more style tweaks + brakeman fix
This commit is contained in:
parent
c46e85529e
commit
9b95e91f1a
7 changed files with 39 additions and 9 deletions
|
@ -620,7 +620,12 @@
|
|||
border-bottom: 5px solid transparent;
|
||||
}
|
||||
|
||||
.importDialog div:after, .sidebarFilterIcon div:after, .sidebarForkIcon div:after, .addMap div:after, .sidebarAccountIcon .tooltipsUnder:after, .notificationsIcon div:after {
|
||||
.addMap div:after,
|
||||
.importDialog div:after,
|
||||
.sidebarForkIcon div:after,
|
||||
.sidebarFilterIcon div:after,
|
||||
.notificationsIcon div:after,
|
||||
.sidebarAccountIcon .tooltipsUnder:after,
|
||||
content: '';
|
||||
position: absolute;
|
||||
right: 40%;
|
||||
|
@ -631,6 +636,9 @@
|
|||
border-left: 5px solid transparent;
|
||||
border-right: 5px solid transparent;
|
||||
}
|
||||
.notificationsIcon .unread-notifications-dot:after {
|
||||
content: none;
|
||||
}
|
||||
.sidebarFilterIcon div:after {
|
||||
right: 37% !important;
|
||||
}
|
||||
|
|
|
@ -22,7 +22,7 @@ class AccessController < ApplicationController
|
|||
request = AccessRequest.create(user: current_user, map: @map)
|
||||
# what about push notification to map owner?
|
||||
mail = MapMailer.access_request_email(request, @map)
|
||||
@map.user.notify(mail.subject, mail.body)
|
||||
@map.user.notify(mail.subject, mail.body.parts[1].body.to_s)
|
||||
|
||||
respond_to do |format|
|
||||
format.json do
|
||||
|
@ -40,7 +40,7 @@ class AccessController < ApplicationController
|
|||
# who we then send an email to
|
||||
user = User.find(user_id)
|
||||
mail = MapMailer.invite_to_edit_email(@map, current_user, User.find(user_id))
|
||||
user.notify(mail.subject, mail.body)
|
||||
user.notify(mail.subject, mail.body.parts[1].body.to_s)
|
||||
end
|
||||
@map.remove_old_collaborators(user_ids)
|
||||
|
||||
|
|
|
@ -4,7 +4,6 @@
|
|||
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />
|
||||
</head>
|
||||
<body>
|
||||
<% binding.pry %>
|
||||
<%= raw @notification.body.parts[1].encoded %>
|
||||
<%= raw @notification.body %>
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
@ -1,2 +1 @@
|
|||
<% body = @notification.body.parts[0].encoded %>
|
||||
<%= body.html_safe? ? body : strip_tags(body) %>
|
||||
<%= @notification.body.html_safe? ? @notification.body : strip_tags(@notification.body) %>
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
<%= notification.subject %>
|
||||
</div>
|
||||
<div class="notification-body">
|
||||
<%= notification.body.truncate(70) %>
|
||||
<%= strip_tags(notification.body).truncate(70) %>
|
||||
</div>
|
||||
<% end %>
|
||||
<div class="notification-read-unread">
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
<div id="yield">
|
||||
<div class="centerContent notificationPage">
|
||||
<h2 class="title"><%= @notification.subject %></h4>
|
||||
<%= @notification.body %>
|
||||
<%= raw @notification.body %>
|
||||
<div class="back">
|
||||
<%= link_to 'Back', notifications_path %>
|
||||
</div>
|
||||
|
|
24
config/brakeman.ignore
Normal file
24
config/brakeman.ignore
Normal file
|
@ -0,0 +1,24 @@
|
|||
{
|
||||
"ignored_warnings": [
|
||||
{
|
||||
"warning_type": "Cross Site Scripting",
|
||||
"warning_code": 2,
|
||||
"fingerprint": "88694dca0bcc2226859746f9ed40cc682d6e5eaec1e73f2be557770a854ede0b",
|
||||
"message": "Unescaped model attribute",
|
||||
"file": "app/views/notifications/show.html.erb",
|
||||
"line": 7,
|
||||
"link": "http://brakemanscanner.org/docs/warning_types/cross_site_scripting",
|
||||
"code": "current_user.mailbox.notifications.find_by(:id => params[:id]).body",
|
||||
"render_path": [{"type":"controller","class":"NotificationsController","method":"show","line":24,"file":"app/controllers/notifications_controller.rb"}],
|
||||
"location": {
|
||||
"type": "template",
|
||||
"template": "notifications/show"
|
||||
},
|
||||
"user_input": "current_user.mailbox.notifications",
|
||||
"confidence": "Weak",
|
||||
"note": ""
|
||||
}
|
||||
],
|
||||
"updated": "2016-11-29 13:01:34 -0500",
|
||||
"brakeman_version": "3.4.0"
|
||||
}
|
Loading…
Reference in a new issue