RAP-1695 - Added customer type id, renamed value functions, render htmlspecialchars

indykoning · indykoning · commit 3a4e4fe8cc12 · 2025-12-10T09:29:16.000+01:00
diff --git a/resources/js/filters.js b/resources/js/filters.js
@@ -22,3 +22,12 @@ window.url = function (path = '') {
 
     return (window.config.base_url || window.origin) + path
 }
+
+window.stripHtmlTags = function (html, safeTags = ['mark']) {
+    safeTags = safeTags.map((tag) => tag.replace(/[^a-zA-Z0-9-]/g, '')).filter(Boolean);
+    return html.replace(new RegExp('<(?!/?(?:' + safeTags.join('|') + ')>)(?:.|\n)*?>', 'gm'), '') // Safe tags are only allowed if they have NO attributes
+}
+
+window.htmlDecode = function (input) {
+  return new DOMParser().parseFromString(input, "text/html")?.documentElement?.textContent ?? input;
+}
diff --git a/resources/js/instantsearch.js b/resources/js/instantsearch.js
@@ -1,6 +1,5 @@
 import { defineAsyncComponent } from 'vue'
 import { addQuery } from './stores/useSearchHistory'
-import highlight from 'vue-instantsearch/vue3/es/src/components/Highlight.vue.js'
 
 document.addEventListener('vue:loaded', function (event) {
     const vue = event.detail.vue
@@ -17,7 +16,6 @@ document.addEventListener('vue:loaded', function (event) {
         'ais-configure',
         defineAsyncComponent(() => import('vue-instantsearch/vue3/es/src/components/Configure.js')),
     )
-    vue.component('ais-highlight', highlight)
     vue.component(
         'ais-autocomplete',
         defineAsyncComponent(() => import('vue-instantsearch/vue3/es/src/components/Autocomplete.vue.js')),
diff --git a/resources/views/components/highlight.blade.php b/resources/views/components/highlight.blade.php
@@ -1,15 +1,6 @@
-@props(['attribute', 'item' => 'item', 'highlightTag' => 'mark'])
+@props(['attribute', 'item' => 'item'])
 
-@if (in_array($attribute, config('rapidez.searchkit.highlight_attributes')))
-    <ais-highlight {{ $attributes->merge([
-        'v-bind:hit' => $item,
-        'attribute' => $attribute,
-        'highlighted-tag-name' => $highlightTag,
-    ]) }}></ais-highlight>
-    {{--
-    TODO: This doesn't render the HTML correctly
-    See: /gear/fitness-equipment.html
-    --}}
-@else
-    <span {{ $attributes }} v-text="{{ $item }}.{{ $attribute }}"></span>
-@endif
+<span
+    {{ $attributes }}
+    v-html="window.stripHtmlTags(window.htmlDecode({{ $item }}?._highlightResult?.{{ $attribute }}?.value || {{ $item }}.{{ $attribute }}))"
+></span>
diff --git a/resources/views/listing/partials/filter/select.blade.php b/resources/views/listing/partials/filter/select.blade.php
@@ -20,7 +20,7 @@ class="relative -mx-1 -mt-1"
                                     class="items-baseline flex text-base/5"
                                     :class="item.isRefined ? 'text' : 'text-muted hover:text'"
                                 >
-                                    @{{ item.label }}
+                                    <span v-html="window.stripHtmlTags(item.label)"></span>
                                     <span class="block ml-0.5 text-xs" data-testid="listing-filter-count">
                                         (@{{ item.count }})
                                     </span>
diff --git a/resources/views/listing/partials/filter/selected.blade.php b/resources/views/listing/partials/filter/selected.blade.php
@@ -40,9 +40,7 @@ class="flex items-center gap-1 py-2 px-3 text-sm rounded-full bg hover:bg-emphas
                         <template v-if="false"></template>
                         @include('rapidez::listing.partials.filter.selected.boolean')
                         @include('rapidez::listing.partials.filter.selected.swatch')
-                        <template v-else>
-                            @{{ refinement.label }}
-                        </template>
+                        <span v-html="window.stripHtmlTags(refinement.label)"></span>
                     </a>
                 </li>
             </template>
diff --git a/src/Models/AbstractAttribute.php b/src/Models/AbstractAttribute.php
@@ -32,9 +32,10 @@ public function getTable()
         return $this->table;
     }
 
-    protected function value(): Attribute
+    protected function rawValue(): Attribute
     {
         return Attribute::get(function ($value) {
+            $value ??= $this->getAttribute('value');
             $class = config('rapidez.attribute-models')[$this->backend_model] ?? null;
 
             if ($class) {
@@ -47,38 +48,36 @@ protected function value(): Attribute
         });
     }
 
-    // TODO: Maybe rename this? As this value is mostly used.
-    // And maybe add the option value keys in the array?
-    protected function transformedValue(): Attribute
+    protected function value(): Attribute
     {
-        return Attribute::get(function () {
+        return Attribute::get(function ($value) {
             if ($this->frontend_input === 'select' || $this->frontend_input === 'multiselect') {
-                if (is_iterable($this->value)) {
+                if (is_iterable($value)) {
                     return Arr::map(
-                        iterator_to_array($this->value),
+                        iterator_to_array($value),
                         fn ($value) => $this->options[$value]?->value ?? $value,
                     );
                 }
 
-                return $this->options[$this->value]?->value ?? $this->value;
+                return $this->options[$value]?->value ?? $value;
             }
 
-            return $this->value;
+            return $value;
         });
     }
 
     protected function label(): Attribute
     {
         return Attribute::get(function () {
-            return is_iterable($this->transformedValue)
-                ? implode(', ', iterator_to_array($this->transformedValue))
-                : $this->transformedValue;
+            return is_iterable($this->value)
+                ? implode(', ', iterator_to_array($this->value))
+                : $this->value;
         });
     }
 
     protected function sortOrder(): Attribute
     {
-        return Attribute::get(fn () => $this->options[$this->value]->sort_order ?? null);
+        return Attribute::get(fn () => $this->options[$this->rawValue]->sort_order ?? null);
     }
 
     public function __toString(): string
diff --git a/src/Models/EavAttribute.php b/src/Models/EavAttribute.php
@@ -32,9 +32,7 @@ public static function getCachedCustomer()
         return Cache::memo()->rememberForever('customer_eav_attributes', function () {
             return EavAttribute::query()
                 ->leftJoin('customer_eav_attribute', 'customer_eav_attribute.attribute_id', '=', 'eav_attribute.attribute_id')
-                // TODO: This also needs an entity type check or
-                // it should just join instead of left join
-                // but not sure if it's used currently?
+                ->where('entity_type_id', self::ENTITY_TYPE_CUSTOMER)
                 ->get();
         });
     }

Original file line number	Diff line number	Diff line change
`@@ -20,7 +20,7 @@ class="relative -mx-1 -mt-1"`
`20`	`20`	`class="items-baseline flex text-base/5"`
`21`	`21`	`:class="item.isRefined ? 'text' : 'text-muted hover:text'"`
`22`	`22`	`>`
`23`		`- @{{ item.label }}`
	`23`	`+ <span v-html="window.stripHtmlTags(item.label)"></span>`
`24`	`24`	`<span class="block ml-0.5 text-xs" data-testid="listing-filter-count">`
`25`	`25`	`(@{{ item.count }})`
`26`	`26`	`</span>`
Original file line number	Diff line number	Diff line change
`@@ -32,9 +32,10 @@ public function getTable()`
`32`	`32`	`return $this->table;`
`33`	`33`	`}`
`34`	`34`
`35`		`- protected function value(): Attribute`
	`35`	`+ protected function rawValue(): Attribute`
`36`	`36`	`{`
`37`	`37`	`return Attribute::get(function ($value) {`
	`38`	`+ $value ??= $this->getAttribute('value');`
`38`	`39`	`$class = config('rapidez.attribute-models')[$this->backend_model] ?? null;`
`39`	`40`
`40`	`41`	`if ($class) {`
`@@ -47,38 +48,36 @@ protected function value(): Attribute`
`47`	`48`	`});`
`48`	`49`	`}`
`49`	`50`
`50`		`- // TODO: Maybe rename this? As this value is mostly used.`
`51`		`- // And maybe add the option value keys in the array?`
`52`		`- protected function transformedValue(): Attribute`
	`51`	`+ protected function value(): Attribute`
`53`	`52`	`{`
`54`		`- return Attribute::get(function () {`
	`53`	`+ return Attribute::get(function ($value) {`
`55`	`54`	`if ($this->frontend_input === 'select' \|\| $this->frontend_input === 'multiselect') {`
`56`		`- if (is_iterable($this->value)) {`
	`55`	`+ if (is_iterable($value)) {`
`57`	`56`	`return Arr::map(`
`58`		`- iterator_to_array($this->value),`
	`57`	`+ iterator_to_array($value),`
`59`	`58`	`fn ($value) => $this->options[$value]?->value ?? $value,`
`60`	`59`	`);`
`61`	`60`	`}`
`62`	`61`
`63`		`- return $this->options[$this->value]?->value ?? $this->value;`
	`62`	`+ return $this->options[$value]?->value ?? $value;`
`64`	`63`	`}`
`65`	`64`
`66`		`- return $this->value;`
	`65`	`+ return $value;`
`67`	`66`	`});`
`68`	`67`	`}`
`69`	`68`
`70`	`69`	`protected function label(): Attribute`
`71`	`70`	`{`
`72`	`71`	`return Attribute::get(function () {`
`73`		`- return is_iterable($this->transformedValue)`
`74`		`- ? implode(', ', iterator_to_array($this->transformedValue))`
`75`		`- : $this->transformedValue;`
	`72`	`+ return is_iterable($this->value)`
	`73`	`+ ? implode(', ', iterator_to_array($this->value))`
	`74`	`+ : $this->value;`
`76`	`75`	`});`
`77`	`76`	`}`
`78`	`77`
`79`	`78`	`protected function sortOrder(): Attribute`
`80`	`79`	`{`
`81`		`- return Attribute::get(fn () => $this->options[$this->value]->sort_order ?? null);`
	`80`	`+ return Attribute::get(fn () => $this->options[$this->rawValue]->sort_order ?? null);`
`82`	`81`	`}`
`83`	`82`
`84`	`83`	`public function __toString(): string`