Working with environment settings instead of yaml

ready for Serpro's captcha

Working with environment settings instead of yaml
ready for Serpro's captcha
Evandro Junior
1 parent e9472c80
Showing 5 changed files with 49 additions and 34 deletions Show diff stats
app/models/environment.rb
lib/noosfero/api/api.rb
lib/noosfero/api/helpers.rb
lib/noosfero/api/session.rb
test/unit/api/helpers_test.rb
@@ -310,6 +310,9 @@ class Environment &lt; ActiveRecord::Base
  
   settings_items :signup_welcome_screen_body, :type => String
  
+  #Captcha setings
+  settings_items :api_captcha_settings, :type => ActiveSupport::HashWithIndifferentAccess, :default => {}
+
   def has_custom_welcome_screen?
     settings[:signup_welcome_screen_body].present?
   end
 require 'grape'
 #require 'rack/contrib'
-
-if Rails.env == "production"
-  Dir["#{Rails.root}/lib/noosfero/api/*.rb"].each {|file| require file unless file =~ /api\.rb/}
-else
-  Dir["#{Rails.root}/lib/noosfero/api/*.rb"].each {|file| load file unless file =~ /api\.rb/}
-end
+Dir["#{Rails.root}/lib/noosfero/api/*.rb"].each {|file| require_dependency file unless file =~ /api\.rb/}
  
 module Noosfero
   module API
@@ -17,7 +12,7 @@ module Noosfero
       use GrapeLogging::Middleware::RequestLogger, { logger: logger }
  
       rescue_from :all do |e|
-        # Many brave warriors have fallen in the battle of fixing the API log
+        # Many brave warriors have fallen in the battle for fixing the API log
         # Please, don't remove these 2 lines until the API log problem has
         # been PROPERLY fixed by our savior!!!
         # Otherwise we will have no clue of what went wrong in the API
@@ -91,6 +91,7 @@
       end
  
       def authenticate!
+
         unauthorized! unless current_user
       end
  
@@ -207,39 +208,29 @@
       #              captcha_helpers           #
       ##########################################
  
-      def test_captcha(remote_ip, params)
-        return true unless API.NOOSFERO_CONF['api_captcha_enabled'] === true
-
-        private_key = API.NOOSFERO_CONF['api_recaptcha_private_key']
-        if private_key == nil
-          raise ArgumentError, "API.NOOSFERO_CONF['api_recaptcha_private_key'] not defined"
-        end
-
-        api_captcha_version = API.NOOSFERO_CONF['api_captcha_version']
-        unless api_captcha_version == 1 || api_captcha_version == 2
-          raise ArgumentError, "API.NOOSFERO_CONF['api_captcha_version'] not defined"
-        end
-
-        if api_captcha_version == 1
-          api_recaptcha_verify_uri = API.NOOSFERO_CONF['api_recaptcha_v1_verify_uri']
-          if api_recaptcha_verify_uri == nil
-            raise ArgumentError, "API.NOOSFERO_CONF['api_recaptcha_v1_verify_uri'] not defined"
+      def test_captcha(remote_ip, params, _environment = nil)
+        environment ||= _environment
+        d = environment.api_captcha_settings
+        return true unless d[:enabled] == true
+
+        if d[:provider] == 'google'
+          raise ArgumentError, "Environment api_captcha_settings private_key not defined" if d[:private_key].nil?
+          raise ArgumentError, "Environment api_captcha_settings version not defined" unless d[:version] == 1 || d[:version] == 2
+          raise ArgumentError, "Environment api_captcha_settings verify_uri not defined" if d[:verify_uri].nil?
+          if d[:version] == 1
+            return verify_recaptcha_v1(remote_ip, d[:private_key], d[:verify_uri], params[:recaptcha_challenge_field], params[:recaptcha_response_field])
           end
-          return verify_recaptcha_v1(remote_ip, private_key, api_recaptcha_verify_uri, params[:recaptcha_challenge_field], params[:recaptcha_response_field])
-        end
-
-        if api_captcha_version == 2
-          api_recaptcha_verify_uri = API.NOOSFERO_CONF['api_recaptcha_v2_verify_uri']
-          if api_recaptcha_verify_uri == nil
-            raise ArgumentError, "API.NOOSFERO_CONF['api_recaptcha_v2_verify_uri'] not defined"
+          if d[:version] == 2
+            return verify_recaptcha_v2(remote_ip, d[:private_key], d[:verify_uri], params[:g_recaptcha_response])
           end
-          return verify_recaptcha_v2(remote_ip, private_key, api_recaptcha_verify_uri, params[:g_recaptcha_response])
         end
  
+        if d[:provider] == 'serpro'
+              #TODO ADD SERPRO's CAPTCHA
+        end
       end
  
       def verify_recaptcha_v1(remote_ip, private_key, api_recaptcha_verify_uri, recaptcha_challenge_field, recaptcha_response_field)
-
         if recaptcha_challenge_field == nil || recaptcha_response_field == nil
           return _('Missing captcha data')
         end
@@ -29,7 +29,7 @@ module Noosfero
       #   password (required)               - Password
       #   login                             - login
       # Example Request:
-      #   POST /register?email=some@mail.com&password=pas&login=some
+      #   POST /register?email=some@mail.com&password=pas&password_confirmation=pas&login=some
       params do
         requires :email, type: String, desc: _("Email")
         requires :login, type: String, desc: _("Login")
@@ -161,6 +161,32 @@ class APIHelpersTest &lt; ActiveSupport::TestCase
     assert_nil make_conditions_with_parameter[:type]
   end
  
+  should 'fail display recaptcha v1' do
+    environment = Environment.new
+    environment.api_captcha_settings = {
+        enabled: true,
+        provider: 'google',
+        version:  1,
+        private_key:  '6LdsWAcTAAAAAB6maB_HalVyCc4asDAxPxloIMvY',
+        public_key:   '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-',
+        verify_uri:   'https://www.google.com/recaptcha/api/verify',
+    }
+    assert_equal test_captcha("127.0.0.1", {}, environment), "Missing captcha data"
+  end
+
+  should 'fail display recaptcha v2' do
+    environment = Environment.new
+    environment.api_captcha_settings = {
+        enabled: true,
+        provider: 'google',
+        version:  2,
+        private_key:  '6LdsWAcTAAAAAB6maB_HalVyCc4asDAxPxloIMvY',
+        public_key:   '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-',
+        verify_uri:   'https://www.google.com/recaptcha/api/siteverify',
+    }
+    assert_equal test_captcha("127.0.0.1", {}, environment), "Missing captcha data"
+  end
+
   protected
  
   def error!(info, status)
...	...	@@ -310,6 +310,9 @@ class Environment < ActiveRecord::Base
310	310
311	311	settings_items :signup_welcome_screen_body, :type => String
312	312
	313	+ #Captcha setings
	314	+ settings_items :api_captcha_settings, :type => ActiveSupport::HashWithIndifferentAccess, :default => {}
	315	+
313	316	def has_custom_welcome_screen?
314	317	settings[:signup_welcome_screen_body].present?
315	318	end
...	...
1	1	require 'grape'
2	2	#require 'rack/contrib'
3		-
4		-if Rails.env == "production"
5		- Dir["#{Rails.root}/lib/noosfero/api/*.rb"].each {\|file\| require file unless file =~ /api\.rb/}
6		-else
7		- Dir["#{Rails.root}/lib/noosfero/api/*.rb"].each {\|file\| load file unless file =~ /api\.rb/}
8		-end
	3	+Dir["#{Rails.root}/lib/noosfero/api/*.rb"].each {\|file\| require_dependency file unless file =~ /api\.rb/}
9	4
10	5	module Noosfero
11	6	module API
...	...	@@ -17,7 +12,7 @@ module Noosfero
17	12	use GrapeLogging::Middleware::RequestLogger, { logger: logger }
18	13
19	14	rescue_from :all do \|e\|
20		- # Many brave warriors have fallen in the battle of fixing the API log
	15	+ # Many brave warriors have fallen in the battle for fixing the API log
21	16	# Please, don't remove these 2 lines until the API log problem has
22	17	# been PROPERLY fixed by our savior!!!
23	18	# Otherwise we will have no clue of what went wrong in the API
...	...
...	...	@@ -91,6 +91,7 @@
91	91	end
92	92
93	93	def authenticate!
	94	+
94	95	unauthorized! unless current_user
95	96	end
96	97
...	...	@@ -207,39 +208,29 @@
207	208	# captcha_helpers #
208	209	##########################################
209	210
210		- def test_captcha(remote_ip, params)
211		- return true unless API.NOOSFERO_CONF['api_captcha_enabled'] === true
212		-
213		- private_key = API.NOOSFERO_CONF['api_recaptcha_private_key']
214		- if private_key == nil
215		- raise ArgumentError, "API.NOOSFERO_CONF['api_recaptcha_private_key'] not defined"
216		- end
217		-
218		- api_captcha_version = API.NOOSFERO_CONF['api_captcha_version']
219		- unless api_captcha_version == 1 \|\| api_captcha_version == 2
220		- raise ArgumentError, "API.NOOSFERO_CONF['api_captcha_version'] not defined"
221		- end
222		-
223		- if api_captcha_version == 1
224		- api_recaptcha_verify_uri = API.NOOSFERO_CONF['api_recaptcha_v1_verify_uri']
225		- if api_recaptcha_verify_uri == nil
226		- raise ArgumentError, "API.NOOSFERO_CONF['api_recaptcha_v1_verify_uri'] not defined"
	211	+ def test_captcha(remote_ip, params, _environment = nil)
	212	+ environment \|\|= _environment
	213	+ d = environment.api_captcha_settings
	214	+ return true unless d[:enabled] == true
	215	+
	216	+ if d[:provider] == 'google'
	217	+ raise ArgumentError, "Environment api_captcha_settings private_key not defined" if d[:private_key].nil?
	218	+ raise ArgumentError, "Environment api_captcha_settings version not defined" unless d[:version] == 1 \|\| d[:version] == 2
	219	+ raise ArgumentError, "Environment api_captcha_settings verify_uri not defined" if d[:verify_uri].nil?
	220	+ if d[:version] == 1
	221	+ return verify_recaptcha_v1(remote_ip, d[:private_key], d[:verify_uri], params[:recaptcha_challenge_field], params[:recaptcha_response_field])
227	222	end
228		- return verify_recaptcha_v1(remote_ip, private_key, api_recaptcha_verify_uri, params[:recaptcha_challenge_field], params[:recaptcha_response_field])
229		- end
230		-
231		- if api_captcha_version == 2
232		- api_recaptcha_verify_uri = API.NOOSFERO_CONF['api_recaptcha_v2_verify_uri']
233		- if api_recaptcha_verify_uri == nil
234		- raise ArgumentError, "API.NOOSFERO_CONF['api_recaptcha_v2_verify_uri'] not defined"
	223	+ if d[:version] == 2
	224	+ return verify_recaptcha_v2(remote_ip, d[:private_key], d[:verify_uri], params[:g_recaptcha_response])
235	225	end
236		- return verify_recaptcha_v2(remote_ip, private_key, api_recaptcha_verify_uri, params[:g_recaptcha_response])
237	226	end
238	227
	228	+ if d[:provider] == 'serpro'
	229	+ #TODO ADD SERPRO's CAPTCHA
	230	+ end
239	231	end
240	232
241	233	def verify_recaptcha_v1(remote_ip, private_key, api_recaptcha_verify_uri, recaptcha_challenge_field, recaptcha_response_field)
242		-
243	234	if recaptcha_challenge_field == nil \|\| recaptcha_response_field == nil
244	235	return _('Missing captcha data')
245	236	end
...	...
...	...	@@ -29,7 +29,7 @@ module Noosfero
29	29	# password (required) - Password
30	30	# login - login
31	31	# Example Request:
32		- # POST /register?email=some@mail.com&password=pas&login=some
	32	+ # POST /register?email=some@mail.com&password=pas&password_confirmation=pas&login=some
33	33	params do
34	34	requires :email, type: String, desc: _("Email")
35	35	requires :login, type: String, desc: _("Login")
...	...
...	...	@@ -161,6 +161,32 @@ class APIHelpersTest < ActiveSupport::TestCase
161	161	assert_nil make_conditions_with_parameter[:type]
162	162	end
163	163
	164	+ should 'fail display recaptcha v1' do
	165	+ environment = Environment.new
	166	+ environment.api_captcha_settings = {
	167	+ enabled: true,
	168	+ provider: 'google',
	169	+ version: 1,
	170	+ private_key: '6LdsWAcTAAAAAB6maB_HalVyCc4asDAxPxloIMvY',
	171	+ public_key: '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-',
	172	+ verify_uri: 'https://www.google.com/recaptcha/api/verify',
	173	+ }
	174	+ assert_equal test_captcha("127.0.0.1", {}, environment), "Missing captcha data"
	175	+ end
	176	+
	177	+ should 'fail display recaptcha v2' do
	178	+ environment = Environment.new
	179	+ environment.api_captcha_settings = {
	180	+ enabled: true,
	181	+ provider: 'google',
	182	+ version: 2,
	183	+ private_key: '6LdsWAcTAAAAAB6maB_HalVyCc4asDAxPxloIMvY',
	184	+ public_key: '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-',
	185	+ verify_uri: 'https://www.google.com/recaptcha/api/siteverify',
	186	+ }
	187	+ assert_equal test_captcha("127.0.0.1", {}, environment), "Missing captcha data"
	188	+ end
	189	+
164	190	protected
165	191
166	192	def error!(info, status)
...	...