OpenProject is the leading open source project management software.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
openproject/app/views/wiki/_page_form.html.erb

50 lines
2.0 KiB

[37868] Whitelist for attachment mime types and extensions on upload (#9431) * Add setting for whitelist * Make attachments API BaseServices compatible * Add prepare service and contract * Correctly pass the filename to the UploadedFile * Add presence check to filename * Fix expected validation message * We no longer raise a multipart error when metadata is empty * Fix filesize validation on prepared uploads * Add parser error if invalid metadata json * When attachment is not saved, use filename property * Return correct error message on JSON parser erroro * Fix specs * Use attachment upload representer * Fix direct uploads mocks with new service layer * Lint * Fix export job using attachment service * Fix IFC controller using attachment prepare service * Fix export job * RenameRename params_getter to params_source * Fix mail handler using attachment service * Fix usage of attachment create service in documents * Reuse shared examples for document attachment spec * Fix stubbed attachment service in export job spec * Use admin user in backup spec * Fix export job for bim * Fix attachment integration spec * Fix issues_controller spec * Make budget resource spec reuse common examples * Fix attachment parsing representer spec * Replace prepare part of attachment spec into separate service spec * Clear cache for login spec * Convert document create/update into services * Budget services * Allow options to be passed to property twin * Remove setting author on budget initialize * Replace meetings update with services * Replace ifc models attachment handling with services * Don't check uploader if changed by system * Fix uploader being changed by system * Replace wiki page attach_files with attachable services * Replace avatar saving * Replace snapshot attach_files * Skip double validation when container present * Set snapshot through attachment service * Remove attach_files * Validate content type in contract * Enforce writing the content type without accepting user input * Expect changed content_type * Fix content of viewpoint image to get correct content type * Fix tsv spec * Add create contract spec * Bypass whitelist in internal services when conflicting with user * Fix expects in specs after whitelist bypass * Render contract errors for wiki * Add before_hook to bodied to allow to pre-authorize permissions * Budget errors from contract * Document errors from contract
3 years ago
<%= error_messages_for_contract @page, @errors %>
<% resource = ::API::V3::WikiPages::WikiPageRepresenter.new(@page, current_user: current_user, embed_links: true) %>
<%= f.fields_for :page, @page do |page_form| %>
<%= editable_toolbar(form: page_form, field_name: :title) do %>
<li class="toolbar-item">
<zen-mode-toggle-button></zen-mode-toggle-button>
</li>
<% end %>
<% end %>
<div class="attributes-group wiki--content--attribute ckeditor--content-scrollable form--field -visible-overflow">
<%= f.text_area :text,
cols: 100,
rows: 25,
class: 'wiki-edit',
accesskey: accesskey(:edit),
with_text_formatting: true,
resource: resource,
label_options: { class: 'hidden-for-sighted' },
preview_context: preview_context(@page, @project) %>
</div>
<div class="form--field -required">
<%= f.fields_for :page, @page do |page_fields| %>
<%= page_fields.hidden_field :parent_id %>
<%= page_fields.select :parent_id,
wiki_page_options_for_select(@wiki.pages),
{ label: WikiPage.human_attribute_name(:parent_title), include_blank: false, container_class: '-wide' } %>
<% end%>
</div>
<div class="form--field">
<%= f.text_field :journal_notes,
class: '-border-on-hover-only -hide-placeholder-on-focus',
label_options: { class: 'hidden-for-sighted' },
autocomplete: 'off',
container_class: '-wide',
placeholder: t(:text_what_did_you_change_click_to_add_comment) %>
</div>
<%= f.button t(:button_save), class: 'button -highlight -with-icon icon-checkmark' %>
<%= link_to t(:button_cancel),
{ controller: '/wiki', action: 'show', project_id: @project, id: (@page.new_record? ? nil : @page) },
data: { confirm: t(:text_are_you_sure) },
class: 'button -with-icon icon-cancel' %>