class UserLoginHttpTest

Same name in other branches
  1. 9 core/modules/user/tests/src/Functional/UserLoginHttpTest.php \Drupal\Tests\user\Functional\UserLoginHttpTest
  2. 10 core/modules/user/tests/src/Functional/UserLoginHttpTest.php \Drupal\Tests\user\Functional\UserLoginHttpTest
  3. 11.x core/modules/user/tests/src/Functional/UserLoginHttpTest.php \Drupal\Tests\user\Functional\UserLoginHttpTest

Tests login and password reset via direct HTTP.

@group user

Hierarchy

Expanded class hierarchy of UserLoginHttpTest

File

core/modules/user/tests/src/Functional/UserLoginHttpTest.php, line 22

Namespace

Drupal\Tests\user\Functional
View source 
class UserLoginHttpTest extends BrowserTestBase {
    use AssertMailTrait {
        getMails as drupalGetMails;
    }
    
    /**
     * Modules to install.
     *
     * @var array
     */
    public static $modules = [
        'hal',
    ];
    
    /**
     * {@inheritdoc}
     */
    protected $defaultTheme = 'stark';
    
    /**
     * The cookie jar.
     *
     * @var \GuzzleHttp\Cookie\CookieJar
     */
    protected $cookies;
    
    /**
     * The serializer.
     *
     * @var \Symfony\Component\Serializer\Serializer
     */
    protected $serializer;
    
    /**
     * {@inheritdoc}
     */
    protected function setUp() {
        parent::setUp();
        $this->cookies = new CookieJar();
        $encoders = [
            new JsonEncoder(),
            new XmlEncoder(),
            new HALJsonEncoder(),
        ];
        $this->serializer = new Serializer([], $encoders);
    }
    
    /**
     * Executes a login HTTP request.
     *
     * @param string $name
     *   The username.
     * @param string $pass
     *   The user password.
     * @param string $format
     *   The format to use to make the request.
     *
     * @return \Psr\Http\Message\ResponseInterface
     *   The HTTP response.
     */
    protected function loginRequest($name, $pass, $format = 'json') {
        $user_login_url = Url::fromRoute('user.login.http')->setRouteParameter('_format', $format)
            ->setAbsolute();
        $request_body = [];
        if (isset($name)) {
            $request_body['name'] = $name;
        }
        if (isset($pass)) {
            $request_body['pass'] = $pass;
        }
        $result = \Drupal::httpClient()->post($user_login_url->toString(), [
            'body' => $this->serializer
                ->encode($request_body, $format),
            'headers' => [
                'Accept' => "application/{$format}",
            ],
            'http_errors' => FALSE,
            'cookies' => $this->cookies,
        ]);
        return $result;
    }
    
    /**
     * Tests user session life cycle.
     */
    public function testLogin() {
        // Without the serialization module only JSON is supported.
        $this->doTestLogin('json');
        // Enable serialization so we have access to additional formats.
        $this->container
            ->get('module_installer')
            ->install([
            'serialization',
        ]);
        $this->doTestLogin('json');
        $this->doTestLogin('xml');
        $this->doTestLogin('hal_json');
    }
    
    /**
     * Do login testing for a given serialization format.
     *
     * @param string $format
     *   Serialization format.
     */
    protected function doTestLogin($format) {
        $client = \Drupal::httpClient();
        // Create new user for each iteration to reset flood.
        // Grant the user administer users permissions to they can see the
        // 'roles' field.
        $account = $this->drupalCreateUser([
            'administer users',
        ]);
        $name = $account->getAccountName();
        $pass = $account->passRaw;
        $login_status_url = $this->getLoginStatusUrlString($format);
        $response = $client->get($login_status_url);
        $this->assertHttpResponse($response, 200, UserAuthenticationController::LOGGED_OUT);
        // Flooded.
        $this->config('user.flood')
            ->set('user_limit', 3)
            ->save();
        $response = $this->loginRequest($name, 'wrong-pass', $format);
        $this->assertHttpResponseWithMessage($response, 400, 'Sorry, unrecognized username or password.', $format);
        $response = $this->loginRequest($name, 'wrong-pass', $format);
        $this->assertHttpResponseWithMessage($response, 400, 'Sorry, unrecognized username or password.', $format);
        $response = $this->loginRequest($name, 'wrong-pass', $format);
        $this->assertHttpResponseWithMessage($response, 400, 'Sorry, unrecognized username or password.', $format);
        $response = $this->loginRequest($name, 'wrong-pass', $format);
        $this->assertHttpResponseWithMessage($response, 403, 'Too many failed login attempts from your IP address. This IP address is temporarily blocked.', $format);
        // After testing the flood control we can increase the limit.
        $this->config('user.flood')
            ->set('user_limit', 100)
            ->save();
        $response = $this->loginRequest(NULL, NULL, $format);
        $this->assertHttpResponseWithMessage($response, 400, 'Missing credentials.', $format);
        $response = $this->loginRequest(NULL, $pass, $format);
        $this->assertHttpResponseWithMessage($response, 400, 'Missing credentials.name.', $format);
        $response = $this->loginRequest($name, NULL, $format);
        $this->assertHttpResponseWithMessage($response, 400, 'Missing credentials.pass.', $format);
        // Blocked.
        $account->block()
            ->save();
        $response = $this->loginRequest($name, $pass, $format);
        $this->assertHttpResponseWithMessage($response, 400, 'The user has not been activated or is blocked.', $format);
        $account->activate()
            ->save();
        $response = $this->loginRequest($name, 'garbage', $format);
        $this->assertHttpResponseWithMessage($response, 400, 'Sorry, unrecognized username or password.', $format);
        $response = $this->loginRequest('garbage', $pass, $format);
        $this->assertHttpResponseWithMessage($response, 400, 'Sorry, unrecognized username or password.', $format);
        $response = $this->loginRequest($name, $pass, $format);
        $this->assertEquals(200, $response->getStatusCode());
        $result_data = $this->serializer
            ->decode($response->getBody(), $format);
        $this->assertEquals($name, $result_data['current_user']['name']);
        $this->assertEquals($account->id(), $result_data['current_user']['uid']);
        $this->assertEquals($account->getRoles(), $result_data['current_user']['roles']);
        $logout_token = $result_data['logout_token'];
        // Logging in while already logged in results in a 403 with helpful message.
        $response = $this->loginRequest($name, $pass, $format);
        $this->assertSame(403, $response->getStatusCode());
        $this->assertSame([
            'message' => 'This route can only be accessed by anonymous users.',
        ], $this->serializer
            ->decode($response->getBody(), $format));
        $response = $client->get($login_status_url, [
            'cookies' => $this->cookies,
        ]);
        $this->assertHttpResponse($response, 200, UserAuthenticationController::LOGGED_IN);
        $response = $this->logoutRequest($format, $logout_token);
        $this->assertEquals(204, $response->getStatusCode());
        $response = $client->get($login_status_url, [
            'cookies' => $this->cookies,
        ]);
        $this->assertHttpResponse($response, 200, UserAuthenticationController::LOGGED_OUT);
        $this->resetFlood();
    }
    
    /**
     * Executes a password HTTP request.
     *
     * @param array $request_body
     *   The request body.
     * @param string $format
     *   The format to use to make the request.
     *
     * @return \Psr\Http\Message\ResponseInterface
     *   The HTTP response.
     */
    protected function passwordRequest(array $request_body, $format = 'json') {
        $password_reset_url = Url::fromRoute('user.pass.http')->setRouteParameter('_format', $format)
            ->setAbsolute();
        $result = \Drupal::httpClient()->post($password_reset_url->toString(), [
            'body' => $this->serializer
                ->encode($request_body, $format),
            'headers' => [
                'Accept' => "application/{$format}",
            ],
            'http_errors' => FALSE,
            'cookies' => $this->cookies,
        ]);
        return $result;
    }
    
    /**
     * Tests user password reset.
     */
    public function testPasswordReset() {
        // Create a user account.
        $account = $this->drupalCreateUser();
        // Without the serialization module only JSON is supported.
        $this->doTestPasswordReset('json', $account);
        // Enable serialization so we have access to additional formats.
        $this->container
            ->get('module_installer')
            ->install([
            'serialization',
        ]);
        $this->doTestPasswordReset('json', $account);
        $this->doTestPasswordReset('xml', $account);
        $this->doTestPasswordReset('hal_json', $account);
    }
    
    /**
     * Gets a value for a given key from the response.
     *
     * @param \Psr\Http\Message\ResponseInterface $response
     *   The response object.
     * @param string $key
     *   The key for the value.
     * @param string $format
     *   The encoded format.
     *
     * @return mixed
     *   The value for the key.
     */
    protected function getResultValue(ResponseInterface $response, $key, $format) {
        $decoded = $this->serializer
            ->decode((string) $response->getBody(), $format);
        if (is_array($decoded)) {
            return $decoded[$key];
        }
        else {
            return $decoded->{$key};
        }
    }
    
    /**
     * Resets all flood entries.
     */
    protected function resetFlood() {
        $this->container
            ->get('database')
            ->delete(DatabaseBackend::TABLE_NAME)
            ->execute();
    }
    
    /**
     * Tests the global login flood control.
     *
     * @see \Drupal\basic_auth\Tests\Authentication\BasicAuthTest::testGlobalLoginFloodControl
     * @see \Drupal\user\Tests\UserLoginTest::testGlobalLoginFloodControl
     */
    public function testGlobalLoginFloodControl() {
        $this->config('user.flood')
            ->set('ip_limit', 2)
            ->set('user_limit', 4000)
            ->save();
        $user = $this->drupalCreateUser([]);
        $incorrect_user = clone $user;
        $incorrect_user->passRaw .= 'incorrect';
        // Try 2 failed logins.
        for ($i = 0; $i < 2; $i++) {
            $response = $this->loginRequest($incorrect_user->getAccountName(), $incorrect_user->passRaw);
            $this->assertEquals('400', $response->getStatusCode());
        }
        // IP limit has reached to its limit. Even valid user credentials will fail.
        $response = $this->loginRequest($user->getAccountName(), $user->passRaw);
        $this->assertHttpResponseWithMessage($response, '403', 'Access is blocked because of IP based flood prevention.');
    }
    
    /**
     * Checks a response for status code and body.
     *
     * @param \Psr\Http\Message\ResponseInterface $response
     *   The response object.
     * @param int $expected_code
     *   The expected status code.
     * @param mixed $expected_body
     *   The expected response body.
     */
    protected function assertHttpResponse(ResponseInterface $response, $expected_code, $expected_body) {
        $this->assertEquals($expected_code, $response->getStatusCode());
        $this->assertEquals($expected_body, (string) $response->getBody());
    }
    
    /**
     * Checks a response for status code and message.
     *
     * @param \Psr\Http\Message\ResponseInterface $response
     *   The response object.
     * @param int $expected_code
     *   The expected status code.
     * @param string $expected_message
     *   The expected message encoded in response.
     * @param string $format
     *   The format that the response is encoded in.
     */
    protected function assertHttpResponseWithMessage(ResponseInterface $response, $expected_code, $expected_message, $format = 'json') {
        $this->assertEquals($expected_code, $response->getStatusCode());
        $this->assertEquals($expected_message, $this->getResultValue($response, 'message', $format));
    }
    
    /**
     * Test the per-user login flood control.
     *
     * @see \Drupal\user\Tests\UserLoginTest::testPerUserLoginFloodControl
     * @see \Drupal\basic_auth\Tests\Authentication\BasicAuthTest::testPerUserLoginFloodControl
     */
    public function testPerUserLoginFloodControl() {
        foreach ([
            TRUE,
            FALSE,
        ] as $uid_only_setting) {
            $this->config('user.flood')
                ->set('ip_limit', 4000)
                ->set('user_limit', 3)
                ->set('uid_only', $uid_only_setting)
                ->save();
            $user1 = $this->drupalCreateUser([]);
            $incorrect_user1 = clone $user1;
            $incorrect_user1->passRaw .= 'incorrect';
            $user2 = $this->drupalCreateUser([]);
            // Try 2 failed logins.
            for ($i = 0; $i < 2; $i++) {
                $response = $this->loginRequest($incorrect_user1->getAccountName(), $incorrect_user1->passRaw);
                $this->assertHttpResponseWithMessage($response, 400, 'Sorry, unrecognized username or password.');
            }
            // A successful login will reset the per-user flood control count.
            $response = $this->loginRequest($user1->getAccountName(), $user1->passRaw);
            $result_data = $this->serializer
                ->decode($response->getBody(), 'json');
            $this->logoutRequest('json', $result_data['logout_token']);
            // Try 3 failed logins for user 1, they will not trigger flood control.
            for ($i = 0; $i < 3; $i++) {
                $response = $this->loginRequest($incorrect_user1->getAccountName(), $incorrect_user1->passRaw);
                $this->assertHttpResponseWithMessage($response, 400, 'Sorry, unrecognized username or password.');
            }
            // Try one successful attempt for user 2, it should not trigger any
            // flood control.
            $this->drupalLogin($user2);
            $this->drupalLogout();
            // Try one more attempt for user 1, it should be rejected, even if the
            // correct password has been used.
            $response = $this->loginRequest($user1->getAccountName(), $user1->passRaw);
            // Depending on the uid_only setting the error message will be different.
            if ($uid_only_setting) {
                $excepted_message = 'There have been more than 3 failed login attempts for this account. It is temporarily blocked. Try again later or request a new password.';
            }
            else {
                $excepted_message = 'Too many failed login attempts from your IP address. This IP address is temporarily blocked.';
            }
            $this->assertHttpResponseWithMessage($response, 403, $excepted_message);
        }
    }
    
    /**
     * Executes a logout HTTP request.
     *
     * @param string $format
     *   The format to use to make the request.
     * @param string $logout_token
     *   The csrf token for user logout.
     *
     * @return \Psr\Http\Message\ResponseInterface
     *   The HTTP response.
     */
    protected function logoutRequest($format = 'json', $logout_token = '') {
        
        /** @var \GuzzleHttp\Client $client */
        $client = $this->container
            ->get('http_client');
        $user_logout_url = Url::fromRoute('user.logout.http')->setRouteParameter('_format', $format)
            ->setAbsolute();
        if ($logout_token) {
            $user_logout_url->setOption('query', [
                'token' => $logout_token,
            ]);
        }
        $post_options = [
            'headers' => [
                'Accept' => "application/{$format}",
            ],
            'http_errors' => FALSE,
            'cookies' => $this->cookies,
        ];
        $response = $client->post($user_logout_url->toString(), $post_options);
        return $response;
    }
    
    /**
     * Test csrf protection of User Logout route.
     */
    public function testLogoutCsrfProtection() {
        $client = \Drupal::httpClient();
        $login_status_url = $this->getLoginStatusUrlString();
        $account = $this->drupalCreateUser();
        $name = $account->getAccountName();
        $pass = $account->passRaw;
        $response = $this->loginRequest($name, $pass);
        $this->assertEquals(200, $response->getStatusCode());
        $result_data = $this->serializer
            ->decode($response->getBody(), 'json');
        $logout_token = $result_data['logout_token'];
        // Test third party site posting to current site with logout request.
        // This should not logout the current user because it lacks the CSRF
        // token.
        $response = $this->logoutRequest('json');
        $this->assertEquals(403, $response->getStatusCode());
        // Ensure still logged in.
        $response = $client->get($login_status_url, [
            'cookies' => $this->cookies,
        ]);
        $this->assertHttpResponse($response, 200, UserAuthenticationController::LOGGED_IN);
        // Try with an incorrect token.
        $response = $this->logoutRequest('json', 'not-the-correct-token');
        $this->assertEquals(403, $response->getStatusCode());
        // Ensure still logged in.
        $response = $client->get($login_status_url, [
            'cookies' => $this->cookies,
        ]);
        $this->assertHttpResponse($response, 200, UserAuthenticationController::LOGGED_IN);
        // Try a logout request with correct token.
        $response = $this->logoutRequest('json', $logout_token);
        $this->assertEquals(204, $response->getStatusCode());
        // Ensure actually logged out.
        $response = $client->get($login_status_url, [
            'cookies' => $this->cookies,
        ]);
        $this->assertHttpResponse($response, 200, UserAuthenticationController::LOGGED_OUT);
    }
    
    /**
     * Gets the URL string for checking login.
     *
     * @param string $format
     *   The format to use to make the request.
     *
     * @return string
     *   The URL string.
     */
    protected function getLoginStatusUrlString($format = 'json') {
        $user_login_status_url = Url::fromRoute('user.login_status.http');
        $user_login_status_url->setRouteParameter('_format', $format);
        $user_login_status_url->setAbsolute();
        return $user_login_status_url->toString();
    }
    
    /**
     * Do password reset testing for given format and account.
     *
     * @param string $format
     *   Serialization format.
     * @param \Drupal\user\UserInterface $account
     *   Test account.
     */
    protected function doTestPasswordReset($format, $account) {
        $response = $this->passwordRequest([], $format);
        $this->assertHttpResponseWithMessage($response, 400, 'Missing credentials.name or credentials.mail', $format);
        $response = $this->passwordRequest([
            'name' => 'dramallama',
        ], $format);
        $this->assertHttpResponseWithMessage($response, 400, 'Unrecognized username or email address.', $format);
        $response = $this->passwordRequest([
            'mail' => 'llama@drupal.org',
        ], $format);
        $this->assertHttpResponseWithMessage($response, 400, 'Unrecognized username or email address.', $format);
        $account->block()
            ->save();
        $response = $this->passwordRequest([
            'name' => $account->getAccountName(),
        ], $format);
        $this->assertHttpResponseWithMessage($response, 400, 'The user has not been activated or is blocked.', $format);
        $response = $this->passwordRequest([
            'mail' => $account->getEmail(),
        ], $format);
        $this->assertHttpResponseWithMessage($response, 400, 'The user has not been activated or is blocked.', $format);
        $account->activate()
            ->save();
        $response = $this->passwordRequest([
            'name' => $account->getAccountName(),
        ], $format);
        $this->assertEquals(200, $response->getStatusCode());
        $this->loginFromResetEmail();
        $this->drupalLogout();
        $response = $this->passwordRequest([
            'mail' => $account->getEmail(),
        ], $format);
        $this->assertEquals(200, $response->getStatusCode());
        $this->loginFromResetEmail();
        $this->drupalLogout();
    }
    
    /**
     * Login from reset password email.
     */
    protected function loginFromResetEmail() {
        $_emails = $this->drupalGetMails();
        $email = end($_emails);
        $urls = [];
        preg_match('#.+user/reset/.+#', $email['body'], $urls);
        $resetURL = $urls[0];
        $this->drupalGet($resetURL);
        $this->drupalPostForm(NULL, NULL, 'Log in');
    }

}

Members

Title Deprecated Modifiers Object type Summary Member alias Overriden Title Overrides
AssertHelperTrait::castSafeStrings protected static function Casts MarkupInterface objects into strings.
AssertLegacyTrait::assert protected function
AssertLegacyTrait::assertCacheTag protected function Asserts whether an expected cache tag was present in the last response.
AssertLegacyTrait::assertElementNotPresent protected function Asserts that the element with the given CSS selector is not present.
AssertLegacyTrait::assertElementPresent protected function Asserts that the element with the given CSS selector is present.
AssertLegacyTrait::assertEqual protected function
AssertLegacyTrait::assertEscaped protected function Passes if the raw text IS found escaped on the loaded page, fail otherwise.
AssertLegacyTrait::assertField protected function Asserts that a field exists with the given name or ID.
AssertLegacyTrait::assertFieldById protected function Asserts that a field exists with the given ID and value.
AssertLegacyTrait::assertFieldByName protected function Asserts that a field exists with the given name and value.
AssertLegacyTrait::assertFieldByXPath protected function Asserts that a field exists in the current page by the given XPath.
AssertLegacyTrait::assertFieldChecked protected function Asserts that a checkbox field in the current page is checked.
AssertLegacyTrait::assertFieldsByValue protected function Asserts that a field exists in the current page with a given Xpath result.
AssertLegacyTrait::assertHeader protected function Checks that current response header equals value.
AssertLegacyTrait::assertIdentical protected function
AssertLegacyTrait::assertIdenticalObject protected function
AssertLegacyTrait::assertLink protected function Passes if a link with the specified label is found.
AssertLegacyTrait::assertLinkByHref protected function Passes if a link containing a given href (part) is found.
AssertLegacyTrait::assertNoCacheTag protected function Asserts whether an expected cache tag was absent in the last response.
AssertLegacyTrait::assertNoEscaped protected function Passes if the raw text is not found escaped on the loaded page.
AssertLegacyTrait::assertNoField protected function Asserts that a field does NOT exist with the given name or ID.
AssertLegacyTrait::assertNoFieldById protected function Asserts that a field does not exist with the given ID and value.
AssertLegacyTrait::assertNoFieldByName protected function Asserts that a field does not exist with the given name and value.
AssertLegacyTrait::assertNoFieldByXPath protected function Asserts that a field does not exist or its value does not match, by XPath.
AssertLegacyTrait::assertNoFieldChecked protected function Asserts that a checkbox field in the current page is not checked.
AssertLegacyTrait::assertNoLink protected function Passes if a link with the specified label is not found.
AssertLegacyTrait::assertNoLinkByHref protected function Passes if a link containing a given href (part) is not found.
AssertLegacyTrait::assertNoOption protected function Asserts that a select option does NOT exist in the current page.
AssertLegacyTrait::assertNoPattern protected function Triggers a pass if the Perl regex pattern is not found in the raw content.
AssertLegacyTrait::assertNoRaw protected function Passes if the raw text IS not found on the loaded page, fail otherwise. 1
AssertLegacyTrait::assertNotEqual protected function
AssertLegacyTrait::assertNoText protected function Passes if the page (with HTML stripped) does not contains the text. 1
AssertLegacyTrait::assertNotIdentical protected function
AssertLegacyTrait::assertNoUniqueText protected function Passes if the text is found MORE THAN ONCE on the text version of the page.
AssertLegacyTrait::assertOption protected function Asserts that a select option in the current page exists.
AssertLegacyTrait::assertOptionByText protected function Asserts that a select option with the visible text exists.
AssertLegacyTrait::assertOptionSelected protected function Asserts that a select option in the current page is checked.
AssertLegacyTrait::assertPattern protected function Triggers a pass if the Perl regex pattern is found in the raw content.
AssertLegacyTrait::assertRaw protected function Passes if the raw text IS found on the loaded page, fail otherwise. 1
AssertLegacyTrait::assertResponse protected function Asserts the page responds with the specified response code. 1
AssertLegacyTrait::assertText protected function Passes if the page (with HTML stripped) contains the text. 1
AssertLegacyTrait::assertTextHelper protected function Helper for assertText and assertNoText.
AssertLegacyTrait::assertTitle protected function Pass if the page title is the given string.
AssertLegacyTrait::assertUniqueText protected function Passes if the text is found ONLY ONCE on the text version of the page.
AssertLegacyTrait::assertUrl protected function Passes if the internal browser&#039;s URL matches the given path.
AssertLegacyTrait::buildXPathQuery protected function Builds an XPath query.
AssertLegacyTrait::constructFieldXpath protected function Helper: Constructs an XPath for the given set of attributes and value.
AssertLegacyTrait::getAllOptions protected function Get all option elements, including nested options, in a select.
AssertLegacyTrait::getRawContent protected function Gets the current raw content.
AssertLegacyTrait::pass protected function
AssertLegacyTrait::verbose protected function
AssertMailTrait::assertMail protected function Asserts that the most recently sent email message has the given value.
AssertMailTrait::assertMailPattern protected function Asserts that the most recently sent email message has the pattern in it.
AssertMailTrait::assertMailString protected function Asserts that the most recently sent email message has the string in it.
AssertMailTrait::getMails protected function Gets an array containing all emails sent during this test case. Aliased as: drupalGetMails
AssertMailTrait::verboseEmail protected function Outputs to verbose the most recent $count emails sent.
BlockCreationTrait::placeBlock protected function Creates a block instance based on default settings. Aliased as: drupalPlaceBlock
BrowserHtmlDebugTrait::$htmlOutputBaseUrl protected property The Base URI to use for links to the output files.
BrowserHtmlDebugTrait::$htmlOutputClassName protected property Class name for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputCounter protected property Counter for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputCounterStorage protected property Counter storage for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputDirectory protected property Directory name for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputEnabled protected property HTML output output enabled.
BrowserHtmlDebugTrait::$htmlOutputFile protected property The file name to write the list of URLs to.
BrowserHtmlDebugTrait::$htmlOutputTestId protected property HTML output test ID.
BrowserHtmlDebugTrait::formatHtmlOutputHeaders protected function Formats HTTP headers as string for HTML output logging.
BrowserHtmlDebugTrait::getHtmlOutputHeaders protected function Returns headers in HTML output format. 1
BrowserHtmlDebugTrait::htmlOutput protected function Logs a HTML output message in a text file.
BrowserHtmlDebugTrait::initBrowserOutputFile protected function Creates the directory to store browser output.
BrowserTestBase::$baseUrl protected property The base URL.
BrowserTestBase::$configImporter protected property The config importer that can be used in a test.
BrowserTestBase::$customTranslations protected property An array of custom translations suitable for drupal_rewrite_settings().
BrowserTestBase::$databasePrefix protected property The database prefix of this test run.
BrowserTestBase::$mink protected property Mink session manager.
BrowserTestBase::$minkDefaultDriverArgs protected property
BrowserTestBase::$minkDefaultDriverClass protected property 1
BrowserTestBase::$originalContainer protected property The original container.
BrowserTestBase::$originalShutdownCallbacks protected property The original array of shutdown function callbacks.
BrowserTestBase::$preserveGlobalState protected property
BrowserTestBase::$profile protected property The profile to install as a basis for testing. 39
BrowserTestBase::$root protected property The app root.
BrowserTestBase::$runTestInSeparateProcess protected property Browser tests are run in separate processes to prevent collisions between
code that may be loaded by tests.
BrowserTestBase::$timeLimit protected property Time limit in seconds for the test.
BrowserTestBase::$translationFilesDirectory protected property The translation file directory for the test environment.
BrowserTestBase::cleanupEnvironment protected function Clean up the Simpletest environment.
BrowserTestBase::config protected function Configuration accessor for tests. Returns non-overridden configuration.
BrowserTestBase::cssSelectToXpath protected function Translates a CSS expression to its XPath equivalent.
BrowserTestBase::drupalGetHeader protected function Gets the value of an HTTP response header.
BrowserTestBase::drupalGetHeaders Deprecated protected function Returns all response headers.
BrowserTestBase::filePreDeleteCallback public static function Ensures test files are deletable.
BrowserTestBase::getDefaultDriverInstance protected function Gets an instance of the default Mink driver.
BrowserTestBase::getDrupalSettings protected function Gets the JavaScript drupalSettings variable for the currently-loaded page. 1
BrowserTestBase::getHttpClient protected function Obtain the HTTP client for the system under test.
BrowserTestBase::getMinkDriverArgs protected function Get the Mink driver args from an environment variable, if it is set. Can
be overridden in a derived class so it is possible to use a different
value for a subset of tests, e.g. the JavaScript tests. 		1
BrowserTestBase::getOptions protected function Helper function to get the options of select field.
BrowserTestBase::getResponseLogHandler protected function Provides a Guzzle middleware handler to log every response received. Overrides BrowserHtmlDebugTrait::getResponseLogHandler
BrowserTestBase::getSession public function Returns Mink session.
BrowserTestBase::getSessionCookies protected function Get session cookies from current session.
BrowserTestBase::getTestMethodCaller protected function Retrieves the current calling line in the class under test. Overrides BrowserHtmlDebugTrait::getTestMethodCaller
BrowserTestBase::initFrontPage protected function Visits the front page when initializing Mink. 3
BrowserTestBase::initMink protected function Initializes Mink sessions. 1
BrowserTestBase::installDrupal public function Installs Drupal into the Simpletest site. 1
BrowserTestBase::registerSessions protected function Registers additional Mink sessions.
BrowserTestBase::tearDown protected function 3
BrowserTestBase::translatePostValues protected function Transforms a nested array into a flat array suitable for drupalPostForm().
BrowserTestBase::xpath protected function Performs an xpath search on the contents of the internal browser.
BrowserTestBase::__construct public function 1
BrowserTestBase::__sleep public function Prevents serializing any properties.
ConfigTestTrait::configImporter protected function Returns a ConfigImporter object to import test configuration.
ConfigTestTrait::copyConfig protected function Copies configuration objects from source storage to target storage.
ContentTypeCreationTrait::createContentType protected function Creates a custom content type based on default settings. Aliased as: drupalCreateContentType 1
FunctionalTestSetupTrait::$apcuEnsureUniquePrefix protected property The flag to set &#039;apcu_ensure_unique_prefix&#039; setting. 1
FunctionalTestSetupTrait::$classLoader protected property The class loader to use for installation and initialization of setup.
FunctionalTestSetupTrait::$configDirectories Deprecated protected property The config directories used in this test.
FunctionalTestSetupTrait::$rootUser protected property The &quot;#1&quot; admin user.
FunctionalTestSetupTrait::doInstall protected function Execute the non-interactive installer. 1
FunctionalTestSetupTrait::getDatabaseTypes protected function Returns all supported database driver installer objects.
FunctionalTestSetupTrait::initConfig protected function Initialize various configurations post-installation. 2
FunctionalTestSetupTrait::initKernel protected function Initializes the kernel after installation.
FunctionalTestSetupTrait::initSettings protected function Initialize settings created during install.
FunctionalTestSetupTrait::initUserSession protected function Initializes user 1 for the site to be installed.
FunctionalTestSetupTrait::installDefaultThemeFromClassProperty protected function Installs the default theme defined by `static::$defaultTheme` when needed.
FunctionalTestSetupTrait::installModulesFromClassProperty protected function Install modules defined by `static::$modules`. 1
FunctionalTestSetupTrait::installParameters protected function Returns the parameters that will be used when Simpletest installs Drupal. 9
FunctionalTestSetupTrait::prepareEnvironment protected function Prepares the current environment for running the test. 23
FunctionalTestSetupTrait::prepareRequestForGenerator protected function Creates a mock request and sets it on the generator.
FunctionalTestSetupTrait::prepareSettings protected function Prepares site settings and services before installation. 2
FunctionalTestSetupTrait::rebuildAll protected function Resets and rebuilds the environment after setup.
FunctionalTestSetupTrait::rebuildContainer protected function Rebuilds \Drupal::getContainer().
FunctionalTestSetupTrait::resetAll protected function Resets all data structures after having enabled new modules.
FunctionalTestSetupTrait::setContainerParameter protected function Changes parameters in the services.yml file.
FunctionalTestSetupTrait::setupBaseUrl protected function Sets up the base URL based upon the environment variable.
FunctionalTestSetupTrait::writeSettings protected function Rewrites the settings.php file of the test site.
NodeCreationTrait::createNode protected function Creates a node based on default settings. Aliased as: drupalCreateNode
NodeCreationTrait::getNodeByTitle public function Get a node from the database based on its title. Aliased as: drupalGetNodeByTitle
PhpunitCompatibilityTrait::getMock Deprecated public function Returns a mock object for the specified class using the available method.
PhpunitCompatibilityTrait::setExpectedException Deprecated public function Compatibility layer for PHPUnit 6 to support PHPUnit 4 code.
RandomGeneratorTrait::$randomGenerator protected property The random generator.
RandomGeneratorTrait::getRandomGenerator protected function Gets the random generator for the utility methods.
RandomGeneratorTrait::randomMachineName protected function Generates a unique random string containing letters and numbers. 1
RandomGeneratorTrait::randomObject public function Generates a random PHP object.
RandomGeneratorTrait::randomString public function Generates a pseudo-random string of ASCII characters of codes 32 to 126.
RandomGeneratorTrait::randomStringValidate public function Callback for random string validation.
RefreshVariablesTrait::refreshVariables protected function Refreshes in-memory configuration and state information. 3
SessionTestTrait::$sessionName protected property The name of the session cookie.
SessionTestTrait::generateSessionName protected function Generates a session cookie name.
SessionTestTrait::getSessionName protected function Returns the session name in use on the child site.
StorageCopyTrait::replaceStorageContents protected static function Copy the configuration from one storage to another and remove stale items.
TestRequirementsTrait::checkModuleRequirements private function Checks missing module requirements.
TestRequirementsTrait::checkRequirements protected function Check module requirements for the Drupal use case. 1
TestRequirementsTrait::getDrupalRoot protected static function Returns the Drupal root directory.
TestSetupTrait::$configSchemaCheckerExclusions protected static property An array of config object names that are excluded from schema checking.
TestSetupTrait::$container protected property The dependency injection container used in the test.
TestSetupTrait::$kernel protected property The DrupalKernel instance used in the test.
TestSetupTrait::$originalSite protected property The site directory of the original parent site.
TestSetupTrait::$privateFilesDirectory protected property The private file directory for the test environment.
TestSetupTrait::$publicFilesDirectory protected property The public file directory for the test environment.
TestSetupTrait::$siteDirectory protected property The site directory of this test run.
TestSetupTrait::$strictConfigSchema protected property Set to TRUE to strict check all configuration saved. 2
TestSetupTrait::$tempFilesDirectory protected property The temporary file directory for the test environment.
TestSetupTrait::$testId protected property The test run ID.
TestSetupTrait::changeDatabasePrefix protected function Changes the database connection to the prefixed one.
TestSetupTrait::getConfigSchemaExclusions protected function Gets the config schema exclusions for this test.
TestSetupTrait::getDatabaseConnection public static function Returns the database connection to the site running Simpletest.
TestSetupTrait::prepareDatabasePrefix protected function Generates a database prefix for running tests. 2
UiHelperTrait::$loggedInUser protected property The current user logged in using the Mink controlled browser.
UiHelperTrait::$maximumMetaRefreshCount protected property The number of meta refresh redirects to follow, or NULL if unlimited.
UiHelperTrait::$metaRefreshCount protected property The number of meta refresh redirects followed during ::drupalGet().
UiHelperTrait::assertSession public function Returns WebAssert object. 1
UiHelperTrait::buildUrl protected function Builds an a absolute URL from a system path or a URL object.
UiHelperTrait::checkForMetaRefresh protected function Checks for meta refresh tag and if found call drupalGet() recursively.
UiHelperTrait::click protected function Clicks the element with the given CSS selector.
UiHelperTrait::clickLink protected function Follows a link by complete name.
UiHelperTrait::cssSelect protected function Searches elements using a CSS selector in the raw content.
UiHelperTrait::drupalGet protected function Retrieves a Drupal path or an absolute path. 3
UiHelperTrait::drupalLogin protected function Logs in a user using the Mink controlled browser.
UiHelperTrait::drupalLogout protected function Logs a user out of the Mink controlled browser and confirms.
UiHelperTrait::drupalPostForm protected function Executes a form submission.
UiHelperTrait::drupalUserIsLoggedIn protected function Returns whether a given user account is logged in.
UiHelperTrait::getAbsoluteUrl protected function Takes a path and returns an absolute path.
UiHelperTrait::getTextContent protected function Retrieves the plain-text content from the current page.
UiHelperTrait::getUrl protected function Get the current URL from the browser.
UiHelperTrait::prepareRequest protected function Prepare for a request to testing site. 1
UiHelperTrait::submitForm protected function Fills and submits a form.
UserCreationTrait::checkPermissions protected function Checks whether a given list of permission names is valid.
UserCreationTrait::createAdminRole protected function Creates an administrative role.
UserCreationTrait::createRole protected function Creates a role with specified permissions. Aliased as: drupalCreateRole
UserCreationTrait::createUser protected function Create a user with a given set of permissions. Aliased as: drupalCreateUser
UserCreationTrait::grantPermissions protected function Grant permissions to a user role.
UserCreationTrait::setCurrentUser protected function Switch the current logged in user.
UserCreationTrait::setUpCurrentUser protected function Creates a random user account and sets it as current user.
UserLoginHttpTest::$cookies protected property The cookie jar.
UserLoginHttpTest::$defaultTheme protected property The theme to install as the default for testing. Overrides BrowserTestBase::$defaultTheme
UserLoginHttpTest::$modules public static property Modules to install. Overrides BrowserTestBase::$modules
UserLoginHttpTest::$serializer protected property The serializer.
UserLoginHttpTest::assertHttpResponse protected function Checks a response for status code and body.
UserLoginHttpTest::assertHttpResponseWithMessage protected function Checks a response for status code and message.
UserLoginHttpTest::doTestLogin protected function Do login testing for a given serialization format.
UserLoginHttpTest::doTestPasswordReset protected function Do password reset testing for given format and account.
UserLoginHttpTest::getLoginStatusUrlString protected function Gets the URL string for checking login.
UserLoginHttpTest::getResultValue protected function Gets a value for a given key from the response.
UserLoginHttpTest::loginFromResetEmail protected function Login from reset password email.
UserLoginHttpTest::loginRequest protected function Executes a login HTTP request.
UserLoginHttpTest::logoutRequest protected function Executes a logout HTTP request.
UserLoginHttpTest::passwordRequest protected function Executes a password HTTP request.
UserLoginHttpTest::resetFlood protected function Resets all flood entries.
UserLoginHttpTest::setUp protected function Overrides BrowserTestBase::setUp
UserLoginHttpTest::testGlobalLoginFloodControl public function Tests the global login flood control.
UserLoginHttpTest::testLogin public function Tests user session life cycle.
UserLoginHttpTest::testLogoutCsrfProtection public function Test csrf protection of User Logout route.
UserLoginHttpTest::testPasswordReset public function Tests user password reset.
UserLoginHttpTest::testPerUserLoginFloodControl public function Test the per-user login flood control.
XdebugRequestTrait::extractCookiesFromRequest protected function Adds xdebug cookies, from request setup.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.