public function BotchaAdminTestCase::testAdminLog in BOTCHA Spam Prevention 7.2
Testing of placing messages into log.
File
- ./
botcha.test, line 874 - Tests for BOTCHA module.
Class
Code
public function testAdminLog() {
// Assert filtering vulnerable data: password. Use case is as follows:
// 1) Enable BOTCHA protection for user registration form.
$form_controller = $this->application
->getController(Botcha::CONTROLLER_TYPE_FORM);
$form_id = 'user_register_form';
$botcha_form = $form_controller
->getForm($form_id);
$botcha_form
->setEnabled(TRUE);
// Set log level to one of the highest.
variable_set('botcha_loglevel', 6);
// Disable email verification to allow setting password during registration.
variable_set('user_email_verification', 0);
// 2) Register new user via that form.
$this
->drupalLogout();
$edit = array(
'name' => $username = $this
->randomName(),
'mail' => $mail = $username . '@example.com',
'pass[pass1]' => $password = user_password(),
'pass[pass2]' => $password,
);
$this
->drupalPost('user/register', $edit, t('Create new account'));
// 3) Check that password is encrypted.
$this
->drupalLogin($this->admin_user);
$this
->drupalGet('admin/reports/dblog');
// Always blocked, because Simpletest can't run JavaScript.
$this
->clickLink("{$form_id} post blocked by BOTCHA: submission...");
$pass_fields = array(
// Assert password is hidden in POST.
'pass1',
'pass2',
// Assert password is hidden in values.
'pass',
// Assert password is hidden in form.
'#value',
);
foreach ($pass_fields as $pass_field) {
// Filtering is needed because matching is handled on filtered text.
$this
->assertText(filter_xss("[{$pass_field}] => ******", array()), t("Password {$pass_field} is hidden"));
$this
->assertNoText(filter_xss("[{$pass_field}] => {$password}", array()), t("There is no raw {$pass_field} password"));
}
}