diff --git a/app/models/communication/website/page.rb b/app/models/communication/website/page.rb
index dcf2c6fd4f5765fde1b497578c0f4b8d8b405a8b..a5003b607d12fc8c588dd28f2ebef9a2c32e2404 100644
--- a/app/models/communication/website/page.rb
+++ b/app/models/communication/website/page.rb
@@ -57,8 +57,6 @@ class Communication::Website::Page < ApplicationRecord
include WithType
include WithPermalink
- has_summernote :text
-
belongs_to :website,
foreign_key: :communication_website_id
belongs_to :parent,
diff --git a/app/models/communication/website/post.rb b/app/models/communication/website/post.rb
index 9d38b4b54887e612bf804d509f2f47fcba52eaff..7cbf6a295f3d201d97e8b7fc850bfc4833cb01a5 100644
--- a/app/models/communication/website/post.rb
+++ b/app/models/communication/website/post.rb
@@ -45,8 +45,6 @@ class Communication::Website::Post < ApplicationRecord
include WithPermalink
include WithSlug # We override slug_unavailable? method
- has_summernote :text
-
has_one :imported_post,
class_name: 'Communication::Website::Imported::Post',
dependent: :destroy
diff --git a/app/models/concerns/with_inheritance.rb b/app/models/concerns/with_inheritance.rb
index 3b3002479c448757e8f92e421554e9810eea9ce7..a9398bd311cc8efc4bf5ddc52586b2ee9d11e6c9 100644
--- a/app/models/concerns/with_inheritance.rb
+++ b/app/models/concerns/with_inheritance.rb
@@ -4,8 +4,6 @@ module WithInheritance
included do
def self.rich_text_areas_with_inheritance(*properties)
properties.each do |property|
- has_summernote property
-
class_eval <<-CODE, __FILE__, __LINE__ + 1
def best_#{property}
best("#{property}")
@@ -23,13 +21,13 @@ module WithInheritance
def best(property)
value = send(property)
- html = value.nil? ? '' : value.to_html
+ html = value.to_s
Static.blank?(html) ? parent&.send("best_#{property}") : value
end
def best_source(property, is_ancestor: false)
value = send(property)
- return (is_ancestor ? self : nil) if Static.has_content?(value&.to_html)
+ return (is_ancestor ? self : nil) if Static.has_content?(value.to_s)
parent&.send(:best_source, property, is_ancestor: true)
end
end
diff --git a/app/models/research/journal/paper.rb b/app/models/research/journal/paper.rb
index 1b0e1502fe7eaa5055af5dae71727c212363ba48..017e87f3ba73822b5dcbac4f7e3b6ab814ed7055 100644
--- a/app/models/research/journal/paper.rb
+++ b/app/models/research/journal/paper.rb
@@ -47,7 +47,6 @@ class Research::Journal::Paper < ApplicationRecord
include WithPosition
include WithSlug
- has_summernote :text
has_one_attached :pdf
belongs_to :journal, foreign_key: :research_journal_id
diff --git a/app/models/research/journal/volume.rb b/app/models/research/journal/volume.rb
index ea545dcd8db282f43e66bfdc90345fd6eded2fd9..ac61537dc8b274dd0f54c2cb1e3f1622451431f3 100644
--- a/app/models/research/journal/volume.rb
+++ b/app/models/research/journal/volume.rb
@@ -38,8 +38,6 @@ class Research::Journal::Volume < ApplicationRecord
include WithPermalink
include WithSlug
- has_summernote :text
-
belongs_to :journal, foreign_key: :research_journal_id
has_many :papers, foreign_key: :research_journal_volume_id, dependent: :nullify
has_many :websites, -> { distinct }, through: :journal
diff --git a/app/models/research/laboratory/axis.rb b/app/models/research/laboratory/axis.rb
index 69b47c682830bd9a8d28a9cbed60aca5896e4ed4..ef568cf06a5f517dd466c293e0565376a55e306d 100644
--- a/app/models/research/laboratory/axis.rb
+++ b/app/models/research/laboratory/axis.rb
@@ -28,8 +28,6 @@ class Research::Laboratory::Axis < ApplicationRecord
include WithUniversity
include WithPosition
- has_summernote :text
-
belongs_to :laboratory, foreign_key: :research_laboratory_id
def to_s
diff --git a/app/models/university/organization.rb b/app/models/university/organization.rb
index 46a5f668ec2305ea372fa5f3cfd5c28fd44bb9f2..eaac9b6b8b7b7bb9d7b721313d9ee007b9199e53 100644
--- a/app/models/university/organization.rb
+++ b/app/models/university/organization.rb
@@ -49,8 +49,6 @@ class University::Organization < ApplicationRecord
class_name: 'University::Person::Experience',
dependent: :destroy
- has_summernote :text
-
has_one_attached_deletable :logo
has_one_attached_deletable :logo_on_dark_background
diff --git a/app/models/university/person.rb b/app/models/university/person.rb
index b96f64957dee83814daa09f1b6c209befe379112..538650c915ef4d9860d232dea8da1e85ba72ac87 100644
--- a/app/models/university/person.rb
+++ b/app/models/university/person.rb
@@ -69,8 +69,6 @@ class University::Person < ApplicationRecord
enum gender: { male: 0, female: 1, non_binary: 2 }
- has_summernote :biography
-
belongs_to :user, optional: true
has_and_belongs_to_many :research_journal_papers,
diff --git a/app/services/osuny/sanitizer.rb b/app/services/osuny/sanitizer.rb
index ede92d17125ac5eb9b3365f935a1a1f0c57ac37f..f14d196bcbfc47a7f994fd15f9dc3840f3a858f3 100644
--- a/app/services/osuny/sanitizer.rb
+++ b/app/services/osuny/sanitizer.rb
@@ -1,6 +1,13 @@
class Osuny::Sanitizer
include ActionView::Helpers::SanitizeHelper
+ ALLOWED_TAGS = [
+ "a", "b", "br", "em", "i", "img", "li", "ol", "p", "strong", "sub", "sup", "ul"
+ ]
+
+ ALLOWED_ATTRIBUTES = [
+ ]
+
# type(ActiveRecord) = ['text', 'string']
def self.sanitize(input, type = 'text')
return '' if input.blank?
@@ -9,12 +16,8 @@ class Osuny::Sanitizer
private
- # input can be String or ActionText::Content
def self.sanitize_text(input)
- input.is_a?(String) ? safe_list_sanitizer.sanitize(input)
- : ActionText::Content.new(
- safe_list_sanitizer.sanitize(input.to_html)
- )
+ safe_list_sanitizer.sanitize(input)
end
def self.sanitize_string(string)
diff --git a/config/application.rb b/config/application.rb
index 03280c1194e0a00bbcdb9e3dee46db8cfa04474e..fa9ee9cc7659a90eecb37623b4694e88c5589804 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -54,19 +54,10 @@ module Osuny
config.active_storage.supported_image_processing_methods = ["+"]
config.action_view.sanitized_allowed_tags = [
- "a", "abbr", "acronym", "address", "b", "big", "blockquote", "br",
- "cite", "code", "dd", "del", "dfn", "div", "dl", "dt", "em",
- "h1", "h2", "h3", "h4", "h5", "h6", "hr", "i", "img", "ins", "kbd", "li", "ol",
- "p", "picture", "pre", "samp", "small", "source", "span", "strong",
- "sub", "sup", "tt", "u", "ul", "var", "video", "iframe", "action-text-attachment",
- "table", "thead", "tbody", "tr", "td", "th"
+ "a", "b", "br", "em", "i", "img", "li", "ol", "p", "strong", "sub", "sup", "ul"
]
config.action_view.sanitized_allowed_attributes = [
- "abbr", "allowfullscreen", "alt", "cite", "controls", "datetime",
- "decoding", "frameborder", "height", "href", "loading", "mozallowfullscreen",
- "name", "sizes", "src", "srcset", "target", "title", "type",
- "webkitallowfullscreen", "width", "xml:lang",
- "sgid", "content-type", "url", "filename", "filesize", "previewable", "referrerpolicy"
+ "href", "target", "title"
]
config.allowed_special_chars = '#?!,_@$%^&*+:;£µ-'