Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/8.x' into kernel 

Conflicts:
	core/modules/locale/lib/Drupal/locale/Tests/LocalePathTest.php
	core/modules/update/update.fetch.inc
8.0.x
Larry Garfield 2012-05-28 16:38:37 -05:00
parent 1c442e85f2 cb80acc53e
commit 2a8b9b7eae
42 changed files with 1164 additions and 1104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
core/includes/common.inc
View File

@ -830,13 +830,6 @@ function drupal_http_request($url, array $options = array()) {
// clash with the HTTP status codes.
$result->code = -$errno;
$result->error = trim($errstr) ? trim($errstr) : t('Error opening socket @socket', array('@socket' => $socket));
// Mark that this request failed. This will trigger a check of the web
// server's ability to make outgoing HTTP requests the next time that
// requirements checking is performed.
// See system_requirements().
variable_set('drupal_http_request_fails', TRUE);
return $result;
}

12
core/includes/form.inc
View File

@ -987,6 +987,10 @@ function drupal_prepare_form($form_id, &$form, &$form_state) {
'#value' => $form['#build_id'],
'#id' => $form['#build_id'],
'#name' => 'form_build_id',
// Form processing and validation requires this value, so ensure the
// submitted form value appears literally, regardless of custom #tree
// and #parents being set elsewhere.
'#parents' => array('form_build_id'),
);
// Add a token, based on either #token or form_id, to any form displayed to
@ -1010,6 +1014,10 @@ function drupal_prepare_form($form_id, &$form, &$form_state) {
'#id' => drupal_html_id('edit-' . $form_id . '-form-token'),
'#type' => 'token',
'#default_value' => drupal_get_token($form['#token']),
// Form processing and validation requires this value, so ensure the
// submitted form value appears literally, regardless of custom #tree
// and #parents being set elsewhere.
'#parents' => array('form_token'),
);
}
}
@ -1019,6 +1027,10 @@ function drupal_prepare_form($form_id, &$form, &$form_state) {
'#type' => 'hidden',
'#value' => $form_id,
'#id' => drupal_html_id("edit-$form_id"),
// Form processing and validation requires this value, so ensure the
// submitted form value appears literally, regardless of custom #tree
// and #parents being set elsewhere.
'#parents' => array('form_id'),
);
}
if (!isset($form['#id'])) {

3
core/modules/aggregator/aggregator.admin.inc
View File

@ -323,6 +323,9 @@ function aggregator_form_opml_submit($form, &$form_state) {
if (!isset($response->error)) {
$data = $response->data;
}
else {
watchdog('aggregator', 'HTTP request to @url failed with error: @error', array('@url' => $form_state['values']['remote'], '@error' => $response->error));
}
}
$feeds = _aggregator_parse_opml($data);

2
core/modules/block/block.test
View File

@ -111,7 +111,7 @@ class BlockTestCase extends WebTestBase {
// Set visibility only for authenticated users, to verify delete functionality.
$edit = array();
$edit['roles[2]'] = TRUE;
$edit['roles[' . DRUPAL_AUTHENTICATED_RID . ']'] = TRUE;
$this->drupalPost('admin/structure/block/manage/block/' . $bid . '/configure', $edit, t('Save block'));
// Delete the created custom block & verify that it's been deleted and no longer appearing on the page.

1
core/modules/book/book.info
View File

@ -4,6 +4,5 @@ package = Core
version = VERSION
core = 8.x
dependencies[] = node
files[] = book.test
configure = admin/content/book/settings
stylesheets[all][] = book.theme.css

14
core/modules/book/book.test → core/modules/book/lib/Drupal/book/Tests/BookTest.php
View File

@ -2,13 +2,15 @@
/**
* @file
* Tests for book.module.
* Definition of Drupal\book\Tests\BookTest.
*/
namespace Drupal\book\Tests;
use Drupal\node\Node;
use Drupal\simpletest\WebTestBase;
class BookTestCase extends WebTestBase {
class BookTest extends WebTestBase {
protected $book;
// $book_author is a user with permission to create and edit books.
protected $book_author;
@ -282,8 +284,8 @@ class BookTestCase extends WebTestBase {
// Give anonymous users the permission 'node test view'.
$edit = array();
$edit['1[node test view]'] = TRUE;
$this->drupalPost('admin/people/permissions/1', $edit, t('Save permissions'));
$edit[DRUPAL_ANONYMOUS_RID . '[node test view]'] = TRUE;
$this->drupalPost('admin/people/permissions/' . DRUPAL_ANONYMOUS_RID, $edit, t('Save permissions'));
$this->assertText(t('The changes have been saved.'), t("Permission 'node test view' successfully assigned to anonymous users."));
// Test correct display of the block.
@ -318,8 +320,8 @@ class BookTestCase extends WebTestBase {
// Give anonymous users the permission 'node test view'.
$edit = array();
$edit['1[node test view]'] = TRUE;
$this->drupalPost('admin/people/permissions/1', $edit, t('Save permissions'));
$edit[DRUPAL_ANONYMOUS_RID . '[node test view]'] = TRUE;
$this->drupalPost('admin/people/permissions/' . DRUPAL_ANONYMOUS_RID, $edit, t('Save permissions'));
$this->assertText(t('The changes have been saved.'), t('Permission \'node test view\' successfully assigned to anonymous users.'));
// Create a book.

1
core/modules/color/color.info
View File

@ -3,4 +3,3 @@ description = Allows administrators to change the color scheme of compatible the
package = Core
version = VERSION
core = 8.x
files[] = color.test

6
core/modules/color/color.test → core/modules/color/lib/Drupal/color/Tests/ColorTest.php
View File

@ -2,15 +2,17 @@
/**
* @file
* Tests for color module.
* Definition of Drupal\color\Tests\ColorTest.
*/
namespace Drupal\color\Tests;
use Drupal\simpletest\WebTestBase;
/**
* Tests the Color module functionality.
*/
class ColorTestCase extends WebTestBase {
class ColorTest extends WebTestBase {
protected $big_user;
protected $themes;
protected $colorTests;

1
core/modules/dashboard/dashboard.info
View File

@ -3,6 +3,5 @@ description = Provides a dashboard page in the administrative interface for orga
core = 8.x
package = Core
version = VERSION
files[] = dashboard.test
dependencies[] = block
configure = admin/dashboard/customize

65
core/modules/dashboard/lib/Drupal/dashboard/Tests/DashboardBlockAvailabilityTest.php Normal file
View File

@ -0,0 +1,65 @@
<?php
/**
* @file
* Definition of Drupal\dashboard\Tests\DashboardBlockAvailabilityTest.
*/
namespace Drupal\dashboard\Tests;
use Drupal\simpletest\WebTestBase;
class DashboardBlockAvailabilityTest extends WebTestBase {
protected $profile = 'standard';
public static function getInfo() {
return array(
'name' => 'Block availability',
'description' => 'Test blocks as used by the dashboard.',
'group' => 'Dashboard',
);
}
function setUp() {
parent::setUp();
// Create and log in an administrative user having access to the dashboard.
$admin_user = $this->drupalCreateUser(array('access dashboard', 'administer blocks', 'access administration pages', 'administer modules'));
$this->drupalLogin($admin_user);
// Make sure that the dashboard is using the same theme as the rest of the
// site (and in particular, the same theme used on 403 pages). This forces
// the dashboard blocks to be the same for an administrator as for a
// regular user, and therefore lets us test that the dashboard blocks
// themselves are specifically removed for a user who does not have access
// to the dashboard page.
theme_enable(array('stark'));
variable_set('theme_default', 'stark');
variable_set('admin_theme', 'stark');
}
/**
* Tests that administrative blocks are available for the dashboard.
*/
function testBlockAvailability() {
// Test "Recent comments", which should be available (defined as
// "administrative") but not enabled.
$this->drupalGet('admin/dashboard');
$this->assertNoText(t('Recent comments'), t('"Recent comments" not on dashboard.'));
$this->drupalGet('admin/dashboard/drawer');
$this->assertText(t('Recent comments'), t('Drawer of disabled blocks includes a block defined as "administrative".'));
$this->assertNoText(t('Syndicate'), t('Drawer of disabled blocks excludes a block not defined as "administrative".'));
$this->drupalGet('admin/dashboard/configure');
$elements = $this->xpath('//select[@id=:id]//option[@selected="selected"]', array(':id' => 'edit-blocks-comment-recent-region'));
$this->assertTrue($elements[0]['value'] == 'dashboard_inactive', t('A block defined as "administrative" defaults to dashboard_inactive.'));
// Now enable the block on the dashboard.
$values = array();
$values['blocks[comment_recent][region]'] = 'dashboard_main';
$this->drupalPost('admin/dashboard/configure', $values, t('Save blocks'));
$this->drupalGet('admin/dashboard');
$this->assertText(t('Recent comments'), t('"Recent comments" was placed on dashboard.'));
$this->drupalGet('admin/dashboard/drawer');
$this->assertNoText(t('Recent comments'), t('Drawer of disabled blocks excludes enabled blocks.'));
}
}

60
core/modules/dashboard/dashboard.test → core/modules/dashboard/lib/Drupal/dashboard/Tests/DashboardBlocksTest.php
View File

@ -2,16 +2,17 @@
/**
* @file
* Tests for dashboard.module.
* Definition of Drupal\dashboard\Tests\DashboardBlocksTest.
*/
namespace Drupal\dashboard\Tests;
use Drupal\simpletest\WebTestBase;
/**
* Tests the Dashboard module blocks.
*/
class DashboardBlocksTestCase extends WebTestBase {
class DashboardBlocksTest extends WebTestBase {
public static function getInfo() {
return array(
'name' => 'Dashboard blocks',
@ -108,58 +109,3 @@ class DashboardBlocksTestCase extends WebTestBase {
$this->assertRaw($custom_block['title'], t('Block still appears on the dashboard.'));
}
}
class DashboardBlockAvailabilityTestCase extends WebTestBase {
protected $profile = 'standard';
public static function getInfo() {
return array(
'name' => 'Block availability',
'description' => 'Test blocks as used by the dashboard.',
'group' => 'Dashboard',
);
}
function setUp() {
parent::setUp();
// Create and log in an administrative user having access to the dashboard.
$admin_user = $this->drupalCreateUser(array('access dashboard', 'administer blocks', 'access administration pages', 'administer modules'));
$this->drupalLogin($admin_user);
// Make sure that the dashboard is using the same theme as the rest of the
// site (and in particular, the same theme used on 403 pages). This forces
// the dashboard blocks to be the same for an administrator as for a
// regular user, and therefore lets us test that the dashboard blocks
// themselves are specifically removed for a user who does not have access
// to the dashboard page.
theme_enable(array('stark'));
variable_set('theme_default', 'stark');
variable_set('admin_theme', 'stark');
}
/**
* Tests that administrative blocks are available for the dashboard.
*/
function testBlockAvailability() {
// Test "Recent comments", which should be available (defined as
// "administrative") but not enabled.
$this->drupalGet('admin/dashboard');
$this->assertNoText(t('Recent comments'), t('"Recent comments" not on dashboard.'));
$this->drupalGet('admin/dashboard/drawer');
$this->assertText(t('Recent comments'), t('Drawer of disabled blocks includes a block defined as "administrative".'));
$this->assertNoText(t('Syndicate'), t('Drawer of disabled blocks excludes a block not defined as "administrative".'));
$this->drupalGet('admin/dashboard/configure');
$elements = $this->xpath('//select[@id=:id]//option[@selected="selected"]', array(':id' => 'edit-blocks-comment-recent-region'));
$this->assertTrue($elements[0]['value'] == 'dashboard_inactive', t('A block defined as "administrative" defaults to dashboard_inactive.'));
// Now enable the block on the dashboard.
$values = array();
$values['blocks[comment_recent][region]'] = 'dashboard_main';
$this->drupalPost('admin/dashboard/configure', $values, t('Save blocks'));
$this->drupalGet('admin/dashboard');
$this->assertText(t('Recent comments'), t('"Recent comments" was placed on dashboard.'));
$this->drupalGet('admin/dashboard/drawer');
$this->assertNoText(t('Recent comments'), t('Drawer of disabled blocks excludes enabled blocks.'));
}
}

1
core/modules/dblog/dblog.info
View File

@ -3,4 +3,3 @@ description = Logs and records system events to the database.
package = Core
version = VERSION
core = 8.x
files[] = dblog.test

9
core/modules/dblog/dblog.test → core/modules/dblog/lib/Drupal/dblog/Tests/DBLogTest.php
View File

@ -2,13 +2,15 @@
/**
* @file
* Tests for dblog.module.
* Definition of Drupal\dblog\Tests\DBLogTest.
*/
namespace Drupal\dblog\Tests;
use Drupal\simpletest\WebTestBase;
use SimpleXMLElement;
class DBLogTestCase extends WebTestBase {
class DBLogTest extends WebTestBase {
protected $profile = 'standard';
protected $big_user;
@ -477,7 +479,7 @@ class DBLogTestCase extends WebTestBase {
$count = $this->getTypeCount($types);
$this->assertEqual(array_sum($count), $type['count'], 'Count matched');
}
// Clear all logs and make sure the confirmation message is found.
$this->drupalPost('admin/reports/dblog', array(), t('Clear log messages'));
$this->assertText(t('Database log cleared.'), t('Confirmation message found'));
@ -592,4 +594,3 @@ class DBLogTestCase extends WebTestBase {
$this->assertLink(html_entity_decode($message_text), 0, $message);
}
}

23
core/modules/field/tests/field_test.entity.inc → core/modules/field/tests/modules/field_test/field_test.entity.inc
View File

@ -5,8 +5,6 @@
* Defines an entity type.
*/
use Drupal\entity\EntityController;
/**
* Implements hook_entity_info().
*/
@ -68,7 +66,7 @@ function field_test_entity_info() {
'name' => t('Test Entity with a specified bundle.'),
'base table' => 'test_entity_bundle',
'fieldable' => TRUE,
'controller class' => 'TestEntityBundleController',
'controller class' => 'Drupal\field_test\TestEntityBundleController',
'field cache' => FALSE,
'entity keys' => array(
'id' => 'ftid',
@ -476,22 +474,3 @@ function field_test_entity_nested_form_submit($form, &$form_state) {
drupal_set_message(t('test_entities @id_1 and @id_2 have been updated.', array('@id_1' => $entity_1->ftid, '@id_2' => $entity_2->ftid)));
}
/**
* Controller class for the test_entity_bundle entity type.
*
* This extends the Drupal\entity\EntityController class, adding
* required special handling for bundles (since they are not stored in the
* database).
*/
class TestEntityBundleController extends EntityController {
protected function attachLoad(&$entities, $revision_id = FALSE) {
// Add bundle information.
foreach ($entities as $key => $entity) {
$entity->fttype = 'test_entity_bundle';
$entities[$key] = $entity;
}
parent::attachLoad($entities, $revision_id);
}
}

0
core/modules/field/tests/field_test.field.inc → core/modules/field/tests/modules/field_test/field_test.field.inc
View File

0
core/modules/field/tests/field_test.info → core/modules/field/tests/modules/field_test/field_test.info
View File

0
core/modules/field/tests/field_test.install → core/modules/field/tests/modules/field_test/field_test.install
View File

6
core/modules/field/tests/field_test.module → core/modules/field/tests/modules/field_test/field_test.module
View File

@ -15,9 +15,9 @@
use Drupal\entity\EntityFieldQuery;
require_once DRUPAL_ROOT . '/core/modules/field/tests/field_test.entity.inc';
require_once DRUPAL_ROOT . '/core/modules/field/tests/field_test.field.inc';
require_once DRUPAL_ROOT . '/core/modules/field/tests/field_test.storage.inc';
require_once DRUPAL_ROOT . '/core/modules/field/tests/modules/field_test/field_test.entity.inc';
require_once DRUPAL_ROOT . '/core/modules/field/tests/modules/field_test/field_test.field.inc';
require_once DRUPAL_ROOT . '/core/modules/field/tests/modules/field_test/field_test.storage.inc';
/**
* Implements hook_permission().

0
core/modules/field/tests/field_test.storage.inc → core/modules/field/tests/modules/field_test/field_test.storage.inc
View File

29
core/modules/field/tests/modules/field_test/lib/Drupal/field_test/TestEntityBundleController.php Normal file
View File

@ -0,0 +1,29 @@
<?php
/**
* @file
* Definition of Drupal\field_test\TestEntityBundleController.
*/
namespace Drupal\field_test;
use Drupal\entity\EntityController;
/**
* Controller class for the test_entity_bundle entity type.
*
* This extends the Drupal\entity\EntityController class, adding
* required special handling for bundles (since they are not stored in the
* database).
*/
class TestEntityBundleController extends EntityController {
protected function attachLoad(&$entities, $revision_id = FALSE) {
// Add bundle information.
foreach ($entities as $key => $entity) {
$entity->fttype = 'test_entity_bundle';
$entities[$key] = $entity;
}
parent::attachLoad($entities, $revision_id);
}
}

2
core/modules/file/tests/file.test
View File

@ -556,7 +556,7 @@ class FileFieldWidgetTestCase extends FileFieldTestCase {
// Remove access comments permission from anon user.
$edit = array(
'1[access comments]' => FALSE,
DRUPAL_ANONYMOUS_RID . '[access comments]' => FALSE,
);
$this->drupalPost('admin/people/permissions', $edit, t('Save permissions'));

16
core/modules/filter/filter.test
View File

@ -319,7 +319,7 @@ class FilterAdminTestCase extends WebTestBase {
$edit = array();
$edit['format'] = drupal_strtolower($this->randomName());
$edit['name'] = $this->randomName();
$edit['roles[2]'] = 1;
$edit['roles[' . DRUPAL_AUTHENTICATED_RID . ']'] = 1;
$edit['filters[' . $second_filter . '][status]'] = TRUE;
$edit['filters[' . $first_filter . '][status]'] = TRUE;
$this->drupalPost('admin/config/content/formats/add', $edit, t('Save configuration'));
@ -329,7 +329,7 @@ class FilterAdminTestCase extends WebTestBase {
$format = filter_format_load($edit['format']);
$this->assertNotNull($format, t('Format found in database.'));
$this->assertFieldByName('roles[2]', '', t('Role found.'));
$this->assertFieldByName('roles[' . DRUPAL_AUTHENTICATED_RID . ']', '', t('Role found.'));
$this->assertFieldByName('filters[' . $second_filter . '][status]', '', t('Line break filter found.'));
$this->assertFieldByName('filters[' . $first_filter . '][status]', '', t('Url filter found.'));
@ -340,8 +340,8 @@ class FilterAdminTestCase extends WebTestBase {
// Allow authenticated users on full HTML.
$format = filter_format_load($full);
$edit = array();
$edit['roles[1]'] = 0;
$edit['roles[2]'] = 1;
$edit['roles[' . DRUPAL_ANONYMOUS_RID . ']'] = 0;
$edit['roles[' . DRUPAL_AUTHENTICATED_RID . ']'] = 1;
$this->drupalPost('admin/config/content/formats/' . $full, $edit, t('Save configuration'));
$this->assertRaw(t('The text format %format has been updated.', array('%format' => $format->name)), t('Full HTML format successfully updated.'));
@ -391,10 +391,10 @@ class FilterAdminTestCase extends WebTestBase {
// Full HTML.
$edit = array();
$edit['roles[2]'] = FALSE;
$edit['roles[' . DRUPAL_AUTHENTICATED_RID . ']'] = FALSE;
$this->drupalPost('admin/config/content/formats/' . $full, $edit, t('Save configuration'));
$this->assertRaw(t('The text format %format has been updated.', array('%format' => $format->name)), t('Full HTML format successfully reverted.'));
$this->assertFieldByName('roles[2]', $edit['roles[2]'], t('Changes reverted.'));
$this->assertFieldByName('roles[' . DRUPAL_AUTHENTICATED_RID . ']', $edit['roles[' . DRUPAL_AUTHENTICATED_RID . ']'], t('Changes reverted.'));
// Filter order.
$edit = array();
@ -1829,7 +1829,7 @@ class FilterHooksTestCase extends WebTestBase {
$edit = array();
$edit['format'] = drupal_strtolower($this->randomName());
$edit['name'] = $name;
$edit['roles[1]'] = 1;
$edit['roles[' . DRUPAL_ANONYMOUS_RID . ']'] = 1;
$this->drupalPost('admin/config/content/formats/add', $edit, t('Save configuration'));
$this->assertRaw(t('Added text format %format.', array('%format' => $name)), t('New format created.'));
$this->assertText('hook_filter_format_insert invoked.', t('hook_filter_format_insert was invoked.'));
@ -1838,7 +1838,7 @@ class FilterHooksTestCase extends WebTestBase {
// Update text format.
$edit = array();
$edit['roles[2]'] = 1;
$edit['roles[' . DRUPAL_AUTHENTICATED_RID . ']'] = 1;
$this->drupalPost('admin/config/content/formats/' . $format_id, $edit, t('Save configuration'));
$this->assertRaw(t('The text format %format has been updated.', array('%format' => $name)), t('Format successfully updated.'));
$this->assertText('hook_filter_format_update invoked.', t('hook_filter_format_update() was invoked.'));

1
core/modules/forum/forum.info
View File

@ -6,6 +6,5 @@ dependencies[] = comment
package = Core
version = VERSION
core = 8.x
files[] = forum.test
configure = admin/structure/forum
stylesheets[all][] = forum.css

72
core/modules/forum/lib/Drupal/forum/Tests/ForumIndexTest.php Normal file
View File

@ -0,0 +1,72 @@
<?php
/**
* @file
* Definition of Drupal\forum\Tests\ForumIndexTest.
*/
namespace Drupal\forum\Tests;
use Drupal\simpletest\WebTestBase;
/**
* Tests the forum index listing.
*/
class ForumIndexTest extends WebTestBase {
public static function getInfo() {
return array(
'name' => 'Forum index',
'description' => 'Tests the forum index listing.',
'group' => 'Forum',
);
}
function setUp() {
parent::setUp('taxonomy', 'comment', 'forum');
// Create a test user.
$web_user = $this->drupalCreateUser(array('create forum content', 'edit own forum content', 'edit any forum content', 'administer nodes'));
$this->drupalLogin($web_user);
}
/**
* Tests the forum index for published and unpublished nodes.
*/
function testForumIndexStatus() {
$langcode = LANGUAGE_NOT_SPECIFIED;
// The forum ID to use.
$tid = 1;
// Create a test node.
$title = $this->randomName(20);
$edit = array(
"title" => $title,
"body[$langcode][0][value]" => $this->randomName(200),
);
// Create the forum topic, preselecting the forum ID via a URL parameter.
$this->drupalPost('node/add/forum/' . $tid, $edit, t('Save'));
// Check that the node exists in the database.
$node = $this->drupalGetNodeByTitle($title);
$this->assertTrue(!empty($node), 'New forum node found in database.');
// Verify that the node appears on the index.
$this->drupalGet('forum/' . $tid);
$this->assertText($title, 'Published forum topic appears on index.');
// Unpublish the node.
$edit = array(
'status' => FALSE,
);
$this->drupalPost("node/{$node->nid}/edit", $edit, t('Save'));
$this->assertText(t('Access denied'), 'Unpublished node is no longer accessible.');
// Verify that the node no longer appears on the index.
$this->drupalGet('forum/' . $tid);
$this->assertNoText($title, 'Unpublished forum topic no longer appears on index.');
}
}

68
core/modules/forum/forum.test → core/modules/forum/lib/Drupal/forum/Tests/ForumTest.php
View File

@ -2,13 +2,15 @@
/**
* @file
* Tests for forum.module.
* Definition of Drupal\forum\Tests\ForumTest.
*/
namespace Drupal\forum\Tests;
use Drupal\node\Node;
use Drupal\simpletest\WebTestBase;
class ForumTestCase extends WebTestBase {
class ForumTest extends WebTestBase {
protected $admin_user;
protected $edit_own_topics_user;
protected $edit_any_topics_user;
@ -591,65 +593,3 @@ class ForumTestCase extends WebTestBase {
}
}
}
/**
* Tests the forum index listing.
*/
class ForumIndexTestCase extends WebTestBase {
public static function getInfo() {
return array(
'name' => 'Forum index',
'description' => 'Tests the forum index listing.',
'group' => 'Forum',
);
}
function setUp() {
parent::setUp('taxonomy', 'comment', 'forum');
// Create a test user.
$web_user = $this->drupalCreateUser(array('create forum content', 'edit own forum content', 'edit any forum content', 'administer nodes'));
$this->drupalLogin($web_user);
}
/**
* Tests the forum index for published and unpublished nodes.
*/
function testForumIndexStatus() {
$langcode = LANGUAGE_NOT_SPECIFIED;
// The forum ID to use.
$tid = 1;
// Create a test node.
$title = $this->randomName(20);
$edit = array(
"title" => $title,
"body[$langcode][0][value]" => $this->randomName(200),
);
// Create the forum topic, preselecting the forum ID via a URL parameter.
$this->drupalPost('node/add/forum/' . $tid, $edit, t('Save'));
// Check that the node exists in the database.
$node = $this->drupalGetNodeByTitle($title);
$this->assertTrue(!empty($node), 'New forum node found in database.');
// Verify that the node appears on the index.
$this->drupalGet('forum/' . $tid);
$this->assertText($title, 'Published forum topic appears on index.');
// Unpublish the node.
$edit = array(
'status' => FALSE,
);
$this->drupalPost("node/{$node->nid}/edit", $edit, t('Save'));
$this->assertText(t('Access denied'), 'Unpublished node is no longer accessible.');
// Verify that the node no longer appears on the index.
$this->drupalGet('forum/' . $tid);
$this->assertNoText($title, 'Unpublished forum topic no longer appears on index.');
}
}

1
core/modules/help/help.info
View File

@ -3,4 +3,3 @@ description = Manages the display of online help.
package = Core
version = VERSION
core = 8.x
files[] = help.test

40
core/modules/help/help.test → core/modules/help/lib/Drupal/help/Tests/HelpTest.php
View File

@ -2,15 +2,17 @@
/**
* @file
* Tests for help.module.
* Definition of Drupal\help\Tests\HelpTest.
*/
namespace Drupal\help\Tests;
use Drupal\simpletest\WebTestBase;
/**
* Tests help display and user access for all modules implementing help.
*/
class HelpTestCase extends WebTestBase {
class HelpTest extends WebTestBase {
// Tests help implementations of many arbitrary core modules.
protected $profile = 'standard';
@ -106,37 +108,3 @@ class HelpTestCase extends WebTestBase {
}
}
}
/**
* Tests a module without help to verify it is not listed in the help page.
*/
class NoHelpTestCase extends WebTestBase {
/**
* The user who will be created.
*/
protected $big_user;
public static function getInfo() {
return array(
'name' => 'No help',
'description' => 'Verify no help is displayed for modules not providing any help.',
'group' => 'Help',
);
}
function setUp() {
// Use one of the test modules that do not implement hook_help().
parent::setUp('menu_test');
$this->big_user = $this->drupalCreateUser(array('access administration pages'));
}
/**
* Ensures modules not implementing help do not appear on admin/help.
*/
function testMainPageNoHelp() {
$this->drupalLogin($this->big_user);
$this->drupalGet('admin/help');
$this->assertNoText('Hook menu tests', t('Making sure the test module menu_test does not display a help link in admin/help'));
}
}

44
core/modules/help/lib/Drupal/help/Tests/NoHelpTest.php Normal file
View File

@ -0,0 +1,44 @@
<?php
/**
* @file
* Definition of Drupal\help\Tests\NoHelpTest.
*/
namespace Drupal\help\Tests;
use Drupal\simpletest\WebTestBase;
/**
* Tests a module without help to verify it is not listed in the help page.
*/
class NoHelpTest extends WebTestBase {
/**
* The user who will be created.
*/
protected $big_user;
public static function getInfo() {
return array(
'name' => 'No help',
'description' => 'Verify no help is displayed for modules not providing any help.',
'group' => 'Help',
);
}
function setUp() {
// Use one of the test modules that do not implement hook_help().
parent::setUp('menu_test');
$this->big_user = $this->drupalCreateUser(array('access administration pages'));
}
/**
* Ensures modules not implementing help do not appear on admin/help.
*/
function testMainPageNoHelp() {
$this->drupalLogin($this->big_user);
$this->drupalGet('admin/help');
$this->assertNoText('Hook menu tests', t('Making sure the test module menu_test does not display a help link in admin/help'));
}
}

2
core/modules/locale/lib/Drupal/locale/Tests/LocalePathTest.php
View File

@ -60,7 +60,7 @@ class LocalePathTest extends WebTestBase {
// Check that the "xx" front page is readily available because path prefix
// negotiation is pre-configured.
$this->drupalGet($prefix);
$this->assertText(t('Welcome to Drupal'), t('The "xx" front page is readily available.'));
$this->assertText(t('Welcome to Drupal'), t('The "xx" front page is readibly available.'));
// Create a node.
$node = $this->drupalCreateNode(array('type' => 'page'));

383
core/modules/openid/lib/Drupal/openid/Tests/OpenIDFunctionalTest.php Normal file
View File

@ -0,0 +1,383 @@
<?php
/**
* @file
* Definition of Drupal\openid\Tests\OpenIDFunctionalTest.
*/
namespace Drupal\openid\Tests;
use stdClass;
/**
* Test discovery and login using OpenID
*/
class OpenIDFunctionalTest extends OpenIDTestBase {
protected $web_user;
public static function getInfo() {
return array(
'name' => 'OpenID discovery and login',
'description' => "Adds an identity to a user's profile and uses it to log in.",
'group' => 'OpenID'
);
}
function setUp() {
parent::setUp('openid', 'openid_test');
// User doesn't need special permissions; only the ability to log in.
$this->web_user = $this->drupalCreateUser(array());
}
/**
* Test discovery of OpenID Provider Endpoint via Yadis and HTML.
*/
function testDiscovery() {
$this->drupalLogin($this->web_user);
// The User-supplied Identifier entered by the user may indicate the URL of
// the OpenID Provider Endpoint in various ways, as described in OpenID
// Authentication 2.0 and Yadis Specification 1.0.
// Note that all of the tested identifiers refer to the same endpoint, so
// only the first will trigger an associate request in openid_association()
// (association is only done the first time Drupal encounters a given
// endpoint).
// Yadis discovery (see Yadis Specification 1.0, section 6.2.5):
// If the User-supplied Identifier is a URL, it may be a direct or indirect
// reference to an XRDS document (a Yadis Resource Descriptor) that contains
// the URL of the OpenID Provider Endpoint.
// Identifier is the URL of an XRDS document.
// On HTTP test environments, the URL scheme is stripped in order to test
// that the supplied identifier is normalized in openid_begin().
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->addIdentity(preg_replace('@^http://@', '', $identity), 2, 'http://example.com/xrds', $identity);
$identity = url('openid-test/yadis/xrds/delegate', array('absolute' => TRUE));
$this->addIdentity(preg_replace('@^http://@', '', $identity), 2, 'http://example.com/xrds-delegate', $identity);
// Identifier is the URL of an XRDS document containing an OP Identifier
// Element. The Relying Party sends the special value
// "http://specs.openid.net/auth/2.0/identifier_select" as Claimed
// Identifier. The OpenID Provider responds with the actual identifier
// including the fragment.
$identity = url('openid-test/yadis/xrds/dummy-user', array('absolute' => TRUE, 'fragment' => $this->randomName()));
// Tell openid_test.module to respond with this identifier. If the fragment
// part is present in the identifier, it should be retained.
variable_set('openid_test_response', array('openid.claimed_id' => $identity));
$this->addIdentity(url('openid-test/yadis/xrds/server', array('absolute' => TRUE)), 2, 'http://specs.openid.net/auth/2.0/identifier_select', $identity);
variable_set('openid_test_response', array());
// Identifier is the URL of an HTML page that is sent with an HTTP header
// that contains the URL of an XRDS document.
$this->addIdentity(url('openid-test/yadis/x-xrds-location', array('absolute' => TRUE)), 2);
// Identifier is the URL of an HTML page containing a <meta http-equiv=...>
// element that contains the URL of an XRDS document.
$this->addIdentity(url('openid-test/yadis/http-equiv', array('absolute' => TRUE)), 2);
// Identifier is an XRI. Resolve using our own dummy proxy resolver.
variable_set('xri_proxy_resolver', url('openid-test/yadis/xrds/xri', array('absolute' => TRUE)) . '/');
$this->addIdentity('@example*résumé;%25', 2, 'http://example.com/xrds', 'http://example.com/user');
// Make sure that unverified CanonicalID are not trusted.
variable_set('openid_test_canonical_id_status', 'bad value');
$this->addIdentity('@example*résumé;%25', 2, FALSE, FALSE);
// HTML-based discovery:
// If the User-supplied Identifier is a URL of an HTML page, the page may
// contain a <link rel=...> element containing the URL of the OpenID
// Provider Endpoint. OpenID 1 and 2 describe slightly different formats.
// OpenID Authentication 1.1, section 3.1:
$this->addIdentity(url('openid-test/html/openid1', array('absolute' => TRUE)), 1, 'http://example.com/html-openid1');
// OpenID Authentication 2.0, section 7.3.3:
$this->addIdentity(url('openid-test/html/openid2', array('absolute' => TRUE)), 2, 'http://example.com/html-openid2');
// OpenID Authentication 2.0, section 7.2.4:
// URL Identifiers MUST then be further normalized by both (1) following
// redirects when retrieving their content and finally (2) applying the
// rules in Section 6 of RFC3986 to the final destination URL. This final
// URL MUST be noted by the Relying Party as the Claimed Identifier and be
// used when requesting authentication.
// Single redirect.
$identity = $expected_claimed_id = url('openid-test/redirected/yadis/xrds/1', array('absolute' => TRUE));
$this->addRedirectedIdentity($identity, 2, 'http://example.com/xrds', $expected_claimed_id, 0);
// Exact 3 redirects (default value for the 'max_redirects' option in
// drupal_http_request()).
$identity = $expected_claimed_id = url('openid-test/redirected/yadis/xrds/2', array('absolute' => TRUE));
$this->addRedirectedIdentity($identity, 2, 'http://example.com/xrds', $expected_claimed_id, 2);
// Fails because there are more than 3 redirects (default value for the
// 'max_redirects' option in drupal_http_request()).
$identity = url('openid-test/redirected/yadis/xrds/3', array('absolute' => TRUE));
$expected_claimed_id = FALSE;
$this->addRedirectedIdentity($identity, 2, 'http://example.com/xrds', $expected_claimed_id, 3);
}
/**
* Test login using OpenID.
*/
function testLogin() {
$this->drupalLogin($this->web_user);
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->addIdentity($identity);
$response = variable_get('openid_test_hook_openid_response_response');
$account = variable_get('openid_test_hook_openid_response_account');
$this->assertEqual($response['openid.claimed_id'], $identity, t('hook_openid_response() was invoked.'));
$this->assertEqual($account->uid, $this->web_user->uid, t('Proper user object passed to hook_openid_response().'));
$this->drupalLogout();
// Test logging in via the login block on the front page.
variable_del('openid_test_hook_openid_response_response');
variable_del('openid_test_hook_openid_response_account');
$this->submitLoginForm($identity);
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
$response = variable_get('openid_test_hook_openid_response_response');
$account = variable_get('openid_test_hook_openid_response_account');
$this->assertEqual($response['openid.claimed_id'], $identity, t('hook_openid_response() was invoked.'));
$this->assertEqual($account->uid, $this->web_user->uid, t('Proper user object passed to hook_openid_response().'));
$this->drupalLogout();
// Test logging in via the user/login page.
$edit = array('openid_identifier' => $identity);
$this->drupalPost('user/login', $edit, t('Log in'));
// Check we are on the OpenID redirect form.
$this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
// Submit form to the OpenID Provider Endpoint.
$this->drupalPost(NULL, array(), t('Send'));
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
// Verify user was redirected away from user/login to an accessible page.
$this->assertResponse(200);
$this->drupalLogout();
// Tell openid_test.module to alter the checkid_setup request.
$new_identity = 'http://example.com/' . $this->randomName();
variable_set('openid_test_identity', $new_identity);
variable_set('openid_test_request_alter', array('checkid_setup' => array('openid.identity' => $new_identity)));
$this->submitLoginForm($identity);
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
$response = variable_get('openid_test_hook_openid_response_response');
$this->assertEqual($response['openid.identity'], $new_identity, t('hook_openid_request_alter() were invoked.'));
}
/**
* Test login using OpenID during maintenance mode.
*/
function testLoginMaintenanceMode() {
$this->web_user = $this->drupalCreateUser(array('access site in maintenance mode'));
$this->drupalLogin($this->web_user);
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->addIdentity($identity);
$this->drupalLogout();
// Enable maintenance mode.
variable_set('maintenance_mode', 1);
// Test logging in via the user/login page while the site is offline.
$edit = array('openid_identifier' => $identity);
$this->drupalPost('user/login', $edit, t('Log in'));
// Check we are on the OpenID redirect form.
$this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
// Submit form to the OpenID Provider Endpoint.
$this->drupalPost(NULL, array(), t('Send'));
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
// Verify user was redirected away from user/login to an accessible page.
$this->assertText(t('Operating in maintenance mode.'));
$this->assertResponse(200);
}
/**
* Test deleting an OpenID identity from a user's profile.
*/
function testDelete() {
$this->drupalLogin($this->web_user);
// Add identity to user's profile.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->addIdentity($identity);
$this->assertText($identity, t('Identity appears in list.'));
// Delete the newly added identity.
$this->clickLink(t('Delete'));
$this->drupalPost(NULL, array(), t('Confirm'));
$this->assertText(t('OpenID deleted.'), t('Identity deleted'));
$this->assertNoText($identity, t('Identity no longer appears in list.'));
}
/**
* Test that a blocked user cannot log in.
*/
function testBlockedUserLogin() {
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
// Log in and add an OpenID Identity to the account.
$this->drupalLogin($this->web_user);
$this->addIdentity($identity);
$this->drupalLogout();
// Log in as an admin user and block the account.
$admin_user = $this->drupalCreateUser(array('administer users'));
$this->drupalLogin($admin_user);
$this->drupalGet('admin/people');
$edit = array(
'operation' => 'block',
'accounts[' . $this->web_user->uid . ']' => TRUE,
);
$this->drupalPost('admin/people', $edit, t('Update'));
$this->assertRaw('The update has been performed.', t('Account was blocked.'));
$this->drupalLogout();
$this->submitLoginForm($identity);
$this->assertRaw(t('The username %name has not been activated or is blocked.', array('%name' => $this->web_user->name)), t('User login was blocked.'));
}
/**
* Add OpenID identity to user's profile.
*
* @param $identity
* The User-supplied Identifier.
* @param $version
* The protocol version used by the service.
* @param $local_id
* The expected OP-Local Identifier found during discovery.
* @param $claimed_id
* The expected Claimed Identifier returned by the OpenID Provider, or FALSE
* if the discovery is expected to fail.
*/
function addIdentity($identity, $version = 2, $local_id = 'http://example.com/xrds', $claimed_id = NULL) {
// Tell openid_test.module to only accept this OP-Local Identifier.
variable_set('openid_test_identity', $local_id);
$edit = array('openid_identifier' => $identity);
$this->drupalPost('user/' . $this->web_user->uid . '/openid', $edit, t('Add an OpenID'));
if ($claimed_id === FALSE) {
$this->assertRaw(t('Sorry, that is not a valid OpenID. Ensure you have spelled your ID correctly.'), t('Invalid identity was rejected.'));
return;
}
// OpenID 1 used a HTTP redirect, OpenID 2 uses a HTML form that is submitted automatically using JavaScript.
if ($version == 2) {
// Check we are on the OpenID redirect form.
$this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
// Submit form to the OpenID Provider Endpoint.
$this->drupalPost(NULL, array(), t('Send'));
}
if (!isset($claimed_id)) {
$claimed_id = $identity;
}
$this->assertRaw(t('Successfully added %identity', array('%identity' => $claimed_id)), t('Identity %identity was added.', array('%identity' => $identity)));
}
/**
* Add OpenID identity, changed by the following redirects, to user's profile.
*
* According to OpenID Authentication 2.0, section 7.2.4, URL Identifiers MUST
* be further normalized by following redirects when retrieving their content
* and this final URL MUST be noted by the Relying Party as the Claimed
* Identifier and be used when requesting authentication.
*
* @param $identity
* The User-supplied Identifier.
* @param $version
* The protocol version used by the service.
* @param $local_id
* The expected OP-Local Identifier found during discovery.
* @param $claimed_id
* The expected Claimed Identifier returned by the OpenID Provider, or FALSE
* if the discovery is expected to fail.
* @param $redirects
* The number of redirects.
*/
function addRedirectedIdentity($identity, $version = 2, $local_id = 'http://example.com/xrds', $claimed_id = NULL, $redirects = 0) {
// Set the final destination URL which is the same as the Claimed
// Identifier, we insert the same identifier also to the provider response,
// but provider could further change the Claimed ID actually (e.g. it could
// add unique fragment).
variable_set('openid_test_redirect_url', $identity);
variable_set('openid_test_response', array('openid.claimed_id' => $identity));
$this->addIdentity(url('openid-test/redirect/' . $redirects, array('absolute' => TRUE)), $version, $local_id, $claimed_id);
// Clean up.
variable_del('openid_test_redirect_url');
variable_del('openid_test_response');
}
/**
* Tests that openid.signed is verified.
*/
function testSignatureValidation() {
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
// Respond with an invalid signature.
variable_set('openid_test_response', array('openid.sig' => 'this-is-an-invalid-signature'));
$this->submitLoginForm($identity);
$this->assertRaw('OpenID login failed.');
// Do not sign the mandatory field openid.assoc_handle.
variable_set('openid_test_response', array('openid.signed' => 'op_endpoint,claimed_id,identity,return_to,response_nonce'));
$this->submitLoginForm($identity);
$this->assertRaw('OpenID login failed.');
// Sign all mandatory fields and a custom field.
$keys_to_sign = array('op_endpoint', 'claimed_id', 'identity', 'return_to', 'response_nonce', 'assoc_handle', 'foo');
$association = new stdClass();
$association->mac_key = variable_get('mac_key');
$response = array(
'openid.op_endpoint' => url('openid-test/endpoint', array('absolute' => TRUE)),
'openid.claimed_id' => $identity,
'openid.identity' => $identity,
'openid.return_to' => url('openid/authenticate', array('absolute' => TRUE)),
'openid.response_nonce' => _openid_nonce(),
'openid.assoc_handle' => 'openid-test',
'openid.foo' => 123,
'openid.signed' => implode(',', $keys_to_sign),
);
$response['openid.sig'] = _openid_signature($association, $response, $keys_to_sign);
variable_set('openid_test_response', $response);
$this->submitLoginForm($identity);
$this->assertNoRaw('OpenID login failed.');
$this->assertFieldByName('name', '', t('No username was supplied by provider.'));
$this->assertFieldByName('mail', '', t('No e-mail address was supplied by provider.'));
// Check that unsigned SREG fields are ignored.
$response = array(
'openid.signed' => 'op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle,sreg.nickname',
'openid.sreg.nickname' => 'john',
'openid.sreg.email' => 'john@example.com',
);
variable_set('openid_test_response', $response);
$this->submitLoginForm($identity);
$this->assertNoRaw('OpenID login failed.');
$this->assertFieldByName('name', 'john', t('Username was supplied by provider.'));
$this->assertFieldByName('mail', '', t('E-mail address supplied by provider was ignored.'));
}
}

260
core/modules/openid/lib/Drupal/openid/Tests/OpenIDRegistrationTest.php Normal file
View File

@ -0,0 +1,260 @@
<?php
/**
* @file
* Definition of Drupal\openid\Tests\OpenIDRegistrationTest.
*/
namespace Drupal\openid\Tests;
/**
* Test account registration using Simple Registration and Attribute Exchange.
*/
class OpenIDRegistrationTest extends OpenIDTestBase {
public static function getInfo() {
return array(
'name' => 'OpenID account registration',
'description' => 'Creates a user account using auto-registration.',
'group' => 'OpenID'
);
}
function setUp() {
// Add language module too to test with some non-built-in languages.
parent::setUp('openid', 'openid_test', 'language');
variable_set('user_register', USER_REGISTER_VISITORS);
}
/**
* Test OpenID auto-registration with e-mail verification enabled.
*/
function testRegisterUserWithEmailVerification() {
variable_set('user_email_verification', TRUE);
variable_get('configurable_timezones', 1);
variable_set('date_default_timezone', 'Europe/Brussels');
// Tell openid_test.module to respond with these SREG fields.
variable_set('openid_test_response', array(
'openid.sreg.nickname' => 'john',
'openid.sreg.email' => 'john@example.com',
'openid.sreg.language' => 'pt-BR',
'openid.sreg.timezone' => 'Europe/London',
));
// Save Portuguese and Portuguese, Portugal as optional languages. The
// process should pick 'pt' based on the sreg.language being 'pt-BR'
// (and falling back on least specific language given no pt-br available
// locally).
$language = (object) array(
'langcode' => 'pt',
);
language_save($language);
$language = (object) array(
'langcode' => 'pt-pt',
);
language_save($language);
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->submitLoginForm($identity);
$this->assertRaw(t('Once you have verified your e-mail address, you may log in via OpenID.'), t('User was asked to verify e-mail address.'));
$this->assertRaw(t('A welcome message with further instructions has been sent to your e-mail address.'), t('A welcome message was sent to the user.'));
$reset_url = $this->getPasswordResetURLFromMail();
$user = user_load_by_name('john');
$this->assertTrue($user, t('User was registered with right username.'));
$this->assertEqual($user->mail, 'john@example.com', t('User was registered with right email address.'));
$this->assertEqual($user->timezone, 'Europe/London', t('User was registered with right timezone.'));
$this->assertEqual($user->preferred_langcode, 'pt', t('User was registered with right language.'));
$this->assertFalse($user->data, t('No additional user info was saved.'));
$this->submitLoginForm($identity);
$this->assertRaw(t('You must validate your email address for this account before logging in via OpenID.'));
// Follow the one-time login that was sent in the welcome e-mail.
$this->drupalGet($reset_url);
$this->drupalPost(NULL, array(), t('Log in'));
$this->drupalLogout();
// Verify that the account was activated.
$this->submitLoginForm($identity);
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
}
/**
* Test OpenID auto-registration with e-mail verification disabled.
*/
function testRegisterUserWithoutEmailVerification() {
variable_set('user_email_verification', FALSE);
variable_get('configurable_timezones', 1);
variable_set('date_default_timezone', 'Europe/Brussels');
// Tell openid_test.module to respond with these SREG fields.
variable_set('openid_test_response', array(
'openid.sreg.nickname' => 'john',
'openid.sreg.email' => 'john@example.com',
'openid.sreg.language' => 'pt-BR',
'openid.sreg.timezone' => 'Europe/London',
));
// Save Portuguese, Brazil as an optional language. The process should pick
// 'pt-br' based on the sreg.language later.
$language = (object) array(
'langcode' => 'pt-br',
);
language_save($language);
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->submitLoginForm($identity);
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
$user = user_load_by_name('john');
$this->assertTrue($user, t('User was registered with right username.'));
$this->assertEqual($user->mail, 'john@example.com', t('User was registered with right email address.'));
$this->assertEqual($user->timezone, 'Europe/London', t('User was registered with right timezone.'));
$this->assertEqual($user->preferred_langcode, 'pt-br', t('User was registered with right language.'));
$this->assertFalse($user->data, t('No additional user info was saved.'));
$this->drupalLogout();
$this->submitLoginForm($identity);
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
}
/**
* Test OpenID auto-registration with a provider that supplies invalid SREG
* information (a username that is already taken, and no e-mail address).
*/
function testRegisterUserWithInvalidSreg() {
variable_get('configurable_timezones', 1);
variable_set('date_default_timezone', 'Europe/Brussels');
// Tell openid_test.module to respond with these SREG fields.
$web_user = $this->drupalCreateUser(array());
variable_set('openid_test_response', array(
'openid.sreg.nickname' => $web_user->name,
'openid.sreg.email' => 'mail@invalid#',
'openid.sreg.timezone' => 'Foo/Bar',
'openid.sreg.language' => 'foobar',
));
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->submitLoginForm($identity);
$this->assertRaw(t('Account registration using the information provided by your OpenID provider failed due to the reasons listed below. Complete the registration by filling out the form below. If you already have an account, you can <a href="@login">log in</a> now and add your OpenID under "My account".', array('@login' => url('user/login'))), t('User was asked to complete the registration process manually.'));
$this->assertRaw(t('The name %name is already taken.', array('%name' => $web_user->name)), t('Form validation error for username was displayed.'));
$this->assertRaw(t('The e-mail address %mail is not valid.', array('%mail' => 'mail@invalid#')), t('Form validation error for e-mail address was displayed.'));
$this->assertTrue(variable_get('openid_test_hook_openid_response_response'), t('hook_openid_response() was invoked.'));
$this->assertFalse(variable_get('openid_test_hook_openid_response_account', TRUE), t('No user object passed to hook_openid_response().'));
// Enter username and e-mail address manually.
variable_del('openid_test_hook_openid_response_response');
$edit = array('name' => 'john', 'mail' => 'john@example.com');
$this->drupalPost(NULL, $edit, t('Create new account'));
$this->assertRaw(t('Once you have verified your e-mail address, you may log in via OpenID.'), t('User was asked to verify e-mail address.'));
$reset_url = $this->getPasswordResetURLFromMail();
$user = user_load_by_name('john');
$this->assertTrue($user, t('User was registered with right username.'));
$this->assertEqual($user->preferred_langcode, language_default()->langcode, t('User language is site default.'));
$this->assertFalse($user->data, t('No additional user info was saved.'));
// Follow the one-time login that was sent in the welcome e-mail.
$this->drupalGet($reset_url);
$this->drupalPost(NULL, array(), t('Log in'));
$this->assertFalse(variable_get('openid_test_hook_openid_response_response'), t('hook_openid_response() was not invoked.'));
// The user is taken to user/%uid/edit.
$this->assertFieldByName('mail', 'john@example.com', t('User was registered with right e-mail address.'));
$this->clickLink(t('OpenID identities'));
$this->assertRaw($identity, t('OpenID identity was registered.'));
}
/**
* Test OpenID auto-registration with a provider that does not supply SREG
* information (i.e. no username or e-mail address).
*/
function testRegisterUserWithoutSreg() {
variable_get('configurable_timezones', 1);
// Load the front page to get the user login block.
$this->drupalGet('');
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->submitLoginForm($identity);
$this->assertRaw(t('Complete the registration by filling out the form below. If you already have an account, you can <a href="@login">log in</a> now and add your OpenID under "My account".', array('@login' => url('user/login'))), t('User was asked to complete the registration process manually.'));
$this->assertNoRaw(t('You must enter a username.'), t('Form validation error for username was not displayed.'));
$this->assertNoRaw(t('You must enter an e-mail address.'), t('Form validation error for e-mail address was not displayed.'));
// Enter username and e-mail address manually.
$edit = array('name' => 'john', 'mail' => 'john@example.com');
$this->drupalPost(NULL, $edit, t('Create new account'));
$this->assertRaw(t('Once you have verified your e-mail address, you may log in via OpenID.'), t('User was asked to verify e-mail address.'));
$reset_url = $this->getPasswordResetURLFromMail();
$user = user_load_by_name('john');
$this->assertTrue($user, t('User was registered with right username.'));
$this->assertEqual($user->preferred_langcode, language_default()->langcode, t('User language is site default.'));
$this->assertFalse($user->data, t('No additional user info was saved.'));
// Follow the one-time login that was sent in the welcome e-mail.
$this->drupalGet($reset_url);
$this->drupalPost(NULL, array(), t('Log in'));
// The user is taken to user/%uid/edit.
$this->assertFieldByName('mail', 'john@example.com', t('User was registered with right e-mail address.'));
$this->clickLink(t('OpenID identities'));
$this->assertRaw($identity, t('OpenID identity was registered.'));
}
/**
* Test OpenID auto-registration with a provider that supplies AX information,
* but no SREG.
*/
function testRegisterUserWithAXButNoSREG() {
variable_set('user_email_verification', FALSE);
variable_set('date_default_timezone', 'Europe/Brussels');
// Tell openid_test.module to respond with these AX fields.
variable_set('openid_test_response', array(
'openid.ns.ext123' => 'http://openid.net/srv/ax/1.0',
'openid.ext123.type.mail456' => 'http://axschema.org/contact/email',
'openid.ext123.value.mail456' => 'john@example.com',
'openid.ext123.type.name789' => 'http://schema.openid.net/namePerson/friendly',
'openid.ext123.count.name789' => '1',
'openid.ext123.value.name789.1' => 'john',
'openid.ext123.type.timezone' => 'http://axschema.org/pref/timezone',
'openid.ext123.value.timezone' => 'Europe/London',
'openid.ext123.type.language' => 'http://axschema.org/pref/language',
'openid.ext123.value.language' => 'pt-PT',
));
// Save Portuguese and Portuguese, Portugal as optional languages. The
// process should pick 'pt-pt' as the more specific language.
$language = (object) array(
'langcode' => 'pt',
);
language_save($language);
$language = (object) array(
'langcode' => 'pt-pt',
);
language_save($language);
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->submitLoginForm($identity);
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
$user = user_load_by_name('john');
$this->assertTrue($user, t('User was registered with right username.'));
$this->assertEqual($user->mail, 'john@example.com', t('User was registered with right email address.'));
$this->assertEqual($user->timezone, 'Europe/London', t('User was registered with right timezone.'));
$this->assertEqual($user->preferred_langcode, 'pt-pt', t('User was registered with right language.'));
}
}

160
core/modules/openid/lib/Drupal/openid/Tests/OpenIDTest.php Normal file
View File

@ -0,0 +1,160 @@
<?php
/**
* @file
* Definition of Drupal\openid\Tests\OpenIDTest.
*/
namespace Drupal\openid\Tests;
use Drupal\simpletest\WebTestBase;
use stdClass;
/**
* Test internal helper functions.
*/
class OpenIDTest extends WebTestBase {
public static function getInfo() {
return array(
'name' => 'OpenID helper functions',
'description' => 'Test OpenID helper functions.',
'group' => 'OpenID'
);
}
function setUp() {
parent::setUp('openid');
module_load_include('inc', 'openid');
}
/**
* Test _openid_dh_XXX_to_XXX() functions.
*/
function testConversion() {
$this->assertEqual(_openid_dh_long_to_base64('12345678901234567890123456789012345678901234567890'), 'CHJ/Y2mq+DyhUCZ0evjH8ZbOPwrS', t('_openid_dh_long_to_base64() returned expected result.'));
$this->assertEqual(_openid_dh_base64_to_long('BsH/g8Nrpn2dtBSdu/sr1y8hxwyx'), '09876543210987654321098765432109876543210987654321', t('_openid_dh_base64_to_long() returned expected result.'));
$this->assertEqual(_openid_dh_long_to_binary('12345678901234567890123456789012345678901234567890'), "\x08r\x7fci\xaa\xf8<\xa1P&tz\xf8\xc7\xf1\x96\xce?\x0a\xd2", t('_openid_dh_long_to_binary() returned expected result.'));
$this->assertEqual(_openid_dh_binary_to_long("\x06\xc1\xff\x83\xc3k\xa6}\x9d\xb4\x14\x9d\xbb\xfb+\xd7/!\xc7\x0c\xb1"), '09876543210987654321098765432109876543210987654321', t('_openid_dh_binary_to_long() returned expected result.'));
}
/**
* Test _openid_dh_xorsecret().
*/
function testOpenidDhXorsecret() {
$this->assertEqual(_openid_dh_xorsecret('123456790123456790123456790', "abc123ABC\x00\xFF"), "\xa4'\x06\xbe\xf1.\x00y\xff\xc2\xc1", t('_openid_dh_xorsecret() returned expected result.'));
}
/**
* Test _openid_get_bytes().
*/
function testOpenidGetBytes() {
$this->assertEqual(strlen(_openid_get_bytes(20)), 20, t('_openid_get_bytes() returned expected result.'));
}
/**
* Test _openid_signature().
*/
function testOpenidSignature() {
// Test that signature is calculated according to OpenID Authentication 2.0,
// section 6.1. In the following array, only the two first entries should be
// included in the calculation, because the substring following the period
// is mentioned in the third argument for _openid_signature(). The last
// entry should not be included, because it does not start with "openid.".
$response = array(
'openid.foo' => 'abc1',
'openid.bar' => 'abc2',
'openid.baz' => 'abc3',
'foobar.foo' => 'abc4',
);
$association = new stdClass();
$association->mac_key = "1234567890abcdefghij\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\xF0\xF1\xF2\xF3\xF4\xF5\xF6\xF7\xF8\xF9";
$this->assertEqual(_openid_signature($association, $response, array('foo', 'bar')), 'QnKZQzSFstT+GNiJDFOptdcZjrc=', t('Expected signature calculated.'));
}
/**
* Test _openid_is_xri().
*/
function testOpenidXRITest() {
// Test that the XRI test is according to OpenID Authentication 2.0,
// section 7.2. If the user-supplied string starts with xri:// it should be
// stripped and the resulting string should be treated as an XRI when it
// starts with "=", "@", "+", "$", "!" or "(".
$this->assertTrue(_openid_is_xri('xri://=foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme.'));
$this->assertTrue(_openid_is_xri('xri://@foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme.'));
$this->assertTrue(_openid_is_xri('xri://+foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme.'));
$this->assertTrue(_openid_is_xri('xri://$foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme.'));
$this->assertTrue(_openid_is_xri('xri://!foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme..'));
$this->assertTrue(_openid_is_xri('xri://(foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme..'));
$this->assertTrue(_openid_is_xri('=foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
$this->assertTrue(_openid_is_xri('@foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
$this->assertTrue(_openid_is_xri('+foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
$this->assertTrue(_openid_is_xri('$foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
$this->assertTrue(_openid_is_xri('!foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
$this->assertTrue(_openid_is_xri('(foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
$this->assertFalse(_openid_is_xri('foo'), t('_openid_is_xri() returned expected result for an http URL.'));
$this->assertFalse(_openid_is_xri('xri://foo'), t('_openid_is_xri() returned expected result for an http URL.'));
$this->assertFalse(_openid_is_xri('http://foo/'), t('_openid_is_xri() returned expected result for an http URL.'));
$this->assertFalse(_openid_is_xri('http://example.com/'), t('_openid_is_xri() returned expected result for an http URL.'));
$this->assertFalse(_openid_is_xri('user@example.com/'), t('_openid_is_xri() returned expected result for an http URL.'));
$this->assertFalse(_openid_is_xri('http://user@example.com/'), t('_openid_is_xri() returned expected result for an http URL.'));
}
/**
* Test openid_normalize().
*/
function testOpenidNormalize() {
// Test that the normalization is according to OpenID Authentication 2.0,
// section 7.2 and 11.5.2.
$this->assertEqual(openid_normalize('$foo'), '$foo', t('openid_normalize() correctly normalized an XRI.'));
$this->assertEqual(openid_normalize('xri://$foo'), '$foo', t('openid_normalize() correctly normalized an XRI with an xri:// scheme.'));
$this->assertEqual(openid_normalize('example.com/'), 'http://example.com/', t('openid_normalize() correctly normalized a URL with a missing scheme.'));
$this->assertEqual(openid_normalize('example.com'), 'http://example.com/', t('openid_normalize() correctly normalized a URL with a missing scheme and empty path.'));
$this->assertEqual(openid_normalize('http://example.com'), 'http://example.com/', t('openid_normalize() correctly normalized a URL with an empty path.'));
$this->assertEqual(openid_normalize('http://example.com/path'), 'http://example.com/path', t('openid_normalize() correctly normalized a URL with a path.'));
$this->assertEqual(openid_normalize('http://example.com/path#fragment'), 'http://example.com/path', t('openid_normalize() correctly normalized a URL with a fragment.'));
}
/**
* Test openid_extract_namespace().
*/
function testOpenidExtractNamespace() {
$response = array(
'openid.sreg.nickname' => 'john',
'openid.ns.ext1' => OPENID_NS_SREG,
'openid.ext1.nickname' => 'george',
'openid.ext1.email' => 'george@example.com',
'openid.ns.ext2' => 'http://example.com/ns/ext2',
'openid.ext2.foo' => '123',
'openid.ext2.bar' => '456',
'openid.signed' => 'sreg.nickname,ns.ext1,ext1.email,ext2.foo',
);
$values = openid_extract_namespace($response, 'http://example.com/ns/dummy', NULL, FALSE);
$this->assertEqual($values, array(), t('Nothing found for unused namespace.'));
$values = openid_extract_namespace($response, 'http://example.com/ns/dummy', 'sreg', FALSE);
$this->assertEqual($values, array('nickname' => 'john'), t('Value found for fallback prefix.'));
$values = openid_extract_namespace($response, OPENID_NS_SREG, 'sreg', FALSE);
$this->assertEqual($values, array('nickname' => 'george', 'email' => 'george@example.com'), t('Namespace takes precedence over fallback prefix.'));
// ext1.email is signed, but ext1.nickname is not.
$values = openid_extract_namespace($response, OPENID_NS_SREG, 'sreg', TRUE);
$this->assertEqual($values, array('email' => 'george@example.com'), t('Unsigned namespaced fields ignored.'));
$values = openid_extract_namespace($response, 'http://example.com/ns/ext2', 'sreg', FALSE);
$this->assertEqual($values, array('foo' => '123', 'bar' => '456'), t('Unsigned fields found.'));
// ext2.foo and ext2.bar are ignored, because ns.ext2 is not signed. The
// fallback prefix is not used, because the namespace is specified.
$values = openid_extract_namespace($response, 'http://example.com/ns/ext2', 'sreg', TRUE);
$this->assertEqual($values, array(), t('Unsigned fields ignored.'));
}
}

72
core/modules/openid/lib/Drupal/openid/Tests/OpenIDTestBase.php Normal file
View File

@ -0,0 +1,72 @@
<?php
/**
* @file
* Definition of Drupal\openid\Tests\OpenIDTestBase.
*/
namespace Drupal\openid\Tests;
use Drupal\simpletest\WebTestBase;
/**
* Base class for OpenID tests.
*/
abstract class OpenIDTestBase extends WebTestBase {
function setUp() {
$modules = func_get_args();
if (isset($modules[0]) && is_array($modules[0])) {
$modules = $modules[0];
}
$modules[] = 'block';
$modules[] = 'openid';
parent::setUp($modules);
// Enable user login block.
db_merge('block')
->key(array(
'module' => 'user',
'delta' => 'login',
'theme' => variable_get('theme_default', 'stark'),
))
->fields(array(
'status' => 1,
'weight' => 0,
'region' => 'sidebar_first',
'pages' => '',
'cache' => -1,
))
->execute();
// Create Basic page and Article node types.
if ($this->profile != 'standard') {
$this->drupalCreateContentType(array('type' => 'page', 'name' => 'Basic page'));
$this->drupalCreateContentType(array('type' => 'article', 'name' => 'Article'));
}
}
/**
* Initiates the login procedure using the specified User-supplied Identity.
*/
function submitLoginForm($identity) {
// Fill out and submit the login form.
$edit = array('openid_identifier' => $identity);
$this->drupalPost('', $edit, t('Log in'));
// Check we are on the OpenID redirect form.
$this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
// Submit form to the OpenID Provider Endpoint.
$this->drupalPost(NULL, array(), t('Send'));
}
/**
* Parses the last sent e-mail and returns the one-time login link URL.
*/
function getPasswordResetURLFromMail() {
$mails = $this->drupalGetMails();
$mail = end($mails);
preg_match('@.+user/reset/.+@', $mail['body'], $matches);
return $matches[0];
}
}

1
core/modules/openid/openid.info
View File

@ -3,4 +3,3 @@ description = "Allows users to log into your site using OpenID."
version = VERSION
package = Core
core = 8.x
files[] = openid.test

844
core/modules/openid/openid.test
View File

@ -1,844 +0,0 @@
<?php
/**
* @file
* Tests for openid.module.
*/
use Drupal\simpletest\WebTestBase;
/**
* Base class for OpenID tests.
*/
abstract class OpenIDWebTestCase extends WebTestBase {
function setUp() {
$modules = func_get_args();
if (isset($modules[0]) && is_array($modules[0])) {
$modules = $modules[0];
}
$modules[] = 'block';
$modules[] = 'openid';
parent::setUp($modules);
// Enable user login block.
db_merge('block')
->key(array(
'module' => 'user',
'delta' => 'login',
'theme' => variable_get('theme_default', 'stark'),
))
->fields(array(
'status' => 1,
'weight' => 0,
'region' => 'sidebar_first',
'pages' => '',
'cache' => -1,
))
->execute();
// Create Basic page and Article node types.
if ($this->profile != 'standard') {
$this->drupalCreateContentType(array('type' => 'page', 'name' => 'Basic page'));
$this->drupalCreateContentType(array('type' => 'article', 'name' => 'Article'));
}
}
/**
* Initiates the login procedure using the specified User-supplied Identity.
*/
function submitLoginForm($identity) {
// Fill out and submit the login form.
$edit = array('openid_identifier' => $identity);
$this->drupalPost('', $edit, t('Log in'));
// Check we are on the OpenID redirect form.
$this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
// Submit form to the OpenID Provider Endpoint.
$this->drupalPost(NULL, array(), t('Send'));
}
/**
* Parses the last sent e-mail and returns the one-time login link URL.
*/
function getPasswordResetURLFromMail() {
$mails = $this->drupalGetMails();
$mail = end($mails);
preg_match('@.+user/reset/.+@', $mail['body'], $matches);
return $matches[0];
}
}
/**
* Test discovery and login using OpenID
*/
class OpenIDFunctionalTestCase extends OpenIDWebTestCase {
protected $web_user;
public static function getInfo() {
return array(
'name' => 'OpenID discovery and login',
'description' => "Adds an identity to a user's profile and uses it to log in.",
'group' => 'OpenID'
);
}
function setUp() {
parent::setUp('openid', 'openid_test');
// User doesn't need special permissions; only the ability to log in.
$this->web_user = $this->drupalCreateUser(array());
}
/**
* Test discovery of OpenID Provider Endpoint via Yadis and HTML.
*/
function testDiscovery() {
$this->drupalLogin($this->web_user);
// The User-supplied Identifier entered by the user may indicate the URL of
// the OpenID Provider Endpoint in various ways, as described in OpenID
// Authentication 2.0 and Yadis Specification 1.0.
// Note that all of the tested identifiers refer to the same endpoint, so
// only the first will trigger an associate request in openid_association()
// (association is only done the first time Drupal encounters a given
// endpoint).
// Yadis discovery (see Yadis Specification 1.0, section 6.2.5):
// If the User-supplied Identifier is a URL, it may be a direct or indirect
// reference to an XRDS document (a Yadis Resource Descriptor) that contains
// the URL of the OpenID Provider Endpoint.
// Identifier is the URL of an XRDS document.
// On HTTP test environments, the URL scheme is stripped in order to test
// that the supplied identifier is normalized in openid_begin().
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->addIdentity(preg_replace('@^http://@', '', $identity), 2, 'http://example.com/xrds', $identity);
$identity = url('openid-test/yadis/xrds/delegate', array('absolute' => TRUE));
$this->addIdentity(preg_replace('@^http://@', '', $identity), 2, 'http://example.com/xrds-delegate', $identity);
// Identifier is the URL of an XRDS document containing an OP Identifier
// Element. The Relying Party sends the special value
// "http://specs.openid.net/auth/2.0/identifier_select" as Claimed
// Identifier. The OpenID Provider responds with the actual identifier
// including the fragment.
$identity = url('openid-test/yadis/xrds/dummy-user', array('absolute' => TRUE, 'fragment' => $this->randomName()));
// Tell openid_test.module to respond with this identifier. If the fragment
// part is present in the identifier, it should be retained.
variable_set('openid_test_response', array('openid.claimed_id' => $identity));
$this->addIdentity(url('openid-test/yadis/xrds/server', array('absolute' => TRUE)), 2, 'http://specs.openid.net/auth/2.0/identifier_select', $identity);
variable_set('openid_test_response', array());
// Identifier is the URL of an HTML page that is sent with an HTTP header
// that contains the URL of an XRDS document.
$this->addIdentity(url('openid-test/yadis/x-xrds-location', array('absolute' => TRUE)), 2);
// Identifier is the URL of an HTML page containing a <meta http-equiv=...>
// element that contains the URL of an XRDS document.
$this->addIdentity(url('openid-test/yadis/http-equiv', array('absolute' => TRUE)), 2);
// Identifier is an XRI. Resolve using our own dummy proxy resolver.
variable_set('xri_proxy_resolver', url('openid-test/yadis/xrds/xri', array('absolute' => TRUE)) . '/');
$this->addIdentity('@example*résumé;%25', 2, 'http://example.com/xrds', 'http://example.com/user');
// Make sure that unverified CanonicalID are not trusted.
variable_set('openid_test_canonical_id_status', 'bad value');
$this->addIdentity('@example*résumé;%25', 2, FALSE, FALSE);
// HTML-based discovery:
// If the User-supplied Identifier is a URL of an HTML page, the page may
// contain a <link rel=...> element containing the URL of the OpenID
// Provider Endpoint. OpenID 1 and 2 describe slightly different formats.
// OpenID Authentication 1.1, section 3.1:
$this->addIdentity(url('openid-test/html/openid1', array('absolute' => TRUE)), 1, 'http://example.com/html-openid1');
// OpenID Authentication 2.0, section 7.3.3:
$this->addIdentity(url('openid-test/html/openid2', array('absolute' => TRUE)), 2, 'http://example.com/html-openid2');
// OpenID Authentication 2.0, section 7.2.4:
// URL Identifiers MUST then be further normalized by both (1) following
// redirects when retrieving their content and finally (2) applying the
// rules in Section 6 of RFC3986 to the final destination URL. This final
// URL MUST be noted by the Relying Party as the Claimed Identifier and be
// used when requesting authentication.
// Single redirect.
$identity = $expected_claimed_id = url('openid-test/redirected/yadis/xrds/1', array('absolute' => TRUE));
$this->addRedirectedIdentity($identity, 2, 'http://example.com/xrds', $expected_claimed_id, 0);
// Exact 3 redirects (default value for the 'max_redirects' option in
// drupal_http_request()).
$identity = $expected_claimed_id = url('openid-test/redirected/yadis/xrds/2', array('absolute' => TRUE));
$this->addRedirectedIdentity($identity, 2, 'http://example.com/xrds', $expected_claimed_id, 2);
// Fails because there are more than 3 redirects (default value for the
// 'max_redirects' option in drupal_http_request()).
$identity = url('openid-test/redirected/yadis/xrds/3', array('absolute' => TRUE));
$expected_claimed_id = FALSE;
$this->addRedirectedIdentity($identity, 2, 'http://example.com/xrds', $expected_claimed_id, 3);
}
/**
* Test login using OpenID.
*/
function testLogin() {
$this->drupalLogin($this->web_user);
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->addIdentity($identity);
$response = variable_get('openid_test_hook_openid_response_response');
$account = variable_get('openid_test_hook_openid_response_account');
$this->assertEqual($response['openid.claimed_id'], $identity, t('hook_openid_response() was invoked.'));
$this->assertEqual($account->uid, $this->web_user->uid, t('Proper user object passed to hook_openid_response().'));
$this->drupalLogout();
// Test logging in via the login block on the front page.
variable_del('openid_test_hook_openid_response_response');
variable_del('openid_test_hook_openid_response_account');
$this->submitLoginForm($identity);
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
$response = variable_get('openid_test_hook_openid_response_response');
$account = variable_get('openid_test_hook_openid_response_account');
$this->assertEqual($response['openid.claimed_id'], $identity, t('hook_openid_response() was invoked.'));
$this->assertEqual($account->uid, $this->web_user->uid, t('Proper user object passed to hook_openid_response().'));
$this->drupalLogout();
// Test logging in via the user/login page.
$edit = array('openid_identifier' => $identity);
$this->drupalPost('user/login', $edit, t('Log in'));
// Check we are on the OpenID redirect form.
$this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
// Submit form to the OpenID Provider Endpoint.
$this->drupalPost(NULL, array(), t('Send'));
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
// Verify user was redirected away from user/login to an accessible page.
$this->assertResponse(200);
$this->drupalLogout();
// Tell openid_test.module to alter the checkid_setup request.
$new_identity = 'http://example.com/' . $this->randomName();
variable_set('openid_test_identity', $new_identity);
variable_set('openid_test_request_alter', array('checkid_setup' => array('openid.identity' => $new_identity)));
$this->submitLoginForm($identity);
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
$response = variable_get('openid_test_hook_openid_response_response');
$this->assertEqual($response['openid.identity'], $new_identity, t('hook_openid_request_alter() were invoked.'));
}
/**
* Test login using OpenID during maintenance mode.
*/
function testLoginMaintenanceMode() {
$this->web_user = $this->drupalCreateUser(array('access site in maintenance mode'));
$this->drupalLogin($this->web_user);
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->addIdentity($identity);
$this->drupalLogout();
// Enable maintenance mode.
variable_set('maintenance_mode', 1);
// Test logging in via the user/login page while the site is offline.
$edit = array('openid_identifier' => $identity);
$this->drupalPost('user/login', $edit, t('Log in'));
// Check we are on the OpenID redirect form.
$this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
// Submit form to the OpenID Provider Endpoint.
$this->drupalPost(NULL, array(), t('Send'));
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
// Verify user was redirected away from user/login to an accessible page.
$this->assertText(t('Operating in maintenance mode.'));
$this->assertResponse(200);
}
/**
* Test deleting an OpenID identity from a user's profile.
*/
function testDelete() {
$this->drupalLogin($this->web_user);
// Add identity to user's profile.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->addIdentity($identity);
$this->assertText($identity, t('Identity appears in list.'));
// Delete the newly added identity.
$this->clickLink(t('Delete'));
$this->drupalPost(NULL, array(), t('Confirm'));
$this->assertText(t('OpenID deleted.'), t('Identity deleted'));
$this->assertNoText($identity, t('Identity no longer appears in list.'));
}
/**
* Test that a blocked user cannot log in.
*/
function testBlockedUserLogin() {
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
// Log in and add an OpenID Identity to the account.
$this->drupalLogin($this->web_user);
$this->addIdentity($identity);
$this->drupalLogout();
// Log in as an admin user and block the account.
$admin_user = $this->drupalCreateUser(array('administer users'));
$this->drupalLogin($admin_user);
$this->drupalGet('admin/people');
$edit = array(
'operation' => 'block',
'accounts[' . $this->web_user->uid . ']' => TRUE,
);
$this->drupalPost('admin/people', $edit, t('Update'));
$this->assertRaw('The update has been performed.', t('Account was blocked.'));
$this->drupalLogout();
$this->submitLoginForm($identity);
$this->assertRaw(t('The username %name has not been activated or is blocked.', array('%name' => $this->web_user->name)), t('User login was blocked.'));
}
/**
* Add OpenID identity to user's profile.
*
* @param $identity
* The User-supplied Identifier.
* @param $version
* The protocol version used by the service.
* @param $local_id
* The expected OP-Local Identifier found during discovery.
* @param $claimed_id
* The expected Claimed Identifier returned by the OpenID Provider, or FALSE
* if the discovery is expected to fail.
*/
function addIdentity($identity, $version = 2, $local_id = 'http://example.com/xrds', $claimed_id = NULL) {
// Tell openid_test.module to only accept this OP-Local Identifier.
variable_set('openid_test_identity', $local_id);
$edit = array('openid_identifier' => $identity);
$this->drupalPost('user/' . $this->web_user->uid . '/openid', $edit, t('Add an OpenID'));
if ($claimed_id === FALSE) {
$this->assertRaw(t('Sorry, that is not a valid OpenID. Ensure you have spelled your ID correctly.'), t('Invalid identity was rejected.'));
return;
}
// OpenID 1 used a HTTP redirect, OpenID 2 uses a HTML form that is submitted automatically using JavaScript.
if ($version == 2) {
// Check we are on the OpenID redirect form.
$this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
// Submit form to the OpenID Provider Endpoint.
$this->drupalPost(NULL, array(), t('Send'));
}
if (!isset($claimed_id)) {
$claimed_id = $identity;
}
$this->assertRaw(t('Successfully added %identity', array('%identity' => $claimed_id)), t('Identity %identity was added.', array('%identity' => $identity)));
}
/**
* Add OpenID identity, changed by the following redirects, to user's profile.
*
* According to OpenID Authentication 2.0, section 7.2.4, URL Identifiers MUST
* be further normalized by following redirects when retrieving their content
* and this final URL MUST be noted by the Relying Party as the Claimed
* Identifier and be used when requesting authentication.
*
* @param $identity
* The User-supplied Identifier.
* @param $version
* The protocol version used by the service.
* @param $local_id
* The expected OP-Local Identifier found during discovery.
* @param $claimed_id
* The expected Claimed Identifier returned by the OpenID Provider, or FALSE
* if the discovery is expected to fail.
* @param $redirects
* The number of redirects.
*/
function addRedirectedIdentity($identity, $version = 2, $local_id = 'http://example.com/xrds', $claimed_id = NULL, $redirects = 0) {
// Set the final destination URL which is the same as the Claimed
// Identifier, we insert the same identifier also to the provider response,
// but provider could further change the Claimed ID actually (e.g. it could
// add unique fragment).
variable_set('openid_test_redirect_url', $identity);
variable_set('openid_test_response', array('openid.claimed_id' => $identity));
$this->addIdentity(url('openid-test/redirect/' . $redirects, array('absolute' => TRUE)), $version, $local_id, $claimed_id);
// Clean up.
variable_del('openid_test_redirect_url');
variable_del('openid_test_response');
}
/**
* Tests that openid.signed is verified.
*/
function testSignatureValidation() {
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
// Respond with an invalid signature.
variable_set('openid_test_response', array('openid.sig' => 'this-is-an-invalid-signature'));
$this->submitLoginForm($identity);
$this->assertRaw('OpenID login failed.');
// Do not sign the mandatory field openid.assoc_handle.
variable_set('openid_test_response', array('openid.signed' => 'op_endpoint,claimed_id,identity,return_to,response_nonce'));
$this->submitLoginForm($identity);
$this->assertRaw('OpenID login failed.');
// Sign all mandatory fields and a custom field.
$keys_to_sign = array('op_endpoint', 'claimed_id', 'identity', 'return_to', 'response_nonce', 'assoc_handle', 'foo');
$association = new stdClass();
$association->mac_key = variable_get('mac_key');
$response = array(
'openid.op_endpoint' => url('openid-test/endpoint', array('absolute' => TRUE)),
'openid.claimed_id' => $identity,
'openid.identity' => $identity,
'openid.return_to' => url('openid/authenticate', array('absolute' => TRUE)),
'openid.response_nonce' => _openid_nonce(),
'openid.assoc_handle' => 'openid-test',
'openid.foo' => 123,
'openid.signed' => implode(',', $keys_to_sign),
);
$response['openid.sig'] = _openid_signature($association, $response, $keys_to_sign);
variable_set('openid_test_response', $response);
$this->submitLoginForm($identity);
$this->assertNoRaw('OpenID login failed.');
$this->assertFieldByName('name', '', t('No username was supplied by provider.'));
$this->assertFieldByName('mail', '', t('No e-mail address was supplied by provider.'));
// Check that unsigned SREG fields are ignored.
$response = array(
'openid.signed' => 'op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle,sreg.nickname',
'openid.sreg.nickname' => 'john',
'openid.sreg.email' => 'john@example.com',
);
variable_set('openid_test_response', $response);
$this->submitLoginForm($identity);
$this->assertNoRaw('OpenID login failed.');
$this->assertFieldByName('name', 'john', t('Username was supplied by provider.'));
$this->assertFieldByName('mail', '', t('E-mail address supplied by provider was ignored.'));
}
}
/**
* Test account registration using Simple Registration and Attribute Exchange.
*/
class OpenIDRegistrationTestCase extends OpenIDWebTestCase {
public static function getInfo() {
return array(
'name' => 'OpenID account registration',
'description' => 'Creates a user account using auto-registration.',
'group' => 'OpenID'
);
}
function setUp() {
// Add language module too to test with some non-built-in languages.
parent::setUp('openid', 'openid_test', 'language');
variable_set('user_register', USER_REGISTER_VISITORS);
}
/**
* Test OpenID auto-registration with e-mail verification enabled.
*/
function testRegisterUserWithEmailVerification() {
variable_set('user_email_verification', TRUE);
variable_get('configurable_timezones', 1);
variable_set('date_default_timezone', 'Europe/Brussels');
// Tell openid_test.module to respond with these SREG fields.
variable_set('openid_test_response', array(
'openid.sreg.nickname' => 'john',
'openid.sreg.email' => 'john@example.com',
'openid.sreg.language' => 'pt-BR',
'openid.sreg.timezone' => 'Europe/London',
));
// Save Portuguese and Portuguese, Portugal as optional languages. The
// process should pick 'pt' based on the sreg.language being 'pt-BR'
// (and falling back on least specific language given no pt-br available
// locally).
$language = (object) array(
'langcode' => 'pt',
);
language_save($language);
$language = (object) array(
'langcode' => 'pt-pt',
);
language_save($language);
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->submitLoginForm($identity);
$this->assertRaw(t('Once you have verified your e-mail address, you may log in via OpenID.'), t('User was asked to verify e-mail address.'));
$this->assertRaw(t('A welcome message with further instructions has been sent to your e-mail address.'), t('A welcome message was sent to the user.'));
$reset_url = $this->getPasswordResetURLFromMail();
$user = user_load_by_name('john');
$this->assertTrue($user, t('User was registered with right username.'));
$this->assertEqual($user->mail, 'john@example.com', t('User was registered with right email address.'));
$this->assertEqual($user->timezone, 'Europe/London', t('User was registered with right timezone.'));
$this->assertEqual($user->preferred_langcode, 'pt', t('User was registered with right language.'));
$this->assertFalse($user->data, t('No additional user info was saved.'));
$this->submitLoginForm($identity);
$this->assertRaw(t('You must validate your email address for this account before logging in via OpenID.'));
// Follow the one-time login that was sent in the welcome e-mail.
$this->drupalGet($reset_url);
$this->drupalPost(NULL, array(), t('Log in'));
$this->drupalLogout();
// Verify that the account was activated.
$this->submitLoginForm($identity);
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
}
/**
* Test OpenID auto-registration with e-mail verification disabled.
*/
function testRegisterUserWithoutEmailVerification() {
variable_set('user_email_verification', FALSE);
variable_get('configurable_timezones', 1);
variable_set('date_default_timezone', 'Europe/Brussels');
// Tell openid_test.module to respond with these SREG fields.
variable_set('openid_test_response', array(
'openid.sreg.nickname' => 'john',
'openid.sreg.email' => 'john@example.com',
'openid.sreg.language' => 'pt-BR',
'openid.sreg.timezone' => 'Europe/London',
));
// Save Portuguese, Brazil as an optional language. The process should pick
// 'pt-br' based on the sreg.language later.
$language = (object) array(
'langcode' => 'pt-br',
);
language_save($language);
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->submitLoginForm($identity);
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
$user = user_load_by_name('john');
$this->assertTrue($user, t('User was registered with right username.'));
$this->assertEqual($user->mail, 'john@example.com', t('User was registered with right email address.'));
$this->assertEqual($user->timezone, 'Europe/London', t('User was registered with right timezone.'));
$this->assertEqual($user->preferred_langcode, 'pt-br', t('User was registered with right language.'));
$this->assertFalse($user->data, t('No additional user info was saved.'));
$this->drupalLogout();
$this->submitLoginForm($identity);
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
}
/**
* Test OpenID auto-registration with a provider that supplies invalid SREG
* information (a username that is already taken, and no e-mail address).
*/
function testRegisterUserWithInvalidSreg() {
variable_get('configurable_timezones', 1);
variable_set('date_default_timezone', 'Europe/Brussels');
// Tell openid_test.module to respond with these SREG fields.
$web_user = $this->drupalCreateUser(array());
variable_set('openid_test_response', array(
'openid.sreg.nickname' => $web_user->name,
'openid.sreg.email' => 'mail@invalid#',
'openid.sreg.timezone' => 'Foo/Bar',
'openid.sreg.language' => 'foobar',
));
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->submitLoginForm($identity);
$this->assertRaw(t('Account registration using the information provided by your OpenID provider failed due to the reasons listed below. Complete the registration by filling out the form below. If you already have an account, you can <a href="@login">log in</a> now and add your OpenID under "My account".', array('@login' => url('user/login'))), t('User was asked to complete the registration process manually.'));
$this->assertRaw(t('The name %name is already taken.', array('%name' => $web_user->name)), t('Form validation error for username was displayed.'));
$this->assertRaw(t('The e-mail address %mail is not valid.', array('%mail' => 'mail@invalid#')), t('Form validation error for e-mail address was displayed.'));
$this->assertTrue(variable_get('openid_test_hook_openid_response_response'), t('hook_openid_response() was invoked.'));
$this->assertFalse(variable_get('openid_test_hook_openid_response_account', TRUE), t('No user object passed to hook_openid_response().'));
// Enter username and e-mail address manually.
variable_del('openid_test_hook_openid_response_response');
$edit = array('name' => 'john', 'mail' => 'john@example.com');
$this->drupalPost(NULL, $edit, t('Create new account'));
$this->assertRaw(t('Once you have verified your e-mail address, you may log in via OpenID.'), t('User was asked to verify e-mail address.'));
$reset_url = $this->getPasswordResetURLFromMail();
$user = user_load_by_name('john');
$this->assertTrue($user, t('User was registered with right username.'));
$this->assertEqual($user->preferred_langcode, language_default()->langcode, t('User language is site default.'));
$this->assertFalse($user->data, t('No additional user info was saved.'));
// Follow the one-time login that was sent in the welcome e-mail.
$this->drupalGet($reset_url);
$this->drupalPost(NULL, array(), t('Log in'));
$this->assertFalse(variable_get('openid_test_hook_openid_response_response'), t('hook_openid_response() was not invoked.'));
// The user is taken to user/%uid/edit.
$this->assertFieldByName('mail', 'john@example.com', t('User was registered with right e-mail address.'));
$this->clickLink(t('OpenID identities'));
$this->assertRaw($identity, t('OpenID identity was registered.'));
}
/**
* Test OpenID auto-registration with a provider that does not supply SREG
* information (i.e. no username or e-mail address).
*/
function testRegisterUserWithoutSreg() {
variable_get('configurable_timezones', 1);
// Load the front page to get the user login block.
$this->drupalGet('');
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->submitLoginForm($identity);
$this->assertRaw(t('Complete the registration by filling out the form below. If you already have an account, you can <a href="@login">log in</a> now and add your OpenID under "My account".', array('@login' => url('user/login'))), t('User was asked to complete the registration process manually.'));
$this->assertNoRaw(t('You must enter a username.'), t('Form validation error for username was not displayed.'));
$this->assertNoRaw(t('You must enter an e-mail address.'), t('Form validation error for e-mail address was not displayed.'));
// Enter username and e-mail address manually.
$edit = array('name' => 'john', 'mail' => 'john@example.com');
$this->drupalPost(NULL, $edit, t('Create new account'));
$this->assertRaw(t('Once you have verified your e-mail address, you may log in via OpenID.'), t('User was asked to verify e-mail address.'));
$reset_url = $this->getPasswordResetURLFromMail();
$user = user_load_by_name('john');
$this->assertTrue($user, t('User was registered with right username.'));
$this->assertEqual($user->preferred_langcode, language_default()->langcode, t('User language is site default.'));
$this->assertFalse($user->data, t('No additional user info was saved.'));
// Follow the one-time login that was sent in the welcome e-mail.
$this->drupalGet($reset_url);
$this->drupalPost(NULL, array(), t('Log in'));
// The user is taken to user/%uid/edit.
$this->assertFieldByName('mail', 'john@example.com', t('User was registered with right e-mail address.'));
$this->clickLink(t('OpenID identities'));
$this->assertRaw($identity, t('OpenID identity was registered.'));
}
/**
* Test OpenID auto-registration with a provider that supplies AX information,
* but no SREG.
*/
function testRegisterUserWithAXButNoSREG() {
variable_set('user_email_verification', FALSE);
variable_set('date_default_timezone', 'Europe/Brussels');
// Tell openid_test.module to respond with these AX fields.
variable_set('openid_test_response', array(
'openid.ns.ext123' => 'http://openid.net/srv/ax/1.0',
'openid.ext123.type.mail456' => 'http://axschema.org/contact/email',
'openid.ext123.value.mail456' => 'john@example.com',
'openid.ext123.type.name789' => 'http://schema.openid.net/namePerson/friendly',
'openid.ext123.count.name789' => '1',
'openid.ext123.value.name789.1' => 'john',
'openid.ext123.type.timezone' => 'http://axschema.org/pref/timezone',
'openid.ext123.value.timezone' => 'Europe/London',
'openid.ext123.type.language' => 'http://axschema.org/pref/language',
'openid.ext123.value.language' => 'pt-PT',
));
// Save Portuguese and Portuguese, Portugal as optional languages. The
// process should pick 'pt-pt' as the more specific language.
$language = (object) array(
'langcode' => 'pt',
);
language_save($language);
$language = (object) array(
'langcode' => 'pt-pt',
);
language_save($language);
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->submitLoginForm($identity);
$this->assertLink(t('Log out'), 0, t('User was logged in.'));
$user = user_load_by_name('john');
$this->assertTrue($user, t('User was registered with right username.'));
$this->assertEqual($user->mail, 'john@example.com', t('User was registered with right email address.'));
$this->assertEqual($user->timezone, 'Europe/London', t('User was registered with right timezone.'));
$this->assertEqual($user->preferred_langcode, 'pt-pt', t('User was registered with right language.'));
}
}
/**
* Test internal helper functions.
*/
class OpenIDUnitTest extends WebTestBase {
public static function getInfo() {
return array(
'name' => 'OpenID helper functions',
'description' => 'Test OpenID helper functions.',
'group' => 'OpenID'
);
}
function setUp() {
parent::setUp('openid');
module_load_include('inc', 'openid');
}
/**
* Test _openid_dh_XXX_to_XXX() functions.
*/
function testConversion() {
$this->assertEqual(_openid_dh_long_to_base64('12345678901234567890123456789012345678901234567890'), 'CHJ/Y2mq+DyhUCZ0evjH8ZbOPwrS', t('_openid_dh_long_to_base64() returned expected result.'));
$this->assertEqual(_openid_dh_base64_to_long('BsH/g8Nrpn2dtBSdu/sr1y8hxwyx'), '09876543210987654321098765432109876543210987654321', t('_openid_dh_base64_to_long() returned expected result.'));
$this->assertEqual(_openid_dh_long_to_binary('12345678901234567890123456789012345678901234567890'), "\x08r\x7fci\xaa\xf8<\xa1P&tz\xf8\xc7\xf1\x96\xce?\x0a\xd2", t('_openid_dh_long_to_binary() returned expected result.'));
$this->assertEqual(_openid_dh_binary_to_long("\x06\xc1\xff\x83\xc3k\xa6}\x9d\xb4\x14\x9d\xbb\xfb+\xd7/!\xc7\x0c\xb1"), '09876543210987654321098765432109876543210987654321', t('_openid_dh_binary_to_long() returned expected result.'));
}
/**
* Test _openid_dh_xorsecret().
*/
function testOpenidDhXorsecret() {
$this->assertEqual(_openid_dh_xorsecret('123456790123456790123456790', "abc123ABC\x00\xFF"), "\xa4'\x06\xbe\xf1.\x00y\xff\xc2\xc1", t('_openid_dh_xorsecret() returned expected result.'));
}
/**
* Test _openid_get_bytes().
*/
function testOpenidGetBytes() {
$this->assertEqual(strlen(_openid_get_bytes(20)), 20, t('_openid_get_bytes() returned expected result.'));
}
/**
* Test _openid_signature().
*/
function testOpenidSignature() {
// Test that signature is calculated according to OpenID Authentication 2.0,
// section 6.1. In the following array, only the two first entries should be
// included in the calculation, because the substring following the period
// is mentioned in the third argument for _openid_signature(). The last
// entry should not be included, because it does not start with "openid.".
$response = array(
'openid.foo' => 'abc1',
'openid.bar' => 'abc2',
'openid.baz' => 'abc3',
'foobar.foo' => 'abc4',
);
$association = new stdClass();
$association->mac_key = "1234567890abcdefghij\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\xF0\xF1\xF2\xF3\xF4\xF5\xF6\xF7\xF8\xF9";
$this->assertEqual(_openid_signature($association, $response, array('foo', 'bar')), 'QnKZQzSFstT+GNiJDFOptdcZjrc=', t('Expected signature calculated.'));
}
/**
* Test _openid_is_xri().
*/
function testOpenidXRITest() {
// Test that the XRI test is according to OpenID Authentication 2.0,
// section 7.2. If the user-supplied string starts with xri:// it should be
// stripped and the resulting string should be treated as an XRI when it
// starts with "=", "@", "+", "$", "!" or "(".
$this->assertTrue(_openid_is_xri('xri://=foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme.'));
$this->assertTrue(_openid_is_xri('xri://@foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme.'));
$this->assertTrue(_openid_is_xri('xri://+foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme.'));
$this->assertTrue(_openid_is_xri('xri://$foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme.'));
$this->assertTrue(_openid_is_xri('xri://!foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme..'));
$this->assertTrue(_openid_is_xri('xri://(foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme..'));
$this->assertTrue(_openid_is_xri('=foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
$this->assertTrue(_openid_is_xri('@foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
$this->assertTrue(_openid_is_xri('+foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
$this->assertTrue(_openid_is_xri('$foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
$this->assertTrue(_openid_is_xri('!foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
$this->assertTrue(_openid_is_xri('(foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
$this->assertFalse(_openid_is_xri('foo'), t('_openid_is_xri() returned expected result for an http URL.'));
$this->assertFalse(_openid_is_xri('xri://foo'), t('_openid_is_xri() returned expected result for an http URL.'));
$this->assertFalse(_openid_is_xri('http://foo/'), t('_openid_is_xri() returned expected result for an http URL.'));
$this->assertFalse(_openid_is_xri('http://example.com/'), t('_openid_is_xri() returned expected result for an http URL.'));
$this->assertFalse(_openid_is_xri('user@example.com/'), t('_openid_is_xri() returned expected result for an http URL.'));
$this->assertFalse(_openid_is_xri('http://user@example.com/'), t('_openid_is_xri() returned expected result for an http URL.'));
}
/**
* Test openid_normalize().
*/
function testOpenidNormalize() {
// Test that the normalization is according to OpenID Authentication 2.0,
// section 7.2 and 11.5.2.
$this->assertEqual(openid_normalize('$foo'), '$foo', t('openid_normalize() correctly normalized an XRI.'));
$this->assertEqual(openid_normalize('xri://$foo'), '$foo', t('openid_normalize() correctly normalized an XRI with an xri:// scheme.'));
$this->assertEqual(openid_normalize('example.com/'), 'http://example.com/', t('openid_normalize() correctly normalized a URL with a missing scheme.'));
$this->assertEqual(openid_normalize('example.com'), 'http://example.com/', t('openid_normalize() correctly normalized a URL with a missing scheme and empty path.'));
$this->assertEqual(openid_normalize('http://example.com'), 'http://example.com/', t('openid_normalize() correctly normalized a URL with an empty path.'));
$this->assertEqual(openid_normalize('http://example.com/path'), 'http://example.com/path', t('openid_normalize() correctly normalized a URL with a path.'));
$this->assertEqual(openid_normalize('http://example.com/path#fragment'), 'http://example.com/path', t('openid_normalize() correctly normalized a URL with a fragment.'));
}
/**
* Test openid_extract_namespace().
*/
function testOpenidExtractNamespace() {
$response = array(
'openid.sreg.nickname' => 'john',
'openid.ns.ext1' => OPENID_NS_SREG,
'openid.ext1.nickname' => 'george',
'openid.ext1.email' => 'george@example.com',
'openid.ns.ext2' => 'http://example.com/ns/ext2',
'openid.ext2.foo' => '123',
'openid.ext2.bar' => '456',
'openid.signed' => 'sreg.nickname,ns.ext1,ext1.email,ext2.foo',
);
$values = openid_extract_namespace($response, 'http://example.com/ns/dummy', NULL, FALSE);
$this->assertEqual($values, array(), t('Nothing found for unused namespace.'));
$values = openid_extract_namespace($response, 'http://example.com/ns/dummy', 'sreg', FALSE);
$this->assertEqual($values, array('nickname' => 'john'), t('Value found for fallback prefix.'));
$values = openid_extract_namespace($response, OPENID_NS_SREG, 'sreg', FALSE);
$this->assertEqual($values, array('nickname' => 'george', 'email' => 'george@example.com'), t('Namespace takes precedence over fallback prefix.'));
// ext1.email is signed, but ext1.nickname is not.
$values = openid_extract_namespace($response, OPENID_NS_SREG, 'sreg', TRUE);
$this->assertEqual($values, array('email' => 'george@example.com'), t('Unsigned namespaced fields ignored.'));
$values = openid_extract_namespace($response, 'http://example.com/ns/ext2', 'sreg', FALSE);
$this->assertEqual($values, array('foo' => '123', 'bar' => '456'), t('Unsigned fields found.'));
// ext2.foo and ext2.bar are ignored, because ns.ext2 is not signed. The
// fallback prefix is not used, because the namespace is specified.
$values = openid_extract_namespace($response, 'http://example.com/ns/ext2', 'sreg', TRUE);
$this->assertEqual($values, array(), t('Unsigned fields ignored.'));
}
}

4
core/modules/php/php.test
View File

@ -38,8 +38,8 @@ class PHPTestCase extends WebTestBase {
// Verify that anonymous and authenticated user roles do not have access.
$this->drupalGet('admin/config/content/formats/' . $php_format_id);
$this->assertFieldByName('roles[1]', FALSE, t('Anonymous users do not have access to PHP code format.'));
$this->assertFieldByName('roles[2]', FALSE, t('Authenticated users do not have access to PHP code format.'));
$this->assertFieldByName('roles[' . DRUPAL_ANONYMOUS_RID . ']', FALSE, t('Anonymous users do not have access to PHP code format.'));
$this->assertFieldByName('roles[' . DRUPAL_AUTHENTICATED_RID . ']', FALSE, t('Authenticated users do not have access to PHP code format.'));
}
/**

10
core/modules/system/system.install
View File

@ -487,16 +487,6 @@ function system_requirements($phase) {
);
}
$requirements['update status']['title'] = $t('Update notifications');
// Check that Drupal can issue HTTP requests.
if (variable_get('drupal_http_request_fails', TRUE) && !system_check_http_request()) {
$requirements['http requests'] = array(
'title' => $t('HTTP request status'),
'value' => $t('Fails'),
'severity' => REQUIREMENT_ERROR,
'description' => $t('Your system or network configuration does not allow Drupal to access web pages, resulting in reduced functionality. This could be due to your webserver configuration or PHP settings, and should be resolved in order to download information about available updates, fetch aggregator feeds, sign in via OpenID, or use other network-dependent services. If you are certain that Drupal can access web pages but you are still seeing this message, you may add <code>$conf[\'drupal_http_request_fails\'] = FALSE;</code> to the bottom of your settings.php file.'),
);
}
}
return $requirements;

20
core/modules/system/system.module
View File

@ -3416,26 +3416,6 @@ function system_time_zones($blank = NULL) {
return $zones;
}
/**
* Checks whether the server is capable of issuing HTTP requests.
*
* The function sets the drupal_http_request_fail system variable to TRUE if
* drupal_http_request() does not work and then the system status report page
* will contain an error.
*
* @return
* TRUE if this installation can issue HTTP requests.
*/
function system_check_http_request() {
// Try to get the content of the front page via drupal_http_request().
$result = drupal_http_request(url('', array('absolute' => TRUE)), array('max_redirects' => 0));
// We only care that we get a http response - this means that Drupal
// can make a http request.
$works = isset($result->code) && ($result->code >= 100) && ($result->code < 600);
variable_set('drupal_http_request_fails', !$works);
return $works;
}
/**
* Menu callback; Retrieve a JSON object containing a suggested time zone name.
*/

7
core/modules/system/system.test
View File

@ -1,6 +1,7 @@
<?php
use Drupal\Core\Database\Database;
use Drupal\Core\Config\FileStorage;
use Drupal\Component\Graph\Graph;
use Drupal\simpletest\WebTestBase;
use Drupal\simpletest\UnitTestBase;
@ -90,7 +91,8 @@ class ModuleTestCase extends WebTestBase {
// Get the path to the module's config dir.
$module_config_dir = drupal_get_path('module', $module) . '/config';
if (is_dir($module_config_dir)) {
$files = glob($module_config_dir . '/' . '*.xml');
$files = glob($module_config_dir . '/*.' . FileStorage::getFileExtension());
$this->assertTrue($files);
$config_dir = config_get_config_directory();
// Get the filename of each config file.
foreach ($files as $file) {
@ -120,7 +122,8 @@ class ModuleTestCase extends WebTestBase {
// Get the path to the module's config dir.
$module_config_dir = drupal_get_path('module', $module) . '/config';
if (is_dir($module_config_dir)) {
$files = glob($module_config_dir . '/' . '*.xml');
$files = glob($module_config_dir . '/*.' . FileStorage::getFileExtension());
$this->assertTrue($files);
$config_dir = config_get_config_directory();
// Get the filename of each config file.
foreach ($files as $file) {

9
core/modules/update/update.fetch.inc
View File

@ -142,9 +142,12 @@ function _update_process_fetch_task($project) {
$project_name = $project['name'];
if (empty($fail[$fetch_url_base]) || $fail[$fetch_url_base] < $max_fetch_attempts) {
$xml = drupal_http_request($url, array('headers' => array('accept' => 'text/xml')));
if (!isset($xml->error) && isset($xml->data)) {
$data = $xml->data;
$result = drupal_http_request($url, array('headers' => array('accept' => 'text/xml')));
if (isset($result->error)) {
watchdog('update', 'HTTP request to @url failed with error: @error.', array('@url' => $url, '@error' => $result->error));
}
elseif (!isset($result->error) && isset($result->data)) {
$data = $result->data;
}
}

10
core/modules/user/user.test
View File

@ -2259,9 +2259,13 @@ class UserRolesAssignmentTestCase extends WebTestBase {
/**
* Check role on user object.
*
* @param object $account User.
* @param integer $rid Role id.
* @param bool $is_assigned True if the role should present on the account.
* @param object $account
* The user account to check.
* @param string $rid
* The role ID to search for.
* @param bool $is_assigned
* (optional) Whether to assert that $rid exists (TRUE) or not (FALSE).
* Defaults to TRUE.
*/
private function userLoadAndCheckRoleAssigned($account, $rid, $is_assigned = TRUE) {
$account = user_load($account->uid, TRUE);

2
sites/default/default.settings.php
View File

@ -498,7 +498,7 @@ ini_set('session.cookie_lifetime', 2000000);
*/
$conf['404_fast_paths_exclude'] = '/\/(?:styles)\//';
$conf['404_fast_paths'] = '/\.(?:txt|png|gif|jpe?g|css|js|ico|swf|flv|cgi|bat|pl|dll|exe|asp)$/i';
$conf['404_fast_html'] = '<html xmlns="http://www.w3.org/1999/xhtml"><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL "@path" was not found on this server.</p></body></html>';
$conf['404_fast_html'] = '<!DOCTYPE html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL "@path" was not found on this server.</p></body></html>';
/**
* By default, fast 404s are returned as part of the normal page request