Chris@0
|
1 <?php
|
Chris@0
|
2
|
Chris@0
|
3 namespace Drupal\simpletest\Tests;
|
Chris@0
|
4
|
Chris@0
|
5 use Drupal\Core\Url;
|
Chris@0
|
6 use Drupal\simpletest\WebTestBase;
|
Chris@0
|
7
|
Chris@0
|
8 /**
|
Chris@18
|
9 * Tests the WebTestBase internal browser.
|
Chris@0
|
10 *
|
Chris@0
|
11 * @group simpletest
|
Chris@18
|
12 * @group WebTestBase
|
Chris@0
|
13 */
|
Chris@0
|
14 class SimpleTestBrowserTest extends WebTestBase {
|
Chris@0
|
15
|
Chris@0
|
16 /**
|
Chris@0
|
17 * Modules to enable.
|
Chris@0
|
18 *
|
Chris@0
|
19 * @var array
|
Chris@0
|
20 */
|
Chris@0
|
21 public static $modules = ['simpletest', 'test_page_test'];
|
Chris@0
|
22
|
Chris@0
|
23 protected function setUp() {
|
Chris@0
|
24 parent::setUp();
|
Chris@0
|
25 // Create and log in an admin user.
|
Chris@0
|
26 $this->drupalLogin($this->drupalCreateUser(['administer unit tests']));
|
Chris@0
|
27 }
|
Chris@0
|
28
|
Chris@0
|
29 /**
|
Chris@0
|
30 * Test the internal browsers functionality.
|
Chris@0
|
31 */
|
Chris@0
|
32 public function testInternalBrowser() {
|
Chris@0
|
33 // Retrieve the test page and check its title and headers.
|
Chris@0
|
34 $this->drupalGet('test-page');
|
Chris@0
|
35 $this->assertTrue($this->drupalGetHeader('Date'), 'An HTTP header was received.');
|
Chris@0
|
36 $this->assertTitle(t('Test page | @site-name', [
|
Chris@0
|
37 '@site-name' => $this->config('system.site')->get('name'),
|
Chris@0
|
38 ]));
|
Chris@0
|
39 $this->assertNoTitle('Foo');
|
Chris@0
|
40
|
Chris@0
|
41 $old_user_id = $this->container->get('current_user')->id();
|
Chris@0
|
42 $user = $this->drupalCreateUser();
|
Chris@0
|
43 $this->drupalLogin($user);
|
Chris@0
|
44 // Check that current user service updated.
|
Chris@0
|
45 $this->assertNotEqual($old_user_id, $this->container->get('current_user')->id(), 'Current user service updated.');
|
Chris@0
|
46 $headers = $this->drupalGetHeaders(TRUE);
|
Chris@0
|
47 $this->assertEqual(count($headers), 2, 'There was one intermediate request.');
|
Chris@0
|
48 $this->assertTrue(strpos($headers[0][':status'], '303') !== FALSE, 'Intermediate response code was 303.');
|
Chris@0
|
49 $this->assertFalse(empty($headers[0]['location']), 'Intermediate request contained a Location header.');
|
Chris@0
|
50 $this->assertEqual($this->getUrl(), $headers[0]['location'], 'HTTP redirect was followed');
|
Chris@0
|
51 $this->assertFalse($this->drupalGetHeader('Location'), 'Headers from intermediate request were reset.');
|
Chris@0
|
52 $this->assertResponse(200, 'Response code from intermediate request was reset.');
|
Chris@0
|
53
|
Chris@0
|
54 $this->drupalLogout();
|
Chris@0
|
55 // Check that current user service updated to anonymous user.
|
Chris@0
|
56 $this->assertEqual(0, $this->container->get('current_user')->id(), 'Current user service updated.');
|
Chris@0
|
57
|
Chris@0
|
58 // Test the maximum redirection option.
|
Chris@0
|
59 $this->maximumRedirects = 1;
|
Chris@0
|
60 $edit = [
|
Chris@18
|
61 'name' => $user->getAccountName(),
|
Chris@17
|
62 'pass' => $user->pass_raw,
|
Chris@0
|
63 ];
|
Chris@0
|
64 $this->drupalPostForm('user/login', $edit, t('Log in'), [
|
Chris@0
|
65 'query' => ['destination' => 'user/logout'],
|
Chris@0
|
66 ]);
|
Chris@0
|
67 $headers = $this->drupalGetHeaders(TRUE);
|
Chris@0
|
68 $this->assertEqual(count($headers), 2, 'Simpletest stopped following redirects after the first one.');
|
Chris@0
|
69
|
Chris@0
|
70 // Remove the Simpletest private key file so we can test the protection
|
Chris@0
|
71 // against requests that forge a valid testing user agent to gain access
|
Chris@0
|
72 // to the installer.
|
Chris@0
|
73 // @see drupal_valid_test_ua()
|
Chris@0
|
74 // Not using File API; a potential error must trigger a PHP warning.
|
Chris@0
|
75 unlink($this->siteDirectory . '/.htkey');
|
Chris@0
|
76 $this->drupalGet(Url::fromUri('base:core/install.php', ['external' => TRUE, 'absolute' => TRUE])->toString());
|
Chris@0
|
77 $this->assertResponse(403, 'Cannot access install.php.');
|
Chris@0
|
78 }
|
Chris@0
|
79
|
Chris@0
|
80 /**
|
Chris@0
|
81 * Test validation of the User-Agent header we use to perform test requests.
|
Chris@0
|
82 */
|
Chris@0
|
83 public function testUserAgentValidation() {
|
Chris@0
|
84 global $base_url;
|
Chris@0
|
85
|
Chris@0
|
86 // Logout the user which was logged in during test-setup.
|
Chris@0
|
87 $this->drupalLogout();
|
Chris@0
|
88
|
Chris@0
|
89 $system_path = $base_url . '/' . drupal_get_path('module', 'system');
|
Chris@0
|
90 $http_path = $system_path . '/tests/http.php/user/login';
|
Chris@0
|
91 $https_path = $system_path . '/tests/https.php/user/login';
|
Chris@0
|
92 // Generate a valid simpletest User-Agent to pass validation.
|
Chris@0
|
93 $this->assertTrue(preg_match('/test\d+/', $this->databasePrefix, $matches), 'Database prefix contains test prefix.');
|
Chris@0
|
94 $test_ua = drupal_generate_test_ua($matches[0]);
|
Chris@0
|
95 $this->additionalCurlOptions = [CURLOPT_USERAGENT => $test_ua];
|
Chris@0
|
96
|
Chris@0
|
97 // Test pages only available for testing.
|
Chris@0
|
98 $this->drupalGet($http_path);
|
Chris@0
|
99 $this->assertResponse(200, 'Requesting http.php with a legitimate simpletest User-Agent returns OK.');
|
Chris@0
|
100 $this->drupalGet($https_path);
|
Chris@0
|
101 $this->assertResponse(200, 'Requesting https.php with a legitimate simpletest User-Agent returns OK.');
|
Chris@0
|
102
|
Chris@0
|
103 // Now slightly modify the HMAC on the header, which should not validate.
|
Chris@0
|
104 $this->additionalCurlOptions = [CURLOPT_USERAGENT => $test_ua . 'X'];
|
Chris@0
|
105 $this->drupalGet($http_path);
|
Chris@0
|
106 $this->assertResponse(403, 'Requesting http.php with a bad simpletest User-Agent fails.');
|
Chris@0
|
107 $this->drupalGet($https_path);
|
Chris@0
|
108 $this->assertResponse(403, 'Requesting https.php with a bad simpletest User-Agent fails.');
|
Chris@0
|
109
|
Chris@0
|
110 // Use a real User-Agent and verify that the special files http.php and
|
Chris@0
|
111 // https.php can't be accessed.
|
Chris@0
|
112 $this->additionalCurlOptions = [CURLOPT_USERAGENT => 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12'];
|
Chris@0
|
113 $this->drupalGet($http_path);
|
Chris@0
|
114 $this->assertResponse(403, 'Requesting http.php with a normal User-Agent fails.');
|
Chris@0
|
115 $this->drupalGet($https_path);
|
Chris@0
|
116 $this->assertResponse(403, 'Requesting https.php with a normal User-Agent fails.');
|
Chris@0
|
117 }
|
Chris@0
|
118
|
Chris@0
|
119 }
|