Merge branch 'forgot_password_captcha' into staging

Victor Costa
2 parents f7567fdd 4dfaa51d
Showing 3 changed files with 18 additions and 0 deletions Show diff stats
app/controllers/public/account_controller.rb
app/views/account/forgot_password.html.erb
test/functional/account_controller_test.rb
@@ -196,6 +196,11 @@ class AccountController &lt; ApplicationController
  
     if request.post?
       begin
+        unless verify_recaptcha
+          @change_password.errors.add(:base, _('Please type the words correctly'))
+          return false
+        end
+
         requestors = fetch_requestors(params[:value])
         raise ActiveRecord::RecordNotFound if requestors.blank? || params[:value].blank?
  
@@ -5,6 +5,9 @@
 <%= form_tag({:action => 'forgot_password'}, :method => 'post', :id => 'forgot-password-form') do %>
   <%= labelled_form_field fields_label, text_field_tag(:value) %>
  
+  <h3><%= _('Please type the two words below') %></h3>
+  <%= recaptcha_tags(:display => { :theme => 'clean' }, :ajax => true) %>
+
   <div>
     <% button_bar do %>
       <%= submit_button('send', _('Send instructions')) %>
@@ -232,6 +232,16 @@ class AccountControllerTest &lt; ActionController::TestCase
     assert_template 'password_recovery_sent'
   end
  
+  should 'not respond to forgotten password change if captcha verification fails' do
+    create_user('test')
+    @controller.stubs(:verify_recaptcha).returns(false)
+    post :forgot_password, :value => 'test'
+    change = assigns(:change_password)
+    assert change.errors.has_key?(:base)
+    assert_response :success
+    assert_tag :tag => 'div', :attributes => { :id => 'errorExplanation', :class => 'errorExplanation' }
+  end
+
   should 'respond to forgotten password change request with email' do
     change = ChangePassword.new
     create_user('test', :email => 'test@localhost.localdomain')
...	...	@@ -196,6 +196,11 @@ class AccountController < ApplicationController
196	196
197	197	if request.post?
198	198	begin
	199	+ unless verify_recaptcha
	200	+ @change_password.errors.add(:base, _('Please type the words correctly'))
	201	+ return false
	202	+ end
	203	+
199	204	requestors = fetch_requestors(params[:value])
200	205	raise ActiveRecord::RecordNotFound if requestors.blank? \|\| params[:value].blank?
201	206
...	...
...	...	@@ -5,6 +5,9 @@
5	5	<%= form_tag({:action => 'forgot_password'}, :method => 'post', :id => 'forgot-password-form') do %>
6	6	<%= labelled_form_field fields_label, text_field_tag(:value) %>
7	7
	8	+ <h3><%= _('Please type the two words below') %></h3>
	9	+ <%= recaptcha_tags(:display => { :theme => 'clean' }, :ajax => true) %>
	10	+
8	11	<div>
9	12	<% button_bar do %>
10	13	<%= submit_button('send', _('Send instructions')) %>
...	...
...	...	@@ -232,6 +232,16 @@ class AccountControllerTest < ActionController::TestCase
232	232	assert_template 'password_recovery_sent'
233	233	end
234	234
	235	+ should 'not respond to forgotten password change if captcha verification fails' do
	236	+ create_user('test')
	237	+ @controller.stubs(:verify_recaptcha).returns(false)
	238	+ post :forgot_password, :value => 'test'
	239	+ change = assigns(:change_password)
	240	+ assert change.errors.has_key?(:base)
	241	+ assert_response :success
	242	+ assert_tag :tag => 'div', :attributes => { :id => 'errorExplanation', :class => 'errorExplanation' }
	243	+ end
	244	+
235	245	should 'respond to forgotten password change request with email' do
236	246	change = ChangePassword.new
237	247	create_user('test', :email => 'test@localhost.localdomain')
...	...