Added security check report field and variable
This commit is contained in:
@@ -22,6 +22,7 @@ class SecurityReportTemplateServiceTest extends TestCase
|
||||
'status_label' => 'In progress',
|
||||
'generated_at' => '2026-06-22 10:00',
|
||||
'app_name' => 'CoreCore',
|
||||
'customer_report' => "Line one\nLine two",
|
||||
'logo_data_uri' => 'data:image/png;base64,AAAA',
|
||||
'summary' => ['percent' => 72, 'tech_done' => 2, 'tech_total' => 3],
|
||||
'tech_sections' => [
|
||||
@@ -55,6 +56,22 @@ class SecurityReportTemplateServiceTest extends TestCase
|
||||
$this->assertStringNotContainsString('<b>Acme</b>', $out);
|
||||
}
|
||||
|
||||
public function testRenderCustomerReportEscapesAndPreservesLineBreaks(): void
|
||||
{
|
||||
$service = new SecurityReportTemplateService();
|
||||
|
||||
$context = $this->context();
|
||||
$context['customer_report'] = "First line <script>\nSecond line";
|
||||
|
||||
$out = $service->render('<section>{{customer_report}}</section>', $context);
|
||||
|
||||
// HTML in the owner's text is escaped...
|
||||
$this->assertStringContainsString('First line <script>', $out);
|
||||
$this->assertStringNotContainsString('<script>', $out);
|
||||
// ...and author line breaks survive as <br>.
|
||||
$this->assertMatchesRegularExpression('/First line <script><br\s*\/?>\s*Second line/', $out);
|
||||
}
|
||||
|
||||
public function testRenderBuildsChecklistAndProcessHtml(): void
|
||||
{
|
||||
$service = new SecurityReportTemplateService();
|
||||
@@ -111,6 +128,7 @@ class SecurityReportTemplateServiceTest extends TestCase
|
||||
{
|
||||
$variables = (new SecurityReportTemplateService())->availableVariables();
|
||||
|
||||
$this->assertArrayHasKey('customer_report', $variables);
|
||||
$this->assertArrayHasKey('logo_src', $variables);
|
||||
$this->assertArrayHasKey('checklist', $variables);
|
||||
$this->assertArrayHasKey('process', $variables);
|
||||
|
||||
Reference in New Issue
Block a user