Create tests for system actions, clean up token replacement, clean up triggers

Here is a first run. This one tests system_message_action and system_send_mail_action.

It won't actually pass the testbot until #601398: Simpletest does not allow assigning actions to triggers lands, as without that it's not possible to assign advanced actions to triggers. It will also have assertions until #714190: system_send_email_action uses $account without initializing it lands.

When those prereqs are met we can add support for the remaining actions: system_block_ip_action and system_goto_action.

Here's the patch rerolled after various things have moved around. After #601398: Simpletest does not allow assigning actions to triggers lands, this should be added in. See #1.

Thanks. I don't think it can pass until #714190: system_send_email_action uses $account without initializing it is committed. Or unless we comment that out for now, or something.

#8: 721086-system_actions-d7.patch queued for re-testing.

This is andypost's #8 rerolled to please the bot. No changes made. #714190: system_send_email_action uses $account without initializing it has been committed, so maybe we can get on with this one.

Whoops, somehow a piece of an old version of #714190: system_send_email_action uses $account without initializing it had snuck into this. Removed in this roll.

This patch expands the scope of this issue quite a bit.

• Exhaustive new tests for user triggers, user token replacement, and system actions. Near 100% coverage on those.
  • Tests for all the user triggers.
  • Tests for each of the two system actions
  • Tests for all the testable token replacements in those actions
• Fixes a bug where system_send_email_action could not be configured with a token for the recipient address, even though the instructions offered that. Changes the error message on destination validation to the apparent intent, rather than the apparent D6 behavior.
• Fixes an exception condition: trigger_user_logout() was calling _trigger_user() with a NULL for the $edit, where an array by reference is called for.
• trigger_user_presave() could not present usable information in most cases because the interesting information is almost always in the $edit. Merged $edit into $account so that the expected information would be available.
• trigger_user_delete() was using undefined $method, causing E_NOTIFY exception.
• _trigger_user was setting $context['account'] instead of the correct $context['user'], causing token replacement to fail in all cases. This one was migrated here from #709798: User-type triggers can't be token-replaced (provide improper context).
• user_tokens() generated exceptions with the user_presave trigger in many cases, since parts of the user object have not yet been created. Made this friendlier for [user:uid], [user:url], and [user:edit-url], [user:last-login], [user:created].
• [edit - in #21] Fixed #755034: User-type actions cannot be assigned to any trigger: The user actions were not declared properly in hook_action_info() so could never be assigned to any triggers. This fixes that and adds tests.
• [edit - in #21] the watchdog() call in user_block_user_action() was using $user without it necessarily being initialized, causing exceptions. Rewrote how that is done.
• Added new drupalWebTestCase utility functions assertMailString(), assertMailPattern(), verboseEmail().

It is truly astonishing how many errors can be discovered by writing tests. Just how did I get sucked into this anyway?

This patch addresses @andypost's #20, and in addition

• Fixed #755034: User-type actions cannot be assigned to any trigger: The user actions were not declared properly in hook_action_info() so could never be assigned to any triggers. This fixes that and adds tests.
• The watchdog() call in user_block_user_action() was using $user without it necessarily being initialized, causing exceptions. Rewrote how that is done.
• Adds tests for user actions. It's pretty hard to test the block IP action without having everything break down, so I didn't do that one.

There's probably quite a bit left to go to clean up this stuff, but I'd rather tackle it in a follow-up. I never intended to spend the rest of my life cleaning up code that has apparently? never been executed. I wonder if all this cruft is new in D7 or if it was never executed/tested/debugged in D6... D5... D4.7?

Essentially: Every action needs to be tested, with token replacement, perhaps like the user triggers tests the system actions. The patterns that are in place here make that easier to do, but since you have to keep stopping to fix breakage, it takes a while.

Note: There is a change to drupalLogout() here that is also in #363580: OpenID login fails when in maintenance mode, so whichever one goes in second will need a reroll. Essentially, it changes from trying to do the logout in one hit to doing 'user/logout' and following with 'user'.

Thanks, Andypost. I definitely don't want to add more. This was all an accident: All I was trying to do was write some tests. And every test uncovered a bug.

Let's not add more to this. We might have to do another omnibus one after this, but let's try to finish this one. Thanks for playing along.

re: #23: I just went back to the old database-manipulation technique. I think you were right that the user_save() route was not right. Nice catch, and thanks for your patience with this mongo-patch.

I'm just assuming this should wait for #732542: system_goto_action breaks core APIs. Do you agree, @andypost? It seems to me there was a dependency.

I think we should probably give up on #732542: system_goto_action breaks core APIs.

I note that #655252: Custom e-mail action fails to accept token [node:author:mail] or [comment:author:mail] just went in, which probably conflicts with this.

Probably time to just finish this one.

#25: drupal.system_actions_721086_25.patch queued for re-testing.

Reroll - See what the bot says. After the test I'll take another look to see if I did the merge right.

#34: drupal.system_actions_721086_34.patch queued for re-testing.

I think this has it all cleaned up, with the patch rerolled properly, and using drupal_hash_base64().

If the bot thinks this is OK, I'll write an issue summary.

Issue Summary

First and foremost, this adds badly needed tests for system actions and some user actions, and tests token replacement. However, along the way writing tests uncovered all manner of little problems. Since they were small (and perhaps have been here through several Drupal releases) it seemed worth it to just fix them here.

I do apologize for so much ending up in this patch, but the small size of the fixes, infrequent use of the features (obviously), and inability to get things done due to dependencies among the fixes argued for doing it. Even though this touches a number of areas, it doesn't make things worse and probably makes them quite a bit better for the very few Drupal instances that will ever exercise this code.

• Exhaustive new tests for user triggers, user token replacement, and system actions. Near 100% coverage on those.
  • Tests for all the user triggers.
  • Tests for each of the two system actions
  • Tests for all the testable token replacements in those actions
• Fixes a bug where system_send_email_action could not be configured with a token for the recipient address, even though the instructions offered that. Changes the error message on destination validation to the apparent intent, rather than the apparent D6 behavior.
• Fixes an exception condition: trigger_user_logout() was calling _trigger_user() with a NULL for the $edit, where an array by reference is called for.
• [edit]trigger_user_presave() could not present usable information in most cases because the interesting information is almost always in the $edit. Merged $edit into $account so that the expected information would be available.. Removed the trigger for user_presave() as no information was available for its use.
• trigger_user_delete() was using undefined $method, causing E_NOTIFY exception.
• _trigger_user was setting $context['account'] instead of the correct $context['user'], causing token replacement to fail in all cases. This one was migrated here from #709798: User-type triggers can't be token-replaced (provide improper context).
• user_tokens() generated exceptions with the user_presave trigger in many cases, since parts of the user object have not yet been created. Made this friendlier for [user:uid], [user:url], and [user:edit-url], [user:last-login], [user:created].
• Added new drupalWebTestCase utility functions assertMailString(), assertMailPattern(), verboseEmail().
• Fixed #755034: User-type actions cannot be assigned to any trigger. The user actions were not declared properly in hook_action_info() so could never be assigned to any triggers. This fixes that and adds tests.
• The watchdog() call in user_block_user_action() was using $user without it necessarily being initialized, causing exceptions. Rewrote how that is done.
• [Edit] Improve docblocks per Aspilicious' comment in #41.

@aspilicious, it's a good thing you're on the prowl. This patch was sitting waiting during the time your campaign started. I think I fixed all instances of that issue in the two files drupal_web_test_case.php and trigger.test, which I believe is what you were seeing. That expands the scope of this patch slightly, as I've noted in the issue summary, #40.

#40 contains the issue summary for reviewers.

@andypost, thanks for the review.

On the first two: I am torn. Commented-out code is not normal in core, but on the other hand we'll want it there in the future. I'd rather leave it, but not sure the committers will agree. I hate to lose the logic.

On merging account and form values to provide information for presave, I'm not sure that there is an option if we want to provide a presave option. Basically, without doing this, there is no information for a presave trigger. Do you have an alternate proposal? We could certainly get rid of the user presave trigger, as it's (almost) useless without any information. We can also probably rewrite it so that it's different from all the other triggers so doesn't create all the "uninitialized" warnings.

After reading the intent of hook_user_presave() I'm convinced that it should not be an available trigger. It should just be removed. This patch removes the user_presave trigger.

This is in fact an obscure API change, but a necessary one, as there is no reason that it's a viable trigger. hook_user_presave() is usually used for adding data to the user object, which an action has no business doing (and I don't think it can, can it?)

So two changes in this patch from #44:
1. Remove the user_presave trigger
2. Remove the @todo's - They are now waiting for us in #754560-5: Messages are lost if set just prior to logout

@andypost: Reactions?

Thanks, @andypost. I think we've been pretty well over this one.

The issue summary with all the nits addressed is in #40.