == level + end + + level_name + end end def private? -- cgit v1.2.1 From 3bc012db77e1b59986362d8de0660b97a15c9d1f Mon Sep 17 00:00:00 2001 From: Tomasz Maczukin Date: Wed, 4 Nov 2015 22:13:40 +0100 Subject: Fix GitlabV::isibilityLevel::level_name method --- lib/gitlab/visibility_level.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/gitlab/visibility_level.rb b/lib/gitlab/visibility_level.rb index d0ffe24f827..3160a3c7582 100644 --- a/lib/gitlab/visibility_level.rb +++ b/lib/gitlab/visibility_level.rb @@ -55,7 +55,7 @@ module Gitlab def level_name(level) level_name = 'Unknown' options.each do |name, lvl| - level_name = name if lvl == level + level_name = name if lvl == level.to_i end level_name -- cgit v1.2.1 From 8e3f1fa629a61741282214b293c1bc9438aada59 Mon Sep 17 00:00:00 2001 From: tduehr Date: Wed, 11 Nov 2015 22:25:31 -0600 Subject: add CAS authentication support --- lib/gitlab/o_auth/session.rb | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 lib/gitlab/o_auth/session.rb (limited to 'lib') diff --git a/lib/gitlab/o_auth/session.rb b/lib/gitlab/o_auth/session.rb new file mode 100644 index 00000000000..f33bfd0bd0e --- /dev/null +++ b/lib/gitlab/o_auth/session.rb @@ -0,0 +1,17 @@ +module Gitlab + module OAuth + module Session + def self.create(provider, ticket) + Rails.cache.write("gitlab:#{provider}:#{ticket}", ticket, expires_in: Gitlab.config.omniauth.cas3.session_duration) + end + + def self.destroy(provider, ticket) + Rails.cache.delete("gitlab:#{provider}:#{ticket}") + end + + def self.valid?(provider, ticket) + Rails.cache.read("gitlab:#{provider}:#{ticket}").present? + end + end + end +end -- cgit v1.2.1 From 75ad9fff4e1293776e077b402b7e0bfcff3391d0 Mon Sep 17 00:00:00 2001 From: Trey Davis Date: Mon, 14 Dec 2015 17:30:55 -0800 Subject: Show git version on admin page --- lib/gitlab/git.rb | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lib') diff --git a/lib/gitlab/git.rb b/lib/gitlab/git.rb index 0c350d7c675..f065cc5e9e9 100644 --- a/lib/gitlab/git.rb +++ b/lib/gitlab/git.rb @@ -20,6 +20,10 @@ module Gitlab def blank_ref?(ref) ref == BLANK_SHA end + + def version + Gitlab::VersionInfo.parse(Gitlab::Popen.popen(%W(#{Gitlab.config.git.bin_path} --version)).first) + end end end end -- cgit v1.2.1 From d9c82d679fd622aead99aeb90369361a05e02a36 Mon Sep 17 00:00:00 2001 From: Douwe Maan Date: Fri, 18 Dec 2015 10:03:34 +0100 Subject: Automatically fork a project when not allowed to edit a file. --- lib/api/files.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/api/files.rb b/lib/api/files.rb index a7a768f8895..8ad2c1883c7 100644 --- a/lib/api/files.rb +++ b/lib/api/files.rb @@ -7,7 +7,7 @@ module API def commit_params(attrs) { file_path: attrs[:file_path], - current_branch: attrs[:branch_name], + source_branch: attrs[:branch_name], target_branch: attrs[:branch_name], commit_message: attrs[:commit_message], file_content: attrs[:content], -- cgit v1.2.1 From f177aaa5fa789654dc440d6ec4ae3546544c1401 Mon Sep 17 00:00:00 2001 From: Drew Blessing Date: Thu, 17 Dec 2015 16:08:14 -0600 Subject: Backport JIRA service --- lib/banzai/filter/external_issue_reference_filter.rb | 20 +++++++++++++++++--- lib/gitlab/reference_extractor.rb | 12 +++++++++++- 2 files changed, 28 insertions(+), 4 deletions(-) (limited to 'lib') diff --git a/lib/banzai/filter/external_issue_reference_filter.rb b/lib/banzai/filter/external_issue_reference_filter.rb index f5737a7ac19..f5942740cd6 100644 --- a/lib/banzai/filter/external_issue_reference_filter.rb +++ b/lib/banzai/filter/external_issue_reference_filter.rb @@ -23,6 +23,18 @@ module Banzai end end + def self.referenced_by(node) + project = Project.find(node.attr("data-project")) rescue nil + return unless project + + id = node.attr("data-external-issue") + external_issue = ExternalIssue.new(id, project) + + return unless external_issue + + { external_issue: external_issue } + end + def call # Early return if the project isn't using an external tracker return doc if project.nil? || project.default_issues_tracker? @@ -46,12 +58,14 @@ module Banzai def issue_link_filter(text, link_text: nil) project = context[:project] - self.class.references_in(text) do |match, issue| - url = url_for_issue(issue, project, only_path: context[:only_path]) + self.class.references_in(text) do |match, id| + ExternalIssue.new(id, project) + + url = url_for_issue(id, project, only_path: context[:only_path]) title = escape_once("Issue in #{project.external_issue_tracker.title}") klass = reference_class(:issue) - data = data_attribute(project: project.id) + data = data_attribute(project: project.id, external_issue: id) text = link_text || match diff --git a/lib/gitlab/reference_extractor.rb b/lib/gitlab/reference_extractor.rb index 42f7c26f3c4..0a70d21b1ce 100644 --- a/lib/gitlab/reference_extractor.rb +++ b/lib/gitlab/reference_extractor.rb @@ -18,10 +18,20 @@ module Gitlab super(text, context.merge(project: project)) end - %i(user label issue merge_request snippet commit commit_range).each do |type| + %i(user label merge_request snippet commit commit_range).each do |type| define_method("#{type}s") do @references[type] ||= references(type, project: project, current_user: current_user) end end + + def issues + options = { project: project, current_user: current_user } + + if project && project.jira_tracker? + @references[:external_issue] ||= references(:external_issue, options) + else + @references[:issue] ||= references(:issue, options) + end + end end end -- cgit v1.2.1 From 1d3889eb465655af5f7e3e6c3af9f3f529e6c9b5 Mon Sep 17 00:00:00 2001 From: Patricio Cano Date: Tue, 22 Dec 2015 13:00:41 -0500 Subject: Fix identity and user retrieval when special characters are used --- lib/gitlab/ldap/user.rb | 4 ++-- lib/gitlab/o_auth/user.rb | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/gitlab/ldap/user.rb b/lib/gitlab/ldap/user.rb index 4be99dd88c2..01bfe09cf07 100644 --- a/lib/gitlab/ldap/user.rb +++ b/lib/gitlab/ldap/user.rb @@ -14,7 +14,7 @@ module Gitlab # LDAP distinguished name is case-insensitive identity = ::Identity. where(provider: provider). - where('lower(extern_uid) = ?', uid.mb_chars.downcase.to_s).last + iwhere(extern_uid: uid.mb_chars.to_s).last identity && identity.user end end @@ -31,7 +31,7 @@ module Gitlab def find_by_uid_and_provider self.class.find_by_uid_and_provider( - auth_hash.uid.downcase, auth_hash.provider) + auth_hash.uid, auth_hash.provider) end def find_by_email diff --git a/lib/gitlab/o_auth/user.rb b/lib/gitlab/o_auth/user.rb index 17ce4d4b174..f1a362f5303 100644 --- a/lib/gitlab/o_auth/user.rb +++ b/lib/gitlab/o_auth/user.rb @@ -64,7 +64,7 @@ module Gitlab # If a corresponding person exists with same uid in a LDAP server, # set up a Gitlab user with dual LDAP and Omniauth identities. - if user = Gitlab::LDAP::User.find_by_uid_and_provider(ldap_person.dn.downcase, ldap_person.provider) + if user = Gitlab::LDAP::User.find_by_uid_and_provider(ldap_person.dn, ldap_person.provider) # Case when a LDAP user already exists in Gitlab. Add the Omniauth identity to existing account. user.identities.build(extern_uid: auth_hash.uid, provider: auth_hash.provider) else -- cgit v1.2.1 From 301a30e0ea573c83c28358b2c856396fda878089 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Sun, 13 Dec 2015 11:43:17 -0800 Subject: Add project permissions to all project API endpoints This standardizes all the project API formats. Also needed to support Huboard. --- lib/api/projects.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/api/projects.rb b/lib/api/projects.rb index 5e75cd35c56..a9e0960872a 100644 --- a/lib/api/projects.rb +++ b/lib/api/projects.rb @@ -25,7 +25,7 @@ module API @projects = current_user.authorized_projects @projects = filter_projects(@projects) @projects = paginate @projects - present @projects, with: Entities::Project + present @projects, with: Entities::ProjectWithAccess, user: current_user end # Get an owned projects list for authenticated user @@ -36,7 +36,7 @@ module API @projects = current_user.owned_projects @projects = filter_projects(@projects) @projects = paginate @projects - present @projects, with: Entities::Project + present @projects, with: Entities::ProjectWithAccess, user: current_user end # Gets starred project for the authenticated user @@ -59,7 +59,7 @@ module API @projects = Project.all @projects = filter_projects(@projects) @projects = paginate @projects - present @projects, with: Entities::Project + present @projects, with: Entities::ProjectWithAccess, user: current_user end # Get a single project -- cgit v1.2.1 From a48dd40a926fdeddfdd76cea5db468a82096c7f4 Mon Sep 17 00:00:00 2001 From: Valery Sizov Date: Thu, 17 Dec 2015 14:29:55 +0200 Subject: base implementation of emoji picker [ci skip] --- lib/award_emoji.rb | 49 ++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 40 insertions(+), 9 deletions(-) (limited to 'lib') diff --git a/lib/award_emoji.rb b/lib/award_emoji.rb index 4d99164bc33..d3f98d2d7f0 100644 --- a/lib/award_emoji.rb +++ b/lib/award_emoji.rb @@ -1,11 +1,4 @@ class AwardEmoji - EMOJI_LIST = [ - "+1", "-1", "100", "blush", "heart", "smile", "rage", - "beers", "disappointed", "ok_hand", - "helicopter", "shit", "airplane", "alarm_clock", - "ambulance", "anguished", "two_hearts", "wink" - ] - ALIASES = { pout: "rage", satisfied: "laughing", @@ -37,11 +30,49 @@ class AwardEmoji squirrel: "shipit" }.with_indifferent_access - def self.path_to_emoji_image(name) - "emoji/#{Emoji.emoji_filename(name)}.png" + CATEGORIES = { + other: "Other", + objects: "Objects", + places: "Places", + travel_places: "Travel", + emoticons: "Emoticons", + objects_symbols: "Symbols", + nature: "Nature", + celebration: "Celebration", + people: "People", + activity: "Activity", + flags: "Flags", + food_drink: "Food" + }.with_indifferent_access + + def self.positions_by_name(name) + emoji = emojis_json.find do |emoji| + emoji["short_names"].include?(name) + end + + [emoji["sheet_x"], emoji["sheet_y"]] end def self.normilize_emoji_name(name) ALIASES[name] || name end + + def self.emoji_by_category + unless @emoji_by_category + @emoji_by_category = {} + emojis_added = [] + + Emoji.emojis.each do |emoji_name, data| + next if emojis_added.include?(data["name"]) + emojis_added << data["name"] + + @emoji_by_category[data["category"]] ||= [] + @emoji_by_category[data["category"]] << data + end + + @emoji_by_category = @emoji_by_category.sort.to_h + end + + @emoji_by_category + end end -- cgit v1.2.1 From e5eb700d5e8d561dc8a7ff3d35f5a8c867c4e19b Mon Sep 17 00:00:00 2001 From: Valery Sizov Date: Tue, 22 Dec 2015 17:15:25 +0200 Subject: emoji picker: minor fixes --- lib/award_emoji.rb | 8 -------- 1 file changed, 8 deletions(-) (limited to 'lib') diff --git a/lib/award_emoji.rb b/lib/award_emoji.rb index d3f98d2d7f0..3825f4650be 100644 --- a/lib/award_emoji.rb +++ b/lib/award_emoji.rb @@ -45,14 +45,6 @@ class AwardEmoji food_drink: "Food" }.with_indifferent_access - def self.positions_by_name(name) - emoji = emojis_json.find do |emoji| - emoji["short_names"].include?(name) - end - - [emoji["sheet_x"], emoji["sheet_y"]] - end - def self.normilize_emoji_name(name) ALIASES[name] || name end -- cgit v1.2.1 From 3e6950481a90a83f183397f11b8f2a5d21233cfb Mon Sep 17 00:00:00 2001 From: Grzegorz Bizon Date: Wed, 23 Dec 2015 10:48:10 +0100 Subject: Use method that creates runners registration token `runners_registration_token` now creates a new token if it is blank. --- lib/ci/api/helpers.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/ci/api/helpers.rb b/lib/ci/api/helpers.rb index 443563c2e4a..1c91204e98c 100644 --- a/lib/ci/api/helpers.rb +++ b/lib/ci/api/helpers.rb @@ -19,7 +19,7 @@ module Ci end def runner_registration_token_valid? - params[:token] == current_application_settings.ensure_runners_registration_token + params[:token] == current_application_settings.runners_registration_token end def update_runner_last_contact -- cgit v1.2.1 From 9c893af7ad69b178f10e4e62f0f79a84a9918ae5 Mon Sep 17 00:00:00 2001 From: cafuego Date: Thu, 24 Dec 2015 04:18:39 +0000 Subject: Fix spelling of "it's" to "its" where appropriate. --- lib/support/init.d/gitlab | 10 +++++----- lib/support/init.d/gitlab.default.example | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) (limited to 'lib') diff --git a/lib/support/init.d/gitlab b/lib/support/init.d/gitlab index aa2da92c138..c5f07c8b508 100755 --- a/lib/support/init.d/gitlab +++ b/lib/support/init.d/gitlab @@ -92,7 +92,7 @@ check_pids(){ ## Called when we have started the two processes and are waiting for their pid files. wait_for_pids(){ - # We are sleeping a bit here mostly because sidekiq is slow at writing it's pid + # We are sleeping a bit here mostly because sidekiq is slow at writing its pid i=0; while [ ! -f $web_server_pid_path ] || [ ! -f $sidekiq_pid_path ] || [ ! -f $gitlab_workhorse_pid_path ] || { [ "$mail_room_enabled" = true ] && [ ! -f $mail_room_pid_path ]; }; do sleep 0.1; @@ -108,7 +108,7 @@ wait_for_pids(){ } # We use the pids in so many parts of the script it makes sense to always check them. -# Only after start() is run should the pids change. Sidekiq sets it's own pid. +# Only after start() is run should the pids change. Sidekiq sets its own pid. check_pids @@ -290,7 +290,7 @@ stop_gitlab() { sleep 1 # Cleaning up unused pids rm "$web_server_pid_path" 2>/dev/null - # rm "$sidekiq_pid_path" 2>/dev/null # Sidekiq seems to be cleaning up it's own pid. + # rm "$sidekiq_pid_path" 2>/dev/null # Sidekiq seems to be cleaning up its own pid. rm -f "$gitlab_workhorse_pid_path" if [ "$mail_room_enabled" = true ]; then rm "$mail_room_pid_path" 2>/dev/null @@ -299,7 +299,7 @@ stop_gitlab() { print_status } -## Prints the status of GitLab and it's components. +## Prints the status of GitLab and its components. print_status() { check_status if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_workhorse_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; }; then @@ -333,7 +333,7 @@ print_status() { fi } -## Tells unicorn to reload it's config and Sidekiq to restart +## Tells unicorn to reload its config and Sidekiq to restart reload_gitlab(){ exit_if_not_running if [ "$wpid" = "0" ];then diff --git a/lib/support/init.d/gitlab.default.example b/lib/support/init.d/gitlab.default.example index 7fc495db545..1937ca582b0 100755 --- a/lib/support/init.d/gitlab.default.example +++ b/lib/support/init.d/gitlab.default.example @@ -9,11 +9,11 @@ RAILS_ENV="production" # The default is "git". app_user="git" -# app_root defines the folder in which gitlab and it's components are installed. +# app_root defines the folder in which gitlab and its components are installed. # The default is "/home/$app_user/gitlab" app_root="/home/$app_user/gitlab" -# pid_path defines a folder in which the gitlab and it's components place their pids. +# pid_path defines a folder in which the gitlab and its components place their pids. # This variable is also used below to define the relevant pids for the gitlab components. # The default is "$app_root/tmp/pids" pid_path="$app_root/tmp/pids" -- cgit v1.2.1 From b6de0d28303a12c76847f1137e672aa60ae174ac Mon Sep 17 00:00:00 2001 From: Valery Sizov Date: Thu, 24 Dec 2015 11:28:51 +0200 Subject: Emoji picker: better alias handling --- lib/award_emoji.rb | 53 +++++++++++++++++------------------------------------ 1 file changed, 17 insertions(+), 36 deletions(-) (limited to 'lib') diff --git a/lib/award_emoji.rb b/lib/award_emoji.rb index 3825f4650be..783fcfb61ad 100644 --- a/lib/award_emoji.rb +++ b/lib/award_emoji.rb @@ -1,35 +1,4 @@ class AwardEmoji - ALIASES = { - pout: "rage", - satisfied: "laughing", - hankey: "shit", - poop: "shit", - collision: "boom", - thumbsup: "+1", - thumbsdown: "-1", - punch: "facepunch", - raised_hand: "hand", - running: "runner", - ng_woman: "no_good", - shoe: "mans_shoe", - tshirt: "shirt", - honeybee: "bee", - flipper: "dolphin", - paw_prints: "feet", - waxing_gibbous_moon: "moon", - telephone: "phone", - knife: "hocho", - envelope: "email", - pencil: "memo", - open_book: "book", - sailboat: "boat", - red_car: "car", - lantern: "izakaya_lantern", - uk: "gb", - heavy_exclamation_mark: "exclamation", - squirrel: "shipit" - }.with_indifferent_access - CATEGORIES = { other: "Other", objects: "Objects", @@ -46,17 +15,15 @@ class AwardEmoji }.with_indifferent_access def self.normilize_emoji_name(name) - ALIASES[name] || name + aliases[name] || name end def self.emoji_by_category unless @emoji_by_category @emoji_by_category = {} - emojis_added = [] - Emoji.emojis.each do |emoji_name, data| - next if emojis_added.include?(data["name"]) - emojis_added << data["name"] + emojis.each do |emoji_name, data| + data["name"] = emoji_name @emoji_by_category[data["category"]] ||= [] @emoji_by_category[data["category"]] << data @@ -67,4 +34,18 @@ class AwardEmoji @emoji_by_category end + + def self.emojis + @emojis ||= begin + json_path = File.join(Rails.root, 'fixtures', 'emojis', 'index.json' ) + JSON.parse(File.read(json_path)) + end + end + + def self.aliases + @aliases ||= begin + json_path = File.join(Rails.root, 'fixtures', 'emojis', 'aliases.json' ) + JSON.parse(File.read(json_path)) + end + end end -- cgit v1.2.1 From 662aa8ec35a2c1a898ade5be3a525591786cd9f5 Mon Sep 17 00:00:00 2001 From: Douwe Maan Date: Thu, 24 Dec 2015 12:37:46 +0100 Subject: No mb_chars needed anymore --- lib/gitlab/ldap/user.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/gitlab/ldap/user.rb b/lib/gitlab/ldap/user.rb index 01bfe09cf07..aef08c97d1d 100644 --- a/lib/gitlab/ldap/user.rb +++ b/lib/gitlab/ldap/user.rb @@ -14,7 +14,7 @@ module Gitlab # LDAP distinguished name is case-insensitive identity = ::Identity. where(provider: provider). - iwhere(extern_uid: uid.mb_chars.to_s).last + iwhere(extern_uid: uid).last identity && identity.user end end @@ -47,7 +47,7 @@ module Gitlab # find_or_initialize_by doesn't update `gl_user.identities`, and isn't autosaved. identity = gl_user.identities.find { |identity| identity.provider == auth_hash.provider } identity ||= gl_user.identities.build(provider: auth_hash.provider) - + # For a new user set extern_uid to the LDAP DN # For an existing user with matching email but changed DN, update the DN. # For an existing user with no change in DN, this line changes nothing. -- cgit v1.2.1 From 5a8c65b508614dd8896ff8af7cad6e2b33fb7244 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Sat, 12 Dec 2015 22:02:05 -0800 Subject: Add API support for looking up a user by username Needed to support Huboard --- lib/api/users.rb | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'lib') diff --git a/lib/api/users.rb b/lib/api/users.rb index a98d668e02d..3400f0713ef 100644 --- a/lib/api/users.rb +++ b/lib/api/users.rb @@ -8,11 +8,17 @@ module API # # Example Request: # GET /users + # GET /users?search=Admin + # GET /users?username=root get do - @users = User.all - @users = @users.active if params[:active].present? - @users = @users.search(params[:search]) if params[:search].present? - @users = paginate @users + if params[:username].present? + @users = User.where(username: params[:username]) + else + @users = User.all + @users = @users.active if params[:active].present? + @users = @users.search(params[:search]) if params[:search].present? + @users = paginate @users + end if current_user.is_admin? present @users, with: Entities::UserFull -- cgit v1.2.1 From 37993d39577058d5c76ef9c35e40d1c8f9aa7982 Mon Sep 17 00:00:00 2001 From: Douwe Maan Date: Thu, 24 Dec 2015 21:36:33 +0100 Subject: Escape all the things. --- lib/banzai/filter/abstract_reference_filter.rb | 23 ++++++++++++---------- .../filter/external_issue_reference_filter.rb | 6 +++--- lib/banzai/filter/label_reference_filter.rb | 2 +- lib/banzai/filter/reference_filter.rb | 4 ++-- lib/banzai/filter/user_reference_filter.rb | 2 +- 5 files changed, 20 insertions(+), 17 deletions(-) (limited to 'lib') diff --git a/lib/banzai/filter/abstract_reference_filter.rb b/lib/banzai/filter/abstract_reference_filter.rb index bdaa4721b4b..63ad8910c0f 100644 --- a/lib/banzai/filter/abstract_reference_filter.rb +++ b/lib/banzai/filter/abstract_reference_filter.rb @@ -98,7 +98,7 @@ module Banzai project = project_from_ref(project_ref) if project && object = find_object(project, id) - title = escape_once(object_link_title(object)) + title = object_link_title(object) klass = reference_class(object_sym) data = data_attribute( @@ -110,17 +110,11 @@ module Banzai url = matches[:url] if matches.names.include?("url") url ||= url_for_object(object, project) - text = link_text - unless text - text = object.reference_link_text(context[:project]) - - extras = object_link_text_extras(object, matches) - text += " (#{extras.join(", ")})" if extras.any? - end + text = link_text || object_link_text(object, matches) %(#{text}) + title="#{escape_once(title)}" + class="#{klass}">#{escape_once(text)}) else match end @@ -140,6 +134,15 @@ module Banzai def object_link_title(object) "#{object_class.name.titleize}: #{object.title}" end + + def object_link_text(object, matches) + text = object.reference_link_text(context[:project]) + + extras = object_link_text_extras(object, matches) + text += " (#{extras.join(", ")})" if extras.any? + + text + end end end end diff --git a/lib/banzai/filter/external_issue_reference_filter.rb b/lib/banzai/filter/external_issue_reference_filter.rb index f5942740cd6..6136e73c096 100644 --- a/lib/banzai/filter/external_issue_reference_filter.rb +++ b/lib/banzai/filter/external_issue_reference_filter.rb @@ -63,15 +63,15 @@ module Banzai url = url_for_issue(id, project, only_path: context[:only_path]) - title = escape_once("Issue in #{project.external_issue_tracker.title}") + title = "Issue in #{project.external_issue_tracker.title}" klass = reference_class(:issue) data = data_attribute(project: project.id, external_issue: id) text = link_text || match %(#{text}) + title="#{escape_once(title)}" + class="#{klass}">#{escape_once(text)}) end end diff --git a/lib/banzai/filter/label_reference_filter.rb b/lib/banzai/filter/label_reference_filter.rb index 07bac2dd7fd..a3a7a23c1e6 100644 --- a/lib/banzai/filter/label_reference_filter.rb +++ b/lib/banzai/filter/label_reference_filter.rb @@ -60,7 +60,7 @@ module Banzai text = link_text || render_colored_label(label) %(#{text}) + class="#{klass}">#{escape_once(text)}) else match end diff --git a/lib/banzai/filter/reference_filter.rb b/lib/banzai/filter/reference_filter.rb index 33457a3f361..a22a7a7afd3 100644 --- a/lib/banzai/filter/reference_filter.rb +++ b/lib/banzai/filter/reference_filter.rb @@ -44,11 +44,11 @@ module Banzai # Returns a String def data_attribute(attributes = {}) attributes[:reference_filter] = self.class.name.demodulize - attributes.map { |key, value| %Q(data-#{key.to_s.dasherize}="#{value}") }.join(" ") + attributes.map { |key, value| %Q(data-#{key.to_s.dasherize}="#{escape_once(value)}") }.join(" ") end def escape_once(html) - ERB::Util.html_escape_once(html) + html.html_safe? ? html : ERB::Util.html_escape_once(html) end def ignore_parents diff --git a/lib/banzai/filter/user_reference_filter.rb b/lib/banzai/filter/user_reference_filter.rb index 67c24faf991..7f302d51dd7 100644 --- a/lib/banzai/filter/user_reference_filter.rb +++ b/lib/banzai/filter/user_reference_filter.rb @@ -122,7 +122,7 @@ module Banzai end def link_tag(url, data, text) - %(#{text}) + %(#{escape_once(text)}) end end end -- cgit v1.2.1