diff --git a/core/modules/simpletest/lib/Drupal/simpletest/Tests/SimpleTestBrowserTest.php b/core/modules/simpletest/lib/Drupal/simpletest/Tests/SimpleTestBrowserTest.php new file mode 100644 index 0000000..0bab880 --- /dev/null +++ b/core/modules/simpletest/lib/Drupal/simpletest/Tests/SimpleTestBrowserTest.php @@ -0,0 +1,124 @@ + 'SimpleTest browser functionality', + 'description' => "Test SimpleTest's internal browser and APIs both explicitly and implicitly.", + 'group' => 'SimpleTest' + ); + } + + function setUp() { + parent::setUp(); + // Create and log in an admin user. + $this->drupalLogin($this->drupalCreateUser(array('administer unit tests'))); + } + + /** + * Test the internal browsers functionality. + */ + function testInternalBrowser() { + // Retrieve the test page and check its title and headers. + $this->drupalGet('test-page'); + $this->assertTrue($this->drupalGetHeader('Date'), 'An HTTP header was received.'); + $this->assertTitle(t('Test page | @site-name', array( + '@site-name' => \Drupal::config('system.site')->get('name'), + ))); + $this->assertNoTitle('Foo'); + + $old_user_id = $this->container->get('current_user')->id(); + $user = $this->drupalCreateUser(); + $this->drupalLogin($user); + // Check that current user service updated. + $this->assertNotEqual($old_user_id, $this->container->get('current_user')->id(), 'Current user service updated.'); + $headers = $this->drupalGetHeaders(TRUE); + $this->assertEqual(count($headers), 2, 'There was one intermediate request.'); + $this->assertTrue(strpos($headers[0][':status'], '302') !== FALSE, 'Intermediate response code was 302.'); + $this->assertFalse(empty($headers[0]['location']), 'Intermediate request contained a Location header.'); + $this->assertEqual($this->getUrl(), $headers[0]['location'], 'HTTP redirect was followed'); + $this->assertFalse($this->drupalGetHeader('Location'), 'Headers from intermediate request were reset.'); + $this->assertResponse(200, 'Response code from intermediate request was reset.'); + + // Test the maximum redirection option. + $this->drupalLogout(); + // Check that current user service updated to anonymous user. + $this->assertEqual(0, $this->container->get('current_user')->id(), 'Current user service updated.'); + $edit = array( + 'name' => $user->getUsername(), + 'pass' => $user->pass_raw + ); + $this->maximumRedirects = 1; + $this->drupalPostForm('user', $edit, t('Log in'), array( + 'query' => array('destination' => 'user/logout'), + )); + $headers = $this->drupalGetHeaders(TRUE); + $this->assertEqual(count($headers), 2, 'Simpletest stopped following redirects after the first one.'); + + // Remove the Simpletest private key file so we can test the protection + // against requests that forge a valid testing user agent to gain access + // to the installer. + // @see drupal_valid_test_ua() + // Not using File API; a potential error must trigger a PHP warning. + unlink($this->siteDirectory . '/.htkey'); + global $base_url; + $this->drupalGet(url($base_url . '/core/install.php', array('external' => TRUE, 'absolute' => TRUE))); + $this->assertResponse(403, 'Cannot access install.php.'); + } + + /** + * Test validation of the User-Agent header we use to perform test requests. + */ + function testUserAgentValidation() { + global $base_url; + $system_path = $base_url . '/' . drupal_get_path('module', 'system'); + $HTTP_path = $system_path .'/tests/http.php?q=node'; + $https_path = $system_path .'/tests/https.php?q=node'; + // Generate a valid simpletest User-Agent to pass validation. + $this->assertTrue(preg_match('/simpletest\d+/', $this->databasePrefix, $matches), 'Database prefix contains simpletest prefix.'); + $test_ua = drupal_generate_test_ua($matches[0]); + $this->additionalCurlOptions = array(CURLOPT_USERAGENT => $test_ua); + + // Test pages only available for testing. + $this->drupalGet($HTTP_path); + $this->assertResponse(200, 'Requesting http.php with a legitimate simpletest User-Agent returns OK.'); + $this->drupalGet($https_path); + $this->assertResponse(200, 'Requesting https.php with a legitimate simpletest User-Agent returns OK.'); + + // Now slightly modify the HMAC on the header, which should not validate. + $this->additionalCurlOptions = array(CURLOPT_USERAGENT => $test_ua . 'X'); + $this->drupalGet($HTTP_path); + $this->assertResponse(403, 'Requesting http.php with a bad simpletest User-Agent fails.'); + $this->drupalGet($https_path); + $this->assertResponse(403, 'Requesting https.php with a bad simpletest User-Agent fails.'); + + // Use a real User-Agent and verify that the special files http.php and + // https.php can't be accessed. + $this->additionalCurlOptions = array(CURLOPT_USERAGENT => 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12'); + $this->drupalGet($HTTP_path); + $this->assertResponse(403, 'Requesting http.php with a normal User-Agent fails.'); + $this->drupalGet($https_path); + $this->assertResponse(403, 'Requesting https.php with a normal User-Agent fails.'); + } + +} diff --git a/core/modules/simpletest/lib/Drupal/simpletest/Tests/SimpleTestTest.php b/core/modules/simpletest/lib/Drupal/simpletest/Tests/SimpleTestTest.php old mode 100755 new mode 100644 index e46051d..dba98ab --- a/core/modules/simpletest/lib/Drupal/simpletest/Tests/SimpleTestTest.php +++ b/core/modules/simpletest/lib/Drupal/simpletest/Tests/SimpleTestTest.php @@ -7,11 +7,15 @@ namespace Drupal\simpletest\Tests; +use Drupal\Component\Utility\Crypt; use Drupal\Core\Database\Driver\pgsql\Select; use Drupal\simpletest\WebTestBase; /** - * Tests the Simpletest UI test runner and internal browser. + * Tests the Simpletest UI test runner. + * + * This test is runs itself. Additional test methods should not be added since + * they affect the result of self::testWebTestRunner(). */ class SimpleTestTest extends WebTestBase { @@ -55,96 +59,6 @@ function setUp() { } /** - * Test the internal browsers functionality. - */ - function testInternalBrowser() { - if (!$this->isInChildSite()) { - // Retrieve the test page and check its title and headers. - $this->drupalGet('test-page'); - $this->assertTrue($this->drupalGetHeader('Date'), 'An HTTP header was received.'); - $this->assertTitle(t('Test page | @site-name', array( - '@site-name' => \Drupal::config('system.site')->get('name'), - ))); - $this->assertNoTitle('Foo'); - - $old_user_id = $this->container->get('current_user')->id(); - $user = $this->drupalCreateUser(); - $this->drupalLogin($user); - // Check that current user service updated. - $this->assertNotEqual($old_user_id, $this->container->get('current_user')->id(), 'Current user service updated.'); - $headers = $this->drupalGetHeaders(TRUE); - $this->assertEqual(count($headers), 2, 'There was one intermediate request.'); - $this->assertTrue(strpos($headers[0][':status'], '302') !== FALSE, 'Intermediate response code was 302.'); - $this->assertFalse(empty($headers[0]['location']), 'Intermediate request contained a Location header.'); - $this->assertEqual($this->getUrl(), $headers[0]['location'], 'HTTP redirect was followed'); - $this->assertFalse($this->drupalGetHeader('Location'), 'Headers from intermediate request were reset.'); - $this->assertResponse(200, 'Response code from intermediate request was reset.'); - - // Test the maximum redirection option. - $this->drupalLogout(); - // Check that current user service updated to anonymous user. - $this->assertEqual(0, $this->container->get('current_user')->id(), 'Current user service updated.'); - $edit = array( - 'name' => $user->getUsername(), - 'pass' => $user->pass_raw - ); - $this->maximumRedirects = 1; - $this->drupalPostForm('user', $edit, t('Log in'), array( - 'query' => array('destination' => 'user/logout'), - )); - $headers = $this->drupalGetHeaders(TRUE); - $this->assertEqual(count($headers), 2, 'Simpletest stopped following redirects after the first one.'); - - // Remove the Simpletest private key file so we can test the protection - // against requests that forge a valid testing user agent to gain access - // to the installer. - // @see drupal_valid_test_ua() - // Not using File API; a potential error must trigger a PHP warning. - unlink($this->siteDirectory . '/.htkey'); - global $base_url; - $this->drupalGet(url($base_url . '/core/install.php', array('external' => TRUE, 'absolute' => TRUE))); - $this->assertResponse(403, 'Cannot access install.php.'); - } - } - - /** - * Test validation of the User-Agent header we use to perform test requests. - */ - function testUserAgentValidation() { - if (!$this->isInChildSite()) { - global $base_url; - $system_path = $base_url . '/' . drupal_get_path('module', 'system'); - $HTTP_path = $system_path .'/tests/http.php?q=node'; - $https_path = $system_path .'/tests/https.php?q=node'; - // Generate a valid simpletest User-Agent to pass validation. - $this->assertTrue(preg_match('/simpletest\d+/', $this->databasePrefix, $matches), 'Database prefix contains simpletest prefix.'); - $test_ua = drupal_generate_test_ua($matches[0]); - $this->additionalCurlOptions = array(CURLOPT_USERAGENT => $test_ua); - - // Test pages only available for testing. - $this->drupalGet($HTTP_path); - $this->assertResponse(200, 'Requesting http.php with a legitimate simpletest User-Agent returns OK.'); - $this->drupalGet($https_path); - $this->assertResponse(200, 'Requesting https.php with a legitimate simpletest User-Agent returns OK.'); - - // Now slightly modify the HMAC on the header, which should not validate. - $this->additionalCurlOptions = array(CURLOPT_USERAGENT => $test_ua . 'X'); - $this->drupalGet($HTTP_path); - $this->assertResponse(403, 'Requesting http.php with a bad simpletest User-Agent fails.'); - $this->drupalGet($https_path); - $this->assertResponse(403, 'Requesting https.php with a bad simpletest User-Agent fails.'); - - // Use a real User-Agent and verify that the special files http.php and - // https.php can't be accessed. - $this->additionalCurlOptions = array(CURLOPT_USERAGENT => 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12'); - $this->drupalGet($HTTP_path); - $this->assertResponse(403, 'Requesting http.php with a normal User-Agent fails.'); - $this->drupalGet($https_path); - $this->assertResponse(403, 'Requesting https.php with a normal User-Agent fails.'); - } - } - - /** * Ensures the tests selected through the web interface are run and displayed. */ function testWebTestRunner() { @@ -159,7 +73,6 @@ function testWebTestRunner() { $this->stubTest(); } else { - // Run twice so test_ids can be accumulated. for ($i = 0; $i < 2; $i++) { // Run this test from web interface. @@ -184,11 +97,23 @@ function testWebTestRunner() { * Test to be run and the results confirmed. */ function stubTest() { + // Ensure the .htkey file exists since this is only created just before a + // request. This allows the stub test to make requests. The event does not + // fire here and drupal_generate_test_ua() can not generate a key for a + // test in a test since the prefix has changed. + // @see \Drupal\Core\Test\EventSubscriber\HttpRequestSubscriber::onBeforeSendRequest() + // @see drupal_generate_test_ua(); + $key_file = DRUPAL_ROOT . '/sites/simpletest/' . substr($this->databasePrefix, 10) . '/.htkey'; + $private_key = Crypt::randomBytesBase64(55); + file_put_contents($key_file, $private_key); + $this->pass($this->pass); $this->fail($this->fail); - $this->drupalCreateUser(array($this->valid_permission)); + $user = $this->drupalCreateUser(array($this->valid_permission), 'SimpleTestTest'); $this->drupalCreateUser(array($this->invalid_permission)); + // Test logging in as a user. + $this->drupalLogin($user); $this->pass(t('Test ID is @id.', array('@id' => $this->testId))); @@ -223,6 +148,9 @@ function confirmStubTestResults() { $this->assertAssertion(t('Created permissions: @perms', array('@perms' => $this->valid_permission)), 'Role', 'Pass', 'SimpleTestTest.php', 'Drupal\simpletest\Tests\SimpleTestTest->stubTest()'); $this->assertAssertion(t('Invalid permission %permission.', array('%permission' => $this->invalid_permission)), 'Role', 'Fail', 'SimpleTestTest.php', 'Drupal\simpletest\Tests\SimpleTestTest->stubTest()'); + // Check that the user was logged in successfully. + $this->assertAssertion('User SimpleTestTest successfully logged in.', 'User login', 'Pass', 'SimpleTestTest.php', 'Drupal\simpletest\Tests\SimpleTestTest->stubTest()'); + // Check that a warning is caught by simpletest. The exact error message // differs between PHP versions so only the function name is checked. $this->assertAssertion('trigger_error()', 'Warning', 'Fail', 'SimpleTestTest.php', 'Drupal\simpletest\Tests\SimpleTestTest->stubTest()'); @@ -237,7 +165,7 @@ function confirmStubTestResults() { $this->assertAssertion("Debug: 'Foo'", 'Debug', 'Fail', 'SimpleTestTest.php', 'Drupal\simpletest\Tests\SimpleTestTest->stubTest()'); - $this->assertEqual('6 passes, 5 fails, 2 exceptions, 1 debug message', $this->childTestResults['summary']); + $this->assertEqual('11 passes, 3 fails, 2 exceptions, 3 debug messages', $this->childTestResults['summary']); $this->test_ids[] = $test_id = $this->getTestIdFromResults(); $this->assertTrue($test_id, 'Found test ID in results.');