Fixes #5682 az_spam_prevention module with preconfigured captcha defaults

[tadean]

Description

This PR introduces a new module az_spam_prevention, which contains preconfigured captcha defaults and a hook that adds captcha placements to all webforms.

This is done because the composition of webform's base form IDs do not allow a single captcha point to cover all webforms.

Release notes

An experimental module, `az_spam_prevention` has been added which contains pre-configured defaults for form captchas. It will add a captcha placement to all webforms when enabled. 

Related issues

#5682

How to test

• Install site
• drush en webform
• create a webform, or use the built-in contact form that comes with webform
• enable az_spam_prevention
• view the webform as an admin user, verify a captcha is not shown
• view the webform as an anonymous user, verify that the captcha is shown
• verify that the captcha blocks submissions if the captcha is incorrect
• Add a captcha element to the webform (via the webform elements) and verify that still only one captcha is shown.
• Enable contact module, create a (non-webform) contact form category, and verify that the captcha is placed on the form via the captcha point that is part of this PR

Types of changes

Arizona Quickstart (install profile, custom modules, custom theme)

• Patch release changes
  • Bug fix
  • Accessibility, performance, or security improvement
  • Critical institutional link or brand change
  • Adding experimental module
  • Update experimental module
• Minor release changes
  • New feature
  • Breaking or visual change to existing behavior
  • Upgrade experimental module to stable
  • Enable existing module by default or database update
  • Non-critical brand change
  • New internal API or API improvement with backwards compatibility
  • Risky or disruptive cleanup to comply with coding standards
  • High-risk or disruptive change (requires upgrade path, risks regression, etc.)
• Other or unknown
  • Other or unknown

Drupal core

• Patch release changes
  • Security update
  • Patch level release (non-security bug-fix release)
  • Patch removal that's no longer necessary
• Minor release changes
  • Major or minor level update
• Other or unknown
  • Other or unknown

Drupal contrib projects

• Patch release changes
  • Security update
  • Patch or minor level update
  • Add new module
  • Patch removal that's no longer necessary
• Minor release changes
  • Major level update
• Other or unknown
  • Other or unknown

Checklist

• My code follows the code style of this project.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have read the CONTRIBUTING document.
• I have added tests to cover my changes.
• All new and existing tests passed.
• My change requires release notes.

[tadean]

• Discuss captcha defaults
• Determine whether to backport
• Fix issue where captcha is sometimes placed after submit button
• Determine if we should give some roles the skip captcha permission (or if seeing the captcha is useful for them)

[tadean]

Known issue with this PR so far, in some cases the captcha can appear after the submit button. I think it would be good to resolve that before merging.

[tadean]

• Added captcha point for core contact form.
• Added a check for existing captcha elements
• Gave authenticated user skip captcha permission

[tadean]

Added workaround to place captcha correctly, because _captcha_get_captcha_placement() doesn't fully understand how webforms actions work.

[az-digital-bot]

Tugboat has finished building the preview for this pull request!

Link:

• https://pr5684-baefqtxmntydh7cfdbzc3tijtygznuwh.tugboatqa.com

Dashboard:

• https://dashboard.tugboatqa.com/6a2c2691e73ea4de46662695