Commit a305cf1f authored by Dheeraj Joshi's avatar Dheeraj Joshi

Remove v-html from notes warning message

This refactors warning message to use GlSprintf
over dangerous v-html
parent ee667769
<script> <script>
import { GlLink, GlIcon } from '@gitlab/ui'; import { GlLink, GlIcon, GlSprintf } from '@gitlab/ui';
import { escape } from 'lodash';
import { __, sprintf } from '~/locale'; import { __, sprintf } from '~/locale';
function buildDocsLinkStart(path) {
return `<a href="${escape(path)}" target="_blank" rel="noopener noreferrer">`;
}
const NoteableTypeText = { const NoteableTypeText = {
Issue: __('issue'), Issue: __('issue'),
Epic: __('epic'), Epic: __('epic'),
...@@ -17,6 +12,7 @@ export default { ...@@ -17,6 +12,7 @@ export default {
components: { components: {
GlIcon, GlIcon,
GlLink, GlLink,
GlSprintf,
}, },
props: { props: {
isLocked: { isLocked: {
...@@ -59,20 +55,6 @@ export default { ...@@ -59,20 +55,6 @@ export default {
noteableTypeText() { noteableTypeText() {
return NoteableTypeText[this.noteableType]; return NoteableTypeText[this.noteableType];
}, },
confidentialAndLockedDiscussionText() {
return sprintf(
__(
'This %{noteableTypeText} is %{confidentialLinkStart}confidential%{linkEnd} and %{lockedLinkStart}locked%{linkEnd}.',
),
{
noteableTypeText: this.noteableTypeText,
confidentialLinkStart: buildDocsLinkStart(this.confidentialNoteableDocsPath),
lockedLinkStart: buildDocsLinkStart(this.lockedNoteableDocsPath),
linkEnd: '</a>',
},
false,
);
},
confidentialContextText() { confidentialContextText() {
return sprintf(__('This is a confidential %{noteableTypeText}.'), { return sprintf(__('This is a confidential %{noteableTypeText}.'), {
noteableTypeText: this.noteableTypeText, noteableTypeText: this.noteableTypeText,
...@@ -91,9 +73,23 @@ export default { ...@@ -91,9 +73,23 @@ export default {
<gl-icon v-if="!isLockedAndConfidential" :name="warningIcon" :size="16" class="icon inline" /> <gl-icon v-if="!isLockedAndConfidential" :name="warningIcon" :size="16" class="icon inline" />
<span v-if="isLockedAndConfidential" ref="lockedAndConfidential"> <span v-if="isLockedAndConfidential" ref="lockedAndConfidential">
<span <span>
v-html="confidentialAndLockedDiscussionText /* eslint-disable-line vue/no-v-html */" <gl-sprintf
></span> :message="
__(
'This %{noteableTypeText} is %{confidentialLinkStart}confidential%{confidentialLinkEnd} and %{lockedLinkStart}locked%{lockedLinkEnd}.',
)
"
>
<template #noteableTypeText>{{ noteableTypeText }}</template>
<template #confidentialLink="{ content }">
<gl-link :href="confidentialNoteableDocsPath" target="_blank">{{ content }}</gl-link>
</template>
<template #lockedLink="{ content }">
<gl-link :href="lockedNoteableDocsPath" target="_blank">{{ content }}</gl-link>
</template>
</gl-sprintf>
</span>
{{ {{
__("People without permission will never get a notification and won't be able to comment.") __("People without permission will never get a notification and won't be able to comment.")
}} }}
......
...@@ -37308,7 +37308,7 @@ msgstr "" ...@@ -37308,7 +37308,7 @@ msgstr ""
msgid "This %{issuable} is locked. Only %{strong_open}project members%{strong_close} can comment." msgid "This %{issuable} is locked. Only %{strong_open}project members%{strong_close} can comment."
msgstr "" msgstr ""
msgid "This %{noteableTypeText} is %{confidentialLinkStart}confidential%{linkEnd} and %{lockedLinkStart}locked%{linkEnd}." msgid "This %{noteableTypeText} is %{confidentialLinkStart}confidential%{confidentialLinkEnd} and %{lockedLinkStart}locked%{lockedLinkEnd}."
msgstr "" msgstr ""
msgid "This %{noteableTypeText} is locked." msgid "This %{noteableTypeText} is locked."
......
...@@ -34,21 +34,19 @@ exports[`Issue Warning Component when noteable is locked and confidential render ...@@ -34,21 +34,19 @@ exports[`Issue Warning Component when noteable is locked and confidential render
<span> <span>
<span> <span>
This issue is This issue is
<a <gl-link-stub
href="" href=""
rel="noopener noreferrer"
target="_blank" target="_blank"
> >
confidential confidential
</a> </gl-link-stub>
and and
<a <gl-link-stub
href="" href=""
rel="noopener noreferrer"
target="_blank" target="_blank"
> >
locked locked
</a> </gl-link-stub>
. .
</span> </span>
......
import { GlIcon } from '@gitlab/ui'; import { GlIcon, GlSprintf } from '@gitlab/ui';
import { shallowMount } from '@vue/test-utils'; import { shallowMount } from '@vue/test-utils';
import { nextTick } from 'vue'; import { nextTick } from 'vue';
import NoteableWarning from '~/vue_shared/components/notes/noteable_warning.vue'; import NoteableWarning from '~/vue_shared/components/notes/noteable_warning.vue';
...@@ -16,6 +16,9 @@ describe('Issue Warning Component', () => { ...@@ -16,6 +16,9 @@ describe('Issue Warning Component', () => {
propsData: { propsData: {
...props, ...props,
}, },
stubs: {
GlSprintf,
},
}); });
afterEach(() => { afterEach(() => {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment