Merge pull request #8004 from opf/fix/32177/disable-recaptcha-for-admins

[32177] Disable recaptcha for admins
5 years ago · f394ec1e7e
parent eabf4f90e0 e52989ec97
commit f394ec1e7e
2 changed files with 20 additions and 0 deletions
--- a/modules/recaptcha/app/controllers/recaptcha/request_controller.rb
+++ b/modules/recaptcha/app/controllers/recaptcha/request_controller.rb
@ -14,6 +14,9 @@ module ::Recaptcha
    # Require authenticated user from the core to be present
    before_action :require_authenticated_user

+    # Skip if user is admin
+    before_action :skip_if_admin
+
    # Skip if user has confirmed already
    before_action :skip_if_user_verified

@ -90,6 +93,12 @@ module ::Recaptcha
      end
    end

+    def skip_if_admin
+      if @authenticated_user&.admin?
+        complete_stage_redirect
+      end
+    end
+
    def skip_if_user_verified
      if ::Recaptcha::Entry.where(user_id: @authenticated_user.id).exists?
        Rails.logger.debug { "User #{@authenticated_user.id} already provided recaptcha. Skipping. " }
--- a/modules/recaptcha/spec/controllers/request_controller_spec.rb
+++ b/modules/recaptcha/spec/controllers/request_controller_spec.rb
@ -27,6 +27,17 @@ describe ::Recaptcha::RequestController, type: :controller do
      get :perform
      expect(response).to redirect_to stage_success_path(stage: :recaptcha, secret: 'asdf')
    end
+
+    context 'if the user is an admin' do
+      let(:user) { FactoryBot.create :admin }
+
+      it 'skips the verification' do
+        expect(controller).not_to receive(:perform)
+
+        get :perform
+        expect(response).to redirect_to stage_success_path(stage: :recaptcha, secret: 'asdf')
+      end
+    end
  end

  describe 'verify' do