class BotchaTestCase in BOTCHA Spam Prevention 6
Same name and namespace in other branches
- 6.2 botcha.test \BotchaTestCase
- 6.3 tests/botcha.simpletest.test \BotchaTestCase
- 7 botcha.test \BotchaTestCase
- 7.2 botcha.test \BotchaTestCase
- 7.3 tests/botcha.simpletest.test \BotchaTestCase
Hierarchy
- class \DrupalTestCase
- class \DrupalWebTestCase
- class \BotchaBaseWebTestCase
- class \BotchaTestCase
- class \BotchaBaseWebTestCase
- class \DrupalWebTestCase
Expanded class hierarchy of BotchaTestCase
File
- ./
botcha.test, line 222 - Tests for BOTCHA module.
View source
class BotchaTestCase extends BotchaBaseWebTestCase {
public static function getInfo() {
return array(
'name' => t('General BOTCHA functionality'),
'description' => t('Testing of the basic BOTCHA functionality.'),
'group' => t('BOTCHA'),
);
}
/**
* Testing the protection of the user log in form.
*/
function testBotchaOnLoginForm() {
// Create user and test log in without BOTCHA.
$user = $this
->drupalCreateUser();
$this
->drupalLogin($user);
// Log out again.
$this
->drupalLogout();
// Set a BOTCHA on login form
botcha_set_form_id_setting('user_login', 'default');
// Check if there is a BOTCHA on the login form (look for the title).
$this
->drupalGet('user');
$this
->assertBotchaPresence(TRUE);
// Try to log in, which should fail (due to JS required for 'default' BOTCHA recipe is not present in simpletest browser).
$edit = array(
'name' => $user->name,
'pass' => $user->pass_raw,
);
$this
->drupalPost('user', $edit, t('Log in'));
// Check for error message.
$this
->assertText(t(BOTCHA_WRONG_RESPONSE_ERROR_MESSAGE), 'BOTCHA should block user login form', 'BOTCHA');
// And make sure that user is not logged in: check for name and password fields on ?q=user
$this
->drupalGet('user');
$this
->assertField('name', t('Username field found.'), 'BOTCHA');
$this
->assertField('pass', t('Password field found.'), 'BOTCHA');
}
/**
* Assert function for testing if comment posting works as it should.
*
* Creates node with comment writing enabled, tries to post comment
* with given BOTCHA response (caller should enable the desired
* challenge on page node comment forms) and checks if the result is as expected.
*
* @param $node existing node to post comments to (if NULL, will be created)
* @param $should_pass boolean describing if the posting should pass or should be blocked
* @param $message message to prefix to nested asserts
* @param $button name of button to click (t('Save') by default)
*/
protected function assertCommentPosting($node, $should_pass, $message, $button = '') {
// Make sure comments on pages can be saved directely without preview.
variable_set('comment_preview_page', DRUPAL_OPTIONAL);
if (empty($node)) {
// Create a node with comments enabled.
$node = $this
->createNodeWithCommentsEnabled();
}
if (empty($button)) {
$button = t('Save');
}
// Check if there is a BOTCHA on the comment form.
$this
->drupalGet('comment/reply/' . $node->nid);
$this
->assertBotchaPresence(TRUE);
// Post comment on node.
$edit = $this
->setCommentFormValues();
if (!$should_pass) {
// Screw up fields (like a bot would do)
$edit['botcha_response'] = 'xx';
}
$comment_subject = $edit['subject'];
$comment_body = $edit['comment'];
$this
->drupalPost('comment/reply/' . $node->nid, $edit, $button);
if ($should_pass) {
// There should be no error message.
$this
->assertBotchaResponseAccepted();
// Get node page and check that comment shows up.
$this
->drupalGet('node/' . $node->nid);
$this
->assertText($comment_subject, $message . ' Comment should show up on node page.', 'BOTCHA');
$this
->assertText($comment_body, $message . ' Comment should show up on node page.', 'BOTCHA');
}
else {
// Check for error message.
$this
->assertText(t(BOTCHA_WRONG_RESPONSE_ERROR_MESSAGE), $message . ' Comment submission should be blocked.', 'BOTCHA');
// Check that there is still BOTCHA after failed submit.
$this
->assertBotchaPresence(TRUE);
// Get node page and check that comment is not present.
$this
->drupalGet('node/' . $node->nid);
$this
->assertNoText($comment_subject, $message . ' Comment should not show up on node page.', 'BOTCHA');
$this
->assertNoText($comment_body, $message . ' Comment should not show up on node page.', 'BOTCHA');
}
return $node;
}
/**
* Testing the case sensistive/insensitive validation.
*/
function testBotchaValidation() {
// Set Test BOTCHA on comment form
botcha_set_form_id_setting(self::COMMENT_FORM_ID, 'test');
// Log in as normal user.
$this
->drupalLogin($this->normal_user);
$this
->assertCommentPosting(NULL, TRUE, 'Validation of right fields touched.');
$this
->assertCommentPosting(NULL, FALSE, 'Validation of wrong fields touched.');
}
/**
* Test if BOTCHA is applied when previewing comments:
* comment preview should have BOTCHA again.
*
* \see testBotchaAfterNodePreview()
*/
function testBotchaAfterCommentPreview() {
// Set Test BOTCHA on comment form.
botcha_set_form_id_setting(self::COMMENT_FORM_ID, 'test');
// Log in as normal user.
$this
->drupalLogin($this->normal_user);
// Create a node with comments enabled.
$node = $this
->createNodeWithCommentsEnabled();
// Check if there is a BOTCHA on the comment form (look for the title).
$this
->drupalGet('comment/reply/' . $node->nid);
$this
->assertBotchaPresence(TRUE);
// Preview comment with correct BOTCHA.
$edit = $this
->setCommentFormValues();
$this
->drupalPost('comment/reply/' . $node->nid, $edit, t('Preview'));
// Check that there is still BOTCHA after preview.
$this
->assertBotchaPresence(TRUE);
}
/**
* Test if BOTCHA is applied when previewing nodes:
* node preview should have BOTCHA again.
* The preview functionality of comments and nodes works slightly different under the hood.
* BOTCHA module should be able to handle both.
*
* \see testBotchaAfterCommentPreview()
*/
function testBotchaAfterNodePreview() {
// Set Test BOTCHA on page form.
botcha_set_form_id_setting('page_node_form', 'test');
// Log in as normal user.
$this
->drupalLogin($this->normal_user);
// Check if there is a BOTCHA on the node form (look for the title).
$this
->drupalGet('node/add/page');
$this
->assertBotchaPresence(TRUE);
// Page settings to post, with correct BOTCHA answer.
$edit = $this
->setNodeFormValues();
// Preview the node
$this
->drupalPost('node/add/page', $edit, t('Preview'));
// Check that there is still BOTCHA after preview.
$this
->assertBotchaPresence(TRUE);
}
/**
* BOTCHA should also be put on admin pages if visitor
* has no access
*/
function testBotchaOnLoginBlockOnAdminPages() {
// Set a BOTCHA on login block form
botcha_set_form_id_setting('user_login_block', 'default');
// Check if there is a BOTCHA on home page.
$this
->drupalGet('node');
$this
->assertBotchaPresence(TRUE);
// Check there is a BOTCHA on "forbidden" admin pages
$this
->drupalGet('admin');
$this
->assertBotchaPresence(TRUE);
}
/**
* Test if BOTCHA is applied correctly when failing first and then resubmitting comments:
* comment form should have BOTCHA again and pass correct submission.
* (We use to fail BOTCHA as it is impossible to fail comment form on its own)
*
* \see testBotchaAfterNodePreview()
*/
function testBotchaResubmit() {
// Set Test BOTCHA on comment form.
botcha_set_form_id_setting(self::COMMENT_FORM_ID, 'test');
// Create a node with comments enabled.
$node = $this
->createNodeWithCommentsEnabled();
// Log in as normal user.
$this
->drupalLogin($this->normal_user);
// Make sure comments on pages can be saved directely without preview.
variable_set('comment_preview_page', DRUPAL_OPTIONAL);
// Check if there is a BOTCHA on the comment form.
$this
->drupalGet('comment/reply/' . $node->nid);
$this
->assertBotchaPresence(TRUE);
// Post comment on node.
$edit = $this
->setCommentFormValues();
// Screw up fields (like a bot would do)
$edit['botcha_response'] = 'xx';
$comment_subject = $edit['subject'];
$comment_body = $edit['comment'];
$this
->drupalPost('comment/reply/' . $node->nid, $edit, t('Save'));
// Check for error message.
$this
->assertText(t(BOTCHA_WRONG_RESPONSE_ERROR_MESSAGE), 'Comment submission should be blocked.', 'BOTCHA');
// Check that there is still BOTCHA after failed submit.
$this
->assertBotchaPresence(TRUE);
// Copy all values from the form into new one.
$edit = $this
->getCommentFormValuesFromForm();
// Get node page and check that comment is not present.
$this
->drupalGet('node/' . $node->nid);
$this
->assertNoText($comment_subject, 'Comment should not show up on node page.', 'BOTCHA');
$this
->assertNoText($comment_body, 'Comment should not show up on node page.', 'BOTCHA');
$comment_subject = $edit['subject'];
$comment_body = $edit['comment'];
// Save comment again with correct BOTCHA.
$this
->drupalPost('comment/reply/' . $node->nid, $edit, t('Save'));
// There should be no error message.
$this
->assertBotchaResponseAccepted();
// Get node page and check that comment shows up.
$this
->drupalGet('node/' . $node->nid);
$this
->assertText($comment_subject, ' Comment should show up on node page.', 'BOTCHA');
$this
->assertText($comment_body, ' Comment should show up on node page.', 'BOTCHA');
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
BotchaBaseWebTestCase:: |
protected | property | User with various administrative permissions. | |
BotchaBaseWebTestCase:: |
protected | property | Normal visitor with limited permissions | |
BotchaBaseWebTestCase:: |
protected | function | Helper function to allow comment posting for anonymous users. | |
BotchaBaseWebTestCase:: |
protected | function | Assert that there is a BOTCHA on the form or not. | |
BotchaBaseWebTestCase:: |
protected | function | Assert that the response is accepted: no "unknown CSID" message, no "CSID reuse attack detection" message, no "wrong answer" message. | |
BotchaBaseWebTestCase:: |
constant | Drupal path of the (general) BOTCHA admin page | ||
BotchaBaseWebTestCase:: |
constant | Form ID of comment form on standard (page) node | ||
BotchaBaseWebTestCase:: |
protected | function | Helper function to create a node with comments enabled. | |
BotchaBaseWebTestCase:: |
protected | function | Helper function to get form values array from comment form | |
BotchaBaseWebTestCase:: |
protected | function | Get the form_build_id from the current form in the browser. | |
BotchaBaseWebTestCase:: |
protected | function | Helper function to generate a default form values array for comment forms | |
BotchaBaseWebTestCase:: |
protected | function | Helper function to generate a default form values array for node forms | |
BotchaBaseWebTestCase:: |
function |
Generates a random database prefix, runs the install scripts on the
prefixed database and enable the specified modules. After installation
many caches are flushed and the internal browser is setup so that the
page requests will run on the new prefix.… Overrides DrupalWebTestCase:: |
||
BotchaTestCase:: |
protected | function | Assert function for testing if comment posting works as it should. | |
BotchaTestCase:: |
public static | function | ||
BotchaTestCase:: |
function | Test if BOTCHA is applied when previewing comments: comment preview should have BOTCHA again. | ||
BotchaTestCase:: |
function | Test if BOTCHA is applied when previewing nodes: node preview should have BOTCHA again. The preview functionality of comments and nodes works slightly different under the hood. BOTCHA module should be able to handle both. | ||
BotchaTestCase:: |
function | BOTCHA should also be put on admin pages if visitor has no access | ||
BotchaTestCase:: |
function | Testing the protection of the user log in form. | ||
BotchaTestCase:: |
function | Test if BOTCHA is applied correctly when failing first and then resubmitting comments: comment form should have BOTCHA again and pass correct submission. (We use to fail BOTCHA as it is impossible to fail comment form on its own) | ||
BotchaTestCase:: |
function | Testing the case sensistive/insensitive validation. | ||
DrupalTestCase:: |
protected | property | Assertions thrown in that test case. | |
DrupalTestCase:: |
protected | property | The database prefix of this test run. | |
DrupalTestCase:: |
protected | property | The original file directory, before it was changed for testing purposes. | |
DrupalTestCase:: |
protected | property | The original database prefix, before it was changed for testing purposes. | |
DrupalTestCase:: |
public | property | Current results of this test case. | |
DrupalTestCase:: |
protected | property | This class is skipped when looking for the source of an assertion. | |
DrupalTestCase:: |
protected | property | The test run ID. | |
DrupalTestCase:: |
protected | property | Time limit for the test. | |
DrupalTestCase:: |
protected | function | Internal helper: stores the assert. | |
DrupalTestCase:: |
protected | function | Check to see if two values are equal. | |
DrupalTestCase:: |
protected | function | Check to see if a value is false (an empty string, 0, NULL, or FALSE). | |
DrupalTestCase:: |
protected | function | Check to see if two values are identical. | |
DrupalTestCase:: |
protected | function | Check to see if two values are not equal. | |
DrupalTestCase:: |
protected | function | Check to see if two values are not identical. | |
DrupalTestCase:: |
protected | function | Check to see if a value is not NULL. | |
DrupalTestCase:: |
protected | function | Check to see if a value is NULL. | |
DrupalTestCase:: |
protected | function | Check to see if a value is not false (not an empty string, 0, NULL, or FALSE). | |
DrupalTestCase:: |
public static | function | Delete an assertion record by message ID. | |
DrupalTestCase:: |
protected | function | Fire an error assertion. | |
DrupalTestCase:: |
public | function | Handle errors during test runs. | |
DrupalTestCase:: |
protected | function | Handle exceptions. | |
DrupalTestCase:: |
protected | function | Fire an assertion that is always negative. | |
DrupalTestCase:: |
public static | function | Converts a list of possible parameters into a stack of permutations. | |
DrupalTestCase:: |
protected | function | Cycles through backtrace until the first non-assertion method is found. | |
DrupalTestCase:: |
public static | function | Store an assertion from outside the testing context. | |
DrupalTestCase:: |
protected | function | Fire an assertion that is always positive. | |
DrupalTestCase:: |
public static | function | Generates a random string containing letters and numbers. | |
DrupalTestCase:: |
public static | function | Generates a random string of ASCII characters of codes 32 to 126. | |
DrupalTestCase:: |
public | function | Run all tests in this class. | |
DrupalTestCase:: |
protected | function | Logs verbose message in a text file. | |
DrupalWebTestCase:: |
protected | property | Additional cURL options. | |
DrupalWebTestCase:: |
protected | property | The content of the page currently loaded in the internal browser. | |
DrupalWebTestCase:: |
protected | property | The current cookie file used by cURL. | |
DrupalWebTestCase:: |
protected | property | The handle of the current cURL connection. | |
DrupalWebTestCase:: |
protected | property | The value of the Drupal.settings JavaScript variable for the page currently loaded in the internal browser. | |
DrupalWebTestCase:: |
protected | property | The parsed version of the page. | |
DrupalWebTestCase:: |
protected | property | Whether the files were copied to the test files directory. | |
DrupalWebTestCase:: |
protected | property | The headers of the page currently loaded in the internal browser. | |
DrupalWebTestCase:: |
protected | property | HTTP authentication credentials (<username>:<password>). | |
DrupalWebTestCase:: |
protected | property | HTTP authentication method | |
DrupalWebTestCase:: |
protected | property | The current user logged in using the internal browser. | |
DrupalWebTestCase:: |
protected | property | The original user, before it was changed to a clean uid = 1 for testing purposes. | |
DrupalWebTestCase:: |
protected | property | The content of the page currently loaded in the internal browser (plain text version). | |
DrupalWebTestCase:: |
protected | property | The profile to install as a basis for testing. | |
DrupalWebTestCase:: |
protected | property | The number of redirects followed during the handling of a request. | |
DrupalWebTestCase:: |
protected | property | The current session ID, if available. | |
DrupalWebTestCase:: |
protected | property | The current session name, if available. | |
DrupalWebTestCase:: |
protected | property | The URL currently loaded in the internal browser. | |
DrupalWebTestCase:: |
protected | function | Asserts that a field exists with the given name or id. | |
DrupalWebTestCase:: |
protected | function | Asserts that a field exists in the current page with the given id and value. | |
DrupalWebTestCase:: |
protected | function | Asserts that a field exists in the current page with the given name and value. | |
DrupalWebTestCase:: |
protected | function | Asserts that a field exists in the current page by the given XPath. | |
DrupalWebTestCase:: |
protected | function | Asserts that a checkbox field in the current page is checked. | |
DrupalWebTestCase:: |
protected | function | Pass if a link with the specified label is found, and optional with the specified index. | |
DrupalWebTestCase:: |
protected | function | Pass if a link containing a given href (part) is found. | |
DrupalWebTestCase:: |
protected | function | Asserts that the most recently sent e-mail message has the given value. | |
DrupalWebTestCase:: |
protected | function | Asserts that the most recently sent e-mail message has the pattern in it. | |
DrupalWebTestCase:: |
protected | function | Asserts that the most recently sent e-mail message has the string in it. | |
DrupalWebTestCase:: |
protected | function | Asserts that each HTML ID is used for just a single element. | |
DrupalWebTestCase:: |
protected | function | Asserts that a field does not exist with the given name or id. | |
DrupalWebTestCase:: |
protected | function | Asserts that a field does not exist with the given id and value. | |
DrupalWebTestCase:: |
protected | function | Asserts that a field does not exist with the given name and value. | |
DrupalWebTestCase:: |
protected | function | Asserts that a field does not exist in the current page by the given XPath. | |
DrupalWebTestCase:: |
protected | function | Asserts that a checkbox field in the current page is not checked. | |
DrupalWebTestCase:: |
protected | function | Pass if a link with the specified label is not found. | |
DrupalWebTestCase:: |
protected | function | Pass if a link containing a given href (part) is not found. | |
DrupalWebTestCase:: |
protected | function | Asserts that a select option in the current page is not checked. | |
DrupalWebTestCase:: |
protected | function | Will trigger a pass if the perl regex pattern is not present in raw content. | |
DrupalWebTestCase:: |
protected | function | Pass if the raw text is NOT found on the loaded page, fail otherwise. Raw text refers to the raw HTML that the page generated. | |
DrupalWebTestCase:: |
protected | function | Asserts the page did not return the specified response code. | |
DrupalWebTestCase:: |
protected | function | Pass if the text is NOT found on the text version of the page. The text version is the equivalent of what a user would see when viewing through a web browser. In other words the HTML has been filtered out of the contents. | |
DrupalWebTestCase:: |
protected | function | Pass if the page title is not the given string. | |
DrupalWebTestCase:: |
protected | function | Pass if the text is found MORE THAN ONCE on the text version of the page. | |
DrupalWebTestCase:: |
protected | function | Asserts that a select option in the current page is checked. | |
DrupalWebTestCase:: |
protected | function | Will trigger a pass if the Perl regex pattern is found in the raw content. | |
DrupalWebTestCase:: |
protected | function | Pass if the raw text IS found on the loaded page, fail otherwise. Raw text refers to the raw HTML that the page generated. | |
DrupalWebTestCase:: |
protected | function | Asserts the page responds with the specified response code. | |
DrupalWebTestCase:: |
protected | function | Pass if the text IS found on the text version of the page. The text version is the equivalent of what a user would see when viewing through a web browser. In other words the HTML has been filtered out of the contents. | |
DrupalWebTestCase:: |
protected | function | Helper for assertText and assertNoText. | |
DrupalWebTestCase:: |
protected | function | Pass if the page title is the given string. | |
DrupalWebTestCase:: |
protected | function | Pass if the text is found ONLY ONCE on the text version of the page. | |
DrupalWebTestCase:: |
protected | function | Helper for assertUniqueText and assertNoUniqueText. | |
DrupalWebTestCase:: |
protected | function | Pass if the internal browser's URL matches the given path. | |
DrupalWebTestCase:: |
protected | function | Builds an XPath query. | |
DrupalWebTestCase:: |
protected | function | Check for meta refresh tag and if found call drupalGet() recursively. This function looks for the http-equiv attribute to be set to "Refresh" and is case-sensitive. | |
DrupalWebTestCase:: |
protected | function | Check to make sure that the array of permissions are valid. | |
DrupalWebTestCase:: |
protected | function | Follows a link by name. | |
DrupalWebTestCase:: |
protected | function | Helper function: construct an XPath for the given set of attributes and value. | |
DrupalWebTestCase:: |
protected | function | Runs cron in the Drupal installed by Simpletest. | |
DrupalWebTestCase:: |
protected | function | Close the cURL handler and unset the handler. | |
DrupalWebTestCase:: |
protected | function | Initializes and executes a cURL request. | |
DrupalWebTestCase:: |
protected | function | Reads headers and registers errors received from the tested site. | |
DrupalWebTestCase:: |
protected | function | Initializes the cURL connection. | |
DrupalWebTestCase:: |
protected | function | Compare two files based on size and file name. | |
DrupalWebTestCase:: |
protected | function | Creates a custom content type based on default settings. | |
DrupalWebTestCase:: |
protected | function | Creates a node based on default settings. | |
DrupalWebTestCase:: |
protected | function | Internal helper function; Create a role with specified permissions. | |
DrupalWebTestCase:: |
protected | function | Create a user with a given set of permissions. The permissions correspond to the names given on the privileges page. | |
DrupalWebTestCase:: |
protected | function | Retrieves a Drupal path or an absolute path. | |
DrupalWebTestCase:: |
protected | function | Gets the current raw HTML of requested page. | |
DrupalWebTestCase:: |
protected | function | Gets the value of an HTTP response header. If multiple requests were required to retrieve the page, only the headers from the last request will be checked by default. However, if TRUE is passed as the second argument, all requests will be processed… | |
DrupalWebTestCase:: |
protected | function | Gets the HTTP response headers of the requested page. Normally we are only interested in the headers returned by the last request. However, if a page is redirected or HTTP authentication is in use, multiple requests will be required to retrieve the… | |
DrupalWebTestCase:: |
protected | function | Gets an array containing all e-mails sent during this test case. | |
DrupalWebTestCase:: |
function | Get a node from the database based on its title. | ||
DrupalWebTestCase:: |
protected | function | Gets the value of the Drupal.settings JavaScript variable for the currently loaded page. | |
DrupalWebTestCase:: |
protected | function | Get a list files that can be used in tests. | |
DrupalWebTestCase:: |
protected | function | Generate a token for the currently logged in user. | |
DrupalWebTestCase:: |
protected | function | Retrieves only the headers for a Drupal path or an absolute path. | |
DrupalWebTestCase:: |
protected | function | Log in a user with the internal browser. | |
DrupalWebTestCase:: |
protected | function | ||
DrupalWebTestCase:: |
protected | function | Execute a POST request on a Drupal page. It will be done as usual POST request with SimpleBrowser. | |
DrupalWebTestCase:: |
protected | function | Sets the raw HTML content. This can be useful when a page has been fetched outside of the internal browser and assertions need to be made on the returned page. | |
DrupalWebTestCase:: |
protected | function | Sets the value of the Drupal.settings JavaScript variable for the currently loaded page. | |
DrupalWebTestCase:: |
protected | function | Takes a path and returns an absolute path. | |
DrupalWebTestCase:: |
protected | function | Get all option elements, including nested options, in a select. | |
DrupalWebTestCase:: |
protected | function | Get the selected value from a select field. | |
DrupalWebTestCase:: |
protected | function | Get the current url from the cURL handler. | |
DrupalWebTestCase:: |
protected | function | Handle form input related to drupalPost(). Ensure that the specified fields exist and attempt to create POST data in the correct manner for the particular field type. | |
DrupalWebTestCase:: |
protected | function | Parse content returned from curlExec using DOM and SimpleXML. | |
DrupalWebTestCase:: |
protected | function | Refresh the in-memory set of variables. Useful after a page request is made that changes a variable in a different thread. | |
DrupalWebTestCase:: |
protected | function | Reset all data structures after having enabled new modules. | |
DrupalWebTestCase:: |
protected | function | Delete created files and temporary files directory, delete the tables created by setUp(), and reset the database prefix. | |
DrupalWebTestCase:: |
protected | function | Outputs to verbose the most recent $count emails sent. | |
DrupalWebTestCase:: |
protected | function | Perform an xpath search on the contents of the internal browser. The search is relative to the root element (HTML tag normally) of the page. | |
DrupalWebTestCase:: |
function |
Constructor for DrupalWebTestCase. Overrides DrupalTestCase:: |