You are here

function BotchaAdminTestCase::testUntrustedUserPosting in BOTCHA Spam Prevention 7

Same name and namespace in other branches
  1. 6 botcha.test \BotchaAdminTestCase::testUntrustedUserPosting()

File

./botcha.test, line 652
Tests for BOTCHA module.

Class

BotchaAdminTestCase

Code

function testUntrustedUserPosting() {

  // Set BOTCHA on comment form.
  botcha_set_form_id_setting(self::COMMENT_FORM_ID, 'test');

  // Create a node with comments enabled.
  $node = $this
    ->createNodeWithCommentsEnabled();

  // Log in as normal (untrusted) user.
  $this
    ->drupalLogin($this->normal_user);

  // Go to node page and click the "add comment" link.
  $this
    ->drupalGet('node/' . $node->nid);
  $this
    ->clickLink(t('Add new comment'));
  $add_comment_url = $this
    ->getUrl();

  // Check if BOTCHA is visible on form.
  $this
    ->assertBotchaPresence(TRUE);

  // Try to post a comment with wrong answer.
  $edit = $this
    ->setCommentFormValues();

  // Screw up fields (like a bot would do)
  $edit['botcha_response'] = 'xx';
  $this
    ->drupalPost($add_comment_url, $edit, t('Preview'));
  $this
    ->assertText(t(BOTCHA_WRONG_RESPONSE_ERROR_MESSAGE), 'wrong BOTCHA should block form submission.', 'BOTCHA');

  //TODO: more testing for untrusted posts.
}