Commit 2bde9de6 authored by Nick Thomas's avatar Nick Thomas

Merge branch 'reg-captcha-flag' into 'master'

Add :registrations_recaptcha feature flag

Closes gitlab-ee#11389

See merge request gitlab-org/gitlab-ce!28296
parents 542b2a7e 9d367684
...@@ -4,6 +4,7 @@ class RegistrationsController < Devise::RegistrationsController ...@@ -4,6 +4,7 @@ class RegistrationsController < Devise::RegistrationsController
include Recaptcha::Verify include Recaptcha::Verify
include AcceptsPendingInvitations include AcceptsPendingInvitations
prepend_before_action :check_captcha, only: :create
before_action :whitelist_query_limiting, only: [:destroy] before_action :whitelist_query_limiting, only: [:destroy]
before_action :ensure_terms_accepted, before_action :ensure_terms_accepted,
if: -> { Gitlab::CurrentSettings.current_application_settings.enforce_terms? }, if: -> { Gitlab::CurrentSettings.current_application_settings.enforce_terms? },
...@@ -21,16 +22,11 @@ class RegistrationsController < Devise::RegistrationsController ...@@ -21,16 +22,11 @@ class RegistrationsController < Devise::RegistrationsController
params[resource_name] = params.delete(:"new_#{resource_name}") params[resource_name] = params.delete(:"new_#{resource_name}")
end end
if !Gitlab::Recaptcha.load_configurations! || verify_recaptcha
accept_pending_invitations accept_pending_invitations
super do |new_user| super do |new_user|
persist_accepted_terms_if_required(new_user) persist_accepted_terms_if_required(new_user)
end end
else
flash[:alert] = s_('Profiles|There was an error with the reCAPTCHA. Please solve the reCAPTCHA again.')
flash.delete :recaptcha_error
render action: 'new'
end
rescue Gitlab::Access::AccessDeniedError rescue Gitlab::Access::AccessDeniedError
redirect_to(new_user_session_path) redirect_to(new_user_session_path)
end end
...@@ -89,6 +85,17 @@ class RegistrationsController < Devise::RegistrationsController ...@@ -89,6 +85,17 @@ class RegistrationsController < Devise::RegistrationsController
private private
def check_captcha
return unless Feature.enabled?(:registrations_recaptcha, default_enabled: true)
return unless Gitlab::Recaptcha.load_configurations!
return if verify_recaptcha
flash[:alert] = _('There was an error with the reCAPTCHA. Please solve the reCAPTCHA again.')
flash.delete :recaptcha_error
render action: 'new'
end
def sign_up_params def sign_up_params
params.require(:user).permit(:username, :email, :email_confirmation, :name, :password) params.require(:user).permit(:username, :email, :email_confirmation, :name, :password)
end end
......
...@@ -7280,9 +7280,6 @@ msgstr "" ...@@ -7280,9 +7280,6 @@ msgstr ""
msgid "Profiles|The maximum file size allowed is 200KB." msgid "Profiles|The maximum file size allowed is 200KB."
msgstr "" msgstr ""
msgid "Profiles|There was an error with the reCAPTCHA. Please solve the reCAPTCHA again."
msgstr ""
msgid "Profiles|This doesn't look like a public SSH key, are you sure you want to add it?" msgid "Profiles|This doesn't look like a public SSH key, are you sure you want to add it?"
msgstr "" msgstr ""
......
...@@ -46,13 +46,17 @@ describe RegistrationsController do ...@@ -46,13 +46,17 @@ describe RegistrationsController do
end end
context 'when reCAPTCHA is enabled' do context 'when reCAPTCHA is enabled' do
def fail_recaptcha
# Without this, `verify_recaptcha` arbitrarily returns true in test env
Recaptcha.configuration.skip_verify_env.delete('test')
end
before do before do
stub_application_setting(recaptcha_enabled: true) stub_application_setting(recaptcha_enabled: true)
end end
it 'displays an error when the reCAPTCHA is not solved' do it 'displays an error when the reCAPTCHA is not solved' do
# Without this, `verify_recaptcha` arbitrarily returns true in test env fail_recaptcha
Recaptcha.configuration.skip_verify_env.delete('test')
post(:create, params: user_params) post(:create, params: user_params)
...@@ -70,6 +74,17 @@ describe RegistrationsController do ...@@ -70,6 +74,17 @@ describe RegistrationsController do
expect(flash[:notice]).to include 'Welcome! You have signed up successfully.' expect(flash[:notice]).to include 'Welcome! You have signed up successfully.'
end end
it 'does not require reCAPTCHA if disabled by feature flag' do
stub_feature_flags(registrations_recaptcha: false)
fail_recaptcha
post(:create, params: user_params)
expect(controller).not_to receive(:verify_recaptcha)
expect(flash[:alert]).to be_nil
expect(flash[:notice]).to include 'Welcome! You have signed up successfully.'
end
end end
context 'when terms are enforced' do context 'when terms are enforced' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment