public function SitesDirectoryHardeningTest::testSitesDirectoryHardening in Drupal 10
Same name and namespace in other branches
- 8 core/modules/system/tests/src/Functional/System/SitesDirectoryHardeningTest.php \Drupal\Tests\system\Functional\System\SitesDirectoryHardeningTest::testSitesDirectoryHardening()
- 9 core/modules/system/tests/src/Functional/System/SitesDirectoryHardeningTest.php \Drupal\Tests\system\Functional\System\SitesDirectoryHardeningTest::testSitesDirectoryHardening()
Tests the default behavior to restrict directory permissions is enforced.
Checks both the current sites directory and settings.php.
File
- core/
modules/ system/ tests/ src/ Functional/ System/ SitesDirectoryHardeningTest.php, line 28
Class
- SitesDirectoryHardeningTest
- Tests Drupal permissions hardening of /sites subdirectories.
Namespace
Drupal\Tests\system\Functional\SystemCode
public function testSitesDirectoryHardening() {
$site_path = $this->kernel
->getSitePath();
$settings_file = $this
->settingsFile($site_path);
// First, we check based on what the initial install has set.
$this
->assertTrue(drupal_verify_install_file($site_path, FILE_NOT_WRITABLE, 'dir'), new FormattableMarkup('Verified permissions for @file.', [
'@file' => $site_path,
]));
// We intentionally don't check for settings.local.php as that file is
// not created by Drupal.
$this
->assertTrue(drupal_verify_install_file($settings_file, FILE_EXIST | FILE_READABLE | FILE_NOT_WRITABLE), new FormattableMarkup('Verified permissions for @file.', [
'@file' => $settings_file,
]));
$this
->makeWritable($site_path);
$this
->checkSystemRequirements();
$this
->assertTrue(drupal_verify_install_file($site_path, FILE_NOT_WRITABLE, 'dir'), new FormattableMarkup('Verified permissions for @file after manual permissions change.', [
'@file' => $site_path,
]));
$this
->assertTrue(drupal_verify_install_file($settings_file, FILE_EXIST | FILE_READABLE | FILE_NOT_WRITABLE), new FormattableMarkup('Verified permissions for @file after manual permissions change.', [
'@file' => $settings_file,
]));
}