diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 5403d81..6061c97 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -24,6 +24,7 @@ jobs: run: echo "RELEASE_VERSION=0.0.1" >> $GITHUB_ENV - name: Install Dependencies run: | + pip install django-tinymce pip install Django pip install -e . - name: Run Tests diff --git a/README.md b/README.md index a8fdd58..97808e7 100644 --- a/README.md +++ b/README.md @@ -56,6 +56,7 @@ add any or all to change to desired behavior:: 11. no_question_votes - add if only want answer voting 12. allow_unicode - add if you want to allow unicode slugs 13. login_required - add if you want to only let logged in users see FAQ's +14. rich_text_answers - add if you want to use rich text for answers. This requires the django-tinymce package to be installed ## Templates @@ -317,6 +318,24 @@ the app name for the urls is ``'faq'`` * only works if using question voting * used to post hidden input vote = 1 or vote = 0 depending on vote up or down +## django-tinymce +If you want to use rich text answers you will need to [install django-tinymce](https://django-tinymce.readthedocs.io/en/latest/installation.html#id2) + +Make sure to include in the template the `{{ form.media }}` to include the tinymce javascript and css files. +> [!WARNING] +> Failing to follow the following steps will result in a xss vulnerability in your site. + +To allow the rich text answers to be rendered properly you will need to use the safe filter in your templates. +While django-tinymce does escape the html the answers that were created when the rich text editor was not enabled **has not been escaped and is not safe**. +So these answers cannot be rendered with the safe filter. So a flag was added to the answer model 'is_rich_text' that is set to True when the answer is created with the rich text editor. +In the template you can use the following code to render the answer properly:: + + {% if answer.is_rich_text %} + {{answer.answer|safe}} + {% else %} + {{answer.answer}} + {% endif %} + ## Contributing django-easy-faq aims to be the best faq app for django. It welcomes contributions of all types - issues, bugs, feature requests, documentation updates, tests and pull requests @@ -340,4 +359,6 @@ django-easy-faq aims to be the best faq app for django. It welcomes contributio 1.6 fixed bug where no_category_description did not do remove the category description in the admin -1.7 added support for django 5.0 \ No newline at end of file +1.7 added support for django 5.0 + +1.8 added support for richtext answers with django-tinymce \ No newline at end of file diff --git a/example/example/settings.py b/example/example/settings.py index a96e9ef..9b251f9 100644 --- a/example/example/settings.py +++ b/example/example/settings.py @@ -35,7 +35,8 @@ "django.contrib.sessions", "django.contrib.messages", "django.contrib.staticfiles", - 'faq' + 'faq', + 'tinymce', ] MIDDLEWARE = [ @@ -150,4 +151,9 @@ # https://github.com/smark-1/django-easy-faq # Django easy FAQ settings -FAQ_SETTINGS = [] \ No newline at end of file +FAQ_SETTINGS = [ + 'logged_in_users_can_answer_question', + 'allow_multiple_answers', + 'rich_text_answers', + 'logged_in_users_can_add_question', +] \ No newline at end of file diff --git a/example/example/urls.py b/example/example/urls.py index ccc90e6..938a049 100644 --- a/example/example/urls.py +++ b/example/example/urls.py @@ -6,5 +6,6 @@ path("", home), path('faq/', include('faq.urls')), path("admin/", admin.site.urls), + path('tinymce/', include('tinymce.urls')), ] diff --git a/example/templates/faq/answer_form.html b/example/templates/faq/answer_form.html index 23a2b35..0e3a7fd 100644 --- a/example/templates/faq/answer_form.html +++ b/example/templates/faq/answer_form.html @@ -16,20 +16,22 @@ {% endblock %} {% block content %} + {{ form.media }}

{{question.question}}
{% csrf_token %} - {% for field in form %} -
- - - {% if field.errors %} - {% for error in field.errors %} -

{{ error }}

- {% endfor %} - {% endif %} -
- {% endfor %} + {{ form.as_p }} +{# {% for field in form %}#} +{#
#} +{# #} +{# #} +{# {% if field.errors %}#} +{# {% for error in field.errors %}#} +{#

{{ error }}

#} +{# {% endfor %}#} +{# {% endif %}#} +{#
#} +{# {% endfor %}#}
{% endblock %} diff --git a/example/templates/faq/question_detail.html b/example/templates/faq/question_detail.html index 7fc0a54..9eba09c 100644 --- a/example/templates/faq/question_detail.html +++ b/example/templates/faq/question_detail.html @@ -8,7 +8,11 @@

Answers

+ {% if answer.is_rich_text %} +

{{ answer.answer|safe }}

+ {% else %}
{{answer.answer}}
+ {% endif %}
{% if can_vote_answer %}
@@ -33,7 +37,12 @@
{{answer.answer}}
{% else %} {% if question.answer_set.exists %}

Answer:

-

{{question.answer_set.first.answer}}

+ {% if question.answer_set.first.is_rich_text %} +

{{ question.answer_set.first.answer|safe }}

+ {% else %} +

{{question.answer_set.first.answer}}

+ {% endif %} + {% if can_vote_answer %} found this answer helpful?
diff --git a/faq/admin.py b/faq/admin.py index 718fecb..eb12e3d 100644 --- a/faq/admin.py +++ b/faq/admin.py @@ -17,10 +17,10 @@ class QuestionHelpfulAdmin(admin.ModelAdmin): class AnswerAdmin(admin.ModelAdmin): - list_display = ("answer", "question", "helpful", "not_helpful") - list_filter = ('helpful', "not_helpful") + list_display = ("answer", "question", "helpful", "not_helpful",'is_rich_text') + list_filter = ('helpful', "not_helpful",'is_rich_text') search_fields = ['answer', "question"] - readonly_fields = ('helpful', "not_helpful", 'slug') + readonly_fields = ('helpful', "not_helpful", 'slug','is_rich_text') class CategoryAdmin(admin.ModelAdmin): diff --git a/faq/forms.py b/faq/forms.py index 88ec143..e115d84 100644 --- a/faq/forms.py +++ b/faq/forms.py @@ -1,6 +1,20 @@ from django import forms +from django.conf import settings from . import models +class AnswerForm(forms.ModelForm): + class Meta: + model = models.Answer + fields = ["answer"] + + def __init__(self, *args, **kwargs): + super().__init__(*args, **kwargs) + if "rich_text_answers" in settings.FAQ_SETTINGS: + try: + from tinymce.widgets import TinyMCE + self.fields["answer"].widget = TinyMCE() + except ImportError: + raise ImportError("Please install django-tinymce to use rich text answers") class CommentForm(forms.ModelForm): class Meta: diff --git a/faq/migrations/0006_answer_is_rich_text.py b/faq/migrations/0006_answer_is_rich_text.py new file mode 100644 index 0000000..12be043 --- /dev/null +++ b/faq/migrations/0006_answer_is_rich_text.py @@ -0,0 +1,18 @@ +# Generated by Django 5.0.4 on 2024-05-08 01:14 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('faq', '0005_rename_description_category__description'), + ] + + operations = [ + migrations.AddField( + model_name='answer', + name='is_rich_text', + field=models.BooleanField(default=False), + ), + ] diff --git a/faq/models.py b/faq/models.py index ee82362..0a3d090 100644 --- a/faq/models.py +++ b/faq/models.py @@ -49,6 +49,7 @@ class Answer(models.Model): slug = models.SlugField(max_length=10, blank=True) helpful = models.IntegerField(default=0) not_helpful = models.IntegerField(default=0) + is_rich_text = models.BooleanField(default=False) def get_helpful(self): return AnswerHelpful.objects.filter(answer=self, vote=True).count() diff --git a/faq/templates/faq/base.html b/faq/templates/faq/base.html index a9f1ead..caebd7f 100644 --- a/faq/templates/faq/base.html +++ b/faq/templates/faq/base.html @@ -3,6 +3,9 @@ {% block title %}FAQ{% endblock %} + {% if form %} + {{ form.media }} + {% endif %}

{% block heading %}{% endblock %}

diff --git a/faq/templates/faq/question_detail.html b/faq/templates/faq/question_detail.html index 0ffbc8c..20b0fd1 100644 --- a/faq/templates/faq/question_detail.html +++ b/faq/templates/faq/question_detail.html @@ -5,7 +5,12 @@

answers

    {% for answer in question.answer_set.all %} -
  • {{answer.answer}} +
  • + {% if answer.is_rich_text %} + {{ answer.answer|safe }} + {% else %} + {{answer.answer}} + {% endif %} {% if can_vote_answer %} | found this answer helpful? @@ -26,7 +31,11 @@

    answers

    {% else %} {% if question.answer_set.exists %}

    answer:

    -

    {{question.answer_set.first.answer}}

    + {% if question.answer_set.first.is_rich_text %} +

    {{question.answer_set.first.answer|safe}}

    + {% else %} +

    {{question.answer_set.first.answer}}

    + {% endif %} {% if can_vote_answer %} found this answer helpful? diff --git a/faq/views.py b/faq/views.py index 6580101..781a0fc 100644 --- a/faq/views.py +++ b/faq/views.py @@ -135,9 +135,8 @@ def get_context_data(self, **kwargs): class AddAnswer(UserPassesTestMixin, generic.CreateView): - model = models.Answer - fields = ["answer"] template_name = "faq/answer_form.html" + form_class = forms.AnswerForm def test_func(self): # when authenticated_user_can_add_question in the FAQ_SETTINGS is set to True @@ -191,6 +190,8 @@ def form_valid(self, form): question = models.Question.objects.get(slug=self.kwargs['question']) form.question = question + if "rich_text_answers" in settings.FAQ_SETTINGS: + form.is_rich_text = True form.save() return super().form_valid(form)