consul/nairobi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1103 from consul/invisible-captcha

Browse Source 
Replace simple_captcha with invisible_captcha
This commit is contained in:
Juanjo Bazán
2016-04-28 16:23:07 +02:00
parent b8cb64b6d6 e441a6805f
commit 1276e7d478
51 changed files with 260 additions and 356 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Gemfile
View File

@@ -34,8 +34,8 @@ gem 'responders'
gem 'foundation-rails'
gem 'foundation_rails_helper'
gem 'acts_as_votable'
gem 'simple_captcha2', require: 'simple_captcha'
gem 'ckeditor', '~> 4.1.5'
gem 'invisible_captcha', '~> 0.8.2'
gem 'cancancan'
gem 'social-share-button', git: 'https://github.com/huacnlee/social-share-button.git', ref: 'e46a6a3e82b86023bc'
gem 'initialjs-rails', '0.2.0.1'

6
Gemfile.lock
View File

@@ -202,6 +202,8 @@ GEM
terminal-table (>= 1.5.1)
initialjs-rails (0.2.0.1)
railties (>= 3.1, < 5.0)
invisible_captcha (0.8.2)
rails
jquery-rails (4.1.1)
rails-dom-testing (>= 1, < 3)
railties (>= 4.2.0)
@@ -365,8 +367,6 @@ GEM
nokogiri (>= 1.4.0)
nori (~> 2.4)
wasabi (~> 3.4)
simple_captcha2 (0.4.0)
rails (>= 4.1)
simplecov (0.11.2)
docile (~> 1.1.0)
json (~> 1.8)
@@ -469,6 +469,7 @@ DEPENDENCIES
groupdate
i18n-tasks
initialjs-rails (= 0.2.0.1)
invisible_captcha (~> 0.8.2)
jquery-rails
jquery-ui-rails
kaminari
@@ -492,7 +493,6 @@ DEPENDENCIES
rspec-rails (~> 3.3)
sass-rails (~> 5.0, >= 5.0.4)
savon
simple_captcha2
social-share-button!
spring
spring-commands-rspec

2
README.md
View File

@@ -28,7 +28,7 @@ Frontend tools used include [SCSS](http://sass-lang.com/) over [Foundation](http
## Configuration for development and test environments
Prerequisites: install git, ImageMagick, Ruby 2.2.3, bundler gem, ghostscript and PostgreSQL (>=9.4).
Prerequisites: install git, Ruby 2.2.3, bundler gem, ghostscript and PostgreSQL (>=9.4).
```
git clone https://github.com/consul/consul.git

2
README_ES.md
View File

@@ -27,7 +27,7 @@ Las herramientas utilizadas para el frontend no están cerradas aún. Los estilo
## Configuración para desarrollo y tests
Prerequisitos: tener instalado git, ImageMagick, Ruby 2.2.3, la gema `bundler`, ghostscript y PostgreSQL (9.4 o superior).
Prerequisitos: tener instalado git, Ruby 2.2.3, la gema `bundler`, ghostscript y PostgreSQL (9.4 o superior).
```

24
app/assets/stylesheets/layout.scss
View File

@@ -746,26 +746,6 @@ form {
line-height: $line-height;
vertical-align: middle;
}
.captcha {
border: 0;
padding: $line-height/2 0;
input {
margin-bottom: 0 !important;
}
}
.button.margin-top {
margin-top: $line-height;
}
}
.captcha {
label {
display: none;
}
}
// 07. Alerts
@@ -775,7 +755,7 @@ form {
font-family: $font-sans;
font-size: $small-font-size;
&.success {
&.success, &.notice {
background-color: $success-bg;
border-color: $success-border;
color: $success-color;
@@ -799,7 +779,7 @@ form {
}
}
&.alert {
&.alert, &.error {
background-color: $alert-bg;
border-color: $alert-border;
color: $alert-color;

2
app/assets/stylesheets/print.css
View File

@@ -24,8 +24,6 @@ img.left { display: none !important; }
.icon-proposals { display: none !important; }
.captcha { display: none !important; }
li.name { display: none !important; }
li.kind { display: none !important; }

2
app/controllers/application_controller.rb
View File

@@ -1,7 +1,6 @@
require "application_responder"
class ApplicationController < ActionController::Base
include SimpleCaptcha::ControllerHelpers
include HasFilters
include HasOrders
@@ -115,5 +114,4 @@ class ApplicationController < ActionController::Base
store_location_for(:user, request.path)
end
end
end

4
app/controllers/concerns/commentable_actions.rb
View File

@@ -38,7 +38,7 @@ module CommentableActions
@resource = resource_model.new(strong_params)
@resource.author = current_user
if @resource.save_with_captcha
if @resource.save
track_event
redirect_path = url_for(controller: controller_name, action: :show, id: @resource.id)
redirect_to redirect_path, notice: t("flash.actions.create.#{resource_name.underscore}")
@@ -55,7 +55,7 @@ module CommentableActions
def update
resource.assign_attributes(strong_params)
if resource.save_with_captcha
if resource.save
redirect_to resource, notice: t("flash.actions.update.#{resource_name.underscore}")
else
load_categories

4
app/controllers/debates_controller.rb
View File

@@ -11,6 +11,8 @@ class DebatesController < ApplicationController
feature_flag :debates
invisible_captcha only: [:create, :update], honeypot: :subtitle
has_orders %w{hot_score confidence_score created_at relevance}, only: :index
has_orders %w{most_voted newest oldest}, only: :show
@@ -45,7 +47,7 @@ class DebatesController < ApplicationController
private
def debate_params
params.require(:debate).permit(:title, :description, :tag_list, :terms_of_service, :captcha, :captcha_key)
params.require(:debate).permit(:title, :description, :tag_list, :terms_of_service)
end
def resource_model

2
app/controllers/management/proposals_controller.rb
View File

@@ -33,7 +33,7 @@ class Management::ProposalsController < Management::BaseController
end
def proposal_params
params.require(:proposal).permit(:title, :question, :summary, :description, :external_url, :video_url, :responsible_name, :tag_list, :terms_of_service, :captcha, :captcha_key)
params.require(:proposal).permit(:title, :question, :summary, :description, :external_url, :video_url, :responsible_name, :tag_list, :terms_of_service)
end
def resource_model

4
app/controllers/management/spending_proposals_controller.rb
View File

@@ -16,7 +16,7 @@ class Management::SpendingProposalsController < Management::BaseController
@spending_proposal = SpendingProposal.new(spending_proposal_params)
@spending_proposal.author = managed_user
if @spending_proposal.save_with_captcha
if @spending_proposal.save
redirect_to management_spending_proposal_path(@spending_proposal), notice: t('flash.actions.create.notice', resource_name: t("activerecord.models.spending_proposal", count: 1))
else
render :new
@@ -45,7 +45,7 @@ class Management::SpendingProposalsController < Management::BaseController
end
def spending_proposal_params
params.require(:spending_proposal).permit(:title, :description, :external_url, :geozone_id, :terms_of_service, :captcha, :captcha_key)
params.require(:spending_proposal).permit(:title, :description, :external_url, :geozone_id, :terms_of_service)
end
def only_verified_users

6
app/controllers/organizations/registrations_controller.rb
View File

@@ -1,5 +1,7 @@
class Organizations::RegistrationsController < Devise::RegistrationsController
invisible_captcha only: [:create], honeypot: :address, scope: :user
def new
super do |user|
user.build_organization
@@ -11,7 +13,7 @@ class Organizations::RegistrationsController < Devise::RegistrationsController
def create
build_resource(sign_up_params)
if resource.valid_with_captcha?
if resource.valid?
super do |user|
# Removes unuseful "organization is invalid" error message
user.errors.messages.delete(:organization)
@@ -29,7 +31,7 @@ class Organizations::RegistrationsController < Devise::RegistrationsController
private
def sign_up_params
params.require(:user).permit(:email, :password, :phone_number, :password_confirmation, :captcha, :captcha_key, :terms_of_service, organization_attributes: [:name, :responsible_name])
params.require(:user).permit(:email, :password, :phone_number, :password_confirmation, :terms_of_service, organization_attributes: [:name, :responsible_name])
end
end

6
app/controllers/proposals_controller.rb
View File

@@ -2,6 +2,7 @@ class ProposalsController < ApplicationController
include CommentableActions
include FlagActions
before_action :parse_search_terms, only: [:index, :suggest]
before_action :parse_advanced_search_terms, only: :index
before_action :parse_tag_filter, only: :index
@@ -10,6 +11,8 @@ class ProposalsController < ApplicationController
before_action :load_geozones, only: [:edit, :map, :summary]
before_action :authenticate_user!, except: [:index, :show, :map, :summary]
invisible_captcha only: [:create, :update], honeypot: :subtitle
has_orders %w{hot_score confidence_score created_at relevance}, only: :index
has_orders %w{most_voted newest oldest}, only: :show
@@ -56,7 +59,7 @@ class ProposalsController < ApplicationController
private
def proposal_params
params.require(:proposal).permit(:title, :question, :summary, :description, :external_url, :video_url, :responsible_name, :tag_list, :terms_of_service, :captcha, :captcha_key, :geozone_id)
params.require(:proposal).permit(:title, :question, :summary, :description, :external_url, :video_url, :responsible_name, :tag_list, :terms_of_service, :geozone_id)
end
def retired_params
@@ -93,4 +96,5 @@ class ProposalsController < ApplicationController
@resources = @resources.where('proposals.id NOT IN (?)', @featured_proposals.map(&:id))
end
end
end

6
app/controllers/spending_proposals_controller.rb
View File

@@ -8,6 +8,8 @@ class SpendingProposalsController < ApplicationController
feature_flag :spending_proposals
invisible_captcha only: [:create, :update], honeypot: :subtitle
respond_to :html, :js
def index
@@ -27,7 +29,7 @@ class SpendingProposalsController < ApplicationController
@spending_proposal = SpendingProposal.new(spending_proposal_params)
@spending_proposal.author = current_user
if @spending_proposal.save_with_captcha
if @spending_proposal.save
notice = t('flash.actions.create.spending_proposal', activity: "<a href='#{user_path(current_user, filter: :spending_proposals)}'>#{t('layouts.header.my_activity_link')}</a>")
redirect_to @spending_proposal, notice: notice, flash: { html_safe: true }
else
@@ -49,7 +51,7 @@ class SpendingProposalsController < ApplicationController
private
def spending_proposal_params
params.require(:spending_proposal).permit(:title, :description, :external_url, :geozone_id, :association_name, :terms_of_service, :captcha, :captcha_key)
params.require(:spending_proposal).permit(:title, :description, :external_url, :geozone_id, :association_name, :terms_of_service)
end
def set_geozone_name

7
app/controllers/users/registrations_controller.rb
View File

@@ -1,6 +1,8 @@
class Users::RegistrationsController < Devise::RegistrationsController
prepend_before_action :authenticate_scope!, only: [:edit, :update, :destroy, :finish_signup, :do_finish_signup]
invisible_captcha only: [:create], honeypot: :family_name, scope: :user
def new
super do |user|
user.use_redeemable_code = true if params[:use_redeemable_code].present?
@@ -9,7 +11,7 @@ class Users::RegistrationsController < Devise::RegistrationsController
def create
build_resource(sign_up_params)
if resource.valid_with_captcha?
if resource.valid?
super
else
render :new
@@ -58,8 +60,7 @@ class Users::RegistrationsController < Devise::RegistrationsController
def sign_up_params
params[:user].delete(:redeemable_code) if params[:user].present? && params[:user][:redeemable_code].blank?
params.require(:user).permit(:username, :email, :password,
:password_confirmation, :captcha,
:captcha_key, :terms_of_service, :locale,
:password_confirmation, :terms_of_service, :locale,
:redeemable_code)
end

1
app/models/debate.rb
View File

@@ -8,7 +8,6 @@ class Debate < ActiveRecord::Base
include Searchable
include Filterable
apply_simple_captcha
acts_as_votable
acts_as_paranoid column: :hidden_at
include ActsAsParanoidAliases

1
app/models/proposal.rb
View File

@@ -7,7 +7,6 @@ class Proposal < ActiveRecord::Base
include Searchable
include Filterable
apply_simple_captcha
acts_as_votable
acts_as_paranoid column: :hidden_at
include ActsAsParanoidAliases

1
app/models/spending_proposal.rb
View File

@@ -4,7 +4,6 @@ class SpendingProposal < ActiveRecord::Base
include Taggable
include Searchable
apply_simple_captcha
acts_as_votable
belongs_to :author, -> { with_hidden }, class_name: 'User', foreign_key: 'author_id'

1
app/models/user.rb
View File

@@ -2,7 +2,6 @@ class User < ActiveRecord::Base
include Verification
apply_simple_captcha
devise :database_authenticatable, :registerable, :confirmable,
:recoverable, :rememberable, :trackable, :validatable, :omniauthable, :async

9
app/views/debates/_form.html.erb
View File

@@ -1,5 +1,8 @@
<%= form_for(@debate) do |f| %>
<%= render 'shared/errors', resource: @debate %>
<div class="row">
<div class="small-12 column">
<%= f.label :title, t("debates.form.debate_title") %>
@@ -11,6 +14,8 @@
<%= f.cktext_area :description, maxlength: Debate.description_max_length, ckeditor: { language: I18n.locale }, label: false %>
</div>
<%= f.invisible_captcha :subtitle %>
<div class="small-12 column">
<%= f.label :tag_list, t("debates.form.tags_label") %>
<p class="note"><%= t("debates.form.tags_instructions") %></p>
@@ -32,10 +37,6 @@
<% end %>
</div>
<div class="small-12 column">
<%= f.simple_captcha input_html: { required: false } %>
</div>
<div class="actions small-12 column">
<%= f.submit(class: "button", value: t("debates.#{action_name}.form.submit_button")) %>
</div>

10
app/views/layouts/_flash.html.erb Normal file
View File

@@ -0,0 +1,10 @@
<% flash.each do |flash_key, flash_message| %>
<div id="<%= flash_key %>" data-alert class="row" data-closable>
<div class="callout <%= flash_key %>">
<button class="close-button" aria-label="<%= t("application.close") %>" type="button" data-close>
<span aria-hidden="true">&times;</span>
</button>
<%= flash_message %>
</div>
</div>
<% end %>

17
app/views/layouts/admin.html.erb
View File

@@ -23,23 +23,8 @@
</div>
<div class="admin-content small-12 medium-9 column">
<% if notice %>
<div data-alert class="callout success" data-closable>
<button class="close-button" aria-label="<%= t("application.close") %>" type="button" data-close>
<span aria-hidden="true">&times;</span>
</button>
<%= notice %>
</div>
<% end %>
<% if alert %>
<div data-alert class="callout alert" data-closable>
<button class="close-button" aria-label="<%= t("application.close") %>" type="button" data-close>
<span aria-hidden="true">&times;</span>
</button>
<%= alert %>
</div>
<% end %>
<%= render 'layouts/flash' %>
<%= yield %>
</div>

22
app/views/layouts/application.html.erb
View File

@@ -42,27 +42,7 @@
<% end %>
<![endif]-->
<% if notice %>
<div id="notice" data-alert class="row" data-closable>
<div class="callout success">
<button class="close-button" aria-label="<%= t("application.close") %>" type="button" data-close>
<span aria-hidden="true">&times;</span>
</button>
<%= notice %>
</div>
</div>
<% end %>
<% if alert %>
<div id="alert" data-alert class="row" data-closable>
<div class="callout alert">
<button class="close-button" aria-label="<%= t("application.close") %>" type="button" data-close>
<span aria-hidden="true">&times;</span>
</button>
<%= alert %>
</div>
</div>
<% end %>
<%= render 'layouts/flash' %>
<%= yield %>
<div class="push"></div>

19
app/views/layouts/devise.html.erb
View File

@@ -27,23 +27,8 @@
<div class="row auth">
<main>
<div class="small-12 medium-8 large-5 column small-centered panel padding margin-bottom">
<% if notice %>
<div data-alert class="callout success" data-closable>
<button class="close-button" aria-label="<%= t("application.close") %>" type="button" data-close>
<span aria-hidden="true">&times;</span>
</button>
<%= notice %>
</div>
<% end %>
<% if alert %>
<div data-alert class="callout warning" data-closable>
<button class="close-button" aria-label="<%= t("application.close") %>" type="button" data-close>
<span aria-hidden="true">&times;</span>
</button>
<%= alert %>
</div>
<% end %>
<%= render 'layouts/flash' %>
<%= yield %>
</div>
@@ -56,4 +41,4 @@
<%= render 'layouts/footer' %>
</div>
</body>
</html>
</html>

17
app/views/layouts/management.html.erb
View File

@@ -54,23 +54,8 @@
<%= render "management/account_info" %>
<div class="admin-content small-12 medium-9 column">
<% if notice %>
<div data-alert class="callout success" data-closable>
<button class="close-button" aria-label="<%= t("application.close") %>" type="button" data-close>
<span aria-hidden="true">&times;</span>
</button>
<%= notice %>
</div>
<% end %>
<% if alert %>
<div data-alert class="callout alert" data-closable>
<button class="close-button" aria-label="<%= t("application.close") %>" type="button" data-close>
<span aria-hidden="true">&times;</span>
</button>
<%= alert %>
</div>
<% end %>
<%= render 'layouts/flash' %>
<%= yield %>
</div>

5
app/views/organizations/registrations/new.html.erb
View File

@@ -17,6 +17,8 @@
<%= f.text_field :phone_number, placeholder: t("devise_views.organizations.registrations.new.phone_number_label") %>
<%= f.invisible_captcha :address %>
<%= f.password_field :password, autocomplete: "off",
placeholder: t("devise_views.organizations.registrations.new.password_label") %>
@@ -24,9 +26,6 @@
label: t("devise_views.organizations.registrations.new.password_confirmation_label"),
placeholder: t("devise_views.organizations.registrations.new.password_confirmation_label") %>
<%= f.simple_captcha input_html: {required: false} %>
<%= f.label :terms_of_service do %>
<%= f.check_box :terms_of_service, title: t('devise_views.users.registrations.new.terms_title'), label: false %>
<span class="checkbox">

2
app/views/pages/faq.html.erb
View File

@@ -71,7 +71,7 @@
<h2 id="5">¿Cómo creo y verifico mi cuenta?</h2>
<ul>
<li>Lo primero es crear una cuenta básica. Para ello hacemos clic en el enlace <a href="https://decide.madrid.es/users/sign_up">Registrarse</a> y rellenamos los datos que nos piden. Es un requisito marcar la casilla de aceptación de las condiciones de uso, y rellenar correctamente el captcha (en la parte inferior del formulario se nos presenta una imagen con unas letras deformadas que tendremos que introducir en la casilla inferior como medida de seguridad; ten en cuenta la diferencia entre mayúsculas y minúsculas). Al crear una cuenta nos llegará un correo electrónico a la dirección que hayamos especificado, y tendremos que hacer click en el enlace que contiene (el enlace que pone "Confirmar mi cuenta") para terminar de crear la cuenta.</li>
<li>Lo primero es crear una cuenta básica. Para ello hacemos clic en el enlace <a href="https://decide.madrid.es/users/sign_up">Registrarse</a> y rellenamos los datos que nos piden. Es un requisito marcar la casilla de aceptación de las condiciones de uso. Al crear una cuenta nos llegará un correo electrónico a la dirección que hayamos especificado, y tendremos que hacer click en el enlace que contiene (el enlace que pone "Confirmar mi cuenta") para terminar de crear la cuenta.</li>
<li>Una vez creada la cuenta básica, y tras <a href="https://decide.madrid.es/users/sign_in">entrar</a> con nuestro correo y contraseña, el sistema nos dará la opción de realizar una verificación básica de la misma. Tanto este paso como el siguiente se pueden realizar presencialmente en cualquiera de las <a href="http://www.madrid.es/portales/munimadrid/es/Inicio/El-Ayuntamiento/Atencion-al-ciudadano/Oficinas-de-Atencion-al-Ciudadano?vgnextfmt=default&vgnextchannel=5b99cde2e09a4310VgnVCM1000000b205a0aRCRD" target="_blank" title="(se abre en ventana nueva)">26 Oficinas de Atención al Ciudadano</a> que hay por todo Madrid. Si preferimos hacerlo a través de la web, hacemos click en el enlace <a href="https://decide.madrid.es/account">"Mi cuenta"</a> de la parte superior derecha, y luego en el botón "Verificar mi cuenta". Lo primero que se nos pedirá es que introduzcamos nuestros datos de residencia, para verificar que estamos empadronados en el municipio de Madrid (es importante introducir el número de documento con la letra; y marcar la casilla de aceptación de acceso al Padrón). Si los datos son correctos, se nos pedirá un teléfono móvil para mandarnos un código de confirmación, que introduciremos en la siguiente página que se nos presente. Este móvil no se utilizará para contactarnos ni para enviarnos nada en ningún momento, sólo es una medida de seguridad. Si preferimos no dar ningún teléfono móvil, podemos realizar el proceso sin necesidad de él en las Oficinas de Atención al Ciudadano, como comentamos anteriormente. Una vez introducido correctamente el código de confirmación, nuestra cuenta nos permitirá apoyar propuestas.</li>
<li>Para poder acceder a las votaciones finales de las propuestas, tendremos que verificar completamente nuestra cuenta. No obstante recuerda que la votación de propuestas es un proceso muy concreto que sólo ocurre durante una semana una vez las propuestas han llegado al 2% de apoyos, por lo tanto por lo general será posible realizar todas las acciones en la web con la anterior verificación básica de nuestracuenta. Para verificar completamente nuestra cuenta, podemos hacerlo presencialmente en cualquiera de las <a href="http://www.madrid.es/portales/munimadrid/es/Inicio/El-Ayuntamiento/Atencion-al-ciudadano/Oficinas-de-Atencion-al-Ciudadano?vgnextfmt=default&vgnextchannel=5b99cde2e09a4310VgnVCM1000000b205a0aRCRD" target="_blank" title="(se abre en ventana nueva)">26 Oficinas de Atención al Ciudadano</a>, o bien a través de la web <a href="https://decide.madrid.es/users/sign_in">entrando</a> con nuestro correo y contraseña, hacer clic en el enlace <a href="https://decide.madrid.es/account">"Mi cuenta"</a> de la parte superior derecha, pulsar el botón "Finalizar verificación", y finalmente hacer click en "Solicitar el envío de un correo postal". Una vez solicitado, nos llegará a nuestra dirección de empadronamiento una carta, con un código de seguridad y unas sencillas instrucciones para realizar la verificación.</li>
</ul>

6
app/views/proposals/_form.html.erb
View File

@@ -8,6 +8,8 @@
</div>
<div id="js-suggest"></div>
<%= f.invisible_captcha :subtitle %>
<div class="small-12 column">
<%= f.label :question, t("proposals.form.proposal_question") %>
<span class="note-marked">
@@ -84,10 +86,6 @@
<% end %>
</div>
<div class="small-12 column">
<%= f.simple_captcha input_html: { required: false } %>
</div>
<div class="actions small-12 column">
<%= f.submit(class: "button", value: t("proposals.#{action_name}.form.submit_button")) %>
</div>

8
app/views/simple_captcha/_simple_captcha.erb
View File

@@ -1,8 +0,0 @@
<div class="captcha">
<%= simple_captcha_options[:image] %>
<%= simple_captcha_options[:refresh_button] %>
<p class="note"><%= simple_captcha_options[:label] %></p>
<%= simple_captcha_options[:field] %>
</div>

8
app/views/spending_proposals/_form.html.erb
View File

@@ -7,6 +7,8 @@
<%= f.text_field :title, maxlength: SpendingProposal.title_max_length, placeholder: t("spending_proposals.form.title"), label: false %>
</div>
<%= f.invisible_captcha :subtitle %>
<div class="ckeditor small-12 column">
<%= f.label :description, t("spending_proposals.form.description") %>
<%= f.cktext_area :description, maxlength: SpendingProposal.description_max_length, ckeditor: { language: I18n.locale }, label: false %>
@@ -40,12 +42,8 @@
<% end %>
</div>
<div class="small-12 column">
<%= f.simple_captcha input_html: { required: false } %>
</div>
<div class="actions small-12 column">
<%= f.submit(class: "button", value: t("spending_proposals.form.submit_buttons.#{action_name}")) %>
</div>
</div>
<% end %>
<% end %>

4
app/views/users/registrations/new.html.erb
View File

@@ -21,6 +21,8 @@
<p class="note"><%= t("devise_views.users.registrations.new.username_note") %></p>
<%= f.text_field :username, maxlength: User.username_max_length, placeholder: t("devise_views.users.registrations.new.username_label"), label: false %>
<%= f.invisible_captcha :family_name %>
<%= f.email_field :email, placeholder: t("devise_views.users.registrations.new.email_label") %>
@@ -35,8 +37,6 @@
<%= f.text_field :redeemable_code, placeholder: t("devise_views.users.registrations.new.redeemable_code") %>
<% end %>
<%= f.simple_captcha input_html: {required: false} %>
<%= f.label :terms_of_service do %>
<%= f.check_box :terms_of_service, title: t('devise_views.users.registrations.new.terms_title'), label: false %>
<span class="checkbox">

2
config/deploy/shared/secrets.yml.erb
View File

@@ -1,6 +1,4 @@
<%= fetch(:rails_env) %>:
recaptcha_public_key: <%= ENV["MADRID_RECAPTCHA_PUBLIC_KEY"] %>
recaptcha_private_key: <%= ENV["MADRID_RECAPTCHA_PRIVATE_KEY"] %>
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
twitter_key: <%= ENV["TWITTER_KEY"] %>
twitter_secret: <%= ENV["TWITTER_SECRET"] %>

2
config/i18n-tasks.yml
View File

@@ -105,7 +105,6 @@ ignore_unused:
- 'activerecord.*'
- 'activemodel.*'
- 'unauthorized.*'
- 'simple_captcha.*'
- 'admin.officials.level_*'
- 'admin.comments.index.filter*'
- 'admin.debates.index.filter*'
@@ -137,6 +136,7 @@ ignore_unused:
- 'helpers.page_entries_info.*' # kaminari
- 'views.pagination.*' # kaminari
- 'shared.suggest.*'
- 'invisible_captcha.*'
# - '{devise,kaminari,will_paginate}.*'
# - 'simple_form.{yes,no}'
# - 'simple_form.{placeholders,hints,labels}.*'

8
config/initializers/invisible_captcha.rb Normal file
View File

@@ -0,0 +1,8 @@
InvisibleCaptcha.setup do |config|
config.visual_honeypots = false
config.timestamp_threshold = 4.seconds
# Leave these unset if you want to use I18n (see below)
# config.error_message = 'You are a robot!'
# config.sentence_for_humans = 'If you are a human, ignore this field'
# config.timestamp_error_message = 'Sorry, that was too quick! Please resubmit.'
end

37
config/initializers/simple_captcha.rb
View File

@@ -1,37 +0,0 @@
SimpleCaptcha.always_pass = false
SimpleCaptcha.setup do |sc|
# default: 100x28
sc.image_size = '120x40'
# default: 5
sc.length = 6
# default: simply_blue
# possible values:
# 'embosed_silver',
# 'simply_red',
# 'simply_green',
# 'simply_blue',
# 'distorted_black',
# 'all_black',
# 'charcoal_grey',
# 'almost_invisible'
# 'random'
sc.image_style = 'simply_green'
# default: low
# possible values: 'low', 'medium', 'high', 'random'
sc.distortion = 'random'
# default: medium
# possible values: 'none', 'low', 'medium', 'high'
sc.implode = 'medium'
# sc.image_style = 'mycaptha'
# sc.add_image_style('mycaptha', [
# "-background '#F4F7F8'",
# "-fill '#86818B'",
# "-border 1",
# "-bordercolor '#E0E2E3'"])
end

13
config/locales/en.yml
View File

@@ -417,15 +417,6 @@ en:
categories: "Categories"
target_blank_html: " (link opens in new window)"
unflag: Unflag
simple_captcha:
label: Enter the text from the image in the box below
message:
debate: the secret code does not match the image
proposal: the secret code does not match the image
spendingproposal: the secret code does not match the image
user: the secret code does not match the image
placeholder: Enter the text from the image
refresh_button_text: Refresh
social:
blog: Blog
facebook: Facebook
@@ -591,3 +582,7 @@ en:
text_sign_in: "login"
text_sign_up: "sign up"
alt: "Select the text you want to comment and press the button with the pencil."
invisible_captcha:
sentence_for_humans: "If you are human, ignore this field"
timestamp_error_message: "Sorry, that was too quick! Please resubmit."

12
config/locales/es.yml
View File

@@ -417,15 +417,6 @@ es:
categories: "Categorías"
target_blank_html: " (se abre en ventana nueva)"
unflag: Deshacer denuncia
simple_captcha:
label: Introduce el texto de la imagen en la siguiente caja
message:
debate: el código secreto no coincide con la imagen
proposal: el código secreto no coincide con la imagen
spendingproposal: el código secreto no coincide con la imagen
user: el código secreto no coincide con la imagen
placeholder: Introduce el texto de la imagen
refresh_button_text: Refrescar
social:
blog: Blog
facebook: Facebook
@@ -591,3 +582,6 @@ es:
text_sign_in: "iniciar sesión"
text_sign_up: "registrarte"
alt: "Selecciona el texto que quieres comentar y pulsa en el botón con el lápiz."
invisible_captcha:
sentence_for_humans: "Si eres humano, por favor ignora este campo"
timestamp_error_message: "Eso ha sido demasiado rápido. Por favor, reenvía el formulario."

5
db/migrate/20160421090733_destroy_captcha_table.rb Normal file
View File

@@ -0,0 +1,5 @@
class DestroyCaptchaTable < ActiveRecord::Migration
def change
drop_table :simple_captcha_data
end
end

9
db/schema.rb
View File

@@ -286,15 +286,6 @@ ActiveRecord::Schema.define(version: 20160426211658) do
add_index "settings", ["key"], name: "index_settings_on_key", using: :btree
create_table "simple_captcha_data", force: :cascade do |t|
t.string "key", limit: 40
t.string "value", limit: 6
t.datetime "created_at"
t.datetime "updated_at"
end
add_index "simple_captcha_data", ["key"], name: "idx_key", using: :btree
create_table "spending_proposals", force: :cascade do |t|
t.string "title"
t.text "description"

9
spec/controllers/debates_controller_spec.rb
View File

@@ -2,15 +2,6 @@ require 'rails_helper'
describe DebatesController do
before(:all) do
@original_captcha_pass_value = SimpleCaptcha.always_pass
SimpleCaptcha.always_pass = true
end
after(:all) do
SimpleCaptcha.always_pass = @original_captcha_pass_value
end
describe 'POST create' do
it 'should create an ahoy event' do

65
spec/features/debates_spec.rb
View File

@@ -96,7 +96,6 @@ feature 'Debates' do
visit new_debate_path
fill_in 'debate_title', with: 'A title for a debate'
fill_in 'debate_description', with: 'This is very important because...'
fill_in 'debate_captcha', with: correct_captcha_text
check 'debate_terms_of_service'
click_button 'Start a debate'
@@ -108,24 +107,39 @@ feature 'Debates' do
expect(page).to have_content I18n.l(Debate.last.created_at.to_date)
end
scenario 'Captcha is required for debate creation' do
login_as(create(:user))
scenario 'Create with invisible_captcha honeypot field' do
author = create(:user)
login_as(author)
visit new_debate_path
fill_in 'debate_title', with: "Great title"
fill_in 'debate_description', with: 'Very important issue...'
fill_in 'debate_captcha', with: "wrongText!"
fill_in 'debate_title', with: 'I am a bot'
fill_in 'debate_subtitle', with: 'This is a honeypot field'
fill_in 'debate_description', with: 'This is the description'
check 'debate_terms_of_service'
click_button "Start a debate"
click_button 'Start a debate'
expect(page).to_not have_content "Debate created successfully."
expect(page).to have_content "1 error"
expect(page.status_code).to eq(200)
expect(page.html).to be_empty
expect(current_path).to eq(debates_path)
end
fill_in 'debate_captcha', with: correct_captcha_text
click_button "Start a debate"
scenario 'Create debate too fast' do
allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(Float::INFINITY)
expect(page).to have_content "Debate created successfully."
author = create(:user)
login_as(author)
visit new_debate_path
fill_in 'debate_title', with: 'I am a bot'
fill_in 'debate_description', with: 'This is the description'
check 'debate_terms_of_service'
click_button 'Start a debate'
expect(page).to have_content 'Sorry, that was too quick! Please resubmit'
expect(current_path).to eq(new_debate_path)
end
scenario 'Errors on create' do
@@ -144,7 +158,6 @@ feature 'Debates' do
visit new_debate_path
fill_in 'debate_title', with: 'Testing an attack'
fill_in 'debate_description', with: '<p>This is <script>alert("an attack");</script></p>'
fill_in 'debate_captcha', with: correct_captcha_text
check 'debate_terms_of_service'
click_button 'Start a debate'
@@ -163,7 +176,6 @@ feature 'Debates' do
visit new_debate_path
fill_in 'debate_title', with: 'Testing auto link'
fill_in 'debate_description', with: '<p>This is a link www.example.org</p>'
fill_in 'debate_captcha', with: correct_captcha_text
check 'debate_terms_of_service'
click_button 'Start a debate'
@@ -180,7 +192,6 @@ feature 'Debates' do
visit new_debate_path
fill_in 'debate_title', with: 'Testing auto link'
fill_in 'debate_description', with: "<script>alert('hey')</script> <a href=\"javascript:alert('surprise!')\">click me<a/> http://example.org"
fill_in 'debate_captcha', with: correct_captcha_text
check 'debate_terms_of_service'
click_button 'Start a debate'
@@ -213,7 +224,6 @@ feature 'Debates' do
fill_in 'debate_title', with: 'Testing auto link'
fill_in 'debate_description', with: "<script>alert('hey')</script> <a href=\"javascript:alert('surprise!')\">click me<a/> http://example.org"
fill_in 'debate_captcha', with: correct_captcha_text
check 'debate_terms_of_service'
find('.js-add-tag-link', text: 'Education').click
@@ -232,7 +242,6 @@ feature 'Debates' do
fill_in 'debate_title', with: "Great title"
fill_in 'debate_description', with: 'Very important issue...'
fill_in 'debate_captcha', with: correct_captcha_text
check 'debate_terms_of_service'
fill_in 'debate_tag_list', with: 'Refugees, Solidarity'
@@ -250,7 +259,6 @@ feature 'Debates' do
fill_in 'debate_title', with: 'A test of dangerous strings'
fill_in 'debate_description', with: 'A description suitable for this test'
fill_in 'debate_captcha', with: correct_captcha_text
check 'debate_terms_of_service'
fill_in 'debate_tag_list', with: 'user_id=1, &a=3, <script>alert("hey");</script>'
@@ -300,7 +308,6 @@ feature 'Debates' do
fill_in 'debate_title', with: "End child poverty"
fill_in 'debate_description', with: "Let's do something to end child poverty"
fill_in 'debate_captcha', with: correct_captcha_text
click_button "Save changes"
@@ -320,26 +327,6 @@ feature 'Debates' do
expect(page).to have_content error_message
end
scenario 'Captcha is required to update a debate' do
debate = create(:debate)
login_as(debate.author)
visit edit_debate_path(debate)
expect(current_path).to eq(edit_debate_path(debate))
fill_in 'debate_title', with: "New title"
fill_in 'debate_captcha', with: "wrong!"
click_button "Save changes"
expect(page).to_not have_content "Debate updated successfully."
expect(page).to have_content "error"
fill_in 'debate_captcha', with: correct_captcha_text
click_button "Save changes"
expect(page).to have_content "Debate updated successfully."
end
describe 'Limiting tags shown' do
scenario 'Index page shows up to 5 tags per debate' do
tag_list = ["Hacienda", "Economía", "Medio Ambiente", "Corrupción", "Fiestas populares", "Prensa"]

1
spec/features/management/proposals_spec.rb
View File

@@ -27,7 +27,6 @@ feature 'Proposals' do
fill_in 'proposal_description', with: 'This is very important because...'
fill_in 'proposal_external_url', with: 'http://rescue.org/refugees'
fill_in 'proposal_video_url', with: 'http://youtube.com'
fill_in 'proposal_captcha', with: correct_captcha_text
check 'proposal_terms_of_service'
click_button 'Create proposal'

3
spec/features/management/spending_proposals_spec.rb
View File

@@ -24,7 +24,6 @@ feature 'Spending Proposals' do
fill_in 'spending_proposal_title', with: 'Build a park in my neighborhood'
fill_in 'spending_proposal_description', with: 'There is no parks here...'
fill_in 'spending_proposal_external_url', with: 'http://moarparks.com'
fill_in 'spending_proposal_captcha', with: correct_captcha_text
check 'spending_proposal_terms_of_service'
click_button 'Create'
@@ -221,4 +220,4 @@ feature 'Spending Proposals' do
end
end
end

36
spec/features/organizations_spec.rb
View File

@@ -13,7 +13,6 @@ feature 'Organizations' do
fill_in 'user_email', with: 'green@peace.com'
fill_in 'user_password', with: 'greenpeace'
fill_in 'user_password_confirmation', with: 'greenpeace'
fill_in 'user_captcha', with: correct_captcha_text
check 'user_terms_of_service'
click_button 'Register'
@@ -24,6 +23,41 @@ feature 'Organizations' do
expect(user.organization).to_not be_verified
end
scenario 'Create with invisible_captcha honeypot field' do
visit new_organization_registration_path
fill_in 'user_organization_attributes_name', with: 'robot'
fill_in 'user_address', with: 'This is the honeypot field'
fill_in 'user_organization_attributes_responsible_name', with: 'Robots are more responsible than humans'
fill_in 'user_email', with: 'robot@robot.com'
fill_in 'user_password', with: 'destroyallhumans'
fill_in 'user_password_confirmation', with: 'destroyallhumans'
check 'user_terms_of_service'
click_button 'Register'
expect(page.status_code).to eq(200)
expect(page.html).to be_empty
expect(current_path).to eq(organization_registration_path)
end
scenario 'Create organization too fast' do
allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(Float::INFINITY)
visit new_organization_registration_path
fill_in 'user_organization_attributes_name', with: 'robot'
fill_in 'user_organization_attributes_responsible_name', with: 'Robots are more responsible than humans'
fill_in 'user_email', with: 'robot@robot.com'
fill_in 'user_password', with: 'destroyallhumans'
fill_in 'user_password_confirmation', with: 'destroyallhumans'
click_button 'Register'
expect(page).to have_content 'Sorry, that was too quick! Please resubmit'
expect(current_path).to eq(new_organization_registration_path)
end
scenario 'Errors on create' do
visit new_organization_registration_path

99
spec/features/proposals_spec.rb
View File

@@ -130,7 +130,6 @@ feature 'Proposals' do
fill_in 'proposal_external_url', with: 'http://rescue.org/refugees'
fill_in 'proposal_video_url', with: 'http://youtube.com'
fill_in 'proposal_responsible_name', with: 'Isabel Garcia'
fill_in 'proposal_captcha', with: correct_captcha_text
check 'proposal_terms_of_service'
click_button 'Create proposal'
@@ -146,6 +145,49 @@ feature 'Proposals' do
expect(page).to have_content I18n.l(Proposal.last.created_at.to_date)
end
scenario 'Create with invisible_captcha honeypot field' do
author = create(:user)
login_as(author)
visit new_proposal_path
fill_in 'proposal_title', with: 'I am a bot'
fill_in 'proposal_subtitle', with: 'This is the honeypot field'
fill_in 'proposal_question', with: 'This is a question'
fill_in 'proposal_summary', with: 'This is the summary'
fill_in 'proposal_description', with: 'This is the description'
fill_in 'proposal_external_url', with: 'http://google.com/robots.txt'
fill_in 'proposal_responsible_name', with: 'Some other robot'
check 'proposal_terms_of_service'
click_button 'Create proposal'
expect(page.status_code).to eq(200)
expect(page.html).to be_empty
expect(current_path).to eq(proposals_path)
end
scenario 'Create proposal too fast' do
allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(Float::INFINITY)
author = create(:user)
login_as(author)
visit new_proposal_path
fill_in 'proposal_title', with: 'I am a bot'
fill_in 'proposal_question', with: 'This is a question'
fill_in 'proposal_summary', with: 'This is the summary'
fill_in 'proposal_description', with: 'This is the description'
fill_in 'proposal_external_url', with: 'http://google.com/robots.txt'
fill_in 'proposal_responsible_name', with: 'Some other robot'
check 'proposal_terms_of_service'
click_button 'Create proposal'
expect(page).to have_content 'Sorry, that was too quick! Please resubmit'
expect(current_path).to eq(new_proposal_path)
end
scenario 'Responsible name is stored for anonymous users' do
author = create(:user)
login_as(author)
@@ -157,7 +199,6 @@ feature 'Proposals' do
fill_in 'proposal_description', with: 'This is very important because...'
fill_in 'proposal_external_url', with: 'http://rescue.org/refugees'
fill_in 'proposal_responsible_name', with: 'Isabel Garcia'
fill_in 'proposal_captcha', with: correct_captcha_text
fill_in 'proposal_responsible_name', with: 'Isabel Garcia'
check 'proposal_terms_of_service'
@@ -179,7 +220,6 @@ feature 'Proposals' do
fill_in 'proposal_summary', with: 'In summary, what we want is...'
fill_in 'proposal_description', with: 'This is very important because...'
fill_in 'proposal_external_url', with: 'http://rescue.org/refugees'
fill_in 'proposal_captcha', with: correct_captcha_text
check 'proposal_terms_of_service'
click_button 'Create proposal'
@@ -187,30 +227,6 @@ feature 'Proposals' do
expect(page).to have_content 'Proposal created successfully.'
end
scenario 'Captcha is required for proposal creation' do
login_as(create(:user))
visit new_proposal_path
fill_in 'proposal_title', with: "Great title"
fill_in 'proposal_question', with: '¿Would you like to give assistance to war refugees?'
fill_in 'proposal_summary', with: 'In summary, what we want is...'
fill_in 'proposal_description', with: 'Very important issue...'
fill_in 'proposal_external_url', with: 'http://rescue.org/refugees'
fill_in 'proposal_responsible_name', with: 'Isabel Garcia'
fill_in 'proposal_captcha', with: "wrongText!"
check 'proposal_terms_of_service'
click_button "Create proposal"
expect(page).to_not have_content "Proposal created successfully."
expect(page).to have_content "1 error"
fill_in 'proposal_captcha', with: correct_captcha_text
click_button "Create proposal"
expect(page).to have_content "Proposal created successfully."
end
scenario 'Errors on create' do
author = create(:user)
login_as(author)
@@ -231,7 +247,6 @@ feature 'Proposals' do
fill_in 'proposal_description', with: '<p>This is <script>alert("an attack");</script></p>'
fill_in 'proposal_external_url', with: 'http://rescue.org/refugees'
fill_in 'proposal_responsible_name', with: 'Isabel Garcia'
fill_in 'proposal_captcha', with: correct_captcha_text
check 'proposal_terms_of_service'
click_button 'Create proposal'
@@ -253,7 +268,6 @@ feature 'Proposals' do
fill_in 'proposal_summary', with: 'In summary, what we want is...'
fill_in 'proposal_description', with: '<p>This is a link www.example.org</p>'
fill_in 'proposal_responsible_name', with: 'Isabel Garcia'
fill_in 'proposal_captcha', with: correct_captcha_text
check 'proposal_terms_of_service'
click_button 'Create proposal'
@@ -273,7 +287,6 @@ feature 'Proposals' do
fill_in 'proposal_summary', with: 'In summary, what we want is...'
fill_in 'proposal_description', with: "<script>alert('hey')</script> <a href=\"javascript:alert('surprise!')\">click me<a/> http://example.org"
fill_in 'proposal_responsible_name', with: 'Isabel Garcia'
fill_in 'proposal_captcha', with: correct_captcha_text
check 'proposal_terms_of_service'
click_button 'Create proposal'
@@ -311,7 +324,6 @@ feature 'Proposals' do
fill_in 'proposal_external_url', with: 'http://rescue.org/refugees'
fill_in 'proposal_video_url', with: 'http://youtube.com'
fill_in 'proposal_responsible_name', with: 'Isabel Garcia'
fill_in 'proposal_captcha', with: correct_captcha_text
check 'proposal_terms_of_service'
find('.js-add-tag-link', text: 'Education').click
@@ -335,7 +347,6 @@ feature 'Proposals' do
fill_in 'proposal_external_url', with: 'http://rescue.org/refugees'
fill_in 'proposal_video_url', with: 'http://youtube.com'
fill_in 'proposal_responsible_name', with: 'Isabel Garcia'
fill_in 'proposal_captcha', with: correct_captcha_text
check 'proposal_terms_of_service'
fill_in 'proposal_tag_list', with: 'Refugees, Solidarity'
@@ -360,7 +371,6 @@ feature 'Proposals' do
fill_in 'proposal_description', with: 'A description suitable for this test'
fill_in 'proposal_external_url', with: 'http://rescue.org/refugees'
fill_in 'proposal_responsible_name', with: 'Isabel Garcia'
fill_in 'proposal_captcha', with: correct_captcha_text
check 'proposal_terms_of_service'
fill_in 'proposal_tag_list', with: 'user_id=1, &a=3, <script>alert("hey");</script>'
@@ -390,7 +400,6 @@ feature 'Proposals' do
fill_in 'proposal_external_url', with: 'http://rescue.org/refugees'
fill_in 'proposal_video_url', with: 'http://youtube.com'
fill_in 'proposal_responsible_name', with: 'Isabel Garcia'
fill_in 'proposal_captcha', with: correct_captcha_text
check 'proposal_terms_of_service'
click_button 'Create proposal'
@@ -416,7 +425,6 @@ feature 'Proposals' do
fill_in 'proposal_external_url', with: 'http://rescue.org/refugees'
fill_in 'proposal_video_url', with: 'http://youtube.com'
fill_in 'proposal_responsible_name', with: 'Isabel Garcia'
fill_in 'proposal_captcha', with: correct_captcha_text
check 'proposal_terms_of_service'
select('California', from: 'proposal_geozone_id')
@@ -563,7 +571,6 @@ feature 'Proposals' do
fill_in 'proposal_description', with: "Let's do something to end child poverty"
fill_in 'proposal_external_url', with: 'http://rescue.org/refugees'
fill_in 'proposal_responsible_name', with: 'Isabel Garcia'
fill_in 'proposal_captcha', with: correct_captcha_text
click_button "Save changes"
@@ -584,26 +591,6 @@ feature 'Proposals' do
expect(page).to have_content error_message
end
scenario 'Captcha is required to update a proposal' do
proposal = create(:proposal)
login_as(proposal.author)
visit edit_proposal_path(proposal)
expect(current_path).to eq(edit_proposal_path(proposal))
fill_in 'proposal_title', with: "New cool title"
fill_in 'proposal_captcha', with: "wrong!"
click_button "Save changes"
expect(page).to_not have_content "Proposal updated successfully."
expect(page).to have_content "error"
fill_in 'proposal_captcha', with: correct_captcha_text
click_button "Save changes"
expect(page).to have_content "Proposal updated successfully."
end
describe 'Limiting tags shown' do
scenario 'Index page shows up to 5 tags per proposal' do
create_featured_proposals

37
spec/features/registration_form_spec.rb
View File

@@ -32,7 +32,6 @@ feature 'Registration form' do
fill_in 'user_password', with: "password"
fill_in 'user_password_confirmation', with: "password"
fill_in 'user_redeemable_code', with: " "
fill_in 'user_captcha', with: correct_captcha_text
check 'user_terms_of_service'
click_button 'Register'
@@ -44,4 +43,40 @@ feature 'Registration form' do
expect(new_user.redeemable_code).to be_nil
end
scenario 'Create with invisible_captcha honeypot field' do
visit new_user_registration_path
fill_in 'user_username', with: "robot"
fill_in 'user_family_name', with: 'This is the honeypot field'
fill_in 'user_email', with: 'robot@robot.com'
fill_in 'user_password', with: 'destroyallhumans'
fill_in 'user_password_confirmation', with: 'destroyallhumans'
check 'user_terms_of_service'
click_button 'Register'
expect(page.status_code).to eq(200)
expect(page.html).to be_empty
expect(current_path).to eq(user_registration_path)
end
scenario 'Create organization too fast' do
allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(Float::INFINITY)
visit new_user_registration_path
fill_in 'user_username', with: "robot"
fill_in 'user_family_name', with: 'This is the honeypot field'
fill_in 'user_email', with: 'robot@robot.com'
fill_in 'user_password', with: 'destroyallhumans'
fill_in 'user_password_confirmation', with: 'destroyallhumans'
check 'user_terms_of_service'
click_button 'Register'
expect(page).to have_content 'Sorry, that was too quick! Please resubmit'
expect(current_path).to eq(new_user_registration_path)
end
end

57
spec/features/spending_proposals_spec.rb
View File

@@ -97,7 +97,6 @@ feature 'Spending proposals' do
fill_in 'spending_proposal_description', with: 'I want to live in a high tower over the clouds'
fill_in 'spending_proposal_external_url', with: 'http://http://skyscraperpage.com/'
fill_in 'spending_proposal_association_name', with: 'People of the neighbourhood'
fill_in 'spending_proposal_captcha', with: correct_captcha_text
select 'All city', from: 'spending_proposal_geozone_id'
check 'spending_proposal_terms_of_service'
@@ -111,6 +110,40 @@ feature 'Spending proposals' do
expect(page).to have_content('All city')
end
scenario 'Create with invisible_captcha honeypot field' do
login_as(author)
visit new_spending_proposal_path
fill_in 'spending_proposal_title', with: 'I am a bot'
fill_in 'spending_proposal_subtitle', with: 'This is the honeypot'
fill_in 'spending_proposal_description', with: 'This is the description'
select 'All city', from: 'spending_proposal_geozone_id'
check 'spending_proposal_terms_of_service'
click_button 'Create'
expect(page.status_code).to eq(200)
expect(page.html).to be_empty
expect(current_path).to eq(spending_proposals_path)
end
scenario 'Create spending proposal too fast' do
allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(Float::INFINITY)
login_as(author)
visit new_spending_proposal_path
fill_in 'spending_proposal_title', with: 'I am a bot'
fill_in 'spending_proposal_description', with: 'This is the description'
select 'All city', from: 'spending_proposal_geozone_id'
check 'spending_proposal_terms_of_service'
click_button 'Create'
expect(page).to have_content 'Sorry, that was too quick! Please resubmit'
expect(current_path).to eq(new_spending_proposal_path)
end
scenario 'Create notice' do
login_as(author)
@@ -119,7 +152,6 @@ feature 'Spending proposals' do
fill_in 'spending_proposal_description', with: 'I want to live in a high tower over the clouds'
fill_in 'spending_proposal_external_url', with: 'http://http://skyscraperpage.com/'
fill_in 'spending_proposal_association_name', with: 'People of the neighbourhood'
fill_in 'spending_proposal_captcha', with: correct_captcha_text
select 'All city', from: 'spending_proposal_geozone_id'
check 'spending_proposal_terms_of_service'
@@ -137,27 +169,6 @@ feature 'Spending proposals' do
expect(page).to have_content "Build a skyscraper"
end
scenario 'Captcha is required for proposal creation' do
login_as(author)
visit new_spending_proposal_path
fill_in 'spending_proposal_title', with: 'Build a skyscraper'
fill_in 'spending_proposal_description', with: 'I want to live in a high tower over the clouds'
fill_in 'spending_proposal_external_url', with: 'http://http://skyscraperpage.com/'
fill_in 'spending_proposal_captcha', with: 'wrongText'
check 'spending_proposal_terms_of_service'
click_button 'Create'
expect(page).to_not have_content 'Spending proposal created successfully'
expect(page).to have_content '1 error'
fill_in 'spending_proposal_captcha', with: correct_captcha_text
click_button 'Create'
expect(page).to have_content 'Spending proposal created successfully'
end
scenario 'Errors on create' do
login_as(author)

4
spec/features/tags_spec.rb
View File

@@ -61,7 +61,6 @@ feature 'Tags' do
visit new_debate_path
fill_in 'debate_title', with: 'Title'
fill_in 'debate_description', with: 'Description'
fill_in 'debate_captcha', with: correct_captcha_text
check 'debate_terms_of_service'
fill_in 'debate_tag_list', with: "Impuestos, Economía, Hacienda"
@@ -81,7 +80,6 @@ feature 'Tags' do
visit new_debate_path
fill_in 'debate_title', with: 'Title'
fill_in 'debate_description', with: 'Description'
fill_in 'debate_captcha', with: correct_captcha_text
check 'debate_terms_of_service'
fill_in 'debate_tag_list', with: "Impuestos, Economía, Hacienda, Sanidad, Educación, Política, Igualdad"
@@ -101,7 +99,6 @@ feature 'Tags' do
expect(page).to have_selector("input[value='Economía']")
fill_in 'debate_tag_list', with: "Economía, Hacienda"
fill_in 'debate_captcha', with: correct_captcha_text
click_button 'Save changes'
expect(page).to have_content 'Debate updated successfully.'
@@ -118,7 +115,6 @@ feature 'Tags' do
visit edit_debate_path(debate)
fill_in 'debate_tag_list', with: ""
fill_in 'debate_captcha', with: correct_captcha_text
click_button 'Save changes'
expect(page).to have_content 'Debate updated successfully.'

1
spec/features/users_auth_spec.rb
View File

@@ -11,7 +11,6 @@ feature 'Users' do
fill_in 'user_email', with: 'manuela@madrid.es'
fill_in 'user_password', with: 'judgementday'
fill_in 'user_password_confirmation', with: 'judgementday'
fill_in 'user_captcha', with: correct_captcha_text
check 'user_terms_of_service'
click_button 'Register'

1
spec/spec_helper.rb
View File

@@ -63,6 +63,7 @@ RSpec.configure do |config|
config.before(:each, type: :feature) do
Bullet.start_request
allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(0)
end
config.after(:each, type: :feature) do

5
spec/support/common_actions.rb
View File

@@ -9,7 +9,6 @@ module CommonActions
fill_in 'user_email', with: email
fill_in 'user_password', with: password
fill_in 'user_password_confirmation', with: password
fill_in 'user_captcha', with: correct_captcha_text
check 'user_terms_of_service'
click_button 'Register'
@@ -86,10 +85,6 @@ module CommonActions
expect(page).to have_content 'It will be done next week.'
end
def correct_captcha_text
SimpleCaptcha::SimpleCaptchaData.last.value
end
def avatar(name)
"img.initialjs-avatar[data-name='#{name}']"
end