klevze/SkinbaseNova
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Allow heading tags (h1-h6) in ContentSanitizer so news editor headings render

Browse Source
This commit is contained in:
Gregor Klevže
2026-06-04 07:52:57 +02:00
parent 0b33a1b074
commit 15870ddb1f
191 changed files with 15453 additions and 1786 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
app/Http/Controllers/Api/UploadController.php
View File

@@ -47,7 +47,9 @@ use App\Uploads\Exceptions\DraftQuotaException;
use App\Models\Artwork;
use App\Models\Group;
use App\Services\GroupArtworkReviewService;
use App\Support\ArtworkDescriptionContentValidator;
use App\Services\Worlds\WorldSubmissionService;
use Illuminate\Validation\ValidationException;
use Illuminate\Support\Str;
final class UploadController extends Controller
@@ -534,6 +536,8 @@ final class UploadController extends Controller
'nsfw' => ['nullable', 'boolean'],
]);
$this->ensureValidArtworkDescription($validated);
$updates = [];
foreach (['title', 'category_id', 'description', 'tags', 'license', 'nsfw'] as $field) {
if (array_key_exists($field, $validated)) {
@@ -635,6 +639,8 @@ final class UploadController extends Controller
'world_submissions.*.source_surface' => ['nullable', 'string', 'max:80'],
]);
$this->ensureValidArtworkDescription($validated);
$mode = $validated['mode'] ?? 'now';
$visibility = $validated['visibility'] ?? 'public';
@@ -814,6 +820,8 @@ final class UploadController extends Controller
'world_submissions.*.source_surface' => ['nullable', 'string', 'max:80'],
]);
$this->ensureValidArtworkDescription($validated);
if (! ctype_digit($id)) {
return response()->json(['message' => 'Artwork review submission requires an artwork draft id.'], Response::HTTP_UNPROCESSABLE_ENTITY);
}
@@ -842,4 +850,13 @@ final class UploadController extends Controller
'group_review_status' => (string) $artwork->group_review_status,
], Response::HTTP_OK);
}
private function ensureValidArtworkDescription(array $validated): void
{
foreach (ArtworkDescriptionContentValidator::errors($validated['description'] ?? null) as $message) {
throw ValidationException::withMessages([
'description' => [$message],
]);
}
}
}