From a19007eba919017445625562ab19534b7b285c76 Mon Sep 17 00:00:00 2001 From: Bryan Date: Tue, 25 Feb 2014 00:53:16 -0500 Subject: [PATCH] honeypot working for #210 and cleaned up the form error handling. --- karmaworld/apps/courses/forms.py | 25 ++++++++++++++ karmaworld/apps/courses/views.py | 17 +++------ karmaworld/settings/common.py | 2 +- karmaworld/templates/partial/add_course.html | 36 ++++++++++---------- 4 files changed, 48 insertions(+), 32 deletions(-) diff --git a/karmaworld/apps/courses/forms.py b/karmaworld/apps/courses/forms.py index bde2cfc..35f3a6c 100644 --- a/karmaworld/apps/courses/forms.py +++ b/karmaworld/apps/courses/forms.py @@ -2,13 +2,38 @@ # -*- coding:utf8 -*- # Copyright (C) 2012 FinalsClub Foundation +from django.conf import settings from django.forms import ModelForm +from django.forms import CharField from karmaworld.apps.courses.models import Course class CourseForm(ModelForm): + + def __init__(self, *args, **kwargs): + """ Add a dynamically named field. """ + super(CourseForm, self).__init__(*args, **kwargs) + self.fields[settings.HONEYPOT_FIELD_NAME] = CharField(required=False) + class Meta: model = Course fields = ('name', 'school', 'url', 'instructor_name', \ 'instructor_email') + def clean(self, *args, **kwargs): + """ Additional form validation. """ + + # Call ModelFormMixin or whoever normally cleans house. + cleaned_data = super(CourseForm, self).clean(*args, **kwargs) + + # parts of this code borrow from + # https://github.com/sunlightlabs/django-honeypot + hfn = settings.HONEYPOT_FIELD_NAME + formhoneypot = cleaned_data.get(hfn, None) + if formhoneypot and (formhoneypot != settings.HONEYPOT_VALUE): + # Highlight a failure to follow instructions. + # When the template dynamically generates the form, replace + # 'honeypot' with hfn + self._errors['honeypot'] = [u'You did not follow directions.'] + del cleaned_data[hfn] + return cleaned_data diff --git a/karmaworld/apps/courses/views.py b/karmaworld/apps/courses/views.py index 91a0577..332bd7c 100644 --- a/karmaworld/apps/courses/views.py +++ b/karmaworld/apps/courses/views.py @@ -60,25 +60,16 @@ class CourseListView(ListView, ModelFormMixin, ProcessFormView): """ On success, return url based on urls.py definition. """ return self.object.get_absolute_url() - def clean(self, *args, **kwargs): - """ Additional form validation. """ - # Call ModelFormMixin or whoever normally cleans house. - cleaned_data = super(CourseListView, self).clean(*args, **kwargs) - # parts of this code borrow from - # https://github.com/sunlightlabs/django-honeypot - formhoneypot = cleaned_data.get(settings.HONEYPOT_FIELD_NAME, None) - if formhoneypot and (formhoneypot != settings.HONEYPOT_VALUE): - # Highlight a failure to follow instructions. - self._errors['honeypot'] = 'You did not follow directions.' - del cleaned_data[hfn] - return cleaned_data - def form_invalid(self, form, **kwargs): """ override form_invalid to populate object_list on redirect """ kwargs['is_error'] = True kwargs['course_form'] = form self.object_list = self.get_queryset() kwargs['object_list'] = self.object_list + # hard code errors for the dynamically named honeypot field. + # This bit will not be necessary when the form is dynamically + # generated by Django rather than hard coded in the template. + kwargs['honeypot_errors'] = [x for x in form.errors['honeypot']] return self.render_to_response(self.get_context_data(**kwargs)) diff --git a/karmaworld/settings/common.py b/karmaworld/settings/common.py index 506ccf9..440dd2a 100644 --- a/karmaworld/settings/common.py +++ b/karmaworld/settings/common.py @@ -375,7 +375,7 @@ TAGGIT_STOPWORDS = [u'a', u'an', u'and', u'be', u'from', u'of'] ########## HONEYPOT CONFIGURATION # parts of this code borrow from # https://github.com/sunlightlabs/django-honeypot -HONEYPOT_FIELD_NAME = "settings_field_name" +HONEYPOT_FIELD_NAME = "instruction_url" # see that "_url"? bots gotta want that. HONEYPOT_VALUE = "" ########## END HONEYPOT CONFIGURATION diff --git a/karmaworld/templates/partial/add_course.html b/karmaworld/templates/partial/add_course.html index 693a563..47af638 100644 --- a/karmaworld/templates/partial/add_course.html +++ b/karmaworld/templates/partial/add_course.html @@ -13,23 +13,23 @@
{% csrf_token %} - {% if course_form.non_field_errors %} + {% for error in course_form.non_field_errors %}
- {{ course_form.non_field_errors }} + {{ error }}
- {% endif %} + {% endfor %}
School - {% if course_form.school.errors %} + {% for error in course_form.school.errors %} - Please select a school from the drop-down + {{ error }} - {% endif %} + {% endfor %}
@@ -54,11 +54,11 @@
Do not fill in this field: - {% if course_form.honeypot.errors %} + {% for error in honeypot_errors %} - {{ course_form.honeypot.errors }} + {{ error }} - {% endif %} + {% endfor %}
@@ -68,11 +68,11 @@
Instructor Name: - {% if course_form.instructor_name.errors %} + {% for error in course_form.instructor_name.errors %} - {{ course_form.instructor_name.errors }} + {{ error }} - {% endif %} + {% endfor %}
@@ -80,11 +80,11 @@
Instructor Email: - {% if course_form.instructor_email.errors %} + {% for error in course_form.instructor_email.errors %} - {{ course_form.instructor_email.errors }} + {{ error }} - {% endif %} + {% endfor %}
@@ -93,11 +93,11 @@
Course url: - {% if course_form.url.errors %} + {% for error in course_form.url.errors %} - {{ course_form.url.errors }} + {{ error }} - {% endif %} + {% endfor %}
-- 2.25.1