il y a 9 ans · 6866ffa491
--- a/wifiwithme/apps/contribmap/decorators.py
+++ b/wifiwithme/apps/contribmap/decorators.py
@@ -0,0 +1,21 @@
 
				+from django.http import HttpResponseForbidden
			
 
				+from .forms import PublicContribForm
			
 
				+
			
 
				+
			
 
				+def prevent_robots(field_name='human_field'):
			
 
				+    """
			
 
				+    this decorator returns a HTTP 403 Forbidden error on POST requests
			
 
				+    if a given field has been set
			
 
				+
			
 
				+    Keyword arguments :
			
 
				+    field_name -- the name of the field to search for (default 'human_field')
			
 
				+    """
			
 
				+    def _dec(func):
			
 
				+        def _wrapped_func(request, *args, **kwargs):
			
 
				+            if request.method == 'POST':
			
 
				+                form = PublicContribForm(request.POST)
			
 
				+                if form.data[field_name]:
			
 
				+                    return HttpResponseForbidden()
			
 
				+            return func(request, *args, **kwargs)
			
 
				+        return _wrapped_func
			
 
				+    return _dec
			
--- a/wifiwithme/apps/contribmap/forms.py
+++ b/wifiwithme/apps/contribmap/forms.py
@@ -16,6 +16,8 @@ ORIENTATIONS = (
 
				 
			
 
				 
			
 
				 class PublicContribForm(forms.ModelForm):
			
 
				+    human_field = forms.CharField(required=False, widget=forms.HiddenInput)
			
 
				+
			
 
				     class Meta:
			
 
				         model = Contrib
			
 
				 
			
--- a/wifiwithme/apps/contribmap/templates/contribmap/wifi-form.html
+++ b/wifiwithme/apps/contribmap/templates/contribmap/wifi-form.html
@@ -184,6 +184,7 @@ pourraient être intéressantes.
 
				 
			
 
				 
			
 
				     <h2>Mes données</h2>
			
 
				+    {{ form.human_field|formcontrol }}
			
 
				 
			
 
				     <p class="help-block">
			
 
				 Les données collectées dans ce formulaire sont accessibles
			
--- a/wifiwithme/apps/contribmap/views.py
+++ b/wifiwithme/apps/contribmap/views.py
@@ -2,16 +2,18 @@ from django.core.urlresolvers import reverse
 
				 from django.http import JsonResponse, HttpResponseForbidden
			
 
				 from django.shortcuts import render, redirect
			
 
				 from django.views.generic import View
			
 
				-
			
 
				 from .forms import PublicContribForm
			
 
				 from .models import Contrib
			
 
				+from .decorators import prevent_robots
			
 
				 
			
 
				 
			
 
				+@prevent_robots()
			
 
				 def add_contrib(request):
			
 
				     if request.method == 'GET':
			
 
				         form = PublicContribForm()
			
 
				     elif request.method == 'POST':
			
 
				         form = PublicContribForm(request.POST)
			
 
				+
			
 
				         if form.is_valid():
			
 
				             form.save()
			
 
				             return redirect(reverse('thanks'))