0001-forms-add-a-new-option-to-prepend-a-CAPTCHA-page-for.patch
| tests/test_form_pages.py | ||
|---|---|---|
| 941 | 941 |
assert resp.location == 'http://example.net/?foo=bar' |
| 942 | 942 | |
| 943 | 943 |
os.unlink(os.path.join(pub.app_dir, 'site-options.cfg')) |
| 944 | ||
| 945 |
def test_form_captcha(pub): |
|
| 946 |
user = create_user(pub) |
|
| 947 |
formdef = create_formdef() |
|
| 948 |
formdef.data_class().wipe() |
|
| 949 |
formdef.fields = [fields.StringField(id='0', label='Some field')] |
|
| 950 |
formdef.has_captcha = True |
|
| 951 |
formdef.store() |
|
| 952 | ||
| 953 |
# test authentic users are not presented with a captcha |
|
| 954 |
resp = login(get_app(pub), username='foo', password='foo').get('/')
|
|
| 955 |
resp = resp.click('test')
|
|
| 956 |
assert 'Some field' in resp.body |
|
| 957 | ||
| 958 |
# check anonymous user gets the captcha |
|
| 959 |
app = get_app(pub) |
|
| 960 |
resp = app.get('/')
|
|
| 961 |
resp = resp.click('test')
|
|
| 962 |
assert 'form_captcha' in resp.body |
|
| 963 | ||
| 964 |
session_id = app.cookies.values()[0].strip('"')
|
|
| 965 |
session = BasicSession.get(session_id) |
|
| 966 |
resp.forms[0]['captcha$q'] = session.get_captcha_token(resp.forms[0]['captcha$token'].value)['answer'] |
|
| 967 |
resp = resp.forms[0].submit() |
|
| 968 |
assert 'Some field' in resp.body |
|
| 969 | ||
| 970 |
# and check it gets it only once |
|
| 971 |
resp = app.get('/')
|
|
| 972 |
resp = resp.click('test')
|
|
| 973 |
assert 'Some field' in resp.body |
|
| wcs/admin/forms.py | ||
|---|---|---|
| 355 | 355 |
r += htmltext('<li>%s</li>') % _('Publication Date: %s') % self.formdef.publication_date
|
| 356 | 356 |
if self.formdef.expiration_date: |
| 357 | 357 |
r += htmltext('<li>%s</li>') % _('Expiration Date: %s') % self.formdef.expiration_date
|
| 358 |
if self.formdef.has_captcha: |
|
| 359 |
r += htmltext('<li>%s</li>') % _('Add CAPTCHA for anonymous users')
|
|
| 358 | 360 |
r += htmltext('</ul>')
|
| 359 | 361 |
r += htmltext('</div>')
|
| 360 | 362 |
r += htmltext('</div>')
|
| ... | ... | |
| 596 | 598 |
form.add(DateTimeWidget, 'expiration_date', |
| 597 | 599 |
title=_('Expiration Date'),
|
| 598 | 600 |
value=self.formdef.expiration_date) |
| 601 |
form.add(CheckboxWidget, 'has_captcha', |
|
| 602 |
title=_('Prepend a CAPTCHA page for anonymous users'),
|
|
| 603 |
value=self.formdef.has_captcha) |
|
| 599 | 604 | |
| 600 | 605 |
form.add_submit('submit', _('Submit'))
|
| 601 | 606 |
form.add_submit('cancel', _('Cancel'))
|
| ... | ... | |
| 606 | 611 |
attrs = ['confirmation', 'only_allow_one', 'disabled', |
| 607 | 612 |
'enable_tracking_codes', 'private_status_and_history', |
| 608 | 613 |
'disabled_redirection', 'publication_date', |
| 609 |
'expiration_date', 'always_advertise'] |
|
| 614 |
'expiration_date', 'always_advertise', 'has_captcha']
|
|
| 610 | 615 |
for f in attrs: |
| 611 | 616 |
widget = form.get_widget(f) |
| 612 | 617 |
if widget: |
| wcs/formdef.py | ||
|---|---|---|
| 77 | 77 |
always_advertise = False |
| 78 | 78 |
publication_date = None |
| 79 | 79 |
expiration_date = None |
| 80 |
has_captcha = False |
|
| 80 | 81 | |
| 81 | 82 |
acl_read = 'owner' # one of ('none', 'owner', 'roles', 'all')
|
| 82 | 83 |
private_status_and_history = False |
| ... | ... | |
| 92 | 93 |
'disabled_redirection',] |
| 93 | 94 |
BOOLEAN_ATTRIBUTES = ['discussion', 'detailed_emails', 'disabled', |
| 94 | 95 |
'only_allow_one', 'enable_tracking_codes', |
| 95 |
'always_advertise', 'private_status_and_history'] |
|
| 96 |
'always_advertise', 'private_status_and_history', |
|
| 97 |
'has_captcha'] |
|
| 96 | 98 | |
| 97 | 99 |
def migrate(self): |
| 98 | 100 |
changed = False |
| wcs/forms/root.py | ||
|---|---|---|
| 291 | 291 |
r += htmltext('</ol></div>')
|
| 292 | 292 |
return r.getvalue() |
| 293 | 293 | |
| 294 |
def initial_captcha_page(self): |
|
| 295 |
form = Form() |
|
| 296 |
form.add_captcha(hint='') |
|
| 297 |
form.add_submit('submit', _('Next'))
|
|
| 298 |
form.add_submit('cancel', _('Cancel'))
|
|
| 299 | ||
| 300 |
if form.get_submit() == 'cancel': |
|
| 301 |
return redirect(get_publisher().get_root_url()) |
|
| 302 | ||
| 303 |
if not form.is_submitted() or form.has_errors(): |
|
| 304 |
html_top(self.formdef.name) |
|
| 305 |
r = TemplateIO(html=True) |
|
| 306 |
r += TextsDirectory.get_html_text('captcha-page')
|
|
| 307 |
r += form.render() |
|
| 308 |
return r.getvalue() |
|
| 309 | ||
| 310 |
return self.page(0) |
|
| 311 | ||
| 294 | 312 |
def page(self, page_no, page_change = True, log_detail = None, editing = None): |
| 295 | 313 |
r = TemplateIO(html=True) |
| 296 | 314 |
displayed_fields = [] |
| 297 | 315 | |
| 298 | 316 |
session = get_session() |
| 299 | 317 | |
| 318 |
if page_no == 0 and self.formdef.has_captcha: |
|
| 319 |
if not session.get_user() and not session.won_captcha: |
|
| 320 |
return self.initial_captcha_page() |
|
| 321 | ||
| 300 | 322 |
if page_no > 0: |
| 301 | 323 |
magictoken = get_request().form['magictoken'] |
| 302 | 324 |
self.feed_current_data(magictoken) |
| ... | ... | |
| 1356 | 1378 |
TextsDirectory.register('welcome-unlogged',
|
| 1357 | 1379 |
N_('Welcome text on home page for unlogged users'))
|
| 1358 | 1380 | |
| 1381 |
TextsDirectory.register('captcha-page',
|
|
| 1382 |
N_('Explanation text on the CAPTCHA page'),
|
|
| 1383 |
default = N_('''<h3>Verification</h3>
|
|
| 1384 | ||
| 1385 |
<p> |
|
| 1386 |
In order to proceed you need to complete this simple question. |
|
| 1387 |
</p>''')) |
|
| 1388 | ||
| 1389 | ||
| 1359 | 1390 |
TextsDirectory.register('form-recorded',
|
| 1360 | 1391 |
N_('Message when a form has been recorded'),
|
| 1361 | 1392 |
hint = N_('Available variables: date, number'),
|
| 1362 |
- |
|