From 98c0c5db50a7679b3d58769ac22cb0a27a62c930 Mon Sep 17 00:00:00 2001 From: Josh Kalderimis Date: Thu, 10 Feb 2011 23:01:02 +0800 Subject: Removed Array#safe_join in AS core_ext and moved it to a view helper with the same same. --- actionpack/lib/action_view/helpers.rb | 4 +- .../action_view/helpers/output_safety_helper.rb | 40 ++++++++++++++++ .../lib/action_view/helpers/raw_output_helper.rb | 18 ------- .../test/template/output_safety_helper_test.rb | 55 ++++++++++++++++++++++ actionpack/test/template/raw_output_helper_test.rb | 21 --------- 5 files changed, 97 insertions(+), 41 deletions(-) create mode 100644 actionpack/lib/action_view/helpers/output_safety_helper.rb delete mode 100644 actionpack/lib/action_view/helpers/raw_output_helper.rb create mode 100644 actionpack/test/template/output_safety_helper_test.rb delete mode 100644 actionpack/test/template/raw_output_helper_test.rb (limited to 'actionpack') diff --git a/actionpack/lib/action_view/helpers.rb b/actionpack/lib/action_view/helpers.rb index 41013c800c..d338ce616a 100644 --- a/actionpack/lib/action_view/helpers.rb +++ b/actionpack/lib/action_view/helpers.rb @@ -18,7 +18,7 @@ module ActionView #:nodoc: autoload :JavaScriptHelper, "action_view/helpers/javascript_helper" autoload :NumberHelper autoload :PrototypeHelper - autoload :RawOutputHelper + autoload :OutputSafetyHelper autoload :RecordTagHelper autoload :SanitizeHelper autoload :ScriptaculousHelper @@ -48,7 +48,7 @@ module ActionView #:nodoc: include JavaScriptHelper include NumberHelper include PrototypeHelper - include RawOutputHelper + include OutputSafetyHelper include RecordTagHelper include SanitizeHelper include ScriptaculousHelper diff --git a/actionpack/lib/action_view/helpers/output_safety_helper.rb b/actionpack/lib/action_view/helpers/output_safety_helper.rb new file mode 100644 index 0000000000..39f3f38e33 --- /dev/null +++ b/actionpack/lib/action_view/helpers/output_safety_helper.rb @@ -0,0 +1,40 @@ +require 'active_support/core_ext/string/output_safety' + +module ActionView #:nodoc: + # = Action View Raw Output Helper + module Helpers #:nodoc: + module OutputSafetyHelper + # This method outputs without escaping a string. Since escaping tags is + # now default, this can be used when you don't want Rails to automatically + # escape tags. This is not recommended if the data is coming from the user's + # input. + # + # For example: + # + # <%=raw @user.name %> + def raw(stringish) + stringish.to_s.html_safe + end + + # This method returns a html safe string using Array#join if all + # the items in the array, including the supplied separator, are html safe. + # Otherwise the result of Array#join is returned without marking + # it as html safe. + # + # safe_join(["Mr", "Bojangles"]).html_safe? + # # => false + # + # safe_join(["Mr".html_safe, "Bojangles".html_safe]).html_safe? + # # => true + # + def safe_join(array, sep=$,) + sep ||= "".html_safe + str = array.join(sep) + + is_html_safe = array.all? { |item| item.html_safe? } + + (sep.html_safe? && is_html_safe) ? str.html_safe : str + end + end + end +end \ No newline at end of file diff --git a/actionpack/lib/action_view/helpers/raw_output_helper.rb b/actionpack/lib/action_view/helpers/raw_output_helper.rb deleted file mode 100644 index 216683a2e0..0000000000 --- a/actionpack/lib/action_view/helpers/raw_output_helper.rb +++ /dev/null @@ -1,18 +0,0 @@ -module ActionView #:nodoc: - # = Action View Raw Output Helper - module Helpers #:nodoc: - module RawOutputHelper - # This method outputs without escaping a string. Since escaping tags is - # now default, this can be used when you don't want Rails to automatically - # escape tags. This is not recommended if the data is coming from the user's - # input. - # - # For example: - # - # <%=raw @user.name %> - def raw(stringish) - stringish.to_s.html_safe - end - end - end -end \ No newline at end of file diff --git a/actionpack/test/template/output_safety_helper_test.rb b/actionpack/test/template/output_safety_helper_test.rb new file mode 100644 index 0000000000..3c52b63d40 --- /dev/null +++ b/actionpack/test/template/output_safety_helper_test.rb @@ -0,0 +1,55 @@ +require 'abstract_unit' +require 'testing_sandbox' + +class OutputSafetyHelperTest < ActionView::TestCase + tests ActionView::Helpers::OutputSafetyHelper + include TestingSandbox + + def setup + @string = "hello" + end + + test "raw returns the safe string" do + result = raw(@string) + assert_equal @string, result + assert result.html_safe? + end + + test "raw handles nil values correctly" do + assert_equal "", raw(nil) + end + + test "joining safe elements without a separator is safe" do + array = 5.times.collect { "some string".html_safe } + assert safe_join(array).html_safe? + end + + test "Joining safe elements with a safe separator is safe" do + array = 5.times.collect { "some string".html_safe } + assert safe_join(array, "-".html_safe).html_safe? + end + + test "Joining safe elements with an unsafe separator is unsafe" do + array = 5.times.collect { "some string".html_safe } + assert !safe_join(array, "-").html_safe? + end + + test "Joining is unsafe if any element is unsafe even with a safe separator" do + array = 5.times.collect { "some string".html_safe } + array << "some string" + assert !safe_join(array, "-".html_safe).html_safe? + end + + test "Joining is unsafe if any element is unsafe and no separator is given" do + array = 5.times.collect { "some string".html_safe } + array << "some string" + assert !safe_join(array).html_safe? + end + + test "Joining is unsafe if any element is unsafe and the separator is unsafe" do + array = 5.times.collect { "some string".html_safe } + array << "some string" + assert !safe_join(array, "-").html_safe? + end + +end \ No newline at end of file diff --git a/actionpack/test/template/raw_output_helper_test.rb b/actionpack/test/template/raw_output_helper_test.rb deleted file mode 100644 index 598aa5b1d8..0000000000 --- a/actionpack/test/template/raw_output_helper_test.rb +++ /dev/null @@ -1,21 +0,0 @@ -require 'abstract_unit' -require 'testing_sandbox' - -class RawOutputHelperTest < ActionView::TestCase - tests ActionView::Helpers::RawOutputHelper - include TestingSandbox - - def setup - @string = "hello" - end - - test "raw returns the safe string" do - result = raw(@string) - assert_equal @string, result - assert result.html_safe? - end - - test "raw handles nil values correctly" do - assert_equal "", raw(nil) - end -end \ No newline at end of file -- cgit v1.2.3