? .cache
? .git
? .project
? .settings
? empty
? file_276280.patch
? logs
? modules/file
? sites/all/modules
? sites/default/files
? sites/default/settings.php
? sites/default/test
Index: modules/simpletest/tests/file.test
===================================================================
RCS file: /cvs/drupal/drupal/modules/simpletest/tests/file.test,v
retrieving revision 1.12
diff -u -p -r1.12 file.test
--- modules/simpletest/tests/file.test	16 Nov 2008 19:41:14 -0000	1.12
+++ modules/simpletest/tests/file.test	22 Nov 2008 17:52:32 -0000
@@ -1112,4 +1112,118 @@ class FileSaveDataTest extends FileHookT
     $file = file_save_data($contents, 'asdf.txt', FILE_EXISTS_ERROR);
     $this->assertFalse($file, t("Overwriting a file fails when FILE_EXISTS_ERROR is specified."));
   }
-}
\ No newline at end of file
+}
+
+/**
+ * Tests for download/file transfer functions.
+ */
+class FileDownloadTest extends FileTestCase {
+  /**
+   * Implementation of getInfo().
+   */
+  function getInfo() {
+    return array(
+      'name' => t('File download'),
+      'description' => t('Tests for file download/transfer functions.'),
+      'group' => t('File'),
+    );
+  }
+
+  /**
+   * Implementation of setUp().
+   */
+  function setUp() {
+    parent::setUp('file_test');
+  }
+
+  /**
+   * Tests for file_download().
+   */
+  function testPrivateFileTransfer() {
+    // Set file downloads to private so handler functions get called.
+    variable_set('file_downloads', FILE_DOWNLOADS_PRIVATE);
+
+    // Create a file.
+    $file = $this->createFile();
+    $url = file_create_url($file->filename);
+
+    // Set file_test access header to allow the download.
+    file_test_set_return('download', array('X-Foo: Bar'));
+    $this->drupalHead($url);
+    $this->assertRaw('X-Foo: Bar', t('Found header set by file_test module on private download.'));
+
+    // Deny access to all downloads via a -1 header.
+    file_test_set_return('download', -1);
+    $this->drupalHead($url);
+    $this->assertResponse(403, t('Correctly denied access to a file when file_test sets the header to -1.'));
+
+    // Try non-existent file.
+    $url = file_create_url($this->randomName());
+    $this->drupalHead($url);
+    $this->assertResponse(404, t('Correctly returned 404 response for a non-existent file.'));
+  }
+}
+
+/**
+ * Tests for file_munge_filename() and file_unmunge_filename().
+ */
+class FileNameMungingTest extends FileTestCase {
+  /**
+   * Implementation of getInfo().
+   */
+  function getInfo() {
+    return array(
+      'name' => t('File naming'),
+      'description' => t('Filename munging and unmunging tests.'),
+      'group' => t('File'),
+    );
+  }
+
+  /**
+   * Implementation of setUp().
+   */
+  function setUp() {
+    $this->bad_extension = 'php';
+    $this->name = $this->randomName() . '.' . $this->bad_extension . '.txt';
+  }
+
+  /**
+   * Create a file and munge/unmunge the name.
+   */
+  function testMunging() {
+    // Disable insecure uploads.
+    variable_set('allow_insecure_uploads', 0);
+    $munged_name = file_munge_filename($this->name, '', TRUE);
+    $messages = drupal_get_messages();
+    $this->assertTrue(in_array(t('For security reasons, your upload has been renamed to %filename.', array('%filename' => $munged_name)), $messages['status']), t('Alert properly set when a file is renamed.'));
+    $this->assertNotEqual($munged_name, $this->name, t('The new filename (%munged) has been modified from the original (%original)', array('%munged' => $munged_name, '%original' => $this->name)));
+  }
+
+  /**
+   * If allow insecure uploads is enabled, the file should come out untouched,
+   * no matter what.
+   */
+  function testMungeIgnoreInsecure() {
+    variable_set('allow_insecure_uploads', 1);
+    $munged_name = file_munge_filename($this->name, '');
+    $this->assertIdentical($munged_name, $this->name, t('The original filename (%original) matches the munged filename (%munged) when insecure uploads are enabled.', array('%munged' => $munged_name, '%original' => $this->name)));
+  }
+
+  /**
+   * White listed extensions are ignored by file_munge_filename().
+   */
+  function testMungeIgnoreWhitelisted() {
+    // Declare our extension as whitelisted.
+    $munged_name = file_munge_filename($this->name, $this->bad_extension);
+    $this->assertIdentical($munged_name, $this->name, t('The new filename (%munged) matches the original (%original) once the extension has been whitelisted.', array('%munged' => $munged_name, '%original' => $this->name)));
+  }
+
+  /**
+   * Ensure that unmunge gets your name back.
+   */
+  function testUnMunge() {
+    $munged_name = file_munge_filename($this->name, '', FALSE);
+    $unmunged_name = file_unmunge_filename($munged_name);
+    $this->assertIdentical($unmunged_name, $this->name, t('The unmunged (%unmunged) filename matches the original (%original)', array('%unmunged' => $unmunged_name, '%original' => $this->name)));
+  }
+}
