class FileFieldWidgetTestCase
Tests file field widget.
Hierarchy
- class \DrupalTestCase
- class \DrupalWebTestCase extends \DrupalTestCase
- class \FileFieldTestCase extends \DrupalWebTestCase
- class \FileFieldWidgetTestCase extends \FileFieldTestCase
- class \FileFieldTestCase extends \DrupalWebTestCase
- class \DrupalWebTestCase extends \DrupalTestCase
Expanded class hierarchy of FileFieldWidgetTestCase
File
-
modules/
file/ tests/ file.test, line 534
View source
class FileFieldWidgetTestCase extends FileFieldTestCase {
public static function getInfo() {
return array(
'name' => 'File field widget test',
'description' => 'Tests the file field widget, single and multi-valued, with and without AJAX, with public and private files.',
'group' => 'File',
);
}
/**
* Tests upload and remove buttons for a single-valued File field.
*/
function testSingleValuedWidget() {
// Use 'page' instead of 'article', so that the 'article' image field does
// not conflict with this test. If in the future the 'page' type gets its
// own default file or image field, this test can be made more robust by
// using a custom node type.
$type_name = 'page';
$field_name = strtolower($this->randomName());
$this->createFileField($field_name, $type_name);
$field = field_info_field($field_name);
$instance = field_info_instance('node', $field_name, $type_name);
$test_file = $this->getTestFile('text');
foreach (array(
'nojs',
'js',
) as $type) {
// Create a new node with the uploaded file and ensure it got uploaded
// successfully.
// @todo This only tests a 'nojs' submission, because drupalPostAJAX()
// does not yet support file uploads.
$nid = $this->uploadNodeFile($test_file, $field_name, $type_name);
$node = node_load($nid, NULL, TRUE);
$node_file = (object) $node->{$field_name}[LANGUAGE_NONE][0];
$this->assertFileExists($node_file, 'New file saved to disk on node creation.');
// Test that running field_attach_update() leaves the file intact.
$field = new stdClass();
$field->type = $type_name;
$field->nid = $nid;
field_attach_update('node', $field);
$node = node_load($nid);
$node_file = (object) $node->{$field_name}[LANGUAGE_NONE][0];
$this->assertFileExists($node_file, 'New file still saved to disk on field update.');
// Ensure the file can be downloaded.
$this->drupalGet(file_create_url($node_file->uri));
$this->assertResponse(200, 'Confirmed that the generated URL is correct by downloading the shipped file.');
// Ensure the edit page has a remove button instead of an upload button.
$this->drupalGet("node/{$nid}/edit");
$this->assertNoFieldByXPath('//input[@type="submit"]', t('Upload'), 'Node with file does not display the "Upload" button.');
$this->assertFieldByXpath('//input[@type="submit"]', t('Remove'), 'Node with file displays the "Remove" button.');
// "Click" the remove button (emulating either a nojs or js submission).
switch ($type) {
case 'nojs':
$this->drupalPost(NULL, array(), t('Remove'));
break;
case 'js':
$button = $this->xpath('//input[@type="submit" and @value="' . t('Remove') . '"]');
$this->drupalPostAJAX(NULL, array(), array(
(string) $button[0]['name'] => (string) $button[0]['value'],
));
break;
}
// Ensure the page now has an upload button instead of a remove button.
$this->assertNoFieldByXPath('//input[@type="submit"]', t('Remove'), 'After clicking the "Remove" button, it is no longer displayed.');
$this->assertFieldByXpath('//input[@type="submit"]', t('Upload'), 'After clicking the "Remove" button, the "Upload" button is displayed.');
// Save the node and ensure it does not have the file.
$this->drupalPost(NULL, array(), t('Save'));
$node = node_load($nid, NULL, TRUE);
$this->assertTrue(empty($node->{$field_name}[LANGUAGE_NONE][0]['fid']), 'File was successfully removed from the node.');
}
}
/**
* Tests exploiting the temporary file removal of another user using fid.
*/
function testTemporaryFileRemovalExploit() {
// Create a victim user.
$victim_user = $this->drupalCreateUser();
// Create an attacker user.
$attacker_user = $this->drupalCreateUser(array(
'access content',
'create page content',
'edit any page content',
));
// Log in as the attacker user.
$this->drupalLogin($attacker_user);
// Perform tests using the newly created users.
$this->doTestTemporaryFileRemovalExploit($victim_user->uid, $attacker_user->uid);
}
/**
* Tests exploiting the temporary file removal for anonymous users using fid.
*/
public function testTemporaryFileRemovalExploitAnonymous() {
// Set up an anonymous victim user.
$victim_uid = 0;
// Set up an anonymous attacker user.
$attacker_uid = 0;
// Set up permissions for anonymous attacker user.
user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
'access content' => TRUE,
'create page content' => TRUE,
'edit any page content' => TRUE,
));
// In order to simulate being the anonymous attacker user, we need to log
// out here since setUp() has logged in the admin.
$this->drupalLogout();
// Perform tests using the newly set up users.
$this->doTestTemporaryFileRemovalExploit($victim_uid, $attacker_uid);
}
/**
* Tests validation with the Upload button.
*/
function testWidgetValidation() {
$type_name = 'article';
$field_name = strtolower($this->randomName());
$this->createFileField($field_name, $type_name);
$this->updateFileField($field_name, $type_name, array(
'file_extensions' => 'txt',
));
foreach (array(
'nojs',
'js',
) as $type) {
// Create node and prepare files for upload.
$node = $this->drupalCreateNode(array(
'type' => 'article',
));
$nid = $node->nid;
$this->drupalGet("node/{$nid}/edit");
$test_file_text = $this->getTestFile('text');
$test_file_image = $this->getTestFile('image');
$field = field_info_field($field_name);
$name = 'files[' . $field_name . '_' . LANGUAGE_NONE . '_0]';
// Upload file with incorrect extension, check for validation error.
$edit[$name] = drupal_realpath($test_file_image->uri);
switch ($type) {
case 'nojs':
$this->drupalPost(NULL, $edit, t('Upload'));
break;
case 'js':
$button = $this->xpath('//input[@type="submit" and @value="' . t('Upload') . '"]');
$this->drupalPostAJAX(NULL, $edit, array(
(string) $button[0]['name'] => (string) $button[0]['value'],
));
break;
}
$error_message = t('Only files with the following extensions are allowed: %files-allowed.', array(
'%files-allowed' => 'txt',
));
$this->assertRaw($error_message, t('Validation error when file with wrong extension uploaded (JSMode=%type).', array(
'%type' => $type,
)));
// Upload file with correct extension, check that error message is removed.
$edit[$name] = drupal_realpath($test_file_text->uri);
switch ($type) {
case 'nojs':
$this->drupalPost(NULL, $edit, t('Upload'));
break;
case 'js':
$button = $this->xpath('//input[@type="submit" and @value="' . t('Upload') . '"]');
$this->drupalPostAJAX(NULL, $edit, array(
(string) $button[0]['name'] => (string) $button[0]['value'],
));
break;
}
$this->assertNoRaw($error_message, t('Validation error removed when file with correct extension uploaded (JSMode=%type).', array(
'%type' => $type,
)));
}
}
/**
* Helper for testing exploiting the temporary file removal using fid.
*
* @param int $victim_uid
* The victim user ID.
* @param int $attacker_uid
* The attacker user ID.
*/
protected function doTestTemporaryFileRemovalExploit($victim_uid, $attacker_uid) {
// Use 'page' instead of 'article', so that the 'article' image field does
// not conflict with this test. If in the future the 'page' type gets its
// own default file or image field, this test can be made more robust by
// using a custom node type.
$type_name = 'page';
$field_name = 'test_file_field';
$this->createFileField($field_name, $type_name);
$test_file = $this->getTestFile('text');
foreach (array(
'nojs',
'js',
) as $type) {
// Create a temporary file owned by the anonymous victim user. This will be
// as if they had uploaded the file, but not saved the node they were
// editing or creating.
$victim_tmp_file = $this->createTemporaryFile('some text', $victim_uid);
$victim_tmp_file = file_load($victim_tmp_file->fid);
$this->assertTrue($victim_tmp_file->status != FILE_STATUS_PERMANENT, 'New file saved to disk is temporary.');
$this->assertFalse(empty($victim_tmp_file->fid), 'New file has a fid');
$this->assertEqual($victim_uid, $victim_tmp_file->uid, 'New file belongs to the victim user');
// Have attacker create a new node with a different uploaded file and
// ensure it got uploaded successfully.
// @todo Can we test AJAX? See https://www.drupal.org/node/2538260
$edit = array(
'title' => $type . '-title',
);
// Attach a file to a node.
$langcode = LANGUAGE_NONE;
$edit['files[' . $field_name . '_' . $langcode . '_0]'] = drupal_realpath($test_file->uri);
$this->drupalPost("node/add/{$type_name}", $edit, 'Save');
$node = $this->drupalGetNodeByTitle($edit['title']);
$node_file = file_load($node->{$field_name}[$langcode][0]['fid']);
$this->assertFileExists($node_file, 'New file saved to disk on node creation.');
$this->assertEqual($attacker_uid, $node_file->uid, 'New file belongs to the attacker.');
// Ensure the file can be downloaded.
$this->drupalGet(file_create_url($node_file->uri));
$this->assertResponse(200, 'Confirmed that the generated URL is correct by downloading the shipped file.');
// "Click" the remove button (emulating either a nojs or js submission).
// In this POST request, the attacker "guesses" the fid of the victim's
// temporary file and uses that to remove this file.
$this->drupalGet('node/' . $node->nid . '/edit');
switch ($type) {
case 'nojs':
$this->drupalPost(NULL, array(
"{$field_name}[{$langcode}][0][fid]" => (string) $victim_tmp_file->fid,
), 'Remove');
break;
case 'js':
$button = $this->xpath('//input[@type="submit" and @value="Remove"]');
$this->drupalPostAJAX(NULL, array(
"{$field_name}[{$langcode}][0][fid]" => (string) $victim_tmp_file->fid,
), array(
(string) $button[0]['name'] => (string) $button[0]['value'],
));
break;
}
// The victim's temporary file should not be removed by the attacker's
// POST request.
$this->assertFileExists($victim_tmp_file);
}
}
/**
* Tests upload and remove buttons for multiple multi-valued File fields.
*/
function testMultiValuedWidget() {
// Use 'page' instead of 'article', so that the 'article' image field does
// not conflict with this test. If in the future the 'page' type gets its
// own default file or image field, this test can be made more robust by
// using a custom node type.
$type_name = 'page';
$field_name = strtolower($this->randomName());
$field_name2 = strtolower($this->randomName());
$this->createFileField($field_name, $type_name, array(
'cardinality' => 3,
));
$this->createFileField($field_name2, $type_name, array(
'cardinality' => 3,
));
$field = field_info_field($field_name);
$instance = field_info_instance('node', $field_name, $type_name);
$field2 = field_info_field($field_name2);
$instance2 = field_info_instance('node', $field_name2, $type_name);
$test_file = $this->getTestFile('text');
foreach (array(
'nojs',
'js',
) as $type) {
// Visit the node creation form, and upload 3 files for each field. Since
// the field has cardinality of 3, ensure the "Upload" button is displayed
// until after the 3rd file, and after that, isn't displayed. Because
// SimpleTest triggers the last button with a given name, so upload to the
// second field first.
// @todo This is only testing a non-Ajax upload, because drupalPostAJAX()
// does not yet emulate jQuery's file upload.
//
$this->drupalGet("node/add/{$type_name}");
foreach (array(
$field_name2,
$field_name,
) as $each_field_name) {
for ($delta = 0; $delta < 3; $delta++) {
$edit = array(
'files[' . $each_field_name . '_' . LANGUAGE_NONE . '_' . $delta . ']' => drupal_realpath($test_file->uri),
);
// drupalPost() takes a $submit parameter that is the value of the
// button whose click we want to emulate. Since we have multiple
// buttons with the value "Upload", and want to control which one we
// use, we change the value of the other ones to something else.
// Since non-clicked buttons aren't included in the submitted POST
// data, and since drupalPost() will result in $this being updated
// with a newly rebuilt form, this doesn't cause problems. Note that
// $buttons is an array of SimpleXMLElement objects passed by
// reference so modifications to each button will affect
// \DrupalWebTestCase::handleForm().
$buttons = $this->xpath('//input[@type="submit" and @value="Upload"]');
$button_name = $each_field_name . '_' . LANGUAGE_NONE . '_' . $delta . '_upload_button';
foreach ($buttons as $button) {
if ($button['name'] != $button_name) {
$button['value'] = 'DUMMY';
}
}
// If the Upload button doesn't exist, drupalPost() will automatically
// fail with an assertion message.
$this->drupalPost(NULL, $edit, t('Upload'));
}
}
$this->assertNoFieldByXpath('//input[@type="submit"]', t('Upload'), 'After uploading 3 files for each field, the "Upload" button is no longer displayed.');
$num_expected_remove_buttons = 6;
foreach (array(
$field_name,
$field_name2,
) as $current_field_name) {
// How many uploaded files for the current field are remaining.
$remaining = 3;
// Test clicking each "Remove" button. For extra robustness, test them out
// of sequential order. They are 0-indexed, and get renumbered after each
// iteration, so array(1, 1, 0) means:
// - First remove the 2nd file.
// - Then remove what is then the 2nd file (was originally the 3rd file).
// - Then remove the first file.
foreach (array(
1,
1,
0,
) as $delta) {
// Ensure we have the expected number of Remove buttons, and that they
// are numbered sequentially.
$buttons = $this->xpath('//input[@type="submit" and @value="Remove"]');
$this->assertTrue(is_array($buttons) && count($buttons) === $num_expected_remove_buttons, format_string('There are %n "Remove" buttons displayed (JSMode=%type).', array(
'%n' => $num_expected_remove_buttons,
'%type' => $type,
)));
foreach ($buttons as $i => $button) {
$key = $i >= $remaining ? $i - $remaining : $i;
$check_field_name = $field_name2;
if ($current_field_name == $field_name && $i < $remaining) {
$check_field_name = $field_name;
}
$this->assertIdentical((string) $button['name'], $check_field_name . '_' . LANGUAGE_NONE . '_' . $key . '_remove_button');
}
// "Click" the remove button (emulating either a nojs or js submission).
$button_name = $current_field_name . '_' . LANGUAGE_NONE . '_' . $delta . '_remove_button';
switch ($type) {
case 'nojs':
// Same workaround for multiple buttons with the value "Remove" as
// we did for the "Upload" buttons above.
foreach ($buttons as $button) {
if ($button['name'] != $button_name) {
$button['value'] = 'DUMMY';
}
}
$this->drupalPost(NULL, array(), t('Remove'));
break;
case 'js':
// drupalPostAJAX() lets us target the button precisely, so we don't
// require the workaround used above for nojs.
$this->drupalPostAJAX(NULL, array(), array(
$button_name => t('Remove'),
));
break;
}
$num_expected_remove_buttons--;
$remaining--;
// Ensure an "Upload" button for the current field is displayed with the
// correct name.
$upload_button_name = $current_field_name . '_' . LANGUAGE_NONE . '_' . $remaining . '_upload_button';
$buttons = $this->xpath('//input[@type="submit" and @value="Upload" and @name=:name]', array(
':name' => $upload_button_name,
));
$this->assertTrue(is_array($buttons) && count($buttons) == 1, format_string('The upload button is displayed with the correct name (JSMode=%type).', array(
'%type' => $type,
)));
// Ensure only at most one button per field is displayed.
$buttons = $this->xpath('//input[@type="submit" and @value="Upload"]');
$expected = $current_field_name == $field_name ? 1 : 2;
$this->assertTrue(is_array($buttons) && count($buttons) == $expected, format_string('After removing a file, only one "Upload" button for each possible field is displayed (JSMode=%type).', array(
'%type' => $type,
)));
}
}
// Ensure the page now has no Remove buttons.
$this->assertNoFieldByXPath('//input[@type="submit"]', t('Remove'), format_string('After removing all files, there is no "Remove" button displayed (JSMode=%type).', array(
'%type' => $type,
)));
// Save the node and ensure it does not have any files.
$this->drupalPost(NULL, array(
'title' => $this->randomName(),
), t('Save'));
$matches = array();
preg_match('/node\\/([0-9]+)/', $this->getUrl(), $matches);
$nid = $matches[1];
$node = node_load($nid, NULL, TRUE);
$this->assertTrue(empty($node->{$field_name}[LANGUAGE_NONE][0]['fid']), 'Node was successfully saved without any files.');
}
}
/**
* Tests a file field with a "Private files" upload destination setting.
*/
function testPrivateFileSetting() {
// Use 'page' instead of 'article', so that the 'article' image field does
// not conflict with this test. If in the future the 'page' type gets its
// own default file or image field, this test can be made more robust by
// using a custom node type.
$type_name = 'page';
$field_name = strtolower($this->randomName());
$this->createFileField($field_name, $type_name);
$field = field_info_field($field_name);
$instance = field_info_instance('node', $field_name, $type_name);
$test_file = $this->getTestFile('text');
// Change the field setting to make its files private, and upload a file.
$edit = array(
'field[settings][uri_scheme]' => 'private',
);
$this->drupalPost("admin/structure/types/manage/{$type_name}/fields/{$field_name}", $edit, t('Save settings'));
$nid = $this->uploadNodeFile($test_file, $field_name, $type_name);
$node = node_load($nid, NULL, TRUE);
$node_file = (object) $node->{$field_name}[LANGUAGE_NONE][0];
$this->assertFileExists($node_file, 'New file saved to disk on node creation.');
// Ensure the private file is available to the user who uploaded it.
$this->drupalGet(file_create_url($node_file->uri));
$this->assertResponse(200, 'Confirmed that the generated URL is correct by downloading the shipped file.');
// Ensure we can't change 'uri_scheme' field settings while there are some
// entities with uploaded files.
$this->drupalGet("admin/structure/types/manage/{$type_name}/fields/{$field_name}");
$this->assertFieldByXpath('//input[@id="edit-field-settings-uri-scheme-public" and @disabled="disabled"]', 'public', 'Upload destination setting disabled.');
// Delete node and confirm that setting could be changed.
node_delete($nid);
$this->drupalGet("admin/structure/types/manage/{$type_name}/fields/{$field_name}");
$this->assertFieldByXpath('//input[@id="edit-field-settings-uri-scheme-public" and not(@disabled)]', 'public', 'Upload destination setting enabled.');
}
/**
* Tests that download restrictions on private files work on comments.
*/
function testPrivateFileComment() {
$user = $this->drupalCreateUser(array(
'access comments',
));
// Remove access comments permission from anon user.
$edit = array(
DRUPAL_ANONYMOUS_RID . '[access comments]' => FALSE,
);
$this->drupalPost('admin/people/permissions', $edit, t('Save permissions'));
// Create a new field.
$edit = array(
'fields[_add_new_field][label]' => $label = $this->randomName(),
'fields[_add_new_field][field_name]' => $name = strtolower($this->randomName()),
'fields[_add_new_field][type]' => 'file',
'fields[_add_new_field][widget_type]' => 'file_generic',
);
$this->drupalPost('admin/structure/types/manage/article/comment/fields', $edit, t('Save'));
$edit = array(
'field[settings][uri_scheme]' => 'private',
);
$this->drupalPost(NULL, $edit, t('Save field settings'));
$this->drupalPost(NULL, array(), t('Save settings'));
// Create node.
$text_file = $this->getTestFile('text');
$edit = array(
'title' => $this->randomName(),
);
$this->drupalPost('node/add/article', $edit, t('Save'));
$node = $this->drupalGetNodeByTitle($edit['title']);
// Add a comment with a file.
$text_file = $this->getTestFile('text');
$edit = array(
'files[field_' . $name . '_' . LANGUAGE_NONE . '_' . 0 . ']' => drupal_realpath($text_file->uri),
'comment_body[' . LANGUAGE_NONE . '][0][value]' => $comment_body = $this->randomName(),
);
$this->drupalPost(NULL, $edit, t('Save'));
// Get the comment ID.
preg_match('/comment-([0-9]+)/', $this->getUrl(), $matches);
$cid = $matches[1];
// Log in as normal user.
$this->drupalLogin($user);
$comment = comment_load($cid);
$comment_file = (object) $comment->{'field_' . $name}[LANGUAGE_NONE][0];
$this->assertFileExists($comment_file, 'New file saved to disk on node creation.');
// Test authenticated file download.
$url = file_create_url($comment_file->uri);
$this->assertNotEqual($url, NULL, 'Confirmed that the URL is valid');
$this->drupalGet(file_create_url($comment_file->uri));
$this->assertResponse(200, 'Confirmed that the generated URL is correct by downloading the shipped file.');
// Test anonymous file download.
$this->drupalLogout();
$this->drupalGet(file_create_url($comment_file->uri));
$this->assertResponse(403, 'Confirmed that access is denied for the file without the needed permission.');
// Unpublishes node.
$this->drupalLogin($this->admin_user);
$edit = array(
'status' => FALSE,
);
$this->drupalPost('node/' . $node->nid . '/edit', $edit, t('Save'));
// Ensures normal user can no longer download the file.
$this->drupalLogin($user);
$this->drupalGet(file_create_url($comment_file->uri));
$this->assertResponse(403, 'Confirmed that access is denied for the file without the needed permission.');
}
}Members
| Title Sort descending | Modifiers | Object type | Summary | Overriden Title | Overrides |
|---|---|---|---|---|---|
| DrupalTestCase::$assertions | protected | property | Assertions thrown in that test case. | ||
| DrupalTestCase::$databasePrefix | protected | property | The database prefix of this test run. | ||
| DrupalTestCase::$originalFileDirectory | protected | property | The original file directory, before it was changed for testing purposes. | ||
| DrupalTestCase::$originalLanguage | protected | property | The original language. | ||
| DrupalTestCase::$originalLanguageDefault | protected | property | The original default language. | ||
| DrupalTestCase::$originalTheme | protected | property | The original theme. | ||
| DrupalTestCase::$originalThemeKey | protected | property | The original theme key. | ||
| DrupalTestCase::$originalThemePath | protected | property | The original theme path. | ||
| DrupalTestCase::$results | public | property | Current results of this test case. | ||
| DrupalTestCase::$setup | protected | property | Flag to indicate whether the test has been set up. | ||
| DrupalTestCase::$setupDatabasePrefix | protected | property | |||
| DrupalTestCase::$setupEnvironment | protected | property | |||
| DrupalTestCase::$skipClasses | protected | property | This class is skipped when looking for the source of an assertion. | ||
| DrupalTestCase::$testId | protected | property | The test run ID. | ||
| DrupalTestCase::$timeLimit | protected | property | Time limit for the test. | ||
| DrupalTestCase::$useSetupInstallationCache | public | property | Whether to cache the installation part of the setUp() method. | ||
| DrupalTestCase::$useSetupModulesCache | public | property | Whether to cache the modules installation part of the setUp() method. | ||
| DrupalTestCase::$verboseDirectoryUrl | protected | property | URL to the verbose output file directory. | ||
| DrupalTestCase::assert | protected | function | Internal helper: stores the assert. | ||
| DrupalTestCase::assertEqual | protected | function | Check to see if two values are equal. | ||
| DrupalTestCase::assertFalse | protected | function | Check to see if a value is false (an empty string, 0, NULL, or FALSE). | ||
| DrupalTestCase::assertIdentical | protected | function | Check to see if two values are identical. | ||
| DrupalTestCase::assertNotEqual | protected | function | Check to see if two values are not equal. | ||
| DrupalTestCase::assertNotIdentical | protected | function | Check to see if two values are not identical. | ||
| DrupalTestCase::assertNotNull | protected | function | Check to see if a value is not NULL. | ||
| DrupalTestCase::assertNull | protected | function | Check to see if a value is NULL. | ||
| DrupalTestCase::assertTrue | protected | function | Check to see if a value is not false (not an empty string, 0, NULL, or FALSE). | ||
| DrupalTestCase::deleteAssert | public static | function | Delete an assertion record by message ID. | ||
| DrupalTestCase::error | protected | function | Fire an error assertion. | 1 | |
| DrupalTestCase::errorHandler | public | function | Handle errors during test runs. | 1 | |
| DrupalTestCase::exceptionHandler | protected | function | Handle exceptions. | ||
| DrupalTestCase::fail | protected | function | Fire an assertion that is always negative. | ||
| DrupalTestCase::generatePermutations | public static | function | Converts a list of possible parameters into a stack of permutations. | ||
| DrupalTestCase::getAssertionCall | protected | function | Cycles through backtrace until the first non-assertion method is found. | ||
| DrupalTestCase::getDatabaseConnection | public static | function | Returns the database connection to the site running Simpletest. | ||
| DrupalTestCase::insertAssert | public static | function | Store an assertion from outside the testing context. | ||
| DrupalTestCase::pass | protected | function | Fire an assertion that is always positive. | ||
| DrupalTestCase::randomName | public static | function | Generates a random string containing letters and numbers. | ||
| DrupalTestCase::randomString | public static | function | Generates a random string of ASCII characters of codes 32 to 126. | ||
| DrupalTestCase::run | public | function | Run all tests in this class. | ||
| DrupalTestCase::verbose | protected | function | Logs a verbose message in a text file. | ||
| DrupalWebTestCase::$additionalCurlOptions | protected | property | Additional cURL options. | ||
| DrupalWebTestCase::$content | protected | property | The content of the page currently loaded in the internal browser. | ||
| DrupalWebTestCase::$cookieFile | protected | property | The current cookie file used by cURL. | ||
| DrupalWebTestCase::$cookies | protected | property | The cookies of the page currently loaded in the internal browser. | ||
| DrupalWebTestCase::$curlHandle | protected | property | The handle of the current cURL connection. | ||
| DrupalWebTestCase::$drupalSettings | protected | property | The value of the Drupal.settings JavaScript variable for the page currently loaded in the internal browser. | ||
| DrupalWebTestCase::$elements | protected | property | The parsed version of the page. | ||
| DrupalWebTestCase::$generatedTestFiles | protected | property | Whether the files were copied to the test files directory. | ||
| DrupalWebTestCase::$headers | protected | property | The headers of the page currently loaded in the internal browser. | ||
| DrupalWebTestCase::$httpauth_credentials | protected | property | HTTP authentication credentials (<username>:<password>). | ||
| DrupalWebTestCase::$httpauth_method | protected | property | HTTP authentication method | ||
| DrupalWebTestCase::$loggedInUser | protected | property | The current user logged in using the internal browser. | ||
| DrupalWebTestCase::$originalCleanUrl | protected | property | The original clean_url variable value. | ||
| DrupalWebTestCase::$originalLanguageUrl | protected | property | The original language URL. | ||
| DrupalWebTestCase::$originalProfile | protected | property | The original active installation profile. | ||
| DrupalWebTestCase::$originalShutdownCallbacks | protected | property | The original shutdown handlers array, before it was cleaned for testing purposes. | ||
| DrupalWebTestCase::$originalUser | protected | property | The original user, before it was changed to a clean uid = 1 for testing purposes. | ||
| DrupalWebTestCase::$plainTextContent | protected | property | The content of the page currently loaded in the internal browser (plain text version). | ||
| DrupalWebTestCase::$private_files_directory | protected | property | The private files directory created for testing purposes. | ||
| DrupalWebTestCase::$profile | protected | property | The profile to install as a basis for testing. | 20 | |
| DrupalWebTestCase::$public_files_directory | protected | property | The public files directory created for testing purposes. | ||
| DrupalWebTestCase::$redirect_count | protected | property | The number of redirects followed during the handling of a request. | ||
| DrupalWebTestCase::$session_id | protected | property | The current session ID, if available. | ||
| DrupalWebTestCase::$session_name | protected | property | The current session name, if available. | ||
| DrupalWebTestCase::$temp_files_directory | protected | property | The temporary files directory created for testing purposes. | ||
| DrupalWebTestCase::$url | protected | property | The URL currently loaded in the internal browser. | ||
| DrupalWebTestCase::assertField | protected | function | Asserts that a field exists with the given name or ID. | ||
| DrupalWebTestCase::assertFieldById | protected | function | Asserts that a field exists in the current page with the given ID and value. | ||
| DrupalWebTestCase::assertFieldByName | protected | function | Asserts that a field exists in the current page with the given name and value. | ||
| DrupalWebTestCase::assertFieldByXPath | protected | function | Asserts that a field exists in the current page by the given XPath. | ||
| DrupalWebTestCase::assertFieldChecked | protected | function | Asserts that a checkbox field in the current page is checked. | ||
| DrupalWebTestCase::assertLink | protected | function | Pass if a link with the specified label is found, and optional with the specified index. |
||
| DrupalWebTestCase::assertLinkByHref | protected | function | Pass if a link containing a given href (part) is found. | ||
| DrupalWebTestCase::assertMail | protected | function | Asserts that the most recently sent e-mail message has the given value. | ||
| DrupalWebTestCase::assertMailPattern | protected | function | Asserts that the most recently sent e-mail message has the pattern in it. | ||
| DrupalWebTestCase::assertMailString | protected | function | Asserts that the most recently sent e-mail message has the string in it. | ||
| DrupalWebTestCase::assertNoDuplicateIds | protected | function | Asserts that each HTML ID is used for just a single element. | ||
| DrupalWebTestCase::assertNoField | protected | function | Asserts that a field does not exist with the given name or ID. | ||
| DrupalWebTestCase::assertNoFieldById | protected | function | Asserts that a field does not exist with the given ID and value. | ||
| DrupalWebTestCase::assertNoFieldByName | protected | function | Asserts that a field does not exist with the given name and value. | ||
| DrupalWebTestCase::assertNoFieldByXPath | protected | function | Asserts that a field doesn't exist or its value doesn't match, by XPath. | ||
| DrupalWebTestCase::assertNoFieldChecked | protected | function | Asserts that a checkbox field in the current page is not checked. | ||
| DrupalWebTestCase::assertNoLink | protected | function | Pass if a link with the specified label is not found. | ||
| DrupalWebTestCase::assertNoLinkByHref | protected | function | Pass if a link containing a given href (part) is not found. | ||
| DrupalWebTestCase::assertNoOptionSelected | protected | function | Asserts that a select option in the current page is not checked. | ||
| DrupalWebTestCase::assertNoPattern | protected | function | Will trigger a pass if the perl regex pattern is not present in raw content. | ||
| DrupalWebTestCase::assertNoRaw | protected | function | Pass if the raw text is NOT found on the loaded page, fail otherwise. Raw text refers to the raw HTML that the page generated. |
||
| DrupalWebTestCase::assertNoResponse | protected | function | Asserts the page did not return the specified response code. | ||
| DrupalWebTestCase::assertNoText | protected | function | Pass if the text is NOT found on the text version of the page. The text version is the equivalent of what a user would see when viewing through a web browser. In other words the HTML has been filtered out of the contents. |
||
| DrupalWebTestCase::assertNoTitle | protected | function | Pass if the page title is not the given string. | ||
| DrupalWebTestCase::assertNoUniqueText | protected | function | Pass if the text is found MORE THAN ONCE on the text version of the page. | ||
| DrupalWebTestCase::assertOptionSelected | protected | function | Asserts that a select option in the current page is checked. | ||
| DrupalWebTestCase::assertPattern | protected | function | Will trigger a pass if the Perl regex pattern is found in the raw content. | ||
| DrupalWebTestCase::assertRaw | protected | function | Pass if the raw text IS found on the loaded page, fail otherwise. Raw text refers to the raw HTML that the page generated. |
||
| DrupalWebTestCase::assertResponse | protected | function | Asserts the page responds with the specified response code. | ||
| DrupalWebTestCase::assertText | protected | function | Pass if the text IS found on the text version of the page. The text version is the equivalent of what a user would see when viewing through a web browser. In other words the HTML has been filtered out of the contents. |
||
| DrupalWebTestCase::assertTextHelper | protected | function | Helper for assertText and assertNoText. | ||
| DrupalWebTestCase::assertThemeOutput | protected | function | Asserts themed output. | ||
| DrupalWebTestCase::assertTitle | protected | function | Pass if the page title is the given string. | ||
| DrupalWebTestCase::assertUniqueText | protected | function | Pass if the text is found ONLY ONCE on the text version of the page. | ||
| DrupalWebTestCase::assertUniqueTextHelper | protected | function | Helper for assertUniqueText and assertNoUniqueText. | ||
| DrupalWebTestCase::assertUrl | protected | function | Pass if the internal browser's URL matches the given path. | ||
| DrupalWebTestCase::buildXPathQuery | protected | function | Builds an XPath query. | ||
| DrupalWebTestCase::changeDatabasePrefix | protected | function | Changes the database connection to the prefixed one. | ||
| DrupalWebTestCase::checkForMetaRefresh | protected | function | Check for meta refresh tag and if found call drupalGet() recursively. This function looks for the http-equiv attribute to be set to "Refresh" and is case-sensitive. |
||
| DrupalWebTestCase::checkPermissions | protected | function | Check to make sure that the array of permissions are valid. | ||
| DrupalWebTestCase::clickLink | protected | function | Follows a link by name. | ||
| DrupalWebTestCase::constructFieldXpath | protected | function | Helper function: construct an XPath for the given set of attributes and value. | ||
| DrupalWebTestCase::copySetupCache | protected | function | Copy the setup cache from/to another table and files directory. | ||
| DrupalWebTestCase::cronRun | protected | function | Runs cron in the Drupal installed by Simpletest. | ||
| DrupalWebTestCase::curlClose | protected | function | Close the cURL handler and unset the handler. | ||
| DrupalWebTestCase::curlExec | protected | function | Initializes and executes a cURL request. | ||
| DrupalWebTestCase::curlHeaderCallback | protected | function | Reads headers and registers errors received from the tested site. | ||
| DrupalWebTestCase::curlInitialize | protected | function | Initializes the cURL connection. | ||
| DrupalWebTestCase::drupalCompareFiles | protected | function | Compare two files based on size and file name. | ||
| DrupalWebTestCase::drupalCreateContentType | protected | function | Creates a custom content type based on default settings. | ||
| DrupalWebTestCase::drupalCreateNode | protected | function | Creates a node based on default settings. | ||
| DrupalWebTestCase::drupalCreateRole | protected | function | Creates a role with specified permissions. | ||
| DrupalWebTestCase::drupalCreateUser | protected | function | Create a user with a given set of permissions. | ||
| DrupalWebTestCase::drupalGet | protected | function | Retrieves a Drupal path or an absolute path. | ||
| DrupalWebTestCase::drupalGetAJAX | protected | function | Retrieve a Drupal path or an absolute path and JSON decode the result. | ||
| DrupalWebTestCase::drupalGetContent | protected | function | Gets the current raw HTML of requested page. | ||
| DrupalWebTestCase::drupalGetHeader | protected | function | Gets the value of an HTTP response header. If multiple requests were required to retrieve the page, only the headers from the last request will be checked by default. However, if TRUE is passed as the second argument, all requests will be processed… |
||
| DrupalWebTestCase::drupalGetHeaders | protected | function | Gets the HTTP response headers of the requested page. Normally we are only interested in the headers returned by the last request. However, if a page is redirected or HTTP authentication is in use, multiple requests will be required to retrieve the… |
||
| DrupalWebTestCase::drupalGetMails | protected | function | Gets an array containing all e-mails sent during this test case. | ||
| DrupalWebTestCase::drupalGetNodeByTitle | function | Get a node from the database based on its title. | |||
| DrupalWebTestCase::drupalGetSettings | protected | function | Gets the value of the Drupal.settings JavaScript variable for the currently loaded page. | ||
| DrupalWebTestCase::drupalGetTestFiles | protected | function | Get a list files that can be used in tests. | ||
| DrupalWebTestCase::drupalGetToken | protected | function | Generate a token for the currently logged in user. | ||
| DrupalWebTestCase::drupalHead | protected | function | Retrieves only the headers for a Drupal path or an absolute path. | ||
| DrupalWebTestCase::drupalLogin | protected | function | Log in a user with the internal browser. | ||
| DrupalWebTestCase::drupalLogout | protected | function | |||
| DrupalWebTestCase::drupalPost | protected | function | Execute a POST request on a Drupal page. It will be done as usual POST request with SimpleBrowser. |
||
| DrupalWebTestCase::drupalPostAJAX | protected | function | Execute an Ajax submission. | ||
| DrupalWebTestCase::drupalSetContent | protected | function | Sets the raw HTML content. This can be useful when a page has been fetched outside of the internal browser and assertions need to be made on the returned page. |
||
| DrupalWebTestCase::drupalSetSettings | protected | function | Sets the value of the Drupal.settings JavaScript variable for the currently loaded page. | ||
| DrupalWebTestCase::getAbsoluteUrl | protected | function | Takes a path and returns an absolute path. | ||
| DrupalWebTestCase::getAllOptions | protected | function | Get all option elements, including nested options, in a select. | ||
| DrupalWebTestCase::getSelectedItem | protected | function | Get the selected value from a select field. | ||
| DrupalWebTestCase::getSetupCacheKey | protected | function | Returns the cache key used for the setup caching. | ||
| DrupalWebTestCase::getUrl | protected | function | Get the current URL from the cURL handler. | ||
| DrupalWebTestCase::handleForm | protected | function | Handle form input related to drupalPost(). Ensure that the specified fields exist and attempt to create POST data in the correct manner for the particular field type. |
||
| DrupalWebTestCase::loadSetupCache | protected | function | Copies the cached tables and files for a cached installation setup. | ||
| DrupalWebTestCase::parse | protected | function | Parse content returned from curlExec using DOM and SimpleXML. | ||
| DrupalWebTestCase::preloadRegistry | protected | function | Preload the registry from the testing site. | ||
| DrupalWebTestCase::prepareDatabasePrefix | protected | function | Generates a database prefix for running tests. | ||
| DrupalWebTestCase::prepareEnvironment | protected | function | Prepares the current environment for running the test. | ||
| DrupalWebTestCase::recursiveDirectoryCopy | protected | function | Recursively copy one directory to another. | ||
| DrupalWebTestCase::refreshVariables | protected | function | Refresh the in-memory set of variables. Useful after a page request is made that changes a variable in a different thread. |
1 | |
| DrupalWebTestCase::resetAll | protected | function | Reset all data structures after having enabled new modules. | ||
| DrupalWebTestCase::storeSetupCache | protected | function | Store the installation setup to a cache. | ||
| DrupalWebTestCase::tearDown | protected | function | Delete created files and temporary files directory, delete the tables created by setUp(), and reset the database prefix. |
7 | |
| DrupalWebTestCase::verboseEmail | protected | function | Outputs to verbose the most recent $count emails sent. | ||
| DrupalWebTestCase::xpath | protected | function | Perform an xpath search on the contents of the internal browser. The search is relative to the root element (HTML tag normally) of the page. |
||
| DrupalWebTestCase::__construct | function | Constructor for DrupalWebTestCase. | Overrides DrupalTestCase::__construct | 1 | |
| FileFieldTestCase::$admin_user | protected | property | |||
| FileFieldTestCase::assertFileEntryExists | function | Asserts that a file exists in the database. | |||
| FileFieldTestCase::assertFileEntryNotExists | function | Asserts that a file does not exist in the database. | |||
| FileFieldTestCase::assertFileExists | function | Asserts that a file exists physically on disk. | |||
| FileFieldTestCase::assertFileIsPermanent | function | Asserts that a file's status is set to permanent in the database. | |||
| FileFieldTestCase::assertFileNotExists | function | Asserts that a file does not exist on disk. | |||
| FileFieldTestCase::attachFileField | function | Attaches a file field to an entity. | |||
| FileFieldTestCase::createFileField | function | Creates a new file field. | |||
| FileFieldTestCase::createTemporaryFile | function | Creates a temporary file, for a specific user. | |||
| FileFieldTestCase::getLastFileId | function | Retrieves the fid of the last inserted file. | |||
| FileFieldTestCase::getTestFile | function | Retrieves a sample file of the specified type. | |||
| FileFieldTestCase::removeNodeFile | function | Removes a file from a node. | |||
| FileFieldTestCase::replaceNodeFile | function | Replaces a file within a node. | |||
| FileFieldTestCase::setUp | function | Sets up a Drupal site for running functional and integration tests. | Overrides DrupalWebTestCase::setUp | 4 | |
| FileFieldTestCase::updateFileField | function | Updates an existing file field with new settings. | |||
| FileFieldTestCase::uploadNodeFile | function | Uploads a file to a node. | |||
| FileFieldWidgetTestCase::doTestTemporaryFileRemovalExploit | protected | function | Helper for testing exploiting the temporary file removal using fid. | ||
| FileFieldWidgetTestCase::getInfo | public static | function | |||
| FileFieldWidgetTestCase::testMultiValuedWidget | function | Tests upload and remove buttons for multiple multi-valued File fields. | |||
| FileFieldWidgetTestCase::testPrivateFileComment | function | Tests that download restrictions on private files work on comments. | |||
| FileFieldWidgetTestCase::testPrivateFileSetting | function | Tests a file field with a "Private files" upload destination setting. | |||
| FileFieldWidgetTestCase::testSingleValuedWidget | function | Tests upload and remove buttons for a single-valued File field. | |||
| FileFieldWidgetTestCase::testTemporaryFileRemovalExploit | function | Tests exploiting the temporary file removal of another user using fid. | |||
| FileFieldWidgetTestCase::testTemporaryFileRemovalExploitAnonymous | public | function | Tests exploiting the temporary file removal for anonymous users using fid. | ||
| FileFieldWidgetTestCase::testWidgetValidation | function | Tests validation with the Upload button. |
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.