|
1 <?php |
|
2 |
|
3 /** |
|
4 * @file |
|
5 * Tests for php.module. |
|
6 */ |
|
7 |
|
8 /** |
|
9 * Defines a base PHP test case class. |
|
10 */ |
|
11 class PHPTestCase extends DrupalWebTestCase { |
|
12 protected $php_code_format; |
|
13 |
|
14 function setUp() { |
|
15 parent::setUp('php'); |
|
16 |
|
17 // Create and login admin user. |
|
18 $admin_user = $this->drupalCreateUser(array('administer filters')); |
|
19 $this->drupalLogin($admin_user); |
|
20 |
|
21 // Verify that the PHP code text format was inserted. |
|
22 $php_format_id = 'php_code'; |
|
23 $this->php_code_format = filter_format_load($php_format_id); |
|
24 $this->assertEqual($this->php_code_format->name, 'PHP code', 'PHP code text format was created.'); |
|
25 |
|
26 // Verify that the format has the PHP code filter enabled. |
|
27 $filters = filter_list_format($php_format_id); |
|
28 $this->assertTrue($filters['php_code']->status, 'PHP code filter is enabled.'); |
|
29 |
|
30 // Verify that the format exists on the administration page. |
|
31 $this->drupalGet('admin/config/content/formats'); |
|
32 $this->assertText('PHP code', 'PHP code text format was created.'); |
|
33 |
|
34 // Verify that anonymous and authenticated user roles do not have access. |
|
35 $this->drupalGet('admin/config/content/formats/' . $php_format_id); |
|
36 $this->assertFieldByName('roles[' . DRUPAL_ANONYMOUS_RID . ']', FALSE, 'Anonymous users do not have access to PHP code format.'); |
|
37 $this->assertFieldByName('roles[' . DRUPAL_AUTHENTICATED_RID . ']', FALSE, 'Authenticated users do not have access to PHP code format.'); |
|
38 } |
|
39 |
|
40 /** |
|
41 * Creates a test node with PHP code in the body. |
|
42 * |
|
43 * @return stdObject Node object. |
|
44 */ |
|
45 function createNodeWithCode() { |
|
46 return $this->drupalCreateNode(array('body' => array(LANGUAGE_NONE => array(array('value' => '<?php print "SimpleTest PHP was executed!"; ?>'))))); |
|
47 } |
|
48 } |
|
49 |
|
50 /** |
|
51 * Tests to make sure the PHP filter actually evaluates PHP code when used. |
|
52 */ |
|
53 class PHPFilterTestCase extends PHPTestCase { |
|
54 public static function getInfo() { |
|
55 return array( |
|
56 'name' => 'PHP filter functionality', |
|
57 'description' => 'Make sure that PHP filter properly evaluates PHP code when enabled.', |
|
58 'group' => 'PHP', |
|
59 ); |
|
60 } |
|
61 |
|
62 /** |
|
63 * Makes sure that the PHP filter evaluates PHP code when used. |
|
64 */ |
|
65 function testPHPFilter() { |
|
66 // Log in as a user with permission to use the PHP code text format. |
|
67 $php_code_permission = filter_permission_name(filter_format_load('php_code')); |
|
68 $web_user = $this->drupalCreateUser(array('access content', 'create page content', 'edit own page content', $php_code_permission)); |
|
69 $this->drupalLogin($web_user); |
|
70 |
|
71 // Create a node with PHP code in it. |
|
72 $node = $this->createNodeWithCode(); |
|
73 |
|
74 // Make sure that the PHP code shows up as text. |
|
75 $this->drupalGet('node/' . $node->nid); |
|
76 $this->assertText('print "SimpleTest PHP was executed!"', 'PHP code is displayed.'); |
|
77 |
|
78 // Change filter to PHP filter and see that PHP code is evaluated. |
|
79 $edit = array(); |
|
80 $langcode = LANGUAGE_NONE; |
|
81 $edit["body[$langcode][0][format]"] = $this->php_code_format->format; |
|
82 $this->drupalPost('node/' . $node->nid . '/edit', $edit, t('Save')); |
|
83 $this->assertRaw(t('Basic page %title has been updated.', array('%title' => $node->title)), 'PHP code filter turned on.'); |
|
84 |
|
85 // Make sure that the PHP code shows up as text. |
|
86 $this->assertNoText('print "SimpleTest PHP was executed!"', "PHP code isn't displayed."); |
|
87 $this->assertText('SimpleTest PHP was executed!', 'PHP code has been evaluated.'); |
|
88 } |
|
89 } |
|
90 |
|
91 /** |
|
92 * Tests to make sure access to the PHP filter is properly restricted. |
|
93 */ |
|
94 class PHPAccessTestCase extends PHPTestCase { |
|
95 public static function getInfo() { |
|
96 return array( |
|
97 'name' => 'PHP filter access check', |
|
98 'description' => 'Make sure that users who don\'t have access to the PHP filter can\'t see it.', |
|
99 'group' => 'PHP', |
|
100 ); |
|
101 } |
|
102 |
|
103 /** |
|
104 * Makes sure that the user can't use the PHP filter when not given access. |
|
105 */ |
|
106 function testNoPrivileges() { |
|
107 // Create node with PHP filter enabled. |
|
108 $web_user = $this->drupalCreateUser(array('access content', 'create page content', 'edit own page content')); |
|
109 $this->drupalLogin($web_user); |
|
110 $node = $this->createNodeWithCode(); |
|
111 |
|
112 // Make sure that the PHP code shows up as text. |
|
113 $this->drupalGet('node/' . $node->nid); |
|
114 $this->assertText('print', 'PHP code was not evaluated.'); |
|
115 |
|
116 // Make sure that user doesn't have access to filter. |
|
117 $this->drupalGet('node/' . $node->nid . '/edit'); |
|
118 $this->assertNoRaw('<option value="' . $this->php_code_format->format . '">', 'PHP code format not available.'); |
|
119 } |
|
120 } |