Adds invisible_captcha to proposals, debates & sps
This commit is contained in:
kikito
@@ -11,7 +11,7 @@ class DebatesController < ApplicationController
|
||||
|
||||
feature_flag :debates
|
||||
|
||||
invisible_captcha only: [:create, :update], honeypot: :subtitle
|
||||
invisible_captcha only: [:create, :update], honeypot: :subtitle, on_timestamp_spam: :redirect_timestamp_spam
|
||||
|
||||
has_orders %w{hot_score confidence_score created_at relevance}, only: :index
|
||||
has_orders %w{most_voted newest oldest}, only: :show
|
||||
@@ -54,4 +54,8 @@ class DebatesController < ApplicationController
|
||||
Debate
|
||||
end
|
||||
|
||||
def redirect_timestamp_spam
|
||||
redirect_to root_path, notice: InvisibleCaptcha.timestamp_error_message
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
@@ -2,6 +2,7 @@ class ProposalsController < ApplicationController
|
||||
include CommentableActions
|
||||
include FlagActions
|
||||
|
||||
|
||||
before_action :parse_search_terms, only: [:index, :suggest]
|
||||
before_action :parse_advanced_search_terms, only: :index
|
||||
before_action :parse_tag_filter, only: :index
|
||||
@@ -10,7 +11,7 @@ class ProposalsController < ApplicationController
|
||||
before_action :load_geozones, only: [:edit, :map, :summary]
|
||||
before_action :authenticate_user!, except: [:index, :show, :map, :summary]
|
||||
|
||||
invisible_captcha only: [:create, :update], honeypot: :subtitle
|
||||
invisible_captcha only: [:create, :update], honeypot: :subtitle, on_timestamp_spam: :redirect_timestamp_spam
|
||||
|
||||
has_orders %w{hot_score confidence_score created_at relevance}, only: :index
|
||||
has_orders %w{most_voted newest oldest}, only: :show
|
||||
@@ -95,4 +96,9 @@ class ProposalsController < ApplicationController
|
||||
@resources = @resources.where('proposals.id NOT IN (?)', @featured_proposals.map(&:id))
|
||||
end
|
||||
end
|
||||
|
||||
def redirect_timestamp_spam
|
||||
redirect_to root_path, notice: InvisibleCaptcha.timestamp_error_message
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
@@ -8,7 +8,7 @@ class SpendingProposalsController < ApplicationController
|
||||
|
||||
feature_flag :spending_proposals
|
||||
|
||||
invisible_captcha only: [:create, :update], honeypot: :subtitle
|
||||
invisible_captcha only: [:create, :update], honeypot: :subtitle, on_timestamp_spam: :redirect_timestamp_spam
|
||||
|
||||
respond_to :html, :js
|
||||
|
||||
@@ -72,4 +72,8 @@ class SpendingProposalsController < ApplicationController
|
||||
target
|
||||
end
|
||||
|
||||
def redirect_timestamp_spam
|
||||
redirect_to root_path, notice: InvisibleCaptcha.timestamp_error_message
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
@@ -107,6 +107,41 @@ feature 'Debates' do
|
||||
expect(page).to have_content I18n.l(Debate.last.created_at.to_date)
|
||||
end
|
||||
|
||||
scenario 'Create with invisible_captcha honeypot field' do
|
||||
author = create(:user)
|
||||
login_as(author)
|
||||
|
||||
visit new_debate_path
|
||||
fill_in 'debate_title', with: 'I am a bot'
|
||||
fill_in 'debate_subtitle', with: 'This is a honeypot field'
|
||||
fill_in 'debate_description', with: 'This is the description'
|
||||
check 'debate_terms_of_service'
|
||||
|
||||
click_button 'Start a debate'
|
||||
|
||||
expect(page.status_code).to eq(200)
|
||||
expect(page.html).to be_empty
|
||||
expect(current_path).to eq(debates_path)
|
||||
end
|
||||
|
||||
scenario 'Create debate too fast' do
|
||||
allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(Float::INFINITY)
|
||||
|
||||
author = create(:user)
|
||||
login_as(author)
|
||||
|
||||
visit new_debate_path
|
||||
fill_in 'debate_title', with: 'I am a bot'
|
||||
fill_in 'debate_description', with: 'This is the description'
|
||||
check 'debate_terms_of_service'
|
||||
|
||||
click_button 'Start a debate'
|
||||
|
||||
expect(page).to have_content 'Sorry, that was too quick! Please resubmit'
|
||||
|
||||
expect(current_path).to eq(proposals_path)
|
||||
end
|
||||
|
||||
scenario 'Errors on create' do
|
||||
author = create(:user)
|
||||
login_as(author)
|
||||
|
||||
@@ -146,9 +146,6 @@ feature 'Proposals' do
|
||||
end
|
||||
|
||||
scenario 'Create with invisible_captcha honeypot field' do
|
||||
# Display the honeypot so capybara can fill it as a spammer would do
|
||||
allow(InvisibleCaptcha).to receive(:visual_honeypots).and_return(true)
|
||||
|
||||
author = create(:user)
|
||||
login_as(author)
|
||||
|
||||
@@ -164,8 +161,31 @@ feature 'Proposals' do
|
||||
|
||||
click_button 'Create proposal'
|
||||
|
||||
expect(page).to_not have_content 'Proposal created successfully.'
|
||||
expect(current_path).to eq(root_path)
|
||||
expect(page.status_code).to eq(200)
|
||||
expect(page.html).to be_empty
|
||||
expect(current_path).to eq(proposals_path)
|
||||
end
|
||||
|
||||
scenario 'Create proposal too fast' do
|
||||
allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(Float::INFINITY)
|
||||
|
||||
author = create(:user)
|
||||
login_as(author)
|
||||
|
||||
visit new_proposal_path
|
||||
fill_in 'proposal_title', with: 'I am a bot'
|
||||
fill_in 'proposal_question', with: 'This is a question'
|
||||
fill_in 'proposal_summary', with: 'This is the summary'
|
||||
fill_in 'proposal_description', with: 'This is the description'
|
||||
fill_in 'proposal_external_url', with: 'http://google.com/robots.txt'
|
||||
fill_in 'proposal_responsible_name', with: 'Some other robot'
|
||||
check 'proposal_terms_of_service'
|
||||
|
||||
click_button 'Create proposal'
|
||||
|
||||
expect(page).to have_content 'Sorry, that was too quick! Please resubmit'
|
||||
|
||||
expect(current_path).to eq(spending_proposals_path)
|
||||
end
|
||||
|
||||
scenario 'Responsible name is stored for anonymous users' do
|
||||
|
||||
@@ -110,6 +110,40 @@ feature 'Spending proposals' do
|
||||
expect(page).to have_content('All city')
|
||||
end
|
||||
|
||||
scenario 'Create with invisible_captcha honeypot field' do
|
||||
login_as(author)
|
||||
|
||||
visit new_spending_proposal_path
|
||||
fill_in 'spending_proposal_title', with: 'I am a bot'
|
||||
fill_in 'spending_proposal_subtitle', with: 'This is the honeypot'
|
||||
fill_in 'spending_proposal_description', with: 'This is the description'
|
||||
select 'All city', from: 'spending_proposal_geozone_id'
|
||||
check 'spending_proposal_terms_of_service'
|
||||
|
||||
click_button 'Create'
|
||||
|
||||
expect(page.status_code).to eq(200)
|
||||
expect(page.html).to be_empty
|
||||
expect(current_path).to eq(spending_proposals_path)
|
||||
end
|
||||
|
||||
scenario 'Create spending proposal too fast' do
|
||||
allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(Float::INFINITY)
|
||||
|
||||
login_as(author)
|
||||
|
||||
visit new_spending_proposal_path
|
||||
fill_in 'spending_proposal_title', with: 'I am a bot'
|
||||
fill_in 'spending_proposal_description', with: 'This is the description'
|
||||
select 'All city', from: 'spending_proposal_geozone_id'
|
||||
check 'spending_proposal_terms_of_service'
|
||||
|
||||
click_button 'Create'
|
||||
|
||||
expect(page).to have_content 'Sorry, that was too quick! Please resubmit'
|
||||
expect(current_path).to eq(proposals_path)
|
||||
end
|
||||
|
||||
scenario 'Create notice' do
|
||||
login_as(author)
|
||||
|
||||
|
||||
@@ -63,6 +63,7 @@ RSpec.configure do |config|
|
||||
|
||||
config.before(:each, type: :feature) do
|
||||
Bullet.start_request
|
||||
allow(InvisibleCaptcha).to receive(:timestamp_threshold).and_return(0)
|
||||
end
|
||||
|
||||
config.after(:each, type: :feature) do
|
||||
|
||||
Reference in New Issue
Block a user