Allow block html to render all fields

[ElviaBth]

🎩 What? Why?
This PR overrides the recent versions of Decidim, which have made Block HTML pretty useless.

📌 Related Issues
Link your PR to an issue

Related to #?
Fixes #26

♥️ Thank you!

Summary by CodeRabbit

• New Features

  • Added HTML content blocks that can render raw HTML in pages; an admin-facing toggle controls whether raw HTML (including iframes/scripts) is rendered or sanitized.

• Documentation

  • Updated usage docs to describe the new configuration toggle, its default (sanitization enabled), and guidance: enable only for fully trusted admin content.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 56011bbc-791f-4b22-92f9-4d88fbc8260c

📥 Commits

Reviewing files that changed from the base of the PR and between 641101d and b8b68a6.

📒 Files selected for processing (6)

• .github/test-env-configs.json
• README.md
• app/cells/decidim/content_blocks/html_cell.rb
• lib/decidim/pokecode/configuration.rb
• spec/cells/decidim/content_blocks/html_cell_spec.rb
• spec/lib/overrides_spec.rb

✅ Files skipped from review due to trivial changes (1)

• README.md

---

📝 Walkthrough

Walkthrough

Adds UNSAFE_HTML_BLOCKS config and Decidim::ContentBlocks::HtmlCell to conditionally render HTML content unsanitized when enabled; includes tests for both modes, README documentation, and test environment config updates.

Changes

HTML Block Rendering with Configurable Sanitization

Layer / File(s)	Summary
Configuration accessor for unsafe HTML blocks lib/decidim/pokecode/configuration.rb	Added unsafe_html_blocks config accessor that reads UNSAFE_HTML_BLOCKS from the environment and returns true when present.
HtmlCell view model with conditional sanitization app/cells/decidim/content_blocks/html_cell.rb	Decidim::ContentBlocks::HtmlCell provides block_id and html_content; returns html_safe when Decidim::Pokecode.unsafe_html_blocks is enabled, otherwise sanitizes via decidim_sanitize_editor_admin.
Tests, documentation, and test environment configs spec/cells/decidim/content_blocks/html_cell_spec.rb, README.md, .github/test-env-configs.json, spec/lib/version_spec.rb, spec/lib/overrides_spec.rb	RSpec covers both enabled/disabled modes (scripts retained vs stripped; event handlers removed). README documents UNSAFE_HTML_BLOCKS. Test env configs add UNSAFE_HTML_BLOCKS entries. Version and checksum specs updated.

Estimated Code Review Effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 A rabbit peeks at code so neat,
HTML blocks now skip the beat,
When UNSAFE is set to true,
Scripts and tags shine through,
Tests and docs hop in a fleet!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Allow block html to render all fields' directly relates to the main objective of enabling HTML rendering without filters via a new configuration flag.
Linked Issues check	✅ Passed	The PR successfully implements all coding requirements from issue #26: added UNSAFE_HTML_BLOCKS environment variable configuration, implemented conditional HTML rendering logic, and updated test environment configs accordingly.
Out of Scope Changes check	✅ Passed	All changes are in scope: environment configuration, documentation, HTML cell implementation, configuration accessor, and corresponding tests directly support the UNSAFE_HTML_BLOCKS feature.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feature/allow_render_block_html

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@spec/cells/decidim/content_blocks/html_cell_spec.rb`:
- Around line 15-16: Add a spec that exercises the actual env-to-boolean parsing
for Decidim::Pokecode.allow_html_blocks instead of stubbing the accessor: write
two examples that (1) ensure when ENV['ALLOW_HTML_BLOCKS'] is unset or blank the
method returns the default/false, and (2) ensure when ENV['ALLOW_HTML_BLOCKS'] =
"false" the method returns false. Implement these by temporarily setting ENV (or
using ClimateControl.modify) around the expectation and reloading or
re-evaluating Decidim::Pokecode.allow_html_blocks so the real parser runs
(referencing Decidim::Pokecode.allow_html_blocks in your examples).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 6b9db855-a167-4377-bc9c-453653ab09cb

📥 Commits

Reviewing files that changed from the base of the PR and between 44e2242 and 641101d.

📒 Files selected for processing (6)

• .github/test-env-configs.json
• README.md
• app/cells/decidim/content_blocks/html_cell.rb
• lib/decidim/pokecode/configuration.rb
• spec/cells/decidim/content_blocks/html_cell_spec.rb
• spec/lib/version_spec.rb

[microstudi]

Looks good, but we need to change the variable name, check the comment.
Also, add the HtmlCell.rb to the https://github.com/openpoke/decidim-module-pokecode/blob/main/spec/lib/overrides_spec.rb file!

[microstudi]

perfect!