public function BotchaTestAdminLog::testAdminLog in BOTCHA Spam Prevention 7.3
Same name and namespace in other branches
- 6.3 tests/botcha.simpletest.test \BotchaTestAdminLog::testAdminLog()
Testing of placing messages into log.
File
- tests/
botcha.simpletest.test, line 768 - Simpletest-tests for BOTCHA module.
Class
Code
public function testAdminLog() {
// Unit testing: assume that correct work of other parts is tested elsewhere.
$recipebook_controller = $this->application
->getController(Botcha::CONTROLLER_TYPE_RECIPEBOOK);
$recipebook = $recipebook_controller
->getRecipebook();
// Fill in results array randomly to emulate spam check.
$is_spam = array();
$recipes_spam = array();
foreach ($recipebook
->getRecipes() as $recipe_id) {
$value = (bool) rand(0, 1);
$is_spam[$recipe_id] = $value;
if ($value) {
$recipes_spam[$recipe_id] = $recipe_id;
}
}
$count_recipes = count($is_spam);
$count_spam = count($recipes_spam);
$form_id = 'test_form_id';
$form = array();
$form['form_id']['#value'] = $form_id;
// Test success case.
// @todo Remove hardcode.
$recipebook
->handle('success', $form, array(), $is_spam);
$this
->drupalGet('admin/reports/dblog');
// @todo Assert that there is success message.
//$this->assertText(t('Checked %count botchas (%recipes_list)', array('%count' => $count_recipes, '%recipes_list' => implode(', ', $is_spam))), 'Success message is in log', 'BOTCHA');
// Test spam case.
// @todo Remove hardcode.
$recipebook
->handle('spam', $form, array(), $is_spam);
$this
->drupalGet('admin/reports/dblog');
// @todo It looks like being sometimes failed => find better way to click a link, that contains our form id.
// @todo Abstract it.
$this
->clickLink("{$form_id} post blocked by BOTCHA: submission looks...");
// Assert that there is a spam message.
// We should pass plain text - so t() doesn't fit.
//$message = t('Failed %count_spam of %count_recipes recipes [%recipes_list] from "%rbid" recipe book.', array('%count_spam' => $count_spam, '%count_recipes' => $count_recipes, '%recipes_list' => implode(', ', $recipes_spam), '%rbid' => $recipebook->id));
$message = str_replace(array(
'%count_spam',
'%count_recipes',
'%recipes_list',
'%rbid',
), array(
$count_spam,
$count_recipes,
implode(', ', $recipes_spam),
$recipebook->id,
), 'Failed %count_spam of %count_recipes recipes [%recipes_list] from "%rbid" recipe book.');
$this
->assertText($message, 'Expected spam message \'' . $message . '\' is in log', 'BOTCHA');
// Assert filtering vulnerable data: password. Use case is as follows:
// 1) Enable BOTCHA protection for user registration form.
$form_controller = $this->application
->getController(Botcha::CONTROLLER_TYPE_FORM);
$form_id = 'user_register_form';
$botcha_form = $form_controller
->getForm($form_id);
$botcha_form
->setEnabled(TRUE);
// Set log level to one of the highest.
variable_set('botcha_loglevel', 6);
// Disable email verification to allow setting password during registration.
variable_set('user_email_verification', 0);
// 2) Register new user via that form.
$this
->drupalLogout();
$edit = array(
'name' => $username = $this
->randomName(),
'mail' => $mail = $username . '@example.com',
'pass[pass1]' => $password = user_password(),
'pass[pass2]' => $password,
);
$this
->drupalPost('user/register', $edit, t('Create new account'));
// 3) Check that password is encrypted.
$this
->drupalLogin($this->admin_user);
$this
->drupalGet('admin/reports/dblog');
// Always blocked, because Simpletest can't run JavaScript.
$this
->clickLink("{$form_id} post blocked by BOTCHA: submission...");
$pass_fields = array(
// Assert password is hidden in POST.
'pass1',
'pass2',
// Assert password is hidden in values.
'pass',
// Assert password is hidden in form.
'#value',
);
foreach ($pass_fields as $pass_field) {
// Filtering is needed because matching is handled on filtered text.
$this
->assertText(filter_xss("[{$pass_field}] => ******", array()), t("Password {$pass_field} is hidden"));
$this
->assertNoText(filter_xss("[{$pass_field}] => {$password}", array()), t("There is no raw {$pass_field} password"));
}
}