Merge remote-tracking branch 'origin/pr/199'

This commit is contained in:
Martin Zimmermann 2015-11-08 17:39:01 +01:00
commit 54952e67ad
8 changed files with 57 additions and 1 deletions

View File

@ -47,5 +47,8 @@ In chronological order:
* Daniel Gräber <https://github.com/albohlabs>
* Added ansible for provisioning
* Nick Hu <https://github.com/NickHu>
* Added configuration to require email addresses (no validation)
* [Your name or handle] <[email or website]>
* [Brief summary of your changes]

View File

@ -10,6 +10,7 @@ preferably in the script tag which embeds the JS:
data-isso-css="true"
data-isso-lang="ru"
data-isso-reply-to-self="false"
data-isso-require-email="false"
data-isso-max-comments-top="10"
data-isso-max-comments-nested="5"
data-isso-reveal-on-click="5"
@ -58,6 +59,11 @@ data-isso-reply-to-self
Set to `true` when spam guard is configured with `reply-to-self = true`.
data-isso-require-email
-----------------------
Set to `true` when spam guard is configured with `require-email = true`.
data-isso-max-comments-top and data-isso-max-comments-nested
------------------------------------------------------------

View File

@ -217,6 +217,7 @@ for IPv4, ``/48`` for IPv6).
ratelimit = 2
direct-reply = 3
reply-to-self = false
require-email = false
enabled
enable guard, recommended in production. Not useful for debugging
@ -236,6 +237,12 @@ reply-to-self
Do not forget to configure the client.
require-email
force commenters to enter a value into the email field. No validation is
performed on the provided value.
Do not forget to configure the client.
Markup
------

View File

@ -49,6 +49,7 @@ class Guard:
if len(rv) >= self.conf.getint("direct-reply"):
return False, "%i direct responses to %s" % (len(rv), uri)
# block replies to self unless :param:`reply-to-self` is enabled
elif self.conf.getboolean("reply-to-self") == False:
rv = self.db.execute([
'SELECT id FROM comments WHERE'
@ -61,6 +62,10 @@ class Guard:
if len(rv) > 0:
return False, "edit time frame is still open"
# require email if :param:`require-email` is enabled
if self.conf.getboolean("require-email") and not comment.get("email"):
return False, "email address required but not provided"
return True, ""
def _spam(self, uri, comment):

View File

@ -5,6 +5,7 @@ define(function() {
"css": true,
"lang": (navigator.language || navigator.userLanguage).split("-")[0],
"reply-to-self": false,
"require-email": false,
"max-comments-top": "inf",
"max-comments-nested": 5,
"reveal-on-click": 5,

View File

@ -24,9 +24,22 @@ define(["app/dom", "app/utils", "app/config", "app/api", "app/jade", "app/i18n",
$(".textarea", this).focus();
return false;
}
if (config["require-email"] &&
$("[name='email']", this).value.length <= 0)
{
$("[name='email']", this).focus();
return false;
}
return true;
};
// email is not optional if this config parameter is set
if (config["require-email"])
{
$("[name='email']", el).placeholder =
$("[name='email']", el).placeholder.replace(/ \(.*\)/, "");
}
// submit form, initialize optional fields with `null` and reset form.
// If replied to a comment, remove form completely.
$("[type=submit]", el).on("click", function() {

View File

@ -35,7 +35,7 @@ class TestGuard(unittest.TestCase):
def setUp(self):
self.path = tempfile.NamedTemporaryFile().name
def makeClient(self, ip, ratelimit=2, direct_reply=3, self_reply=False):
def makeClient(self, ip, ratelimit=2, direct_reply=3, self_reply=False, require_email=False):
conf = config.load(os.path.join(dist.location, "share", "isso.conf"))
conf.set("general", "dbpath", self.path)
@ -44,11 +44,13 @@ class TestGuard(unittest.TestCase):
conf.set("guard", "ratelimit", str(ratelimit))
conf.set("guard", "direct-reply", str(direct_reply))
conf.set("guard", "reply-to-self", "1" if self_reply else "0")
conf.set("guard", "require-email", "1" if require_email else "0")
class App(Isso, core.Mixin):
pass
app = App(conf)
app.wsgi_app = FakeIP(app.wsgi_app, ip)
return Client(app, Response)
@ -113,3 +115,18 @@ class TestGuard(unittest.TestCase):
self.assertEqual(client.post("/new?uri=test", data=self.data).status_code, 201)
self.assertEqual(client.post("/new?uri=test", data=payload(1)).status_code, 201)
self.assertEqual(client.post("/new?uri=test", data=payload(2)).status_code, 201)
def testRequireEmail(self):
payload = lambda email: json.dumps({"text": "...", "email": email})
client = self.makeClient("127.0.0.1", ratelimit=4, require_email=False)
client_strict = self.makeClient("127.0.0.2", ratelimit=4, require_email=True)
# if we don't require email
self.assertEqual(client.post("/new?uri=test", data=payload("")).status_code, 201)
self.assertEqual(client.post("/new?uri=test", data=payload("test@me.more")).status_code, 201)
# if we do require email
self.assertEqual(client_strict.post("/new?uri=test", data=payload("")).status_code, 403)
self.assertEqual(client_strict.post("/new?uri=test", data=payload("test@me.more")).status_code, 201)

View File

@ -130,6 +130,10 @@ direct-reply = 3
# their own comments anyways. Do not forget to configure the client.
reply-to-self = false
# require the commenter to enter an email address (note: no validation is
# done on the provided address). Do not forget to configure the client.
require-email = false
[markup]
# Customize markup and sanitized HTML. Currently, only Markdown (via Misaka) is