Merge remote-tracking branch 'origin/pr/199'
This commit is contained in:
commit
54952e67ad
@ -47,5 +47,8 @@ In chronological order:
|
||||
* Daniel Gräber <https://github.com/albohlabs>
|
||||
* Added ansible for provisioning
|
||||
|
||||
* Nick Hu <https://github.com/NickHu>
|
||||
* Added configuration to require email addresses (no validation)
|
||||
|
||||
* [Your name or handle] <[email or website]>
|
||||
* [Brief summary of your changes]
|
||||
|
@ -10,6 +10,7 @@ preferably in the script tag which embeds the JS:
|
||||
data-isso-css="true"
|
||||
data-isso-lang="ru"
|
||||
data-isso-reply-to-self="false"
|
||||
data-isso-require-email="false"
|
||||
data-isso-max-comments-top="10"
|
||||
data-isso-max-comments-nested="5"
|
||||
data-isso-reveal-on-click="5"
|
||||
@ -58,6 +59,11 @@ data-isso-reply-to-self
|
||||
|
||||
Set to `true` when spam guard is configured with `reply-to-self = true`.
|
||||
|
||||
data-isso-require-email
|
||||
-----------------------
|
||||
|
||||
Set to `true` when spam guard is configured with `require-email = true`.
|
||||
|
||||
data-isso-max-comments-top and data-isso-max-comments-nested
|
||||
------------------------------------------------------------
|
||||
|
||||
|
@ -217,6 +217,7 @@ for IPv4, ``/48`` for IPv6).
|
||||
ratelimit = 2
|
||||
direct-reply = 3
|
||||
reply-to-self = false
|
||||
require-email = false
|
||||
|
||||
enabled
|
||||
enable guard, recommended in production. Not useful for debugging
|
||||
@ -236,6 +237,12 @@ reply-to-self
|
||||
|
||||
Do not forget to configure the client.
|
||||
|
||||
require-email
|
||||
force commenters to enter a value into the email field. No validation is
|
||||
performed on the provided value.
|
||||
|
||||
Do not forget to configure the client.
|
||||
|
||||
Markup
|
||||
------
|
||||
|
||||
|
@ -49,6 +49,7 @@ class Guard:
|
||||
if len(rv) >= self.conf.getint("direct-reply"):
|
||||
return False, "%i direct responses to %s" % (len(rv), uri)
|
||||
|
||||
# block replies to self unless :param:`reply-to-self` is enabled
|
||||
elif self.conf.getboolean("reply-to-self") == False:
|
||||
rv = self.db.execute([
|
||||
'SELECT id FROM comments WHERE'
|
||||
@ -61,6 +62,10 @@ class Guard:
|
||||
if len(rv) > 0:
|
||||
return False, "edit time frame is still open"
|
||||
|
||||
# require email if :param:`require-email` is enabled
|
||||
if self.conf.getboolean("require-email") and not comment.get("email"):
|
||||
return False, "email address required but not provided"
|
||||
|
||||
return True, ""
|
||||
|
||||
def _spam(self, uri, comment):
|
||||
|
@ -5,6 +5,7 @@ define(function() {
|
||||
"css": true,
|
||||
"lang": (navigator.language || navigator.userLanguage).split("-")[0],
|
||||
"reply-to-self": false,
|
||||
"require-email": false,
|
||||
"max-comments-top": "inf",
|
||||
"max-comments-nested": 5,
|
||||
"reveal-on-click": 5,
|
||||
|
@ -24,9 +24,22 @@ define(["app/dom", "app/utils", "app/config", "app/api", "app/jade", "app/i18n",
|
||||
$(".textarea", this).focus();
|
||||
return false;
|
||||
}
|
||||
if (config["require-email"] &&
|
||||
$("[name='email']", this).value.length <= 0)
|
||||
{
|
||||
$("[name='email']", this).focus();
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
};
|
||||
|
||||
// email is not optional if this config parameter is set
|
||||
if (config["require-email"])
|
||||
{
|
||||
$("[name='email']", el).placeholder =
|
||||
$("[name='email']", el).placeholder.replace(/ \(.*\)/, "");
|
||||
}
|
||||
|
||||
// submit form, initialize optional fields with `null` and reset form.
|
||||
// If replied to a comment, remove form completely.
|
||||
$("[type=submit]", el).on("click", function() {
|
||||
|
@ -35,7 +35,7 @@ class TestGuard(unittest.TestCase):
|
||||
def setUp(self):
|
||||
self.path = tempfile.NamedTemporaryFile().name
|
||||
|
||||
def makeClient(self, ip, ratelimit=2, direct_reply=3, self_reply=False):
|
||||
def makeClient(self, ip, ratelimit=2, direct_reply=3, self_reply=False, require_email=False):
|
||||
|
||||
conf = config.load(os.path.join(dist.location, "share", "isso.conf"))
|
||||
conf.set("general", "dbpath", self.path)
|
||||
@ -44,11 +44,13 @@ class TestGuard(unittest.TestCase):
|
||||
conf.set("guard", "ratelimit", str(ratelimit))
|
||||
conf.set("guard", "direct-reply", str(direct_reply))
|
||||
conf.set("guard", "reply-to-self", "1" if self_reply else "0")
|
||||
conf.set("guard", "require-email", "1" if require_email else "0")
|
||||
|
||||
class App(Isso, core.Mixin):
|
||||
pass
|
||||
|
||||
app = App(conf)
|
||||
|
||||
app.wsgi_app = FakeIP(app.wsgi_app, ip)
|
||||
|
||||
return Client(app, Response)
|
||||
@ -113,3 +115,18 @@ class TestGuard(unittest.TestCase):
|
||||
self.assertEqual(client.post("/new?uri=test", data=self.data).status_code, 201)
|
||||
self.assertEqual(client.post("/new?uri=test", data=payload(1)).status_code, 201)
|
||||
self.assertEqual(client.post("/new?uri=test", data=payload(2)).status_code, 201)
|
||||
|
||||
def testRequireEmail(self):
|
||||
|
||||
payload = lambda email: json.dumps({"text": "...", "email": email})
|
||||
|
||||
client = self.makeClient("127.0.0.1", ratelimit=4, require_email=False)
|
||||
client_strict = self.makeClient("127.0.0.2", ratelimit=4, require_email=True)
|
||||
|
||||
# if we don't require email
|
||||
self.assertEqual(client.post("/new?uri=test", data=payload("")).status_code, 201)
|
||||
self.assertEqual(client.post("/new?uri=test", data=payload("test@me.more")).status_code, 201)
|
||||
|
||||
# if we do require email
|
||||
self.assertEqual(client_strict.post("/new?uri=test", data=payload("")).status_code, 403)
|
||||
self.assertEqual(client_strict.post("/new?uri=test", data=payload("test@me.more")).status_code, 201)
|
||||
|
@ -130,6 +130,10 @@ direct-reply = 3
|
||||
# their own comments anyways. Do not forget to configure the client.
|
||||
reply-to-self = false
|
||||
|
||||
# require the commenter to enter an email address (note: no validation is
|
||||
# done on the provided address). Do not forget to configure the client.
|
||||
require-email = false
|
||||
|
||||
|
||||
[markup]
|
||||
# Customize markup and sanitized HTML. Currently, only Markdown (via Misaka) is
|
||||
|
Loading…
Reference in New Issue
Block a user