diff --git a/.gitignore b/.gitignore index 0d307089f..05906bf13 100644 --- a/.gitignore +++ b/.gitignore @@ -17,4 +17,5 @@ /tmp /spec/examples.txt -/config/database.yml \ No newline at end of file +/config/database.yml +/config/secrets.yml diff --git a/Gemfile b/Gemfile index 5dfb2f7c5..f2ef657e5 100644 --- a/Gemfile +++ b/Gemfile @@ -35,6 +35,7 @@ gem 'acts-as-taggable-on' gem "responders" gem 'foundation-rails' gem 'acts_as_votable' +gem "recaptcha", :require => "recaptcha/rails" group :development, :test do # Call 'byebug' anywhere in the code to stop execution and get a debugger console diff --git a/Gemfile.lock b/Gemfile.lock index 0b070914b..34de0c6d2 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -137,6 +137,7 @@ GEM thor (>= 0.18.1, < 2.0) rake (10.4.2) rdoc (4.2.0) + recaptcha (0.4.0) responders (2.1.0) railties (>= 4.2.0, < 5) rspec-core (3.3.1) @@ -210,6 +211,7 @@ DEPENDENCIES jquery-rails pg rails (= 4.2.3) + recaptcha responders rspec-rails (~> 3.0) sass-rails (~> 5.0) diff --git a/app/assets/javascripts/comments.js.coffee b/app/assets/javascripts/comments.js.coffee new file mode 100644 index 000000000..a1635b42c --- /dev/null +++ b/app/assets/javascripts/comments.js.coffee @@ -0,0 +1,9 @@ +jQuery -> + + toggle_comment = (id) -> + $("#js-comment-form-#{id}").toggle() + + $('.js-add-comment-link').click -> + id = $(this).data().id + toggle_comment(id) + false \ No newline at end of file diff --git a/app/controllers/debates_controller.rb b/app/controllers/debates_controller.rb index 9ad043bb6..672f41d20 100644 --- a/app/controllers/debates_controller.rb +++ b/app/controllers/debates_controller.rb @@ -1,4 +1,5 @@ class DebatesController < ApplicationController + include RecaptchaHelper before_action :set_debate, only: [:show, :edit, :update] before_action :authenticate_user!, except: [:show, :index] before_action :validate_ownership, only: [:edit, :update] @@ -24,8 +25,11 @@ class DebatesController < ApplicationController def create @debate = Debate.new(debate_params) @debate.author = current_user - @debate.save - respond_with @debate + if verify_captcha? and @debate.save + redirect_to @debate, notice: t('flash.actions.create.notice', resource_name: 'Debate') + else + render :new + end end def update @@ -47,4 +51,9 @@ class DebatesController < ApplicationController raise ActiveRecord::RecordNotFound unless @debate.editable_by?(current_user) end + def verify_captcha? + return true unless recaptcha_keys? + verify_recaptcha(model: @debate) + end + end diff --git a/app/helpers/comments_helper.rb b/app/helpers/comments_helper.rb new file mode 100644 index 000000000..8e8aae90c --- /dev/null +++ b/app/helpers/comments_helper.rb @@ -0,0 +1,11 @@ +module CommentsHelper + + def comment_link_text(parent) + parent.class == Debate ? "Comentar" : "Responder" + end + + def comment_button_text(parent) + parent.class == Debate ? "Publicar comentario" : "Publicar respuesta" + end + +end \ No newline at end of file diff --git a/app/helpers/recaptcha_helper.rb b/app/helpers/recaptcha_helper.rb new file mode 100644 index 000000000..9e6fa90e6 --- /dev/null +++ b/app/helpers/recaptcha_helper.rb @@ -0,0 +1,8 @@ +module RecaptchaHelper + + def recaptcha_keys? + Recaptcha.configuration.public_key.present? && + Recaptcha.configuration.private_key.present? + end + +end \ No newline at end of file diff --git a/app/views/comments/_form.html.erb b/app/views/comments/_form.html.erb index b309a34ef..4550aa2b4 100644 --- a/app/views/comments/_form.html.erb +++ b/app/views/comments/_form.html.erb @@ -1,7 +1,11 @@ -<%= form_for [@debate, Comment.new] do |f| %> - <%= f.text_area :body %> - <%= f.hidden_field :commentable_type, value: parent.class %> - <%= f.hidden_field :commentable_id, value: parent.id %> - - <%= f.submit 'Publicar comentario', :class => "button radius" %> -<% end %> \ No newline at end of file +<%= link_to comment_link_text(parent), "", class: "js-add-comment-link", data: {'id': parent.id} %> + + diff --git a/app/views/debates/_form.html.erb b/app/views/debates/_form.html.erb index 9d0af3892..df43ab8b0 100644 --- a/app/views/debates/_form.html.erb +++ b/app/views/debates/_form.html.erb @@ -30,6 +30,8 @@ Acepto la política de privacidad y el aviso legal <% end %> + <%= render 'shared/captcha' %> +
<%= f.submit %>
diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index 9ea4a817f..aa8c240b0 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -5,16 +5,16 @@ <%= content_for?(:title) ? yield(:title) : "Participación" %> - <%= stylesheet_link_tag "application" %> <%= javascript_include_tag "vendor/modernizr" %> <%= javascript_include_tag "application", 'data-turbolinks-track' => true %> <%= csrf_meta_tags %> + - - + + <%= render 'layouts/header' %> - + <% if notice %>

<%= notice %>

<% end %> @@ -22,11 +22,11 @@ <% if alert %>

<%= alert %>

<% end %> - +
<%= yield %>
-
- + + \ No newline at end of file diff --git a/app/views/shared/_captcha.html.erb b/app/views/shared/_captcha.html.erb new file mode 100644 index 000000000..7200bf6da --- /dev/null +++ b/app/views/shared/_captcha.html.erb @@ -0,0 +1,3 @@ +<% if recaptcha_keys? %> + <%= recaptcha_tags ajax: true, hl: I18n.locale %> +<% end %> \ No newline at end of file diff --git a/app/views/shared/_tags.html.erb b/app/views/shared/_tags.html.erb index 4f41b2a00..645fd2b4f 100644 --- a/app/views/shared/_tags.html.erb +++ b/app/views/shared/_tags.html.erb @@ -1,3 +1,3 @@ <% if debate.tags.any? %> - <%= tags(debate) %> + <%= tags(debate) %> <% end %> \ No newline at end of file diff --git a/config/initializers/recaptcha.rb b/config/initializers/recaptcha.rb new file mode 100644 index 000000000..36a5cef8b --- /dev/null +++ b/config/initializers/recaptcha.rb @@ -0,0 +1,5 @@ +Recaptcha.configure do |config| + config.public_key = Rails.application.secrets.recaptcha_public_key + config.private_key = Rails.application.secrets.recaptcha_private_key + config.api_version = 'v2' +end \ No newline at end of file diff --git a/config/locales/en.yml b/config/locales/en.yml index 065395716..d09a8dd09 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -20,4 +20,7 @@ # available at http://guides.rubyonrails.org/i18n.html. en: - hello: "Hello world" + recaptcha: + errors: + verification_failed: "Incorrect Captcha" + recaptcha_unreachable: "Internet connecion error. Could not load Captcha" diff --git a/config/locales/es.yml b/config/locales/es.yml index 68f7b4a06..a5666614d 100644 --- a/config/locales/es.yml +++ b/config/locales/es.yml @@ -195,4 +195,8 @@ es: default: "%A, %d de %B de %Y %H:%M:%S %z" long: "%d de %B de %Y %H:%M" short: "%d de %b %H:%M" - pm: pm \ No newline at end of file + pm: pm + recaptcha: + errors: + verification_failed: "El Captcha no es correcto" + recaptcha_unreachable: "Fallo de conexión a Internet. No se ha podido cargar el Captcha" \ No newline at end of file diff --git a/config/secrets.yml b/config/secrets.yml.example similarity index 81% rename from config/secrets.yml rename to config/secrets.yml.example index 1badccfe5..7fc628887 100644 --- a/config/secrets.yml +++ b/config/secrets.yml.example @@ -10,13 +10,18 @@ # Make sure the secrets in this file are kept private # if you're sharing your code publicly. +default: &default + recaptcha_public_key: <%= ENV["MADRID_RECAPTCHA_PUBLIC_KEY"] %> + recaptcha_private_key: <%= ENV["MADRID_RECAPTCHA_PRIVATE_KEY"] %> + development: secret_key_base: 56792feef405a59b18ea7db57b4777e855103882b926413d4afdfb8c0ea8aa86ea6649da4e729c5f5ae324c0ab9338f789174cf48c544173bc18fdc3b14262e4 + <<: *default test: secret_key_base: 4d5adf961ddd27aef19622d6c0b3234d555f9ee003f022b1f829c92bbe33aaee907be7feb67bd54c14a1a32512fa968565ad405971fbc41bd0797af73c26a796 + <<: *default -# Do not keep production secrets in the repository, -# instead read values from the environment. production: secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> + <<: *default \ No newline at end of file diff --git a/spec/features/tags_spec.rb b/spec/features/tags_spec.rb index 06d5c1391..27b2528bd 100644 --- a/spec/features/tags_spec.rb +++ b/spec/features/tags_spec.rb @@ -82,7 +82,10 @@ feature 'Tags' do click_button 'Actualizar Debate' expect(page).to have_content 'Debate actualizado correctamente' - expect(page).to have_content 'Economía, Hacienda' + within('.tags') do + expect(page).to have_css('a', text: 'Economía') + expect(page).to have_css('a', text: 'Hacienda') + end end scenario 'Delete' do diff --git a/spec/helpers/recaptcha_helper_spec.rb b/spec/helpers/recaptcha_helper_spec.rb new file mode 100644 index 000000000..545e9e827 --- /dev/null +++ b/spec/helpers/recaptcha_helper_spec.rb @@ -0,0 +1,22 @@ +require 'rails_helper' + +describe RecaptchaHelper do + + describe "#recaptcha_keys?" do + + it "should be true if Recaptcha keys are configured" do + allow(Recaptcha.configuration).to receive(:public_key).and_return("akjasf") + allow(Recaptcha.configuration).to receive(:private_key).and_return("akjasf4532") + + expect(helper.recaptcha_keys?).to be true + end + + it "should be false if Recaptcha keys are not configured" do + allow(Recaptcha.configuration).to receive(:public_key).and_return(nil) + allow(Recaptcha.configuration).to receive(:private_key).and_return(nil) + + expect(helper.recaptcha_keys?).to be false + end + + end +end