Merge pull request #31 from codex-editor/allow-all-tags

Add 'all' to allowedTags

Author: n0str

EditorJS/BlockHandler.php

@@ -198,7 +198,9 @@ private function sanitize($rules, $blockData)
              */
             if ($elementType == 'string') {
                 $allowedTags = isset($rule['allowedTags']) ? $rule['allowedTags'] : '';
-                $blockData[$key] = $this->getPurifier($allowedTags)->purify($value);
+                if ($allowedTags !== '*') {
+                    $blockData[$key] = $this->getPurifier($allowedTags)->purify($value);
+                }
             }
 
             /**

README.md

@@ -83,6 +83,108 @@ Where:
 
 `allowedTags` param should follow [HTMLPurifier](https://github.com/ezyang/htmlpurifier]) format.
 
+#### There are three common parameters for every block:
+
+1. `type` (**required**) — type of the block
+
+|value|description|
+|---|---|
+|`string`|field with string value|
+|`int`/`integer`|field with integer value|
+|`bool`/`boolean`|field with boolean value|
+|`array`|field with nested fields|
+
+2. `allowedTags` (optional) — HTML tags in string that won't be removed
+ 
+ |value|default|description|
+|---|---|---|
+|`empty`|yes|all tags will be removed|
+|`*`|no|all tags are allowed|
+
+Other values are allowed according to the  [HTMLPurifier](https://github.com/ezyang/htmlpurifier]) format.
+
+Example:
+```
+"paragraph": {
+    "text": {
+        "type": "string",
+        "allowedTags": "i,b,u,a[href]"
+    }
+}
+```
+
+3. `canBeOnly` (optional) — define set of allowed values
+
+Example:
+```
+"quote": {
+      "text": {
+        "type": "string"
+      },
+      "caption": {
+        "type": "string"
+      },
+      "alignment": {
+        "type": "string",
+        "canBeOnly": ["left", "center"]
+      }
+    }
+```
+
+### Nested tools
+
+Tools can contain nested values. It is possible with the `array` type.
+
+Let the JSON input be the following:
+```
+{
+    "blocks": [
+        "type": list,
+        "data": {
+            "items": [
+                "first", "second", "third"
+            ],
+            "style": {
+                "background-color": "red",
+                "font-color": "black"
+            }
+        }
+    ]
+}
+```
+
+We can define validation rules for this input in the config:
+```
+"list": {
+  "items": {
+    "type": "array",
+    "data": {
+      "-": {
+        "type": "string",
+        "allowedTags": "i,b,u"
+      }
+    }
+  },
+  "style": {
+      "type": "array",
+      "data": {
+        "background-color": {
+            "type": "string",
+            "canBeOnly": ["red", "blue", "green"]
+        },
+        "font-color": {
+            "type": "string",
+            "canBeOnly": ["black", "white"]
+        }
+      }
+  }
+}
+```
+
+where `data` is the container for values of the array and `-` is the special shortcut for values if the array is sequential.
+
+
+
 Another configuration example: [/tests/samples/test-config.json](/tests/samples/test-config.json)
 
 # Exceptions

composer.json

@@ -3,7 +3,7 @@
     "type": "library",
     "description": "PHP backend implementation for the Editor.js",
     "license": "MIT",
-    "version": "2.0.0",
+    "version": "2.0.1",
     "authors": [
         {
             "name": "CodeX Team",

tests/GeneralTest.php

@@ -96,4 +96,21 @@ public function testBlocksContent()
 
         $this->assertException($callable, EditorJSException::class, null, 'Block must be an Array');
     }
+
+    public function testNested()
+    {
+        $data = '{"blocks":[{"type":"table","data":{"header": {"description":"a table", "author": "codex"}, "rows": [["name", "age", "sex"],["Paul", "24", "male"],["Ann", "26", "female"]]}}]}';
+        $editor = new EditorJS($data, $this->config);
+        $result = $editor->getBlocks();
+
+        $valid_rows = [["name", "age", "sex"],["Paul", "24", "male"],["Ann", "26", "female"]];
+
+        $this->assertEquals('a table', $result[0]['data']['header']['description']);
+        $this->assertEquals('codex', $result[0]['data']['header']['author']);
+        $this->assertEquals(3, count($result[0]['data']['rows']));
+
+        $this->assertEquals('name', $result[0]['data']['rows'][0][0]);
+        $this->assertEquals('24', $result[0]['data']['rows'][1][1]);
+        $this->assertEquals('female', $result[0]['data']['rows'][2][2]);
+    }
 }

tests/PurifierTest.php

@@ -43,4 +43,13 @@ public function testCustomTagPurifier()
 
         $this->assertEquals('t<mark>e</mark>st', $result[0]['data']['text']);
     }
+
+    public function testAllTagsPurifier()
+    {
+        $data = '{"time":1539180803359,"blocks":[{"type":"raw","data":{"html": "<div style=\"background: #000; color: #fff; font-size: 30px; padding: 50px;\">Any HTML code</div>"}}]}';
+        $editor = new EditorJS($data, $this->configuration);
+        $result = $editor->getBlocks();
+
+        $this->assertEquals('<div style="background: #000; color: #fff; font-size: 30px; padding: 50px;">Any HTML code</div>', $result[0]['data']['html']);
+    }
 }

tests/samples/purify-test-config.json

@@ -20,7 +20,13 @@
       },
       "alignment": {
         "type": "string",
-        "canBeOnly": ["left", "right"]
+        "canBeOnly": ["left", "center"]
+      }
+    },
+    "raw": {
+      "html": {
+        "type": "string",
+        "allowedTags": "*"
       }
     }
   }

tests/samples/test-config.json

@@ -19,7 +19,7 @@
     "list": {
       "style": {
         "type": "string",
-        "canBeOnly": ["ordered", "numbered"]
+        "canBeOnly": ["ordered", "unordered"]
       },
       "items": {
         "type": "array",
@@ -41,7 +41,33 @@
       },
       "alignment": {
         "type": "string",
-        "canBeOnly": ["left", "right"]
+        "canBeOnly": ["left", "center"]
+      }
+    },
+    "table": {
+      "header": {
+        "type": "array",
+        "data": {
+          "description": {
+            "type": "string"
+          },
+          "author": {
+            "type": "string"
+          }
+        }
+      },
+      "rows": {
+        "type": "array",
+        "data": {
+          "-": {
+            "type": "array",
+            "data": {
+              "-": {
+                "type": "string"
+              }
+            }
+          }
+        }
       }
     }
   }