diff options
Diffstat (limited to 'core/modules/php/php.test')
| -rw-r--r-- | core/modules/php/php.test | 120 |
1 files changed, 120 insertions, 0 deletions
diff --git a/core/modules/php/php.test b/core/modules/php/php.test new file mode 100644 index 00000000000..8ead2ac02ae --- /dev/null +++ b/core/modules/php/php.test @@ -0,0 +1,120 @@ +<?php + +/** + * @file + * Tests for php.module. + */ + +/** + * Base PHP test case class. + */ +class PHPTestCase extends DrupalWebTestCase { + protected $php_code_format; + + function setUp() { + parent::setUp('php'); + + // Create and login admin user. + $admin_user = $this->drupalCreateUser(array('administer filters')); + $this->drupalLogin($admin_user); + + // Verify that the PHP code text format was inserted. + $php_format_id = 'php_code'; + $this->php_code_format = filter_format_load($php_format_id); + $this->assertEqual($this->php_code_format->name, 'PHP code', t('PHP code text format was created.')); + + // Verify that the format has the PHP code filter enabled. + $filters = filter_list_format($php_format_id); + $this->assertTrue($filters['php_code']->status, t('PHP code filter is enabled.')); + + // Verify that the format exists on the administration page. + $this->drupalGet('admin/config/content/formats'); + $this->assertText('PHP code', t('PHP code text format was created.')); + + // Verify that anonymous and authenticated user roles do not have access. + $this->drupalGet('admin/config/content/formats/' . $php_format_id); + $this->assertFieldByName('roles[1]', FALSE, t('Anonymous users do not have access to PHP code format.')); + $this->assertFieldByName('roles[2]', FALSE, t('Authenticated users do not have access to PHP code format.')); + } + + /** + * Create a test node with PHP code in the body. + * + * @return stdObject Node object. + */ + function createNodeWithCode() { + return $this->drupalCreateNode(array('body' => array(LANGUAGE_NONE => array(array('value' => '<?php print "SimpleTest PHP was executed!"; ?>'))))); + } +} + +/** + * Tests to make sure the PHP filter actually evaluates PHP code when used. + */ +class PHPFilterTestCase extends PHPTestCase { + public static function getInfo() { + return array( + 'name' => 'PHP filter functionality', + 'description' => 'Make sure that PHP filter properly evaluates PHP code when enabled.', + 'group' => 'PHP', + ); + } + + /** + * Make sure that the PHP filter evaluates PHP code when used. + */ + function testPHPFilter() { + // Log in as a user with permission to use the PHP code text format. + $php_code_permission = filter_permission_name(filter_format_load('php_code')); + $web_user = $this->drupalCreateUser(array('access content', 'create page content', 'edit own page content', $php_code_permission)); + $this->drupalLogin($web_user); + + // Create a node with PHP code in it. + $node = $this->createNodeWithCode(); + + // Make sure that the PHP code shows up as text. + $this->drupalGet('node/' . $node->nid); + $this->assertText('print "SimpleTest PHP was executed!"', t('PHP code is displayed.')); + + // Change filter to PHP filter and see that PHP code is evaluated. + $edit = array(); + $langcode = LANGUAGE_NONE; + $edit["body[$langcode][0][format]"] = $this->php_code_format->format; + $this->drupalPost('node/' . $node->nid . '/edit', $edit, t('Save')); + $this->assertRaw(t('Basic page %title has been updated.', array('%title' => $node->title)), t('PHP code filter turned on.')); + + // Make sure that the PHP code shows up as text. + $this->assertNoText('print "SimpleTest PHP was executed!"', t("PHP code isn't displayed.")); + $this->assertText('SimpleTest PHP was executed!', t('PHP code has been evaluated.')); + } +} + +/** + * Tests to make sure access to the PHP filter is properly restricted. + */ +class PHPAccessTestCase extends PHPTestCase { + public static function getInfo() { + return array( + 'name' => 'PHP filter access check', + 'description' => 'Make sure that users who don\'t have access to the PHP filter can\'t see it.', + 'group' => 'PHP', + ); + } + + /** + * Make sure that user can't use the PHP filter when not given access. + */ + function testNoPrivileges() { + // Create node with PHP filter enabled. + $web_user = $this->drupalCreateUser(array('access content', 'create page content', 'edit own page content')); + $this->drupalLogin($web_user); + $node = $this->createNodeWithCode(); + + // Make sure that the PHP code shows up as text. + $this->drupalGet('node/' . $node->nid); + $this->assertText('print', t('PHP code was not evaluated.')); + + // Make sure that user doesn't have access to filter. + $this->drupalGet('node/' . $node->nid . '/edit'); + $this->assertNoRaw('<option value="' . $this->php_code_format->format . '">', t('PHP code format not available.')); + } +} |