Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Spin-off from #540008: Add a container parameter that can remove the special behavior of UID#1 as requested by catch. This only contains those tests that had rather straightforward fixes for going green because they so happened to run as UID1 by accident. All the documentation regarding why the individual tests needed changes can be found in the parent issue's comments.
Map of changes:
- CommentDefaultFormatterCacheTagsTest: #65.1, #70, #72, #74
- CommentAdminViewTest: #9 (minimal changes), #131 (with test coverage rethinking)
- CommentViewsKernelTestBase: #65-2
- TextFormatElementFormTest: #95-5 (number by #94),
#148-2 (non blocking offer, can be done later) - FieldRenderedEntityTest: #70
- EntityAutocompleteElementFormTest: #67
- See also #168 with a tests split map.
Comment | File | Size | Author |
---|---|---|---|
#66 | interdiff_62_66.txt | 648 bytes | Spokje |
#66 | 2917584-66.patch | 8.54 KB | Spokje |
Comments
Comment #2
kristiaanvandeneyndeHopefully this doesn't open up a whole new can of worms because we're separating the real cause (UID 1) from the symptoms
Comment #3
kristiaanvandeneyndeMy bad...
Comment #4
kristiaanvandeneyndeFieldFieldTest would also break but fixing that here might be overly tedious given it's fix:
If I were to fix that here I'd have to set up an is_admin role instead and immediately add a @todo saying "Remove this again with the main patch."
RowRenderCacheText was all sorts of broken, as explained in the parent issue, so leaving that one there given its small footprint on the overall size of the parent issue's patch.
Comment #5
catchIf this test is still using uid 1, shouldn't it create a user/2 and assign these permissions? Otherwise it would still contradict the comment above.
I'm surprised the test assertions change here, I'd expect this to just add permissions to the user? Again this seems due to changing the test rather than setting up a user with the correct permissions.
Comment #6
kristiaanvandeneyndeThe CommentDefaultFormatterCacheTagsTest is indeed testing with user 1, causing it to go green for the wrong reasons. By assigning it the right permissions, nothing changes now because UID 1 is still a superuser, but it will once UID 1 has to behave like a regular user.
The only way to properly change this is to make the test run as UID 2, which defeats the purpose of the parent issue where we are trying to do away with code that requires a specific UID, whether that be 1, 2 or whatever. It's the same reason as comment #4: we'd be adding something here to prove it's broken, only to immediately remove it again in the parent issue. It can be done, but as I stated above it does seem a bit overly tedious when the parent issue shows the patch went red first and green after all of these fixes.
CommentAdminViewTest had its numbers changed because it was manipulating and leaking state between tests. This caused the numbers to be off. The only reason it still went green was because UID 1 can see everything all the time and so happened to match the manipulations that were being made in that test. Now that we set up all of the translations in the setUp, we need to account for those numbers in the assertions.
Comment #7
Anonymous (not verified) CreditAttribution: Anonymous commented+1 to don't add chunks like
for prevent regression in these tests. Because it's just a drop in the ocean. Any other test can also imperceptibly break during the change. Therefore, or we need to find some global solution for prevent the possible regression in all tests, or commit #540008: Add a container parameter that can remove the special behavior of UID#1 where the problem is solved by itself.
#5.2: good point! Perhaps we really can fix this test by adding only the necessary permissions, and don't change test coverage. But @kristiaanvandeneynde performed a lot of refactoring here, and it will be a pity to lose this work. But we always can do it via follow-up.
Comment #8
kristiaanvandeneynde@vaplas, does that test also go green in combination with the parent issue's patch? I'd prefer to keep it as in #2's patch because, as it stands, it will go green all the time in this issue because we're not fixing UID 1's god mode here. The real issue with that test was that it was leaking state and UID1 was hiding that. So I do believe we need the patch from #2 because it actually stopped that test from leaking state.
If we commit your patch from #7, it might go red again in the parent issue and we'd have to fix the state leak regardless. So it's the same thing I mentioned above: we'd be changing a working patch to only have it go red in the parent issue and have to change it back to the parent version's copy.
Comment #9
Anonymous (not verified) CreditAttribution: Anonymous commented@kristiaanvandeneynde, why the test will turn red, we just add the right permissions to pass the test coverage that the test authors wanted to get:
Similarly, as was done in TextFormatElementFormTest, where we add additional permissions for text formats, instead of change test coverage assertions.
Yes, I tested CommentAdminViewTest with this patch + parent before sending. Sorry, that I did not mention about it. Let's do it officially.
Comment #10
kristiaanvandeneyndeWell I'll be damned.
I must have done something wrong because I couldn't get that test to go green unless I fixed the leaking state. Guess I can open up a separate issue to fix the rest of that test then. Cheers vaplas!
RTBC patch from #7 as far as I am concerned, but given the low amount of people involved here, it's probably be up to catch to decide. Will RTBC to put it on his radar, but am fully aware he may want us to do more work here.
Comment #12
Anonymous (not verified) CreditAttribution: Anonymous commentedRandom fail #2906317: Random fail due to problems with database. Reupload #7.
Although if @catch has a plan on #9, it will also be great :) I'm really afraid to write tests now, because I can make mistakes in the permissions, and Mr. Bot will not pull me by the sleeve.
Comment #13
kristiaanvandeneyndeStill looks good to me
Comment #14
Anonymous (not verified) CreditAttribution: Anonymous commentedAdded a short guide about changes to IS.
Comment #15
xjmThanks for working on this; the direction of this issue is helpful. Tests should never really run as user 1.
CommentDefaultFormatterCacheTagsTest
especially seems to have a lot of unrelated cleanups. Please review https://www.drupal.org/core/scope.UserViewsFieldAccessTest
is just having a bunch of assertions ripped out. We also shouldn't do that; it regresses our test coverage. If those assertions are failing we need to figure out why and change the coverage rather than removing it.Comment #16
catchThe purpose of the issue is that code doesn't require a specific uid. The first user created on a Drupal site (uid 1), will be automatically granted the administrator role during the install process, otherwise they'll be immediately locked out of the site they've just installed. Therefore user 1 will still have special meaning, just that meaning will be configurable/revokable rather than hard-coded/inherent.
Changing a test to use uid 2 (which has never had any special meaning in Drupal) proves that it doesn't require a specific uid to pass.
Comment #17
kristiaanvandeneynde@xjm: UserViewsFieldAccessTest is having assertions ripped out because those were all kinds of broken. They were covering some fields no-one should ever get access to. User one did because they get to ignore the entire access layer.
From the comment regarding that test linked in the issue summary (thanks vaplas!):
Comment #18
kristiaanvandeneyndeI'm somewhat agreeing the way forward is to write these tests to use a random user ID other than 1. I still think that special casing should be removed again when the parent issue goes in, though, as it makes no sense for a test set up to do something weird like: "Let's by all means try to avoid this magic number".
But in order to prove the tests are in fact functioning as UID non-1, we might actually need to go through said effort and then remove it again. Even if I have reservations about the effort going into writing something that will soon be removed again, I guess there's no other way to make this issue easy to review and commit.
Comment #19
Anonymous (not verified) CreditAttribution: Anonymous commentedPatch with minimal changes + test-only for confirm :)
UserViewsFieldAccessTest without
user/1
, because it extends FieldFieldAccessTestBase (where we haveuser/1
now).Comment #21
kristiaanvandeneyndeThe whole point of
UserViewsFieldAccessTest
is to test for field access based on the minimum required permissions. Assigning the user the 'administer users' permission is not a valid solution as that will grant access to all properties regardless of name. SeeUserAccessControlHandler::checkFieldAccess()
.So we can't set that permission and by not doing so, we will have failing assertions at all times because of this code:
Which is why I removed said assertions in the first place, because they were never functional to begin with. Only admin users would pass that test and I doubt we want to test for admins instead of regular users. Instead, we should add an admin test alongside the regular one and change the assertions to reflect the denial of access.
Comment #22
kristiaanvandeneyndeThis properly expands
UserViewsFieldAccessTest
to test both with and without admin permission. It also adds some more reminders and fixes a typo.Off topic: Hoping it goes green as my local D8 patch environment is suffering from https://github.com/hashicorp/vagrant/issues/8788#issuecomment-335260145 so I'm getting the error mentioned here: https://github.com/acquia/lightning/issues/455
Comment #23
Anonymous (not verified) CreditAttribution: Anonymous commentedYep. I really blundered here. @kristiaanvandeneynde++! Absolutely have sense. But I suggest staying in the same test. This will help not go beyond the scope of the issue, and not create double check of permissions (additional role is not remove prevent permissions)
We have plan to uncomment this code instead of remove it in #2464635: Follow-up: Enable additional tests for base entity field access checking in Views
We have plan to fix these typos in #2851394: Fix grammar 'a' to 'an' when necessary.
So, let's revert this changes here.
Also, it seems to me more and more, that we need return
FileManagedUnitTestBase
back to parent issue. Because we can fix tests inside the core (likeSaveTest
), but what to do with external tests that can break?Comment #24
kristiaanvandeneyndeI disagree here. The whole point of testing something is to be explicit in what you're testing. Repetition isn't necessarily a bad thing if we want to prove that both users can access the basic fields but only admins can access the special ones. Playing the devil's advocate: What if one day an additional role not being able to remove permissions no longer works that way? Then we're going to be happy we were explicit about our assertions instead of implicit.
Re 1.: The patches in that issue add way more property checks than the commented ones so one could argue that removing them here actually cleans up our code until the other issue lands. But yeah, we could leave in the commented lines, sure.
Re 2.: Sure. Seems like that patch already fixes it.
You're right, this could break contrib for as long as the parent issue doesn't land to revert the UID 2 change.
I'll attach a patch that keeps in the out-of-scope reverts, but removes your UserViewsFieldAccessTest revert because of what I wrote above. I'll also move the FileManagedUnitTestBase back to the parent patch.
Comment #25
Anonymous (not verified) CreditAttribution: Anonymous commentedSo be it. Your proposal did not cause me any conflicts)
It is also fair to change the priority of this issue, because:
Comment #26
kristiaanvandeneyndeInterdiffing vs 22 to avoid an interdiff that reverts a revert :D
Comment #27
Anonymous (not verified) CreditAttribution: Anonymous commentedLooks nice!
+1 to RTBC.
Comment #29
kristiaanvandeneyndeYup, looks good.
@vaplas I think that instead of uploading an exact copy of the same patch, you can let the test-only patch fail first and then click "Add test / retest" on the one in the comment above to make the last patch go green again.
Comment #30
catchWhy is this not user 2 or higher?
Comment #31
borisson_I think this user is created to make sure that the next user that's created (and used in the test) is uid1. So that's why this user is created with uid1.
Comment #32
Anonymous (not verified) CreditAttribution: Anonymous commented#31: precisely!
#5:
In order not to create unnecessary noise with the number of users, it is much easier to make "user1-injections".
In addition, it is more reliable. If someone adds the code to the beginning of the test with the creation of another user, then the test will fail, because we then explicitly create a user with uid = 1. And this is good.
Comment #33
kristiaanvandeneyndeYup, as the two comments above mentioned: We inject UID 1 to prevent
$this->createUser()
from accidentally creating a user 1 account. It is done in a way that is also easily reverted by the parent issue: Simply remove the line and the test runs as UID 1 again, which is fine after the parent issue lands.Back to RTBC.
Small edit re borisson_:
Comment #34
catchOK that makes sense but it needs a better comment, like // Create user 1 so that the user created later in the test has a different user ID.
Comment #35
kristiaanvandeneyndeDone, leaving at RTBC due to the nature of the changes.
Comment #36
larowlanmissing a docblock?
let's remove this - if they're to be added there - let's add them there.
We don't normally include commented out code.
No docblock?
Wondering why we're adding new tests if the OP is about fixing existing tests that only pass when run with User 1?
Comment #37
kristiaanvandeneyndeIt never had one to begin with and when I also fixed a docblock about "an user" vs "a user", I got told to remove it again because it was out of scope. So not touching that for now.
Same answer: Out of scope. And there is another issue which actually removes all of those commented out lines of code in one go. Removing them here might cause that issue to miss them when they re-roll their patch.
I could add one as it's a newly introduced method. For consistency's sake with
testUserFields()
, I didn't. I'd be glad to open a follow-up issue to clean that up for both methods at the same time.There has been a lot of back-and-forthing over what is and isn't in scope for this issue and I'd like to see it move ahead. So I hope you don't mind my putting it back to RTBC so that it can either get committed or the person who's supposed to commit this can tell me exactly what minor docblock/comment changes there still need to be for it to be ready.
If that person is you, larowlan, I'll add the changes. But if you look at the previous comments you can see the patch has gone through a lot of items being removed only to be put back in or vice versa. So I'd really like to lock down the scope now and get a patch following that scope definition.
Comment #38
xjm@larowlan, @catch, and I are all core committers, which means that in the governance we all have the authority to "approve or refuse" any core changes. So @larowlan's review is applicable.
We're also human beings though which means we don't always notice everything we should on our first review (especially if we're distracted by something else that seems off in the patch). This does result in some back-and-forth in the review process sometimes, but let's still address all committers' feedback. (If the committers actually disagree about something, versus just "missed that when I reviewed it myself last time", then we will discuss it amongst ourselves and come to a consensus, but that's not the case here.)
Regarding #36 and #37:
So let's address @larowlan's review in #36. Thanks!
Comment #39
kristiaanvandeneyndeCool, I meant no disrespect if that's how it came across. Is it still fine to move the commented out lines to the bottom of that method? Leaving them in place looks a bit weird compared to the new method.
Comment #40
Anonymous (not verified) CreditAttribution: Anonymous commented36.1, 36.3 +1.
#36.2 Historical irony (3 years ago in #2462589-31: Provide test coverage for access checking of all views fields.):
I offered to leave these comments in #23.1 for the same reason - their removal is beyond the scope of our goal here.
#36 last line:
That's a good question. We have defined the history of the consideration of changes here (see map in IS). Because there are two problems at once:
#39:
Looks very nice for me! But like variant, we can just leave the post about these lines in the #2464635: Follow-up: Enable additional tests for base entity field access checking in Views, and remove these from here. Perhaps this is exactly what @larowlan offers to do in #36.2.
Comment #41
kristiaanvandeneyndeComment #42
johnennew CreditAttribution: johnennew at Deeson commentedThe last patch addresses the previous comments - setting to RTBC.
Comment #44
Anonymous (not verified) CreditAttribution: Anonymous commentedIt was random fail. Move it to separate issue: #2924753: Random fail in ExposedFormUITest.
#42: +1! Back to RTBC. All points were answered. The only point about removing commented code seems to be so contradictory and nit, that we need additional confirmation of the committers.
Looking at the patches it might seem that we are adding this
// code
. But after clarification in #40-#41 maybe the committers accepted our position. If not, please point this out, so that we can continue to work.Comment #45
kristiaanvandeneynde@xjm, @catch, @larowlan: Any objections left for this patch to go in?
Comment #47
tacituseu CreditAttribution: tacituseu commentedUnrelated failure #2926309: Random fail due to APCu not being able to allocate memory.
Comment #48
catchHere and elsewhere in the patch, it's creating user/1 so that the next user created is user/2. I've asked already, but why can we not do $this->createUser(['uid' => 2]); to achieve the same effect. This would be much more explicit, it can still be removed if we decided to in the other issue (although I'm not sure we should, it's not bad to have the extra implicit test coverage).
Also, with that approach, it would be easy to post a fail patch here where the only change is the ['uid' => 2] addition.
Comment #49
xjmYeah, I'd definitely like to see a fail patch that just sets the existing user ID to 2, and then a passing patch that shows the few added roles/filters/etc needed in the case (and no other changes).
I also think maybe
UserViewsFieldAccessTest
should be split into its own issue since that one is actually improving the test coverage.Comment #50
Anonymous (not verified) CreditAttribution: Anonymous commented#48: I wanted to explain this at #32, but obviously my English is bad. Here's an explain on code:
⏳ After a while, someone makes new user before this line:
Okay, what changes if we use next:
⏳ After a while, someone makes new user before this line:
Those an explicit made user/1 is more reliable way to avoid problems before the parent issue release.
// Create user 1 so that the user created later in the test has a different
Not only later, but anywhere within the test.
We need these changes regardless of the approach chosen, or I did not understand this point.
#49:
Done. #2928648: Correcting UserViewsFieldAccessTest
Comment #51
Anonymous (not verified) CreditAttribution: Anonymous commentedI forgot to remove UserViewsFieldAccessTest.php and FieldFieldAccessTestBase.php changes from the current issue.
Comment #52
kristiaanvandeneyndeThis only contains the "Any user created after this is not user one" logic. Should fail all tests.
Comment #53
kristiaanvandeneyndeUpdated the issue summary. Maybe we also need to relocate the changes to CommentViewsKernelTestBase to the original UID 1 patch, for the same reason we moved FileManagedUnitTestBase back?
We can't know for sure who will extend it and we should therefore only change it when we change how UID 1 works. Because then we will have a CR explaining that some tests might break and why they are breaking.
Comment #61
daffie CreditAttribution: daffie commentedThe patch from comment #51 (from the anonymous user) needs to be rerolled.
Comment #62
SpokjeReroll of patch #51
Comment #63
SpokjeComment #64
SpokjeComment #65
daffie CreditAttribution: daffie commentedThe test Drupal\Tests\comment\Kernel\Views\CommentLinksTest fails, because the permission "view test entity" is also needed.
Comment #66
Spokje@daffie: You rang, Sir? 👿
Seriously: Was looking at what permissions was missing, but after adding about all the "comment" permission and looking into Core View permissions, I gave up.
Never figured the (now) obvious... Thanks!
Comment #67
daffie CreditAttribution: daffie commented@catch asked why we cannot replace the creation of the user with id is 1 with
$this->createUser(['uid' => 2]);
. The question is answered by anonymous in comment #50. For me the explanation is enough.The requested patch with only the added creation of the user with id is 1, can be found in the patch from comment #52.
I do not see the need for a CR when the only thing we are doing in this patch is changing a couple tests.
All code changes look good to me.
For me it is RTBC.
Comment #70
catchI read through #16 and #50 again.
I think I'm wrong about the @todo in #16. While the installer will need the user created during installation to be an admin user, that work will be done by the installer rather than hard-coded, kernel tests don't run the installer so that behaviour will never kick in. This means the @todo is probably correct and can be removed when the parent issue eventually lands.
I still think pre-creating user 1 is an odd pattern - if this was in more tests would ask for a helper or back to the explicit user creation again, but it does mean the hunk can just be removed later.
Committed/pushed to 9.2.x and cherry-picked to 9.1.x, thanks!