def test_include_token_in_form_if_token_was_present_in_request(self):
controller = TracCaptchaController(self.env)
valid_token = CryptoBox(controller.token_key()).generate_token()
req = self.post_request('/newticket',
field_summary='Foo',
__captcha_token=valid_token,
preview='Preview')
response = self.simulate_request(req)
self.assert_not_none(self.input_with_captcha_token(response))
self.assert_false(self.is_fake_captcha_visible(response))
def assert_captcha_completed(self, req, client_class=None):
client = self.client(client_class)
remote_ip = req.remote_addr
challenge = req.args.get('recaptcha_challenge_field')
response = req.args.get('recaptcha_response_field')
client.verify(remote_ip, challenge, response)
controller = TracCaptchaController(self.env)
base_message = 'Captcha for %(path)s successfully solved with %(challenge)s/%(response)s and %(arguments)s'
parameters = dict(path=req.path_info,
challenge=repr(challenge),
response=repr(response),
arguments=repr(req.args))
controller.debug_log(base_message % parameters)
def filter_stream(self, req, method, filename, stream, data):
if filename != 'register.html':
return stream
transformer = Transformer(
'//form[@id="acctmgr_registerform"]/input[@type="submit"]')
return TracCaptchaController(self.env).inject_captcha_into_stream(
req, stream, transformer)
def validate_registration(self, req):
error_message = TracCaptchaController(
self.env).check_captcha_solution(req)
if error_message is None:
return
# AccountManager can not retain the password...
parameters = dict(username=req.args.get('user'),
email=req.args.get('email'))
error = TracError('')
error.acctmgr = parameters
error.message = error_message
add_warning(req, error_message)
raise error
class TracCaptchaControllerTest(CaptchaTest):
def setUp(self):
self.super()
self.controller = TracCaptchaController(self.env)
self.assert_false(self.has_permission('anonymous', 'CAPTCHA_SKIP'))
def captcha_token(self):
return CryptoBox(self.controller.token_key()).generate_token()
def test_token_key_from_configuration_always_returned_as_byte_string(self):
# all crypto algorithms only work on unicode instances, even if they
# only contain ASCII characters
self.assert_true(isinstance(self.controller.token_key(), str))
def test_can_generate_token_key_if_not_set(self):
self.assert_equals('', self.env.config.get('trac-captcha',
'token_key'))
self.assert_not_none(self.controller.token_key())
stored_token = self.env.config.get('trac-captcha', 'token_key')
self.assert_equals(self.controller.token_key(), stored_token)
def test_returns_token_key_if_stored_in_config(self):
self.env.config.set('trac-captcha', 'token_key', 'foobar')
self.assert_equals('foobar', self.controller.token_key())
def test_skip_captcha_if_valid_token_found(self):
self.env.config.set('trac_captcha', 'token_key', 'foobar')
req = self.request('/', __captcha_token=self.captcha_token())
self.assert_none(None, req.remote_user)
self.assert_true(self.controller.should_skip_captcha(req))
def test_ignore_invalid_tokens(self):
req = self.request('/', __captcha_token='foobar')
self.assert_none(None, req.remote_user)
self.assert_false(self.controller.should_skip_captcha(req))
def setUp(self):
self.super()
self.controller = TracCaptchaController(self.env)
self.assert_false(self.has_permission('anonymous', 'CAPTCHA_SKIP'))
def reject_if_captcha_not_solved(self, req, submission):
error_message = TracCaptchaController(self.env).check_captcha_solution(req)
if error_message is None:
return (True, submission)
return (False, error_message)
def filter_stream(self, req, method, filename, stream, data):
if filename not in ('topic-add.html', 'message-list.html', 'wiki-message-list.html'):
return stream
transformer = Transformer('//div[@class="buttons"]')
return TracCaptchaController(self.env).inject_captcha_into_stream(req, stream, transformer)
def assert_captcha_is_active(self, captcha):
self.assert_equals(captcha(self.env),
TracCaptchaController(self.env).captcha)
def validate_ticket(self, req, ticket):
error_message = TracCaptchaController(self.env).check_captcha_solution(req)
if error_message is None:
return ()
return ((None, error_message),)
def filter_stream(self, req, method, filename, stream, data):
if filename != 'ticket.html':
return stream
transformer = Transformer('//div[@class="buttons"]')
return TracCaptchaController(self.env).inject_captcha_into_stream(req, stream, transformer)