8 files changed, 130 insertions, 37 deletions

diff --git a/Gemfile.lock b/Gemfile.lock
index c3f994a51..81afea141 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -162,7 +162,7 @@ GEM
       rack (>= 0.4)
     rack-protection (1.5.0)
       rack
-    rack-ssl (1.3.3)
+    rack-ssl (1.3.4)
       rack
     rack-test (0.6.2)
       rack (>= 1.0)
diff --git a/app/assets/javascripts/application.js b/app/assets/javascripts/application.js
index d8aed6346..1b6c98535 100644
--- a/app/assets/javascripts/application.js
+++ b/app/assets/javascripts/application.js
@@ -1,6 +1,7 @@
 // ...
 //= require jquery
 //= require jquery.ui.datepicker
+//= require jquery.ui.position
 //= require jquery.cookie
 //= require general
 //= require ba-throttle-debounce
diff --git a/app/assets/javascripts/general.js b/app/assets/javascripts/general.js
index 529bbeb04..002eef760 100644
--- a/app/assets/javascripts/general.js
+++ b/app/assets/javascripts/general.js
@@ -27,8 +27,8 @@ $(document).ready(function() {
    return false;
    });
 
- // "link to this" widget
-     $('a.link_to_this').click(function() {
+  // "link to this" widget
+  $('a.link_to_this').click(function() {
     var box = $('div#link_box');
     var location = window.location.protocol + "//" + window.location.hostname + $(this).attr('href');
     box.width(location.length + " em");
@@ -36,12 +36,12 @@ $(document).ready(function() {
     box.show();
     box.find('input').select();
     box.position({
-      my:   "left top",
+      my: "right center",
       at: "left bottom",
       of:  this,
       collision: "fit" });
     return false;
-   });
+  });
 
      $('.close-button').click(function() { $(this).parent().hide() });
      $('div#variety-filter a').each(function() {
diff --git a/app/controllers/help_controller.rb b/app/controllers/help_controller.rb
index 9959df6d8..9033198a0 100644
--- a/app/controllers/help_controller.rb
+++ b/app/controllers/help_controller.rb
@@ -9,6 +9,7 @@ class HelpController < ApplicationController
     # we don't even have a control subroutine for most help pages, just see their templates
 
     before_filter :long_cache
+    before_filter :catch_spam, :only => [:contact]
 
     def unhappy
         @info_request = nil
@@ -69,4 +70,12 @@ class HelpController < ApplicationController
 
     end
 
+    private
+
+    def catch_spam
+        if request.post? && !params[:contact][:comment].empty?
+            redirect_to frontpage_url
+        end
+    end
+
 end
diff --git a/app/models/contact_validator.rb b/app/models/contact_validator.rb
index 65e539669..e9a6e491c 100644
--- a/app/models/contact_validator.rb
+++ b/app/models/contact_validator.rb
@@ -7,7 +7,7 @@
 class ContactValidator
     include ActiveModel::Validations
 
-    attr_accessor :name, :email, :subject, :message
+    attr_accessor :name, :email, :subject, :message, :comment
 
     validates_presence_of :name, :message => N_("Please enter your name")
     validates_presence_of :email, :message => N_("Please enter your email address")
diff --git a/app/views/help/contact.html.erb b/app/views/help/contact.html.erb
index ad89db9ec..e8a5fec8c 100644
--- a/app/views/help/contact.html.erb
+++ b/app/views/help/contact.html.erb
@@ -65,6 +65,11 @@
         <%= f.text_area :message, :rows => 10, :cols => 60 %>
     </p>
 
+    <p style="display:none;">
+        <%= f.label :comment, 'Do not fill in this field' %>
+        <%= f.text_field :comment %>
+    </p>
+
     <% if !@last_request.nil? %>
         <p>
             <label class="form_label" for="contact_message">Include link to request:</label>
diff --git a/spec/controllers/help_controller_spec.rb b/spec/controllers/help_controller_spec.rb
index cc024f840..f92323f50 100644
--- a/spec/controllers/help_controller_spec.rb
+++ b/spec/controllers/help_controller_spec.rb
@@ -1,48 +1,81 @@
 # -*- coding: utf-8 -*-
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
 
-describe HelpController, "when using help" do
+describe HelpController do
     render_views
 
-    it "shows the about page" do
-        get :about
-    end
+    describe :about do
 
-    it "shows contact form" do
-        get :contact
-    end
+        it 'shows the about page' do
+            get :about
+            response.should be_success
+            response.should render_template('help/about')
+        end
 
-    it "sends a contact message" do
-        post :contact, { :contact => {
-                :name => "Vinny Vanilli",
-                :email => "vinny@localhost",
-                :subject => "Why do I have such an ace name?",
-                :message => "You really should know!!!\n\nVinny",
-            }, :submitted_contact_form => 1
-        }
-        response.should redirect_to(:controller => 'general', :action => 'frontpage')
-
-        deliveries = ActionMailer::Base.deliveries
-        deliveries.size.should  == 1
-        deliveries[0].body.should include("really should know")
-        deliveries.clear
     end
 
-    describe 'when requesting a page in a supported locale ' do
+    describe 'GET contact' do
 
-        before do
-            # Prepend our fixture templates
-            fixture_theme_path = File.join(Rails.root, 'spec', 'fixtures', 'theme_views', 'theme_one')
-            controller.prepend_view_path fixture_theme_path
+        it 'shows contact form' do
+            get :contact
+            response.should be_success
+            response.should render_template('help/contact')
         end
 
-        it 'should render the locale-specific template if available' do
-            get :contact, {:locale => 'es'}
-            response.body.should match('contáctenos theme one')
+        describe 'when requesting a page in a supported locale' do
+
+            before do
+                # Prepend our fixture templates
+                fixture_theme_path = File.join(Rails.root, 'spec', 'fixtures', 'theme_views', 'theme_one')
+                controller.prepend_view_path fixture_theme_path
+            end
+
+            it 'should render the locale-specific template if available' do
+                get :contact, {:locale => 'es'}
+                response.body.should match('contáctenos theme one')
+            end
+
         end
 
     end
 
+    describe 'POST contact' do
+
+        it 'sends a contact message' do
+            post :contact, { :contact => {
+                    :name => 'Vinny Vanilli',
+                    :email => 'vinny@localhost',
+                    :subject => 'Why do I have such an ace name?',
+                    :comment => '',
+                    :message => "You really should know!!!\n\nVinny",
+                }, :submitted_contact_form => 1
+            }
+            response.should redirect_to(frontpage_path)
+
+            deliveries = ActionMailer::Base.deliveries
+            deliveries.size.should == 1
+            deliveries[0].body.should include('really should know')
+            deliveries.clear
+        end
+
+        it 'has rudimentary spam protection' do
+            post :contact, { :contact => {
+                    :name => 'Vinny Vanilli',
+                    :email => 'vinny@localhost',
+                    :subject => 'Why do I have such an ace name?',
+                    :comment => 'I AM A SPAMBOT',
+                    :message => "You really should know!!!\n\nVinny",
+                }, :submitted_contact_form => 1
+            }
+
+            response.should redirect_to(frontpage_path)
+
+            deliveries = ActionMailer::Base.deliveries
+            deliveries.size.should == 0
+            deliveries.clear
+        end
+
+    end
 
 end
 
diff --git a/spec/models/contact_validator_spec.rb b/spec/models/contact_validator_spec.rb
index 9ea0fac49..0f5403967 100644
--- a/spec/models/contact_validator_spec.rb
+++ b/spec/models/contact_validator_spec.rb
@@ -1,8 +1,53 @@
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
 
-describe ContactValidator, " when blah" do
-    before do
+describe ContactValidator do
+
+    describe :new do
+
+        let(:valid_params) do
+            { :name => "Vinny Vanilli",
+              :email => "vinny@localhost",
+              :subject => "Why do I have such an ace name?",
+              :message => "You really should know!!!\n\nVinny" }
+        end
+
+        it 'validates specified attributes' do
+            ContactValidator.new(valid_params).should be_valid
+        end
+
+        it 'validates name is present' do
+            valid_params.except!(:name)
+            validator = ContactValidator.new(valid_params)
+            expect(validator).to have(1).error_on(:name)
+        end
+
+        it 'validates email is present' do
+            valid_params.except!(:email)
+            validator = ContactValidator.new(valid_params)
+            # We have 2 errors on email because of the format validator
+            expect(validator).to have(2).errors_on(:email)
+        end
+
+        it 'validates email format' do
+            valid_params.merge!({:email => 'not-an-email'})
+            validator = ContactValidator.new(valid_params)
+            expect(validator.errors_on(:email)).to include("Email doesn't look like a valid address")
+        end
+
+        it 'validates subject is present' do
+            valid_params.except!(:subject)
+            validator = ContactValidator.new(valid_params)
+            expect(validator).to have(1).error_on(:subject)
+        end
+
+        it 'validates message is present' do
+            valid_params.except!(:message)
+            validator = ContactValidator.new(valid_params)
+            expect(validator).to have(1).error_on(:message)
+        end
+
     end
+
 end