|
1 <?php |
|
2 |
|
3 /** |
|
4 * Perform basic XML-RPC tests that do not require addition callbacks. |
|
5 */ |
|
6 class XMLRPCBasicTestCase extends DrupalWebTestCase { |
|
7 |
|
8 public static function getInfo() { |
|
9 return array( |
|
10 'name' => 'XML-RPC basic', |
|
11 'description' => 'Perform basic XML-RPC tests that do not require additional callbacks.', |
|
12 'group' => 'XML-RPC', |
|
13 ); |
|
14 } |
|
15 |
|
16 /** |
|
17 * Ensure that a basic XML-RPC call with no parameters works. |
|
18 */ |
|
19 protected function testListMethods() { |
|
20 // Minimum list of methods that should be included. |
|
21 $minimum = array( |
|
22 'system.multicall', |
|
23 'system.methodSignature', |
|
24 'system.getCapabilities', |
|
25 'system.listMethods', |
|
26 'system.methodHelp', |
|
27 ); |
|
28 |
|
29 // Invoke XML-RPC call to get list of methods. |
|
30 $url = url(NULL, array('absolute' => TRUE)) . 'xmlrpc.php'; |
|
31 $methods = xmlrpc($url, array('system.listMethods' => array())); |
|
32 |
|
33 // Ensure that the minimum methods were found. |
|
34 $count = 0; |
|
35 foreach ($methods as $method) { |
|
36 if (in_array($method, $minimum)) { |
|
37 $count++; |
|
38 } |
|
39 } |
|
40 |
|
41 $this->assertEqual($count, count($minimum), 'system.listMethods returned at least the minimum listing'); |
|
42 } |
|
43 |
|
44 /** |
|
45 * Ensure that system.methodSignature returns an array of signatures. |
|
46 */ |
|
47 protected function testMethodSignature() { |
|
48 $url = url(NULL, array('absolute' => TRUE)) . 'xmlrpc.php'; |
|
49 $signature = xmlrpc($url, array('system.methodSignature' => array('system.listMethods'))); |
|
50 $this->assert(is_array($signature) && !empty($signature) && is_array($signature[0]), |
|
51 'system.methodSignature returns an array of signature arrays.'); |
|
52 } |
|
53 |
|
54 /** |
|
55 * Ensure that XML-RPC correctly handles invalid messages when parsing. |
|
56 */ |
|
57 protected function testInvalidMessageParsing() { |
|
58 $invalid_messages = array( |
|
59 array( |
|
60 'message' => xmlrpc_message(''), |
|
61 'assertion' => 'Empty message correctly rejected during parsing.', |
|
62 ), |
|
63 array( |
|
64 'message' => xmlrpc_message('<?xml version="1.0" encoding="ISO-8859-1"?>'), |
|
65 'assertion' => 'Empty message with XML declaration correctly rejected during parsing.', |
|
66 ), |
|
67 array( |
|
68 'message' => xmlrpc_message('<?xml version="1.0"?><params><param><value><string>value</string></value></param></params>'), |
|
69 'assertion' => 'Non-empty message without a valid message type is rejected during parsing.', |
|
70 ), |
|
71 array( |
|
72 'message' => xmlrpc_message('<methodResponse><params><param><value><string>value</string></value></param></methodResponse>'), |
|
73 'assertion' => 'Non-empty malformed message is rejected during parsing.', |
|
74 ), |
|
75 ); |
|
76 |
|
77 foreach ($invalid_messages as $assertion) { |
|
78 $this->assertFalse(xmlrpc_message_parse($assertion['message']), $assertion['assertion']); |
|
79 } |
|
80 } |
|
81 } |
|
82 |
|
83 class XMLRPCValidator1IncTestCase extends DrupalWebTestCase { |
|
84 public static function getInfo() { |
|
85 return array( |
|
86 'name' => 'XML-RPC validator', |
|
87 'description' => 'See <a href="http://www.xmlrpc.com/validator1Docs">the xmlrpc validator1 specification</a>.', |
|
88 'group' => 'XML-RPC', |
|
89 ); |
|
90 } |
|
91 |
|
92 function setUp() { |
|
93 parent::setUp('xmlrpc_test'); |
|
94 } |
|
95 |
|
96 /** |
|
97 * Run validator1 tests. |
|
98 */ |
|
99 function testValidator1() { |
|
100 $xml_url = url(NULL, array('absolute' => TRUE)) . 'xmlrpc.php'; |
|
101 srand(); |
|
102 mt_srand(); |
|
103 |
|
104 $array_1 = array(array('curly' => mt_rand(-100, 100)), |
|
105 array('curly' => mt_rand(-100, 100)), |
|
106 array('larry' => mt_rand(-100, 100)), |
|
107 array('larry' => mt_rand(-100, 100)), |
|
108 array('moe' => mt_rand(-100, 100)), |
|
109 array('moe' => mt_rand(-100, 100)), |
|
110 array('larry' => mt_rand(-100, 100))); |
|
111 shuffle($array_1); |
|
112 $l_res_1 = xmlrpc_test_arrayOfStructsTest($array_1); |
|
113 $r_res_1 = xmlrpc($xml_url, array('validator1.arrayOfStructsTest' => array($array_1))); |
|
114 $this->assertIdentical($l_res_1, $r_res_1); |
|
115 |
|
116 $string_2 = 't\'&>>zf"md>yr>xlcev<h<"k&j<og"w&&>">>uai"np&s>>q\'&b<>"&&&'; |
|
117 $l_res_2 = xmlrpc_test_countTheEntities($string_2); |
|
118 $r_res_2 = xmlrpc($xml_url, array('validator1.countTheEntities' => array($string_2))); |
|
119 $this->assertIdentical($l_res_2, $r_res_2); |
|
120 |
|
121 $struct_3 = array('moe' => mt_rand(-100, 100), 'larry' => mt_rand(-100, 100), 'curly' => mt_rand(-100, 100), 'homer' => mt_rand(-100, 100)); |
|
122 $l_res_3 = xmlrpc_test_easyStructTest($struct_3); |
|
123 $r_res_3 = xmlrpc($xml_url, array('validator1.easyStructTest' => array($struct_3))); |
|
124 $this->assertIdentical($l_res_3, $r_res_3); |
|
125 |
|
126 $struct_4 = array('sub1' => array('bar' => 13), |
|
127 'sub2' => 14, |
|
128 'sub3' => array('foo' => 1, 'baz' => 2), |
|
129 'sub4' => array('ss' => array('sss' => array('ssss' => 'sssss')))); |
|
130 $l_res_4 = xmlrpc_test_echoStructTest($struct_4); |
|
131 $r_res_4 = xmlrpc($xml_url, array('validator1.echoStructTest' => array($struct_4))); |
|
132 $this->assertIdentical($l_res_4, $r_res_4); |
|
133 |
|
134 $int_5 = mt_rand(-100, 100); |
|
135 $bool_5 = (($int_5 % 2) == 0); |
|
136 $string_5 = $this->randomName(); |
|
137 $double_5 = (double)(mt_rand(-1000, 1000) / 100); |
|
138 $time_5 = REQUEST_TIME; |
|
139 $base64_5 = $this->randomName(100); |
|
140 $l_res_5 = xmlrpc_test_manyTypesTest($int_5, $bool_5, $string_5, $double_5, xmlrpc_date($time_5), $base64_5); |
|
141 // See http://drupal.org/node/37766 why this currently fails |
|
142 $l_res_5[5] = $l_res_5[5]->data; |
|
143 $r_res_5 = xmlrpc($xml_url, array('validator1.manyTypesTest' => array($int_5, $bool_5, $string_5, $double_5, xmlrpc_date($time_5), xmlrpc_base64($base64_5)))); |
|
144 // @todo Contains objects, objects are not equal. |
|
145 $this->assertEqual($l_res_5, $r_res_5); |
|
146 |
|
147 $size = mt_rand(100, 200); |
|
148 $array_6 = array(); |
|
149 for ($i = 0; $i < $size; $i++) { |
|
150 $array_6[] = $this->randomName(mt_rand(8, 12)); |
|
151 } |
|
152 |
|
153 $l_res_6 = xmlrpc_test_moderateSizeArrayCheck($array_6); |
|
154 $r_res_6 = xmlrpc($xml_url, array('validator1.moderateSizeArrayCheck' => array($array_6))); |
|
155 $this->assertIdentical($l_res_6, $r_res_6); |
|
156 |
|
157 $struct_7 = array(); |
|
158 for ($y = 2000; $y < 2002; $y++) { |
|
159 for ($m = 3; $m < 5; $m++) { |
|
160 for ($d = 1; $d < 6; $d++) { |
|
161 $ys = (string) $y; |
|
162 $ms = sprintf('%02d', $m); |
|
163 $ds = sprintf('%02d', $d); |
|
164 $struct_7[$ys][$ms][$ds]['moe'] = mt_rand(-100, 100); |
|
165 $struct_7[$ys][$ms][$ds]['larry'] = mt_rand(-100, 100); |
|
166 $struct_7[$ys][$ms][$ds]['curly'] = mt_rand(-100, 100); |
|
167 } |
|
168 } |
|
169 } |
|
170 $l_res_7 = xmlrpc_test_nestedStructTest($struct_7); |
|
171 $r_res_7 = xmlrpc($xml_url, array('validator1.nestedStructTest' => array($struct_7))); |
|
172 $this->assertIdentical($l_res_7, $r_res_7); |
|
173 |
|
174 |
|
175 $int_8 = mt_rand(-100, 100); |
|
176 $l_res_8 = xmlrpc_test_simpleStructReturnTest($int_8); |
|
177 $r_res_8 = xmlrpc($xml_url, array('validator1.simpleStructReturnTest' => array($int_8))); |
|
178 $this->assertIdentical($l_res_8, $r_res_8); |
|
179 |
|
180 /* Now test multicall */ |
|
181 $x = array(); |
|
182 $x['validator1.arrayOfStructsTest'] = array($array_1); |
|
183 $x['validator1.countTheEntities'] = array($string_2); |
|
184 $x['validator1.easyStructTest'] = array($struct_3); |
|
185 $x['validator1.echoStructTest'] = array($struct_4); |
|
186 $x['validator1.manyTypesTest'] = array($int_5, $bool_5, $string_5, $double_5, xmlrpc_date($time_5), xmlrpc_base64($base64_5)); |
|
187 $x['validator1.moderateSizeArrayCheck'] = array($array_6); |
|
188 $x['validator1.nestedStructTest'] = array($struct_7); |
|
189 $x['validator1.simpleStructReturnTest'] = array($int_8); |
|
190 |
|
191 $a_l_res = array($l_res_1, $l_res_2, $l_res_3, $l_res_4, $l_res_5, $l_res_6, $l_res_7, $l_res_8); |
|
192 $a_r_res = xmlrpc($xml_url, $x); |
|
193 $this->assertEqual($a_l_res, $a_r_res); |
|
194 } |
|
195 } |
|
196 |
|
197 class XMLRPCMessagesTestCase extends DrupalWebTestCase { |
|
198 public static function getInfo() { |
|
199 return array( |
|
200 'name' => 'XML-RPC message and alteration', |
|
201 'description' => 'Test large messages and method alterations.', |
|
202 'group' => 'XML-RPC', |
|
203 ); |
|
204 } |
|
205 |
|
206 function setUp() { |
|
207 parent::setUp('xmlrpc_test'); |
|
208 } |
|
209 |
|
210 /** |
|
211 * Make sure that XML-RPC can transfer large messages. |
|
212 */ |
|
213 function testSizedMessages() { |
|
214 // These tests can produce up to 128 x 160 words in the XML-RPC message |
|
215 // (see xmlrpc_test_message_sized_in_kb()) with 4 tags used to represent |
|
216 // each. Set a large enough tag limit to allow this to be tested. |
|
217 variable_set('xmlrpc_message_maximum_tag_count', 100000); |
|
218 |
|
219 $xml_url = url(NULL, array('absolute' => TRUE)) . 'xmlrpc.php'; |
|
220 $sizes = array(8, 80, 160); |
|
221 foreach ($sizes as $size) { |
|
222 $xml_message_l = xmlrpc_test_message_sized_in_kb($size); |
|
223 $xml_message_r = xmlrpc($xml_url, array('messages.messageSizedInKB' => array($size))); |
|
224 |
|
225 $this->assertEqual($xml_message_l, $xml_message_r, format_string('XML-RPC messages.messageSizedInKB of %s Kb size received', array('%s' => $size))); |
|
226 } |
|
227 } |
|
228 |
|
229 /** |
|
230 * Ensure that hook_xmlrpc_alter() can hide even builtin methods. |
|
231 */ |
|
232 protected function testAlterListMethods() { |
|
233 |
|
234 // Ensure xmlrpc_test_xmlrpc_alter() is disabled and retrieve regular list of methods. |
|
235 variable_set('xmlrpc_test_xmlrpc_alter', FALSE); |
|
236 $url = url(NULL, array('absolute' => TRUE)) . 'xmlrpc.php'; |
|
237 $methods1 = xmlrpc($url, array('system.listMethods' => array())); |
|
238 |
|
239 // Enable the alter hook and retrieve the list of methods again. |
|
240 variable_set('xmlrpc_test_xmlrpc_alter', TRUE); |
|
241 $methods2 = xmlrpc($url, array('system.listMethods' => array())); |
|
242 |
|
243 $diff = array_diff($methods1, $methods2); |
|
244 $this->assertTrue(is_array($diff) && !empty($diff), 'Method list is altered by hook_xmlrpc_alter'); |
|
245 $removed = reset($diff); |
|
246 $this->assertEqual($removed, 'system.methodSignature', 'Hiding builting system.methodSignature with hook_xmlrpc_alter works'); |
|
247 } |
|
248 |
|
249 /** |
|
250 * Test limits on system.multicall that can prevent brute-force attacks. |
|
251 */ |
|
252 function testMulticallLimit() { |
|
253 $url = url(NULL, array('absolute' => TRUE)) . 'xmlrpc.php'; |
|
254 $multicall_args = array(); |
|
255 $num_method_calls = 10; |
|
256 for ($i = 0; $i < $num_method_calls; $i++) { |
|
257 $struct = array('i' => $i); |
|
258 $multicall_args[] = array('methodName' => 'validator1.echoStructTest', 'params' => array($struct)); |
|
259 } |
|
260 // Test limits of 1, 5, 9, 13. |
|
261 for ($limit = 1; $limit < $num_method_calls + 4; $limit += 4) { |
|
262 variable_set('xmlrpc_multicall_duplicate_method_limit', $limit); |
|
263 $results = xmlrpc($url, array('system.multicall' => array($multicall_args))); |
|
264 $this->assertEqual($num_method_calls, count($results)); |
|
265 for ($i = 0; $i < min($limit, $num_method_calls); $i++) { |
|
266 $x = array_shift($results); |
|
267 $this->assertTrue(empty($x->is_error), "Result $i is not an error"); |
|
268 $this->assertEqual($multicall_args[$i]['params'][0], $x); |
|
269 } |
|
270 for (; $i < $num_method_calls; $i++) { |
|
271 $x = array_shift($results); |
|
272 $this->assertFalse(empty($x->is_error), "Result $i is an error"); |
|
273 $this->assertEqual(-156579, $x->code); |
|
274 } |
|
275 } |
|
276 variable_set('xmlrpc_multicall_duplicate_method_limit', -1); |
|
277 $results = xmlrpc($url, array('system.multicall' => array($multicall_args))); |
|
278 $this->assertEqual($num_method_calls, count($results)); |
|
279 foreach ($results as $i => $x) { |
|
280 $this->assertTrue(empty($x->is_error), "Result $i is not an error"); |
|
281 } |
|
282 } |
|
283 } |