app/helpers/action_text/content_helper.rb


# frozen_string_literal: true

# :markup: markdown

require "rails-html-sanitizer"

module ActionText
  module ContentHelper
    mattr_accessor(:sanitizer, default: Rails::HTML4::Sanitizer.safe_list_sanitizer.new)
    mattr_accessor(:allowed_tags)
    mattr_accessor(:allowed_attributes)
    mattr_accessor(:scrubber)

    def render_action_text_content(content)
      self.prefix_partial_path_with_controller_namespace = false
      sanitize_action_text_content(render_action_text_attachments(content))
    end

    def sanitize_content_attachment(content_attachment)
      sanitizer.sanitize(
        content_attachment,
        tags: sanitizer_allowed_tags,
        attributes: sanitizer_allowed_attributes,
        scrubber: scrubber,
      )
    end

    def sanitize_action_text_content(content)
      sanitizer.sanitize(
        content.to_html,
        tags: sanitizer_allowed_tags,
        attributes: sanitizer_allowed_attributes,
        scrubber: scrubber,
      ).html_safe
    end

    def render_action_text_attachments(content)
      content.render_attachments do |attachment|
        unless attachment.in?(content.gallery_attachments)
          attachment.node.tap do |node|
            node.inner_html = render_action_text_attachment attachment, locals: { in_gallery: false }
          end
        end
      end.render_attachment_galleries do |attachment_gallery|
        render(layout: attachment_gallery, object: attachment_gallery) do
          attachment_gallery.attachments.map do |attachment|
            attachment.node.inner_html = render_action_text_attachment attachment, locals: { in_gallery: true }
            attachment.to_html
          end.join.html_safe
        end.chomp
      end
    end

    def render_action_text_attachment(attachment, locals: {}) # :nodoc:
      options = { locals: locals, object: attachment, partial: attachment }

      if attachment.respond_to?(:to_attachable_partial_path)
        options[:partial] = attachment.to_attachable_partial_path
      end

      if attachment.respond_to?(:model_name)
        options[:as] = attachment.model_name.element
      end

      render(**options).chomp
    end

    def sanitizer_allowed_tags
      allowed_tags || (sanitizer.class.allowed_tags + [ ActionText::Attachment.tag_name, "figure", "figcaption" ])
    end

    def sanitizer_allowed_attributes
      allowed_attributes || (sanitizer.class.allowed_attributes + ActionText::Attachment::ATTRIBUTES)
    end
  end
end