You are here

public function FilterAdminTest::testFilterAdmin in Drupal 9

Same name and namespace in other branches
  1. 8 core/modules/filter/tests/src/Functional/FilterAdminTest.php \Drupal\Tests\filter\Functional\FilterAdminTest::testFilterAdmin()
  2. 10 core/modules/filter/tests/src/Functional/FilterAdminTest.php \Drupal\Tests\filter\Functional\FilterAdminTest::testFilterAdmin()

Tests filter administration functionality.

File

core/modules/filter/tests/src/Functional/FilterAdminTest.php, line 197

Class

FilterAdminTest
Thoroughly test the administrative interface of the filter module.

Namespace

Drupal\Tests\filter\Functional

Code

public function testFilterAdmin() {
  $first_filter = 'filter_autop';
  $second_filter = 'filter_url';
  $basic = 'basic_html';
  $restricted = 'restricted_html';
  $full = 'full_html';
  $plain = 'plain_text';

  // Check that the fallback format exists and cannot be disabled.
  $this
    ->assertSame($plain, filter_fallback_format(), 'The fallback format is set to plain text.');
  $this
    ->drupalGet('admin/config/content/formats');
  $this
    ->assertSession()
    ->responseNotContains('admin/config/content/formats/manage/' . $plain . '/disable');
  $this
    ->drupalGet('admin/config/content/formats/manage/' . $plain . '/disable');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Verify access permissions to Full HTML format.
  $full_format = FilterFormat::load($full);
  $this
    ->assertTrue($full_format
    ->access('use', $this->adminUser), 'Admin user may use Full HTML.');
  $this
    ->assertFalse($full_format
    ->access('use', $this->webUser), 'Web user may not use Full HTML.');

  // Add an additional tag and extra spaces and returns.
  $edit = [];
  $edit['filters[filter_html][settings][allowed_html]'] = "<a>   <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>\r\n<quote>";
  $this
    ->drupalGet('admin/config/content/formats/manage/' . $restricted);
  $this
    ->submitForm($edit, 'Save configuration');
  $this
    ->assertSession()
    ->addressEquals('admin/config/content/formats/manage/' . $restricted);
  $this
    ->drupalGet('admin/config/content/formats/manage/' . $restricted);

  // Check that the allowed HTML tag was added and the string reformatted.
  $this
    ->assertSession()
    ->fieldValueEquals('filters[filter_html][settings][allowed_html]', "<a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <quote>");
  $elements = $this
    ->xpath('//select[@name=:first]/following::select[@name=:second]', [
    ':first' => 'filters[' . $first_filter . '][weight]',
    ':second' => 'filters[' . $second_filter . '][weight]',
  ]);
  $this
    ->assertNotEmpty($elements, 'Order confirmed in admin interface.');

  // Reorder filters.
  $edit = [];
  $edit['filters[' . $second_filter . '][weight]'] = 1;
  $edit['filters[' . $first_filter . '][weight]'] = 2;
  $this
    ->submitForm($edit, 'Save configuration');
  $this
    ->assertSession()
    ->addressEquals('admin/config/content/formats/manage/' . $restricted);
  $this
    ->drupalGet('admin/config/content/formats/manage/' . $restricted);
  $this
    ->assertSession()
    ->fieldValueEquals('filters[' . $second_filter . '][weight]', 1);
  $this
    ->assertSession()
    ->fieldValueEquals('filters[' . $first_filter . '][weight]', 2);
  $elements = $this
    ->xpath('//select[@name=:first]/following::select[@name=:second]', [
    ':first' => 'filters[' . $second_filter . '][weight]',
    ':second' => 'filters[' . $first_filter . '][weight]',
  ]);
  $this
    ->assertNotEmpty($elements, 'Reorder confirmed in admin interface.');
  $filter_format = FilterFormat::load($restricted);
  foreach ($filter_format
    ->filters() as $filter_name => $filter) {
    if ($filter_name == $second_filter || $filter_name == $first_filter) {
      $filters[] = $filter_name;
    }
  }

  // Ensure that the second filter is now before the first filter.
  $this
    ->assertEquals($filter_format
    ->filters($second_filter)->weight + 1, $filter_format
    ->filters($first_filter)->weight, 'Order confirmed in configuration.');

  // Add format.
  $edit = [];
  $edit['format'] = mb_strtolower($this
    ->randomMachineName());
  $edit['name'] = $this
    ->randomMachineName();
  $edit['roles[' . RoleInterface::AUTHENTICATED_ID . ']'] = 1;
  $edit['filters[' . $second_filter . '][status]'] = TRUE;
  $edit['filters[' . $first_filter . '][status]'] = TRUE;
  $this
    ->drupalGet('admin/config/content/formats/add');
  $this
    ->submitForm($edit, 'Save configuration');
  $this
    ->assertSession()
    ->addressEquals('admin/config/content/formats');
  $this
    ->assertSession()
    ->pageTextContains("Added text format {$edit['name']}.");
  filter_formats_reset();
  $format = FilterFormat::load($edit['format']);
  $this
    ->assertNotNull($format, 'Format found in database.');
  $this
    ->drupalGet('admin/config/content/formats/manage/' . $format
    ->id());
  $this
    ->assertSession()
    ->checkboxChecked('roles[' . RoleInterface::AUTHENTICATED_ID . ']');
  $this
    ->assertSession()
    ->checkboxChecked('filters[' . $second_filter . '][status]');
  $this
    ->assertSession()
    ->checkboxChecked('filters[' . $first_filter . '][status]');

  /** @var \Drupal\user\Entity\Role $role */
  \Drupal::entityTypeManager()
    ->getStorage('user_role')
    ->resetCache([
    RoleInterface::AUTHENTICATED_ID,
  ]);
  $role = Role::load(RoleInterface::AUTHENTICATED_ID);
  $this
    ->assertTrue($role
    ->hasPermission($format
    ->getPermissionName()), 'The authenticated role has permission to use the filter.');

  // Disable new filter.
  $this
    ->drupalGet('admin/config/content/formats/manage/' . $format
    ->id() . '/disable');
  $this
    ->submitForm([], 'Disable');
  $this
    ->assertSession()
    ->addressEquals('admin/config/content/formats');
  $this
    ->assertSession()
    ->pageTextContains("Disabled text format {$edit['name']}.");
  \Drupal::entityTypeManager()
    ->getStorage('user_role')
    ->resetCache([
    RoleInterface::AUTHENTICATED_ID,
  ]);
  $role = Role::load(RoleInterface::AUTHENTICATED_ID);
  $this
    ->assertFalse($role
    ->hasPermission($format
    ->getPermissionName()), 'The filter permission has been removed from the authenticated role');

  // Allow authenticated users on full HTML.
  $format = FilterFormat::load($full);
  $edit = [];
  $edit['roles[' . RoleInterface::ANONYMOUS_ID . ']'] = 0;
  $edit['roles[' . RoleInterface::AUTHENTICATED_ID . ']'] = 1;
  $this
    ->drupalGet('admin/config/content/formats/manage/' . $full);
  $this
    ->submitForm($edit, 'Save configuration');
  $this
    ->assertSession()
    ->addressEquals('admin/config/content/formats/manage/' . $full);
  $this
    ->assertSession()
    ->pageTextContains("The text format {$format->label()} has been updated.");

  // Switch user.
  $this
    ->drupalLogin($this->webUser);
  $this
    ->drupalGet('node/add/page');
  $this
    ->assertSession()
    ->responseContains('<option value="' . $full . '">Full HTML</option>');

  // Use basic HTML and see if it removes tags that are not allowed.
  $body = '<em>' . $this
    ->randomMachineName() . '</em>';
  $extra_text = 'text';
  $text = $body . '<random>' . $extra_text . '</random>';
  $edit = [];
  $edit['title[0][value]'] = $this
    ->randomMachineName();
  $edit['body[0][value]'] = $text;
  $edit['body[0][format]'] = $basic;
  $this
    ->drupalGet('node/add/page');
  $this
    ->submitForm($edit, 'Save');
  $this
    ->assertSession()
    ->pageTextContains('Basic page ' . $edit['title[0][value]'] . ' has been created.');

  // Verify that the creation message contains a link to a node.
  $this
    ->assertSession()
    ->elementExists('xpath', '//div[contains(@class, "messages")]//a[contains(@href, "node/")]');
  $node = $this
    ->drupalGetNodeByTitle($edit['title[0][value]']);
  $this
    ->assertNotEmpty($node, 'Node found in database.');
  $this
    ->drupalGet('node/' . $node
    ->id());

  // Check that filter removed invalid tag.
  $this
    ->assertSession()
    ->responseContains($body . $extra_text);

  // Use plain text and see if it escapes all tags, whether allowed or not.
  // In order to test plain text, we have to enable the hidden variable for
  // "show_fallback_format", which displays plain text in the format list.
  $this
    ->config('filter.settings')
    ->set('always_show_fallback_choice', TRUE)
    ->save();
  $edit = [];
  $edit['body[0][format]'] = $plain;
  $this
    ->drupalGet('node/' . $node
    ->id() . '/edit');
  $this
    ->submitForm($edit, 'Save');
  $this
    ->drupalGet('node/' . $node
    ->id());
  $this
    ->assertSession()
    ->assertEscaped($text);
  $this
    ->config('filter.settings')
    ->set('always_show_fallback_choice', FALSE)
    ->save();

  // Switch user.
  $this
    ->drupalLogin($this->adminUser);

  // Clean up.
  // Allowed tags.
  $edit = [];
  $edit['filters[filter_html][settings][allowed_html]'] = '<a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>';
  $this
    ->drupalGet('admin/config/content/formats/manage/' . $basic);
  $this
    ->submitForm($edit, 'Save configuration');
  $this
    ->assertSession()
    ->addressEquals('admin/config/content/formats/manage/' . $basic);
  $this
    ->drupalGet('admin/config/content/formats/manage/' . $basic);
  $this
    ->assertSession()
    ->fieldValueEquals('filters[filter_html][settings][allowed_html]', $edit['filters[filter_html][settings][allowed_html]']);

  // Full HTML.
  $edit = [];
  $edit['roles[' . RoleInterface::AUTHENTICATED_ID . ']'] = FALSE;
  $this
    ->drupalGet('admin/config/content/formats/manage/' . $full);
  $this
    ->submitForm($edit, 'Save configuration');
  $this
    ->assertSession()
    ->addressEquals('admin/config/content/formats/manage/' . $full);
  $this
    ->assertSession()
    ->pageTextContains("The text format {$format->label()} has been updated.");
  $this
    ->drupalGet('admin/config/content/formats/manage/' . $full);
  $this
    ->assertSession()
    ->fieldValueEquals('roles[' . RoleInterface::AUTHENTICATED_ID . ']', $edit['roles[' . RoleInterface::AUTHENTICATED_ID . ']']);

  // Filter order.
  $edit = [];
  $edit['filters[' . $second_filter . '][weight]'] = 2;
  $edit['filters[' . $first_filter . '][weight]'] = 1;
  $this
    ->drupalGet('admin/config/content/formats/manage/' . $basic);
  $this
    ->submitForm($edit, 'Save configuration');
  $this
    ->assertSession()
    ->addressEquals('admin/config/content/formats/manage/' . $basic);
  $this
    ->drupalGet('admin/config/content/formats/manage/' . $basic);
  $this
    ->assertSession()
    ->fieldValueEquals('filters[' . $second_filter . '][weight]', $edit['filters[' . $second_filter . '][weight]']);
  $this
    ->assertSession()
    ->fieldValueEquals('filters[' . $first_filter . '][weight]', $edit['filters[' . $first_filter . '][weight]']);
}