Mercurial > hg > isophonics-drupal-site
view core/modules/comment/tests/src/Kernel/CommentStringIdEntitiesTest.php @ 13:5fb285c0d0e3
Update Drupal core to 8.4.7 via Composer. Security update; I *think* we've
been lucky to get away with this so far, as we don't support self-registration
which seems to be used by the so-called "drupalgeddon 2" attack that 8.4.5
was vulnerable to.
| author | Chris Cannam |
|---|---|
| date | Mon, 23 Apr 2018 09:33:26 +0100 |
| parents | 4c8ae668cc8c |
| children | af1871eacc83 |
line wrap: on
line source
<?php namespace Drupal\Tests\comment\Kernel; use Drupal\comment\Entity\CommentType; use Drupal\KernelTests\KernelTestBase; use Drupal\field\Entity\FieldStorageConfig; /** * Tests that comment fields cannot be added to entities with non-integer IDs. * * @group comment */ class CommentStringIdEntitiesTest extends KernelTestBase { /** * Modules to install. * * @var array */ public static $modules = [ 'comment', 'user', 'field', 'field_ui', 'entity_test', 'text', ]; protected function setUp() { parent::setUp(); $this->installEntitySchema('comment'); $this->installSchema('comment', ['comment_entity_statistics']); // Create the comment body field storage. $this->installConfig(['field']); } /** * Tests that comment fields cannot be added entities with non-integer IDs. */ public function testCommentFieldNonStringId() { try { $bundle = CommentType::create([ 'id' => 'foo', 'label' => 'foo', 'description' => '', 'target_entity_type_id' => 'entity_test_string_id', ]); $bundle->save(); $field_storage = FieldStorageConfig::create([ 'field_name' => 'foo', 'entity_type' => 'entity_test_string_id', 'settings' => [ 'comment_type' => 'entity_test_string_id', ], 'type' => 'comment', ]); $field_storage->save(); $this->fail('Did not throw an exception as expected.'); } catch (\UnexpectedValueException $e) { $this->pass('Exception thrown when trying to create comment field on Entity Type with string ID.'); } } }