diff -r 07239de796bb -r e756a8c72c3d cms/drupal/modules/contact/contact.test --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/cms/drupal/modules/contact/contact.test Fri Sep 08 12:04:06 2017 +0200 @@ -0,0 +1,456 @@ + 'Site-wide contact form', + 'description' => 'Tests site-wide contact form functionality.', + 'group' => 'Contact', + ); + } + + function setUp() { + parent::setUp('contact'); + } + + /** + * Tests configuration options and the site-wide contact form. + */ + function testSiteWideContact() { + // Create and login administrative user. + $admin_user = $this->drupalCreateUser(array('access site-wide contact form', 'administer contact forms', 'administer users')); + $this->drupalLogin($admin_user); + + $flood_limit = 3; + variable_set('contact_threshold_limit', $flood_limit); + variable_set('contact_threshold_window', 600); + + // Set settings. + $edit = array(); + $edit['contact_default_status'] = TRUE; + $this->drupalPost('admin/config/people/accounts', $edit, t('Save configuration')); + $this->assertText(t('The configuration options have been saved.'), 'Setting successfully saved.'); + + // Delete old categories to ensure that new categories are used. + $this->deleteCategories(); + + // Ensure that the contact form won't be shown without categories. + user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form')); + $this->drupalLogout(); + $this->drupalGet('contact'); + $this->assertResponse(404); + $this->drupalLogin($admin_user); + $this->drupalGet('contact'); + $this->assertResponse(200); + $this->assertText(t('The contact form has not been configured.')); + + // Add categories. + // Test invalid recipients. + $invalid_recipients = array('invalid', 'invalid@', 'invalid@site.', '@site.', '@site.com'); + foreach ($invalid_recipients as $invalid_recipient) { + $this->addCategory($this->randomName(16), $invalid_recipient, '', FALSE); + $this->assertRaw(t('%recipient is an invalid e-mail address.', array('%recipient' => $invalid_recipient)), format_string('Caught invalid recipient (@invalid_recipient).', array('@invalid_recipient' => $invalid_recipient))); + } + + // Test validation of empty category and recipients fields. + $this->addCategory($category = '', '', '', TRUE); + $this->assertText(t('Category field is required.'), 'Caught empty category field'); + $this->assertText(t('Recipients field is required.'), 'Caught empty recipients field.'); + + // Create first valid category. + $recipients = array('simpletest@example.com', 'simpletest2@example.com', 'simpletest3@example.com'); + $this->addCategory($category = $this->randomName(16), implode(',', array($recipients[0])), '', TRUE); + $this->assertRaw(t('Category %category has been saved.', array('%category' => $category)), 'Category successfully saved.'); + + // Make sure the newly created category is included in the list of categories. + $this->assertNoUniqueText($category, 'New category included in categories list.'); + + // Test update contact form category. + $categories = $this->getCategories(); + $category_id = $this->updateCategory($categories, $category = $this->randomName(16), $recipients_str = implode(',', array($recipients[0], $recipients[1])), $reply = $this->randomName(30), FALSE); + $category_array = db_query("SELECT category, recipients, reply, selected FROM {contact} WHERE cid = :cid", array(':cid' => $category_id))->fetchAssoc(); + $this->assertEqual($category_array['category'], $category); + $this->assertEqual($category_array['recipients'], $recipients_str); + $this->assertEqual($category_array['reply'], $reply); + $this->assertFalse($category_array['selected']); + $this->assertRaw(t('Category %category has been saved.', array('%category' => $category)), 'Category successfully saved.'); + + // Ensure that the contact form is shown without a category selection input. + user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form')); + $this->drupalLogout(); + $this->drupalGet('contact'); + $this->assertText(t('Your e-mail address'), 'Contact form is shown when there is one category.'); + $this->assertNoText(t('Category'), 'When there is only one category, the category selection element is hidden.'); + $this->drupalLogin($admin_user); + + // Add more categories. + $this->addCategory($category = $this->randomName(16), implode(',', array($recipients[0], $recipients[1])), '', FALSE); + $this->assertRaw(t('Category %category has been saved.', array('%category' => $category)), 'Category successfully saved.'); + + $this->addCategory($category = $this->randomName(16), implode(',', array($recipients[0], $recipients[1], $recipients[2])), '', FALSE); + $this->assertRaw(t('Category %category has been saved.', array('%category' => $category)), 'Category successfully saved.'); + + // Try adding a category that already exists. + $this->addCategory($category, '', '', FALSE); + $this->assertNoRaw(t('Category %category has been saved.', array('%category' => $category)), 'Category not saved.'); + $this->assertRaw(t('A contact form with category %category already exists.', array('%category' => $category)), 'Duplicate category error found.'); + + // Clear flood table in preparation for flood test and allow other checks to complete. + db_delete('flood')->execute(); + $num_records_after = db_query("SELECT COUNT(*) FROM {flood}")->fetchField(); + $this->assertIdentical($num_records_after, '0', 'Flood table emptied.'); + $this->drupalLogout(); + + // Check to see that anonymous user cannot see contact page without permission. + user_role_revoke_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form')); + $this->drupalGet('contact'); + $this->assertResponse(403, 'Access denied to anonymous user without permission.'); + + // Give anonymous user permission and see that page is viewable. + user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form')); + $this->drupalGet('contact'); + $this->assertResponse(200, 'Access granted to anonymous user with permission.'); + + // Submit contact form with invalid values. + $this->submitContact('', $recipients[0], $this->randomName(16), $categories[0], $this->randomName(64)); + $this->assertText(t('Your name field is required.'), 'Name required.'); + + $this->submitContact($this->randomName(16), '', $this->randomName(16), $categories[0], $this->randomName(64)); + $this->assertText(t('Your e-mail address field is required.'), 'E-mail required.'); + + $this->submitContact($this->randomName(16), $invalid_recipients[0], $this->randomName(16), $categories[0], $this->randomName(64)); + $this->assertText(t('You must enter a valid e-mail address.'), 'Valid e-mail required.'); + + $this->submitContact($this->randomName(16), $recipients[0], '', $categories[0], $this->randomName(64)); + $this->assertText(t('Subject field is required.'), 'Subject required.'); + + $this->submitContact($this->randomName(16), $recipients[0], $this->randomName(16), $categories[0], ''); + $this->assertText(t('Message field is required.'), 'Message required.'); + + // Test contact form with no default category selected. + db_update('contact') + ->fields(array('selected' => 0)) + ->execute(); + $this->drupalGet('contact'); + $this->assertRaw(t('- Please choose -'), 'Without selected categories the visitor is asked to chose a category.'); + + // Submit contact form with invalid category id (cid 0). + $this->submitContact($this->randomName(16), $recipients[0], $this->randomName(16), 0, ''); + $this->assertText(t('You must select a valid category.'), 'Valid category required.'); + + // Submit contact form with correct values and check flood interval. + for ($i = 0; $i < $flood_limit; $i++) { + $this->submitContact($this->randomName(16), $recipients[0], $this->randomName(16), $categories[0], $this->randomName(64)); + $this->assertText(t('Your message has been sent.'), 'Message sent.'); + } + // Submit contact form one over limit. + $this->drupalGet('contact'); + $this->assertResponse(403, 'Access denied to anonymous user after reaching message treshold.'); + $this->assertRaw(t('You cannot send more than %number messages in @interval. Try again later.', array('%number' => variable_get('contact_threshold_limit', 3), '@interval' => format_interval(600))), 'Message threshold reached.'); + + // Delete created categories. + $this->drupalLogin($admin_user); + $this->deleteCategories(); + } + + /** + * Tests auto-reply on the site-wide contact form. + */ + function testAutoReply() { + // Create and login administrative user. + $admin_user = $this->drupalCreateUser(array('access site-wide contact form', 'administer contact forms', 'administer permissions', 'administer users')); + $this->drupalLogin($admin_user); + + // Set up three categories, 2 with an auto-reply and one without. + $foo_autoreply = $this->randomName(40); + $bar_autoreply = $this->randomName(40); + $this->addCategory('foo', 'foo@example.com', $foo_autoreply, FALSE); + $this->addCategory('bar', 'bar@example.com', $bar_autoreply, FALSE); + $this->addCategory('no_autoreply', 'bar@example.com', '', FALSE); + + // Test the auto-reply for category 'foo'. + $email = $this->randomName(32) . '@example.com'; + $subject = $this->randomName(64); + $this->submitContact($this->randomName(16), $email, $subject, 2, $this->randomString(128)); + + // We are testing the auto-reply, so there should be one e-mail going to the sender. + $captured_emails = $this->drupalGetMails(array('id' => 'contact_page_autoreply', 'to' => $email, 'from' => 'foo@example.com')); + $this->assertEqual(count($captured_emails), 1, 'Auto-reply e-mail was sent to the sender for category "foo".', 'Contact'); + $this->assertEqual($captured_emails[0]['body'], drupal_html_to_text($foo_autoreply), 'Auto-reply e-mail body is correct for category "foo".', 'Contact'); + + // Test the auto-reply for category 'bar'. + $email = $this->randomName(32) . '@example.com'; + $this->submitContact($this->randomName(16), $email, $this->randomString(64), 3, $this->randomString(128)); + + // Auto-reply for category 'bar' should result in one auto-reply e-mail to the sender. + $captured_emails = $this->drupalGetMails(array('id' => 'contact_page_autoreply', 'to' => $email, 'from' => 'bar@example.com')); + $this->assertEqual(count($captured_emails), 1, 'Auto-reply e-mail was sent to the sender for category "bar".', 'Contact'); + $this->assertEqual($captured_emails[0]['body'], drupal_html_to_text($bar_autoreply), 'Auto-reply e-mail body is correct for category "bar".', 'Contact'); + + // Verify that no auto-reply is sent when the auto-reply field is left blank. + $email = $this->randomName(32) . '@example.com'; + $this->submitContact($this->randomName(16), $email, $this->randomString(64), 4, $this->randomString(128)); + $captured_emails = $this->drupalGetMails(array('id' => 'contact_page_autoreply', 'to' => $email, 'from' => 'no_autoreply@example.com')); + $this->assertEqual(count($captured_emails), 0, 'No auto-reply e-mail was sent to the sender for category "no-autoreply".', 'Contact'); + } + + /** + * Adds a category. + * + * @param string $category + * The category name. + * @param string $recipients + * The list of recipient e-mail addresses. + * @param string $reply + * The auto-reply text that is sent to a user upon completing the contact + * form. + * @param boolean $selected + * Boolean indicating whether the category should be selected by default. + */ + function addCategory($category, $recipients, $reply, $selected) { + $edit = array(); + $edit['category'] = $category; + $edit['recipients'] = $recipients; + $edit['reply'] = $reply; + $edit['selected'] = ($selected ? '1' : '0'); + $this->drupalPost('admin/structure/contact/add', $edit, t('Save')); + } + + /** + * Updates a category. + * + * @param string $category + * The category name. + * @param string $recipients + * The list of recipient e-mail addresses. + * @param string $reply + * The auto-reply text that is sent to a user upon completing the contact + * form. + * @param boolean $selected + * Boolean indicating whether the category should be selected by default. + */ + function updateCategory($categories, $category, $recipients, $reply, $selected) { + $category_id = $categories[array_rand($categories)]; + $edit = array(); + $edit['category'] = $category; + $edit['recipients'] = $recipients; + $edit['reply'] = $reply; + $edit['selected'] = ($selected ? '1' : '0'); + $this->drupalPost('admin/structure/contact/edit/' . $category_id, $edit, t('Save')); + return ($category_id); + } + + /** + * Submits the contact form. + * + * @param string $name + * The name of the sender. + * @param string $mail + * The e-mail address of the sender. + * @param string $subject + * The subject of the message. + * @param integer $cid + * The category ID of the message. + * @param string $message + * The message body. + */ + function submitContact($name, $mail, $subject, $cid, $message) { + $edit = array(); + $edit['name'] = $name; + $edit['mail'] = $mail; + $edit['subject'] = $subject; + $edit['cid'] = $cid; + $edit['message'] = $message; + $this->drupalPost('contact', $edit, t('Send message')); + } + + /** + * Deletes all categories. + */ + function deleteCategories() { + $categories = $this->getCategories(); + foreach ($categories as $category) { + $category_name = db_query("SELECT category FROM {contact} WHERE cid = :cid", array(':cid' => $category))->fetchField(); + $this->drupalPost('admin/structure/contact/delete/' . $category, array(), t('Delete')); + $this->assertRaw(t('Category %category has been deleted.', array('%category' => $category_name)), 'Category deleted successfully.'); + } + } + + /** + * Gets a list of all category IDs. + * + * @return array + * A list of the category IDs. + */ + function getCategories() { + $categories = db_query('SELECT cid FROM {contact}')->fetchCol(); + return $categories; + } +} + +/** + * Tests the personal contact form. + */ +class ContactPersonalTestCase extends DrupalWebTestCase { + private $admin_user; + private $web_user; + private $contact_user; + + public static function getInfo() { + return array( + 'name' => 'Personal contact form', + 'description' => 'Tests personal contact form functionality.', + 'group' => 'Contact', + ); + } + + function setUp() { + parent::setUp('contact'); + + // Create an admin user. + $this->admin_user = $this->drupalCreateUser(array('administer contact forms', 'administer users')); + + // Create some normal users with their contact forms enabled by default. + variable_set('contact_default_status', TRUE); + $this->web_user = $this->drupalCreateUser(array('access user contact forms')); + $this->contact_user = $this->drupalCreateUser(); + } + + /** + * Tests access to the personal contact form. + */ + function testPersonalContactAccess() { + // Test allowed access to user with contact form enabled. + $this->drupalLogin($this->web_user); + $this->drupalGet('user/' . $this->contact_user->uid . '/contact'); + $this->assertResponse(200); + + // Test denied access to the user's own contact form. + $this->drupalGet('user/' . $this->web_user->uid . '/contact'); + $this->assertResponse(403); + + // Test always denied access to the anonymous user contact form. + $this->drupalGet('user/0/contact'); + $this->assertResponse(403); + + // Test that anonymous users can access the contact form. + $this->drupalLogout(); + user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access user contact forms')); + $this->drupalGet('user/' . $this->contact_user->uid . '/contact'); + $this->assertResponse(200); + + // Test that users can disable their contact form. + $this->drupalLogin($this->contact_user); + $edit = array('contact' => FALSE); + $this->drupalPost('user/' . $this->contact_user->uid . '/edit', $edit, 'Save'); + $this->drupalLogout(); + $this->drupalGet('user/' . $this->contact_user->uid . '/contact'); + $this->assertResponse(403); + + // Test that user's contact status stays disabled when saving. + $contact_user_temp = user_load($this->contact_user->uid, TRUE); + user_save($contact_user_temp); + $this->drupalGet('user/' . $this->contact_user->uid . '/contact'); + $this->assertResponse(403); + + // Test that users can enable their contact form. + $this->drupalLogin($this->contact_user); + $edit = array('contact' => TRUE); + $this->drupalPost('user/' . $this->contact_user->uid . '/edit', $edit, 'Save'); + $this->drupalLogout(); + $this->drupalGet('user/' . $this->contact_user->uid . '/contact'); + $this->assertResponse(200); + + // Revoke the personal contact permission for the anonymous user. + user_role_revoke_permissions(DRUPAL_ANONYMOUS_RID, array('access user contact forms')); + $this->drupalGet('user/' . $this->contact_user->uid . '/contact'); + $this->assertResponse(403); + + // Disable the personal contact form. + $this->drupalLogin($this->admin_user); + $edit = array('contact_default_status' => FALSE); + $this->drupalPost('admin/config/people/accounts', $edit, t('Save configuration')); + $this->assertText(t('The configuration options have been saved.'), 'Setting successfully saved.'); + $this->drupalLogout(); + + // Re-create our contacted user with personal contact forms disabled by + // default. + $this->contact_user = $this->drupalCreateUser(); + + // Test denied access to a user with contact form disabled. + $this->drupalLogin($this->web_user); + $this->drupalGet('user/' . $this->contact_user->uid . '/contact'); + $this->assertResponse(403); + + // Test allowed access for admin user to a user with contact form disabled. + $this->drupalLogin($this->admin_user); + $this->drupalGet('user/' . $this->contact_user->uid . '/contact'); + $this->assertResponse(200); + + // Re-create our contacted user as a blocked user. + $this->contact_user = $this->drupalCreateUser(); + user_save($this->contact_user, array('status' => 0)); + + // Test that blocked users can still be contacted by admin. + $this->drupalGet('user/' . $this->contact_user->uid . '/contact'); + $this->assertResponse(200); + + // Test that blocked users cannot be contacted by non-admins. + $this->drupalLogin($this->web_user); + $this->drupalGet('user/' . $this->contact_user->uid . '/contact'); + $this->assertResponse(403); + } + + /** + * Tests the personal contact form flood protection. + */ + function testPersonalContactFlood() { + $flood_limit = 3; + variable_set('contact_threshold_limit', $flood_limit); + + // Clear flood table in preparation for flood test and allow other checks to complete. + db_delete('flood')->execute(); + $num_records_flood = db_query("SELECT COUNT(*) FROM {flood}")->fetchField(); + $this->assertIdentical($num_records_flood, '0', 'Flood table emptied.'); + + $this->drupalLogin($this->web_user); + + // Submit contact form with correct values and check flood interval. + for ($i = 0; $i < $flood_limit; $i++) { + $this->submitPersonalContact($this->contact_user); + $this->assertText(t('Your message has been sent.'), 'Message sent.'); + } + + // Submit contact form one over limit. + $this->drupalGet('user/' . $this->contact_user->uid. '/contact'); + $this->assertRaw(t('You cannot send more than %number messages in @interval. Try again later.', array('%number' => $flood_limit, '@interval' => format_interval(variable_get('contact_threshold_window', 3600)))), 'Normal user denied access to flooded contact form.'); + + // Test that the admin user can still access the contact form even though + // the flood limit was reached. + $this->drupalLogin($this->admin_user); + $this->assertNoText('Try again later.', 'Admin user not denied access to flooded contact form.'); + } + + /** + * Fills out a user's personal contact form and submits it. + * + * @param $account + * A user object of the user being contacted. + * @param $message + * An optional array with the form fields being used. + */ + protected function submitPersonalContact($account, array $message = array()) { + $message += array( + 'subject' => $this->randomName(16), + 'message' => $this->randomName(64), + ); + $this->drupalPost('user/' . $account->uid . '/contact', $message, t('Send message')); + } +}