Apply reCaptcha to Public Forms

src/classes/HttpMockFactory.cls

@@ -0,0 +1,25 @@
+@isTest
+public class HttpMockFactory implements HttpCalloutMock {
+  protected Integer code;
+  protected String status;
+  protected String body;
+  protected Map<String, String> responseHeaders;
+
+  public HttpMockFactory(Integer code, String status, String body, Map<String, String> responseHeaders) {
+      this.code = code;
+      this.status = status;
+      this.body = body;
+      this.responseHeaders = responseHeaders;
+  }
+
+  public HTTPResponse respond(HTTPRequest req) {
+      HttpResponse res = new HttpResponse();
+      for (String key : this.responseHeaders.keySet()) {
+          res.setHeader(key, this.responseHeaders.get(key));
+      }
+      res.setBody(this.body);
+      res.setStatusCode(this.code);
+      res.setStatus(this.status);
+      return res;
+  }
+}

src/classes/HttpMockFactory.cls-meta.xml

@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ApexClass xmlns="http://soap.sforce.com/2006/04/metadata">
+    <apiVersion>47.0</apiVersion>
+    <status>Active</status>
+</ApexClass>

src/classes/UTIL_UnitTest.cls

@@ -251,4 +251,11 @@ public class UTIL_UnitTest {
             Weekly_Occurrence__c = '1st');
     }
 
+    public static void setupCaptchaSettings(Boolean enabled) {
+        VOL_SharedCode.VolunteersSettings.Enable_Site_Captcha__c = enabled;
+        VOL_SharedCode.VolunteersSettings.Google_reCaptcha_Endpoint__c = 'www.salesforce.com';
+        VOL_SharedCode.VolunteersSettings.Google_reCaptcha_Site_Key__c = '1234567890';
+        VOL_SharedCode.VolunteersSettings.Google_reCaptcha_Secret_Key__c = '1234567890';
+    }
+
 }

src/classes/VOL_CTRL_PersonalSiteContactLookup.cls

@@ -31,6 +31,9 @@
 global with sharing class VOL_CTRL_PersonalSiteContactLookup {
     @TestVisible
     private static VOL_Access access = VOL_Access.getInstance();
+
+    @TestVisible
+    private static VOL_Captcha captcha = VOL_Captcha.getInstance();
 
     // constructor
     global VOL_CTRL_PersonalSiteContactLookup() {
@@ -72,12 +75,16 @@ global with sharing class VOL_CTRL_PersonalSiteContactLookup {
     }
 
     global string strResult { get; set; }
-    global string strLanguage { get; set; }
+    global string strLanguage { get; set; }    
 
     // the action method called from the page to lookup the contact, and to send them email if found.
-    global PageReference LookupContact() {
-
-        list<Contact> listCon = VOL_SharedCode.LookupContact(contact, null);
+    global PageReference LookupContact() {                                            
+        if (!captcha.verifyCaptcha()) {
+            strResult = System.Label.CaptchaFailure;
+            return null;
+        }
+
+        list<Contact> listCon = VOL_SharedCode.LookupContact(contact, null);        
         if (listCon == null || listCon.size() == 0) {
             strResult = System.Label.labelContactLookupAmbiguous;
         } else {
@@ -123,7 +130,7 @@ global with sharing class VOL_CTRL_PersonalSiteContactLookup {
             mail.setTemplateID(emailTemplateId);    
             if (orgWideEmailId != null) {
                 mail.setOrgWideEmailAddressId(orgWideEmailId);
-            }       
+            }
             list<Messaging.SendEmailResult> listSER;
             listSER = Messaging.sendEmail(new Messaging.Email[] { mail }, false);
             if (listSER[0].isSuccess()) {
@@ -183,5 +190,4 @@ global with sharing class VOL_CTRL_PersonalSiteContactLookup {
             null :
             closedTaskStatuses[0].ApiName;
     }
-
 }

src/classes/VOL_CTRL_PersonalSiteContactLookup_TEST.cls

@@ -77,7 +77,51 @@ private with sharing class VOL_CTRL_PersonalSiteContactLookup_TEST {
             System.assertEquals(defaultClosedStatus, VOL_CTRL_PersonalSiteContactLookup.getClosedTaskStatus(), 'Expected the system to find the default closed task status when ran as a guest user.');
         }
     }
+
+    @IsTest
+    private static void shouldReturnErrorOnCaptchaFailure() {
+        //enable captcha
+        UTIL_UnitTest.setupCaptchaSettings(true);
+
+        //point to our VF page
+        PageReference lookupPage = Page.PersonalSiteContactLookup;
+        Test.setCurrentPage(lookupPage);
+
+        Test.startTest();
+        VOL_CTRL_PersonalSiteContactLookup ctrl = new VOL_CTRL_PersonalSiteContactLookup();        
+        ctrl.contact.Firstname = 'Test';
+        ctrl.contact.Lastname = 'User';
+        ctrl.contact.Email = '[email protected]';
+        ctrl.LookupContact();
+        Test.stopTest();
+
+        System.assertEquals(System.Label.CaptchaFailure, ctrl.strResult);
+    }
 
+    @IsTest
+    private static void shouldReturnSuccessMessageOnCaptchaSuccess() {
+        //enable captcha
+        UTIL_UnitTest.setupCaptchaSettings(true);
+
+        HttpMockFactory mock = new HttpMockFactory(200, 'OK', '{"success":true}', new Map<String,String>());        
+        Test.setMock(HttpCalloutMock.class, mock);
+
+        //point to our VF page
+        PageReference lookupPage = Page.PersonalSiteContactLookup;
+        Test.setCurrentPage(lookupPage);
+        System.currentPageReference().getParameters().put('g-recaptcha-response', '1234567890');
+
+        Test.startTest();
+        VOL_CTRL_PersonalSiteContactLookup ctrl = new VOL_CTRL_PersonalSiteContactLookup();        
+        ctrl.contact.Firstname = 'Test';
+        ctrl.contact.Lastname = 'User';
+        ctrl.contact.Email = '[email protected]';
+        ctrl.LookupContact();
+        Test.stopTest();
+
+        System.assertEquals(System.Label.labelContactLookupAmbiguous, ctrl.strResult);
+    }
+
     @isTest(SeeAllData=true)  // SeeAllData so the CSS file is viewable
     /*******************************************************************************************************
     * @description test the visualforce page controller, running as the Sites Guest User, if such as user
@@ -104,6 +148,8 @@ private with sharing class VOL_CTRL_PersonalSiteContactLookup_TEST {
     }
 
     private static void TestPersonalSiteContactLookup() {
+        //disable captcha
+        UTIL_UnitTest.setupCaptchaSettings(false);
 
         //point to our VF page
         PageReference p = new PageReference('Page.PersonalSiteContactLookup');

src/classes/VOL_CTRL_VolunteersJobListingFS.cls

@@ -31,6 +31,10 @@
 global virtual with sharing class VOL_CTRL_VolunteersJobListingFS {
     @TestVisible
     private static VOL_Access access = VOL_Access.getInstance();
+
+    @TestVisible
+    private static VOL_Captcha captcha = VOL_Captcha.getInstance();
+
     /**
      * Hard coding the subquery limit to 200 to prevent an error being displayed when
      * attempting to access the list of child records when more than 200 are present
@@ -418,6 +422,11 @@ global virtual with sharing class VOL_CTRL_VolunteersJobListingFS {
     private class MyException extends Exception {}
 
     global virtual PageReference VolunteerShiftSignUp() {
+        if (!captcha.verifyCaptcha()) {
+            strSaveResult = System.Label.CaptchaFailure;
+            ApexPages.addMessage(new ApexPages.Message(ApexPages.Severity.FATAL, System.Label.CaptchaFailure));
+            return null;
+        }
 
         Savepoint sp = Database.setSavepoint();
         try {
@@ -449,8 +458,7 @@ global virtual with sharing class VOL_CTRL_VolunteersJobListingFS {
                     dtStart = listShift[0].Start_Date_Time__c.date();
                     duration = listShift[0].Duration__c;
                 }
-            }
-
+            }                        
             // when used within the Personal Site, we should use the appropriate Contact
             Cookie cId = ApexPages.currentPage().getCookies().get('contactIdPersonalSite');
             ID contactIdPersonalSite = null;

src/classes/VOL_CTRL_VolunteersJobListingFS_TEST.cls

@@ -159,6 +159,68 @@ private with sharing class VOL_CTRL_VolunteersJobListingFS_TEST {
         System.assertEquals(QUERY_LIMIT, jobListingCtrl.listVolunteerJobs[0].Volunteer_Job_Slots__r.size(), 'The number of shifts returned was not as expected.');
     }
 
+    @IsTest
+    private static void shouldNotContainPageMessageOnCaptchaSuccess() {
+        generateData(1);
+        UTIL_UnitTest.setupCaptchaSettings(true);
+
+        HttpMockFactory mock = new HttpMockFactory(200, 'OK', '{"success":true}', new Map<String,String>());
+        Test.setMock(HttpCalloutMock.class, mock);
+
+        Contact existingContact = UTIL_UnitTest.createContact('Signup Update ' + DateTime.now().getTime());
+        insert existingContact;
+
+        Id jobId = [SELECT Id FROM Volunteer_Job__c LIMIT 1].Id;
+        Id shiftId = [SELECT Id FROM Volunteer_Shift__c Where Volunteer_Job__c = :jobId LIMIT 1].Id;
+
+        setupPage(new Map<String, String>{'g-recaptcha-response' => '1234567890'});
+
+        Test.startTest();
+        jobListingCtrl.shiftIdSignUp = shiftId;
+        jobListingCtrl.jobIdSignUp = jobId;
+        jobListingCtrl.contact = existingContact;
+        jobListingCtrl.vhours.Number_of_Volunteers__c = 2;
+        jobListingCtrl.VolunteerShiftSignUp();
+        Test.stopTest();
+
+        List<Apexpages.Message> messages = ApexPages.getMessages();
+        System.assertEquals(0, messages.size());
+    }
+
+    @IsTest
+    private static void shouldReturnErrorOnCaptchaFailure() {
+        generateData(1);
+        UTIL_UnitTest.setupCaptchaSettings(true);
+
+        Contact existingContact = UTIL_UnitTest.createContact('Signup Update ' + DateTime.now().getTime());
+        insert existingContact;
+
+        Id jobId = [SELECT Id FROM Volunteer_Job__c LIMIT 1].Id;
+        Id shiftId = [SELECT Id FROM Volunteer_Shift__c Where Volunteer_Job__c = :jobId LIMIT 1].Id;
+
+        setupPage(new Map<String, String>());
+
+        Test.startTest();
+        jobListingCtrl.shiftIdSignUp = shiftId;
+        jobListingCtrl.jobIdSignUp = jobId;
+        jobListingCtrl.contact = existingContact;
+        jobListingCtrl.vhours.Number_of_Volunteers__c = 2;
+        jobListingCtrl.VolunteerShiftSignUp();
+        Test.stopTest();
+
+        Boolean expectedMessage = false;
+        List<Apexpages.Message> messages = ApexPages.getMessages();
+        System.assertNotEquals(0, messages.size());
+
+        for (Apexpages.Message message : messages) {
+            if (message.getDetail().contains(System.Label.CaptchaFailure)) {
+                expectedMessage = true;
+            }
+        }
+
+        System.assertEquals(true, expectedMessage);
+    }
+
     private static void setupPage(Map<String, String> params) {
         PageReference pageRef = Page.VolunteersJobListingFS;
 

src/classes/VOL_CTRL_VolunteersReportHours.cls

@@ -29,10 +29,13 @@
 */
 
 global virtual with sharing class VOL_CTRL_VolunteersReportHours {
-    private VOL_SharedCode volSharedCode;
-
+    private VOL_SharedCode volSharedCode;        
+    
     @TestVisible
     private static VOL_Access access = VOL_Access.getInstance();
+
+    @TestVisible
+    private static VOL_Captcha captcha = VOL_Captcha.getInstance();
 
     // constructor
     global VOL_CTRL_VolunteersReportHours() {
@@ -255,9 +258,12 @@ global virtual with sharing class VOL_CTRL_VolunteersReportHours {
 
     private class MyException extends Exception {}
 
-
     // action method for saving the the volunteer's hours.    
     global virtual PageReference Save() {
+        if (!captcha.verifyCaptcha()) {
+            strSaveResult = System.Label.CaptchaFailure;
+            return null;
+        }
         Savepoint sp = Database.setSavepoint();
         try {
             // because we need to use actionSupport immediate=false to support the combo's,

src/classes/VOL_CTRL_VolunteersReportHours_TEST.cls

@@ -89,6 +89,60 @@ private with sharing class VOL_CTRL_VolunteersReportHours_TEST {
         accessMock.assertMethodCalled('updateRecords', Volunteer_Hours__c.SObjectType);
     }
 
+    @IsTest
+    private static void shouldReturnSuccessMessageOnCaptchaSuccess() {
+        UTIL_UnitTest.generateData();
+
+        //enable captcha
+        UTIL_UnitTest.setupCaptchaSettings(true);
+
+        HttpMockFactory mock = new HttpMockFactory(200, 'OK', '{"success":true}', new Map<String,String>());        
+        Test.setMock(HttpCalloutMock.class, mock);
+
+        Contact contactRecord = (Contact) UTIL_UnitTest.getSObject(Contact.SObjectType);
+        Id jobId = UTIL_UnitTest.getId(Volunteer_Job__c.SObjectType);
+        Volunteer_Hours__c hours = UTIL_UnitTest.createHours(contactRecord.Id, jobId, null);
+        insert hours;
+
+        Test.setCurrentPage(reportHoursPage);
+        System.currentPageReference().getParameters().put('g-recaptcha-response', '1234567890');
+
+        Test.startTest();
+        VOL_CTRL_VolunteersReportHours reportHoursCtrl = new VOL_CTRL_VolunteersReportHours();
+        reportHoursCtrl.contact = contactRecord;
+        reportHoursCtrl.volunteerJobId = jobId;
+        reportHoursCtrl.vhours = hours;        
+        reportHoursCtrl.Save();
+        Test.stopTest();
+
+        System.assertEquals(System.Label.labelVolunteerReportHoursThankYou, reportHoursCtrl.strSaveResult);
+    }
+
+    @IsTest
+    private static void shouldReturnErrorOnCaptchaFailure() {
+        UTIL_UnitTest.generateData();
+
+        //enable captcha
+        UTIL_UnitTest.setupCaptchaSettings(true);
+
+        Contact contactRecord = (Contact) UTIL_UnitTest.getSObject(Contact.SObjectType);
+        Id jobId = UTIL_UnitTest.getId(Volunteer_Job__c.SObjectType);
+        Volunteer_Hours__c hours = UTIL_UnitTest.createHours(contactRecord.Id, jobId, null);
+        insert hours;
+
+        Test.setCurrentPage(reportHoursPage);
+
+        Test.startTest();
+        VOL_CTRL_VolunteersReportHours reportHoursCtrl = new VOL_CTRL_VolunteersReportHours();
+        reportHoursCtrl.contact = contactRecord;
+        reportHoursCtrl.volunteerJobId = jobId;
+        reportHoursCtrl.vhours = hours;        
+        reportHoursCtrl.Save();
+        Test.stopTest();
+
+        System.assertEquals(System.Label.CaptchaFailure, reportHoursCtrl.strSaveResult);
+    }
+
     /*******************************************************************************************************
     * @description test the visualforce page controller, running as the Sites Guest User, if such as user
     * exists.  if not, will run under the current user.

src/classes/VOL_CTRL_VolunteersSignupFS.cls

@@ -29,7 +29,9 @@
 */
 
 global virtual with sharing class VOL_CTRL_VolunteersSignupFS {
-
+    @TestVisible
+    private static VOL_Captcha captcha = VOL_Captcha.getInstance();
+
     // constructor
     global VOL_CTRL_VolunteersSignupFS() {
 
@@ -96,6 +98,10 @@ global virtual with sharing class VOL_CTRL_VolunteersSignupFS {
     global Attachment attachment { get; set; }   
 
     global virtual PageReference Save() {  
+        if (!captcha.verifyCaptcha()) {
+            StrSaveResult = System.Label.CaptchaFailure;
+            return null;
+        }
         try { 
             // save or update the contact              
             ID contactId = VOL_SharedCode.CreateOrUpdateContactFS(null, contact, contact.Volunteer_Organization__c, listStrFields, true);