[Pkg-owncloud-commits] [owncloud] 108/258: Fixed select2 for admin and apps page

David Prévot taffit at moszumanska.debian.org
Sat Oct 11 17:22:26 UTC 2014 

This is an automated email from the git hooks/post-receive script.

taffit pushed a commit to branch master
in repository owncloud.

commit 2aaad09062c773012b6cce1e79483e611e3a0bd4
Author: Vincent Petry <pvince81 at owncloud.com>
Date:   Wed Sep 10 14:30:02 2014 +0200

    Fixed select2 for admin and apps page
    
    Added explicit escaping.
    Now internally using a pipe symbol as separator for select2, to make it
    possible to use group names containing commas.
---
 settings/admin.php      |  3 ++-
 settings/js/admin.js    | 11 ++++++++++-
 settings/js/apps.js     | 12 ++++--------
 settings/js/settings.js | 16 +++++++++++++---
 4 files changed, 29 insertions(+), 13 deletions(-)

diff --git a/settings/admin.php b/settings/admin.php
index 771af7a..7d4fc31 100755
--- a/settings/admin.php
+++ b/settings/admin.php
@@ -57,7 +57,8 @@ $tmpl->assign('shareEnforceExpireDate', OC_Appconfig::getValue('core', 'shareapi
 $excludeGroups = OC_Appconfig::getValue('core', 'shareapi_exclude_groups', 'no') === 'yes' ? true : false;
 $tmpl->assign('shareExcludeGroups', $excludeGroups);
 $excludedGroupsList = OC_Appconfig::getValue('core', 'shareapi_exclude_groups_list', '');
-$tmpl->assign('shareExcludedGroupsList', $excludedGroupsList);
+$excludedGroupsList = explode(',', $excludedGroupsList); // FIXME: this should be JSON!
+$tmpl->assign('shareExcludedGroupsList', implode('|', $excludedGroupsList));
 
 // Check if connected using HTTPS
 $tmpl->assign('isConnectedViaHTTPS', OC_Request::serverProtocol() === 'https');
diff --git a/settings/js/admin.js b/settings/js/admin.js
index 943bf78..95be13d 100644
--- a/settings/js/admin.js
+++ b/settings/js/admin.js
@@ -20,6 +20,15 @@ $(document).ready(function(){
 
 	$('#excludedGroups').each(function (index, element) {
 		OC.Settings.setupGroupsSelect($(element));
+		$(element).change(function(ev) {
+			var groups = ev.val || [];
+			if (groups.length > 0) {
+				groups = ev.val.join(','); // FIXME: make this JSON
+			} else {
+				groups = '';
+			}
+			OC.AppConfig.setValue('core', $(this).attr('name'), groups);
+		});
 	});
 
 
@@ -42,7 +51,7 @@ $(document).ready(function(){
 		$('#shareAPI p:not(#enable)').toggleClass('hidden', !this.checked);
 	});
 
-	$('#shareAPI input').change(function() {
+	$('#shareAPI input:not(#excludedGroups)').change(function() {
 		if ($(this).attr('type') === 'checkbox') {
 			if (this.checked) {
 				var value = 'yes';
diff --git a/settings/js/apps.js b/settings/js/apps.js
index aafbdaf..3f4c149 100644
--- a/settings/js/apps.js
+++ b/settings/js/apps.js
@@ -123,10 +123,10 @@ OC.Settings.Apps = OC.Settings.Apps || {
 			page.find("label[for='groups_enable']").hide();
 			page.find("#groups_enable").attr('checked', null);
 		} else {
-			$('#group_select').val((app.groups || []).join(','));
 			if (app.active) {
 				if (app.groups.length) {
 					OC.Settings.Apps.setupGroupsSelect();
+					$('#group_select').select2('val', app.groups || []);
 					page.find("#groups_enable").attr('checked','checked');
 				} else {
 					page.find("#groups_enable").attr('checked', null);
@@ -377,14 +377,10 @@ $(document).ready(function(){
 		}
 	});
 
-	$('#group_select').change(function() {
+	$('#group_select').change(function(ev) {
 		var element = $('#app-content input.enable');
-		var groups = $(this).val();
-		if (groups && groups !== '') {
-			groups = groups.split(',');
-		} else {
-			groups = [];
-		}
+		// getting an array of values from select2
+		var groups = ev.val || [];
 		var appid = element.data('appid');
 		if (appid) {
 			OC.Settings.Apps.enableApp(appid, false, element, groups);
diff --git a/settings/js/settings.js b/settings/js/settings.js
index 85e8996..6e44c47 100644
--- a/settings/js/settings.js
+++ b/settings/js/settings.js
@@ -7,6 +7,11 @@ OC.Settings = OC.Settings || {};
 OC.Settings = _.extend(OC.Settings, {
 	/**
 	 * Setup selection box for group selection.
+	 *
+	 * Values need to be separated by a pipe "|" character.
+	 * (mostly because a comma is more likely to be used
+	 * for groups)
+	 *
 	 * @param $elements jQuery element (hidden input) to setup select2 on
 	 * @param [extraOptions] extra options hash to pass to select2
 	 */
@@ -18,6 +23,7 @@ OC.Settings = _.extend(OC.Settings, {
 				placeholder: t('core', 'Groups'),
 				allowClear: true,
 				multiple: true,
+				separator: '|',
 				ajax: {
 					url: OC.generateUrl('/settings/ajax/grouplist'),
 					dataType: 'json',
@@ -50,7 +56,7 @@ OC.Settings = _.extend(OC.Settings, {
 				},
 				initSelection: function(element, callback) {
 					var selection =
-						_.map(($(element).val() || []).split(',').sort(),
+						_.map(($(element).val() || []).split('|').sort(),
 							function(groupName) {
 						return {
 							id: groupName,
@@ -60,10 +66,14 @@ OC.Settings = _.extend(OC.Settings, {
 					callback(selection);
 				},
 				formatResult: function (element) {
-					return element.displayname;
+					return escapeHTML(element.displayname);
 				},
 				formatSelection: function (element) {
-					return element.displayname;
+					return escapeHTML(element.displayname);
+				},
+				escapeMarkup: function(m) {
+					// prevent double markup escape
+					return m;
 				}
 			}, extraOptions || {}));
 		}

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git

More information about the Pkg-owncloud-commits mailing list