consul/nairobi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
2ffbae890e30dd4d4fe24c91998abb95d6d81819
nairobi/app/helpers/valuation_helper.rb
Javi Martín 2ffbae890e Sanitize valuation explanations 
If we don't sanitize them, valuators might attempt Cross-Site Scripting
attacks.
2019-10-08 18:46:20 +02:00

21 lines
564 B
Ruby
Raw Blame History

module ValuationHelper
def valuator_or_group_select_options
valuator_group_select_options + valuator_select_options
end
def valuator_select_options
Valuator.order("description ASC").order("users.email ASC").includes(:user).
collect { |v| [v.description_or_email, "valuator_#{v.id}"] }
end
def valuator_group_select_options
ValuatorGroup.order("name ASC").collect { |g| [g.name, "group_#{g.id}"] }
end
def explanation_field(field)
simple_format_no_tags_no_sanitize(text_with_links(field)) if field.present?
end
end
Reference in New Issue View Git Blame Copy Permalink