enforce access-question on anonymous page edits #596
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
enforce access-question on anonymous page edits
This commit causes an access-question form field to appear on the edit page
for anonymous (logged out) users when require-authentication = none and
the access-question variables are non-empty. If the field is present,
and if the wrong answer is provided by the user, then the user is
returned to the edit page with an error message "Access code is
invalid.".
This new form field behaves in the same way as the access-question form
field on the unauthenticated registration page.
I tested the following cases using the following settings:
...and again with the following settings:
Look carefully, at the diff, I've never written a line of haskell before this!
Resolves #595