diff --git a/app/components/debates/form_component.html.erb b/app/components/debates/form_component.html.erb
index f7d1b209833..b469e67926b 100644
--- a/app/components/debates/form_component.html.erb
+++ b/app/components/debates/form_component.html.erb
@@ -18,6 +18,11 @@
<%= translations_form.text_area :description,
maxlength: Debate.description_max_length,
class: "html-area" %>
+ <% if @debate.errors.present? && locale == translations_form.locale %>
+
+ <%= @debate.errors[:description][0] %>
+
+ <% end %>
<% end %>
diff --git a/app/models/concerns/measurable.rb b/app/models/concerns/measurable.rb
index 77042efae91..f3b83c536ef 100644
--- a/app/models/concerns/measurable.rb
+++ b/app/models/concerns/measurable.rb
@@ -17,5 +17,9 @@ def question_max_length
def description_max_length
6000
end
+
+ def description_min_length
+ 10
+ end
end
end
diff --git a/app/models/debate.rb b/app/models/debate.rb
index fe68d286800..06fafcfe193 100644
--- a/app/models/debate.rb
+++ b/app/models/debate.rb
@@ -29,7 +29,8 @@ class Debate < ApplicationRecord
has_many :comments, as: :commentable, inverse_of: :commentable
validates_translation :title, presence: true, length: { in: 4..Debate.title_max_length }
- validates_translation :description, presence: true, length: { in: 10..Debate.description_max_length }
+ validates_translation :description, presence: true
+ validate :description_sanitized
validates :author, presence: true
validates :terms_of_service, acceptance: { allow_nil: false }, on: :create
@@ -162,4 +163,14 @@ def self.debates_orders(user)
orders << "recommendations" if Setting["feature.user.recommendations_on_debates"] && user&.recommended_debates
orders
end
+
+ def description_sanitized
+ real_description_length = ActionView::Base.full_sanitizer.sanitize("#{description}").squish.length
+ if real_description_length < Debate.description_min_length
+ errors.add(:description, :too_short, count: Debate.description_min_length)
+ end
+ if real_description_length > Debate.description_max_length
+ errors.add(:description, :too_long, count: Debate.description_max_length)
+ end
+ end
end
diff --git a/spec/models/concerns/globalizable.rb b/spec/models/concerns/globalizable.rb
index 9a55a0b42a2..a3e046a3f7d 100644
--- a/spec/models/concerns/globalizable.rb
+++ b/spec/models/concerns/globalizable.rb
@@ -66,7 +66,7 @@
record.reload
record.update!(translations_attributes: [
- { locale: :de }.merge(fields.map { |field| [field, "Deutsch"] }.to_h)
+ { locale: :de }.merge(fields.map { |field| [field, "Deutsche Sprache"] }.to_h)
])
record.reload
@@ -105,7 +105,7 @@
record.reload
record.update!(translations_attributes: [
- { id: record.translations.first.id }.merge(fields.map { |field| [field, "Cambiado"] }.to_h)
+ { id: record.translations.first.id }.merge(fields.map { |field| [field, "Actualizado"] }.to_h)
])
record.reload
@@ -158,8 +158,8 @@
describe "Fallbacks" do
before do
I18n.with_locale(:de) do
- record.update!(required_fields.map { |field| [field, "Deutsch"] }.to_h)
- record.update!(attribute => "Deutsch")
+ record.update!(required_fields.map { |field| [field, "Deutsche Sprache"] }.to_h)
+ record.update!(attribute => "Deutsche Sprache")
end
end
@@ -177,7 +177,7 @@
Globalize.set_fallbacks_to_all_available_locales
I18n.with_locale(:fr) do
- expect(record.send(attribute)).to eq "Deutsch"
+ expect(record.send(attribute)).to eq "Deutsche Sprache"
end
end
@@ -188,7 +188,7 @@
{ id: record.translations.find_by(locale: :en).id, _destroy: true }
])
- expect(record.send(attribute)).to eq "Deutsch"
+ expect(record.send(attribute)).to eq "Deutsche Sprache"
end
end
end
diff --git a/spec/models/debate_spec.rb b/spec/models/debate_spec.rb
index 318a7377ca5..aab0e5bf878 100644
--- a/spec/models/debate_spec.rb
+++ b/spec/models/debate_spec.rb
@@ -45,10 +45,15 @@
end
it "is not valid when very short" do
- debate.description = "abc"
+ debate.description = "abc
"
expect(debate).not_to be_valid
end
+ it "is valid when very long and sanitized" do
+ debate.description = "a
" * 6000
+ expect(debate).to be_valid
+ end
+
it "is not valid when very long" do
debate.description = "a" * 6001
expect(debate).not_to be_valid
diff --git a/spec/system/budgets/investments_spec.rb b/spec/system/budgets/investments_spec.rb
index bb4d0a24c6b..9f3086b46af 100644
--- a/spec/system/budgets/investments_spec.rb
+++ b/spec/system/budgets/investments_spec.rb
@@ -297,8 +297,13 @@
expect(order).not_to be_empty
click_link "highest rated"
+
+ expect(page).to have_css "h2", exact_text: "highest rated"
+
click_link "random"
+ expect(page).to have_css "h2", exact_text: "random"
+
visit budget_investments_path(budget, heading_id: heading.id)
new_order = all(".budget-investment h3").map(&:text)
diff --git a/spec/system/debates_spec.rb b/spec/system/debates_spec.rb
index 9a343d307b8..b6235ea1797 100644
--- a/spec/system/debates_spec.rb
+++ b/spec/system/debates_spec.rb
@@ -259,14 +259,14 @@
visit new_debate_path
fill_in "Debate title", with: "Testing an attack"
- fill_in "Initial debate text", with: "This is
"
+ fill_in "Initial debate text", with: "This is a JS
"
check "debate_terms_of_service"
click_button "Start a debate"
expect(page).to have_content "Debate created successfully."
expect(page).to have_content "Testing an attack"
- expect(page.html).to include "This is alert('an attack');
"
+ expect(page.html).to include "This is a JS alert('an attack');
"
expect(page.html).not_to include ""
expect(page.html).not_to include "<p>This is"
end