From c55f23335a34bd416981b3e0012b0b8649bc9d97 Mon Sep 17 00:00:00 2001
From: Rodrigo Souto <rodrigo@colivre.coop.br>
Date: Fri, 25 Jan 2013 22:07:15 -0300
Subject: [PATCH] Adjusting signup anti-bot

---
 app/controllers/public/account_controller.rb |  2 +-
 app/models/environment.rb                    |  2 +-
 app/views/account/_signup_form.rhtml         |  6 +++---
 public/stylesheets/application.css           | 10 ----------
 test/functional/account_controller_test.rb   | 45 ++++++++++++++++++++++++++-------------------
 test/integration/signup_test.rb              | 47 ++++++++++++++++++++++++-----------------------
 6 files changed, 55 insertions(+), 57 deletions(-)

diff --git a/app/controllers/public/account_controller.rb b/app/controllers/public/account_controller.rb
index 2a3f81d..05420f8 100644
--- a/app/controllers/public/account_controller.rb
+++ b/app/controllers/public/account_controller.rb
@@ -299,7 +299,7 @@ class AccountController < ApplicationController
   end
 
   def clear_signup_start_time
-    Rails.cache.delete params[:signup_time_key]
+    Rails.cache.delete params[:signup_time_key] if params[:signup_time_key]
   end
 
   def may_be_a_bot
diff --git a/app/models/environment.rb b/app/models/environment.rb
index 414fbed..77c3f2c 100644
--- a/app/models/environment.rb
+++ b/app/models/environment.rb
@@ -233,7 +233,7 @@ class Environment < ActiveRecord::Base
     settings[:message_for_member_invitation] || InviteMember.mail_template
   end
 
-  settings_items :min_signup_delay, :type => Integer, :default => 25 #seconds
+  settings_items :min_signup_delay, :type => Integer, :default => 3 #seconds
   settings_items :activation_blocked_text, :type => String
   settings_items :message_for_disabled_enterprise, :type => String,
                  :default => _('This enterprise needs to be enabled.')
diff --git a/app/views/account/_signup_form.rhtml b/app/views/account/_signup_form.rhtml
index 35b638f..2c03537 100644
--- a/app/views/account/_signup_form.rhtml
+++ b/app/views/account/_signup_form.rhtml
@@ -1,7 +1,7 @@
 <% if @block_bot %>
-  <div id="bot-notice">
-    <strong><%=_('How Fast!')%></strong>
-    <p><%=_('Looks like you are a robot. Please, prove that you are human.')%></p>
+  <div class="atention" style="font-size: 150%;">
+    <strong><%=_('Are you a robot?')%></strong> <br />
+    <%=_('Please, prove that you are human by filling the captcha.')%>
   </div>
 <% end %>
 
diff --git a/public/stylesheets/application.css b/public/stylesheets/application.css
index 066de32..e8c733d 100644
--- a/public/stylesheets/application.css
+++ b/public/stylesheets/application.css
@@ -5636,16 +5636,6 @@ li.profile-activity-item.upload_image .activity-gallery-images-count-1 img {
 
 /* Signup interface {{{ */
 
-#bot-notice {
-  border: 3px solid #000;
-  background: #FE0;
-  padding: 5px 10px;
-  font-size: 150%;
-}
-#bot-notice p {
-  margin: 0px;
-}
-
 #url-check {
   margin: 0 0 -5px 0;
   width: 100%;
diff --git a/test/functional/account_controller_test.rb b/test/functional/account_controller_test.rb
index 62959cf..3797cfc 100644
--- a/test/functional/account_controller_test.rb
+++ b/test/functional/account_controller_test.rb
@@ -19,6 +19,7 @@ class AccountControllerTest < ActionController::TestCase
     @controller = AccountController.new
     @request    = ActionController::TestRequest.new
     @response   = ActionController::TestResponse.new
+    disable_signup_bot_check
   end
 
   def test_local_files_reference
@@ -566,6 +567,7 @@ class AccountControllerTest < ActionController::TestCase
     template.boxes[0].blocks << Block.new
     template.save!
     env = fast_create(Environment, :name => 'test_env')
+    disable_signup_bot_check(env)
     env.settings[:person_template_id] = template.id
     env.save!
 
@@ -882,26 +884,31 @@ class AccountControllerTest < ActionController::TestCase
 
 
   protected
-    def new_user(options = {}, extra_options ={})
-      data = {:profile_data => person_data}
-      if extra_options[:profile_data]
-         data[:profile_data].merge! extra_options.delete(:profile_data)
-      end
-      data.merge! extra_options
-
-       post :signup, { :user => { :login => 'quire',
-                                 :email => 'quire@example.com',
-                                 :password => 'quire',
-                                 :password_confirmation => 'quire'
-                              }.merge(options)
-                    }.merge(data)
+  def new_user(options = {}, extra_options ={})
+    data = {:profile_data => person_data}
+    if extra_options[:profile_data]
+      data[:profile_data].merge! extra_options.delete(:profile_data)
     end
+    data.merge! extra_options
 
-    def auth_token(token)
-      CGI::Cookie.new('name' => 'auth_token', 'value' => token)
-    end
+    post :signup, { :user => { :login => 'quire',
+      :email => 'quire@example.com',
+      :password => 'quire',
+      :password_confirmation => 'quire'
+    }.merge(options)
+    }.merge(data)
+  end
 
-    def cookie_for(user)
-      auth_token users(user).remember_token
-    end
+  def auth_token(token)
+    CGI::Cookie.new('name' => 'auth_token', 'value' => token)
+  end
+
+  def cookie_for(user)
+    auth_token users(user).remember_token
+  end
+
+  def disable_signup_bot_check(environment = Environment.default)
+    environment.min_signup_delay = 0
+    environment.save!
+  end
 end
diff --git a/test/integration/signup_test.rb b/test/integration/signup_test.rb
index 3c1a5ec..c75b52f 100644
--- a/test/integration/signup_test.rb
+++ b/test/integration/signup_test.rb
@@ -7,33 +7,18 @@ class SignupTest < ActionController::IntegrationTest
     ActionController::Integration::Session.any_instance.stubs(:https?).returns(true)
   end
 
-  # helper
-  def registering_with_bot_test(min_signup_delay, sleep_secs)
-    env = Environment.default
-    env.min_signup_delay = min_signup_delay
-    env.save!
-    get '/account/signup'
-    assert_response :success
-    get '/account/signup_time'
-    assert_response :success
-    data = ActiveSupport::JSON.decode response.body
-    sleep sleep_secs
-    post '/account/signup', :user => { :login => 'someone', :password => 'test', :password_confirmation => 'test', :email => 'someone@example.com' }, :signup_time_key => data['key']
-    assert_response :success
-  end
-
-  def test_signup_form_submition_must_be_blocked_for_fast_bots
-    count = User.count
-    registering_with_bot_test 5, 1
+  def test_signup_form_submission_must_be_blocked_for_fast_bots
+    assert_no_difference User, :count do
+      registering_with_bot_test 5, 1
+    end
     assert_template 'signup'
-    assert_equal count, User.count
     assert_match /you are a robot/, response.body
   end
 
-  def test_signup_form_submition_must_not_block_after_min_signup_delay
-    count = User.count
-    registering_with_bot_test 1, 2
-    assert_equal count+1, User.count
+  def test_signup_form_submission_must_not_block_after_min_signup_delay
+    assert_difference User, :count, 1 do
+      registering_with_bot_test 1, 2
+    end
   end
 
   def test_should_require_acceptance_of_terms_for_signup
@@ -63,4 +48,20 @@ class SignupTest < ActionController::IntegrationTest
 
   end
 
+  private
+
+  def registering_with_bot_test(min_signup_delay, sleep_secs)
+    env = Environment.default
+    env.min_signup_delay = min_signup_delay
+    env.save!
+    get '/account/signup'
+    assert_response :success
+    get '/account/signup_time'
+    assert_response :success
+    data = ActiveSupport::JSON.decode response.body
+    sleep sleep_secs
+    post '/account/signup', :user => { :login => 'someone', :password => 'test', :password_confirmation => 'test', :email => 'someone@example.com' }, :signup_time_key => data['key']
+    assert_response :success
+  end
+
 end
--
libgit2 0.21.2