class SaveUploadTest in Drupal 8
Same name and namespace in other branches
- 9 core/modules/file/tests/src/Functional/SaveUploadTest.php \Drupal\Tests\file\Functional\SaveUploadTest
- 10 core/modules/file/tests/src/Functional/SaveUploadTest.php \Drupal\Tests\file\Functional\SaveUploadTest
Tests the file_save_upload() function.
@group file
Hierarchy
- class \Drupal\Tests\BrowserTestBase extends \PHPUnit\Framework\TestCase uses FunctionalTestSetupTrait, TestSetupTrait, AssertLegacyTrait, BlockCreationTrait, ConfigTestTrait, ContentTypeCreationTrait, NodeCreationTrait, PhpunitCompatibilityTrait, RandomGeneratorTrait, TestRequirementsTrait, UiHelperTrait, UserCreationTrait, XdebugRequestTrait
- class \Drupal\Tests\file\Functional\FileManagedTestBase
- class \Drupal\Tests\file\Functional\SaveUploadTest uses TestFileCreationTrait
- class \Drupal\Tests\file\Functional\FileManagedTestBase
Expanded class hierarchy of SaveUploadTest
File
- core/
modules/ file/ tests/ src/ Functional/ SaveUploadTest.php, line 16
Namespace
Drupal\Tests\file\FunctionalView source
class SaveUploadTest extends FileManagedTestBase {
use TestFileCreationTrait {
getTestFiles as drupalGetTestFiles;
}
/**
* Modules to enable.
*
* @var array
*/
public static $modules = [
'dblog',
];
/**
* {@inheritdoc}
*/
protected $defaultTheme = 'stark';
/**
* An image file path for uploading.
*
* @var \Drupal\file\FileInterface
*/
protected $image;
/**
* A PHP file path for upload security testing.
*
* @var string
*/
protected $phpfile;
/**
* The largest file id when the test starts.
*
* @var int
*/
protected $maxFidBefore;
/**
* Extension of the image filename.
*
* @var string
*/
protected $imageExtension;
protected function setUp() {
parent::setUp();
$account = $this
->drupalCreateUser([
'access site reports',
]);
$this
->drupalLogin($account);
$image_files = $this
->drupalGetTestFiles('image');
$this->image = File::create((array) current($image_files));
list(, $this->imageExtension) = explode('.', $this->image
->getFilename());
$this
->assertFileExists($this->image
->getFileUri());
$this->phpfile = current($this
->drupalGetTestFiles('php'));
$this
->assertFileExists($this->phpfile->uri);
$this->maxFidBefore = (int) \Drupal::entityQueryAggregate('file')
->aggregate('fid', 'max')
->execute()[0]['fid_max'];
// Upload with replace to guarantee there's something there.
$edit = [
'file_test_replace' => FileSystemInterface::EXISTS_REPLACE,
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($this->image
->getFileUri()),
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertRaw(t('You WIN!'), 'Found the success message.');
// Check that the correct hooks were called then clean out the hook
// counters.
$this
->assertFileHooksCalled([
'validate',
'insert',
]);
file_test_reset();
}
/**
* Test the file_save_upload() function.
*/
public function testNormal() {
$max_fid_after = (int) \Drupal::entityQueryAggregate('file')
->aggregate('fid', 'max')
->execute()[0]['fid_max'];
$this
->assertTrue($max_fid_after > $this->maxFidBefore, 'A new file was created.');
$file1 = File::load($max_fid_after);
$this
->assertInstanceOf(File::class, $file1);
// MIME type of the uploaded image may be either image/jpeg or image/png.
$this
->assertEqual(substr($file1
->getMimeType(), 0, 5), 'image', 'A MIME type was set.');
// Reset the hook counters to get rid of the 'load' we just called.
file_test_reset();
// Upload a second file.
$image2 = current($this
->drupalGetTestFiles('image'));
$edit = [
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($image2->uri),
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertRaw(t('You WIN!'));
$max_fid_after = (int) \Drupal::entityQueryAggregate('file')
->aggregate('fid', 'max')
->execute()[0]['fid_max'];
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
'insert',
]);
$file2 = File::load($max_fid_after);
$this
->assertInstanceOf(File::class, $file2);
// MIME type of the uploaded image may be either image/jpeg or image/png.
$this
->assertEqual(substr($file2
->getMimeType(), 0, 5), 'image', 'A MIME type was set.');
// Load both files using File::loadMultiple().
$files = File::loadMultiple([
$file1
->id(),
$file2
->id(),
]);
$this
->assertTrue(isset($files[$file1
->id()]), 'File was loaded successfully');
$this
->assertTrue(isset($files[$file2
->id()]), 'File was loaded successfully');
// Upload a third file to a subdirectory.
$image3 = current($this
->drupalGetTestFiles('image'));
$image3_realpath = \Drupal::service('file_system')
->realpath($image3->uri);
$dir = $this
->randomMachineName();
$edit = [
'files[file_test_upload]' => $image3_realpath,
'file_subdir' => $dir,
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertRaw(t('You WIN!'));
$this
->assertFileExists('temporary://' . $dir . '/' . trim(\Drupal::service('file_system')
->basename($image3_realpath)));
}
/**
* Test uploading a duplicate file.
*/
public function testDuplicate() {
// It should not be possible to create two managed files with the same URI.
$image1 = current($this
->drupalGetTestFiles('image'));
$edit = [
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($image1->uri),
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$max_fid_after = (int) \Drupal::entityQueryAggregate('file')
->aggregate('fid', 'max')
->execute()[0]['fid_max'];
$file1 = File::load($max_fid_after);
// Simulate a race condition where two files are uploaded at almost the same
// time, by removing the first uploaded file from disk (leaving the entry in
// the file_managed table) before trying to upload another file with the
// same name.
unlink(\Drupal::service('file_system')
->realpath($file1
->getFileUri()));
$image2 = $image1;
$edit = [
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($image2->uri),
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
// Received a 200 response for posted test file.
$this
->assertSession()
->statusCodeEquals(200);
$message = t('The file %file already exists. Enter a unique file URI.', [
'%file' => $file1
->getFileUri(),
]);
$this
->assertRaw($message);
$max_fid_before_duplicate = $max_fid_after;
$max_fid_after = (int) \Drupal::entityQueryAggregate('file')
->aggregate('fid', 'max')
->execute()[0]['fid_max'];
$this
->assertEqual($max_fid_before_duplicate, $max_fid_after, 'A new managed file was not created.');
}
/**
* Test extension handling.
*/
public function testHandleExtension() {
// The file being tested is a .gif which is in the default safe list
// of extensions to allow when the extension validator isn't used. This is
// implicitly tested at the testNormal() test. Here we tell
// file_save_upload() to only allow ".foo".
$extensions = 'foo';
$edit = [
'file_test_replace' => FileSystemInterface::EXISTS_REPLACE,
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($this->image
->getFileUri()),
'extensions' => $extensions,
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$message = t('Only files with the following extensions are allowed:') . ' <em class="placeholder">' . $extensions . '</em>';
$this
->assertRaw($message, 'Cannot upload a disallowed extension');
$this
->assertRaw(t('Epic upload FAIL!'), 'Found the failure message.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
]);
// Reset the hook counters.
file_test_reset();
$extensions = 'foo ' . $this->imageExtension;
// Now tell file_save_upload() to allow the extension of our test image.
$edit = [
'file_test_replace' => FileSystemInterface::EXISTS_REPLACE,
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($this->image
->getFileUri()),
'extensions' => $extensions,
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertNoRaw(t('Only files with the following extensions are allowed:'), 'Can upload an allowed extension.');
$this
->assertRaw(t('You WIN!'), 'Found the success message.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
'load',
'update',
]);
// Reset the hook counters.
file_test_reset();
// Now tell file_save_upload() to allow any extension.
$edit = [
'file_test_replace' => FileSystemInterface::EXISTS_REPLACE,
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($this->image
->getFileUri()),
'allow_all_extensions' => 'empty_array',
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertNoRaw(t('Only files with the following extensions are allowed:'), 'Can upload any extension.');
$this
->assertRaw(t('You WIN!'), 'Found the success message.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
'load',
'update',
]);
// Reset the hook counters.
file_test_reset();
// Now tell file_save_upload() to allow any extension and try and upload a
// malicious file.
$edit = [
'file_test_replace' => FileSystemInterface::EXISTS_REPLACE,
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($this->phpfile->uri),
'allow_all_extensions' => 'empty_array',
'is_image_file' => FALSE,
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$message = t('For security reasons, your upload has been renamed to') . ' <em class="placeholder">' . $this->phpfile->filename . '_.txt' . '</em>';
$this
->assertRaw($message, 'Dangerous file was renamed.');
$this
->assertSession()
->pageTextContains('File name is php-2.php_.txt.');
$this
->assertRaw(t('File MIME type is text/plain.'), "Dangerous file's MIME type was changed.");
$this
->assertRaw(t('You WIN!'), 'Found the success message.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
'insert',
]);
}
/**
* Test dangerous file handling.
*/
public function testHandleDangerousFile() {
$config = $this
->config('system.file');
// Allow the .php extension and make sure it gets munged and given a .txt
// extension for safety. Also check to make sure its MIME type was changed.
$edit = [
'file_test_replace' => FileSystemInterface::EXISTS_REPLACE,
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($this->phpfile->uri),
'is_image_file' => FALSE,
'extensions' => 'php',
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$message = t('For security reasons, your upload has been renamed to') . ' <em class="placeholder">' . $this->phpfile->filename . '_.txt' . '</em>';
$this
->assertRaw($message, 'Dangerous file was renamed.');
$this
->assertSession()
->pageTextContains('File name is php-2.php_.txt.');
$this
->assertRaw(t('File MIME type is text/plain.'), "Dangerous file's MIME type was changed.");
$this
->assertRaw(t('You WIN!'), 'Found the success message.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
'insert',
]);
// Ensure dangerous files are not renamed when insecure uploads is TRUE.
// Turn on insecure uploads.
$config
->set('allow_insecure_uploads', 1)
->save();
// Reset the hook counters.
file_test_reset();
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertNoRaw(t('For security reasons, your upload has been renamed'), 'Found no security message.');
$this
->assertSession()
->pageTextContains('File name is php-2.php.');
$this
->assertRaw(t('You WIN!'), 'Found the success message.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
'insert',
]);
// Reset the hook counters.
file_test_reset();
// Even with insecure uploads allowed, the .php file should not be uploaded
// if it is not explicitly included in the list of allowed extensions.
$edit['extensions'] = 'foo';
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$message = t('Only files with the following extensions are allowed:') . ' <em class="placeholder">' . $edit['extensions'] . '</em>';
$this
->assertRaw($message, 'Cannot upload a disallowed extension');
$this
->assertRaw(t('Epic upload FAIL!'), 'Found the failure message.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
]);
// Reset the hook counters.
file_test_reset();
// Turn off insecure uploads, then try the same thing as above (ensure that
// the .php file is still rejected since it's not in the list of allowed
// extensions).
$config
->set('allow_insecure_uploads', 0)
->save();
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$message = t('Only files with the following extensions are allowed:') . ' <em class="placeholder">' . $edit['extensions'] . '</em>';
$this
->assertRaw($message, 'Cannot upload a disallowed extension');
$this
->assertRaw(t('Epic upload FAIL!'), 'Found the failure message.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
]);
// Reset the hook counters.
file_test_reset();
}
/**
* Test file munge handling.
*/
public function testHandleFileMunge() {
// Ensure insecure uploads are disabled for this test.
$this
->config('system.file')
->set('allow_insecure_uploads', 0)
->save();
$original_image_uri = $this->image
->getFileUri();
$this->image = file_move($this->image, $original_image_uri . '.foo.' . $this->imageExtension);
// Reset the hook counters to get rid of the 'move' we just called.
file_test_reset();
$extensions = $this->imageExtension;
$edit = [
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($this->image
->getFileUri()),
'extensions' => $extensions,
];
$munged_filename = $this->image
->getFilename();
$munged_filename = substr($munged_filename, 0, strrpos($munged_filename, '.'));
$munged_filename .= '_.' . $this->imageExtension;
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertRaw(t('For security reasons, your upload has been renamed'), 'Found security message.');
$this
->assertRaw(t('File name is @filename', [
'@filename' => $munged_filename,
]), 'File was successfully munged.');
$this
->assertRaw(t('You WIN!'), 'Found the success message.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
'insert',
]);
// Reset the hook counters.
file_test_reset();
// Ensure we don't munge the .foo extension if it is in the list of allowed
// extensions.
$extensions = 'foo ' . $this->imageExtension;
$edit = [
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($this->image
->getFileUri()),
'extensions' => $extensions,
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertNoRaw(t('For security reasons, your upload has been renamed'), 'Found no security message.');
$this
->assertRaw(t('File name is @filename', [
'@filename' => $this->image
->getFilename(),
]), 'File was not munged when all extensions within it are allowed.');
$this
->assertRaw(t('You WIN!'), 'Found the success message.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
'insert',
]);
// Ensure we don't munge files if we're allowing any extension.
$this->image = file_move($this->image, $original_image_uri . '.foo.txt.' . $this->imageExtension);
// Reset the hook counters.
file_test_reset();
$edit = [
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($this->image
->getFileUri()),
'allow_all_extensions' => 'empty_array',
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertNoRaw(t('For security reasons, your upload has been renamed'), 'Found no security message.');
$this
->assertRaw(t('File name is @filename', [
'@filename' => $this->image
->getFilename(),
]), 'File was not munged when allowing any extension.');
$this
->assertRaw(t('You WIN!'), 'Found the success message.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
'insert',
]);
// Test that a dangerous extension such as .php is munged even if it is in
// the list of allowed extensions.
$this->image = file_move($this->image, $original_image_uri . '.php.' . $this->imageExtension);
// Reset the hook counters.
file_test_reset();
$extensions = 'php ' . $this->imageExtension;
$edit = [
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($this->image
->getFileUri()),
'extensions' => $extensions,
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertRaw(t('For security reasons, your upload has been renamed'), 'Found security message.');
$this
->assertRaw(t('File name is @filename', [
'@filename' => 'image-test.png.php_.png',
]), 'File was successfully munged.');
$this
->assertRaw(t('You WIN!'), 'Found the success message.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
'insert',
]);
// Reset the hook counters.
file_test_reset();
// Dangerous extensions are munged even when all extensions are allowed.
$edit = [
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($this->image
->getFileUri()),
'allow_all_extensions' => 'empty_array',
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertRaw(t('For security reasons, your upload has been renamed'), 'Found security message.');
$this
->assertRaw(t('File name is @filename.', [
'@filename' => 'image-test.png_.php_.png_.txt',
]), 'File was successfully munged.');
$this
->assertRaw(t('You WIN!'), 'Found the success message.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
'insert',
]);
// Dangerous extensions are munged if is renamed to end in .txt.
$this->image = file_move($this->image, $original_image_uri . '.cgi.' . $this->imageExtension . '.txt');
// Reset the hook counters.
file_test_reset();
// Dangerous extensions are munged even when all extensions are allowed.
$edit = [
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($this->image
->getFileUri()),
'allow_all_extensions' => 'empty_array',
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertRaw(t('For security reasons, your upload has been renamed'), 'Found security message.');
$this
->assertRaw(t('File name is @filename.', [
'@filename' => 'image-test.png_.cgi_.png_.txt',
]), 'File was successfully munged.');
$this
->assertRaw(t('You WIN!'), 'Found the success message.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
'insert',
]);
// Reset the hook counters.
file_test_reset();
// Ensure that setting $validators['file_validate_extensions'] = ['']
// rejects all files without munging or renaming.
$edit = [
'files[file_test_upload][]' => \Drupal::service('file_system')
->realpath($this->image
->getFileUri()),
'allow_all_extensions' => 'empty_string',
];
$this
->drupalPostForm('file-test/save_upload_from_form_test', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertNoRaw(t('For security reasons, your upload has been renamed'), 'Found security message.');
$this
->assertRaw(t('Epic upload FAIL!'), 'Found the failure message.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
]);
}
/**
* Test renaming when uploading over a file that already exists.
*/
public function testExistingRename() {
$edit = [
'file_test_replace' => FileSystemInterface::EXISTS_RENAME,
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($this->image
->getFileUri()),
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertRaw(t('You WIN!'), 'Found the success message.');
$this
->assertSession()
->pageTextContains('File name is image-test_0.png.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
'insert',
]);
}
/**
* Test replacement when uploading over a file that already exists.
*/
public function testExistingReplace() {
$edit = [
'file_test_replace' => FileSystemInterface::EXISTS_REPLACE,
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($this->image
->getFileUri()),
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertRaw(t('You WIN!'), 'Found the success message.');
$this
->assertSession()
->pageTextContains('File name is image-test.png.');
// Check that the correct hooks were called.
$this
->assertFileHooksCalled([
'validate',
'load',
'update',
]);
}
/**
* Test for failure when uploading over a file that already exists.
*/
public function testExistingError() {
$edit = [
'file_test_replace' => FileSystemInterface::EXISTS_ERROR,
'files[file_test_upload]' => \Drupal::service('file_system')
->realpath($this->image
->getFileUri()),
];
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertRaw(t('Epic upload FAIL!'), 'Found the failure message.');
// Check that the no hooks were called while failing.
$this
->assertFileHooksCalled([]);
}
/**
* Test for no failures when not uploading a file.
*/
public function testNoUpload() {
$this
->drupalPostForm('file-test/upload', [], t('Submit'));
$this
->assertNoRaw(t('Epic upload FAIL!'), 'Failure message not found.');
}
/**
* Tests for log entry on failing destination.
*/
public function testDrupalMovingUploadedFileError() {
// Create a directory and make it not writable.
$test_directory = 'test_drupal_move_uploaded_file_fail';
/** @var \Drupal\Core\File\FileSystemInterface $file_system */
$file_system = \Drupal::service('file_system');
$file_system
->mkdir('temporary://' . $test_directory, 00);
$this
->assertDirectoryExists('temporary://' . $test_directory);
$edit = [
'file_subdir' => $test_directory,
'files[file_test_upload]' => $file_system
->realpath($this->image
->getFileUri()),
];
\Drupal::state()
->set('file_test.disable_error_collection', TRUE);
$this
->drupalPostForm('file-test/upload', $edit, t('Submit'));
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertRaw(t('File upload error. Could not move uploaded file.'), 'Found the failure message.');
$this
->assertRaw(t('Epic upload FAIL!'), 'Found the failure message.');
// Uploading failed. Now check the log.
$this
->drupalGet('admin/reports/dblog');
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertRaw(t('Upload error. Could not move uploaded file @file to destination @destination.', [
'@file' => $this->image
->getFilename(),
'@destination' => 'temporary://' . $test_directory . '/' . $this->image
->getFilename(),
]), 'Found upload error log entry.');
}
/**
* Tests that filenames containing invalid UTF-8 are rejected.
*/
public function testInvalidUtf8FilenameUpload() {
$this
->drupalGet('file-test/upload');
// Filename containing invalid UTF-8.
$filename = "";
$page = $this
->getSession()
->getPage();
$data = [
'multipart' => [
[
'name' => 'file_test_replace',
'contents' => FileSystemInterface::EXISTS_RENAME,
],
[
'name' => 'form_id',
'contents' => '_file_test_form',
],
[
'name' => 'form_build_id',
'contents' => $page
->find('hidden_field_selector', [
'hidden_field',
'form_build_id',
])
->getAttribute('value'),
],
[
'name' => 'form_token',
'contents' => $page
->find('hidden_field_selector', [
'hidden_field',
'form_token',
])
->getAttribute('value'),
],
[
'name' => 'op',
'contents' => 'Submit',
],
[
'name' => 'files[file_test_upload]',
'contents' => 'Test content',
'filename' => $filename,
],
],
'cookies' => $this
->getSessionCookies(),
'http_errors' => FALSE,
];
$this
->assertFileNotExists('temporary://' . $filename);
// Use Guzzle's HTTP client directly so we can POST files without having to
// write them to disk. Not all filesystem support writing files with invalid
// UTF-8 filenames.
$response = $this
->getHttpClient()
->request('POST', Url::fromUri('base:file-test/upload')
->setAbsolute()
->toString(), $data);
$content = (string) $response
->getBody();
$this
->htmlOutput($content);
$error_text = new FormattableMarkup('The file %filename could not be uploaded because the name is invalid.', [
'%filename' => $filename,
]);
$this
->assertStringContainsString((string) $error_text, $content);
$this
->assertStringContainsString('Epic upload FAIL!', $content);
$this
->assertFileNotExists('temporary://' . $filename);
}
}Members
Name |
Modifiers | Type | Description | Overrides |
|---|---|---|---|---|
|
AssertHelperTrait:: |
protected static | function | Casts MarkupInterface objects into strings. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertTrue() instead. | |
|
AssertLegacyTrait:: |
protected | function | Asserts whether an expected cache tag was present in the last response. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that the element with the given CSS selector is not present. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that the element with the given CSS selector is present. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertEquals() instead. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the raw text IS found escaped on the loaded page, fail otherwise. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field exists with the given name or ID. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field exists with the given ID and value. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field exists with the given name and value. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field exists in the current page by the given XPath. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a checkbox field in the current page is checked. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field exists in the current page with a given Xpath result. | |
|
AssertLegacyTrait:: |
protected | function | Checks that current response header equals value. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertSame() instead. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertEquals() instead. | |
|
AssertLegacyTrait:: |
protected | function | Passes if a link with the specified label is found. | |
|
AssertLegacyTrait:: |
protected | function | Passes if a link containing a given href (part) is found. | |
|
AssertLegacyTrait:: |
protected | function | Asserts whether an expected cache tag was absent in the last response. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the raw text is not found escaped on the loaded page. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field does NOT exist with the given name or ID. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field does not exist with the given ID and value. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field does not exist with the given name and value. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field does not exist or its value does not match, by XPath. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a checkbox field in the current page is not checked. | |
|
AssertLegacyTrait:: |
protected | function | Passes if a link with the specified label is not found. | |
|
AssertLegacyTrait:: |
protected | function | Passes if a link containing a given href (part) is not found. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a select option does NOT exist in the current page. | |
|
AssertLegacyTrait:: |
protected | function | Triggers a pass if the Perl regex pattern is not found in the raw content. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the raw text IS not found on the loaded page, fail otherwise. | 1 |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertNotEquals() instead. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the page (with HTML stripped) does not contains the text. | 1 |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertNotSame() instead. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the text is found MORE THAN ONCE on the text version of the page. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a select option in the current page exists. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a select option with the visible text exists. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a select option in the current page is checked. | |
|
AssertLegacyTrait:: |
protected | function | Triggers a pass if the Perl regex pattern is found in the raw content. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the raw text IS found on the loaded page, fail otherwise. | 1 |
|
AssertLegacyTrait:: |
protected | function | Asserts the page responds with the specified response code. | 1 |
|
AssertLegacyTrait:: |
protected | function | Passes if the page (with HTML stripped) contains the text. | 1 |
|
AssertLegacyTrait:: |
protected | function | Helper for assertText and assertNoText. | |
|
AssertLegacyTrait:: |
protected | function | Pass if the page title is the given string. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the text is found ONLY ONCE on the text version of the page. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the internal browser's URL matches the given path. | |
|
AssertLegacyTrait:: |
protected | function | Builds an XPath query. | |
|
AssertLegacyTrait:: |
protected | function | Helper: Constructs an XPath for the given set of attributes and value. | |
|
AssertLegacyTrait:: |
protected | function | Get all option elements, including nested options, in a select. | |
|
AssertLegacyTrait:: |
protected | function | Gets the current raw content. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertTrue() instead. | |
|
AssertLegacyTrait:: |
protected | function | ||
|
BlockCreationTrait:: |
protected | function | Creates a block instance based on default settings. Aliased as: drupalPlaceBlock | |
|
BrowserHtmlDebugTrait:: |
protected | property | The Base URI to use for links to the output files. | |
|
BrowserHtmlDebugTrait:: |
protected | property | Class name for HTML output logging. | |
|
BrowserHtmlDebugTrait:: |
protected | property | Counter for HTML output logging. | |
|
BrowserHtmlDebugTrait:: |
protected | property | Counter storage for HTML output logging. | |
|
BrowserHtmlDebugTrait:: |
protected | property | Directory name for HTML output logging. | |
|
BrowserHtmlDebugTrait:: |
protected | property | HTML output output enabled. | |
|
BrowserHtmlDebugTrait:: |
protected | property | The file name to write the list of URLs to. | |
|
BrowserHtmlDebugTrait:: |
protected | property | HTML output test ID. | |
|
BrowserHtmlDebugTrait:: |
protected | function | Formats HTTP headers as string for HTML output logging. | |
|
BrowserHtmlDebugTrait:: |
protected | function | Returns headers in HTML output format. | 1 |
|
BrowserHtmlDebugTrait:: |
protected | function | Logs a HTML output message in a text file. | |
|
BrowserHtmlDebugTrait:: |
protected | function | Creates the directory to store browser output. | |
|
BrowserTestBase:: |
protected | property | The base URL. | |
|
BrowserTestBase:: |
protected | property | The config importer that can be used in a test. | |
|
BrowserTestBase:: |
protected | property | An array of custom translations suitable for drupal_rewrite_settings(). | |
|
BrowserTestBase:: |
protected | property | The database prefix of this test run. | |
|
BrowserTestBase:: |
protected | property | Mink session manager. | |
|
BrowserTestBase:: |
protected | property | ||
|
BrowserTestBase:: |
protected | property | 1 | |
|
BrowserTestBase:: |
protected | property | The original container. | |
|
BrowserTestBase:: |
protected | property | The original array of shutdown function callbacks. | |
|
BrowserTestBase:: |
protected | property | ||
|
BrowserTestBase:: |
protected | property | The profile to install as a basis for testing. | 39 |
|
BrowserTestBase:: |
protected | property | The app root. | |
|
BrowserTestBase:: |
protected | property | Browser tests are run in separate processes to prevent collisions between code that may be loaded by tests. | |
|
BrowserTestBase:: |
protected | property | Time limit in seconds for the test. | |
|
BrowserTestBase:: |
protected | property | The translation file directory for the test environment. | |
|
BrowserTestBase:: |
protected | function | Clean up the Simpletest environment. | |
|
BrowserTestBase:: |
protected | function | Configuration accessor for tests. Returns non-overridden configuration. | |
|
BrowserTestBase:: |
protected | function | Translates a CSS expression to its XPath equivalent. | |
|
BrowserTestBase:: |
protected | function | Gets the value of an HTTP response header. | |
|
BrowserTestBase:: |
protected | function | Returns all response headers. | |
|
BrowserTestBase:: |
public static | function | Ensures test files are deletable. | |
|
BrowserTestBase:: |
protected | function | Gets an instance of the default Mink driver. | |
|
BrowserTestBase:: |
protected | function | Gets the JavaScript drupalSettings variable for the currently-loaded page. | 1 |
|
BrowserTestBase:: |
protected | function | Obtain the HTTP client for the system under test. | |
|
BrowserTestBase:: |
protected | function | Get the Mink driver args from an environment variable, if it is set. Can be overridden in a derived class so it is possible to use a different value for a subset of tests, e.g. the JavaScript tests. | 1 |
|
BrowserTestBase:: |
protected | function | Helper function to get the options of select field. | |
|
BrowserTestBase:: |
protected | function |
Provides a Guzzle middleware handler to log every response received. Overrides BrowserHtmlDebugTrait:: |
|
|
BrowserTestBase:: |
public | function | Returns Mink session. | |
|
BrowserTestBase:: |
protected | function | Get session cookies from current session. | |
|
BrowserTestBase:: |
protected | function |
Retrieves the current calling line in the class under test. Overrides BrowserHtmlDebugTrait:: |
|
|
BrowserTestBase:: |
protected | function | Visits the front page when initializing Mink. | 3 |
|
BrowserTestBase:: |
protected | function | Initializes Mink sessions. | 1 |
|
BrowserTestBase:: |
public | function | Installs Drupal into the Simpletest site. | 1 |
|
BrowserTestBase:: |
protected | function | Registers additional Mink sessions. | |
|
BrowserTestBase:: |
protected | function | 3 | |
|
BrowserTestBase:: |
protected | function | Transforms a nested array into a flat array suitable for drupalPostForm(). | |
|
BrowserTestBase:: |
protected | function | Performs an xpath search on the contents of the internal browser. | |
|
BrowserTestBase:: |
public | function | 1 | |
|
BrowserTestBase:: |
public | function | Prevents serializing any properties. | |
|
ConfigTestTrait:: |
protected | function | Returns a ConfigImporter object to import test configuration. | |
|
ConfigTestTrait:: |
protected | function | Copies configuration objects from source storage to target storage. | |
|
ContentTypeCreationTrait:: |
protected | function | Creates a custom content type based on default settings. Aliased as: drupalCreateContentType | 1 |
|
FileManagedTestBase:: |
public | function | Asserts that two files are not the same by comparing the fid and filepath. | |
|
FileManagedTestBase:: |
public | function | Assert that a hook_file_* hook was called a certain number of times. | |
|
FileManagedTestBase:: |
public | function | Assert that all of the specified hook_file_* hooks were called once, other values result in failure. | |
|
FileManagedTestBase:: |
public | function | Asserts that two files have the same values (except timestamp). | |
|
FileManagedTestBase:: |
public | function | Asserts that two files are the same by comparing the fid and filepath. | |
|
FileManagedTestBase:: |
public | function | Create a file and save it to the files table and assert that it occurs correctly. | |
|
FileManagedTestBase:: |
public | function | Creates a file and returns its URI. | |
|
FunctionalTestSetupTrait:: |
protected | property | The flag to set 'apcu_ensure_unique_prefix' setting. | 1 |
|
FunctionalTestSetupTrait:: |
protected | property | The class loader to use for installation and initialization of setup. | |
|
FunctionalTestSetupTrait:: |
protected | property | The config directories used in this test. | |
|
FunctionalTestSetupTrait:: |
protected | property | The "#1" admin user. | |
|
FunctionalTestSetupTrait:: |
protected | function | Execute the non-interactive installer. | 1 |
|
FunctionalTestSetupTrait:: |
protected | function | Returns all supported database driver installer objects. | |
|
FunctionalTestSetupTrait:: |
protected | function | Initialize various configurations post-installation. | 2 |
|
FunctionalTestSetupTrait:: |
protected | function | Initializes the kernel after installation. | |
|
FunctionalTestSetupTrait:: |
protected | function | Initialize settings created during install. | |
|
FunctionalTestSetupTrait:: |
protected | function | Initializes user 1 for the site to be installed. | |
|
FunctionalTestSetupTrait:: |
protected | function | Installs the default theme defined by `static::$defaultTheme` when needed. | |
|
FunctionalTestSetupTrait:: |
protected | function | Install modules defined by `static::$modules`. | 1 |
|
FunctionalTestSetupTrait:: |
protected | function | Returns the parameters that will be used when Simpletest installs Drupal. | 9 |
|
FunctionalTestSetupTrait:: |
protected | function | Prepares the current environment for running the test. | 23 |
|
FunctionalTestSetupTrait:: |
protected | function | Creates a mock request and sets it on the generator. | |
|
FunctionalTestSetupTrait:: |
protected | function | Prepares site settings and services before installation. | 2 |
|
FunctionalTestSetupTrait:: |
protected | function | Resets and rebuilds the environment after setup. | |
|
FunctionalTestSetupTrait:: |
protected | function | Rebuilds \Drupal::getContainer(). | |
|
FunctionalTestSetupTrait:: |
protected | function | Resets all data structures after having enabled new modules. | |
|
FunctionalTestSetupTrait:: |
protected | function | Changes parameters in the services.yml file. | |
|
FunctionalTestSetupTrait:: |
protected | function | Sets up the base URL based upon the environment variable. | |
|
FunctionalTestSetupTrait:: |
protected | function | Rewrites the settings.php file of the test site. | |
|
NodeCreationTrait:: |
protected | function | Creates a node based on default settings. Aliased as: drupalCreateNode | |
|
NodeCreationTrait:: |
public | function | Get a node from the database based on its title. Aliased as: drupalGetNodeByTitle | |
|
PhpunitCompatibilityTrait:: |
public | function | Returns a mock object for the specified class using the available method. | |
|
PhpunitCompatibilityTrait:: |
public | function | Compatibility layer for PHPUnit 6 to support PHPUnit 4 code. | |
|
RandomGeneratorTrait:: |
protected | property | The random generator. | |
|
RandomGeneratorTrait:: |
protected | function | Gets the random generator for the utility methods. | |
|
RandomGeneratorTrait:: |
protected | function | Generates a unique random string containing letters and numbers. | 1 |
|
RandomGeneratorTrait:: |
public | function | Generates a random PHP object. | |
|
RandomGeneratorTrait:: |
public | function | Generates a pseudo-random string of ASCII characters of codes 32 to 126. | |
|
RandomGeneratorTrait:: |
public | function | Callback for random string validation. | |
|
RefreshVariablesTrait:: |
protected | function | Refreshes in-memory configuration and state information. | 3 |
|
SaveUploadTest:: |
protected | property |
The theme to install as the default for testing. Overrides BrowserTestBase:: |
1 |
|
SaveUploadTest:: |
protected | property | An image file path for uploading. | |
|
SaveUploadTest:: |
protected | property | Extension of the image filename. | |
|
SaveUploadTest:: |
protected | property | The largest file id when the test starts. | |
|
SaveUploadTest:: |
public static | property |
Modules to enable. Overrides FileManagedTestBase:: |
1 |
|
SaveUploadTest:: |
protected | property | A PHP file path for upload security testing. | |
|
SaveUploadTest:: |
protected | function |
Overrides FileManagedTestBase:: |
1 |
|
SaveUploadTest:: |
public | function | Tests for log entry on failing destination. | |
|
SaveUploadTest:: |
public | function | Test uploading a duplicate file. | |
|
SaveUploadTest:: |
public | function | Test for failure when uploading over a file that already exists. | |
|
SaveUploadTest:: |
public | function | Test renaming when uploading over a file that already exists. | |
|
SaveUploadTest:: |
public | function | Test replacement when uploading over a file that already exists. | |
|
SaveUploadTest:: |
public | function | Test dangerous file handling. | |
|
SaveUploadTest:: |
public | function | Test extension handling. | |
|
SaveUploadTest:: |
public | function | Test file munge handling. | |
|
SaveUploadTest:: |
public | function | Tests that filenames containing invalid UTF-8 are rejected. | |
|
SaveUploadTest:: |
public | function | Test the file_save_upload() function. | |
|
SaveUploadTest:: |
public | function | Test for no failures when not uploading a file. | |
|
SessionTestTrait:: |
protected | property | The name of the session cookie. | |
|
SessionTestTrait:: |
protected | function | Generates a session cookie name. | |
|
SessionTestTrait:: |
protected | function | Returns the session name in use on the child site. | |
|
StorageCopyTrait:: |
protected static | function | Copy the configuration from one storage to another and remove stale items. | |
|
TestFileCreationTrait:: |
protected | property | Whether the files were copied to the test files directory. | |
|
TestFileCreationTrait:: |
protected | function | Compares two files based on size and file name. | |
|
TestFileCreationTrait:: |
public static | function | Generates a test file. | |
|
TestFileCreationTrait:: |
protected | function | Gets a list of files that can be used in tests. Aliased as: drupalGetTestFiles | |
|
TestRequirementsTrait:: |
private | function | Checks missing module requirements. | |
|
TestRequirementsTrait:: |
protected | function | Check module requirements for the Drupal use case. | 1 |
|
TestRequirementsTrait:: |
protected static | function | Returns the Drupal root directory. | |
|
TestSetupTrait:: |
protected static | property | An array of config object names that are excluded from schema checking. | |
|
TestSetupTrait:: |
protected | property | The dependency injection container used in the test. | |
|
TestSetupTrait:: |
protected | property | The DrupalKernel instance used in the test. | |
|
TestSetupTrait:: |
protected | property | The site directory of the original parent site. | |
|
TestSetupTrait:: |
protected | property | The private file directory for the test environment. | |
|
TestSetupTrait:: |
protected | property | The public file directory for the test environment. | |
|
TestSetupTrait:: |
protected | property | The site directory of this test run. | |
|
TestSetupTrait:: |
protected | property | Set to TRUE to strict check all configuration saved. | 2 |
|
TestSetupTrait:: |
protected | property | The temporary file directory for the test environment. | |
|
TestSetupTrait:: |
protected | property | The test run ID. | |
|
TestSetupTrait:: |
protected | function | Changes the database connection to the prefixed one. | |
|
TestSetupTrait:: |
protected | function | Gets the config schema exclusions for this test. | |
|
TestSetupTrait:: |
public static | function | Returns the database connection to the site running Simpletest. | |
|
TestSetupTrait:: |
protected | function | Generates a database prefix for running tests. | 2 |
|
UiHelperTrait:: |
protected | property | The current user logged in using the Mink controlled browser. | |
|
UiHelperTrait:: |
protected | property | The number of meta refresh redirects to follow, or NULL if unlimited. | |
|
UiHelperTrait:: |
protected | property | The number of meta refresh redirects followed during ::drupalGet(). | |
|
UiHelperTrait:: |
public | function | Returns WebAssert object. | 1 |
|
UiHelperTrait:: |
protected | function | Builds an a absolute URL from a system path or a URL object. | |
|
UiHelperTrait:: |
protected | function | Checks for meta refresh tag and if found call drupalGet() recursively. | |
|
UiHelperTrait:: |
protected | function | Clicks the element with the given CSS selector. | |
|
UiHelperTrait:: |
protected | function | Follows a link by complete name. | |
|
UiHelperTrait:: |
protected | function | Searches elements using a CSS selector in the raw content. | |
|
UiHelperTrait:: |
protected | function | Retrieves a Drupal path or an absolute path. | 3 |
|
UiHelperTrait:: |
protected | function | Logs in a user using the Mink controlled browser. | |
|
UiHelperTrait:: |
protected | function | Logs a user out of the Mink controlled browser and confirms. | |
|
UiHelperTrait:: |
protected | function | Executes a form submission. | |
|
UiHelperTrait:: |
protected | function | Returns whether a given user account is logged in. | |
|
UiHelperTrait:: |
protected | function | Takes a path and returns an absolute path. | |
|
UiHelperTrait:: |
protected | function | Retrieves the plain-text content from the current page. | |
|
UiHelperTrait:: |
protected | function | Get the current URL from the browser. | |
|
UiHelperTrait:: |
protected | function | Prepare for a request to testing site. | 1 |
|
UiHelperTrait:: |
protected | function | Fills and submits a form. | |
|
UserCreationTrait:: |
protected | function | Checks whether a given list of permission names is valid. | |
|
UserCreationTrait:: |
protected | function | Creates an administrative role. | |
|
UserCreationTrait:: |
protected | function | Creates a role with specified permissions. Aliased as: drupalCreateRole | |
|
UserCreationTrait:: |
protected | function | Create a user with a given set of permissions. Aliased as: drupalCreateUser | |
|
UserCreationTrait:: |
protected | function | Grant permissions to a user role. | |
|
UserCreationTrait:: |
protected | function | Switch the current logged in user. | |
|
UserCreationTrait:: |
protected | function | Creates a random user account and sets it as current user. | |
|
XdebugRequestTrait:: |
protected | function | Adds xdebug cookies, from request setup. |