2015-12-15 14:51:16 +00:00
|
|
|
module Banzai
|
|
|
|
module Filter
|
2015-08-05 02:25:08 +00:00
|
|
|
# HTML filter that removes references to records that the current user does
|
|
|
|
# not have permission to view.
|
|
|
|
#
|
|
|
|
# Expected to be run in its own post-processing pipeline.
|
|
|
|
#
|
|
|
|
class RedactorFilter < HTML::Pipeline::Filter
|
|
|
|
def call
|
2018-04-03 13:45:17 +00:00
|
|
|
unless context[:skip_redaction]
|
|
|
|
context = RenderContext.new(project, current_user)
|
|
|
|
|
|
|
|
Redactor.new(context).redact([doc])
|
|
|
|
end
|
2015-08-05 02:25:08 +00:00
|
|
|
|
|
|
|
doc
|
|
|
|
end
|
|
|
|
|
2015-10-07 15:00:48 +00:00
|
|
|
private
|
|
|
|
|
2015-08-05 02:25:08 +00:00
|
|
|
def current_user
|
|
|
|
context[:current_user]
|
|
|
|
end
|
2016-05-26 11:16:43 +00:00
|
|
|
|
|
|
|
def project
|
|
|
|
context[:project]
|
|
|
|
end
|
2015-08-05 02:25:08 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|