Using the `_html` suffix in an i18n key is the same as using `html_safe`
on it, which means that translation could potentially be used for XSS
attacks.
They do the exact same thing; however `html_safe` might confuse
developers into thinking it will make the HTML safe. Using `raw` makes
it clear that we're inserting the text without escaping it.
This way we can simplify the way we generate form fields. In some cases,
we also use the human attribute in table headers, which IMHO makes
sense.
I haven't moved all of them: for example, sometimes a label is
different depending on whether it's shown to administrators, valuators,
or users. And I haven't touched the ones related to devise, since I
wasn't sure about possible side effects.
Note I've also removed placeholders when they had the same text as their
labels, since they weren't helpful. On the contrary, the added redundant
text to the form, potentially distracting users.
In these cases "setting" is the value expected by the new helper method for
everything to continue rendering in the usual way.
Note:
All the new calls to _setting_table partial will need add setting_name param.
We understand languages management as the ability to add new languages
or remove existing ones. When no option is passed it will allow language
manipulation by default.
There are 3 special places where we want block languages management:
- admin legislation processes homepage
- admin legislation processes milestones summary
- proposals retired form
Co-Authored-By: Sebastia <sebastia.roig@gmail.com>
It was accidentally deleted in commit 914bfa6.
Note the following spec passes on my machine if we add a `sleep 0.1`
call in the `:wait_readable` part of ruby's `Net::Protocol#rbuf_fill`.
Otherwise, it hangs forever after clicking the `.fileupload-file` div,
which closes its window. It might be solved when upgrading rails,
capybara, selenium or chromedriver.
scenario "Allows images in CKEditor", :js do
visit edit_admin_site_customization_page_path(custom_page)
within(".ckeditor") do
within_frame(0) { expect(page).not_to have_css("img") }
expect(page).to have_css(".cke_toolbar .cke_button__image_icon")
find(".cke_toolbar .cke_button__image_icon").click
end
within_window(window_opened_by { click_link "Browse Server" }) do
attach_file :file,
Rails.root.join('spec/fixtures/files/clippy.jpg'),
visible: false
find(".fileupload-file").click
end
click_link "OK"
within(".ckeditor") do
within_frame(0) { expect(page).to have_css("img") }
end
end
It turns out it is not necessary to downcase and underscore
locale names to use the globalize-accessor gem. The gem
will automatically underscore the locale name when defining and
calling the accessor methods.
