From d2d884b81eb9b94d9d7cdeb4b96cf119fbb53c48 Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Sun, 19 Sep 2021 23:32:35 +0100
Subject: [PATCH 01/19] Sanitising User and plans fields

---
 app/models/plan.rb | 17 +++++++++++++++++
 app/models/user.rb | 10 ++++++++++
 2 files changed, 27 insertions(+)

diff --git a/app/models/plan.rb b/app/models/plan.rb
index 8ac2ed1a32..6c3e0b1c15 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -212,6 +212,13 @@ class Plan < ApplicationRecord
   end
   alias super_settings settings
 
+  # =============
+  # = Callbacks =
+  # =============
+
+  #sanitise html tags from fields
+  before_save :sanitise_fields
+
   # =================
   # = Class methods =
   # =================
@@ -570,6 +577,16 @@ def landing_page
 
   private
 
+  #sanitise fields
+  def sanitise_fields
+    self.title = ActionController::Base.helpers.sanitize(self.title)
+    self.funder_name = ActionController::Base.helpers.sanitize(self.funder_name)
+    self.grant_number = ActionController::Base.helpers.sanitize(self.grant_number)
+    self.identifier = ActionController::Base.helpers.sanitize(self.identifier)
+    self.description = ActionController::Base.helpers.sanitize(self.identifier)
+  end
+
+
   # Validation to prevent end date from coming before the start date
   def end_date_after_start_date
     # allow nil values
diff --git a/app/models/user.rb b/app/models/user.rb
index 5391699faa..16378ca7da 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -57,6 +57,7 @@ class User < ApplicationRecord
   include ConditionalUserMailer
   include DateRangeable
   include Identifiable
+  include SanitiseFieldsCallback
 
   extend UniqueRandom
 
@@ -162,6 +163,9 @@ class User < ApplicationRecord
   # = Callbacks =
   # =============
 
+  #sanitise html tags from fields
+  before_save :sanitise_fields #{ |data| data.sanitise_fields(self.firstname)}
+
   after_update :clear_department_id, if: :saved_change_to_org_id?
 
   after_update :delete_perms!, if: :saved_change_to_org_id?, unless: :can_change_org?
@@ -455,6 +459,12 @@ def merge(to_be_merged)
   # = Private instance methods =
   # ============================
 
+  #sanitise fields
+  def sanitise_fields
+    self.firstname = ActionController::Base.helpers.sanitize(self.firstname)
+    self.surname = ActionController::Base.helpers.sanitize(self.surname)
+  end
+
   def delete_perms!
     perms.destroy_all
   end

From 496569678c17d4161cbed82d8aacda378b26cfdb Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Wed, 22 Sep 2021 21:33:52 +0100
Subject: [PATCH 02/19] Changes made to make a genneral method to work across
 models

---
 app/models/application_record.rb |  6 ++++++
 app/models/plan.rb               | 16 +++++-----------
 app/models/user.rb               |  8 +-------
 3 files changed, 12 insertions(+), 18 deletions(-)

diff --git a/app/models/application_record.rb b/app/models/application_record.rb
index 00e1dc91b6..b9933ce2e2 100644
--- a/app/models/application_record.rb
+++ b/app/models/application_record.rb
@@ -8,4 +8,10 @@ class ApplicationRecord < ActiveRecord::Base
 
   self.abstract_class = true
 
+  def sanitize_fields(*attrs)
+    attrs.each do |attr|
+      self.send("#{attr.to_s}=", ActionController::Base.helpers.sanitize(self.send(attr)))
+    end
+  end
+
 end
diff --git a/app/models/plan.rb b/app/models/plan.rb
index 6c3e0b1c15..4b0a13d0b1 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -46,7 +46,7 @@
 
 # TODO: Drop the funder_name and grant_number columns once the funder_id has
 #       been back filled and we're removing the is_other org stuff
-class Plan < ApplicationRecord
+class Plan < ApplicationRecord::Base
 
   include ConditionalUserMailer
   include ExportablePlan
@@ -217,7 +217,7 @@ class Plan < ApplicationRecord
   # =============
 
   #sanitise html tags from fields
-  before_save :sanitise_fields
+  before_validation lambda{|data| data.sanitize_fields(:title, :funder_name, :grant_number, :identifier, :description)}
 
   # =================
   # = Class methods =
@@ -575,17 +575,11 @@ def landing_page
     identifiers.select { |i| %w[doi ark].include?(i.identifier_format) }.first
   end
 
+  # ============================
+  # = Private instance methods =
+  # ============================
   private
 
-  #sanitise fields
-  def sanitise_fields
-    self.title = ActionController::Base.helpers.sanitize(self.title)
-    self.funder_name = ActionController::Base.helpers.sanitize(self.funder_name)
-    self.grant_number = ActionController::Base.helpers.sanitize(self.grant_number)
-    self.identifier = ActionController::Base.helpers.sanitize(self.identifier)
-    self.description = ActionController::Base.helpers.sanitize(self.identifier)
-  end
-
 
   # Validation to prevent end date from coming before the start date
   def end_date_after_start_date
diff --git a/app/models/user.rb b/app/models/user.rb
index 16378ca7da..e71e1cd02f 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -57,7 +57,6 @@ class User < ApplicationRecord
   include ConditionalUserMailer
   include DateRangeable
   include Identifiable
-  include SanitiseFieldsCallback
 
   extend UniqueRandom
 
@@ -164,7 +163,7 @@ class User < ApplicationRecord
   # =============
 
   #sanitise html tags from fields
-  before_save :sanitise_fields #{ |data| data.sanitise_fields(self.firstname)}
+  before_validation lambda{|data| data.sanitize_fields(:firstname, :surname)}
 
   after_update :clear_department_id, if: :saved_change_to_org_id?
 
@@ -459,11 +458,6 @@ def merge(to_be_merged)
   # = Private instance methods =
   # ============================
 
-  #sanitise fields
-  def sanitise_fields
-    self.firstname = ActionController::Base.helpers.sanitize(self.firstname)
-    self.surname = ActionController::Base.helpers.sanitize(self.surname)
-  end
 
   def delete_perms!
     perms.destroy_all

From 1844ffb94fe527f600e5182b5bc15952747ea31d Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Wed, 22 Sep 2021 22:09:10 +0100
Subject: [PATCH 03/19] fix Rubocop

---
 app/models/plan.rb | 2 +-
 app/models/user.rb | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/models/plan.rb b/app/models/plan.rb
index 2feb544390..e5a0b7f86e 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -208,7 +208,7 @@ class Plan < ApplicationRecord
   # =============
 
   #sanitise html tags from fields
-  before_validation lambda{|data| data.sanitize_fields(:title, :funder_name, :grant_number, :identifier, :description)}
+  before_validation lambda { |data| data.sanitize_fields(:title, :funder_name, :grant_number, :identifier, :description) }
 
   # =================
   # = Class methods =
diff --git a/app/models/user.rb b/app/models/user.rb
index 409a0664b1..92648a905d 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -161,7 +161,7 @@ class User < ApplicationRecord
   # =============
 
   #sanitise html tags from fields
-  before_validation lambda{|data| data.sanitize_fields(:firstname, :surname)}
+  before_validation lambda { |data| data.sanitize_fields(:firstname, :surname) }
 
   after_update :clear_department_id, if: :saved_change_to_org_id?
 

From aeb1403041b5e2614bf5549dd5d46ef62c79152e Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Wed, 22 Sep 2021 23:37:15 +0100
Subject: [PATCH 04/19] Update plan.rb in order to pass Rubocop

change "lambda" to "->(data) {" instead
---
 app/models/plan.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/models/plan.rb b/app/models/plan.rb
index e5a0b7f86e..a12f0ca937 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -208,7 +208,7 @@ class Plan < ApplicationRecord
   # =============
 
   #sanitise html tags from fields
-  before_validation lambda { |data| data.sanitize_fields(:title, :funder_name, :grant_number, :identifier, :description) }
+  before_validation ->(data) { data.sanitize_fields(:title, :funder_name, :grant_number, :identifier, :description) }
 
   # =================
   # = Class methods =

From 7aad92300d9a01236f405023b7a822f6a224db8f Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Wed, 22 Sep 2021 23:39:10 +0100
Subject: [PATCH 05/19] Update user.rb in order to pass Rubocop

change "lambda" to "->(data) {" instead
---
 app/models/user.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index 92648a905d..8ca7adbe4a 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -161,7 +161,7 @@ class User < ApplicationRecord
   # =============
 
   #sanitise html tags from fields
-  before_validation lambda { |data| data.sanitize_fields(:firstname, :surname) }
+  before_validation ->(data) { data.sanitize_fields(:firstname, :surname) }
 
   after_update :clear_department_id, if: :saved_change_to_org_id?
 

From e061934789748885b87938142c829bde058b9018 Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Mon, 27 Sep 2021 11:29:52 +0100
Subject: [PATCH 06/19] fix Rubocop

---
 app/models/plan.rb | 10 ++++++----
 app/models/user.rb |  3 +--
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/app/models/plan.rb b/app/models/plan.rb
index a12f0ca937..2991438b5f 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -207,8 +207,11 @@ class Plan < ApplicationRecord
   # = Callbacks =
   # =============
 
-  #sanitise html tags from fields
-  before_validation ->(data) { data.sanitize_fields(:title, :funder_name, :grant_number, :identifier, :description) }
+  # sanitise html tags from fields
+  before_validation lambda { |data|
+                      data.sanitize_fields(:title, :funder_name, :grant_number, :identifier,
+                                           :description)
+                    }
 
   # =================
   # = Class methods =
@@ -234,7 +237,7 @@ def self.load_for_phase(plan_id, phase_id)
   # Returns Plan
   def self.deep_copy(plan)
     plan_copy = plan.dup
-    plan_copy.title = "Copy of " + plan.title
+    plan_copy.title = "Copy of #{plan.title}"
     plan_copy.feedback_requested = false
     plan_copy.save!
     plan.answers.each do |answer|
@@ -591,7 +594,6 @@ def grant=(params)
 
   private
 
-
   # Validation to prevent end date from coming before the start date
   def end_date_after_start_date
     # allow nil values
diff --git a/app/models/user.rb b/app/models/user.rb
index 8ca7adbe4a..ff4ac5043a 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -160,7 +160,7 @@ class User < ApplicationRecord
   # = Callbacks =
   # =============
 
-  #sanitise html tags from fields
+  # sanitise html tags from fields
   before_validation ->(data) { data.sanitize_fields(:firstname, :surname) }
 
   after_update :clear_department_id, if: :saved_change_to_org_id?
@@ -456,7 +456,6 @@ def merge(to_be_merged)
   # = Private instance methods =
   # ============================
 
-
   def delete_perms!
     perms.destroy_all
   end

From 42549c3678664736c625ed638b861bbff5f20109 Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Mon, 27 Sep 2021 11:33:10 +0100
Subject: [PATCH 07/19] fix Rubocop

---
 app/models/plan.rb | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/app/models/plan.rb b/app/models/plan.rb
index 2991438b5f..fecc99d92d 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -208,10 +208,7 @@ class Plan < ApplicationRecord
   # =============
 
   # sanitise html tags from fields
-  before_validation lambda { |data|
-                      data.sanitize_fields(:title, :funder_name, :grant_number, :identifier,
-                                           :description)
-                    }
+  before_validation  ->(data) { data.sanitize_fields(:title, :funder_name, :grant_number, :identifier, :description) }
 
   # =================
   # = Class methods =

From 2ab8f89bac5f33a85df9eff8fdb2dd63a6d2a97c Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Mon, 27 Sep 2021 12:15:44 +0100
Subject: [PATCH 08/19] fix rubocop

---
 app/models/plan.rb | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/app/models/plan.rb b/app/models/plan.rb
index fecc99d92d..f9e0d2fc86 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -208,7 +208,10 @@ class Plan < ApplicationRecord
   # =============
 
   # sanitise html tags from fields
-  before_validation  ->(data) { data.sanitize_fields(:title, :funder_name, :grant_number, :identifier, :description) }
+  before_validation ->(data) { 
+    data.sanitize_fields(:title, :funder_name, :grant_number, :identifier, 
+      :description) 
+  }
 
   # =================
   # = Class methods =

From 88bd59734fc15cb91acf62039e793e37eb4eeaa9 Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Mon, 27 Sep 2021 13:48:56 +0100
Subject: [PATCH 09/19] fix rubocop

---
 app/models/plan.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/models/plan.rb b/app/models/plan.rb
index f9e0d2fc86..f1e1cfaac5 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -208,8 +208,8 @@ class Plan < ApplicationRecord
   # =============
 
   # sanitise html tags from fields
-  before_validation ->(data) { 
-    data.sanitize_fields(:title, :funder_name, :grant_number, :identifier, 
+  before_validation lambda { |data|
+    data.sanitize_fields(:title, :funder_name, :grant_number, :identifier,
       :description) 
   }
 

From fec54e3291e6d583bcfd8bbef0aee8bec745dddc Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Mon, 27 Sep 2021 15:48:24 +0100
Subject: [PATCH 10/19] fix rubocop

---
 app/models/plan.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/models/plan.rb b/app/models/plan.rb
index f1e1cfaac5..cfba68b22d 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -210,7 +210,7 @@ class Plan < ApplicationRecord
   # sanitise html tags from fields
   before_validation lambda { |data|
     data.sanitize_fields(:title, :funder_name, :grant_number, :identifier,
-      :description) 
+      :description)
   }
 
   # =================

From 0de21e2e4463399605c13d7f65f1295723fe57d5 Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Mon, 27 Sep 2021 16:04:25 +0100
Subject: [PATCH 11/19] fix rubocop

---
 app/models/plan.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/models/plan.rb b/app/models/plan.rb
index cfba68b22d..babfb2676e 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -210,7 +210,7 @@ class Plan < ApplicationRecord
   # sanitise html tags from fields
   before_validation lambda { |data|
     data.sanitize_fields(:title, :funder_name, :grant_number, :identifier,
-      :description)
+                         :description)
   }
 
   # =================

From 6e799aaa42cb9607a384e334d4a49eca4f2ea717 Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Mon, 27 Sep 2021 16:05:07 +0100
Subject: [PATCH 12/19] fix rubocop

---
 app/models/application_record.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/models/application_record.rb b/app/models/application_record.rb
index b9933ce2e2..8e97450aab 100644
--- a/app/models/application_record.rb
+++ b/app/models/application_record.rb
@@ -10,7 +10,7 @@ class ApplicationRecord < ActiveRecord::Base
 
   def sanitize_fields(*attrs)
     attrs.each do |attr|
-      self.send("#{attr.to_s}=", ActionController::Base.helpers.sanitize(self.send(attr)))
+      self.send("#{attr}=", ActionController::Base.helpers.sanitize(self.send(attr)))
     end
   end
 

From eaf457562b1a71defd32b0230bd3b0a1de41a663 Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Mon, 27 Sep 2021 16:26:15 +0100
Subject: [PATCH 13/19] stop rubocop from checking class lenght

---
 app/models/plan.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/models/plan.rb b/app/models/plan.rb
index babfb2676e..3da9e88aa5 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -40,6 +40,7 @@
 #  fk_rails_...  (research_domain_id => research_domains.id)
 #
 
+# rubocop:disable Metrics/ClassLength
 class Plan < ApplicationRecord
 
   include ConditionalUserMailer
@@ -603,3 +604,4 @@ def end_date_after_start_date
   end
 
 end
+# rubocop:enable

From 7996a4049b5bcf133d99001a119d0f1f12d57e4b Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Mon, 27 Sep 2021 16:26:49 +0100
Subject: [PATCH 14/19] fix rubocop

---
 app/models/application_record.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/models/application_record.rb b/app/models/application_record.rb
index 8e97450aab..0059011d4d 100644
--- a/app/models/application_record.rb
+++ b/app/models/application_record.rb
@@ -10,7 +10,7 @@ class ApplicationRecord < ActiveRecord::Base
 
   def sanitize_fields(*attrs)
     attrs.each do |attr|
-      self.send("#{attr}=", ActionController::Base.helpers.sanitize(self.send(attr)))
+      send("#{attr}=", ActionController::Base.helpers.sanitize(send(attr)))
     end
   end
 

From bc8e16535e2d5c7920511a8335c9fe093b062c3a Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Mon, 27 Sep 2021 16:35:08 +0100
Subject: [PATCH 15/19] fix rubocop

---
 app/models/plan.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/models/plan.rb b/app/models/plan.rb
index 3da9e88aa5..8de5c4349b 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -604,4 +604,4 @@ def end_date_after_start_date
   end
 
 end
-# rubocop:enable
+# rubocop:enable Metrics/ClassLength

From 30b1d1fa09694cf8e3170ac6e0980f46654e9ed2 Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Mon, 27 Sep 2021 17:03:43 +0100
Subject: [PATCH 16/19] fix Rspec

---
 app/models/plan.rb | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/app/models/plan.rb b/app/models/plan.rb
index 8de5c4349b..413f001b46 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -210,8 +210,7 @@ class Plan < ApplicationRecord
 
   # sanitise html tags from fields
   before_validation lambda { |data|
-    data.sanitize_fields(:title, :funder_name, :grant_number, :identifier,
-                         :description)
+    data.sanitize_fields(:title, :identifier, :description)
   }
 
   # =================

From 957683006d314e5e1ffdef682eaac058b4b9a165 Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Mon, 27 Sep 2021 17:14:44 +0100
Subject: [PATCH 17/19] fix rubocop

---
 app/models/plan.rb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/app/models/plan.rb b/app/models/plan.rb
index 413f001b46..8da8990b6a 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -41,6 +41,7 @@
 #
 
 # rubocop:disable Metrics/ClassLength
+
 class Plan < ApplicationRecord
 
   include ConditionalUserMailer
@@ -208,7 +209,8 @@ class Plan < ApplicationRecord
   # = Callbacks =
   # =============
 
-  # sanitise html tags from fields
+  # sanitise html tags 
+  # e.g remove unwanted 'script'  
   before_validation lambda { |data|
     data.sanitize_fields(:title, :identifier, :description)
   }

From ef3effc160e36756336a30396cee7985ef6c6154 Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Mon, 27 Sep 2021 17:21:49 +0100
Subject: [PATCH 18/19] fix  rubocop

---
 app/models/plan.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/models/plan.rb b/app/models/plan.rb
index 8da8990b6a..e84a6f5c7a 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -209,8 +209,8 @@ class Plan < ApplicationRecord
   # = Callbacks =
   # =============
 
-  # sanitise html tags 
-  # e.g remove unwanted 'script'  
+  # sanitise html tags
+  # e.g remove unwanted 'script'
   before_validation lambda { |data|
     data.sanitize_fields(:title, :identifier, :description)
   }

From bd07ca73be1de0b36d4434a26fe69b99b225bdee Mon Sep 17 00:00:00 2001
From: Marta Nicholson <marta.nicholson@ed.ac.uk>
Date: Mon, 27 Sep 2021 17:29:32 +0100
Subject: [PATCH 19/19] fix rubocop

---
 app/models/plan.rb | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/app/models/plan.rb b/app/models/plan.rb
index e84a6f5c7a..ddbf275cd8 100644
--- a/app/models/plan.rb
+++ b/app/models/plan.rb
@@ -40,8 +40,6 @@
 #  fk_rails_...  (research_domain_id => research_domains.id)
 #
 
-# rubocop:disable Metrics/ClassLength
-
 class Plan < ApplicationRecord
 
   include ConditionalUserMailer
@@ -209,8 +207,7 @@ class Plan < ApplicationRecord
   # = Callbacks =
   # =============
 
-  # sanitise html tags
-  # e.g remove unwanted 'script'
+  # sanitise html tags e.g remove unwanted 'script'
   before_validation lambda { |data|
     data.sanitize_fields(:title, :identifier, :description)
   }
@@ -605,4 +602,3 @@ def end_date_after_start_date
   end
 
 end
-# rubocop:enable Metrics/ClassLength