19.0 vanilla

odoo-bringout-oca-ocb-google_recaptcha/google_recaptcha/models/ir_http.py

@@ -6,11 +6,12 @@ import requests
 from odoo import api, models, _
 from odoo.http import request
 from odoo.exceptions import UserError, ValidationError
+from odoo.tools.misc import str2bool
 
 logger = logging.getLogger(__name__)
 
 
-class Http(models.AbstractModel):
+class IrHttp(models.AbstractModel):
     _inherit = 'ir.http'
 
     def session_info(self):
@@ -25,8 +26,10 @@ class Http(models.AbstractModel):
     @api.model
     def _add_public_key_to_session_info(self, session_info):
         """Add the ReCaptcha public key to the given session_info object"""
-        public_key = self.env['ir.config_parameter'].sudo().get_param('recaptcha_public_key')
-        if public_key:
+        config_params = self.env['ir.config_parameter'].sudo()
+        recaptcha_enabled = str2bool(config_params.get_param('enable_recaptcha', default=True))
+        public_key = config_params.get_param('recaptcha_public_key')
+        if public_key and recaptcha_enabled:
             session_info['recaptcha_public_key'] = public_key
         return session_info
 
@@ -36,11 +39,16 @@ class Http(models.AbstractModel):
             If no recaptcha private key is set the recaptcha verification
             is considered inactive and this method will return True.
         """
+        super()._verify_request_recaptcha_token(action)
+        config_params = request.env['ir.config_parameter'].sudo()
+        recaptcha_enabled = str2bool(config_params.get_param('enable_recaptcha', default=True))
+        if not recaptcha_enabled:
+            return
         ip_addr = request.httprequest.remote_addr
         token = request.params.pop('recaptcha_token_response', False)
         recaptcha_result = request.env['ir.http']._verify_recaptcha_token(ip_addr, token, action)
         if recaptcha_result in ['is_human', 'no_secret']:
-            return True
+            return
         if recaptcha_result == 'wrong_secret':
             raise ValidationError(_("The reCaptcha private key is invalid."))
         elif recaptcha_result == 'wrong_token':
@@ -50,7 +58,7 @@ class Http(models.AbstractModel):
         elif recaptcha_result == 'bad_request':
             raise UserError(_("The request is invalid or malformed."))
         else:
-            return False
+            raise UserError(_("Suspicious activity detected by google reCAPTCHA."))
 
     @api.model
     def _verify_recaptcha_token(self, ip_addr, token, action=False):

odoo-bringout-oca-ocb-google_recaptcha/google_recaptcha/models/res_config_settings.py

@@ -1,11 +1,13 @@
 # -*- coding: utf-8 -*-
 # Part of Odoo. See LICENSE file for full copyright and licensing details.
-from odoo import fields, models
+from odoo import api, fields, models
+from odoo.tools.misc import str2bool
 
 
 class ResConfigSettings(models.TransientModel):
     _inherit = 'res.config.settings'
 
+    enable_recaptcha = fields.Boolean("Enable reCAPTCHA", config_parameter='enable_recaptcha', groups='base.group_system')
     recaptcha_public_key = fields.Char("Site Key", config_parameter='recaptcha_public_key', groups='base.group_system')
     recaptcha_private_key = fields.Char("Secret Key", config_parameter='recaptcha_private_key', groups='base.group_system')
     recaptcha_min_score = fields.Float(
@@ -15,3 +17,15 @@ class ResConfigSettings(models.TransientModel):
         default="0.7",
         help="By default, should be one of 0.1, 0.3, 0.7, 0.9.\n1.0 is very likely a good interaction, 0.0 is very likely a bot"
     )
+
+    @api.model
+    def get_values(self):
+        res = super().get_values()
+        icp = self.env['ir.config_parameter'].sudo()
+        res['enable_recaptcha'] = str2bool(icp.get_param('enable_recaptcha', default=True))
+        return res
+
+    def set_values(self):
+        super().set_values()
+        icp = self.env['ir.config_parameter'].sudo()
+        icp.set_param("enable_recaptcha", str(self.enable_recaptcha))