Splitting this off from #2982149: Routing: Convert system functional tests to phpunit, that is getting too big. Please credit the people that worked on that.

scope:
./Session/SessionAuthenticationTest.php
./Session/SessionTest.php
./Session/StackSessionHandlerIntegrationTest.php

split:
./Session/SessionHttpsTest.php

CommentFileSizeAuthor
#18 3002121-18.patch14.85 KBLendude
#18 interdiff-3002121-16-18.txt3.53 KBLendude
#16 3002121-16.patch14.44 KBLendude
#16 interdiff-3002121-14-16.txt1.74 KBLendude
#14 3002121-14.patch14.47 KBLendude
#14 interdiff-3002121-12-14.txt0 bytesLendude
#12 3002121-12.patch14.47 KBLendude
#12 interdiff-3002121-10-12.txt1.17 KBLendude
#10 3002121-10.patch14.25 KBLendude
#10 interdiff-3002121-8-10.txt2.29 KBLendude
#8 3002121-8.patch13.62 KBLendude
#8 interdiff-3002121-6-8.txt1.63 KBLendude
#6 3002121-6.patch14.48 KBLendude
#6 interdiff-3002121-4-6.txt3.1 KBLendude
#4 3002121-4.patch15.25 KBLendude
#4 interdiff-3002121-2-4.txt12.5 KBLendude
#2 3002121-2.patch3.7 KBLendude
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Lendude created an issue. See original summary.

Lendude’s picture

Lendude
Primary language Dutch
Location Amsterdam
CreditAttribution: Lendude as a volunteer and at Dx Experts commented
Issue summary: View changes
Status: Active » Needs review
FileSize
3002121-2.patch3.7 KB

copy of the relevant parts from hte other issue

Status: Needs review » Needs work

The last submitted patch, 2: 3002121-2.patch, failed testing. View results

Lendude’s picture

Lendude
Primary language Dutch
Location Amsterdam
CreditAttribution: Lendude as a volunteer and at Dx Experts commented
Status: Needs work » Needs review
FileSize
interdiff-3002121-2-4.txt12.5 KB
3002121-4.patch15.25 KB

This is just to get this moving, not everything will pass yet.

Couple of things I see:

  •     // Make sure the session cookie is set as HttpOnly.
    $this->drupalLogin($user);
    $this->assertTrue(preg_match('/HttpOnly/i', $this->drupalGetHeader('Set-Cookie', TRUE)), 'Session cookie is set as HttpOnly.');
    $this->drupalLogout();

    If I turn this into a proper test for the cookie and not some header, it fails

        // Make sure the session cookie is set as HttpOnly.
    $this->drupalLogin($user);
    $this->assertTrue($this->getSessionCookies()->getCookieByName($this->getSessionName())->getHttpOnly(), 'Session cookie is set as HttpOnly.');
    $this->drupalLogout();

    But it's unclear to me why we are testing this and why we want this to be true..... 

  •     // Switch browser cookie to anonymous user, then back to user 1.
//    $this->sessionReset();
//    $this->sessionReset($user->id());
//    $this->assertText($value_1, 'Session data persists through browser close.', 'Session');

    This is attempting to test 'Session data persists through browser close.', but its just switching cookie jars in WTB, so its really testing that temp files persist though curl_close, which doesn't really test anything I feel. Simulating a browser close is hard, haven't figured out how to do that. (but the WTB way isn't it)

Status: Needs review » Needs work

The last submitted patch, 4: 3002121-4.patch, failed testing. View results
- codesniffer_fixes.patch Interdiff of automated coding standards fixes only.

Lendude’s picture

Lendude
Primary language Dutch
Location Amsterdam
CreditAttribution: Lendude as a volunteer and at Dx Experts commented
Status: Needs work » Needs review
FileSize
interdiff-3002121-4-6.txt3.1 KB
3002121-6.patch14.48 KB

Some more passing tests. Looks like Mink stores stuff in the session that messes things up after using basic auth, I can't reproduce the problems in a normal browser.

Status: Needs review » Needs work

The last submitted patch, 6: 3002121-6.patch, failed testing. View results
- codesniffer_fixes.patch Interdiff of automated coding standards fixes only.

Lendude’s picture

Lendude
Primary language Dutch
Location Amsterdam
CreditAttribution: Lendude as a volunteer and at Dx Experts commented
Issue summary: View changes
Status: Needs work » Needs review
Related issues: +#3011079: Convert \Drupal\system\Tests\Session\SessionHttpsTest to PHPUnit
FileSize
interdiff-3002121-6-8.txt1.63 KB
3002121-8.patch13.62 KB

Split of #3011079: Convert \Drupal\system\Tests\Session\SessionHttpsTest to PHPUnit that test has way too much history for a simple conversion, see #2265099: Cleanup SessionHttpsTest and fix redirect to non-existing URL after POST requests

The rest should be green, but need to look into some commented out stuff.

Lendude’s picture

Lendude
Primary language Dutch
Location Amsterdam
CreditAttribution: Lendude as a volunteer and at Dx Experts commented
Status: Needs review » Needs work

Back to 'needs work' for the commented bits.

Lendude’s picture

Lendude
Primary language Dutch
Location Amsterdam
CreditAttribution: Lendude as a volunteer and at Dx Experts commented
Status: Needs work » Needs review
FileSize
interdiff-3002121-8-10.txt2.29 KB
3002121-10.patch14.25 KB

This re-adds the 'browser close' test, but the coverage is just as dodgy as the Simpletest version. Since retaining cookies on browser close is browser behaviour and not Drupal behaviour, I'm not 100% convinced this is needed at all, but added here to keep the conversion 1-to-1

The HttpOnly assertion still fails. No idea why that is different then the Simpletest version, will dig a little more.

Status: Needs review » Needs work

The last submitted patch, 10: 3002121-10.patch, failed testing. View results

Lendude’s picture

Lendude
Primary language Dutch
Location Amsterdam
CreditAttribution: Lendude as a volunteer and at Dx Experts commented
Status: Needs work » Needs review
FileSize
interdiff-3002121-10-12.txt1.17 KB
3002121-12.patch14.47 KB

\GuzzleHttp\Cookie\SetCookie::getHttpOnly always returns false with our test setup (don't know why), so a nice way of checking this is not available, so I replicated the header check from the WTB version, but it doesn't work with using login, but it does work with another page.

Green locally now.

jibran’s picture

jibran
he/him
Primary language Urdu
Location Sydney, Australia
CreditAttribution: jibran commented
Status: Needs review » Needs work

This is super complex stuff.

  1. +++ /dev/null
@@ -1,47 +0,0 @@
-    $actual_trace = $this->drupalGetAjax('session-test/trace-handler');

+++ b/core/modules/system/tests/src/Functional/Session/StackSessionHandlerIntegrationTest.php
@@ -0,0 +1,51 @@
+    $options['query'][MainContentViewSubscriber::WRAPPER_FORMAT] = 'drupal_ajax';
+    $headers[] = 'X-Requested-With: XMLHttpRequest';
+    $actual_trace = json_decode($this->drupalGet('session-test/trace-handler', $options, $headers));

    WoW. 

  2. +++ b/core/modules/system/tests/src/Functional/Session/SessionTest.php
@@ -322,4 +326,20 @@ public function assertSessionEmpty($empty) {
+  protected function settingsSet($name, $value) {

    We have \Drupal\Core\Test\FunctionalTestSetupTrait::writeSettings for this.

Lendude’s picture

Lendude
Primary language Dutch
Location Amsterdam
CreditAttribution: Lendude as a volunteer and at Dx Experts commented
Status: Needs work » Needs review
FileSize
interdiff-3002121-12-14.txt0 bytes
3002121-14.patch14.47 KB

@jibran nice catch. The call to writeSettings was also done, the one call to settingsSet wasn't needed at all to make this pass, so took it out.

borisson_’s picture

borisson_
Primary language Dutch
Location Mechelen, 🇧🇪
CreditAttribution: borisson_ as a volunteer and at Calibrate commented
Status: Needs review » Needs work

Nitpicks ahead :)

  1. +++ b/core/modules/system/tests/src/Functional/Session/SessionAuthenticationTest.php
@@ -113,20 +114,24 @@ public function testBasicAuthNoSession() {
+    // Mink stores some information in the session that breaks the next check if
+    // not reset.
+    $this->getSession()->restart();

    Do we know what that information is? Because adding that in sounds like a good improvement. If we don't this comment is good enough I think :) 

  2. +++ b/core/modules/system/tests/src/Functional/Session/SessionTest.php
@@ -322,4 +326,20 @@ public function assertSessionEmpty($empty) {
+   * Changes in memory settings.
...
+   * @param $name
+   *   The name of the setting to return.
+   * @param $value
+   *   The value of the setting.
...
+  protected function settingsSet($name, $value) {
+    $settings = Settings::getAll();
+    $settings[$name] = $value;
+    new Settings($settings);
+  }

    This method name and description don't really fit together. We should probably either make the function name more narrow, or the description more broad. I think the second makes more sense.

    Also, there are no types for the parameters. We should add those (string, mixed - I think?) 

  3. +++ b/core/modules/system/tests/src/Functional/Session/StackSessionHandlerIntegrationTest.php
@@ -0,0 +1,51 @@
+  /**
+   * Modules to enable.
+   *
+   * @var array
+   */

    This can just be {@inheritdoc}

Lendude’s picture

Lendude
Primary language Dutch
Location Amsterdam
CreditAttribution: Lendude as a volunteer and at Dx Experts commented
Status: Needs work » Needs review
FileSize
interdiff-3002121-14-16.txt1.74 KB
3002121-16.patch14.44 KB

#15.1 Not a clue. It would redirect all traffic to 'user/2', which would then give a 403. *shrug*
#15.2 same as #13 really, we can just leave it out completely
#15.3 fixed, also updated it to protected.

jibran’s picture

jibran
he/him
Primary language Urdu
Location Sydney, Australia
CreditAttribution: jibran commented

Some more nits.

  1. +++ b/core/modules/system/tests/src/Functional/Session/SessionAuthenticationTest.php
@@ -55,17 +55,18 @@ public function testSessionFromBasicAuthenticationDoesNotLeak() {
+    $this->assertEqual($this->user->id(), json_decode($this->getSession()->getPage()->getContent())->user, 'The correct user is authenticated on a route with basic authentication.');
...
+    $this->assertFalse(json_decode($this->getSession()->getPage()->getContent())->user, 'The user is no longer authenticated after visiting a page without basic authentication.');

    $this->getSession() can be a local var. 

  2. +++ b/core/modules/system/tests/src/Functional/Session/SessionTest.php
@@ -96,9 +100,16 @@ public function testDataPersistence() {
+    $session_cookie_value = $this->getSession()->getCookie($session_cookie_name);
+    $this->getSession()->restart();
...
+    $this->getSession()->setCookie($session_cookie_name, $session_cookie_value);

    Same as above.

Lendude’s picture

Lendude
Primary language Dutch
Location Amsterdam
CreditAttribution: Lendude as a volunteer and at Dx Experts commented
FileSize
interdiff-3002121-16-18.txt3.53 KB
3002121-18.patch14.85 KB

Nits addressed.

jibran’s picture

jibran
he/him
Primary language Urdu
Location Sydney, Australia
CreditAttribution: jibran commented
Status: Needs review » Reviewed & tested by the community

Thanks, this looks good now.

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
CreditAttribution: alexpott at Acro Commerce commented
Status: Reviewed & tested by the community » Fixed

Committed 6d3fbe9 and pushed to 8.7.x. Thanks!
Committed 472574a and pushed to 8.6.x. Thanks!

diff --git a/core/modules/system/tests/src/Functional/Session/SessionTest.php b/core/modules/system/tests/src/Functional/Session/SessionTest.php
index d84c71e425..0cee31f68c 100644
--- a/core/modules/system/tests/src/Functional/Session/SessionTest.php
+++ b/core/modules/system/tests/src/Functional/Session/SessionTest.php
@@ -2,7 +2,6 @@
 
 namespace Drupal\Tests\system\Functional\Session;
 
-use Drupal\Core\Site\Settings;
 use Drupal\Tests\BrowserTestBase;
 
 /**

Fixed unused on commit.

  • alexpott committed 6d3fbe9 on 8.7.x 
    Issue #3002121 by Lendude, jibran, borisson_: Session: Convert system...

  • alexpott committed 472574a on 8.6.x 
    Issue #3002121 by Lendude, jibran, borisson_: Session: Convert system...

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.