Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
erp5
Commits
bdfc4512
Commit
bdfc4512
authored
Oct 17, 2018
by
Xiaowu Zhang
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
prodcut/ERP5Form: add HoneypotField to prevent unexpected submit value
parent
95509493
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
122 additions
and
0 deletions
+122
-0
product/ERP5Form/HoneypotField.py
product/ERP5Form/HoneypotField.py
+50
-0
product/ERP5Form/__init__.py
product/ERP5Form/__init__.py
+3
-0
product/ERP5Form/tests/testHoneypotField.py
product/ERP5Form/tests/testHoneypotField.py
+69
-0
No files found.
product/ERP5Form/HoneypotField.py
0 → 100644
View file @
bdfc4512
from
Products.Formulator.Field
import
ZMIField
from
Products.Formulator
import
Widget
from
Products.Formulator.DummyField
import
fields
from
Products.Formulator
import
Validator
class
HoneypotWidget
(
Widget
.
Widget
):
"""Honeypot widget
"""
property_names
=
Widget
.
Widget
.
property_names
+
\
[
'extra'
]
default
=
Widget
.
TextWidget
.
default
def
render
(
self
,
field
,
key
,
value
,
REQUEST
,
render_prefix
=
None
):
"""Honey pot input field.
"""
return
Widget
.
render_element
(
"input"
,
type
=
'text'
,
name
=
key
,
css_class
=
field
.
get_value
(
'css_class'
),
value
=
value
,
extra
=
field
.
get_value
(
'extra'
))
def
render_view
(
self
,
field
,
value
,
REQUEST
=
None
,
render_prefix
=
None
,
key
=
None
):
return
self
.
render
(
field
,
key
,
value
,
REQUEST
,
render_prefix
)
HoneypotWidgetInstance
=
HoneypotWidget
()
class
HoneypotValidator
(
Validator
.
Validator
):
"""Simple honeypot validator.
"""
property_names
=
Validator
.
Validator
.
property_names
message_names
=
Validator
.
Validator
.
message_names
+
[
'unexpected_value'
]
unexpected_value
=
'Unexpected value'
def
validate
(
self
,
field
,
key
,
REQUEST
):
value
=
REQUEST
.
get
(
key
,
None
)
if
value
is
None
or
value
!=
''
:
#this field is not sent or sent with value
self
.
raise_error
(
'unexpected_value'
,
field
)
return
value
HoneypotValidatorInstance
=
HoneypotValidator
()
class
HoneypotField
(
ZMIField
):
#Field to stop auto bot submit
#https://nedbatchelder.com/text/stopbots.html
meta_type
=
"HoneypotField"
widget
=
HoneypotWidgetInstance
validator
=
HoneypotValidatorInstance
product/ERP5Form/__init__.py
View file @
bdfc4512
...
...
@@ -166,6 +166,9 @@ def initialize( context ):
import
GadgetField
FieldRegistry
.
registerField
(
GadgetField
.
GadgetField
,
'www/StringField.gif'
)
import
HoneypotField
FieldRegistry
.
registerField
(
HoneypotField
.
HoneypotField
,
'www/StringField.gif'
)
# register help for the product
context
.
registerHelp
()
...
...
product/ERP5Form/tests/testHoneypotField.py
0 → 100644
View file @
bdfc4512
# -*- coding: utf-8 -*-
##############################################################################
#
# Copyright (c) 2007 Nexedi SARL and Contributors. All Rights Reserved.
# Jerome Perrin <jerome@nexedi.com>
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsability of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# garantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
# TODO: Some tests from this file can be merged into Formulator
from
Products.ERP5Type.tests.ERP5TypeTestCase
import
ERP5TypeTestCase
import
unittest
from
Products.Formulator.Validator
import
ValidationError
from
Products.ERP5Form
import
HoneypotField
from
Products.Formulator.StandardFields
import
FloatField
class
TestHoneypotField
(
ERP5TypeTestCase
):
"""Tests Honeypot field
"""
def
getTitle
(
self
):
return
"Honeypot Field"
def
afterSetUp
(
self
):
self
.
field
=
HoneypotField
.
HoneypotField
(
'test_field'
)
self
.
widget
=
self
.
field
.
widget
self
.
validator
=
self
.
field
.
validator
def
test_raise_error_when_no_value_submit
(
self
):
self
.
assertRaises
(
ValidationError
,
self
.
validator
.
validate
,
self
.
field
,
'field_test_field'
,
self
.
portal
.
REQUEST
)
def
test_raise_error_when_not_empty_value_submit
(
self
):
self
.
portal
.
REQUEST
.
set
(
'field_test_field'
,
'test'
)
self
.
assertRaises
(
ValidationError
,
self
.
validator
.
validate
,
self
.
field
,
'field_test_field'
,
self
.
portal
.
REQUEST
)
def
test_ok_when_empty_value_submit
(
self
):
self
.
portal
.
REQUEST
.
set
(
'field_test_field'
,
''
)
self
.
assertEqual
(
''
,
self
.
validator
.
validate
(
self
.
field
,
'field_test_field'
,
self
.
portal
.
REQUEST
))
def
test_suite
():
suite
=
unittest
.
TestSuite
()
suite
.
addTest
(
unittest
.
makeSuite
(
TestHoneypotField
))
return
suite
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment