Markdown-enable user bio (Feature 410)

diff --git a/mediagoblin/db/models.py b/mediagoblin/db/models.py
index 279cb9f2bfe5c286698eb38307badec9dd012ebc..8e07e738d3d98331ec436fda0dbfbca5b380bbd5 100644 (file)
--- a/mediagoblin/db/models.py
+++ b/mediagoblin/db/models.py
@@ -47,7 +47,8 @@ class User(Document):
         'verification_key': unicode,
         'is_admin': bool,
         'url' : unicode,
-        'bio' : unicode
+        'bio' : unicode,     # May contain markdown
+        'bio_html': unicode, # May contain plaintext, or HTML
         }
 
     required_fields = ['username', 'created', 'pw_hash', 'email']

diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py
index 3bcf788b9ec466dbfda1a0c88a7c60783a87fd1f..fac1f41d7062e157682f0f2dbe6863fb0c808123 100644 (file)
--- a/mediagoblin/edit/views.py
+++ b/mediagoblin/edit/views.py
@@ -101,6 +101,10 @@ def edit_profile(request):
     if request.method == 'POST' and form.validate():
             user['url'] = request.POST['url']
             user['bio'] = request.POST['bio']
+
+            md = markdown.Markdown(safe_mode = 'escape')
+            user['bio_html'] = clean_html(md.convert(user['bio']))
+
             user.save()
 
             messages.add_message(request, 

diff --git a/mediagoblin/templates/mediagoblin/utils/profile.html b/mediagoblin/templates/mediagoblin/utils/profile.html
index f44defa51c3e1726c937297b0ec5b8774cf98d4a..d9b121f6af62126f1228014d96fa287f7305a28a 100644 (file)
--- a/mediagoblin/templates/mediagoblin/utils/profile.html
+++ b/mediagoblin/templates/mediagoblin/utils/profile.html
@@ -18,9 +18,9 @@
 
 {% block profile_content -%}
   {% if user.bio %}
-    <p>
-      {{ user.bio }}
-    </p>
+    {% autoescape False %}
+    <p>{{ user.bio_html }}</p>
+    {% endautoescape %}
   {% endif %}
   {% if user.url %}
     <p>