acts_as_textcaptcha 2.2.2 → 3.0.0

data/lib/acts_as_textcaptcha/textcaptcha_helper.rb

@@ -1,9 +1,25 @@
 module ActsAsTextcaptcha
   module TextcaptchaHelper
 
-    # generates a spam question and possible answers for a model, answers are stored in  session[:possible_answers]
-    def spamify(model)
-      session[:possible_answers] = model.generate_spam_question unless model.validate_spam_answer
+    # builds html fields for spam question, answer and hidden encrypted spam answers
+    def textcaptcha_fields(f, &block)
+      model        = f.object
+      captcha_html = ''
+      if model.perform_textcaptcha?
+         captcha_html += f.hidden_field(:spam_answers)
+         if model.spam_answer
+           captcha_html += f.hidden_field(:spam_answer)
+         elsif model.spam_question
+           captcha_html += capture(&block)
+         end
+      end
+
+      # Rails 2 compatability
+      if Rails::VERSION::MAJOR < 3
+        concat captcha_html, &block.binding
+      else
+        captcha_html.html_safe
+      end
     end
   end
-end
+end

data/lib/acts_as_textcaptcha/version.rb

@@ -1,3 +1,3 @@
 module ActsAsTextcaptcha
-  VERSION = "2.2.2"
-end
+  VERSION = "3.0.0"
+end

data/lib/tasks/textcaptcha.rake

@@ -1,23 +1,26 @@
+require 'bcrypt'
+
 namespace :textcaptcha do
-  desc "Adds a textcaptcha.yml template config file to ./config "
-  task :generate_config do
 
+  desc "Creates a template config file in config/textcaptcha.yml"
+  task :config do
     src  = File.join(File.dirname(__FILE__), '../..', 'config', 'textcaptcha.yml')
     dest = File.join(Rails.root, 'config', 'textcaptcha.yml')
     if File.exist?(dest)
-      puts "\ntextcaptcha config file: #{dest}\n ... already exists.  Aborting.\n\n"
+      puts "\nOoops, a textcaptcha config file at #{dest} already exists ... aborting.\n\n"
     else
-      config_file = ''
+      config = ''
+      salt   = BCrypt::Engine.generate_salt
       f = File.open(src, 'r')
-      f.each_line { |line| config_file += line }
-      config_file.gsub!(/api\_key\:(.+)$/, 'api_key: # get one at http://textcaptcha.com' )
-      config_file.gsub!(/bcrypt\_salt\:(.+)$/, "bcrypt_salt: #{BCrypt::Engine.generate_salt}" ) if defined?(BCrypt)
+      f.each_line { |line| config += line }
+      config.gsub!(/RAKE_GENERATED_SALT_PLACEHOLDER/, salt)
+      config.gsub!(/  api_key:(.*)# for gem test purposes only$/, "  api_key: PASTE_YOUR_TEXTCAPCHA_API_KEY_HERE")
+      config.gsub!(/  bcrypt_salt:(.*)# for gem test purposes only$/, "  bcrypt_salt: #{salt}")
 
       f = File.new(dest, 'w')
-      f.write(config_file)
+      f.write(config)
       f.close
-      puts "\ntextcaptcha.yml generated at #{dest} (with a new BCrypt salt).\nNOTE: edit this file and add your textcaptcha api key (from http://textcaptcha.com)"
+      puts "\ntextcaptcha.yml generated at #{dest} (with a new BCrypt salt)\nNOTE: edit this file and add your textcaptcha api key, grab one from http://textcaptcha.com/api\n\n"
     end
-
   end
-end
+end

data/{spec → test}/schema.rb

@@ -15,4 +15,4 @@ ActiveRecord::Schema.define(:version => 0) do
   create_table :notes, :force => true do |t|
     t.string :name
   end
-end
+end

data/test/test_helper.rb

@@ -0,0 +1,27 @@
+$LOAD_PATH.unshift(File.expand_path(File.dirname(__FILE__)+'./../lib'))
+
+ENV['RAILS_ENV'] = 'test'
+
+if ENV['COVERAGE']
+  require "simplecov"
+  SimpleCov.start do
+    add_filter '/test/'
+  end
+  SimpleCov.at_exit do
+    SimpleCov.result.format!
+    `open ./coverage/index.html` if RUBY_PLATFORM =~ /darwin/
+  end
+end
+
+require 'minitest/autorun'
+require 'fakeweb'
+
+require 'active_record'
+require 'rails'
+
+require 'acts_as_textcaptcha'
+require './test/test_models'
+
+# load and initialize test db schema
+ActiveRecord::Base.establish_connection(:adapter => 'sqlite3', :database => 'acts_as_textcaptcha.sqlite3.db')
+load(File.dirname(__FILE__) + "/schema.rb")

data/test/test_models.rb

@@ -0,0 +1,42 @@
+# models for use in tests
+
+class Widget < ActiveRecord::Base
+  # uses textcaptcha.yml file for configuration
+  acts_as_textcaptcha
+end
+
+class Comment < ActiveRecord::Base
+  # inline options (symbol keys) with api_key only
+  acts_as_textcaptcha :api_key     => '8u5ixtdnq9csc84cok0owswgo',
+                      :bcrypt_salt => '$2a$10$j0bmycH.SVfD1b5mpEGPpe'
+end
+
+class Review < ActiveRecord::Base
+  # inline options with all possible options
+  acts_as_textcaptcha 'api_key'     => '8u5ixtdnq9csc84cok0owswgo',
+                      'bcrypt_salt' => '$2a$10$j0bmycH.SVfD1b5mpEGPpe',
+                      'bcrypt_cost' => '3',
+                      'questions'   => [{ 'question' => 'The green hat is what color?', 'answers' => 'green' }]
+end
+
+class Note < ActiveRecord::Base
+  # inline options (string keys) with user defined questions only (no textcaptcha service)
+  acts_as_textcaptcha 'questions'   => [{ 'question' => '1+1', 'answers' => '2,two' }],
+                      'bcrypt_salt' => '$2a$10$j0bmycH.SVfD1b5mpEGPpe'
+
+  # allows toggling perform_textcaptcha on/off (default on)
+  attr_accessor :turn_off_captcha
+
+  def perform_textcaptcha?
+    !turn_off_captcha
+  end
+end
+
+class Contact
+  # non active record object (symbol keys), no API used
+  include ActiveModel::Validations
+  include ActiveModel::Conversion
+  extend  ActsAsTextcaptcha::Textcaptcha
+  acts_as_textcaptcha :questions   => [{ :question => 'one+1', :answers => '2,two' }],
+                      :bcrypt_salt => '$2a$10$j0bmycH.SVfD1b5mpEGPpe'
+end

data/test/textcaptcha_helper_test.rb

@@ -0,0 +1,50 @@
+require File.expand_path(File.dirname(__FILE__)+'/test_helper')
+require 'action_controller'
+require 'action_view'
+
+class NotesController < ActionController::Base; end
+
+class Template < ActionView::Base
+  def protect_against_forgery?; false; end
+end
+
+
+describe 'TextcaptchaHelper' do
+
+  before(:each) do
+    @controller = NotesController.new
+    @note       = Note.new
+    @note.textcaptcha
+  end
+
+  def render_template(assigns)
+    template = <<-ERB
+    <%= form_for(@note, :url => '/') do |f| %>
+      <%= textcaptcha_fields(f) do %>
+      <div class="field textcaptcha">
+        <%= f.label :spam_answer, @note.spam_question %><br/>
+        <%= f.text_field :spam_answer, :value => '' %>
+      </div>
+      <% end %>
+    <% end %>
+    ERB
+
+    Template.new([], assigns, @controller).render(:inline => template)
+  end
+
+  it 'should render question and answer fields, with hidden spam_answers field' do
+    html = render_template({:note => @note})
+
+    html.must_match /\<label for\=\"note\_spam\_answer\"\>1\+1\<\/label\>/
+    html.must_match /\<input id\=\"note_spam_answers\" name\=\"note\[spam\_answers\]\" type\=\"hidden\" value\=\"(.*)\" \/\>/
+  end
+
+  it 'should render hidden answer and spam_answer fields when question has been answered OK (and not ask question)' do
+    @note.spam_answer = 2
+    html = render_template({:note => @note})
+
+    html.wont_match /\<label for\=\"note\_spam\_answer\"\>1\+1\<\/label\>/
+    html.must_match /\<input id\=\"note_spam_answers\" name\=\"note\[spam\_answers\]\" type\=\"hidden\" value\=\"(.*)\" \/\>/
+    html.must_match /\<input id\=\"note_spam_answer\" name\=\"note\[spam_answer\]\" type\=\"hidden\" value\=\"2\" \/\>/
+  end
+end

data/test/textcaptcha_test.rb

@@ -0,0 +1,188 @@
+require File.expand_path(File.dirname(__FILE__)+'/test_helper')
+
+describe 'Textcaptcha' do
+
+  describe 'validations' do
+
+    before(:each) do
+      @note = Note.new
+      @note.textcaptcha
+    end
+
+    it 'should validate an ActiveRecord object (with multiple correct answers)' do
+      @note.spam_question.must_equal('1+1')
+      @note.valid?.must_equal false
+      @note.errors[:spam_answer].first.must_equal('is incorrect, try another question instead')
+
+      @note.spam_answer = 'two'
+      @note.valid?.must_equal true
+      @note.errors[:spam_answer].must_be_empty
+
+      @note.spam_answer = '2'
+      @note.valid?.must_equal true
+      @note.errors[:spam_answer].must_be_empty
+    end
+
+    it 'should strip whitespace and downcase spam answer' do
+      @note.spam_answer = ' tWo '
+      @note.valid?.must_equal true
+      @note.errors[:spam_answer].must_be_empty
+    end
+
+    it 'should always be valid when record has been saved' do
+      @note.spam_answer = '2'
+      @note.save!
+      @note.textcaptcha
+
+      @note.spam_answer = 'wrong answer'
+      @note.new_record?.must_equal false
+      @note.valid?.must_equal true
+      @note.errors[:spam_answer].must_be_empty
+    end
+
+    it 'should always be valid when perform_textcaptcha? is false' do
+      @note.turn_off_captcha = true
+      @note.valid?.must_equal true
+      @note.errors[:spam_answer].must_be_empty
+
+      @note.save.must_equal true
+    end
+
+    it 'should validate a non ActiveRecord object' do
+      @contact = Contact.new
+      @contact.textcaptcha
+
+      @contact.spam_question.must_equal('one+1')
+      @contact.spam_answer = 'wrong'
+      @contact.valid?.must_equal false
+
+      @contact.spam_answer = 'two'
+      @contact.valid?.must_equal true
+      @contact.errors[:spam_answer].must_be_empty
+    end
+  end
+
+  describe 'encryption' do
+
+    before(:each) do
+      @note = Note.new
+    end
+
+    it 'should encrypt spam_answers (joined by - seperator) MD5 digested and using BCrypt engine with salt' do
+      @note.spam_answers.must_be_nil
+      @note.textcaptcha
+      encrypted_answers = [2,' TwO '].collect { |answer| BCrypt::Engine.hash_secret(Digest::MD5.hexdigest(answer.to_s.strip.downcase), '$2a$10$j0bmycH.SVfD1b5mpEGPpe', 1) }.join('-')
+      @note.spam_answers.must_equal('$2a$10$j0bmycH.SVfD1b5mpEGPpePFe1wBxOn7Brr9lMuLRxv6lg4ZYjJ22-$2a$10$j0bmycH.SVfD1b5mpEGPpe8v5mqqpDaExuS/hZu8Xkq8krYL/T8P.')
+      @note.spam_answers.must_equal(encrypted_answers)
+    end
+
+    it 'should raise error if bcyrpt salt is invalid' do
+      @note.textcaptcha_config[:bcrypt_salt] = 'bad salt'
+      proc { @note.textcaptcha }.must_raise BCrypt::Errors::InvalidSalt
+      @note.textcaptcha_config[:bcrypt_salt] ='$2a$10$j0bmycH.SVfD1b5mpEGPpe'
+    end
+  end
+
+  describe 'textcaptcha API' do
+
+    after(:each) do
+      FakeWeb.clean_registry
+    end
+
+    it 'should generate spam question from the service' do
+      @review = Review.new
+
+      @review.textcaptcha
+      @review.spam_question.wont_be_nil
+      @review.spam_question.wont_equal('The green hat is what color?')
+
+      @review.spam_answers.wont_be_nil
+
+      @review.valid?.must_equal false
+      @review.errors[:spam_answer].first.must_equal('is incorrect, try another question instead')
+    end
+
+    it 'should parse a single answer from XML response' do
+      @review  = Review.new
+      question = 'If tomorrow is Saturday, what day is today?'
+      body     = "<captcha><question>#{question}</question><answer>f6f7fec07f372b7bd5eb196bbca0f3f4</answer></captcha>"
+      FakeWeb.register_uri(:get, %r|http://textcaptcha\.com/api/|, :body => body)
+
+      @review.textcaptcha
+      @review.spam_question.must_equal(question)
+      @review.spam_answers.must_equal('$2a$10$j0bmycH.SVfD1b5mpEGPpecvhlumIBvWXI4HQWk0xa74DebZDx772')
+      @review.spam_answers.split('-').length.must_equal(1)
+    end
+
+    it 'should parse multiple answers from XML response' do
+      @review  = Review.new
+      question = 'If tomorrow is Saturday, what day is today?'
+      body     = "<captcha><question>#{question}</question><answer>1</answer><answer>2</answer><answer>3</answer></captcha>"
+      FakeWeb.register_uri(:get, %r|http://textcaptcha\.com/api/|, :body => body)
+
+      @review.textcaptcha
+      @review.spam_question.must_equal(question)
+      @review.spam_answers.split('-').length.must_equal(3)
+    end
+
+    describe 'service is unavailable' do
+
+      describe 'should fallback to a user defined question' do
+
+        before(:each) do
+          @review = Review.new
+        end
+
+        it 'when errors occur' do
+          [SocketError, Timeout::Error, Errno::EINVAL, Errno::ECONNRESET, EOFError, Errno::ECONNREFUSED, Errno::ETIMEDOUT,
+           Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError, URI::InvalidURIError].each do |error|
+            FakeWeb.register_uri(:get, %r|http://textcaptcha\.com/api/|, :exception => error)
+            @review.textcaptcha
+            @review.spam_question.must_equal('The green hat is what color?')
+            @review.spam_answers.wont_be_nil
+          end
+        end
+
+        it 'when response is OK but body cannot be parsed as XML' do
+          FakeWeb.register_uri(:get, %r|http://textcaptcha\.com/api/|, :body => 'here be gibberish')
+          @review.textcaptcha
+          @review.spam_question.must_equal('The green hat is what color?')
+          @review.spam_answers.wont_be_nil
+        end
+
+        it 'when response is OK but empty' do
+          FakeWeb.register_uri(:get, %r|http://textcaptcha\.com/api/|, :body => '')
+          @review.textcaptcha
+          @review.spam_question.must_equal('The green hat is what color?')
+          @review.spam_answers.wont_be_nil
+        end
+      end
+    end
+
+    it 'should not generate any spam question or answer when no user defined questions set' do
+      @comment = Comment.new
+
+      FakeWeb.register_uri(:get, %r|http://textcaptcha\.com/api/|, :exception => SocketError)
+      @comment.textcaptcha
+      @comment.spam_question.must_equal 'ActsAsTextcaptcha >> no API key (or questions) set and/or the textcaptcha service is currently unavailable (answer ok to bypass)'
+      @comment.spam_answers.must_equal 'ok'
+    end
+  end
+
+  describe 'configuration' do
+
+    it 'should be configured with inline hash' do
+      Review.textcaptcha_config.must_equal({ :api_key     => '8u5ixtdnq9csc84cok0owswgo',
+                                             :bcrypt_salt => '$2a$10$j0bmycH.SVfD1b5mpEGPpe',
+                                             :bcrypt_cost => '3',
+                                             :questions   => [{ 'question' => 'The green hat is what color?', 'answers' => 'green' }]})
+    end
+
+    it 'should be configured with textcaptcha.yml' do
+      Widget.textcaptcha_config[:api_key].must_equal          '6eh1co0j12mi2ogcoggkkok4o'
+      Widget.textcaptcha_config[:bcrypt_salt].must_equal      '$2a$10$qhSefD6gKtmq6M0AzXk4CO'
+      Widget.textcaptcha_config[:bcrypt_cost].must_equal      1
+      Widget.textcaptcha_config[:questions].length.must_equal 10
+    end
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: acts_as_textcaptcha
 version: !ruby/object:Gem::Version
-  version: 2.2.2
+  version: 3.0.0
   prerelease: 
 platform: ruby
 authors:
@@ -9,23 +9,23 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2011-07-26 00:00:00.000000000 +01:00
+date: 2011-08-06 00:00:00.000000000 +01:00
 default_executable: 
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt-ruby
-  requirement: &2152243920 !ruby/object:Gem::Requirement
+  requirement: &2156333440 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 2.1.2
+        version: 2.1.4
   type: :runtime
   prerelease: false
-  version_requirements: *2152243920
+  version_requirements: *2156333440
 - !ruby/object:Gem::Dependency
   name: rails
-  requirement: &2152243500 !ruby/object:Gem::Requirement
+  requirement: &2156333020 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -33,21 +33,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2152243500
-- !ruby/object:Gem::Dependency
-  name: activerecord
-  requirement: &2152243040 !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: *2152243040
+  version_requirements: *2156333020
 - !ruby/object:Gem::Dependency
   name: bundler
-  requirement: &2152242620 !ruby/object:Gem::Requirement
+  requirement: &2156332560 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -55,10 +44,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2152242620
+  version_requirements: *2156332560
 - !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: &2152242200 !ruby/object:Gem::Requirement
+  name: simplecov
+  requirement: &2156332140 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -66,10 +55,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2152242200
+  version_requirements: *2156332140
 - !ruby/object:Gem::Dependency
-  name: rcov
-  requirement: &2152241780 !ruby/object:Gem::Requirement
+  name: rdoc
+  requirement: &2156331720 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -77,10 +66,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2152241780
+  version_requirements: *2156331720
 - !ruby/object:Gem::Dependency
-  name: rdoc
-  requirement: &2152241360 !ruby/object:Gem::Requirement
+  name: sqlite3
+  requirement: &2156331300 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -88,10 +77,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2152241360
+  version_requirements: *2156331300
 - !ruby/object:Gem::Dependency
-  name: sqlite3
-  requirement: &2152240940 !ruby/object:Gem::Requirement
+  name: fakeweb
+  requirement: &2156330880 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -99,13 +88,11 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2152240940
-description: ! "Spam protection for your ActiveRecord models using logic questions
-  and the excellent textcaptcha api. See textcaptcha.com for more details and to get
-  your api key.\n  The logic questions are aimed at a child's age of 7, so can be
-  solved easily by all but the most cognitively impaired users. As they involve human
-  logic, such questions cannot be solved by a robot.\n  For more reasons on why logic
-  questions are useful, see here; http://textcaptcha.com/why"
+  version_requirements: *2156330880
+description: ! "Simple question/answer based spam protection for your Rails models.\n
+  \ You can define your own logic questions and/or fetch questions from the textcaptcha.com
+  API.\n  The questions involve human logic and are tough for spam bots to crack.\n
+  \ For more reasons on why logic questions are a good idea visit; http://textcaptcha.com/why"
 email:
 - matt@hiddenloop.com
 executables: []
@@ -123,17 +110,17 @@ files:
 - config/textcaptcha.yml
 - init.rb
 - lib/acts_as_textcaptcha.rb
+- lib/acts_as_textcaptcha/framework/rails.rb
 - lib/acts_as_textcaptcha/framework/rails2.rb
-- lib/acts_as_textcaptcha/framework/rails3.rb
 - lib/acts_as_textcaptcha/textcaptcha.rb
 - lib/acts_as_textcaptcha/textcaptcha_helper.rb
 - lib/acts_as_textcaptcha/version.rb
 - lib/tasks/textcaptcha.rake
-- spec/acts_as_textcaptcha_spec.rb
-- spec/database.yml
-- spec/schema.rb
-- spec/spec.opts
-- spec/spec_helper.rb
+- test/schema.rb
+- test/test_helper.rb
+- test/test_models.rb
+- test/textcaptcha_helper_test.rb
+- test/textcaptcha_test.rb
 has_rdoc: true
 homepage: http://github.com/matthutchinson/acts_as_textcaptcha
 licenses: []
@@ -158,11 +145,6 @@ rubyforge_project:
 rubygems_version: 1.6.2
 signing_key: 
 specification_version: 3
-summary: Spam protection for your models via logic questions and the excellent textcaptcha.com
-  api
-test_files:
-- spec/acts_as_textcaptcha_spec.rb
-- spec/database.yml
-- spec/schema.rb
-- spec/spec.opts
-- spec/spec_helper.rb
+summary: Spam protection for your models via logic questions and the textcaptcha.com
+  API
+test_files: []