1b493c9fee
Fixes #1649 This requires setting `HCAPTCHA_SECRET_KEY` and `HCAPTCHA_SITE_KEY`, then enabling the admin setting at `/admin/settings/edit#form_admin_settings_captcha_enabled` Subsequently, a hCaptcha widget will be displayed on `/about` and `/auth/sign_up` unless: - the user is already signed-up already - the user has used an invite link - the user has already solved the captcha (and registration failed for another reason) The Content-Security-Policy headers are altered automatically to allow the third-party hCaptcha scripts on `/about` and `/auth/sign_up` following the same rules as above.
76 lines
1.8 KiB
Ruby
76 lines
1.8 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class AboutController < ApplicationController
|
|
include RegistrationSpamConcern
|
|
include CaptchaConcern
|
|
|
|
before_action :set_pack
|
|
|
|
layout 'public'
|
|
|
|
before_action :require_open_federation!, only: [:show, :more]
|
|
before_action :set_body_classes, only: :show
|
|
before_action :set_instance_presenter
|
|
before_action :set_expires_in, only: [:more, :terms]
|
|
before_action :set_registration_form_time, only: :show
|
|
before_action :extend_csp_for_captcha!, only: :show
|
|
|
|
skip_before_action :require_functional!, only: [:more, :terms]
|
|
|
|
def show; end
|
|
|
|
def more
|
|
flash.now[:notice] = I18n.t('about.instance_actor_flash') if params[:instance_actor]
|
|
|
|
toc_generator = TOCGenerator.new(@instance_presenter.site_extended_description)
|
|
|
|
@rules = Rule.ordered
|
|
@contents = toc_generator.html
|
|
@table_of_contents = toc_generator.toc
|
|
@blocks = DomainBlock.with_user_facing_limitations.by_severity if display_blocks?
|
|
end
|
|
|
|
def terms; end
|
|
|
|
helper_method :display_blocks?
|
|
helper_method :display_blocks_rationale?
|
|
helper_method :public_fetch_mode?
|
|
helper_method :new_user
|
|
|
|
private
|
|
|
|
def require_open_federation!
|
|
not_found if whitelist_mode?
|
|
end
|
|
|
|
def display_blocks?
|
|
Setting.show_domain_blocks == 'all' || (Setting.show_domain_blocks == 'users' && user_signed_in?)
|
|
end
|
|
|
|
def display_blocks_rationale?
|
|
Setting.show_domain_blocks_rationale == 'all' || (Setting.show_domain_blocks_rationale == 'users' && user_signed_in?)
|
|
end
|
|
|
|
def new_user
|
|
User.new.tap do |user|
|
|
user.build_account
|
|
user.build_invite_request
|
|
end
|
|
end
|
|
|
|
def set_pack
|
|
use_pack 'public'
|
|
end
|
|
|
|
def set_instance_presenter
|
|
@instance_presenter = InstancePresenter.new
|
|
end
|
|
|
|
def set_body_classes
|
|
@hide_navbar = true
|
|
end
|
|
|
|
def set_expires_in
|
|
expires_in 0, public: true
|
|
end
|
|
end
|