Mercurial > hg > cmmr2012-drupal-site

annotate core/modules/media/tests/src/FunctionalJavascript/MediaSourceOEmbedVideoTest.php @ 5:12f9dff5fda9 tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to Drupal core 8.7.1
author Chris Cannam
date Thu, 09 May 2019 15:34:47 +0100
parents a9cd425dd02b
children
rev   line source
Chris@4 1 <?php
Chris@4 2
Chris@4 3 namespace Drupal\Tests\media\FunctionalJavascript;
Chris@4 4
Chris@4 5 use Drupal\Core\Session\AccountInterface;
Chris@4 6 use Drupal\media\Entity\Media;
Chris@4 7 use Drupal\media_test_oembed\Controller\ResourceController;
Chris@4 8 use Drupal\Tests\media\Traits\OEmbedTestTrait;
Chris@4 9 use Drupal\user\Entity\Role;
Chris@4 10 use Symfony\Component\DependencyInjection\ContainerInterface;
Chris@4 11
Chris@4 12 /**
Chris@4 13 * Tests the oembed:video media source.
Chris@4 14 *
Chris@4 15 * @group media
Chris@4 16 */
Chris@4 17 class MediaSourceOEmbedVideoTest extends MediaSourceTestBase {
Chris@4 18
Chris@4 19 /**
Chris@4 20 * {@inheritdoc}
Chris@4 21 */
Chris@4 22 public static $modules = ['media_test_oembed'];
Chris@4 23
Chris@4 24 use OEmbedTestTrait;
Chris@4 25
Chris@4 26 /**
Chris@4 27 * {@inheritdoc}
Chris@4 28 */
Chris@4 29 protected function setUp() {
Chris@4 30 parent::setUp();
Chris@4 31 $this->lockHttpClientToFixtures();
Chris@4 32 }
Chris@4 33
Chris@4 34 /**
Chris@4 35 * {@inheritdoc}
Chris@4 36 */
Chris@4 37 protected function initConfig(ContainerInterface $container) {
Chris@4 38 parent::initConfig($container);
Chris@4 39
Chris@4 40 // Enable twig debugging to make testing template usage easy.
Chris@4 41 $parameters = $container->getParameter('twig.config');
Chris@4 42 $parameters['debug'] = TRUE;
Chris@4 43 $this->setContainerParameter('twig.config', $parameters);
Chris@4 44 }
Chris@4 45
Chris@4 46 /**
Chris@4 47 * Tests the oembed media source.
Chris@4 48 */
Chris@4 49 public function testMediaOEmbedVideoSource() {
Chris@4 50 $media_type_id = 'test_media_oembed_type';
Chris@4 51 $provided_fields = [
Chris@4 52 'type',
Chris@4 53 'title',
Chris@4 54 'default_name',
Chris@4 55 'author_name',
Chris@4 56 'author_url',
Chris@4 57 'provider_name',
Chris@4 58 'provider_url',
Chris@4 59 'cache_age',
Chris@4 60 'thumbnail_uri',
Chris@4 61 'thumbnail_width',
Chris@4 62 'thumbnail_height',
Chris@4 63 'url',
Chris@4 64 'width',
Chris@4 65 'height',
Chris@4 66 'html',
Chris@4 67 ];
Chris@4 68
Chris@4 69 $session = $this->getSession();
Chris@4 70 $page = $session->getPage();
Chris@4 71 $assert_session = $this->assertSession();
Chris@4 72
Chris@4 73 $this->doTestCreateMediaType($media_type_id, 'oembed:video', $provided_fields);
Chris@4 74
Chris@4 75 // Create custom fields for the media type to store metadata attributes.
Chris@4 76 $fields = [
Chris@4 77 'field_string_width' => 'string',
Chris@4 78 'field_string_height' => 'string',
Chris@4 79 'field_string_author_name' => 'string',
Chris@4 80 ];
Chris@4 81 $this->createMediaTypeFields($fields, $media_type_id);
Chris@4 82
Chris@4 83 // Hide the name field widget to test default name generation.
Chris@4 84 $this->hideMediaTypeFieldWidget('name', $media_type_id);
Chris@4 85
Chris@4 86 $this->drupalGet("admin/structure/media/manage/$media_type_id");
Chris@4 87 // Only accept Vimeo videos.
Chris@4 88 $page->checkField("source_configuration[providers][Vimeo]");
Chris@4 89 $assert_session->selectExists('field_map[width]')->setValue('field_string_width');
Chris@4 90 $assert_session->selectExists('field_map[height]')->setValue('field_string_height');
Chris@4 91 $assert_session->selectExists('field_map[author_name]')->setValue('field_string_author_name');
Chris@4 92 $assert_session->buttonExists('Save')->press();
Chris@4 93
Chris@5 94 // Configure the iframe to be narrower than the actual video, so we can
Chris@5 95 // verify that the video scales correctly.
Chris@5 96 $display = entity_get_display('media', $media_type_id, 'default');
Chris@5 97 $this->assertFalse($display->isNew());
Chris@5 98 $component = $display->getComponent('field_media_oembed_video');
Chris@5 99 $this->assertInternalType('array', $component);
Chris@5 100 $component['settings']['max_width'] = 240;
Chris@5 101 $display->setComponent('field_media_oembed_video', $component);
Chris@5 102 $this->assertSame(SAVED_UPDATED, $display->save());
Chris@5 103
Chris@4 104 $this->hijackProviderEndpoints();
Chris@4 105 $video_url = 'https://vimeo.com/7073899';
Chris@4 106 ResourceController::setResourceUrl($video_url, $this->getFixturesDirectory() . '/video_vimeo.json');
Chris@4 107
Chris@4 108 // Create a media item.
Chris@4 109 $this->drupalGet("media/add/$media_type_id");
Chris@4 110 $assert_session->fieldExists('Remote video URL')->setValue($video_url);
Chris@4 111 $assert_session->buttonExists('Save')->press();
Chris@4 112
Chris@4 113 $assert_session->addressEquals('admin/content/media');
Chris@4 114
Chris@4 115 // Get the media entity view URL from the creation message.
Chris@4 116 $this->drupalGet($this->assertLinkToCreatedMedia());
Chris@4 117
Chris@4 118 /** @var \Drupal\media\MediaInterface $media */
Chris@4 119 $media = Media::load(1);
Chris@4 120
Chris@4 121 // The thumbnail should have been downloaded.
Chris@4 122 $thumbnail = $media->getSource()->getMetadata($media, 'thumbnail_uri');
Chris@4 123 $this->assertFileExists($thumbnail);
Chris@4 124
Chris@5 125 // Ensure the iframe exists and has the expected CSS class, and that its src
Chris@5 126 // attribute contains a coherent URL with the query parameters we expect.
Chris@5 127 $iframe = $assert_session->elementExists('css', 'iframe.media-oembed-content');
Chris@5 128 $iframe_url = parse_url($iframe->getAttribute('src'));
Chris@4 129 $this->assertStringEndsWith('/media/oembed', $iframe_url['path']);
Chris@4 130 $this->assertNotEmpty($iframe_url['query']);
Chris@4 131 $query = [];
Chris@4 132 parse_str($iframe_url['query'], $query);
Chris@4 133 $this->assertSame($video_url, $query['url']);
Chris@4 134 $this->assertNotEmpty($query['hash']);
Chris@5 135 // Ensure that the outer iframe's width respects the formatter settings.
Chris@5 136 $this->assertSame('240', $iframe->getAttribute('width'));
Chris@5 137 // Check the inner iframe to make sure that CSS has been applied to scale it
Chris@5 138 // correctly, regardless of whatever its width attribute may be (the fixture
Chris@5 139 // hard-codes it to 480).
Chris@5 140 $inner_frame = 'frames[0].document.querySelector("iframe")';
Chris@5 141 $this->assertSame('480', $session->evaluateScript("$inner_frame.getAttribute('width')"));
Chris@5 142 $this->assertLessThanOrEqual(240, $session->evaluateScript("$inner_frame.clientWidth"));
Chris@4 143
Chris@4 144 // Make sure the thumbnail is displayed from uploaded image.
Chris@4 145 $assert_session->elementAttributeContains('css', '.image-style-thumbnail', 'src', '/oembed_thumbnails/' . basename($thumbnail));
Chris@4 146
Chris@4 147 // Load the media and check that all fields are properly populated.
Chris@4 148 $media = Media::load(1);
Chris@4 149 $this->assertSame('Drupal Rap Video - Schipulcon09', $media->getName());
Chris@4 150 $this->assertSame('480', $media->field_string_width->value);
Chris@4 151 $this->assertSame('360', $media->field_string_height->value);
Chris@4 152
Chris@4 153 // Try to create a media asset from a disallowed provider.
Chris@4 154 $this->drupalGet("media/add/$media_type_id");
Chris@4 155 $assert_session->fieldExists('Remote video URL')->setValue('http://www.collegehumor.com/video/40003213/grant-and-katie-are-starting-their-own-company');
Chris@4 156 $page->pressButton('Save');
Chris@4 157
Chris@4 158 $assert_session->pageTextContains('The CollegeHumor provider is not allowed.');
Chris@4 159
Chris@4 160 // Test anonymous access to media via iframe.
Chris@4 161 $this->drupalLogout();
Chris@4 162
Chris@4 163 // Without a hash should be denied.
Chris@4 164 $no_hash_query = array_diff_key($query, ['hash' => '']);
Chris@4 165 $this->drupalGet('media/oembed', ['query' => $no_hash_query]);
Chris@4 166 $assert_session->pageTextNotContains('By the power of Greyskull, Vimeo works!');
Chris@4 167 $assert_session->pageTextContains('Access denied');
Chris@4 168
Chris@4 169 // A correct query should be allowed because the anonymous role has the
Chris@4 170 // 'view media' permission.
Chris@4 171 $this->drupalGet('media/oembed', ['query' => $query]);
Chris@4 172 $assert_session->pageTextContains('By the power of Greyskull, Vimeo works!');
Chris@4 173 $this->assertRaw('core/themes/stable/templates/content/media-oembed-iframe.html.twig');
Chris@4 174 $this->assertNoRaw('core/modules/media/templates/media-oembed-iframe.html.twig');
Chris@4 175
Chris@4 176 // Test themes not inheriting from stable.
Chris@4 177 \Drupal::service('theme_handler')->install(['stark']);
Chris@4 178 $this->config('system.theme')->set('default', 'stark')->save();
Chris@4 179 $this->drupalGet('media/oembed', ['query' => $query]);
Chris@4 180 $assert_session->pageTextContains('By the power of Greyskull, Vimeo works!');
Chris@4 181 $this->assertNoRaw('core/themes/stable/templates/content/media-oembed-iframe.html.twig');
Chris@4 182 $this->assertRaw('core/modules/media/templates/media-oembed-iframe.html.twig');
Chris@4 183
Chris@4 184 // Remove the 'view media' permission to test that this restricts access.
Chris@4 185 $role = Role::load(AccountInterface::ANONYMOUS_ROLE);
Chris@4 186 $role->revokePermission('view media');
Chris@4 187 $role->save();
Chris@4 188 $this->drupalGet('media/oembed', ['query' => $query]);
Chris@4 189 $assert_session->pageTextNotContains('By the power of Greyskull, Vimeo works!');
Chris@4 190 $assert_session->pageTextContains('Access denied');
Chris@4 191 }
Chris@4 192
Chris@4 193 /**
Chris@4 194 * Test that a security warning appears if iFrame domain is not set.
Chris@4 195 */
Chris@4 196 public function testOEmbedSecurityWarning() {
Chris@4 197 $media_type_id = 'test_media_oembed_type';
Chris@4 198 $source_id = 'oembed:video';
Chris@4 199
Chris@4 200 $session = $this->getSession();
Chris@4 201 $page = $session->getPage();
Chris@4 202 $assert_session = $this->assertSession();
Chris@4 203
Chris@4 204 $this->drupalGet('admin/structure/media/add');
Chris@4 205 $page->fillField('label', $media_type_id);
Chris@4 206 $this->getSession()
Chris@4 207 ->wait(5000, "jQuery('.machine-name-value').text() === '{$media_type_id}'");
Chris@4 208
Chris@4 209 // Make sure the source is available.
Chris@4 210 $assert_session->fieldExists('Media source');
Chris@4 211 $assert_session->optionExists('Media source', $source_id);
Chris@4 212 $page->selectFieldOption('Media source', $source_id);
Chris@4 213 $result = $assert_session->waitForElementVisible('css', 'fieldset[data-drupal-selector="edit-source-configuration"]');
Chris@4 214 $this->assertNotEmpty($result);
Chris@4 215
Chris@4 216 $assert_session->pageTextContains('It is potentially insecure to display oEmbed content in a frame');
Chris@4 217
Chris@4 218 $this->config('media.settings')->set('iframe_domain', 'http://example.com')->save();
Chris@4 219
Chris@4 220 $this->drupalGet('admin/structure/media/add');
Chris@4 221 $page->fillField('label', $media_type_id);
Chris@4 222 $this->getSession()
Chris@4 223 ->wait(5000, "jQuery('.machine-name-value').text() === '{$media_type_id}'");
Chris@4 224
Chris@4 225 // Make sure the source is available.
Chris@4 226 $assert_session->fieldExists('Media source');
Chris@4 227 $assert_session->optionExists('Media source', $source_id);
Chris@4 228 $page->selectFieldOption('Media source', $source_id);
Chris@4 229 $result = $assert_session->waitForElementVisible('css', 'fieldset[data-drupal-selector="edit-source-configuration"]');
Chris@4 230 $this->assertNotEmpty($result);
Chris@4 231
Chris@4 232 $assert_session->pageTextNotContains('It is potentially insecure to display oEmbed content in a frame');
Chris@4 233 }
Chris@4 234
Chris@4 235 }