Added Validate Users setting

CHANGELOG.md

@@ -7,15 +7,16 @@
 
 ### Added
 - Added a customisable error screen that allows users to resubmit their data if a submission is flagged as spam.
-- Added an “Exclude Controller Actions” setting.
+- Added a “Validate Users” setting that lets you disable validation for logged-in users.
+- Added an “Exclude Controller Actions” setting that lets you disable validation for specific controller actions.
 - Added an “Allow List” of IP addresses that will not be validated.
 - Added unit tests.
 
 ### Changed
 - Changed the minimum requirement of Craft to version 3.2.1.
-- Renamed “Blacklist” to “Deny List”, a list of IP addresses that will always be denied.
+- Renamed “Blacklist” to “Deny List”.
 - The hidden input field now has an `autocomplete` attribute set to `off`.
-- IP addresses are now stored as anonymous hash values.
+- IP addresses are now stored as anonymous hashed values.
 
 ### Removed
 - Removed the “Excluded URI Patterns” setting. Use the new “Exclude Controller Actions” setting instead.

codeception.yml

@@ -12,14 +12,15 @@ modules:
     config:
         \craft\test\Craft:
             configFile: 'tests/_craft/config/test.php'
-            entryUrl: 'http://craft3/index.php'
+            entryUrl: 'http://craft.nitro/index.php'
             entryScript: 'index.php'
             projectConfig: {}
             migrations: []
             plugins:
-                sprig:
+                snaptcha:
                     class: '\putyourlightson\snaptcha\Snaptcha'
                     handle: snaptcha
-#            cleanup: true
+            cleanup: true
             transaction: false
-#            dbSetup: {clean: true, setupCraft: true}
+            dbSetup: {clean: true, setupCraft: true}
+            fullMock: false

src/config.php

@@ -22,6 +22,9 @@
         // Whether form submissions should be validated. Ensure that all of your forms that submit via POST requests have the necessary tags in place before enabling this.
         //'validationEnabled' => false,
 
+        // Whether form submissions should be validated for logged-in users (recommended if public user registration is enabled).
+        //'validateUsers' => true,
+
         // Whether form submissions should be limited to one time per page refresh (recommended for low to medium traffic sites).
         //'oneTimeKey' => true,
 

src/models/SettingsModel.php

@@ -14,6 +14,11 @@ class SettingsModel extends Model
      */
     public $validationEnabled = false;
 
+    /**
+     * @var bool
+     */
+    public $validateUsers = true;
+
     /**
      * @var bool
      */

src/services/SnaptchaService.php

@@ -97,6 +97,16 @@ public function isExcludedControllerAction(): bool
         return false;
     }
 
+    /**
+     * Returns whether the user is allowed.
+     *
+     * @return bool
+     */
+    public function isUserAllowed(): bool
+    {
+        return !Snaptcha::$plugin->settings->validateUsers && Craft::$app->getUser()->getIsGuest() === false;
+    }
+
     /**
      * Returns whether the IP address is allowed.
      *
@@ -164,6 +174,11 @@ public function validateField(string $value = null): bool
             return false;
         }
 
+        // Check if user is allowed
+        if ($this->isUserAllowed()) {
+            return true;
+        }
+
         // Check if IP address is allowed
         if ($this->isIpAllowed()) {
             return true;

src/templates/_settings.html

@@ -20,6 +20,16 @@
     errors: settings.getErrors('validationEnabled')
 }) }}
 
+{{ forms.lightswitchField({
+    required: true,
+    label: 'Validate Users'|t('snaptcha'),
+    name: 'validateUsers',
+    instructions: 'Whether form submissions should be validated for logged-in users (recommended if public user registration is enabled).'|t('snaptcha'),
+    warning: (config.validateUsers is defined ? configWarning('validateUsers')),
+    on: settings.validateUsers,
+    errors: settings.getErrors('validateUsers')
+}) }}
+
 {{ forms.lightswitchField({
     required: true,
     label: 'One Time Key'|t('snaptcha'),

tests/.env

@@ -1,7 +1,7 @@
 # Set in accordance to your environment
-DB_DSN="mysql:host=127.0.0.1;port=3306;dbname=craft-test"
-DB_USER="root"
-DB_PASSWORD="root"
+DB_DSN="mysql:host=mysql-8.0-3307.database.nitro;port=3306;dbname=craft-test"
+DB_USER="nitro"
+DB_PASSWORD="nitro"
 
 # Set this to the `entryUrl` param in the `codeception.yml` file.
-DEFAULT_SITE_URL="http://craft3/index.php"
+DEFAULT_SITE_URL="http://craft/index.php"

tests/README.md

@@ -8,10 +8,10 @@ To run static analysis on the plugin, install PHPStan and run the following comm
 
 To test the plugin, install Codeception, update `.env` and run the following command from the root of your project.
 
-    codecept run -c ./vendor/putyourlightson/craft-sherlock
+    ./vendor/bin/codecept run -c ./vendor/putyourlightson/craft-sherlock
 
 Or to run a specific test.
 
-     codecept run -c ./vendor/putyourlightson/craft-sherlock unit variables/SnaptchaVariableTest:getField
+    ./vendor/bin/codecept run -c ./vendor/putyourlightson/craft-sherlock unit variables/SnaptchaVariableTest:getField
 
 > Ensure that the database you specify in `.env` is not one that actually contains any data as it will be cleared when the tests are run. 

tests/_bootstrap.php

@@ -13,7 +13,7 @@
 //define('CRAFT_VENDOR_PATH', dirname(__DIR__) . DIRECTORY_SEPARATOR . 'vendor');
 
 // Use absolute path if the plugin directory is a symlink
-define('CRAFT_VENDOR_PATH', '/Users/ben/Sites/craft3/vendor');
+define('CRAFT_VENDOR_PATH', '/app/vendor');
 
 $devMode = true;