Merge pull request #1713 from sharelatex/ns-captchas-two

turn off captchas for project invite GitOrigin-RevId: 3e044ba8c6bb2ffb77ea4486f7b51a587133839c
2024-11-07 20:31:06 -05:00 · 2019-04-16 14:36:24 -04:00 · 2019-04-16 14:36:24 -04:00 · bec56ccafa
commit bec56ccafa
parent 1078688895
6 changed files with 39 additions and 27 deletions
--- a/services/web/app/coffee/Features/Captcha/CaptchaMiddleware.coffee
+++ b/services/web/app/coffee/Features/Captcha/CaptchaMiddleware.coffee
@ -3,21 +3,26 @@ logger = require 'logger-sharelatex'
 Settings = require 'settings-sharelatex'

 module.exports = CaptchaMiddleware =
-	validateCaptcha: (req, res, next) ->
-		if !Settings.recaptcha?
-			return next()
-		response = req.body['g-recaptcha-response']
-		options =
-			form:
-				secret: Settings.recaptcha.secretKey
-				response: response
-			json: true
-		request.post "https://www.google.com/recaptcha/api/siteverify", options, (error, response, body) ->
-			return next(error) if error?
-			if !body?.success
-				logger.warn {statusCode: response.statusCode, body: body}, 'failed recaptcha siteverify request'
-				return res.status(400).send({errorReason:"cannot_verify_user_not_robot", message:
-					{text:"Sorry, we could not verify that you are not a robot. Please check that Google reCAPTCHA is not being blocked by an ad blocker or firewall."}
-				})
-			else
+	validateCaptcha: (action) ->
+		return (req, res, next) ->
+			if !Settings.recaptcha?.siteKey?
 				return next()
+			inviteAndCaptchaDisabled = action == 'invite' and Settings.recaptcha.disabled.invite
+			registerAndCaptchaDisabled = action == 'register' and Settings.recaptcha.disabled.register
+			if inviteAndCaptchaDisabled or registerAndCaptchaDisabled
+				return next()
+			response = req.body['g-recaptcha-response']
+			options =
+				form:
+					secret: Settings.recaptcha.secretKey
+					response: response
+				json: true
+			request.post "https://www.google.com/recaptcha/api/siteverify", options, (error, response, body) ->
+				return next(error) if error?
+				if !body?.success
+					logger.warn {statusCode: response.statusCode, body: body}, 'failed recaptcha siteverify request'
+					return res.status(400).send({errorReason:"cannot_verify_user_not_robot", message:
+						{text:"Sorry, we could not verify that you are not a robot. Please check that Google reCAPTCHA is not being blocked by an ad blocker or firewall."}
+					})
+				else
+					return next()
--- a/services/web/app/coffee/Features/Collaborators/CollaboratorsRouter.coffee
+++ b/services/web/app/coffee/Features/Collaborators/CollaboratorsRouter.coffee
@ -33,7 +33,7 @@ module.exports =
 				maxRequests: 100
 				timeInterval: 60 * 10
 			}),
-			CaptchaMiddleware.validateCaptcha,
+			CaptchaMiddleware.validateCaptcha('invite'),
 			AuthenticationController.requireLogin(),
 			AuthorizationMiddleware.ensureUserCanAdminProject,
 			CollaboratorsInviteController.inviteToProject
--- a/services/web/app/coffee/infrastructure/ExpressLocals.coffee
+++ b/services/web/app/coffee/infrastructure/ExpressLocals.coffee
@ -374,4 +374,5 @@ module.exports = (app, webRouter, privateApiRouter, publicApiRouter)->
 			appName: Settings.appName
 			siteUrl: Settings.siteUrl
 			recaptchaSiteKeyV3: Settings.recaptcha?.siteKeyV3
+			recaptchaDisabled: Settings.recaptcha?.disabled
 		next()
--- a/services/web/config/settings.defaults.coffee
+++ b/services/web/config/settings.defaults.coffee
@ -422,6 +422,11 @@ module.exports = settings =
 		# Example:
 		#   header_extras: [{text: "Some Page", url: "http://example.com/some/page", class: "subdued"}]

+	recaptcha:
+		disabled:
+			invite: true
+			register: false
+
 	customisation: {}

 #	templates: [{
--- a/services/web/public/src/ide/share/controllers/ShareProjectModalController.js
+++ b/services/web/public/src/ide/share/controllers/ShareProjectModalController.js
@ -164,6 +164,7 @@ define(['base'], App =>
          // do v3 captcha to collect data only
          validateCaptchaV3('invite')
          // do v2 captcha
+          const ExposedSettings = window.ExposedSettings
          return validateCaptcha(function(response) {
            let inviteId, request
            $scope.grecaptchaResponse = response
@ -231,7 +232,7 @@ define(['base'], App =>
                  return ($scope.state.errorReason = null)
                }
              })
-          })
+          }, ExposedSettings.recaptchaDisabled.invite)
        })()
      }

--- a/services/web/public/src/services/validateCaptcha.js
+++ b/services/web/public/src/services/validateCaptcha.js
@ -1,5 +1,4 @@
 /* eslint-disable
-    max-len,
    no-return-assign,
    no-undef,
 */
@ -7,27 +6,28 @@
 // Fix any style issues and re-enable lint.
 /*
 * decaffeinate suggestions:
- * DS101: Remove unnecessary use of Array.from
 * DS102: Remove unnecessary code created because of implicit returns
- * DS207: Consider shorter variations of null checks
- * Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md
 */
 define(['base'], App =>
  App.factory('validateCaptcha', function() {
    let _recaptchaCallbacks = []
    const onRecaptchaSubmit = function(token) {
-      for (let cb of Array.from(_recaptchaCallbacks)) {
+      for (let cb of _recaptchaCallbacks) {
        cb(token)
      }
-      return (_recaptchaCallbacks = [])
+      _recaptchaCallbacks = []
    }

    let recaptchaId = null
-    const validateCaptcha = callback => {
+    const validateCaptcha = (callback, captchaDisabled) => {
      if (callback == null) {
        callback = function(response) {}
      }
-      if (typeof grecaptcha === 'undefined' || grecaptcha === null) {
+      if (
+        typeof grecaptcha === 'undefined' ||
+        grecaptcha === null ||
+        captchaDisabled
+      ) {
        return callback()
      }
      const reset = () => grecaptcha.reset()