? .DS_Store
? .cache
? .cvsignore
? .git
? .project
? .settings
? file_203204_0.patch
? hook_file_c216.patch.1
? test
? modules/.DS_Store
? sites/all/modules
? sites/default/files
? sites/default/settings.php
? sites/default/test
Index: includes/file.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/file.inc,v
retrieving revision 1.132
diff -u -p -r1.132 file.inc
--- includes/file.inc	16 Sep 2008 23:55:42 -0000	1.132
+++ includes/file.inc	17 Sep 2008 16:51:03 -0000
@@ -646,6 +646,11 @@ function file_save_upload($source, $vali
     $file->timestamp = $_SERVER['REQUEST_TIME'];
     drupal_write_record('files', $file);
 
+    // Give everyone read access so that FTP'd users or non-webserver users
+    // can see/read these files, and give group write permissions so group
+    // members can alter files uploaded by the webserver.
+    @chmod($file->filepath, 0664);
+
     // Add file to the cache.
     $upload_cache[$source] = $file;
     return $file;
Index: modules/simpletest/tests/file.test
===================================================================
RCS file: /cvs/drupal/drupal/modules/simpletest/tests/file.test,v
retrieving revision 1.3
diff -u -p -r1.3 file.test
--- modules/simpletest/tests/file.test	15 Sep 2008 21:06:07 -0000	1.3
+++ modules/simpletest/tests/file.test	17 Sep 2008 16:51:03 -0000
@@ -210,6 +210,21 @@ class FileLoadSaveTest extends DrupalWeb
     );
   }
 
+  /**
+   * Helper function to test the permissions of a file.
+   *
+   * @param $filepath
+   *   String file path
+   * @param $mode
+   *   Integer like 0644 or 0777.
+   */
+  function verifyPermissions($filepath, $mode) {
+    $perms = fileperms($filepath);
+
+    $message = "File permissions set correctly. $mode, $perms, ". ($perms & 511);
+    $this->assertEqual($perms & 511, $mode, t($message));
+  }
+
   function testFileSaveData() {
     $contents = $this->randomName(8);
 
@@ -225,7 +240,31 @@ class FileLoadSaveTest extends DrupalWeb
     $this->assertEqual(file_directory_path(), dirname($filepath), t("File was placed in Drupal's files directory."));
     $this->assertEqual('asdf.txt', basename($filepath), t("File was named correctly."));
     $this->assertEqual($contents, file_get_contents(realpath($filepath)), t("Contents of the file are correct."));
+    $this->verifyPermissions($filepath, 0644);
+  }
+
+  function testFileSaveUpload() {
+    $max_fid_before = db_result(db_query("SELECT MAX(fid) AS fid FROM {files}"));
+
+    $upload_user = $this->drupalCreateUser(array('access content'));
+    $this->drupalLogin($upload_user);
+
+    $image = current($this->drupalGetTestFiles('image'));
+    $this->assertTrue(is_file($image->filename), t("The file we're going to upload exists."));
+    $edit = array('files[file_test_upload]' => realpath($image->filename));
+    $this->drupalPost('file-test/upload', $edit, t('Submit'));
+    $this->assertResponse(200, t("Received a 200 response for posted test file."));
+
+    $max_fid_after = db_result(db_query("SELECT MAX(fid) AS fid FROM {files}"));
+    $this->assertTrue($max_fid_after > $max_fid_before, t("A new file was created."));
+
+    // FIXME this is some stupidity because we don't have a file_load().
+    // Replace this once the hook_file patch gets committed in 2010.
+    $file = db_fetch_object(db_query('SELECT f.* FROM {files} f WHERE f.fid = %d', array($max_fid_after)));
+    $this->assertTrue($file, t("Loaded the file."));
+    $this->verifyPermissions($file->filepath, 0644);
   }
+
 }
 
 /**
Index: modules/simpletest/tests/file_test.info
===================================================================
RCS file: modules/simpletest/tests/file_test.info
diff -N modules/simpletest/tests/file_test.info
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ modules/simpletest/tests/file_test.info	17 Sep 2008 16:51:03 -0000
@@ -0,0 +1,8 @@
+; $Id$
+name = "File test"
+description = "Support module for file handling tests."
+package = Testing
+version = VERSION
+core = 7.x
+files[] = file_test.module
+hidden = TRUE
Index: modules/simpletest/tests/file_test.module
===================================================================
RCS file: modules/simpletest/tests/file_test.module
diff -N modules/simpletest/tests/file_test.module
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ modules/simpletest/tests/file_test.module	17 Sep 2008 16:51:03 -0000
@@ -0,0 +1,53 @@
+<?php
+// $Id$
+
+/**
+ * @file
+ * Helper module for the file tests.
+ */
+
+
+/**
+ * Implementation of hook_menu().
+ */
+function file_test_menu() {
+  $items['file-test/upload'] = array(
+    'title' => t('Upload test'),
+    'page callback' => 'drupal_get_form',
+    'page arguments' => array('_file_test_form'),
+    'access arguments' => array('access content'),
+    'type' => MENU_CALLBACK,
+  );
+  return $items;
+}
+
+/**
+ * Form to test file uploads.
+ */
+function _file_test_form(&$form_state) {
+  $form['#validate'][] = '_file_test_validate_upload';
+  $form['file_test_upload'] = array(
+    '#type' => 'file',
+    '#title' => t('Upload image file'),
+  );
+  $form['submit'] = array(
+    '#type' => 'submit',
+    '#value' => t('Submit'),
+  );
+  return $form;
+}
+
+/**
+ * Process the upload.
+ */
+function _file_test_validate_upload(&$form, &$form_state) {
+  // Validate the uploaded picture.
+  $validators = array(
+    'file_validate_is_image' => array(),
+  );
+
+  if ($file = file_save_upload('file_test_upload', $validators)) {
+    $form_state['values']['file_test_upload'] = $file;
+    drupal_set_message(t('File "@filepath was uploaded.', array('@filepath' => $file->filepath)));
+  }
+}