diff options
21 files changed, 39 insertions, 34 deletions
diff --git a/app/controllers/admin_request_controller.rb b/app/controllers/admin_request_controller.rb index e39d55c7c..15d66aa0d 100644 --- a/app/controllers/admin_request_controller.rb +++ b/app/controllers/admin_request_controller.rb @@ -304,7 +304,7 @@ class AdminRequestController < AdminController post_redirect.save! url = main_url(confirm_url(:email_token => post_redirect.email_token, :only_path => true)) - flash[:notice] = 'Send "' + name + '" <<a href="mailto:' + email + '">' + email + '</a>> this URL: <a href="' + url + '">' + url + "</a> - it will log them in and let them upload a response to this request.".html_safe + flash[:notice] = ("Send \"#{name}\" <<a href=\"mailto:#{email}\">#{email}</a>> this URL: <a href=\"#{url}\">#{url}</a> - it will log them in and let them upload a response to this request.").html_safe redirect_to request_admin_url(info_request) end @@ -379,7 +379,7 @@ class AdminRequestController < AdminController ContactMailer.deliver_from_admin_message( info_request.user, subject, - params[:explanation] + params[:explanation].strip.html_safe ) flash[:notice] = _("Your message to {{recipient_user_name}} has been sent",:recipient_user_name=>CGI.escapeHTML(info_request.user.name)) else diff --git a/app/controllers/services_controller.rb b/app/controllers/services_controller.rb index 1db5348c7..a27e71264 100644 --- a/app/controllers/services_controller.rb +++ b/app/controllers/services_controller.rb @@ -15,7 +15,7 @@ class ServicesController < ApplicationController FastGettext.locale = FastGettext.best_locale_in(request.env['HTTP_ACCEPT_LANGUAGE']) if found_country && found_country[:country_name] && found_country[:url] && found_country[:name] text = _("Hello! You can make Freedom of Information requests within {{country_name}} at {{link_to_website}}", - :country_name => found_country[:country_name], :link_to_website => "<a href=\"#{found_country[:url]}\">#{found_country[:name]}</a>") + :country_name => found_country[:country_name], :link_to_website => "<a href=\"#{found_country[:url]}\">#{found_country[:name]}</a>".html_safe) else current_country = WorldFOIWebsites.by_code(iso_country_code)[:country_name] text = _("Hello! We have an <a href=\"/help/alaveteli?country_name=#{CGI.escape(current_country)}\">important message</a> for visitors outside {{country_name}}", :country_name => current_country) diff --git a/app/models/request_mailer.rb b/app/models/request_mailer.rb index 493d6961c..215b28e77 100644 --- a/app/models/request_mailer.rb +++ b/app/models/request_mailer.rb @@ -5,7 +5,11 @@ # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ require 'alaveteli_file_types' - +if Rails.env == 'test' && RUBY_VERSION.to_f >= 1.9 + # Avoid spec/script/mailin_spec.rb running script/runner as a test suite + # http://stackoverflow.com/questions/1899009/why-are-tests-running-in-production-mode-and-causing-my-script-runners-to-fail + Test::Unit.run = true +end class RequestMailer < ApplicationMailer @@ -83,7 +87,7 @@ class RequestMailer < ApplicationMailer 'Auto-Submitted' => 'auto-generated', # http://tools.ietf.org/html/rfc3834 'X-Auto-Response-Suppress' => 'OOF' @recipients = info_request.user.name_and_email - @subject = _("New response to your FOI request - ") + info_request.title + @subject = (_("New response to your FOI request - ") + info_request.title).html_safe @body = { :incoming_message => incoming_message, :info_request => info_request, :url => url } end @@ -102,7 +106,7 @@ class RequestMailer < ApplicationMailer 'Auto-Submitted' => 'auto-generated', # http://tools.ietf.org/html/rfc3834 'X-Auto-Response-Suppress' => 'OOF' @recipients = user.name_and_email - @subject = _("Delayed response to your FOI request - ") + info_request.title + @subject = (_("Delayed response to your FOI request - ") + info_request.title).html_safe @body = { :info_request => info_request, :url => url } end @@ -121,7 +125,7 @@ class RequestMailer < ApplicationMailer 'Auto-Submitted' => 'auto-generated', # http://tools.ietf.org/html/rfc3834 'X-Auto-Response-Suppress' => 'OOF' @recipients = user.name_and_email - @subject = _("You're long overdue a response to your FOI request - ") + info_request.title + @subject = (_("You're long overdue a response to your FOI request - ") + info_request.title).html_safe @body = { :info_request => info_request, :url => url } end @@ -173,7 +177,7 @@ class RequestMailer < ApplicationMailer 'Auto-Submitted' => 'auto-generated', # http://tools.ietf.org/html/rfc3834 'X-Auto-Response-Suppress' => 'OOF' @recipients = info_request.user.name_and_email - @subject = _("Clarify your FOI request - ") + info_request.title + @subject = (_("Clarify your FOI request - ") + info_request.title).html_safe @body = { :incoming_message => incoming_message, :info_request => info_request, :url => url } end @@ -184,7 +188,7 @@ class RequestMailer < ApplicationMailer 'Auto-Submitted' => 'auto-generated', # http://tools.ietf.org/html/rfc3834 'X-Auto-Response-Suppress' => 'OOF' @recipients = info_request.user.name_and_email - @subject = _("Somebody added a note to your FOI request - ") + info_request.title + @subject = (_("Somebody added a note to your FOI request - ") + info_request.title).html_safe @body = { :comment => comment, :info_request => info_request, :url => main_url(comment_url(comment)) } end def comment_on_alert_plural(info_request, count, earliest_unalerted_comment) @@ -193,7 +197,7 @@ class RequestMailer < ApplicationMailer 'Auto-Submitted' => 'auto-generated', # http://tools.ietf.org/html/rfc3834 'X-Auto-Response-Suppress' => 'OOF' @recipients = info_request.user.name_and_email - @subject = _("Some notes have been added to your FOI request - ") + info_request.title + @subject = (_("Some notes have been added to your FOI request - ") + info_request.title).html_safe @body = { :count => count, :info_request => info_request, :url => main_url(comment_url(earliest_unalerted_comment)) } end diff --git a/app/views/admin_request/hidden_user_explanation.rhtml b/app/views/admin_request/hidden_user_explanation.rhtml index 64387ffee..7084e986f 100644 --- a/app/views/admin_request/hidden_user_explanation.rhtml +++ b/app/views/admin_request/hidden_user_explanation.rhtml @@ -1,9 +1,10 @@ Dear <%= name_to %>, -Your request '<%= info_request.title %>' at <%= info_request_url %> has been reviewed by moderators. +Your request '<%= info_request.title.html_safe %>' at <%= info_request_url %> has been reviewed by moderators. We consider it <% if reason == 'not_foi' %>is not a valid FOI request<% else %>to be vexatious<% end%>, and have therefore hidden it from other users. You will still be able to view it while logged in to the site. Please reply to this email if you would like to discuss this decision further. Yours, The <%= site_name %> team. + diff --git a/app/views/contact_mailer/from_admin_message.rhtml b/app/views/contact_mailer/from_admin_message.rhtml index bdb48d580..4169d8d3a 100644 --- a/app/views/contact_mailer/from_admin_message.rhtml +++ b/app/views/contact_mailer/from_admin_message.rhtml @@ -1,2 +1,2 @@ -<%= @message.strip %> +<%= raw @message %> diff --git a/app/views/contact_mailer/to_admin_message.rhtml b/app/views/contact_mailer/to_admin_message.rhtml index 9c0a74c02..8c56779fd 100644 --- a/app/views/contact_mailer/to_admin_message.rhtml +++ b/app/views/contact_mailer/to_admin_message.rhtml @@ -1,4 +1,4 @@ -<%= @message.strip %> +<%= raw @message.strip %> --------------------------------------------------------------------- <%= _('Message sent using {{site_name}} contact form, ', :site_name=>site_name)%> diff --git a/app/views/contact_mailer/user_message.rhtml b/app/views/contact_mailer/user_message.rhtml index b1d6e81ae..afa1494db 100644 --- a/app/views/contact_mailer/user_message.rhtml +++ b/app/views/contact_mailer/user_message.rhtml @@ -5,7 +5,7 @@ learn your email address. Only reply if that is okay.', :user_name => @from_user.name) %> --------------------------------------------------------------------- -<%= @message.strip %> +<%= raw @message.strip %> --------------------------------------------------------------------- <%= _('View Freedom of Information requests made by {{user_name}}:', :user_name=>@from_user.name)%> diff --git a/app/views/outgoing_mailer/followup.rhtml b/app/views/outgoing_mailer/followup.rhtml index 7050a295b..049ebc881 100644 --- a/app/views/outgoing_mailer/followup.rhtml +++ b/app/views/outgoing_mailer/followup.rhtml @@ -1,6 +1,6 @@ -<%= @outgoing_message.body.strip %> +<%= raw @outgoing_message.body.strip %> -<%= @outgoing_message.quoted_part_to_append_to_email.strip %> +<%= raw @outgoing_message.quoted_part_to_append_to_email.strip %> ------------------------------------------------------------------- <%= _('Please use this email address for all replies to this request:')%> diff --git a/app/views/outgoing_mailer/initial_request.rhtml b/app/views/outgoing_mailer/initial_request.rhtml index d537a20bc..5c418ecc7 100644 --- a/app/views/outgoing_mailer/initial_request.rhtml +++ b/app/views/outgoing_mailer/initial_request.rhtml @@ -1,4 +1,4 @@ -<%= @outgoing_message.body.strip %> +<%= raw @outgoing_message.body.strip %> ------------------------------------------------------------------- diff --git a/app/views/request_game/play.rhtml b/app/views/request_game/play.rhtml index eedf19ca2..3bd23e306 100644 --- a/app/views/request_game/play.rhtml +++ b/app/views/request_game/play.rhtml @@ -11,7 +11,7 @@ <tr> <td> <%= c += 1 %>. <td> <td> <%= user_link(classifications.user) %> </td> - <td> <%=pluralize(classifications.cnt, 'request').gsub(" ", " ")%> </td> + <td> <%=pluralize(classifications.cnt, 'request').gsub(" ", " ").html_safe %> </td> </tr> <% end %> </table> @@ -22,7 +22,7 @@ <tr> <td> <%= c += 1 %>. <td> <td> <%= user_link(classifications.user) %> </td> - <td> <%= pluralize(classifications.cnt, 'request').gsub(" ", " ")%> </td> + <td> <%= pluralize(classifications.cnt, 'request').gsub(" ", " ").html_safe %> </td> </tr> <% end %> </table> diff --git a/app/views/request_mailer/external_response.rhtml b/app/views/request_mailer/external_response.rhtml index e9858f03f..896054a43 100644 --- a/app/views/request_mailer/external_response.rhtml +++ b/app/views/request_mailer/external_response.rhtml @@ -1 +1 @@ -<%=@body%> +<%= raw @body %> diff --git a/app/views/request_mailer/fake_response.rhtml b/app/views/request_mailer/fake_response.rhtml index e9858f03f..896054a43 100644 --- a/app/views/request_mailer/fake_response.rhtml +++ b/app/views/request_mailer/fake_response.rhtml @@ -1 +1 @@ -<%=@body%> +<%= raw @body %> diff --git a/app/views/request_mailer/new_response.rhtml b/app/views/request_mailer/new_response.rhtml index 083f873b4..672212f20 100644 --- a/app/views/request_mailer/new_response.rhtml +++ b/app/views/request_mailer/new_response.rhtml @@ -1,6 +1,6 @@ <%= _('You have a new response to the {{law_used_full}} request ',:law_used_full=>@info_request.law_used_full)%> -'<%= @info_request.title %>' <%=_('that you made to')%> -<%= @info_request.public_body.name %>. +'<%= raw @info_request.title %>' <%=_('that you made to')%> +<%= raw @info_request.public_body.name %>. <%= _('To view the response, click on the link below.')%> diff --git a/app/views/request_mailer/new_response_reminder_alert.rhtml b/app/views/request_mailer/new_response_reminder_alert.rhtml index 86fc71de7..c196dafe6 100644 --- a/app/views/request_mailer/new_response_reminder_alert.rhtml +++ b/app/views/request_mailer/new_response_reminder_alert.rhtml @@ -3,7 +3,7 @@ <%=@url%> <%= _('Your request was called {{info_request}}. Letting everyone know whether you got the information will help us keep tabs on',:info_request=>@info_request.title)%> -<%= @info_request.public_body.name %>. +<%= raw @info_request.public_body.name %>. -- <%= _('the {{site_name}} team', :site_name=>site_name) %> diff --git a/app/views/request_mailer/overdue_alert.rhtml b/app/views/request_mailer/overdue_alert.rhtml index b8a9ba525..249bf6bb8 100644 --- a/app/views/request_mailer/overdue_alert.rhtml +++ b/app/views/request_mailer/overdue_alert.rhtml @@ -1,4 +1,4 @@ -<%= @info_request.public_body.name %> <%= _('have delayed.')%> +<%= raw @info_request.public_body.name %> <%= _('have delayed.')%> <%= _('They have not replied to your {{law_used_short}} request {{title}} promptly, as normally required by law',:law_used_short=>@info_request.law_used_short,:title=>@info_request.title)%><% if @info_request.public_body.is_school? %> <%=_('during term time')%> <% end %>. diff --git a/app/views/request_mailer/requires_admin.rhtml b/app/views/request_mailer/requires_admin.rhtml index 06a798792..e7ab53c59 100644 --- a/app/views/request_mailer/requires_admin.rhtml +++ b/app/views/request_mailer/requires_admin.rhtml @@ -1,9 +1,9 @@ --------------------------------------------------------------------- -<%=@reported_by.name%> <%= _('has reported an')%> <%=@info_request.law_used_short%> +<%= raw @reported_by.name %> <%= _('has reported an')%> <%= raw @info_request.law_used_short %> <%= _('response as needing administrator attention. Take a look, and reply to this email to let them know what you are going to do about it.')%> -Request '<%=@info_request.title%>': +Request '<%= raw @info_request.title %>': <%= @url %> <%= _('Administration URL:') %> diff --git a/app/views/request_mailer/very_overdue_alert.rhtml b/app/views/request_mailer/very_overdue_alert.rhtml index 6abd198a0..80597473c 100644 --- a/app/views/request_mailer/very_overdue_alert.rhtml +++ b/app/views/request_mailer/very_overdue_alert.rhtml @@ -1,4 +1,4 @@ -<%= @info_request.public_body.name %> <%= _('are long overdue.')%> +<%= raw @info_request.public_body.name %> <%= _('are long overdue.')%> <%= _('They have not replied to your {{law_used_short}} request {{title}}, as required by law',:law_used_short=>@info_request.law_used_short,:title=>@info_request.title)%><% if @info_request.public_body.is_school? %> <%= _('even during holidays')%><% end %>. diff --git a/app/views/user_mailer/already_registered.rhtml b/app/views/user_mailer/already_registered.rhtml index 59ffcbf94..32c2c7e63 100644 --- a/app/views/user_mailer/already_registered.rhtml +++ b/app/views/user_mailer/already_registered.rhtml @@ -1,10 +1,10 @@ -<%= @name %>, +<%= raw @name %>, <%= _('You just tried to sign up to {{site_name}}, when you already have an account. Your name and password have been left as they previously were. -Please click on the link below.', :site_name=>site_name)%> <%=@reasons[:email]%> +Please click on the link below.', :site_name=>site_name)%> <%=raw @reasons[:email] %> <%=@url%> diff --git a/app/views/user_mailer/changeemail_confirm.rhtml b/app/views/user_mailer/changeemail_confirm.rhtml index ffb9737f7..c73e9486b 100644 --- a/app/views/user_mailer/changeemail_confirm.rhtml +++ b/app/views/user_mailer/changeemail_confirm.rhtml @@ -1,4 +1,4 @@ -<%= @name %>, +<%= raw @name %>, <%= _('Please click on the link below to confirm that you want to change the email address that you use for {{site_name}} diff --git a/app/views/user_mailer/confirm_login.rhtml b/app/views/user_mailer/confirm_login.rhtml index 6f4feff00..fa86dc2b1 100644 --- a/app/views/user_mailer/confirm_login.rhtml +++ b/app/views/user_mailer/confirm_login.rhtml @@ -1,7 +1,7 @@ -<%= @name %>, +<%= raw @name %>, <%= _('Please click on the link below to confirm your email address.')%> -<%=@reasons[:email]%> +<%= raw @reasons[:email] %> <%=@url%> diff --git a/script/runner b/script/runner index 2bd5e9aa7..1575848de 100755 --- a/script/runner +++ b/script/runner @@ -31,7 +31,7 @@ Dir.chdir(alaveteli_dir) do fh.puts pid end end - + Process.detach(pid) else # Not daemon mode |