Add CAPTCHA to submission form

This should prevent spamming even though this is less likely with this
kind of site.

The CAPTCHA does not show when editing, only submitting, and is also not
shown for authenticated users.

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>

README

@@ -29,6 +29,7 @@ In order to make use of this application you will need:
 * django-registration
 * django-reversion
 * django-reversion-compare
+* django-simple-captcha
 
 Setup instructions:
 

TODO

@@ -9,8 +9,6 @@ TODO:
 * Breadcrumbs / fix tab navigation?
 * Need an admin contact in footer
 * Show recipes from non-software/base layers differently in recipes list
-* Submit layer form fixes:
- * Captcha
 
 Later:
 * Usage links in list page?

layerindex/editlayer.html

@@ -45,6 +45,7 @@
 
     <div class="formfields">
         {% for field in form.visible_fields %}
+            {% if field.name != 'captcha' %}
             {% if field.errors %}
             <div class="control-group alert alert-error">
             {{ field.errors }}
@@ -92,6 +93,7 @@
                     </span>
                 </div>
             </div>
+            {% endif %}
         {% endfor %}
     </div>
     <h3 id="maintainers">Maintainers</h3>
@@ -115,16 +117,39 @@
                         <div class="control-label">
                             {{ field.label_tag }}
                         </div>
+                        <div class="controls">
                             {{ field }}
                             <span class="help-inline custom-help">
                                 {{ field.help_text }}
                             </span>
                         </div>
+                    </div>
                 {% endfor %}
             </div>
         </div>
     {% endfor %}
     <p><a href="#" class="btn btn-small" id="addanothermaintainer"><i class="icon-plus"></i>Add maintainer</a><p>
+
+
+    {% if form.captcha %}
+        <div class="captchafield">
+            <h3>Verification</h3>
+            {% if form.captcha.errors %}
+            <div class="control-group alert alert-error">
+            {{ form.captcha.errors }}
+            {% else %}
+            <div class="control-group">
+            {% endif %}
+                <div class="controls">
+                    {{ form.captcha }}
+                    <span class="help-inline custom-help">
+                        {{ form.captcha.help_text }}
+                    </span>
+                </div>
+            </div>
+        </div>
+    {% endif %}
+
 <div class="submitbuttons">
 {% block submitbuttons %}
 <input type="submit" value="Save layer" class="btn btn-primary btn-large" />

layerindex/forms.py

@@ -8,6 +8,7 @@ from layerindex.models import LayerItem, LayerMaintainer, LayerNote
 from django import forms
 from django.core.validators import URLValidator, RegexValidator, email_re
 from django.forms.models import inlineformset_factory
+from captcha.fields import CaptchaField
 import re
 
 
@@ -46,17 +47,21 @@ LayerMaintainerFormSet = inlineformset_factory(LayerItem, LayerMaintainer, form=
 class SubmitLayerForm(forms.ModelForm):
     # Additional form fields
     deps = forms.ModelMultipleChoiceField(label='Other layers this layer depends upon', queryset=LayerItem.objects.all(), required=False)
+    captcha = CaptchaField(label='Verification', help_text='Please enter the letters displayed for verification purposes', error_messages={'invalid':'Incorrect entry, please try again'})
 
     class Meta:
         model = LayerItem
         fields = ('name', 'layer_type', 'summary', 'description', 'vcs_url', 'vcs_subdir', 'vcs_web_url', 'vcs_web_tree_base_url', 'vcs_web_file_base_url', 'usage_url', 'mailing_list_url')
 
-    def __init__(self, *args, **kwargs):
+    def __init__(self, user, *args, **kwargs):
         super(self.__class__, self).__init__(*args, **kwargs)
         if self.instance.pk:
             self.fields['deps'].initial = [d.dependency.pk for d in self.instance.dependencies_set.all()]
+            del self.fields['captcha']
         else:
             self.fields['deps'].initial = [l.pk for l in LayerItem.objects.filter(name='openembedded-core')]
+            if user.is_authenticated():
+                del self.fields['captcha']
         self.was_saved = False
 
     def checked_deps(self):

layerindex/static/css/additional.css

@@ -115,6 +115,16 @@ padding: 8px;
     padding-right: 3px;
 }
 
+.captchafield {
+    padding-top: 1em;
+    padding-bottom: 1em;
+}
+
+.captcha {
+    padding-right: 10px;
+    padding-bottom: 10px;
+}
+
 .submitbuttons {
     margin-top: 2em;
     padding-top: 1em;

layerindex/views.py

@@ -88,7 +88,7 @@ def edit_layer_view(request, template_name, slug=None):
         layeritem = LayerItem()
 
     if request.method == 'POST':
-        form = SubmitLayerForm(request.POST, instance=layeritem)
+        form = SubmitLayerForm(request.user, request.POST, instance=layeritem)
         maintainerformset = LayerMaintainerFormSet(request.POST, instance=layeritem)
         if form.is_valid() and maintainerformset.is_valid():
             with transaction.commit_on_success():
@@ -132,7 +132,7 @@ def edit_layer_view(request, template_name, slug=None):
                     return HttpResponseRedirect(reverse('submit_layer_thanks'))
             form.was_saved = True
     else:
-        form = SubmitLayerForm(instance=layeritem)
+        form = SubmitLayerForm(request.user, instance=layeritem)
         maintainerformset = LayerMaintainerFormSet(instance=layeritem)
 
     return render(request, template_name, {

settings.py

@@ -140,7 +140,8 @@ INSTALLED_APPS = (
     'layerindex',
     'registration',
     'reversion',
-    'reversion_compare'
+    'reversion_compare',
+    'captcha'
 )
 
 # A sample logging configuration. The only tangible logging

urls.py

@@ -14,5 +14,6 @@ urlpatterns = patterns('',
     url(r'^layerindex/', include('layerindex.urls')),
     url(r'^admin/', include(admin.site.urls)),
     url(r'^accounts/', include('registration.urls')),
+    url(r'^captcha/', include('captcha.urls')),
 )