Commit 8d2927f7 authored by Rémy Coutable's avatar Rémy Coutable

Merge branch 'nicolasdular/use-recaptcha-on-signup' into 'master'

Enable reCAPTCHA check on sign up

See merge request gitlab-org/gitlab!24274
parents 393801b7 f739e427
......@@ -139,7 +139,6 @@ class RegistrationsController < Devise::RegistrationsController
ensure_correct_params!
return unless Feature.enabled?(:registrations_recaptcha, default_enabled: true) # reCAPTCHA on the UI will still display however
return if experiment_enabled?(:signup_flow) # when the experimental signup flow is enabled for the current user, disable the reCAPTCHA check
return unless show_recaptcha_sign_up?
return unless Gitlab::Recaptcha.load_configurations!
......
---
title: Enable recaptcha check on sign up
merge_request: 24274
author:
type: fixed
......@@ -360,7 +360,7 @@ shared_examples 'Signup' do
InvisibleCaptcha.timestamp_enabled = true
stub_application_setting(recaptcha_enabled: true)
allow_next_instance_of(RegistrationsController) do |instance|
allow(instance).to receive(:verify_recaptcha).and_return(false)
allow(instance).to receive(:verify_recaptcha).and_return(true)
end
end
......@@ -368,6 +368,13 @@ shared_examples 'Signup' do
InvisibleCaptcha.timestamp_enabled = false
end
context 'when reCAPTCHA detects malicious behaviour' do
before do
allow_next_instance_of(RegistrationsController) do |instance|
allow(instance).to receive(:verify_recaptcha).and_return(false)
end
end
it 'prevents from signing up' do
visit new_user_registration_path
......@@ -385,11 +392,29 @@ shared_examples 'Signup' do
fill_in 'new_user_password', with: new_user.password
expect { click_button 'Register' }.not_to change { User.count }
expect(page).to have_content('There was an error with the reCAPTCHA. Please solve the reCAPTCHA again.')
end
end
context 'when invisible captcha detects malicious behaviour' do
it 'prevents from signing up' do
visit new_user_registration_path
fill_in 'new_user_username', with: new_user.username
fill_in 'new_user_email', with: new_user.email
if Gitlab::Experimentation.enabled?(:signup_flow)
expect(page).to have_content('That was a bit too quick! Please resubmit.')
fill_in 'new_user_first_name', with: new_user.first_name
fill_in 'new_user_last_name', with: new_user.last_name
else
expect(page).to have_content('There was an error with the reCAPTCHA. Please solve the reCAPTCHA again.')
fill_in 'new_user_name', with: new_user.name
fill_in 'new_user_email_confirmation', with: new_user.email
end
fill_in 'new_user_password', with: new_user.password
expect { click_button 'Register' }.not_to change { User.count }
expect(page).to have_content('That was a bit too quick! Please resubmit.')
end
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment