V3.3.3 (#284)

* Fix autocomplete of the Site Key field by LasPass. * Add requirement to check the site config after changes in credentials. * Fix activation of hCaptcha with empty keys. * Update Brevo logo. * Add auto-detect language info. * Update readme.txt. * Update sample hcaptcha label. * LearnDash Login integration. * WPCS in LearnDash Login. * LearnDash Register integration. * Improve adding error messages. * LearnDash Lost Password integration. * LearnDash Lost Password integration. * Fix form detection for Auto-Verify. * Fix SendInBlue form working in the post content only. Fix auto-verify form not working on the homepage. * Fix Passter and LearnDash forms working in the post content only. * Fix Passter and LearnDash forms working in the post content only. * Fix readme.txt. * Fix readme.txt. * Fix hCaptcha not loading correctly for Brevo form. * Raise Main.php test coverage to 100%. * Raise Main.php test coverage to 100%. * Move wpforo filter from Main. * Move supportCandy filter from Main. * Raise Main.php test coverage to 100%. * Raise Main.php test coverage to 100%. * Raise hcaptcha.php test coverage to 100%. * Raise WP classes test coverage to 100%. * Raise WC classes test coverage to 100%. * Update readme.txt. * Raise Abstract classes test coverage to 100%. * Bump up version. * Apply suggestions from code review --------- Co-authored-by: e271828- <[email protected]>
hCaptcha · Oct 10, 2023 · 23b452b · 23b452b
1 parent c4917db
commit 23b452b
Show file tree

Hide file tree

Showing 38 changed files with 1,404 additions and 350 deletions.
diff --git a/.tests/php/integration/AMainTest.php b/.tests/php/integration/AMainTest.php
diff --git a/.tests/php/integration/Stubs/Automattic/WooCommerce/Utilities/FeaturesUtil.php b/.tests/php/integration/Stubs/Automattic/WooCommerce/Utilities/FeaturesUtil.php
@@ -0,0 +1,34 @@
+<?php
+/**
+ * FeaturesUtil stub file
+ *
+ * @package HCaptcha\Tests
+ */
+
+// phpcs:disable Generic.Commenting.DocComment.MissingShort
+/** @noinspection PhpIllegalPsrClassPathInspection */
+/** @noinspection PhpUndefinedClassInspection */
+// phpcs:enable Generic.Commenting.DocComment.MissingShort
+
+namespace Automattic\WooCommerce\Utilities;
+
+/**
+ * Class FeaturesUtil
+ */
+class FeaturesUtil {
+	/**
+	 * Declare (in)compatibility with a given feature for a given plugin.
+	 *
+	 * This method MUST be executed from inside a handler for the 'before_woocommerce_init' hook and
+	 * SHOULD be executed from the main plugin file passing __FILE__ or 'my-plugin/my-plugin.php' for the
+	 * $plugin_file argument.
+	 *
+	 * @param string $feature_id Unique feature id.
+	 * @param string $plugin_file The full plugin file path.
+	 * @param bool   $positive_compatibility True if the plugin declares being compatible with the feature, false if it declares being incompatible.
+	 * @return bool True on success, false on error (feature doesn't exist or not inside the required hook).
+	 */
+	public static function declare_compatibility( string $feature_id, string $plugin_file, bool $positive_compatibility = true ): bool {
+		return true;
+	}
+}
diff --git a/.tests/php/integration/WC/LoginTest.php b/.tests/php/integration/WC/LoginTest.php
@@ -76,21 +76,65 @@ public function test_verify() {
 
 		$subject = new Login();
 
+		add_filter( 'woocommerce_process_login_errors', [ $subject, 'verify' ] );
+
+		self::assertEquals(
+			$validation_error,
+			apply_filters( 'woocommerce_process_login_errors', $validation_error )
+		);
+	}
+
+	/**
+	 * Test verify() when not in the WC filter.
+	 */
+	public function test_verify_NOT_wc_filter() {
+		$validation_error = new WP_Error();
+
+		$subject = new Login();
+
 		self::assertEquals( $validation_error, $subject->verify( $validation_error ) );
 	}
 
+	/**
+	 * Test verify() when not login limit exceeded.
+	 */
+	public function test_verify_NOT_login_limit_exceeded() {
+		$validation_error = new WP_Error();
+
+		$subject = new Login();
+
+		add_filter(
+			'hcap_login_limit_exceeded',
+			static function () {
+				return false;
+			}
+		);
+
+		add_filter( 'woocommerce_process_login_errors', [ $subject, 'verify' ] );
+
+		self::assertEquals(
+			$validation_error,
+			apply_filters( 'woocommerce_process_login_errors', $validation_error )
+		);
+	}
+
 	/**
 	 * Test verify() not verified.
 	 */
 	public function test_verify_not_verified() {
-		$validation_error = new WP_Error();
+		$validation_error = 'some wrong error, to be replaced by WP_Error';
 		$expected         = new WP_Error();
 		$expected->add( 'hcaptcha_error', 'The hCaptcha is invalid.' );
 
 		$this->prepare_hcaptcha_get_verify_message( 'hcaptcha_login_nonce', 'hcaptcha_login', false );
 
 		$subject = new Login();
 
-		self::assertEquals( $expected, apply_filters( 'woocommerce_process_login_errors', $validation_error ) );
+		add_filter( 'woocommerce_process_login_errors', [ $subject, 'verify' ] );
+
+		self::assertEquals(
+			$expected,
+			apply_filters( 'woocommerce_process_login_errors', $validation_error )
+		);
 	}
 }
diff --git a/.tests/php/integration/WC/OrderTrackingTest.php b/.tests/php/integration/WC/OrderTrackingTest.php
@@ -96,4 +96,15 @@ class="h-captcha"
 
 		self::assertSame( $expected, $subject->do_shortcode_tag( $output, $tag, [], [] ) );
 	}
+
+	/**
+	 * Test do_shortcode_tag() when not order_tracking tag.
+	 */
+	public function test_do_shortcode_tag_when_NOT_order_tracking() {
+		$output  = 'some output';
+		$tag     = 'some_tag';
+		$subject = new OrderTracking();
+
+		self::assertSame( $output, $subject->do_shortcode_tag( $output, $tag, [], [] ) );
+	}
 }
diff --git a/.tests/php/integration/WC/RegisterTest.php b/.tests/php/integration/WC/RegisterTest.php
@@ -70,13 +70,14 @@ public function test_verify() {
 	 * Test verify() not verified.
 	 */
 	public function test_verify_not_verified() {
-		$validation_error = new WP_Error( 'some error' );
+		$validation_error = 'some wrong error, to be replaced by WP_Error';
+		$expected         = new WP_Error();
 
-		$validation_error->add( 'hcaptcha_error', 'The Captcha is invalid.' );
+		$expected->add( 'hcaptcha_error', 'The hCaptcha is invalid.' );
 
 		$this->prepare_hcaptcha_get_verify_message_html( 'hcaptcha_wc_register_nonce', 'hcaptcha_wc_register', false );
 
 		$subject = new Register();
-		self::assertEquals( $validation_error, $subject->verify( $validation_error ) );
+		self::assertEquals( $expected, $subject->verify( $validation_error ) );
 	}
 }
diff --git a/.tests/php/integration/WP/CommentTest.php b/.tests/php/integration/WP/CommentTest.php
@@ -16,6 +16,7 @@
 use HCaptcha\WP\Comment;
 use Mockery;
 use ReflectionException;
+use tad\FunctionMocker\FunctionMocker;
 use WP_Error;
 
 /**
@@ -96,6 +97,35 @@ public function test_add_captcha() {
 		$subject = Mockery::mock( Comment::class )->makePartial();
 		$this->set_protected_property( $subject, 'active', true );
 
+		// Test when hCaptcha plugin is active.
+		self::assertSame( $expected, $subject->add_captcha( $submit_field, [] ) );
+	}
+
+	/**
+	 * Test add_captcha() when not active.
+	 *
+	 * @throws ReflectionException ReflectionException.
+	 */
+	public function test_add_captcha_when_NOT_active() {
+		$submit_field =
+			'<p class="form-submit"><input name="submit" type="submit" id="submit" class="submit et_pb_button" value="Submit Comment" />' .
+			"<input type='hidden' name='comment_post_ID' value='1' id='comment_post_ID' />" .
+			"<input type='hidden' name='comment_parent' id='comment_parent' value='0' />" .
+			'</p>';
+		$encoded_id   = 'eyJzb3VyY2UiOlsiV29yZFByZXNzIl0sImZvcm1faWQiOiIxIn0=';
+		$hash         = wp_hash( $encoded_id );
+		$expected     = '				<input
+					type="hidden"
+					class="hcaptcha-widget-id"
+					name="hcaptcha-widget-id"
+					value="' . $encoded_id . '-' . $hash . '">
+				' . $submit_field;
+
+		$subject = Mockery::mock( Comment::class )->makePartial();
+
+		// Test when hCaptcha plugin is not active.
+		$this->set_protected_property( $subject, 'active', false );
+
 		self::assertSame( $expected, $subject->add_captcha( $submit_field, [] ) );
 	}
 

diff --git a/.tests/php/integration/WP/LoginTest.php b/.tests/php/integration/WP/LoginTest.php
@@ -7,8 +7,12 @@
 
 namespace HCaptcha\Tests\Integration\WP;
 
+use HCaptcha\Abstracts\LoginBase;
+use HCaptcha\Helpers\HCaptcha;
 use HCaptcha\Tests\Integration\HCaptchaWPTestCase;
 use HCaptcha\WP\Login;
+use ReflectionException;
+use tad\FunctionMocker\FunctionMocker;
 use WP_Error;
 use WP_User;
 
@@ -31,6 +35,7 @@ public function tearDown(): void { // phpcs:ignore PHPCompatibility.FunctionDecl
 		unset(
 			$_POST['log'],
 			$_POST['pwd'],
+			$_SERVER['REMOTE_ADDR'],
 			$GLOBALS['wp_action']['login_init'],
 			$GLOBALS['wp_action']['login_form_login'],
 			$GLOBALS['wp_filters']['login_link_separator']
@@ -55,6 +60,84 @@ public function test_constructor_and_init_hooks() {
 		);
 	}
 
+	/**
+	 * Test login().
+	 *
+	 * @return void
+	 * @throws ReflectionException ReflectionException.
+	 */
+	public function test_login() {
+		$ip                      = '1.1.1.1';
+		$login_data[ $ip ][]     = time();
+		$login_data['2.2.2.2'][] = time();
+		$user_login              = 'test-user';
+		$user                    = new WP_User();
+
+		$subject = new Login();
+
+		$this->set_protected_property( $subject, 'ip', $ip );
+		$this->set_protected_property( $subject, 'login_data', $login_data );
+
+		$subject->login( $user_login, $user );
+
+		unset( $login_data[ $ip ] );
+
+		self::assertSame( $login_data, $this->get_protected_property( $subject, 'login_data' ) );
+		self::assertSame( $login_data, get_option( LoginBase::LOGIN_DATA ) );
+	}
+
+	/**
+	 * Test login_failed().
+	 *
+	 * @return void
+	 * @throws ReflectionException ReflectionException.
+	 * @noinspection UnusedFunctionResultInspection
+	 */
+	public function test_login_failed() {
+		$ip                     = '1.1.1.1';
+		$time                   = time();
+		$username               = 'test_username';
+		$_SERVER['REMOTE_ADDR'] = $ip;
+
+		$subject = new Login();
+
+		$this->set_protected_property( $subject, 'ip', $ip );
+
+		FunctionMocker::replace( 'time', $time );
+
+		$subject->login_failed( $username, null );
+
+		$login_data[ $ip ][] = $time;
+
+		self::assertSame( $login_data, $this->get_protected_property( $subject, 'login_data' ) );
+		self::assertSame( $login_data, get_option( LoginBase::LOGIN_DATA ) );
+	}
+
+	/**
+	 * Test protect_form().
+	 *
+	 * @return void
+	 * @noinspection PhpConditionAlreadyCheckedInspection
+	 */
+	public function test_protect_form() {
+		$value   = true;
+		$source  = HCaptcha::get_class_source( Login::class );
+		$form_id = 'login';
+
+		$subject = new Login();
+
+		self::assertFalse( $subject->protect_form( $value, $source, $form_id ) );
+
+		$form_id = 'some';
+
+		self::assertSame( $value, $subject->protect_form( $value, $source, $form_id ) );
+
+		$form_id = 'login';
+		$source  = [];
+
+		self::assertSame( $value, $subject->protect_form( $value, $source, $form_id ) );
+	}
+
 	/**
 	 * Test add_captcha().
 	 */
@@ -78,6 +161,49 @@ public function test_add_captcha() {
 		self::assertSame( $expected, ob_get_clean() );
 	}
 
+	/**
+	 * Test add_captcha() when not WP login form.
+	 */
+	public function test_add_captcha_when_NOT_wp_login_form() {
+		$expected = '';
+
+		$subject = new Login();
+
+		ob_start();
+
+		$subject->add_captcha();
+
+		self::assertSame( $expected, ob_get_clean() );
+	}
+
+	/**
+	 * Test add_captcha() when not login limit exceeded.
+	 */
+	public function test_add_captcha_when_NOT_login_limit_exceeded() {
+		$expected = '';
+
+		$subject = new Login();
+
+		add_filter(
+			'hcap_login_limit_exceeded',
+			static function () {
+				return false;
+			}
+		);
+
+		// phpcs:disable WordPress.WP.GlobalVariablesOverride.Prohibited
+		$GLOBALS['wp_actions']['login_init']           = 1;
+		$GLOBALS['wp_actions']['login_form_login']     = 1;
+		$GLOBALS['wp_filters']['login_link_separator'] = 1;
+		// phpcs:enable WordPress.WP.GlobalVariablesOverride.Prohibited
+
+		ob_start();
+
+		$subject->add_captcha();
+
+		self::assertSame( $expected, ob_get_clean() );
+	}
+
 	/**
 	 * Test verify().
 	 */
@@ -86,6 +212,50 @@ public function test_verify() {
 
 		$this->prepare_hcaptcha_get_verify_message_html( 'hcaptcha_login_nonce', 'hcaptcha_login' );
 
+		$_POST['log'] = 'some login';
+		$_POST['pwd'] = 'some password';
+
+		// phpcs:disable WordPress.WP.GlobalVariablesOverride.Prohibited
+		$GLOBALS['wp_actions']['login_init']           = 1;
+		$GLOBALS['wp_actions']['login_form_login']     = 1;
+		$GLOBALS['wp_filters']['login_link_separator'] = 1;
+		// phpcs:enable WordPress.WP.GlobalVariablesOverride.Prohibited
+
+		$subject = new Login();
+
+		self::assertEquals( $user, $subject->verify( $user, '' ) );
+	}
+
+	/**
+	 * Test verify() when nto WP login form.
+	 */
+	public function test_verify_when_NOT_wp_login_form() {
+		$user = new WP_User( 1 );
+
+		$subject = new Login();
+
+		self::assertEquals( $user, $subject->verify( $user, '' ) );
+	}
+
+	/**
+	 * Test verify() when login limit is not exceeded.
+	 */
+	public function test_verify_NOT_limit_exceeded() {
+		$user = new WP_User( 1 );
+
+		$this->prepare_hcaptcha_get_verify_message_html( 'hcaptcha_login_nonce', 'hcaptcha_login' );
+		update_option( 'hcaptcha_settings', [ 'login_limit' => 5 ] );
+		hcaptcha()->init_hooks();
+
+		$_POST['log'] = 'some login';
+		$_POST['pwd'] = 'some password';
+
+		// phpcs:disable WordPress.WP.GlobalVariablesOverride.Prohibited
+		$GLOBALS['wp_actions']['login_init']           = 1;
+		$GLOBALS['wp_actions']['login_form_login']     = 1;
+		$GLOBALS['wp_filters']['login_link_separator'] = 1;
+		// phpcs:enable WordPress.WP.GlobalVariablesOverride.Prohibited
+
 		$subject = new Login();
 
 		self::assertEquals( $user, $subject->verify( $user, '' ) );