Mercurial > hg > isophonics-drupal-site
comparison core/modules/system/src/Tests/System/AccessDeniedTest.php @ 0:4c8ae668cc8c
Initial import (non-working)
| author | Chris Cannam |
|---|---|
| date | Wed, 29 Nov 2017 16:09:58 +0000 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| -1:000000000000 | 0:4c8ae668cc8c |
|---|---|
| 1 <?php | |
| 2 | |
| 3 namespace Drupal\system\Tests\System; | |
| 4 | |
| 5 use Drupal\Component\Utility\SafeMarkup; | |
| 6 use Drupal\simpletest\WebTestBase; | |
| 7 use Drupal\user\RoleInterface; | |
| 8 | |
| 9 /** | |
| 10 * Tests page access denied functionality, including custom 403 pages. | |
| 11 * | |
| 12 * @group system | |
| 13 */ | |
| 14 class AccessDeniedTest extends WebTestBase { | |
| 15 | |
| 16 /** | |
| 17 * Modules to enable. | |
| 18 * | |
| 19 * @var array | |
| 20 */ | |
| 21 public static $modules = ['block', 'node', 'system_test']; | |
| 22 | |
| 23 protected $adminUser; | |
| 24 | |
| 25 protected function setUp() { | |
| 26 parent::setUp(); | |
| 27 | |
| 28 $this->drupalPlaceBlock('page_title_block'); | |
| 29 | |
| 30 // Create an administrative user. | |
| 31 $this->adminUser = $this->drupalCreateUser(['access administration pages', 'administer site configuration', 'link to any page', 'administer blocks']); | |
| 32 $this->adminUser->roles[] = 'administrator'; | |
| 33 $this->adminUser->save(); | |
| 34 | |
| 35 user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, ['access user profiles']); | |
| 36 user_role_grant_permissions(RoleInterface::AUTHENTICATED_ID, ['access user profiles']); | |
| 37 } | |
| 38 | |
| 39 public function testAccessDenied() { | |
| 40 $this->drupalGet('admin'); | |
| 41 $this->assertText(t('Access denied'), 'Found the default 403 page'); | |
| 42 $this->assertResponse(403); | |
| 43 | |
| 44 // Ensure that users without permission are denied access and have the | |
| 45 // correct path information in drupalSettings. | |
| 46 $this->drupalLogin($this->createUser([])); | |
| 47 $this->drupalGet('admin', ['query' => ['foo' => 'bar']]); | |
| 48 $this->assertEqual($this->drupalSettings['path']['currentPath'], 'admin'); | |
| 49 $this->assertEqual($this->drupalSettings['path']['currentPathIsAdmin'], TRUE); | |
| 50 $this->assertEqual($this->drupalSettings['path']['currentQuery'], ['foo' => 'bar']); | |
| 51 | |
| 52 $this->drupalLogin($this->adminUser); | |
| 53 | |
| 54 // Set a custom 404 page without a starting slash. | |
| 55 $edit = [ | |
| 56 'site_403' => 'user/' . $this->adminUser->id(), | |
| 57 ]; | |
| 58 $this->drupalPostForm('admin/config/system/site-information', $edit, t('Save configuration')); | |
| 59 $this->assertRaw(SafeMarkup::format("The path '%path' has to start with a slash.", ['%path' => $edit['site_403']])); | |
| 60 | |
| 61 // Use a custom 403 page. | |
| 62 $edit = [ | |
| 63 'site_403' => '/user/' . $this->adminUser->id(), | |
| 64 ]; | |
| 65 $this->drupalPostForm('admin/config/system/site-information', $edit, t('Save configuration')); | |
| 66 | |
| 67 // Enable the user login block. | |
| 68 $block = $this->drupalPlaceBlock('user_login_block', ['id' => 'login']); | |
| 69 | |
| 70 // Log out and check that the user login block is shown on custom 403 pages. | |
| 71 $this->drupalLogout(); | |
| 72 $this->drupalGet('admin'); | |
| 73 $this->assertText($this->adminUser->getUsername(), 'Found the custom 403 page'); | |
| 74 $this->assertText(t('Username'), 'Blocks are shown on the custom 403 page'); | |
| 75 | |
| 76 // Log back in and remove the custom 403 page. | |
| 77 $this->drupalLogin($this->adminUser); | |
| 78 $edit = [ | |
| 79 'site_403' => '', | |
| 80 ]; | |
| 81 $this->drupalPostForm('admin/config/system/site-information', $edit, t('Save configuration')); | |
| 82 | |
| 83 // Logout and check that the user login block is shown on default 403 pages. | |
| 84 $this->drupalLogout(); | |
| 85 $this->drupalGet('admin'); | |
| 86 $this->assertText(t('Access denied'), 'Found the default 403 page'); | |
| 87 $this->assertResponse(403); | |
| 88 $this->assertText(t('Username'), 'Blocks are shown on the default 403 page'); | |
| 89 | |
| 90 // Log back in, set the custom 403 page to /user/login and remove the block | |
| 91 $this->drupalLogin($this->adminUser); | |
| 92 $this->config('system.site')->set('page.403', '/user/login')->save(); | |
| 93 $block->disable()->save(); | |
| 94 | |
| 95 // Check that we can log in from the 403 page. | |
| 96 $this->drupalLogout(); | |
| 97 $edit = [ | |
| 98 'name' => $this->adminUser->getUsername(), | |
| 99 'pass' => $this->adminUser->pass_raw, | |
| 100 ]; | |
| 101 $this->drupalPostForm('admin/config/system/site-information', $edit, t('Log in')); | |
| 102 | |
| 103 // Check that we're still on the same page. | |
| 104 $this->assertText(t('Basic site settings')); | |
| 105 } | |
| 106 | |
| 107 /** | |
| 108 * Tests that an inaccessible custom 403 page falls back to the default. | |
| 109 */ | |
| 110 public function testAccessDeniedCustomPageWithAccessDenied() { | |
| 111 // Sets up a 403 page not accessible by the anonymous user. | |
| 112 $this->config('system.site')->set('page.403', '/system-test/custom-4xx')->save(); | |
| 113 | |
| 114 $this->drupalGet('/system-test/always-denied'); | |
| 115 $this->assertNoText('Admin-only 4xx response'); | |
| 116 $this->assertText('You are not authorized to access this page.'); | |
| 117 $this->assertResponse(403); | |
| 118 // Verify the access cacheability metadata for custom 403 is bubbled. | |
| 119 $this->assertCacheContext('user.roles'); | |
| 120 | |
| 121 $this->drupalLogin($this->adminUser); | |
| 122 $this->drupalGet('/system-test/always-denied'); | |
| 123 $this->assertText('Admin-only 4xx response'); | |
| 124 $this->assertResponse(403); | |
| 125 // Verify the access cacheability metadata for custom 403 is bubbled. | |
| 126 $this->assertCacheContext('user.roles'); | |
| 127 } | |
| 128 | |
| 129 } |