Commit a4a11b41 authored by Sean McGivern's avatar Sean McGivern

Merge branch 'sh-recaptcha-fix-try2' into 'master'

Make sure reCAPTCHA configuration is loaded when spam checks are initiated

Closes #33532

See merge request !12080
parents c61c3a08 a7e82cbd
...@@ -17,10 +17,18 @@ module SpammableActions ...@@ -17,10 +17,18 @@ module SpammableActions
private private
def ensure_spam_config_loaded!
return @spam_config_loaded if defined?(@spam_config_loaded)
@spam_config_loaded = Gitlab::Recaptcha.load_configurations!
end
def recaptcha_check_with_fallback(&fallback) def recaptcha_check_with_fallback(&fallback)
if spammable.valid? if spammable.valid?
redirect_to spammable redirect_to spammable
elsif render_recaptcha? elsif render_recaptcha?
ensure_spam_config_loaded!
if params[:recaptcha_verification] if params[:recaptcha_verification]
flash[:alert] = 'There was an error with the reCAPTCHA. Please solve the reCAPTCHA again.' flash[:alert] = 'There was an error with the reCAPTCHA. Please solve the reCAPTCHA again.'
end end
...@@ -35,7 +43,7 @@ module SpammableActions ...@@ -35,7 +43,7 @@ module SpammableActions
default_params = { request: request } default_params = { request: request }
recaptcha_check = params[:recaptcha_verification] && recaptcha_check = params[:recaptcha_verification] &&
Gitlab::Recaptcha.load_configurations! && ensure_spam_config_loaded! &&
verify_recaptcha verify_recaptcha
return default_params unless recaptcha_check return default_params unless recaptcha_check
......
---
title: Make sure reCAPTCHA configuration is loaded when spam checks are initiated
merge_request:
author:
...@@ -260,6 +260,7 @@ describe Projects::IssuesController do ...@@ -260,6 +260,7 @@ describe Projects::IssuesController do
before { allow_any_instance_of(described_class).to receive(:verify_recaptcha).and_return(false) } before { allow_any_instance_of(described_class).to receive(:verify_recaptcha).and_return(false) }
it 'rejects an issue recognized as a spam' do it 'rejects an issue recognized as a spam' do
expect(Gitlab::Recaptcha).to receive(:load_configurations!).and_return(true)
expect { update_spam_issue }.not_to change{ issue.reload.title } expect { update_spam_issue }.not_to change{ issue.reload.title }
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment