projects / arvados-workbench2.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 72964a6)
21026: sanitizer in place Arvados-DCO-1.1-Signed-off-by: Lisa Knox <lisa.knox@curii...
authorLisa Knox <lisaknox83@gmail.com>
Fri, 13 Oct 2023 17:45:16 +0000 (13:45 -0400)
committerLisa Knox <lisaknox83@gmail.com>
Fri, 13 Oct 2023 17:45:16 +0000 (13:45 -0400)
src/common/html-sanitize.ts patch | blob | history
src/store/resources/resources-actions.ts patch | blob | history
src/store/resources/resources-reducer.ts patch | blob | history
src/views-components/data-explorer/data-explorer.tsx patch | blob | history
src/views-components/details-panel/project-details.tsx patch | blob | history

diff --git a/src/common/html-sanitize.ts b/src/common/html-sanitize.ts
index 9c1ac5505a57de0958051be9eb2a914d00fe3e23..3bdc09e29f83053b6d2d766097ebe40743011351 100644 (file)
--- a/src/common/html-sanitize.ts
+++ b/src/common/html-sanitize.ts
@@ -46,8 +46,11 @@ const domPurifyConfig: TDomPurifyConfig = {
 };
 
 export const sanitizeHTML = (dirtyInput: string): string => {
-    console.log('dirty ->',dirtyInput);
+    console.log('dirty------', dirtyInput);
+
     const clean = DOMPurify.sanitize(dirtyInput, domPurifyConfig);
-    console.log('clean =>',clean);
+    
+    console.log('clean------', clean);
+
     return clean;
 };
diff --git a/src/store/resources/resources-actions.ts b/src/store/resources/resources-actions.ts
index 1d1355a8ae457e5ba6fb95e87cc357589d4210a6..aff338f0b48540a5c666852aa40dcad565cc9a8f 100644 (file)
--- a/src/store/resources/resources-actions.ts
+++ b/src/store/resources/resources-actions.ts
@@ -15,8 +15,10 @@ import { TagProperty } from 'models/tag';
 import { change, formValueSelector } from 'redux-form';
 import { ResourcePropertiesFormData } from 'views-components/resource-properties-form/resource-properties-form';
 
+export type ResourceWithDescription = Resource & { description?: string }
+
 export const resourcesActions = unionize({
-    SET_RESOURCES: ofType<Resource[]>(),
+    SET_RESOURCES: ofType<ResourceWithDescription[] >(),
     DELETE_RESOURCES: ofType<string[]>()
 });
 
diff --git a/src/store/resources/resources-reducer.ts b/src/store/resources/resources-reducer.ts
index bb0cd383d8f6f7f7741506b9a2a0cbf8735f6980..02b8f38f4c8eec3dc1698d6c689cc9b9931dfc12 100644 (file)
--- a/src/store/resources/resources-reducer.ts
+++ b/src/store/resources/resources-reducer.ts
@@ -2,16 +2,22 @@
 //
 // SPDX-License-Identifier: AGPL-3.0
 
+import { sanitizeHTML } from 'common/html-sanitize';
 import { ResourcesState, setResource, deleteResource } from './resources';
 import { ResourcesAction, resourcesActions } from './resources-actions';
 
-export const resourcesReducer = (state: ResourcesState = {}, action: ResourcesAction) =>
-    resourcesActions.match(action, {
-        SET_RESOURCES: resources => resources.reduce(
-            (state, resource) => setResource(resource.uuid, resource)(state),
-            state),
-        DELETE_RESOURCES: ids => ids.reduce(
-            (state, id) => deleteResource(id)(state),
-            state),
+export const resourcesReducer = (state: ResourcesState = {}, action: ResourcesAction) => {
+    if (Array.isArray(action.payload)) {
+        for (const item of action.payload) {
+            if (typeof item === 'object' && item.description) {
+                item.description = sanitizeHTML(item.description);
+            }
+        }
+    }
+
+    return resourcesActions.match(action, {
+        SET_RESOURCES: resources => resources.reduce((state, resource) => setResource(resource.uuid, resource)(state), state),
+        DELETE_RESOURCES: ids => ids.reduce((state, id) => deleteResource(id)(state), state),
         default: () => state,
-    });
\ No newline at end of file
+    });
+};
\ No newline at end of file
diff --git a/src/views-components/data-explorer/data-explorer.tsx b/src/views-components/data-explorer/data-explorer.tsx
index 59c389ac573cbff0b90634aec8777a1ef9d4cf80..f8f030eb991475d921229d578aee1acecc882c2d 100644 (file)
--- a/src/views-components/data-explorer/data-explorer.tsx
+++ b/src/views-components/data-explorer/data-explorer.tsx
@@ -22,6 +22,7 @@ interface Props {
 }
 
 const mapStateToProps = (state: RootState, { id }: Props) => {
+    // console.log(state.form.projectUpdateFormName? state.form.projectUpdateFormName:'')
     const progress = state.progressIndicator.find(p => p.id === id);
     const dataExplorerState = getDataExplorer(state.dataExplorer, id);
     const currentRoute = state.router.location ? state.router.location.pathname : '';
diff --git a/src/views-components/details-panel/project-details.tsx b/src/views-components/details-panel/project-details.tsx
index ecc8c3285847a73fd4017158e4017318fda03bf8..7dc6709da591a84a7ecd813582aa509733008c0a 100644 (file)
--- a/src/views-components/details-panel/project-details.tsx
+++ b/src/views-components/details-panel/project-details.tsx
@@ -22,7 +22,6 @@ import { openProjectUpdateDialog, ProjectUpdateFormDialogData } from 'store/proj
 import { RootState } from 'store/store';
 import { ResourcesState } from 'store/resources/resources';
 import { resourceIsFrozen } from 'common/frozen-resources';
-import { sanitizeHTML } from 'common/html-sanitize';
 
 export class ProjectDetails extends DetailsData<ProjectResource> {
     getIcon(className?: string) {
@@ -103,7 +102,7 @@ const ProjectDetailsComponent = connect(mapStateToProps, mapDispatchToProps)(
                 {project.description ?
                     <RichTextEditorLink
                         title={`Description of ${project.name}`}
-                        content={sanitizeHTML(project.description)}
+                        content={project.description}
                         label='Show full description' />
                     : '---'
                 }