Pages API: Made raw_html available on page responses

To provide a way to see the original un-pre-processed database HTML
content.

For #4310

Author: ssddanbrown

app/Entities/Controllers/PageApiController.php

@@ -13,8 +13,6 @@
 
 class PageApiController extends ApiController
 {
-    protected PageRepo $pageRepo;
-
     protected $rules = [
         'create' => [
             'book_id'    => ['required_without:chapter_id', 'integer'],
@@ -34,9 +32,9 @@ class PageApiController extends ApiController
         ],
     ];
 
-    public function __construct(PageRepo $pageRepo)
-    {
-        $this->pageRepo = $pageRepo;
+    public function __construct(
+        protected PageRepo $pageRepo
+    ) {
     }
 
     /**

app/Entities/Models/Page.php

@@ -139,6 +139,7 @@ public function forJsonDisplay(): self
     {
         $refreshed = $this->refresh()->unsetRelations()->load(['tags', 'createdBy', 'updatedBy', 'ownedBy']);
         $refreshed->setHidden(array_diff($refreshed->getHidden(), ['html', 'markdown']));
+        $refreshed->setAttribute('raw_html', $refreshed->html);
         $refreshed->html = (new PageContent($refreshed))->render();
 
         return $refreshed;

dev/api/responses/pages-create.json

@@ -5,6 +5,7 @@
 	"name": "My API Page",
 	"slug": "my-api-page",
 	"html": "<p id=\"bkmrk-my-new-api-page\">my new API page</p>",
+	"raw_html": "<p id=\"bkmrk-my-new-api-page\">my new API page</p>",
 	"priority": 14,
 	"created_at": "2020-11-28T15:01:39.000000Z",
 	"updated_at": "2020-11-28T15:01:39.000000Z",

dev/api/responses/pages-read.json

@@ -4,7 +4,8 @@
 	"chapter_id": 0,
 	"name": "A page written in markdown",
 	"slug": "a-page-written-in-markdown",
-	"html": "<h1 id=\"bkmrk-how-this-is-built\">How this is built</h1>\r\n<p id=\"bkmrk-this-page-is-written\">This page is written in markdown. BookStack stores the page data in HTML.</p>\r\n<p id=\"bkmrk-here%27s-a-cute-pictur\">Here's a cute picture of my cat:</p>\r\n<p id=\"bkmrk-\"><a href=\"http://example.com/uploads/images/gallery/2020-04/yXSrubes.jpg\"><img src=\"http://example.com/uploads/images/gallery/2020-04/scaled-1680-/yXSrubes.jpg\" alt=\"yXSrubes.jpg\"></a></p>",
+	"html": "<h1 id=\"bkmrk-this-is-my-cool-page\">This is my cool page! With some included text</h1>",
+	"raw_html": "<h1 id=\"bkmrk-this-is-my-cool-page\">This is my cool page! {{@1#bkmrk-a}}</h1>",
 	"priority": 13,
 	"created_at": "2020-02-02T21:40:38.000000Z",
 	"updated_at": "2020-11-28T14:43:20.000000Z",

dev/api/responses/pages-update.json

@@ -5,6 +5,7 @@
 	"name": "My updated API Page",
 	"slug": "my-updated-api-page",
 	"html": "<p id=\"bkmrk-my-new-api-page---up\">my new API page - Updated</p>",
+	"raw_html": "<p id=\"bkmrk-my-new-api-page---up\">my new API page - Updated</p>",
 	"priority": 16,
 	"created_at": "2020-11-28T15:10:54.000000Z",
 	"updated_at": "2020-11-28T15:13:03.000000Z",

tests/Api/PagesApiTest.php

@@ -159,6 +159,20 @@ public function test_read_endpoint_provides_rendered_html()
         $this->assertStringContainsString('testing', $html);
     }
 
+    public function test_read_endpoint_provides_raw_html()
+    {
+        $html = "<p>testing</p><script>alert('danger')</script><h1>Hello</h1>";
+
+        $this->actingAsApiEditor();
+        $page = $this->entities->page();
+        $page->html = $html;
+        $page->save();
+
+        $resp = $this->getJson($this->baseEndpoint . "/{$page->id}");
+        $this->assertEquals($html, $resp->json('raw_html'));
+        $this->assertNotEquals($html, $resp->json('html'));
+    }
+
     public function test_read_endpoint_returns_not_found()
     {
         $this->actingAsApiEditor();