public async Task EditReplyContent(EditReplyServiceModel model) { var reply = await this.GetReplyById(model.ReplyId); var content = new HtmlSanitizer().Sanitize(model.Content); reply.Content = content; this.repliesRepository.Update(reply); await this.repliesRepository.SaveChangesAsync(); }
public async Task EditReplyContentEditsTheContent() { var obj = new EditReplyServiceModel() { ReplyId = this.testReply1.Id, Content = "New content 1234", }; await this.service.EditReplyContent(obj); var replyContent = this.testReply1.Content; Assert.True(replyContent == obj.Content); }
public async Task EditReplyContentSanitizesTheContent() { var obj = new EditReplyServiceModel() { ReplyId = this.testReply1.Id, Content = "<script>alert(\"Hacked!\")</script><p>New content 1234</p>", }; await this.service.EditReplyContent(obj); var replyContent = this.testReply1.Content; var isSuccess = !replyContent.Contains("<script>") && replyContent.Contains("<p>"); Assert.True(isSuccess); }
public async Task <IActionResult> Edit(EditReplyModel model) { if (!await this.postService.DoesItExist(model.PostId)) { return(this.NotFound()); } var serviceModel = new EditReplyServiceModel { ReplyId = model.ReplyId, Content = model.Content, }; await this.replyService.EditReplyContent(serviceModel); return(this.RedirectToAction("Index", "Post", new { id = model.PostId })); }