diff --git a/Gemfile b/Gemfile index 001eb4c38..aa5c4b130 100644 --- a/Gemfile +++ b/Gemfile @@ -34,8 +34,8 @@ gem 'responders' gem 'foundation-rails' gem 'foundation_rails_helper' gem 'acts_as_votable' -gem 'simple_captcha2', require: 'simple_captcha' gem 'ckeditor', '~> 4.1.5' +gem 'invisible_captcha', '~> 0.8.2' gem 'cancancan' gem 'social-share-button', git: 'https://github.com/huacnlee/social-share-button.git', ref: 'e46a6a3e82b86023bc' gem 'initialjs-rails', '0.2.0.1' diff --git a/Gemfile.lock b/Gemfile.lock index a82f0a412..2dca7d163 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -202,6 +202,8 @@ GEM terminal-table (>= 1.5.1) initialjs-rails (0.2.0.1) railties (>= 3.1, < 5.0) + invisible_captcha (0.8.2) + rails jquery-rails (4.1.1) rails-dom-testing (>= 1, < 3) railties (>= 4.2.0) @@ -365,8 +367,6 @@ GEM nokogiri (>= 1.4.0) nori (~> 2.4) wasabi (~> 3.4) - simple_captcha2 (0.4.0) - rails (>= 4.1) simplecov (0.11.2) docile (~> 1.1.0) json (~> 1.8) @@ -469,6 +469,7 @@ DEPENDENCIES groupdate i18n-tasks initialjs-rails (= 0.2.0.1) + invisible_captcha (~> 0.8.2) jquery-rails jquery-ui-rails kaminari @@ -492,7 +493,6 @@ DEPENDENCIES rspec-rails (~> 3.3) sass-rails (~> 5.0, >= 5.0.4) savon - simple_captcha2 social-share-button! spring spring-commands-rspec diff --git a/README.md b/README.md index e6181f38c..0ee254d3a 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ Frontend tools used include [SCSS](http://sass-lang.com/) over [Foundation](http ## Configuration for development and test environments -Prerequisites: install git, ImageMagick, Ruby 2.2.3, bundler gem, ghostscript and PostgreSQL (>=9.4). +Prerequisites: install git, Ruby 2.2.3, bundler gem, ghostscript and PostgreSQL (>=9.4). ``` git clone https://github.com/consul/consul.git diff --git a/README_ES.md b/README_ES.md index e0392bc51..9ae368848 100644 --- a/README_ES.md +++ b/README_ES.md @@ -27,7 +27,7 @@ Las herramientas utilizadas para el frontend no están cerradas aún. Los estilo ## Configuración para desarrollo y tests -Prerequisitos: tener instalado git, ImageMagick, Ruby 2.2.3, la gema `bundler`, ghostscript y PostgreSQL (9.4 o superior). +Prerequisitos: tener instalado git, Ruby 2.2.3, la gema `bundler`, ghostscript y PostgreSQL (9.4 o superior). ``` diff --git a/app/assets/stylesheets/layout.scss b/app/assets/stylesheets/layout.scss index 475a0bfbe..d59b33b5e 100644 --- a/app/assets/stylesheets/layout.scss +++ b/app/assets/stylesheets/layout.scss @@ -746,26 +746,6 @@ form { line-height: $line-height; vertical-align: middle; } - - .captcha { - border: 0; - padding: $line-height/2 0; - - input { - margin-bottom: 0 !important; - } - } - - .button.margin-top { - margin-top: $line-height; - } -} - -.captcha { - - label { - display: none; - } } // 07. Alerts @@ -775,7 +755,7 @@ form { font-family: $font-sans; font-size: $small-font-size; - &.success { + &.success, &.notice { background-color: $success-bg; border-color: $success-border; color: $success-color; @@ -799,7 +779,7 @@ form { } } - &.alert { + &.alert, &.error { background-color: $alert-bg; border-color: $alert-border; color: $alert-color; diff --git a/app/assets/stylesheets/print.css b/app/assets/stylesheets/print.css index 5297826c8..29096ae13 100644 --- a/app/assets/stylesheets/print.css +++ b/app/assets/stylesheets/print.css @@ -24,8 +24,6 @@ img.left { display: none !important; } .icon-proposals { display: none !important; } -.captcha { display: none !important; } - li.name { display: none !important; } li.kind { display: none !important; } diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 640adf299..3e1b78d31 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,7 +1,6 @@ require "application_responder" class ApplicationController < ActionController::Base - include SimpleCaptcha::ControllerHelpers include HasFilters include HasOrders @@ -115,5 +114,4 @@ class ApplicationController < ActionController::Base store_location_for(:user, request.path) end end - end diff --git a/app/controllers/concerns/commentable_actions.rb b/app/controllers/concerns/commentable_actions.rb index 332d031a5..de2a2276a 100644 --- a/app/controllers/concerns/commentable_actions.rb +++ b/app/controllers/concerns/commentable_actions.rb @@ -38,7 +38,7 @@ module CommentableActions @resource = resource_model.new(strong_params) @resource.author = current_user - if @resource.save_with_captcha + if @resource.save track_event redirect_path = url_for(controller: controller_name, action: :show, id: @resource.id) redirect_to redirect_path, notice: t("flash.actions.create.#{resource_name.underscore}") @@ -55,7 +55,7 @@ module CommentableActions def update resource.assign_attributes(strong_params) - if resource.save_with_captcha + if resource.save redirect_to resource, notice: t("flash.actions.update.#{resource_name.underscore}") else load_categories diff --git a/app/controllers/debates_controller.rb b/app/controllers/debates_controller.rb index b747cd903..e077e5e8a 100644 --- a/app/controllers/debates_controller.rb +++ b/app/controllers/debates_controller.rb @@ -11,6 +11,8 @@ class DebatesController < ApplicationController feature_flag :debates + invisible_captcha only: [:create, :update], honeypot: :subtitle + has_orders %w{hot_score confidence_score created_at relevance}, only: :index has_orders %w{most_voted newest oldest}, only: :show @@ -45,7 +47,7 @@ class DebatesController < ApplicationController private def debate_params - params.require(:debate).permit(:title, :description, :tag_list, :terms_of_service, :captcha, :captcha_key) + params.require(:debate).permit(:title, :description, :tag_list, :terms_of_service) end def resource_model diff --git a/app/controllers/management/proposals_controller.rb b/app/controllers/management/proposals_controller.rb index 3f4284a06..7d3925e95 100644 --- a/app/controllers/management/proposals_controller.rb +++ b/app/controllers/management/proposals_controller.rb @@ -33,7 +33,7 @@ class Management::ProposalsController < Management::BaseController end def proposal_params - params.require(:proposal).permit(:title, :question, :summary, :description, :external_url, :video_url, :responsible_name, :tag_list, :terms_of_service, :captcha, :captcha_key) + params.require(:proposal).permit(:title, :question, :summary, :description, :external_url, :video_url, :responsible_name, :tag_list, :terms_of_service) end def resource_model diff --git a/app/controllers/management/spending_proposals_controller.rb b/app/controllers/management/spending_proposals_controller.rb index 49378ca63..ca723cccc 100644 --- a/app/controllers/management/spending_proposals_controller.rb +++ b/app/controllers/management/spending_proposals_controller.rb @@ -16,7 +16,7 @@ class Management::SpendingProposalsController < Management::BaseController @spending_proposal = SpendingProposal.new(spending_proposal_params) @spending_proposal.author = managed_user - if @spending_proposal.save_with_captcha + if @spending_proposal.save redirect_to management_spending_proposal_path(@spending_proposal), notice: t('flash.actions.create.notice', resource_name: t("activerecord.models.spending_proposal", count: 1)) else render :new @@ -45,7 +45,7 @@ class Management::SpendingProposalsController < Management::BaseController end def spending_proposal_params - params.require(:spending_proposal).permit(:title, :description, :external_url, :geozone_id, :terms_of_service, :captcha, :captcha_key) + params.require(:spending_proposal).permit(:title, :description, :external_url, :geozone_id, :terms_of_service) end def only_verified_users diff --git a/app/controllers/organizations/registrations_controller.rb b/app/controllers/organizations/registrations_controller.rb index c0f69da33..503c26bc0 100644 --- a/app/controllers/organizations/registrations_controller.rb +++ b/app/controllers/organizations/registrations_controller.rb @@ -1,5 +1,7 @@ class Organizations::RegistrationsController < Devise::RegistrationsController + invisible_captcha only: [:create], honeypot: :address, scope: :user + def new super do |user| user.build_organization @@ -11,7 +13,7 @@ class Organizations::RegistrationsController < Devise::RegistrationsController def create build_resource(sign_up_params) - if resource.valid_with_captcha? + if resource.valid? super do |user| # Removes unuseful "organization is invalid" error message user.errors.messages.delete(:organization) @@ -29,7 +31,7 @@ class Organizations::RegistrationsController < Devise::RegistrationsController private def sign_up_params - params.require(:user).permit(:email, :password, :phone_number, :password_confirmation, :captcha, :captcha_key, :terms_of_service, organization_attributes: [:name, :responsible_name]) + params.require(:user).permit(:email, :password, :phone_number, :password_confirmation, :terms_of_service, organization_attributes: [:name, :responsible_name]) end end diff --git a/app/controllers/proposals_controller.rb b/app/controllers/proposals_controller.rb index 8567cda14..0b350f687 100644 --- a/app/controllers/proposals_controller.rb +++ b/app/controllers/proposals_controller.rb @@ -2,6 +2,7 @@ class ProposalsController < ApplicationController include CommentableActions include FlagActions + before_action :parse_search_terms, only: [:index, :suggest] before_action :parse_advanced_search_terms, only: :index before_action :parse_tag_filter, only: :index @@ -10,6 +11,8 @@ class ProposalsController < ApplicationController before_action :load_geozones, only: [:edit, :map, :summary] before_action :authenticate_user!, except: [:index, :show, :map, :summary] + invisible_captcha only: [:create, :update], honeypot: :subtitle + has_orders %w{hot_score confidence_score created_at relevance}, only: :index has_orders %w{most_voted newest oldest}, only: :show @@ -56,7 +59,7 @@ class ProposalsController < ApplicationController private def proposal_params - params.require(:proposal).permit(:title, :question, :summary, :description, :external_url, :video_url, :responsible_name, :tag_list, :terms_of_service, :captcha, :captcha_key, :geozone_id) + params.require(:proposal).permit(:title, :question, :summary, :description, :external_url, :video_url, :responsible_name, :tag_list, :terms_of_service, :geozone_id) end def retired_params @@ -93,4 +96,5 @@ class ProposalsController < ApplicationController @resources = @resources.where('proposals.id NOT IN (?)', @featured_proposals.map(&:id)) end end + end diff --git a/app/controllers/spending_proposals_controller.rb b/app/controllers/spending_proposals_controller.rb index 9915b0b50..3f590f414 100644 --- a/app/controllers/spending_proposals_controller.rb +++ b/app/controllers/spending_proposals_controller.rb @@ -8,6 +8,8 @@ class SpendingProposalsController < ApplicationController feature_flag :spending_proposals + invisible_captcha only: [:create, :update], honeypot: :subtitle + respond_to :html, :js def index @@ -27,7 +29,7 @@ class SpendingProposalsController < ApplicationController @spending_proposal = SpendingProposal.new(spending_proposal_params) @spending_proposal.author = current_user - if @spending_proposal.save_with_captcha + if @spending_proposal.save notice = t('flash.actions.create.spending_proposal', activity: "#{t('layouts.header.my_activity_link')}") redirect_to @spending_proposal, notice: notice, flash: { html_safe: true } else @@ -49,7 +51,7 @@ class SpendingProposalsController < ApplicationController private def spending_proposal_params - params.require(:spending_proposal).permit(:title, :description, :external_url, :geozone_id, :association_name, :terms_of_service, :captcha, :captcha_key) + params.require(:spending_proposal).permit(:title, :description, :external_url, :geozone_id, :association_name, :terms_of_service) end def set_geozone_name diff --git a/app/controllers/users/registrations_controller.rb b/app/controllers/users/registrations_controller.rb index 9d6530017..2b25a5126 100644 --- a/app/controllers/users/registrations_controller.rb +++ b/app/controllers/users/registrations_controller.rb @@ -1,6 +1,8 @@ class Users::RegistrationsController < Devise::RegistrationsController prepend_before_action :authenticate_scope!, only: [:edit, :update, :destroy, :finish_signup, :do_finish_signup] + invisible_captcha only: [:create], honeypot: :family_name, scope: :user + def new super do |user| user.use_redeemable_code = true if params[:use_redeemable_code].present? @@ -9,7 +11,7 @@ class Users::RegistrationsController < Devise::RegistrationsController def create build_resource(sign_up_params) - if resource.valid_with_captcha? + if resource.valid? super else render :new @@ -58,8 +60,7 @@ class Users::RegistrationsController < Devise::RegistrationsController def sign_up_params params[:user].delete(:redeemable_code) if params[:user].present? && params[:user][:redeemable_code].blank? params.require(:user).permit(:username, :email, :password, - :password_confirmation, :captcha, - :captcha_key, :terms_of_service, :locale, + :password_confirmation, :terms_of_service, :locale, :redeemable_code) end diff --git a/app/models/debate.rb b/app/models/debate.rb index cdae527f7..840b9c4b5 100644 --- a/app/models/debate.rb +++ b/app/models/debate.rb @@ -8,7 +8,6 @@ class Debate < ActiveRecord::Base include Searchable include Filterable - apply_simple_captcha acts_as_votable acts_as_paranoid column: :hidden_at include ActsAsParanoidAliases diff --git a/app/models/proposal.rb b/app/models/proposal.rb index e6071e052..d2b97f1c5 100644 --- a/app/models/proposal.rb +++ b/app/models/proposal.rb @@ -7,7 +7,6 @@ class Proposal < ActiveRecord::Base include Searchable include Filterable - apply_simple_captcha acts_as_votable acts_as_paranoid column: :hidden_at include ActsAsParanoidAliases diff --git a/app/models/spending_proposal.rb b/app/models/spending_proposal.rb index 3a13935c4..a2c143336 100644 --- a/app/models/spending_proposal.rb +++ b/app/models/spending_proposal.rb @@ -4,7 +4,6 @@ class SpendingProposal < ActiveRecord::Base include Taggable include Searchable - apply_simple_captcha acts_as_votable belongs_to :author, -> { with_hidden }, class_name: 'User', foreign_key: 'author_id' diff --git a/app/models/user.rb b/app/models/user.rb index ea889ac57..7da80b6fb 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -2,7 +2,6 @@ class User < ActiveRecord::Base include Verification - apply_simple_captcha devise :database_authenticatable, :registerable, :confirmable, :recoverable, :rememberable, :trackable, :validatable, :omniauthable, :async diff --git a/app/views/debates/_form.html.erb b/app/views/debates/_form.html.erb index be5c92306..30152b366 100644 --- a/app/views/debates/_form.html.erb +++ b/app/views/debates/_form.html.erb @@ -1,5 +1,8 @@ <%= form_for(@debate) do |f| %> + + <%= render 'shared/errors', resource: @debate %> +
<%= f.label :title, t("debates.form.debate_title") %> @@ -11,6 +14,8 @@ <%= f.cktext_area :description, maxlength: Debate.description_max_length, ckeditor: { language: I18n.locale }, label: false %>
+ <%= f.invisible_captcha :subtitle %> +
<%= f.label :tag_list, t("debates.form.tags_label") %>

<%= t("debates.form.tags_instructions") %>

@@ -32,10 +37,6 @@ <% end %>
-
- <%= f.simple_captcha input_html: { required: false } %> -
-
<%= f.submit(class: "button", value: t("debates.#{action_name}.form.submit_button")) %>
diff --git a/app/views/layouts/_flash.html.erb b/app/views/layouts/_flash.html.erb new file mode 100644 index 000000000..d07259c5c --- /dev/null +++ b/app/views/layouts/_flash.html.erb @@ -0,0 +1,10 @@ +<% flash.each do |flash_key, flash_message| %> +
+
+ + <%= flash_message %> +
+
+<% end %> diff --git a/app/views/layouts/admin.html.erb b/app/views/layouts/admin.html.erb index d34195915..cc8e0c4a9 100644 --- a/app/views/layouts/admin.html.erb +++ b/app/views/layouts/admin.html.erb @@ -23,23 +23,8 @@
- <% if notice %> -
- - <%= notice %> -
- <% end %> - <% if alert %> -
- - <%= alert %> -
- <% end %> + <%= render 'layouts/flash' %> <%= yield %>
diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index ea4fcb107..269764328 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -42,27 +42,7 @@ <% end %> - <% if notice %> -
-
- - <%= notice %> -
-
- <% end %> - - <% if alert %> -
-
- - <%= alert %> -
-
- <% end %> + <%= render 'layouts/flash' %> <%= yield %>
diff --git a/app/views/layouts/devise.html.erb b/app/views/layouts/devise.html.erb index 4ef57dc4f..b3599fc0f 100644 --- a/app/views/layouts/devise.html.erb +++ b/app/views/layouts/devise.html.erb @@ -27,23 +27,8 @@
- <% if notice %> -
- - <%= notice %> -
- <% end %> - <% if alert %> -
- - <%= alert %> -
- <% end %> + <%= render 'layouts/flash' %> <%= yield %>
@@ -56,4 +41,4 @@ <%= render 'layouts/footer' %>
- \ No newline at end of file + diff --git a/app/views/layouts/management.html.erb b/app/views/layouts/management.html.erb index b79cb5f41..735175155 100644 --- a/app/views/layouts/management.html.erb +++ b/app/views/layouts/management.html.erb @@ -54,23 +54,8 @@ <%= render "management/account_info" %>
- <% if notice %> -
- - <%= notice %> -
- <% end %> - <% if alert %> -
- - <%= alert %> -
- <% end %> + <%= render 'layouts/flash' %> <%= yield %>
diff --git a/app/views/organizations/registrations/new.html.erb b/app/views/organizations/registrations/new.html.erb index 8d39d0199..3b1763e83 100644 --- a/app/views/organizations/registrations/new.html.erb +++ b/app/views/organizations/registrations/new.html.erb @@ -17,6 +17,8 @@ <%= f.text_field :phone_number, placeholder: t("devise_views.organizations.registrations.new.phone_number_label") %> + <%= f.invisible_captcha :address %> + <%= f.password_field :password, autocomplete: "off", placeholder: t("devise_views.organizations.registrations.new.password_label") %> @@ -24,9 +26,6 @@ label: t("devise_views.organizations.registrations.new.password_confirmation_label"), placeholder: t("devise_views.organizations.registrations.new.password_confirmation_label") %> - <%= f.simple_captcha input_html: {required: false} %> - - <%= f.label :terms_of_service do %> <%= f.check_box :terms_of_service, title: t('devise_views.users.registrations.new.terms_title'), label: false %> diff --git a/app/views/pages/faq.html.erb b/app/views/pages/faq.html.erb index 0dcd09a68..7f82147b6 100644 --- a/app/views/pages/faq.html.erb +++ b/app/views/pages/faq.html.erb @@ -71,7 +71,7 @@

¿Cómo creo y verifico mi cuenta?

diff --git a/app/views/proposals/_form.html.erb b/app/views/proposals/_form.html.erb index 4762e309e..3eda38cd1 100644 --- a/app/views/proposals/_form.html.erb +++ b/app/views/proposals/_form.html.erb @@ -8,6 +8,8 @@
+ <%= f.invisible_captcha :subtitle %> +
<%= f.label :question, t("proposals.form.proposal_question") %> @@ -84,10 +86,6 @@ <% end %>
-
- <%= f.simple_captcha input_html: { required: false } %> -
-
<%= f.submit(class: "button", value: t("proposals.#{action_name}.form.submit_button")) %>
diff --git a/app/views/simple_captcha/_simple_captcha.erb b/app/views/simple_captcha/_simple_captcha.erb deleted file mode 100644 index 5f57da6fc..000000000 --- a/app/views/simple_captcha/_simple_captcha.erb +++ /dev/null @@ -1,8 +0,0 @@ -
- <%= simple_captcha_options[:image] %> - <%= simple_captcha_options[:refresh_button] %> - -

<%= simple_captcha_options[:label] %>

- - <%= simple_captcha_options[:field] %> -
diff --git a/app/views/spending_proposals/_form.html.erb b/app/views/spending_proposals/_form.html.erb index 0d6ef0402..2976b1803 100644 --- a/app/views/spending_proposals/_form.html.erb +++ b/app/views/spending_proposals/_form.html.erb @@ -7,6 +7,8 @@ <%= f.text_field :title, maxlength: SpendingProposal.title_max_length, placeholder: t("spending_proposals.form.title"), label: false %> + <%= f.invisible_captcha :subtitle %> +
<%= f.label :description, t("spending_proposals.form.description") %> <%= f.cktext_area :description, maxlength: SpendingProposal.description_max_length, ckeditor: { language: I18n.locale }, label: false %> @@ -40,12 +42,8 @@ <% end %>
-
- <%= f.simple_captcha input_html: { required: false } %> -
-
<%= f.submit(class: "button", value: t("spending_proposals.form.submit_buttons.#{action_name}")) %>
-<% end %> \ No newline at end of file +<% end %> diff --git a/app/views/users/registrations/new.html.erb b/app/views/users/registrations/new.html.erb index c810ea067..f2f1827ba 100644 --- a/app/views/users/registrations/new.html.erb +++ b/app/views/users/registrations/new.html.erb @@ -21,6 +21,8 @@

<%= t("devise_views.users.registrations.new.username_note") %>

<%= f.text_field :username, maxlength: User.username_max_length, placeholder: t("devise_views.users.registrations.new.username_label"), label: false %> + <%= f.invisible_captcha :family_name %> + <%= f.email_field :email, placeholder: t("devise_views.users.registrations.new.email_label") %> @@ -35,8 +37,6 @@ <%= f.text_field :redeemable_code, placeholder: t("devise_views.users.registrations.new.redeemable_code") %> <% end %> - <%= f.simple_captcha input_html: {required: false} %> - <%= f.label :terms_of_service do %> <%= f.check_box :terms_of_service, title: t('devise_views.users.registrations.new.terms_title'), label: false %> diff --git a/config/deploy/shared/secrets.yml.erb b/config/deploy/shared/secrets.yml.erb index 42a8c48a6..8f82c5dca 100644 --- a/config/deploy/shared/secrets.yml.erb +++ b/config/deploy/shared/secrets.yml.erb @@ -1,6 +1,4 @@ <%= fetch(:rails_env) %>: - recaptcha_public_key: <%= ENV["MADRID_RECAPTCHA_PUBLIC_KEY"] %> - recaptcha_private_key: <%= ENV["MADRID_RECAPTCHA_PRIVATE_KEY"] %> secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> twitter_key: <%= ENV["TWITTER_KEY"] %> twitter_secret: <%= ENV["TWITTER_SECRET"] %> diff --git a/config/i18n-tasks.yml b/config/i18n-tasks.yml index 40086aab9..b81c73ddd 100644 --- a/config/i18n-tasks.yml +++ b/config/i18n-tasks.yml @@ -105,7 +105,6 @@ ignore_unused: - 'activerecord.*' - 'activemodel.*' - 'unauthorized.*' - - 'simple_captcha.*' - 'admin.officials.level_*' - 'admin.comments.index.filter*' - 'admin.debates.index.filter*' @@ -137,6 +136,7 @@ ignore_unused: - 'helpers.page_entries_info.*' # kaminari - 'views.pagination.*' # kaminari - 'shared.suggest.*' + - 'invisible_captcha.*' # - '{devise,kaminari,will_paginate}.*' # - 'simple_form.{yes,no}' # - 'simple_form.{placeholders,hints,labels}.*' diff --git a/config/initializers/invisible_captcha.rb b/config/initializers/invisible_captcha.rb new file mode 100644 index 000000000..0dd1c5a5c --- /dev/null +++ b/config/initializers/invisible_captcha.rb @@ -0,0 +1,8 @@ +InvisibleCaptcha.setup do |config| + config.visual_honeypots = false + config.timestamp_threshold = 4.seconds + # Leave these unset if you want to use I18n (see below) + # config.error_message = 'You are a robot!' + # config.sentence_for_humans = 'If you are a human, ignore this field' + # config.timestamp_error_message = 'Sorry, that was too quick! Please resubmit.' +end diff --git a/config/initializers/simple_captcha.rb b/config/initializers/simple_captcha.rb deleted file mode 100644 index 2ac5826c3..000000000 --- a/config/initializers/simple_captcha.rb +++ /dev/null @@ -1,37 +0,0 @@ -SimpleCaptcha.always_pass = false - -SimpleCaptcha.setup do |sc| - # default: 100x28 - sc.image_size = '120x40' - - # default: 5 - sc.length = 6 - - # default: simply_blue - # possible values: - # 'embosed_silver', - # 'simply_red', - # 'simply_green', - # 'simply_blue', - # 'distorted_black', - # 'all_black', - # 'charcoal_grey', - # 'almost_invisible' - # 'random' - sc.image_style = 'simply_green' - - # default: low - # possible values: 'low', 'medium', 'high', 'random' - sc.distortion = 'random' - - # default: medium - # possible values: 'none', 'low', 'medium', 'high' - sc.implode = 'medium' - - # sc.image_style = 'mycaptha' - # sc.add_image_style('mycaptha', [ - # "-background '#F4F7F8'", - # "-fill '#86818B'", - # "-border 1", - # "-bordercolor '#E0E2E3'"]) -end diff --git a/config/locales/en.yml b/config/locales/en.yml index de37b5975..118207f27 100755 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -417,15 +417,6 @@ en: categories: "Categories" target_blank_html: " (link opens in new window)" unflag: Unflag - simple_captcha: - label: Enter the text from the image in the box below - message: - debate: the secret code does not match the image - proposal: the secret code does not match the image - spendingproposal: the secret code does not match the image - user: the secret code does not match the image - placeholder: Enter the text from the image - refresh_button_text: Refresh social: blog: Blog facebook: Facebook @@ -591,3 +582,7 @@ en: text_sign_in: "login" text_sign_up: "sign up" alt: "Select the text you want to comment and press the button with the pencil." + invisible_captcha: + sentence_for_humans: "If you are human, ignore this field" + timestamp_error_message: "Sorry, that was too quick! Please resubmit." + diff --git a/config/locales/es.yml b/config/locales/es.yml index d2d01e407..81dbe56fc 100755 --- a/config/locales/es.yml +++ b/config/locales/es.yml @@ -417,15 +417,6 @@ es: categories: "Categorías" target_blank_html: " (se abre en ventana nueva)" unflag: Deshacer denuncia - simple_captcha: - label: Introduce el texto de la imagen en la siguiente caja - message: - debate: el código secreto no coincide con la imagen - proposal: el código secreto no coincide con la imagen - spendingproposal: el código secreto no coincide con la imagen - user: el código secreto no coincide con la imagen - placeholder: Introduce el texto de la imagen - refresh_button_text: Refrescar social: blog: Blog facebook: Facebook @@ -591,3 +582,6 @@ es: text_sign_in: "iniciar sesión" text_sign_up: "registrarte" alt: "Selecciona el texto que quieres comentar y pulsa en el botón con el lápiz." + invisible_captcha: + sentence_for_humans: "Si eres humano, por favor ignora este campo" + timestamp_error_message: "Eso ha sido demasiado rápido. Por favor, reenvía el formulario." diff --git a/db/migrate/20160421090733_destroy_captcha_table.rb b/db/migrate/20160421090733_destroy_captcha_table.rb new file mode 100644 index 000000000..68d045d2f --- /dev/null +++ b/db/migrate/20160421090733_destroy_captcha_table.rb @@ -0,0 +1,5 @@ +class DestroyCaptchaTable < ActiveRecord::Migration + def change + drop_table :simple_captcha_data + end +end diff --git a/db/schema.rb b/db/schema.rb index 55641228c..b105a2b2c 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -286,15 +286,6 @@ ActiveRecord::Schema.define(version: 20160426211658) do add_index "settings", ["key"], name: "index_settings_on_key", using: :btree - create_table "simple_captcha_data", force: :cascade do |t| - t.string "key", limit: 40 - t.string "value", limit: 6 - t.datetime "created_at" - t.datetime "updated_at" - end - - add_index "simple_captcha_data", ["key"], name: "idx_key", using: :btree - create_table "spending_proposals", force: :cascade do |t| t.string "title" t.text "description" diff --git a/spec/controllers/debates_controller_spec.rb b/spec/controllers/debates_controller_spec.rb index 85bf9bd1c..12dc0fe40 100644 --- a/spec/controllers/debates_controller_spec.rb +++ b/spec/controllers/debates_controller_spec.rb @@ -2,15 +2,6 @@ require 'rails_helper' describe DebatesController do - before(:all) do - @original_captcha_pass_value = SimpleCaptcha.always_pass - SimpleCaptcha.always_pass = true - end - - after(:all) do - SimpleCaptcha.always_pass = @original_captcha_pass_value - end - describe 'POST create' do it 'should create an ahoy event' do diff --git a/spec/features/debates_spec.rb b/spec/features/debates_spec.rb index 5efb48406..d20c1c302 100644 --- a/spec/features/debates_spec.rb +++ b/spec/features/debates_spec.rb @@ -96,7 +96,6 @@ feature 'Debates' do visit new_debate_path fill_in 'debate_title', with: 'A title for a debate' fill_in 'debate_description', with: 'This is very important because...' - fill_in 'debate_captcha', with: correct_captcha_text check 'debate_terms_of_service' click_button 'Start a debate' @@ -108,24 +107,39 @@ feature 'Debates' do expect(page).to have_content I18n.l(Debate.last.created_at.to_date) end - scenario 'Captcha is required for debate creation' do - login_as(create(:user)) + scenario 'Create with invisible_captcha honeypot field' do + author = create(:user) + login_as(author) visit new_debate_path - fill_in 'debate_title', with: "Great title" - fill_in 'debate_description', with: 'Very important issue...' - fill_in 'debate_captcha', with: "wrongText!" + fill_in 'debate_title', with: 'I am a bot' + fill_in 'debate_subtitle', with: 'This is a honeypot field' + fill_in 'debate_description', with: 'This is the description' check 'debate_terms_of_service' - click_button "Start a debate" + click_button 'Start a debate' - expect(page).to_not have_content "Debate created successfully." - expect(page).to have_content "1 error" + expect(page.status_code).to eq(200) + expect(page.html).to be_empty + expect(current_path).to eq(debates_path) + end - fill_in 'debate_captcha', with: correct_captcha_text - click_button "Start a debate" + scenario 'Create debate too fast' do + allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(Float::INFINITY) - expect(page).to have_content "Debate created successfully." + author = create(:user) + login_as(author) + + visit new_debate_path + fill_in 'debate_title', with: 'I am a bot' + fill_in 'debate_description', with: 'This is the description' + check 'debate_terms_of_service' + + click_button 'Start a debate' + + expect(page).to have_content 'Sorry, that was too quick! Please resubmit' + + expect(current_path).to eq(new_debate_path) end scenario 'Errors on create' do @@ -144,7 +158,6 @@ feature 'Debates' do visit new_debate_path fill_in 'debate_title', with: 'Testing an attack' fill_in 'debate_description', with: '

This is

' - fill_in 'debate_captcha', with: correct_captcha_text check 'debate_terms_of_service' click_button 'Start a debate' @@ -163,7 +176,6 @@ feature 'Debates' do visit new_debate_path fill_in 'debate_title', with: 'Testing auto link' fill_in 'debate_description', with: '

This is a link www.example.org

' - fill_in 'debate_captcha', with: correct_captcha_text check 'debate_terms_of_service' click_button 'Start a debate' @@ -180,7 +192,6 @@ feature 'Debates' do visit new_debate_path fill_in 'debate_title', with: 'Testing auto link' fill_in 'debate_description', with: " click me http://example.org" - fill_in 'debate_captcha', with: correct_captcha_text check 'debate_terms_of_service' click_button 'Start a debate' @@ -213,7 +224,6 @@ feature 'Debates' do fill_in 'debate_title', with: 'Testing auto link' fill_in 'debate_description', with: " click me http://example.org" - fill_in 'debate_captcha', with: correct_captcha_text check 'debate_terms_of_service' find('.js-add-tag-link', text: 'Education').click @@ -232,7 +242,6 @@ feature 'Debates' do fill_in 'debate_title', with: "Great title" fill_in 'debate_description', with: 'Very important issue...' - fill_in 'debate_captcha', with: correct_captcha_text check 'debate_terms_of_service' fill_in 'debate_tag_list', with: 'Refugees, Solidarity' @@ -250,7 +259,6 @@ feature 'Debates' do fill_in 'debate_title', with: 'A test of dangerous strings' fill_in 'debate_description', with: 'A description suitable for this test' - fill_in 'debate_captcha', with: correct_captcha_text check 'debate_terms_of_service' fill_in 'debate_tag_list', with: 'user_id=1, &a=3, ' @@ -300,7 +308,6 @@ feature 'Debates' do fill_in 'debate_title', with: "End child poverty" fill_in 'debate_description', with: "Let's do something to end child poverty" - fill_in 'debate_captcha', with: correct_captcha_text click_button "Save changes" @@ -320,26 +327,6 @@ feature 'Debates' do expect(page).to have_content error_message end - scenario 'Captcha is required to update a debate' do - debate = create(:debate) - login_as(debate.author) - - visit edit_debate_path(debate) - expect(current_path).to eq(edit_debate_path(debate)) - - fill_in 'debate_title', with: "New title" - fill_in 'debate_captcha', with: "wrong!" - click_button "Save changes" - - expect(page).to_not have_content "Debate updated successfully." - expect(page).to have_content "error" - - fill_in 'debate_captcha', with: correct_captcha_text - click_button "Save changes" - - expect(page).to have_content "Debate updated successfully." - end - describe 'Limiting tags shown' do scenario 'Index page shows up to 5 tags per debate' do tag_list = ["Hacienda", "Economía", "Medio Ambiente", "Corrupción", "Fiestas populares", "Prensa"] diff --git a/spec/features/management/proposals_spec.rb b/spec/features/management/proposals_spec.rb index e5279bac4..744a8fe0b 100644 --- a/spec/features/management/proposals_spec.rb +++ b/spec/features/management/proposals_spec.rb @@ -27,7 +27,6 @@ feature 'Proposals' do fill_in 'proposal_description', with: 'This is very important because...' fill_in 'proposal_external_url', with: 'http://rescue.org/refugees' fill_in 'proposal_video_url', with: 'http://youtube.com' - fill_in 'proposal_captcha', with: correct_captcha_text check 'proposal_terms_of_service' click_button 'Create proposal' diff --git a/spec/features/management/spending_proposals_spec.rb b/spec/features/management/spending_proposals_spec.rb index 760d2a07a..2c20ee684 100644 --- a/spec/features/management/spending_proposals_spec.rb +++ b/spec/features/management/spending_proposals_spec.rb @@ -24,7 +24,6 @@ feature 'Spending Proposals' do fill_in 'spending_proposal_title', with: 'Build a park in my neighborhood' fill_in 'spending_proposal_description', with: 'There is no parks here...' fill_in 'spending_proposal_external_url', with: 'http://moarparks.com' - fill_in 'spending_proposal_captcha', with: correct_captcha_text check 'spending_proposal_terms_of_service' click_button 'Create' @@ -221,4 +220,4 @@ feature 'Spending Proposals' do end -end \ No newline at end of file +end diff --git a/spec/features/organizations_spec.rb b/spec/features/organizations_spec.rb index 052b3bae5..0a7a2bcc7 100644 --- a/spec/features/organizations_spec.rb +++ b/spec/features/organizations_spec.rb @@ -13,7 +13,6 @@ feature 'Organizations' do fill_in 'user_email', with: 'green@peace.com' fill_in 'user_password', with: 'greenpeace' fill_in 'user_password_confirmation', with: 'greenpeace' - fill_in 'user_captcha', with: correct_captcha_text check 'user_terms_of_service' click_button 'Register' @@ -24,6 +23,41 @@ feature 'Organizations' do expect(user.organization).to_not be_verified end + scenario 'Create with invisible_captcha honeypot field' do + visit new_organization_registration_path + + fill_in 'user_organization_attributes_name', with: 'robot' + fill_in 'user_address', with: 'This is the honeypot field' + fill_in 'user_organization_attributes_responsible_name', with: 'Robots are more responsible than humans' + fill_in 'user_email', with: 'robot@robot.com' + fill_in 'user_password', with: 'destroyallhumans' + fill_in 'user_password_confirmation', with: 'destroyallhumans' + + check 'user_terms_of_service' + + click_button 'Register' + + expect(page.status_code).to eq(200) + expect(page.html).to be_empty + expect(current_path).to eq(organization_registration_path) + end + + scenario 'Create organization too fast' do + allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(Float::INFINITY) + visit new_organization_registration_path + fill_in 'user_organization_attributes_name', with: 'robot' + fill_in 'user_organization_attributes_responsible_name', with: 'Robots are more responsible than humans' + fill_in 'user_email', with: 'robot@robot.com' + fill_in 'user_password', with: 'destroyallhumans' + fill_in 'user_password_confirmation', with: 'destroyallhumans' + + click_button 'Register' + + expect(page).to have_content 'Sorry, that was too quick! Please resubmit' + + expect(current_path).to eq(new_organization_registration_path) + end + scenario 'Errors on create' do visit new_organization_registration_path diff --git a/spec/features/proposals_spec.rb b/spec/features/proposals_spec.rb index 4a3ea58a1..c7be4956b 100644 --- a/spec/features/proposals_spec.rb +++ b/spec/features/proposals_spec.rb @@ -130,7 +130,6 @@ feature 'Proposals' do fill_in 'proposal_external_url', with: 'http://rescue.org/refugees' fill_in 'proposal_video_url', with: 'http://youtube.com' fill_in 'proposal_responsible_name', with: 'Isabel Garcia' - fill_in 'proposal_captcha', with: correct_captcha_text check 'proposal_terms_of_service' click_button 'Create proposal' @@ -146,6 +145,49 @@ feature 'Proposals' do expect(page).to have_content I18n.l(Proposal.last.created_at.to_date) end + scenario 'Create with invisible_captcha honeypot field' do + author = create(:user) + login_as(author) + + visit new_proposal_path + fill_in 'proposal_title', with: 'I am a bot' + fill_in 'proposal_subtitle', with: 'This is the honeypot field' + fill_in 'proposal_question', with: 'This is a question' + fill_in 'proposal_summary', with: 'This is the summary' + fill_in 'proposal_description', with: 'This is the description' + fill_in 'proposal_external_url', with: 'http://google.com/robots.txt' + fill_in 'proposal_responsible_name', with: 'Some other robot' + check 'proposal_terms_of_service' + + click_button 'Create proposal' + + expect(page.status_code).to eq(200) + expect(page.html).to be_empty + expect(current_path).to eq(proposals_path) + end + + scenario 'Create proposal too fast' do + allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(Float::INFINITY) + + author = create(:user) + login_as(author) + + visit new_proposal_path + fill_in 'proposal_title', with: 'I am a bot' + fill_in 'proposal_question', with: 'This is a question' + fill_in 'proposal_summary', with: 'This is the summary' + fill_in 'proposal_description', with: 'This is the description' + fill_in 'proposal_external_url', with: 'http://google.com/robots.txt' + fill_in 'proposal_responsible_name', with: 'Some other robot' + check 'proposal_terms_of_service' + + click_button 'Create proposal' + + expect(page).to have_content 'Sorry, that was too quick! Please resubmit' + + expect(current_path).to eq(new_proposal_path) + end + scenario 'Responsible name is stored for anonymous users' do author = create(:user) login_as(author) @@ -157,7 +199,6 @@ feature 'Proposals' do fill_in 'proposal_description', with: 'This is very important because...' fill_in 'proposal_external_url', with: 'http://rescue.org/refugees' fill_in 'proposal_responsible_name', with: 'Isabel Garcia' - fill_in 'proposal_captcha', with: correct_captcha_text fill_in 'proposal_responsible_name', with: 'Isabel Garcia' check 'proposal_terms_of_service' @@ -179,7 +220,6 @@ feature 'Proposals' do fill_in 'proposal_summary', with: 'In summary, what we want is...' fill_in 'proposal_description', with: 'This is very important because...' fill_in 'proposal_external_url', with: 'http://rescue.org/refugees' - fill_in 'proposal_captcha', with: correct_captcha_text check 'proposal_terms_of_service' click_button 'Create proposal' @@ -187,30 +227,6 @@ feature 'Proposals' do expect(page).to have_content 'Proposal created successfully.' end - scenario 'Captcha is required for proposal creation' do - login_as(create(:user)) - - visit new_proposal_path - fill_in 'proposal_title', with: "Great title" - fill_in 'proposal_question', with: '¿Would you like to give assistance to war refugees?' - fill_in 'proposal_summary', with: 'In summary, what we want is...' - fill_in 'proposal_description', with: 'Very important issue...' - fill_in 'proposal_external_url', with: 'http://rescue.org/refugees' - fill_in 'proposal_responsible_name', with: 'Isabel Garcia' - fill_in 'proposal_captcha', with: "wrongText!" - check 'proposal_terms_of_service' - - click_button "Create proposal" - - expect(page).to_not have_content "Proposal created successfully." - expect(page).to have_content "1 error" - - fill_in 'proposal_captcha', with: correct_captcha_text - click_button "Create proposal" - - expect(page).to have_content "Proposal created successfully." - end - scenario 'Errors on create' do author = create(:user) login_as(author) @@ -231,7 +247,6 @@ feature 'Proposals' do fill_in 'proposal_description', with: '

This is

' fill_in 'proposal_external_url', with: 'http://rescue.org/refugees' fill_in 'proposal_responsible_name', with: 'Isabel Garcia' - fill_in 'proposal_captcha', with: correct_captcha_text check 'proposal_terms_of_service' click_button 'Create proposal' @@ -253,7 +268,6 @@ feature 'Proposals' do fill_in 'proposal_summary', with: 'In summary, what we want is...' fill_in 'proposal_description', with: '

This is a link www.example.org

' fill_in 'proposal_responsible_name', with: 'Isabel Garcia' - fill_in 'proposal_captcha', with: correct_captcha_text check 'proposal_terms_of_service' click_button 'Create proposal' @@ -273,7 +287,6 @@ feature 'Proposals' do fill_in 'proposal_summary', with: 'In summary, what we want is...' fill_in 'proposal_description', with: " click me http://example.org" fill_in 'proposal_responsible_name', with: 'Isabel Garcia' - fill_in 'proposal_captcha', with: correct_captcha_text check 'proposal_terms_of_service' click_button 'Create proposal' @@ -311,7 +324,6 @@ feature 'Proposals' do fill_in 'proposal_external_url', with: 'http://rescue.org/refugees' fill_in 'proposal_video_url', with: 'http://youtube.com' fill_in 'proposal_responsible_name', with: 'Isabel Garcia' - fill_in 'proposal_captcha', with: correct_captcha_text check 'proposal_terms_of_service' find('.js-add-tag-link', text: 'Education').click @@ -335,7 +347,6 @@ feature 'Proposals' do fill_in 'proposal_external_url', with: 'http://rescue.org/refugees' fill_in 'proposal_video_url', with: 'http://youtube.com' fill_in 'proposal_responsible_name', with: 'Isabel Garcia' - fill_in 'proposal_captcha', with: correct_captcha_text check 'proposal_terms_of_service' fill_in 'proposal_tag_list', with: 'Refugees, Solidarity' @@ -360,7 +371,6 @@ feature 'Proposals' do fill_in 'proposal_description', with: 'A description suitable for this test' fill_in 'proposal_external_url', with: 'http://rescue.org/refugees' fill_in 'proposal_responsible_name', with: 'Isabel Garcia' - fill_in 'proposal_captcha', with: correct_captcha_text check 'proposal_terms_of_service' fill_in 'proposal_tag_list', with: 'user_id=1, &a=3, ' @@ -390,7 +400,6 @@ feature 'Proposals' do fill_in 'proposal_external_url', with: 'http://rescue.org/refugees' fill_in 'proposal_video_url', with: 'http://youtube.com' fill_in 'proposal_responsible_name', with: 'Isabel Garcia' - fill_in 'proposal_captcha', with: correct_captcha_text check 'proposal_terms_of_service' click_button 'Create proposal' @@ -416,7 +425,6 @@ feature 'Proposals' do fill_in 'proposal_external_url', with: 'http://rescue.org/refugees' fill_in 'proposal_video_url', with: 'http://youtube.com' fill_in 'proposal_responsible_name', with: 'Isabel Garcia' - fill_in 'proposal_captcha', with: correct_captcha_text check 'proposal_terms_of_service' select('California', from: 'proposal_geozone_id') @@ -563,7 +571,6 @@ feature 'Proposals' do fill_in 'proposal_description', with: "Let's do something to end child poverty" fill_in 'proposal_external_url', with: 'http://rescue.org/refugees' fill_in 'proposal_responsible_name', with: 'Isabel Garcia' - fill_in 'proposal_captcha', with: correct_captcha_text click_button "Save changes" @@ -584,26 +591,6 @@ feature 'Proposals' do expect(page).to have_content error_message end - scenario 'Captcha is required to update a proposal' do - proposal = create(:proposal) - login_as(proposal.author) - - visit edit_proposal_path(proposal) - expect(current_path).to eq(edit_proposal_path(proposal)) - - fill_in 'proposal_title', with: "New cool title" - fill_in 'proposal_captcha', with: "wrong!" - click_button "Save changes" - - expect(page).to_not have_content "Proposal updated successfully." - expect(page).to have_content "error" - - fill_in 'proposal_captcha', with: correct_captcha_text - click_button "Save changes" - - expect(page).to have_content "Proposal updated successfully." - end - describe 'Limiting tags shown' do scenario 'Index page shows up to 5 tags per proposal' do create_featured_proposals diff --git a/spec/features/registration_form_spec.rb b/spec/features/registration_form_spec.rb index 6439ac726..4f258e601 100644 --- a/spec/features/registration_form_spec.rb +++ b/spec/features/registration_form_spec.rb @@ -32,7 +32,6 @@ feature 'Registration form' do fill_in 'user_password', with: "password" fill_in 'user_password_confirmation', with: "password" fill_in 'user_redeemable_code', with: " " - fill_in 'user_captcha', with: correct_captcha_text check 'user_terms_of_service' click_button 'Register' @@ -44,4 +43,40 @@ feature 'Registration form' do expect(new_user.redeemable_code).to be_nil end + scenario 'Create with invisible_captcha honeypot field' do + visit new_user_registration_path + + fill_in 'user_username', with: "robot" + fill_in 'user_family_name', with: 'This is the honeypot field' + fill_in 'user_email', with: 'robot@robot.com' + fill_in 'user_password', with: 'destroyallhumans' + fill_in 'user_password_confirmation', with: 'destroyallhumans' + check 'user_terms_of_service' + + click_button 'Register' + + expect(page.status_code).to eq(200) + expect(page.html).to be_empty + expect(current_path).to eq(user_registration_path) + end + + scenario 'Create organization too fast' do + allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(Float::INFINITY) + visit new_user_registration_path + + fill_in 'user_username', with: "robot" + fill_in 'user_family_name', with: 'This is the honeypot field' + fill_in 'user_email', with: 'robot@robot.com' + fill_in 'user_password', with: 'destroyallhumans' + fill_in 'user_password_confirmation', with: 'destroyallhumans' + check 'user_terms_of_service' + + click_button 'Register' + + expect(page).to have_content 'Sorry, that was too quick! Please resubmit' + + expect(current_path).to eq(new_user_registration_path) + end + + end diff --git a/spec/features/spending_proposals_spec.rb b/spec/features/spending_proposals_spec.rb index cb3a6d8d5..8b52bd014 100644 --- a/spec/features/spending_proposals_spec.rb +++ b/spec/features/spending_proposals_spec.rb @@ -97,7 +97,6 @@ feature 'Spending proposals' do fill_in 'spending_proposal_description', with: 'I want to live in a high tower over the clouds' fill_in 'spending_proposal_external_url', with: 'http://http://skyscraperpage.com/' fill_in 'spending_proposal_association_name', with: 'People of the neighbourhood' - fill_in 'spending_proposal_captcha', with: correct_captcha_text select 'All city', from: 'spending_proposal_geozone_id' check 'spending_proposal_terms_of_service' @@ -111,6 +110,40 @@ feature 'Spending proposals' do expect(page).to have_content('All city') end + scenario 'Create with invisible_captcha honeypot field' do + login_as(author) + + visit new_spending_proposal_path + fill_in 'spending_proposal_title', with: 'I am a bot' + fill_in 'spending_proposal_subtitle', with: 'This is the honeypot' + fill_in 'spending_proposal_description', with: 'This is the description' + select 'All city', from: 'spending_proposal_geozone_id' + check 'spending_proposal_terms_of_service' + + click_button 'Create' + + expect(page.status_code).to eq(200) + expect(page.html).to be_empty + expect(current_path).to eq(spending_proposals_path) + end + + scenario 'Create spending proposal too fast' do + allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(Float::INFINITY) + + login_as(author) + + visit new_spending_proposal_path + fill_in 'spending_proposal_title', with: 'I am a bot' + fill_in 'spending_proposal_description', with: 'This is the description' + select 'All city', from: 'spending_proposal_geozone_id' + check 'spending_proposal_terms_of_service' + + click_button 'Create' + + expect(page).to have_content 'Sorry, that was too quick! Please resubmit' + expect(current_path).to eq(new_spending_proposal_path) + end + scenario 'Create notice' do login_as(author) @@ -119,7 +152,6 @@ feature 'Spending proposals' do fill_in 'spending_proposal_description', with: 'I want to live in a high tower over the clouds' fill_in 'spending_proposal_external_url', with: 'http://http://skyscraperpage.com/' fill_in 'spending_proposal_association_name', with: 'People of the neighbourhood' - fill_in 'spending_proposal_captcha', with: correct_captcha_text select 'All city', from: 'spending_proposal_geozone_id' check 'spending_proposal_terms_of_service' @@ -137,27 +169,6 @@ feature 'Spending proposals' do expect(page).to have_content "Build a skyscraper" end - scenario 'Captcha is required for proposal creation' do - login_as(author) - - visit new_spending_proposal_path - fill_in 'spending_proposal_title', with: 'Build a skyscraper' - fill_in 'spending_proposal_description', with: 'I want to live in a high tower over the clouds' - fill_in 'spending_proposal_external_url', with: 'http://http://skyscraperpage.com/' - fill_in 'spending_proposal_captcha', with: 'wrongText' - check 'spending_proposal_terms_of_service' - - click_button 'Create' - - expect(page).to_not have_content 'Spending proposal created successfully' - expect(page).to have_content '1 error' - - fill_in 'spending_proposal_captcha', with: correct_captcha_text - click_button 'Create' - - expect(page).to have_content 'Spending proposal created successfully' - end - scenario 'Errors on create' do login_as(author) diff --git a/spec/features/tags_spec.rb b/spec/features/tags_spec.rb index a67f412a3..7ac81c139 100644 --- a/spec/features/tags_spec.rb +++ b/spec/features/tags_spec.rb @@ -61,7 +61,6 @@ feature 'Tags' do visit new_debate_path fill_in 'debate_title', with: 'Title' fill_in 'debate_description', with: 'Description' - fill_in 'debate_captcha', with: correct_captcha_text check 'debate_terms_of_service' fill_in 'debate_tag_list', with: "Impuestos, Economía, Hacienda" @@ -81,7 +80,6 @@ feature 'Tags' do visit new_debate_path fill_in 'debate_title', with: 'Title' fill_in 'debate_description', with: 'Description' - fill_in 'debate_captcha', with: correct_captcha_text check 'debate_terms_of_service' fill_in 'debate_tag_list', with: "Impuestos, Economía, Hacienda, Sanidad, Educación, Política, Igualdad" @@ -101,7 +99,6 @@ feature 'Tags' do expect(page).to have_selector("input[value='Economía']") fill_in 'debate_tag_list', with: "Economía, Hacienda" - fill_in 'debate_captcha', with: correct_captcha_text click_button 'Save changes' expect(page).to have_content 'Debate updated successfully.' @@ -118,7 +115,6 @@ feature 'Tags' do visit edit_debate_path(debate) fill_in 'debate_tag_list', with: "" - fill_in 'debate_captcha', with: correct_captcha_text click_button 'Save changes' expect(page).to have_content 'Debate updated successfully.' diff --git a/spec/features/users_auth_spec.rb b/spec/features/users_auth_spec.rb index f9b92bb12..bd93a04f8 100644 --- a/spec/features/users_auth_spec.rb +++ b/spec/features/users_auth_spec.rb @@ -11,7 +11,6 @@ feature 'Users' do fill_in 'user_email', with: 'manuela@madrid.es' fill_in 'user_password', with: 'judgementday' fill_in 'user_password_confirmation', with: 'judgementday' - fill_in 'user_captcha', with: correct_captcha_text check 'user_terms_of_service' click_button 'Register' diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 80d88bc54..c1d391b66 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -63,6 +63,7 @@ RSpec.configure do |config| config.before(:each, type: :feature) do Bullet.start_request + allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(0) end config.after(:each, type: :feature) do diff --git a/spec/support/common_actions.rb b/spec/support/common_actions.rb index 340d7c8a7..bba79441b 100644 --- a/spec/support/common_actions.rb +++ b/spec/support/common_actions.rb @@ -9,7 +9,6 @@ module CommonActions fill_in 'user_email', with: email fill_in 'user_password', with: password fill_in 'user_password_confirmation', with: password - fill_in 'user_captcha', with: correct_captcha_text check 'user_terms_of_service' click_button 'Register' @@ -86,10 +85,6 @@ module CommonActions expect(page).to have_content 'It will be done next week.' end - def correct_captcha_text - SimpleCaptcha::SimpleCaptchaData.last.value - end - def avatar(name) "img.initialjs-avatar[data-name='#{name}']" end