refinerycms-inquiries 3.0.1 → 3.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b141298d3052862d6c2dbc8719fd30a91df8dcf1
-  data.tar.gz: bbbd8afac935fa871659f90a234f4e4d0e82a8ad
+  metadata.gz: d9ddb0e6c028b0f09330b4acbaf76bc8ceed1d9d
+  data.tar.gz: 486b3df780a2b9784ba0a1fa464037a1900ceb2e
 SHA512:
-  metadata.gz: be78da9454e6c8f16872794bbd104470b15b40ea0ba81dbec578986a0776010cc73f36e6521299c1d935a589949547f8495449005afb9732635dcc34f555b8df
-  data.tar.gz: 2aec759304d347d9d96c08aaefb0391538c29122dc582c1644c9033a6b1dc8082e5e159200d157db0902c9903b4bff78aeccbe4bc36303eb6652c188051842fb
+  metadata.gz: fd919f169f626caf18e06f165b91618e89b6713087024976ea929e2c1f6b6b83961b8bbacf9b2e44a1a57b8cdbfc8e7e9747b14f8370a33a025b253f08750ba5
+  data.tar.gz: d04451a99c47567cdbe5fd275b685a917316236fcec87b8691ec1dd1051c87699ec8e9a3371985d1a1200c85c89614d4887610bb53bed08ebec3316a06cda0fc

checksums.yaml.gz.sig

@@ -0,0 +1 @@
+(��:�[mg�

data.tar.gz.sig

@@ -0,0 +1,2 @@
+S��H1yO��8�2�*�[b,3X9^���jj
+�-�}�RҦ'<�ͣ��<Q�ʡZ}a�KG;w�;�[��;�h�MV�A&�8(�k�unFٸ��͐&�qll�=m�4�q�2N���_3|
�Uc��{��#��حHU?ǶH�eX�W�1x/K�@\�w�wPfj䚅�b
��a�V�h�^x(���Q�+Y��������I5��S���	�������\*Kv��Q1E�Z�+#�ڠI�N^E�+�?D��gM

data/Gemfile

@@ -2,11 +2,11 @@ source 'https://rubygems.org'
 
 gemspec
 
-gem 'refinerycms', github: 'refinery/refinerycms'
-gem 'refinerycms-settings', github: 'refinery/refinerycms-settings'
+gem 'refinerycms', ["~> 3.0", ">= 3.0.3"]
+gem 'refinerycms-settings', "~> 3.0"
 
 group :test do
-  gem 'refinerycms-testing', github: 'refinery/refinerycms'
+  gem 'refinerycms-testing', ["~> 3.0", ">= 3.0.3"]
   gem 'capybara-email', '~> 2.4.0'
   gem 'poltergeist'
 end
@@ -29,8 +29,8 @@ if !ENV['TRAVIS'] || ENV['DB'] == 'postgresql'
 end
 
 # Refinery/rails should pull in the proper versions of these
-gem 'sass-rails', '~> 4.0.0'
-gem 'coffee-rails', '~> 4.0.0'
+gem 'sass-rails'
+gem 'coffee-rails'
 
 # Load local gems according to Refinery developer preference.
 if File.exist? local_gemfile = File.expand_path('../.gemfile', __FILE__)

data/app/controllers/refinery/inquiries/inquiries_controller.rb

@@ -1,3 +1,5 @@
+require 'refinery/inquiries/spam_filter'
+
 module Refinery
   module Inquiries
     class InquiriesController < ::ApplicationController
@@ -15,23 +17,7 @@ module Refinery
       def create
         @inquiry = Inquiry.new(inquiry_params)
 
-        if @inquiry.save
-          if @inquiry.ham? || Inquiries.send_notifications_for_inquiries_marked_as_spam
-            begin
-              InquiryMailer.notification(@inquiry, request).deliver_now
-            rescue
-              logger.warn "There was an error delivering an inquiry notification.\n#{$!}\n"
-            end
-
-            if Setting.send_confirmation?
-              begin
-                InquiryMailer.confirmation(@inquiry, request).deliver_now
-              rescue
-                logger.warn "There was an error delivering an inquiry confirmation:\n#{$!}\n"
-              end
-            end
-          end
-
+        if inquiry_saved_and_validated?
           redirect_to refinery.thank_you_inquiries_inquiries_path
         else
           render action: 'new'
@@ -58,6 +44,15 @@ module Refinery
         [:name, :phone, :message, :email]
       end
 
+      def inquiry_saved_and_validated?
+        if @inquiry.valid?
+          @filter = SpamFilter.new(@inquiry, request)
+          @filter.call
+
+          @filter.valid?
+        end
+      end
+
     end
   end
 end

data/app/models/refinery/inquiries/inquiry.rb

@@ -5,7 +5,7 @@ module Refinery
   module Inquiries
     class Inquiry < Refinery::Core::BaseModel
 
-      if Inquiries.config.filter_spam
+      if Inquiries.filter_spam
         filters_spam message_field:    :message,
                      email_field:      :email,
                      author_field:     :name,
@@ -21,6 +21,9 @@ module Refinery
 
       default_scope { order('created_at DESC') }
 
+      scope :ham, -> { where(spam: false) }
+      scope :spam, -> { where(spam: true) }
+
       def self.latest(number = 7, include_spam = false)
         include_spam ? limit(number) : ham.limit(number)
       end

data/app/views/refinery/inquiries/inquiries/_form.html.erb

@@ -4,11 +4,13 @@
                :object => inquiry,
                :include_object_name => true
              } %>
+
   <div class="field">
     <%= f.label :name, :class => 'placeholder-fallback required' %>
     <%= f.text_field :name, :class => 'text', :required => 'required',
       :placeholder => (t('name', :scope => 'activerecord.attributes.refinery/inquiries/inquiry') if Refinery::Inquiries.show_placeholders) %>
   </div>
+
   <div class="field">
     <%= f.label :email, :class => 'placeholder-fallback required' %>
     <%= f.email_field :email, :class => 'text email', :required => 'required',
@@ -28,6 +30,16 @@
     <%= f.text_area :message, :rows => 8, :required => 'required',
       :placeholder => (t('message', :scope => 'activerecord.attributes.refinery/inquiries/inquiry') if Refinery::Inquiries.show_placeholders) %>
   </div>
+
+  <% if Refinery::Inquiries.recaptcha_site_key.present? %>
+    <% content_for :javascripts do %>
+      <script src='https://www.google.com/recaptcha/api.js'></script>
+    <% end %>
+    <div class='field captcha'>
+      <div class="g-recaptcha" data-sitekey="<%= Refinery::Inquiries.recaptcha_site_key %>"></div>
+    </div>
+  <% end %>
+
   <div class="actions">
     <%= f.submit t('.send') %>
     <%= link_to t('.privacy_policy'), "/privacy-policy", :id => "privacy_link" if Refinery::Inquiries.show_contact_privacy_link %>

data/certs/parndt.pem

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDhjCCAm6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBNMQ0wCwYDVQQDDARnZW1z
+MREwDwYKCZImiZPyLGQBGRYBcDEVMBMGCgmSJomT8ixkARkWBWFybmR0MRIwEAYK
+CZImiZPyLGQBGRYCaW8wHhcNMTYwNjEwMDMwNjQyWhcNMTcwNjEwMDMwNjQyWjBN
+MQ0wCwYDVQQDDARnZW1zMREwDwYKCZImiZPyLGQBGRYBcDEVMBMGCgmSJomT8ixk
+ARkWBWFybmR0MRIwEAYKCZImiZPyLGQBGRYCaW8wggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDMLLiiRX/NrRDQxcNO/bPNe51IhKeyACDjTTx0VGCG696t
+qdD23FjUrAYuQTW5P7Auh9qdcCnvPHJSwf31m+EGTshy/hcNYz2k/mrbwAfdytv3
+GAR+sFnMYtWvVQNeHBWXIaYMiSDP0WtbT6QqQx3SuA6ZpXNXD1dbm64MzHgMHqXP
+uHnLf2s0VCnTLorPH2J6CO5Y+Sx+IBqJi9/nO2oEEIXQCQRLgRevHk+TovDisW5V
+OMEPX7fo29R5J2T7mjkNLGJ5Ae1KiU9A60LsMco37HMWE8DM90pg1ues5tg6MfJT
+yuX4N0rJWdIC5ciHDsyJ4pi21s8fdUulk0YmJALDAgMBAAGjcTBvMAkGA1UdEwQC
+MAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQWBBSqXg48+kmcdOxIrkZhhgSV1flD1jAa
+BgNVHREEEzARgQ9nZW1zQHAuYXJuZHQuaW8wGgYDVR0SBBMwEYEPZ2Vtc0BwLmFy
+bmR0LmlvMA0GCSqGSIb3DQEBBQUAA4IBAQBSSS4nOXpPPMdAK4ApGHxbzS+/u77p
+V8gLBJX4hKMpbMNmdI+n6YsqvG6kMljgYBamucfrAkKdmHWn9ydST3o8RQAcYxS8
+bz49gD3c4Nm4P6eEVKFmebO9/MoiM7rMb0lk/xH1drtey/9ulohrg8Dz+BoQJ+9T
+m2lJzojOU7w461lPVZtKlDlseu68KvEQ2AdUBBa1b6w3S/EFkcdhErOT7dyQpePI
++wsbjPvdIWsjWQMn6MasZYIVTnenwP2jg+z9HSNxW0NL2vZx8VabpsWGWfrb+koj
+rE1h12GTgwaC3r9FOkdnSpClgPYAzTTCJ8kD74qO2zC9pGegrUXdWFM6
+-----END CERTIFICATE-----

data/config/locales/en.yml

@@ -5,6 +5,8 @@ en:
         title: Inquiries
         description: Provides a contact form and stores inquiries
     inquiries:
+      spam_filter:
+        captcha_invalid: Sorry, we could not verify that you aren't a robot
       config:
         from_name: "%{name} - %{site_name}"
       inquiries:

data/config/locales/fr.yml

@@ -5,6 +5,8 @@ fr:
         title: Requêtes
         description: Fournit un formulaire de contact et gère les demandes de contacts.
     inquiries:
+      spam_filter:
+        captcha_invalid: "Désolé, nous ne pouvons pas vérifier que vous n'êtes pas un robot"
       config:
         from_name: "%{name} - %{site_name}"
       inquiries:

data/lib/generators/refinery/inquiries/templates/config/initializers/refinery/inquiries.rb.erb

@@ -21,4 +21,7 @@ Refinery::Inquiries.configure do |config|
 
   # Toggle the spam filter
   # config.filter_spam = <%= Refinery::Inquiries.filter_spam.inspect %>
+
+  # Toggle recaptcha support with your recaptcha "Site key"
+  # config.recaptcha_site_key = <%= Refinery::Inquiries.recaptcha_site_key.inspect %>
 end

data/lib/refinery/inquiries/configuration.rb

@@ -8,7 +8,7 @@ module Refinery
     config_accessor :send_notifications_for_inquiries_marked_as_spam
     config_accessor :from_name
     config_accessor :post_path, :page_path_new, :page_path_thank_you
-    config_accessor :filter_spam
+    config_accessor :filter_spam, :recaptcha_site_key
 
     self.show_contact_privacy_link = true
     self.show_phone_number_field = true
@@ -19,5 +19,10 @@ module Refinery
     self.page_path_new = "/contact"
     self.page_path_thank_you = "/contact/thank_you"
     self.filter_spam = true
+    self.recaptcha_site_key = nil
+
+    def self.filter_spam
+      config.filter_spam && config.recaptcha_site_key.blank?
+    end
   end
 end

data/lib/refinery/inquiries/spam_filter.rb

@@ -0,0 +1,100 @@
+require 'httpclient'
+require 'uri'
+
+module Refinery
+  module Inquiries
+    class SpamFilter
+      def initialize(inquiry, request)
+        @inquiry = inquiry
+        @request = request
+        @params = request.params
+      end
+
+      def call
+        if recaptcha?
+          if recaptcha_validated?
+            @valid = true
+            @inquiry.save
+          else
+            @inquiry.errors.add(:base, ::I18n.t(:captcha_invalid, scope: "refinery.inquiries.spam_filter"))
+          end
+        elsif simple_filter?
+          @inquiry.save
+          @valid = simple_filter_validated?
+        end
+
+        if notify?
+          send_notification_email!
+          send_confirmation_email!
+        end
+      end
+
+      def valid?
+        @valid == true
+      end
+
+      def notify?
+        if valid?
+          if simple_filter?
+            @inquiry.ham? || Inquiries.send_notifications_for_inquiries_marked_as_spam
+          else
+            true
+          end
+        end
+      end
+
+      def recaptcha_validated?
+        return true unless recaptcha?
+        # avoid doing a second request if we already have a result.
+        return @recaptcha_validated unless @recaptcha_validated.nil?
+
+        @recaptcha_validated = recaptcha_success?
+      end
+
+      private
+
+      def recaptcha?
+        Inquiries.recaptcha_site_key.present?
+      end
+
+      GOOGLE_SITEVERIFY_URL = "https://www.google.com/recaptcha/api/siteverify".freeze
+      def recaptcha_success?
+        http = HTTPClient.new
+        response = http.get(
+          GOOGLE_SITEVERIFY_URL,
+          secret: Rails.application.secrets.recaptcha_secret_key,
+          response: @params["g-recaptcha-response"]
+        )
+        JSON.parse(response.body)["success"] == true
+      end
+
+      def simple_filter?
+        Inquiries.filter_spam
+      end
+
+      def simple_filter_validated?
+        return true unless simple_filter?
+
+        @inquiry.ham?
+      end
+
+      def send_notification_email!
+        begin
+          InquiryMailer.notification(@inquiry, @request).deliver_now
+        rescue
+          Rails.logger.warn "There was an error delivering an inquiry notification.\n#{$!}\n"
+        end
+      end
+
+      def send_confirmation_email!
+        if Setting.send_confirmation?
+          begin
+            InquiryMailer.confirmation(@inquiry, @request).deliver_now
+          rescue
+            Rails.logger.warn "There was an error delivering an inquiry confirmation:\n#{$!}\n"
+          end
+        end
+      end
+    end
+  end
+end

data/readme.md

@@ -48,6 +48,29 @@ To do this, include it in your `application.css` manifest file and insert:
 //= require refinery/inquiries/inquiries
 ```
 
+## How do I enable reCAPTCHA support?
+
+Note: enabling this feature disables the built in spam filtering.
+
+Just add your reCAPTCHA "Site key" in `config/initializers/refinery/inquiries.rb`:
+
+```ruby
+config.recaptcha_site_key = "do NOT put your secret key here"
+```
+
+Inside `config/secrets.yml`, the file for application secrets in Rails applications,
+place the secret key:
+
+```yml
+development:
+  recaptcha_secret_key: "This IS your secret key"
+
+production:
+  recaptcha_secret_key: <%= ENV["RECAPTCHA_SECRET_KEY"] %>
+```
+
+Note: This expects you to set your secret key via `ENV` in your production environment.
+
 ## How do I set up email to be sent from GMail, SendGrid or other service?
 
 Inquiries uses `actionmailer` under the hood so you can refer to [Rails Action Mailer guide](http://guides.rubyonrails.org/action_mailer_basics.html). For example to use GMail see [Action Mailer Configuration for GMail](http://guides.rubyonrails.org/action_mailer_basics.html#action-mailer-configuration-for-gmail) guide.
@@ -62,7 +85,7 @@ Go into your 'Inquiries' tab in the Refinery admin area and click on "Edit confi
 
 ## Help! How do I send emails from no-reply@domain.com.au instead of no-reply@com.au?
 
-Simply set the following in config/application.rb:
+Simply set the following in `config/application.rb`:
 
 ```ruby
 config.action_dispatch.tld_length = 2

data/refinerycms-inquiries.gemspec

@@ -1,21 +1,27 @@
 # Encoding: UTF-8
 
 Gem::Specification.new do |s|
-  s.name              = %q{refinerycms-inquiries}
-  s.version           = %q{3.0.1}
-  s.summary           = %q{Inquiry handling functionality for the Refinery CMS project.}
-  s.description       = %q{Inquiry handling functionality extracted from Refinery CMS to allow you to have a contact form and manage inquiries in the Refinery backend.}
-  s.homepage          = %q{http://refinerycms.com}
-  s.email             = %q{info@refinerycms.com}
-  s.authors           = ['Uģis Ozols', 'Philip Arndt', 'Rob Yurkowski']
-  s.require_paths     = %w(lib)
-  s.license           = %q{MIT}
+  s.name            = %q{refinerycms-inquiries}
+  s.version         = %q{3.1.0}
+  s.summary         = %q{Inquiry handling functionality for the Refinery CMS project.}
+  s.description     = %q{Inquiry handling functionality extracted from Refinery CMS to allow you to have a contact form and manage inquiries in the Refinery backend.}
+  s.homepage        = %q{http://refinerycms.com}
+  s.email           = %q{info@refinerycms.com}
+  s.authors         = ['Uģis Ozols', 'Philip Arndt', 'Rob Yurkowski']
+  s.require_paths   = %w(lib)
+  s.license         = %q{MIT}
 
-  s.files             = `git ls-files`.split("\n")
-  s.test_files        = `git ls-files -- spec/*`.split("\n")
+  s.files           = `git ls-files`.split("\n")
+  s.test_files      = `git ls-files -- spec/*`.split("\n")
 
   s.add_dependency  'refinerycms-core',     '~> 3.0.0'
   s.add_dependency  'refinerycms-settings', '~> 3.0.0'
   s.add_dependency  'filters_spam',         '~> 0.2'
   s.add_dependency  'actionmailer',        '~> 4.2.4'
+  s.add_dependency  'httpclient'
+
+  s.cert_chain      = [File.expand_path("../certs/parndt.pem", __FILE__)]
+  if $0 =~ /gem\z/ && ARGV.include?("build") && ARGV.include?(__FILE__)
+    s.signing_key = File.expand_path("~/.ssh/gem-private_key.pem")
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: refinerycms-inquiries
 version: !ruby/object:Gem::Version
-  version: 3.0.1
+  version: 3.1.0
 platform: ruby
 authors:
 - Uģis Ozols
@@ -9,8 +9,30 @@ authors:
 - Rob Yurkowski
 autorequire: 
 bindir: bin
-cert_chain: []
-date: 2016-02-01 00:00:00.000000000 Z
+cert_chain:
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIDhjCCAm6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBNMQ0wCwYDVQQDDARnZW1z
+  MREwDwYKCZImiZPyLGQBGRYBcDEVMBMGCgmSJomT8ixkARkWBWFybmR0MRIwEAYK
+  CZImiZPyLGQBGRYCaW8wHhcNMTYwNjEwMDMwNjQyWhcNMTcwNjEwMDMwNjQyWjBN
+  MQ0wCwYDVQQDDARnZW1zMREwDwYKCZImiZPyLGQBGRYBcDEVMBMGCgmSJomT8ixk
+  ARkWBWFybmR0MRIwEAYKCZImiZPyLGQBGRYCaW8wggEiMA0GCSqGSIb3DQEBAQUA
+  A4IBDwAwggEKAoIBAQDMLLiiRX/NrRDQxcNO/bPNe51IhKeyACDjTTx0VGCG696t
+  qdD23FjUrAYuQTW5P7Auh9qdcCnvPHJSwf31m+EGTshy/hcNYz2k/mrbwAfdytv3
+  GAR+sFnMYtWvVQNeHBWXIaYMiSDP0WtbT6QqQx3SuA6ZpXNXD1dbm64MzHgMHqXP
+  uHnLf2s0VCnTLorPH2J6CO5Y+Sx+IBqJi9/nO2oEEIXQCQRLgRevHk+TovDisW5V
+  OMEPX7fo29R5J2T7mjkNLGJ5Ae1KiU9A60LsMco37HMWE8DM90pg1ues5tg6MfJT
+  yuX4N0rJWdIC5ciHDsyJ4pi21s8fdUulk0YmJALDAgMBAAGjcTBvMAkGA1UdEwQC
+  MAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQWBBSqXg48+kmcdOxIrkZhhgSV1flD1jAa
+  BgNVHREEEzARgQ9nZW1zQHAuYXJuZHQuaW8wGgYDVR0SBBMwEYEPZ2Vtc0BwLmFy
+  bmR0LmlvMA0GCSqGSIb3DQEBBQUAA4IBAQBSSS4nOXpPPMdAK4ApGHxbzS+/u77p
+  V8gLBJX4hKMpbMNmdI+n6YsqvG6kMljgYBamucfrAkKdmHWn9ydST3o8RQAcYxS8
+  bz49gD3c4Nm4P6eEVKFmebO9/MoiM7rMb0lk/xH1drtey/9ulohrg8Dz+BoQJ+9T
+  m2lJzojOU7w461lPVZtKlDlseu68KvEQ2AdUBBa1b6w3S/EFkcdhErOT7dyQpePI
+  +wsbjPvdIWsjWQMn6MasZYIVTnenwP2jg+z9HSNxW0NL2vZx8VabpsWGWfrb+koj
+  rE1h12GTgwaC3r9FOkdnSpClgPYAzTTCJ8kD74qO2zC9pGegrUXdWFM6
+  -----END CERTIFICATE-----
+date: 2016-12-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: refinerycms-core
@@ -68,6 +90,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 4.2.4
+- !ruby/object:Gem::Dependency
+  name: httpclient
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Inquiry handling functionality extracted from Refinery CMS to allow you
   to have a contact form and manage inquiries in the Refinery backend.
 email: info@refinerycms.com
@@ -103,6 +139,7 @@ files:
 - bin/rake
 - bin/rspec
 - bin/spring
+- certs/parndt.pem
 - config/locales/bg.yml
 - config/locales/cs.yml
 - config/locales/da.yml
@@ -132,6 +169,7 @@ files:
 - lib/refinery/inquiries.rb
 - lib/refinery/inquiries/configuration.rb
 - lib/refinery/inquiries/engine.rb
+- lib/refinery/inquiries/spam_filter.rb
 - lib/refinerycms-inquiries.rb
 - license.md
 - readme.md
@@ -164,7 +202,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.5.2
 signing_key: 
 specification_version: 4
 summary: Inquiry handling functionality for the Refinery CMS project.