mirror of
https://github.com/espocrm/espocrm.git
synced 2026-03-11 15:17:02 +00:00
Compare commits
6 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
741a6d5dab | ||
|
|
0c0a602330 | ||
|
|
7d13018eba | ||
|
|
44c65c0117 | ||
|
|
e9e758c4b3 | ||
|
|
7e7acb8d28 |
@@ -10,7 +10,7 @@
|
||||
},
|
||||
"body": {
|
||||
"type": "wysiwyg",
|
||||
"view": "views/fields/wysiwyg",
|
||||
"view": "views/email-template/fields/body",
|
||||
"useIframe": true
|
||||
},
|
||||
"isHtml": {
|
||||
|
||||
@@ -7,15 +7,15 @@
|
||||
},
|
||||
"body": {
|
||||
"type": "wysiwyg",
|
||||
"view": "views/fields/wysiwyg"
|
||||
"view": "views/template/fields/body"
|
||||
},
|
||||
"header": {
|
||||
"type": "wysiwyg",
|
||||
"view": "views/fields/wysiwyg"
|
||||
"view": "views/template/fields/body"
|
||||
},
|
||||
"footer": {
|
||||
"type": "wysiwyg",
|
||||
"view": "views/fields/wysiwyg",
|
||||
"view": "views/template/fields/body",
|
||||
"tooltip": true
|
||||
},
|
||||
"entityType": {
|
||||
|
||||
@@ -77,6 +77,12 @@ Espo.define('crm:views/knowledge-base-article/record/detail', 'views/record/deta
|
||||
}, this);
|
||||
},
|
||||
|
||||
afterRender: function () {
|
||||
Dep.prototype.afterRender.call(this);
|
||||
if (this.getUser().isPortal()) {
|
||||
this.$el.find('.field[data-name="body"]').css('minHeight', '400px');
|
||||
}
|
||||
},
|
||||
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
@@ -178,7 +178,11 @@ define('collection', [], function () {
|
||||
},
|
||||
|
||||
getWhere: function () {
|
||||
return (this.where || []).concat(this.whereAdditional || []);
|
||||
var where = (this.where || []).concat(this.whereAdditional || []);
|
||||
if (this.whereFunction) {
|
||||
where = where.concat(this.whereFunction() || []);
|
||||
}
|
||||
return where;
|
||||
},
|
||||
|
||||
getUser: function () {
|
||||
|
||||
@@ -318,8 +318,8 @@ define('view-helper', ['lib!client/lib/purify.min.js'], function () {
|
||||
return html;
|
||||
},
|
||||
|
||||
sanitizeHtml: function (text) {
|
||||
return DOMPurify.sanitize(text);
|
||||
sanitizeHtml: function (text, options) {
|
||||
return DOMPurify.sanitize(text, options);
|
||||
},
|
||||
});
|
||||
|
||||
|
||||
34
client/src/views/email-template/fields/body.js
Normal file
34
client/src/views/email-template/fields/body.js
Normal file
@@ -0,0 +1,34 @@
|
||||
/************************************************************************
|
||||
* This file is part of EspoCRM.
|
||||
*
|
||||
* EspoCRM - Open Source CRM application.
|
||||
* Copyright (C) 2014-2019 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
|
||||
* Website: https://www.espocrm.com
|
||||
*
|
||||
* EspoCRM is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* EspoCRM is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with EspoCRM. If not, see http://www.gnu.org/licenses/.
|
||||
*
|
||||
* The interactive user interfaces in modified source and object code versions
|
||||
* of this program must display Appropriate Legal Notices, as required under
|
||||
* Section 5 of the GNU General Public License version 3.
|
||||
*
|
||||
* In accordance with Section 7(b) of the GNU General Public License version 3,
|
||||
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
|
||||
************************************************************************/
|
||||
|
||||
define('views/email-template/fields/body', 'views/fields/wysiwyg', function (Dep) {
|
||||
|
||||
return Dep.extend({
|
||||
|
||||
});
|
||||
});
|
||||
@@ -154,19 +154,46 @@ Espo.define('views/fields/wysiwyg', ['views/fields/text', 'lib!Summernote'], fun
|
||||
|
||||
sanitizeHtml: function (value) {
|
||||
if (value) {
|
||||
value = value.replace(/<[\/]{0,1}(base)[^><]*>/gi, '');
|
||||
value = value.replace(/<[\/]{0,1}(script)[^><]*>/gi, '');
|
||||
value = value.replace(/<[^><]*([^a-z]{1}on[a-z]+)=[^><]*>/gi, function (match) {
|
||||
return match.replace(/[^a-z]{1}on[a-z]+=/gi, ' data-handler-stripped=');
|
||||
});
|
||||
value = this.getHelper().sanitizeHtml(value);
|
||||
if (!this.htmlPurificationDisabled) {
|
||||
value = this.getHelper().sanitizeHtml(value);
|
||||
} else {
|
||||
value = this.sanitizeHtmlLight(value);
|
||||
}
|
||||
}
|
||||
return value || '';
|
||||
},
|
||||
|
||||
|
||||
sanitizeHtmlLight: function (value) {
|
||||
value = value || '';
|
||||
value = value.replace(/<[\/]{0,1}(base)[^><]*>/gi, '');
|
||||
value = value.replace(/<[\/]{0,1}(object)[^><]*>/gi, '');
|
||||
value = value.replace(/<[\/]{0,1}(embed)[^><]*>/gi, '');
|
||||
value = value.replace(/<[\/]{0,1}(applet)[^><]*>/gi, '');
|
||||
value = value.replace(/<[\/]{0,1}(iframe)[^><]*>/gi, '');
|
||||
value = value.replace(/<[\/]{0,1}(script)[^><]*>/gi, '');
|
||||
value = value.replace(/<[^><]*([^a-z]{1}on[a-z]+)=[^><]*>/gi, function (match) {
|
||||
return match.replace(/[^a-z]{1}on[a-z]+=/gi, ' data-handler-stripped=');
|
||||
});
|
||||
|
||||
value = value.replace(/href=" *javascript\:(.*?)"/gi, function(m, $1) {
|
||||
return 'removed=""';
|
||||
});
|
||||
value = value.replace(/href=' *javascript\:(.*?)'/gi, function(m, $1) {
|
||||
return 'removed=""';
|
||||
});
|
||||
value = value.replace(/src=" *javascript\:(.*?)"/gi, function(m, $1) {
|
||||
return 'removed=""';
|
||||
});
|
||||
value = value.replace(/src=' *javascript\:(.*?)'/gi, function(m, $1) {
|
||||
return 'removed=""';
|
||||
});
|
||||
return value;
|
||||
},
|
||||
|
||||
getValueForEdit: function () {
|
||||
var value = this.model.get(this.name) || '';
|
||||
return this.sanitizeHtml(value);
|
||||
return this.sanitizeHtmlLight(value);
|
||||
},
|
||||
|
||||
afterRender: function () {
|
||||
|
||||
@@ -87,6 +87,7 @@ Espo.define('views/list-with-categories', 'views/list', function (Dep) {
|
||||
}
|
||||
} else {
|
||||
this.hasExpandedToggler = false;
|
||||
this.isExpanded = false;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -128,7 +129,8 @@ Espo.define('views/list-with-categories', 'views/list', function (Dep) {
|
||||
},
|
||||
|
||||
getIsExpandedStoredValue: function () {
|
||||
return this.getStorage().get('state', 'categories-expanded-' + this.scope) === 'true';
|
||||
var value = this.getStorage().get('state', 'categories-expanded-' + this.scope);
|
||||
return value === 'true' || value === true ;
|
||||
},
|
||||
|
||||
setIsExpandedStoredValue: function (value) {
|
||||
@@ -395,49 +397,67 @@ Espo.define('views/list-with-categories', 'views/list', function (Dep) {
|
||||
},
|
||||
|
||||
applyCategoryToCollection: function () {
|
||||
this.collection.whereAdditional = null;
|
||||
var filter;
|
||||
if (!this.isExpanded) {
|
||||
if (this.isCategoryMultiple()) {
|
||||
if (this.currentCategoryId) {
|
||||
filter = {
|
||||
attribute: this.categoryField,
|
||||
type: 'linkedWith',
|
||||
value: [this.currentCategoryId]
|
||||
};
|
||||
|
||||
this.collection.whereFunction = function () {
|
||||
var filter;
|
||||
var isExpanded = this.isExpanded;
|
||||
|
||||
var hasTextFilter = false;
|
||||
if (this.collection.where) {
|
||||
for (var i = 0; i < this.collection.where.length; i++) {
|
||||
if (this.collection.where[i].type === 'textFilter') {
|
||||
hasTextFilter = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (this.collection.data && this.collection.data.textFilter) {
|
||||
hasTextFilter = true;
|
||||
}
|
||||
|
||||
if (!isExpanded && !hasTextFilter) {
|
||||
if (this.isCategoryMultiple()) {
|
||||
if (this.currentCategoryId) {
|
||||
filter = {
|
||||
attribute: this.categoryField,
|
||||
type: 'linkedWith',
|
||||
value: [this.currentCategoryId]
|
||||
};
|
||||
} else {
|
||||
filter = {
|
||||
attribute: this.categoryField,
|
||||
type: 'isNotLinked'
|
||||
};
|
||||
}
|
||||
} else {
|
||||
filter = {
|
||||
attribute: this.categoryField,
|
||||
type: 'isNotLinked'
|
||||
};
|
||||
if (this.currentCategoryId) {
|
||||
filter = {
|
||||
attribute: this.categoryField + 'Id',
|
||||
type: 'equals',
|
||||
value: this.currentCategoryId
|
||||
};
|
||||
} else {
|
||||
filter = {
|
||||
attribute: this.categoryField + 'Id',
|
||||
type: 'isNull'
|
||||
};
|
||||
}
|
||||
}
|
||||
} else {
|
||||
if (this.currentCategoryId) {
|
||||
filter = {
|
||||
attribute: this.categoryField + 'Id',
|
||||
type: 'equals',
|
||||
field: this.categoryField,
|
||||
type: this.categoryFilterType,
|
||||
value: this.currentCategoryId
|
||||
};
|
||||
} else {
|
||||
filter = {
|
||||
attribute: this.categoryField + 'Id',
|
||||
type: 'isNull'
|
||||
};
|
||||
}
|
||||
}
|
||||
} else {
|
||||
if (this.currentCategoryId) {
|
||||
filter = {
|
||||
field: this.categoryField,
|
||||
type: this.categoryFilterType,
|
||||
value: this.currentCategoryId
|
||||
};
|
||||
if (filter) {
|
||||
return [filter];
|
||||
}
|
||||
}
|
||||
|
||||
if (filter) {
|
||||
this.collection.whereAdditional = [filter];
|
||||
}
|
||||
}.bind(this);
|
||||
},
|
||||
|
||||
isCategoryMultiple: function () {
|
||||
|
||||
@@ -26,7 +26,7 @@
|
||||
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
|
||||
************************************************************************/
|
||||
|
||||
Espo.define('views/site-portal/master', 'views/site/master', function (Dep) {
|
||||
define('views/site-portal/master', 'views/site/master', function (Dep) {
|
||||
|
||||
return Dep.extend({
|
||||
|
||||
@@ -45,9 +45,12 @@ Espo.define('views/site-portal/master', 'views/site/master', function (Dep) {
|
||||
el: 'body > footer',
|
||||
view: 'views/site/footer'
|
||||
}
|
||||
}
|
||||
},
|
||||
|
||||
afterRender: function () {
|
||||
Dep.prototype.afterRender.call(this);
|
||||
this.$el.find('#main').addClass('main-portal');
|
||||
},
|
||||
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
|
||||
34
client/src/views/template/fields/body.js
Normal file
34
client/src/views/template/fields/body.js
Normal file
@@ -0,0 +1,34 @@
|
||||
/************************************************************************
|
||||
* This file is part of EspoCRM.
|
||||
*
|
||||
* EspoCRM - Open Source CRM application.
|
||||
* Copyright (C) 2014-2019 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
|
||||
* Website: https://www.espocrm.com
|
||||
*
|
||||
* EspoCRM is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* EspoCRM is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with EspoCRM. If not, see http://www.gnu.org/licenses/.
|
||||
*
|
||||
* The interactive user interfaces in modified source and object code versions
|
||||
* of this program must display Appropriate Legal Notices, as required under
|
||||
* Section 5 of the GNU General Public License version 3.
|
||||
*
|
||||
* In accordance with Section 7(b) of the GNU General Public License version 3,
|
||||
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
|
||||
************************************************************************/
|
||||
|
||||
define('views/template/fields/body', 'views/fields/wysiwyg', function (Dep) {
|
||||
|
||||
return Dep.extend({
|
||||
|
||||
});
|
||||
});
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "espocrm",
|
||||
"version": "5.6.7",
|
||||
"version": "5.6.8",
|
||||
"description": "",
|
||||
"main": "index.php",
|
||||
"repository": {
|
||||
|
||||
Reference in New Issue
Block a user