Merge branch 'master' into cekk_disable_automatic_field

.github/workflows/tests.yml

@@ -14,12 +14,11 @@ jobs:
         config:
         # [Python version, tox env]
         - ["2.7",  "py27-plone52"]
-        - ["3.6",  "py36-plone52"]
         - ["3.7",  "py37-plone52"]
         - ["3.8",  "py38-plone52"]
-        - ["3.7",  "py37-plone60"]
         - ["3.8",  "py38-plone60"]
         - ["3.9",  "py39-plone60"]
+        - ["3.10",  "py310-plone60"]
     name: ${{ matrix.config[1] }}
     steps:
     - uses: actions/checkout@v2

CHANGES.rst

@@ -2,9 +2,21 @@ Changelog
 =========
 
 
-2.1 (unreleased)
+2.1.1 (unreleased)
+------------------
+
+- Add Spanish translations.
+  [macagua]
+
+
+2.1 (2022-11-04)
 ----------------
 
+- Add support for restapi POST.
+  [cekk]
+
+- Support Plone 5.2 on Py 2.7+3.7+3.8 and Plone 6.0 on Py 3.8+3.9+3.10.  [maurits]
+
 - Test on GitHub Actions instead of Travis.  [maurits]
 - Add marker interface to disable automatic field insertion in forms.
   [cekk]

base.cfg

@@ -7,6 +7,7 @@ parts =
     instance
     test
     omelette
+    i18ndude
 develop = .
 
 
@@ -32,10 +33,14 @@ environment-vars +=
 recipe = collective.recipe.omelette
 eggs = ${instance:eggs}
 
+[i18ndude]
+recipe = zc.recipe.egg
+eggs = i18ndude
+
 
 [versions]
 # buildout-related versions
-# Keep these the same as in requirements.cfg please.
-setuptools = 42.0.2
-zc.buildout = 2.13.7
-wheel = 0.37.1
+# Just use what is already installed via the requirements files.
+setuptools =
+zc.buildout =
+wheel =

bootstrap.sh

@@ -1,4 +1,5 @@
 #!/bin/sh
+# Let's use Python 3.8 here, to make it easier to switch between Plone 5.2 and 6.0.
 python3.8 -m venv .
 ./bin/pip install -r requirements.txt
 ./bin/buildout -c buildout.cfg

collective/honeypot/__init__.py

@@ -0,0 +1,4 @@
+from zope.i18nmessageid import MessageFactory
+
+
+_ = MessageFactory("collective.honeypot")

collective/honeypot/configure.zcml

@@ -4,7 +4,8 @@
     xmlns:zcml="http://namespaces.zope.org/zcml"
     xmlns:i18n="http://namespaces.zope.org/i18n"
     i18n_domain="collective.honeypot">
-
+
+  <i18n:registerTranslations directory="locales" />
   <include file="fixes.zcml" />
   <include package="plone.transformchain" />
 

collective/honeypot/locales/collective.honeypot.pot

@@ -0,0 +1,23 @@
+#--- PLEASE EDIT THE LINES BELOW CORRECTLY ---
+#SOME DESCRIPTIVE TITLE.
+#FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"POT-Creation-Date: 2022-09-01 15:28+0000\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI +ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <[email protected]>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=utf-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0\n"
+"Language-Code: en\n"
+"Language-Name: English\n"
+"Preferred-Encodings: utf-8 latin1\n"
+"Domain: collective.honeypot\n"
+
+#. Default: "Posting denied due to possible spamming. Please contact us if we are wrong."
+#: collective/honeypot/utils.py:59
+msgid "post_denied_label"
+msgstr ""

collective/honeypot/locales/es/LC_MESSAGES/collective.honeypot.po

@@ -0,0 +1,25 @@
+# Translation of collective.honeypot.pot to Spanish
+# Leonardo J. Caballero G. <[email protected]>, 2023.
+msgid ""
+msgstr ""
+"Project-Id-Version: collective.honeypot\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2022-09-01 15:28+0000\n"
+"PO-Revision-Date: 2023-05-13 12:20-0400\n"
+"Last-Translator: Leonardo J. Caballero G. <[email protected]>\n"
+"Language: es\n"
+"Language-Team: ES <[email protected]>\n"
+"Content-Type: text/plain; charset=utf-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"Preferred-Encodings: utf-8\n"
+"MIME-Version: 1.0\n"
+"Language-Code: es\n"
+"Language-Name: Español\n"
+"Domain: collective.honeypot\n"
+"X-Is-Fallback-For: es-ar es-bo es-cl es-co es-cr es-do es-ec es-es es-sv es-gt es-hn es-mx es-ni es-pa es-py es-pe es-pr es-us es-uy es-ve\n"
+
+#. Default: "Posting denied due to possible spamming. Please contact us if we are wrong."
+#: collective/honeypot/utils.py:59
+msgid "post_denied_label"
+msgstr "Error al enviar el formulario. Póngase en contacto con el administrador del sitio si cree que se trata de un error."

collective/honeypot/locales/it/LC_MESSAGES/collective.honeypot.po

@@ -0,0 +1,23 @@
+#--- PLEASE EDIT THE LINES BELOW CORRECTLY ---
+#SOME DESCRIPTIVE TITLE.
+#FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"POT-Creation-Date: 2022-09-01 15:28+0000\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI +ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <[email protected]>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=utf-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0\n"
+"Language-Code: en\n"
+"Language-Name: English\n"
+"Preferred-Encodings: utf-8 latin1\n"
+"Domain: collective.honeypot\n"
+
+#. Default: "Posting denied due to possible spamming. Please contact us if we are wrong."
+#: collective/honeypot/utils.py:59
+msgid "post_denied_label"
+msgstr "Sottomissione del form bloccata per possibile spam. Per favore contatta l'amministratore del sito se ritieni che sia un'errore."

collective/honeypot/locales/update.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+# i18ndude should be available in current $PATH (eg by running
+# ``export PATH=$PATH:$BUILDOUT_DIR/bin`` when i18ndude is located in your buildout's bin directory)
+#
+# For every language you want to translate into you need a
+# locales/[language]/LC_MESSAGES/collective.honeypot.po
+# (e.g. locales/de/LC_MESSAGES/collective.honeypot.po)
+
+domain=collective.honeypot
+
+i18ndude rebuild-pot --pot $domain.pot --create $domain ../
+i18ndude merge --pot $domain.pot --merge manual.pot
+i18ndude sync --pot $domain.pot */LC_MESSAGES/$domain.po

collective/honeypot/testing.py

@@ -1,19 +1,20 @@
 # -*- coding: utf-8 -*-
-
 from Acquisition import aq_base
+from plone.app.contenttypes.testing import PLONE_APP_CONTENTTYPES_FIXTURE
 from plone.app.discussion.interfaces import IDiscussionSettings
 from plone.app.testing import FunctionalTesting
 from plone.app.testing import PLONE_FIXTURE
 from plone.app.testing import PloneSandboxLayer
 from plone.registry.interfaces import IRegistry
 from plone.testing import zope
+from plone.testing import z2
 from Products.CMFPlone.tests.utils import MockMailHost
 from Products.MailHost.interfaces import IMailHost
 from zope.component import getSiteManager
 from zope.component import queryUtility
 
 import collective.honeypot.config
-
+import plone.restapi
 
 # We want WHITELISTED_START to be empty by default currently, but we
 # do want to test it.
@@ -73,5 +74,23 @@ def teardownPloneSite(self, portal):
 
 HONEYPOT_FIXTURE = HoneypotFixture()
 HONEYPOT_FUNCTIONAL_TESTING = FunctionalTesting(
-    bases=(HONEYPOT_FIXTURE,), name="collective.honeypot:Functional",
+    bases=(HONEYPOT_FIXTURE,),
+    name="collective.honeypot:Functional",
+)
+
+
+class HoneypotRestApiFixture(HoneypotFixture):
+
+    defaultBases = (PLONE_APP_CONTENTTYPES_FIXTURE,)
+
+    def setUpZope(self, app, configurationContext):
+        super(HoneypotRestApiFixture, self).setUpZope(app, configurationContext)
+        self.loadZCML(package=plone.restapi)
+
+
+HONEYPOT_API_FIXTURE = HoneypotRestApiFixture()
+
+HONEYPOT_API_FUNCTIONAL_TESTING = FunctionalTesting(
+    bases=(HONEYPOT_API_FIXTURE, z2.ZSERVER_FIXTURE),
+    name="HoneypotRestApiFixture:Functional",
 )

collective/honeypot/tests/test_restapi.py

@@ -0,0 +1,74 @@
+# -*- coding: utf-8 -*-
+from collective.honeypot.testing import HONEYPOT_API_FUNCTIONAL_TESTING
+from plone.app.testing import setRoles
+from plone.app.testing import SITE_OWNER_NAME
+from plone.app.testing import SITE_OWNER_PASSWORD
+from plone.app.testing import TEST_USER_ID
+from plone.app.testing import TEST_USER_NAME
+from plone.app.testing import TEST_USER_PASSWORD
+from plone.restapi.testing import RelativeSession
+from zExceptions import Forbidden
+
+import transaction
+import unittest
+
+
+class HoneypotRestApiTestCase(unittest.TestCase):
+    layer = HONEYPOT_API_FUNCTIONAL_TESTING
+
+    def setUp(self):
+        self.app = self.layer["app"]
+        self.portal = self.layer["portal"]
+        self.portal_url = self.portal.absolute_url()
+        setRoles(self.portal, TEST_USER_ID, ["Manager"])
+
+        self.api_session = RelativeSession(self.portal_url)
+        self.api_session.headers.update({"Accept": "application/json"})
+        self.api_session.auth = (SITE_OWNER_NAME, SITE_OWNER_PASSWORD)
+
+    def test_restapi_protected_endpoint(self):
+        """
+        @email-notification use sendto_form Plone view that is patched in this package
+        """
+        response = self.api_session.post(
+            self.portal_url + "/@email-notification",
+            json={
+                "from": "[email protected]",
+                "message": "Just want to say hi.",
+            },
+        )
+
+        self.assertEqual(response.status_code, 204)
+
+        response = self.api_session.post(
+            self.portal_url + "/@email-notification",
+            json={
+                "from": "[email protected]",
+                "message": "Just want to say hi.",
+                "protected_1": "foo",
+            },
+        )
+        self.assertEqual(response.status_code, 403)
+
+    def test_restapi_general_post_protected(self):
+        response = self.api_session.post(
+            self.portal_url + "/@email-send",
+            json={
+                "to": "[email protected]",
+                "from": "[email protected]",
+                "message": "Just want to say hi.",
+            },
+        )
+
+        self.assertEqual(response.status_code, 204)
+
+        response = self.api_session.post(
+            self.portal_url + "/@email-send",
+            json={
+                "to": "[email protected]",
+                "from": "[email protected]",
+                "message": "Just want to say hi.",
+                "protected_1": "foo",
+            },
+        )
+        self.assertEqual(response.status_code, 403)

collective/honeypot/utils.py

@@ -1,3 +1,4 @@
+from collective.honeypot import _
 from collective.honeypot.config import ACCEPTED_LOG_LEVEL
 from collective.honeypot.config import DISALLOW_ALL_POSTS
 from collective.honeypot.config import EXTRA_PROTECTED_ACTIONS
@@ -8,6 +9,13 @@
 from collective.honeypot.config import WHITELISTED_START
 from copy import deepcopy
 from zExceptions import Forbidden
+from zope.globalrequest import getRequest
+from zope.i18n import translate
+
+try:
+    from plone.restapi.deserializer import json_body
+except ImportError:
+    json_body = None
 
 import logging
 import six
@@ -51,9 +59,13 @@ def found_honeypot(form, required):
 def deny(msg=None):
     # Deny access.
     if msg is None:
-        msg = (
-            "Posting denied due to possible spamming. "
-            "Please contact us if we are wrong."
+        msg = translate(
+            _(
+                "post_denied_label",
+                default="Posting denied due to possible spamming. "
+                "Please contact us if we are wrong.",
+            ),
+            context=getRequest(),
         )
     raise Forbidden(msg)
 
@@ -69,10 +81,17 @@ def whitelisted(action):
 
 
 def get_form(request):
-    if hasattr(request, "form"):
-        form = request.form
-    else:
+    form = getattr(request, "form", {})
+    if (
+        not form
+        and getattr(request, "CONTENT_TYPE", "") == "application/json"
+        and json_body
+    ):
+        # restapi post
+        form = json_body(request)
+    if not form and isinstance(request, dict):
         form = request
+
     # We may need to make a copy of the form.  This may be expensive
     # in memory, so we make sure to do this only once when needed.
     copied = False

requirements-py2.txt

@@ -0,0 +1,11 @@
+setuptools==42.0.2
+zc.buildout==2.13.8
+wheel==0.37.1
+
+# Windows specific down here (has to be installed here, fails in buildout)
+# Dependency of zope.sendmail:
+pywin32 ; platform_system == 'Windows'
+# SSL Certs on Windows, because Python is missing them otherwise:
+certifi ; platform_system == 'Windows'
+# Dependency of collective.recipe.omelette:
+ntfsutils ; platform_system == 'Windows' and python_version < '3.0'

requirements.txt

@@ -1,7 +1,11 @@
-# Keep these the same as in base.cfg please.
-setuptools==42.0.2
-zc.buildout==2.13.7
+# With pip>=22.2, buildout fails to check the python-requires of a package,
+# so you may get incompatible versions.
+# See https://github.com/buildout/buildout/issues/613
+# So we pin an older one.
+pip==22.1.2
+setuptools==65.4.1
 wheel==0.37.1
+zc.buildout==3.0.0rc3
 
 # Windows specific down here (has to be installed here, fails in buildout)
 # Dependency of zope.sendmail:

setup.cfg

@@ -3,7 +3,7 @@ ignore =
     .installed.cfg
     *.cfg
     bootstrap.sh
-    requirements.txt
+    requirements*.txt
     tox.ini
 
 [bdist_wheel]