class UserPasswordResetTest in Drupal 8
Same name in this branch
- 8 core/modules/user/tests/src/Functional/UserPasswordResetTest.php \Drupal\Tests\user\Functional\UserPasswordResetTest
- 8 core/modules/user/tests/src/FunctionalJavascript/UserPasswordResetTest.php \Drupal\Tests\user\FunctionalJavascript\UserPasswordResetTest
Same name and namespace in other branches
- 9 core/modules/user/tests/src/Functional/UserPasswordResetTest.php \Drupal\Tests\user\Functional\UserPasswordResetTest
Ensure that password reset methods work as expected.
@group user
Hierarchy
- class \Drupal\Tests\BrowserTestBase extends \PHPUnit\Framework\TestCase uses FunctionalTestSetupTrait, TestSetupTrait, AssertLegacyTrait, BlockCreationTrait, ConfigTestTrait, ContentTypeCreationTrait, NodeCreationTrait, PhpunitCompatibilityTrait, RandomGeneratorTrait, TestRequirementsTrait, UiHelperTrait, UserCreationTrait, XdebugRequestTrait
- class \Drupal\Tests\user\Functional\UserPasswordResetTest uses AssertMailTrait
Expanded class hierarchy of UserPasswordResetTest
File
- core/
modules/ user/ tests/ src/ Functional/ UserPasswordResetTest.php, line 17
Namespace
Drupal\Tests\user\FunctionalView source
class UserPasswordResetTest extends BrowserTestBase {
use AssertMailTrait {
getMails as drupalGetMails;
}
/**
* The user object to test password resetting.
*
* @var \Drupal\user\UserInterface
*/
protected $account;
/**
* Modules to enable.
*
* @var array
*/
public static $modules = [
'block',
];
/**
* {@inheritdoc}
*/
protected $defaultTheme = 'stark';
/**
* {@inheritdoc}
*/
protected function setUp() {
parent::setUp();
// Enable page caching.
$config = $this
->config('system.performance');
$config
->set('cache.page.max_age', 3600);
$config
->save();
$this
->drupalPlaceBlock('system_menu_block:account');
// Create a user.
$account = $this
->drupalCreateUser();
// Activate user by logging in.
$this
->drupalLogin($account);
$this->account = User::load($account
->id());
$this->account->passRaw = $account->passRaw;
$this
->drupalLogout();
// Set the last login time that is used to generate the one-time link so
// that it is definitely over a second ago.
$account->login = REQUEST_TIME - mt_rand(10, 100000);
Database::getConnection()
->update('users_field_data')
->fields([
'login' => $account
->getLastLoginTime(),
])
->condition('uid', $account
->id())
->execute();
}
/**
* Tests password reset functionality.
*/
public function testUserPasswordReset() {
// Verify that accessing the password reset form without having the session
// variables set results in an access denied message.
$this
->drupalGet(Url::fromRoute('user.reset.form', [
'uid' => $this->account
->id(),
]));
$this
->assertSession()
->statusCodeEquals(403);
// Try to reset the password for an invalid account.
$this
->drupalGet('user/password');
$edit = [
'name' => $this
->randomMachineName(),
];
$this
->drupalPostForm(NULL, $edit, t('Submit'));
$this
->assertNoValidPasswordReset($edit['name']);
// Reset the password by username via the password reset page.
$this
->drupalGet('user/password');
$edit = [
'name' => $this->account
->getAccountName(),
];
$this
->drupalPostForm(NULL, $edit, t('Submit'));
$this
->assertValidPasswordReset($edit['name']);
$resetURL = $this
->getResetURL();
$this
->drupalGet($resetURL);
// Ensure that the current url does not contain the hash and timestamp.
$this
->assertUrl(Url::fromRoute('user.reset.form', [
'uid' => $this->account
->id(),
]));
$this
->assertNull($this
->drupalGetHeader('X-Drupal-Cache'));
// Ensure the password reset URL is not cached.
$this
->drupalGet($resetURL);
$this
->assertNull($this
->drupalGetHeader('X-Drupal-Cache'));
// Check the one-time login page.
$this
->assertText($this->account
->getAccountName(), 'One-time login page contains the correct username.');
$this
->assertText(t('This login can be used only once.'), 'Found warning about one-time login.');
$this
->assertTitle('Reset password | Drupal');
// Check successful login.
$this
->drupalPostForm(NULL, NULL, t('Log in'));
$this
->assertSession()
->linkExists(t('Log out'));
$this
->assertTitle($this->account
->getAccountName() . ' | Drupal');
// Change the forgotten password.
$password = user_password();
$edit = [
'pass[pass1]' => $password,
'pass[pass2]' => $password,
];
$this
->drupalPostForm(NULL, $edit, t('Save'));
$this
->assertText(t('The changes have been saved.'), 'Forgotten password changed.');
// Verify that the password reset session has been destroyed.
$this
->drupalPostForm(NULL, $edit, t('Save'));
$this
->assertText(t("Your current password is missing or incorrect; it's required to change the Password."), 'Password needed to make profile changes.');
// Log out, and try to log in again using the same one-time link.
$this
->drupalLogout();
$this
->drupalGet($resetURL);
$this
->drupalPostForm(NULL, NULL, t('Log in'));
$this
->assertText(t('You have tried to use a one-time login link that has either been used or is no longer valid. Please request a new one using the form below.'), 'One-time link is no longer valid.');
// Request a new password again, this time using the email address.
// Count email messages before to compare with after.
$before = count($this
->drupalGetMails([
'id' => 'user_password_reset',
]));
$this
->drupalGet('user/password');
$edit = [
'name' => $this->account
->getEmail(),
];
$this
->drupalPostForm(NULL, $edit, t('Submit'));
$this
->assertValidPasswordReset($edit['name']);
$this
->assertCount($before + 1, $this
->drupalGetMails([
'id' => 'user_password_reset',
]), 'Email sent when requesting password reset using email address.');
// Visit the user edit page without pass-reset-token and make sure it does
// not cause an error.
$resetURL = $this
->getResetURL();
$this
->drupalGet($resetURL);
$this
->drupalPostForm(NULL, NULL, t('Log in'));
$this
->drupalGet('user/' . $this->account
->id() . '/edit');
$this
->assertNoText('Expected user_string to be a string, NULL given');
$this
->drupalLogout();
// Create a password reset link as if the request time was 60 seconds older than the allowed limit.
$timeout = $this
->config('user.settings')
->get('password_reset_timeout');
$bogus_timestamp = REQUEST_TIME - $timeout - 60;
$_uid = $this->account
->id();
$this
->drupalGet("user/reset/{$_uid}/{$bogus_timestamp}/" . user_pass_rehash($this->account, $bogus_timestamp));
$this
->drupalPostForm(NULL, NULL, t('Log in'));
$this
->assertText(t('You have tried to use a one-time login link that has expired. Please request a new one using the form below.'), 'Expired password reset request rejected.');
// Create a user, block the account, and verify that a login link is denied.
$timestamp = REQUEST_TIME - 1;
$blocked_account = $this
->drupalCreateUser()
->block();
$blocked_account
->save();
$this
->drupalGet("user/reset/" . $blocked_account
->id() . "/{$timestamp}/" . user_pass_rehash($blocked_account, $timestamp));
$this
->assertSession()
->statusCodeEquals(403);
// Verify a blocked user can not request a new password.
$this
->drupalGet('user/password');
// Count email messages before to compare with after.
$before = count($this
->drupalGetMails([
'id' => 'user_password_reset',
]));
$edit = [
'name' => $blocked_account
->getAccountName(),
];
$this
->drupalPostForm(NULL, $edit, t('Submit'));
$this
->assertRaw(t('%name is blocked or has not been activated yet.', [
'%name' => $blocked_account
->getAccountName(),
]), 'Notified user blocked accounts can not request a new password');
$this
->assertCount($before, $this
->drupalGetMails([
'id' => 'user_password_reset',
]), 'No email was sent when requesting password reset for a blocked account');
// Verify a password reset link is invalidated when the user's email address changes.
$this
->drupalGet('user/password');
$edit = [
'name' => $this->account
->getAccountName(),
];
$this
->drupalPostForm(NULL, $edit, t('Submit'));
$old_email_reset_link = $this
->getResetURL();
$this->account
->setEmail("1" . $this->account
->getEmail());
$this->account
->save();
$this
->drupalGet($old_email_reset_link);
$this
->drupalPostForm(NULL, NULL, t('Log in'));
$this
->assertText(t('You have tried to use a one-time login link that has either been used or is no longer valid. Please request a new one using the form below.'), 'One-time link is no longer valid.');
// Verify a password reset link will automatically log a user when /login is
// appended.
$this
->drupalGet('user/password');
$edit = [
'name' => $this->account
->getAccountName(),
];
$this
->drupalPostForm(NULL, $edit, t('Submit'));
$reset_url = $this
->getResetURL();
$this
->drupalGet($reset_url . '/login');
$this
->assertSession()
->linkExists(t('Log out'));
$this
->assertTitle($this->account
->getAccountName() . ' | Drupal');
// Ensure blocked and deleted accounts can't access the user.reset.login
// route.
$this
->drupalLogout();
$timestamp = REQUEST_TIME - 1;
$blocked_account = $this
->drupalCreateUser()
->block();
$blocked_account
->save();
$this
->drupalGet("user/reset/" . $blocked_account
->id() . "/{$timestamp}/" . user_pass_rehash($blocked_account, $timestamp) . '/login');
$this
->assertSession()
->statusCodeEquals(403);
$blocked_account
->delete();
$this
->drupalGet("user/reset/" . $blocked_account
->id() . "/{$timestamp}/" . user_pass_rehash($blocked_account, $timestamp) . '/login');
$this
->assertSession()
->statusCodeEquals(403);
}
/**
* Retrieves password reset email and extracts the login link.
*/
public function getResetURL() {
// Assume the most recent email.
$_emails = $this
->drupalGetMails();
$email = end($_emails);
$urls = [];
preg_match('#.+user/reset/.+#', $email['body'], $urls);
return $urls[0];
}
/**
* Test user password reset while logged in.
*/
public function testUserPasswordResetLoggedIn() {
$another_account = $this
->drupalCreateUser();
$this
->drupalLogin($another_account);
$this
->drupalGet('user/password');
$this
->drupalPostForm(NULL, NULL, t('Submit'));
// Click the reset URL while logged and change our password.
$resetURL = $this
->getResetURL();
// Log in as a different user.
$this
->drupalLogin($this->account);
$this
->drupalGet($resetURL);
$this
->assertRaw(new FormattableMarkup('Another user (%other_user) is already logged into the site on this computer, but you tried to use a one-time link for user %resetting_user. Please <a href=":logout">log out</a> and try using the link again.', [
'%other_user' => $this->account
->getAccountName(),
'%resetting_user' => $another_account
->getAccountName(),
':logout' => Url::fromRoute('user.logout')
->toString(),
]));
$another_account
->delete();
$this
->drupalGet($resetURL);
$this
->assertText('The one-time login link you clicked is invalid.');
// Log in.
$this
->drupalLogin($this->account);
// Reset the password by username via the password reset page.
$this
->drupalGet('user/password');
$this
->drupalPostForm(NULL, NULL, t('Submit'));
// Click the reset URL while logged and change our password.
$resetURL = $this
->getResetURL();
$this
->drupalGet($resetURL);
$this
->drupalPostForm(NULL, NULL, t('Log in'));
// Change the password.
$password = user_password();
$edit = [
'pass[pass1]' => $password,
'pass[pass2]' => $password,
];
$this
->drupalPostForm(NULL, $edit, t('Save'));
$this
->assertText(t('The changes have been saved.'), 'Password changed.');
// Logged in users should not be able to access the user.reset.login or the
// user.reset.form routes.
$timestamp = REQUEST_TIME - 1;
$this
->drupalGet("user/reset/" . $this->account
->id() . "/{$timestamp}/" . user_pass_rehash($this->account, $timestamp) . '/login');
$this
->assertSession()
->statusCodeEquals(403);
$this
->drupalGet("user/reset/" . $this->account
->id());
$this
->assertSession()
->statusCodeEquals(403);
}
/**
* Prefill the text box on incorrect login via link to password reset page.
*/
public function testUserResetPasswordTextboxFilled() {
$this
->drupalGet('user/login');
$edit = [
'name' => $this
->randomMachineName(),
'pass' => $this
->randomMachineName(),
];
$this
->drupalPostForm('user/login', $edit, t('Log in'));
$this
->assertRaw(t('Unrecognized username or password. <a href=":password">Forgot your password?</a>', [
':password' => Url::fromRoute('user.pass', [], [
'query' => [
'name' => $edit['name'],
],
])
->toString(),
]));
unset($edit['pass']);
$this
->drupalGet('user/password', [
'query' => [
'name' => $edit['name'],
],
]);
$this
->assertFieldByName('name', $edit['name'], 'User name found.');
// Ensure the name field value is not cached.
$this
->drupalGet('user/password');
$this
->assertNoFieldByName('name', $edit['name'], 'User name not found.');
}
/**
* Tests password reset flood control for one user.
*/
public function testUserResetPasswordUserFloodControl() {
\Drupal::configFactory()
->getEditable('user.flood')
->set('user_limit', 3)
->save();
$edit = [
'name' => $this->account
->getAccountName(),
];
// Try 3 requests that should not trigger flood control.
for ($i = 0; $i < 3; $i++) {
$this
->drupalGet('user/password');
$this
->drupalPostForm(NULL, $edit, t('Submit'));
$this
->assertValidPasswordReset($edit['name']);
$this
->assertNoPasswordUserFlood();
}
// The next request should trigger flood control.
$this
->drupalGet('user/password');
$this
->drupalPostForm(NULL, $edit, t('Submit'));
$this
->assertPasswordUserFlood();
}
/**
* Tests password reset flood control for one IP.
*/
public function testUserResetPasswordIpFloodControl() {
\Drupal::configFactory()
->getEditable('user.flood')
->set('ip_limit', 3)
->save();
// Try 3 requests that should not trigger flood control.
for ($i = 0; $i < 3; $i++) {
$this
->drupalGet('user/password');
$edit = [
'name' => $this
->randomMachineName(),
];
$this
->drupalPostForm(NULL, $edit, t('Submit'));
// Because we're testing with a random name, the password reset will not be valid.
$this
->assertNoValidPasswordReset($edit['name']);
$this
->assertNoPasswordIpFlood();
}
// The next request should trigger flood control.
$this
->drupalGet('user/password');
$edit = [
'name' => $this
->randomMachineName(),
];
$this
->drupalPostForm(NULL, $edit, t('Submit'));
$this
->assertPasswordIpFlood();
}
/**
* Tests user password reset flood control is cleared on successful reset.
*/
public function testUserResetPasswordUserFloodControlIsCleared() {
\Drupal::configFactory()
->getEditable('user.flood')
->set('user_limit', 3)
->save();
$edit = [
'name' => $this->account
->getAccountName(),
];
// Try 3 requests that should not trigger flood control.
for ($i = 0; $i < 3; $i++) {
$this
->drupalGet('user/password');
$this
->drupalPostForm(NULL, $edit, t('Submit'));
$this
->assertValidPasswordReset($edit['name']);
$this
->assertNoPasswordUserFlood();
}
// Use the last password reset URL which was generated.
$reset_url = $this
->getResetURL();
$this
->drupalGet($reset_url . '/login');
$this
->assertSession()
->linkExists(t('Log out'));
$this
->assertTitle($this->account
->getAccountName() . ' | Drupal');
$this
->drupalLogout();
// The next request should *not* trigger flood control, since a successful
// password reset should have cleared flood events for this user.
$this
->drupalGet('user/password');
$this
->drupalPostForm(NULL, $edit, t('Submit'));
$this
->assertValidPasswordReset($edit['name']);
$this
->assertNoPasswordUserFlood();
}
/**
* Helper function to make assertions about a valid password reset.
*/
public function assertValidPasswordReset($name) {
// Make sure the error text is not displayed and email sent.
$this
->assertNoText(t('Sorry, @name is not recognized as a username or an e-mail address.', [
'@name' => $name,
]), 'Validation error message shown when trying to request password for invalid account.');
$this
->assertMail('to', $this->account
->getEmail(), 'Password e-mail sent to user.');
$subject = t('Replacement login information for @username at @site', [
'@username' => $this->account
->getAccountName(),
'@site' => \Drupal::config('system.site')
->get('name'),
]);
$this
->assertMail('subject', $subject, 'Password reset e-mail subject is correct.');
}
/**
* Helper function to make assertions about an invalid password reset.
*/
public function assertNoValidPasswordReset($name) {
// Make sure the error text is displayed and no email sent.
$this
->assertText(t('@name is not recognized as a username or an email address.', [
'@name' => $name,
]), 'Validation error message shown when trying to request password for invalid account.');
$this
->assertCount(0, $this
->drupalGetMails([
'id' => 'user_password_reset',
]), 'No e-mail was sent when requesting a password for an invalid account.');
}
/**
* Makes assertions about a password reset triggering user flood control.
*/
public function assertPasswordUserFlood() {
$this
->assertText(t('Too many password recovery requests for this account. It is temporarily blocked. Try again later or contact the site administrator.'), 'User password reset flood error message shown.');
}
/**
* Makes assertions about a password reset not triggering user flood control.
*/
public function assertNoPasswordUserFlood() {
$this
->assertNoText(t('Too many password recovery requests for this account. It is temporarily blocked. Try again later or contact the site administrator.'), 'User password reset flood error message not shown.');
}
/**
* Makes assertions about a password reset triggering IP flood control.
*/
public function assertPasswordIpFlood() {
$this
->assertText(t('Too many password recovery requests from your IP address. It is temporarily blocked. Try again later or contact the site administrator.'), 'IP password reset flood error message shown.');
}
/**
* Makes assertions about a password reset not triggering IP flood control.
*/
public function assertNoPasswordIpFlood() {
$this
->assertNoText(t('Too many password recovery requests from your IP address. It is temporarily blocked. Try again later or contact the site administrator.'), 'IP password reset flood error message not shown.');
}
/**
* Make sure that users cannot forge password reset URLs of other users.
*/
public function testResetImpersonation() {
// Create two identical user accounts except for the user name. They must
// have the same empty password, so we can't use $this->drupalCreateUser().
$edit = [];
$edit['name'] = $this
->randomMachineName();
$edit['mail'] = $edit['name'] . '@example.com';
$edit['status'] = 1;
$user1 = User::create($edit);
$user1
->save();
$edit['name'] = $this
->randomMachineName();
$user2 = User::create($edit);
$user2
->save();
// Unique password hashes are automatically generated, the only way to
// change that is to update it directly in the database.
Database::getConnection()
->update('users_field_data')
->fields([
'pass' => NULL,
])
->condition('uid', [
$user1
->id(),
$user2
->id(),
], 'IN')
->execute();
\Drupal::entityTypeManager()
->getStorage('user')
->resetCache();
$user1 = User::load($user1
->id());
$user2 = User::load($user2
->id());
$this
->assertEqual($user1
->getPassword(), $user2
->getPassword(), 'Both users have the same password hash.');
// The password reset URL must not be valid for the second user when only
// the user ID is changed in the URL.
$reset_url = user_pass_reset_url($user1);
$attack_reset_url = str_replace("user/reset/{$user1->id()}", "user/reset/{$user2->id()}", $reset_url);
$this
->drupalGet($attack_reset_url);
$this
->drupalPostForm(NULL, NULL, t('Log in'));
$this
->assertNoText($user2
->getAccountName(), 'The invalid password reset page does not show the user name.');
$this
->assertUrl('user/password', [], 'The user is redirected to the password reset request page.');
$this
->assertText('You have tried to use a one-time login link that has either been used or is no longer valid. Please request a new one using the form below.');
}
}Members
Name |
Modifiers | Type | Description | Overrides |
|---|---|---|---|---|
|
AssertHelperTrait:: |
protected static | function | Casts MarkupInterface objects into strings. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertTrue() instead. | |
|
AssertLegacyTrait:: |
protected | function | Asserts whether an expected cache tag was present in the last response. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that the element with the given CSS selector is not present. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that the element with the given CSS selector is present. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertEquals() instead. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the raw text IS found escaped on the loaded page, fail otherwise. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field exists with the given name or ID. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field exists with the given ID and value. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field exists with the given name and value. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field exists in the current page by the given XPath. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a checkbox field in the current page is checked. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field exists in the current page with a given Xpath result. | |
|
AssertLegacyTrait:: |
protected | function | Checks that current response header equals value. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertSame() instead. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertEquals() instead. | |
|
AssertLegacyTrait:: |
protected | function | Passes if a link with the specified label is found. | |
|
AssertLegacyTrait:: |
protected | function | Passes if a link containing a given href (part) is found. | |
|
AssertLegacyTrait:: |
protected | function | Asserts whether an expected cache tag was absent in the last response. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the raw text is not found escaped on the loaded page. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field does NOT exist with the given name or ID. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field does not exist with the given ID and value. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field does not exist with the given name and value. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field does not exist or its value does not match, by XPath. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a checkbox field in the current page is not checked. | |
|
AssertLegacyTrait:: |
protected | function | Passes if a link with the specified label is not found. | |
|
AssertLegacyTrait:: |
protected | function | Passes if a link containing a given href (part) is not found. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a select option does NOT exist in the current page. | |
|
AssertLegacyTrait:: |
protected | function | Triggers a pass if the Perl regex pattern is not found in the raw content. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the raw text IS not found on the loaded page, fail otherwise. | 1 |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertNotEquals() instead. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the page (with HTML stripped) does not contains the text. | 1 |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertNotSame() instead. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the text is found MORE THAN ONCE on the text version of the page. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a select option in the current page exists. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a select option with the visible text exists. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a select option in the current page is checked. | |
|
AssertLegacyTrait:: |
protected | function | Triggers a pass if the Perl regex pattern is found in the raw content. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the raw text IS found on the loaded page, fail otherwise. | 1 |
|
AssertLegacyTrait:: |
protected | function | Asserts the page responds with the specified response code. | 1 |
|
AssertLegacyTrait:: |
protected | function | Passes if the page (with HTML stripped) contains the text. | 1 |
|
AssertLegacyTrait:: |
protected | function | Helper for assertText and assertNoText. | |
|
AssertLegacyTrait:: |
protected | function | Pass if the page title is the given string. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the text is found ONLY ONCE on the text version of the page. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the internal browser's URL matches the given path. | |
|
AssertLegacyTrait:: |
protected | function | Builds an XPath query. | |
|
AssertLegacyTrait:: |
protected | function | Helper: Constructs an XPath for the given set of attributes and value. | |
|
AssertLegacyTrait:: |
protected | function | Get all option elements, including nested options, in a select. | |
|
AssertLegacyTrait:: |
protected | function | Gets the current raw content. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertTrue() instead. | |
|
AssertLegacyTrait:: |
protected | function | ||
|
AssertMailTrait:: |
protected | function | Asserts that the most recently sent email message has the given value. | |
|
AssertMailTrait:: |
protected | function | Asserts that the most recently sent email message has the pattern in it. | |
|
AssertMailTrait:: |
protected | function | Asserts that the most recently sent email message has the string in it. | |
|
AssertMailTrait:: |
protected | function | Gets an array containing all emails sent during this test case. Aliased as: drupalGetMails | |
|
AssertMailTrait:: |
protected | function | Outputs to verbose the most recent $count emails sent. | |
|
BlockCreationTrait:: |
protected | function | Creates a block instance based on default settings. Aliased as: drupalPlaceBlock | |
|
BrowserHtmlDebugTrait:: |
protected | property | The Base URI to use for links to the output files. | |
|
BrowserHtmlDebugTrait:: |
protected | property | Class name for HTML output logging. | |
|
BrowserHtmlDebugTrait:: |
protected | property | Counter for HTML output logging. | |
|
BrowserHtmlDebugTrait:: |
protected | property | Counter storage for HTML output logging. | |
|
BrowserHtmlDebugTrait:: |
protected | property | Directory name for HTML output logging. | |
|
BrowserHtmlDebugTrait:: |
protected | property | HTML output output enabled. | |
|
BrowserHtmlDebugTrait:: |
protected | property | The file name to write the list of URLs to. | |
|
BrowserHtmlDebugTrait:: |
protected | property | HTML output test ID. | |
|
BrowserHtmlDebugTrait:: |
protected | function | Formats HTTP headers as string for HTML output logging. | |
|
BrowserHtmlDebugTrait:: |
protected | function | Returns headers in HTML output format. | 1 |
|
BrowserHtmlDebugTrait:: |
protected | function | Logs a HTML output message in a text file. | |
|
BrowserHtmlDebugTrait:: |
protected | function | Creates the directory to store browser output. | |
|
BrowserTestBase:: |
protected | property | The base URL. | |
|
BrowserTestBase:: |
protected | property | The config importer that can be used in a test. | |
|
BrowserTestBase:: |
protected | property | An array of custom translations suitable for drupal_rewrite_settings(). | |
|
BrowserTestBase:: |
protected | property | The database prefix of this test run. | |
|
BrowserTestBase:: |
protected | property | Mink session manager. | |
|
BrowserTestBase:: |
protected | property | ||
|
BrowserTestBase:: |
protected | property | 1 | |
|
BrowserTestBase:: |
protected | property | The original container. | |
|
BrowserTestBase:: |
protected | property | The original array of shutdown function callbacks. | |
|
BrowserTestBase:: |
protected | property | ||
|
BrowserTestBase:: |
protected | property | The profile to install as a basis for testing. | 39 |
|
BrowserTestBase:: |
protected | property | The app root. | |
|
BrowserTestBase:: |
protected | property | Browser tests are run in separate processes to prevent collisions between code that may be loaded by tests. | |
|
BrowserTestBase:: |
protected | property | Time limit in seconds for the test. | |
|
BrowserTestBase:: |
protected | property | The translation file directory for the test environment. | |
|
BrowserTestBase:: |
protected | function | Clean up the Simpletest environment. | |
|
BrowserTestBase:: |
protected | function | Configuration accessor for tests. Returns non-overridden configuration. | |
|
BrowserTestBase:: |
protected | function | Translates a CSS expression to its XPath equivalent. | |
|
BrowserTestBase:: |
protected | function | Gets the value of an HTTP response header. | |
|
BrowserTestBase:: |
protected | function | Returns all response headers. | |
|
BrowserTestBase:: |
public static | function | Ensures test files are deletable. | |
|
BrowserTestBase:: |
protected | function | Gets an instance of the default Mink driver. | |
|
BrowserTestBase:: |
protected | function | Gets the JavaScript drupalSettings variable for the currently-loaded page. | 1 |
|
BrowserTestBase:: |
protected | function | Obtain the HTTP client for the system under test. | |
|
BrowserTestBase:: |
protected | function | Get the Mink driver args from an environment variable, if it is set. Can be overridden in a derived class so it is possible to use a different value for a subset of tests, e.g. the JavaScript tests. | 1 |
|
BrowserTestBase:: |
protected | function | Helper function to get the options of select field. | |
|
BrowserTestBase:: |
protected | function |
Provides a Guzzle middleware handler to log every response received. Overrides BrowserHtmlDebugTrait:: |
|
|
BrowserTestBase:: |
public | function | Returns Mink session. | |
|
BrowserTestBase:: |
protected | function | Get session cookies from current session. | |
|
BrowserTestBase:: |
protected | function |
Retrieves the current calling line in the class under test. Overrides BrowserHtmlDebugTrait:: |
|
|
BrowserTestBase:: |
protected | function | Visits the front page when initializing Mink. | 3 |
|
BrowserTestBase:: |
protected | function | Initializes Mink sessions. | 1 |
|
BrowserTestBase:: |
public | function | Installs Drupal into the Simpletest site. | 1 |
|
BrowserTestBase:: |
protected | function | Registers additional Mink sessions. | |
|
BrowserTestBase:: |
protected | function | 3 | |
|
BrowserTestBase:: |
protected | function | Transforms a nested array into a flat array suitable for drupalPostForm(). | |
|
BrowserTestBase:: |
protected | function | Performs an xpath search on the contents of the internal browser. | |
|
BrowserTestBase:: |
public | function | 1 | |
|
BrowserTestBase:: |
public | function | Prevents serializing any properties. | |
|
ConfigTestTrait:: |
protected | function | Returns a ConfigImporter object to import test configuration. | |
|
ConfigTestTrait:: |
protected | function | Copies configuration objects from source storage to target storage. | |
|
ContentTypeCreationTrait:: |
protected | function | Creates a custom content type based on default settings. Aliased as: drupalCreateContentType | 1 |
|
FunctionalTestSetupTrait:: |
protected | property | The flag to set 'apcu_ensure_unique_prefix' setting. | 1 |
|
FunctionalTestSetupTrait:: |
protected | property | The class loader to use for installation and initialization of setup. | |
|
FunctionalTestSetupTrait:: |
protected | property | The config directories used in this test. | |
|
FunctionalTestSetupTrait:: |
protected | property | The "#1" admin user. | |
|
FunctionalTestSetupTrait:: |
protected | function | Execute the non-interactive installer. | 1 |
|
FunctionalTestSetupTrait:: |
protected | function | Returns all supported database driver installer objects. | |
|
FunctionalTestSetupTrait:: |
protected | function | Initialize various configurations post-installation. | 2 |
|
FunctionalTestSetupTrait:: |
protected | function | Initializes the kernel after installation. | |
|
FunctionalTestSetupTrait:: |
protected | function | Initialize settings created during install. | |
|
FunctionalTestSetupTrait:: |
protected | function | Initializes user 1 for the site to be installed. | |
|
FunctionalTestSetupTrait:: |
protected | function | Installs the default theme defined by `static::$defaultTheme` when needed. | |
|
FunctionalTestSetupTrait:: |
protected | function | Install modules defined by `static::$modules`. | 1 |
|
FunctionalTestSetupTrait:: |
protected | function | Returns the parameters that will be used when Simpletest installs Drupal. | 9 |
|
FunctionalTestSetupTrait:: |
protected | function | Prepares the current environment for running the test. | 23 |
|
FunctionalTestSetupTrait:: |
protected | function | Creates a mock request and sets it on the generator. | |
|
FunctionalTestSetupTrait:: |
protected | function | Prepares site settings and services before installation. | 2 |
|
FunctionalTestSetupTrait:: |
protected | function | Resets and rebuilds the environment after setup. | |
|
FunctionalTestSetupTrait:: |
protected | function | Rebuilds \Drupal::getContainer(). | |
|
FunctionalTestSetupTrait:: |
protected | function | Resets all data structures after having enabled new modules. | |
|
FunctionalTestSetupTrait:: |
protected | function | Changes parameters in the services.yml file. | |
|
FunctionalTestSetupTrait:: |
protected | function | Sets up the base URL based upon the environment variable. | |
|
FunctionalTestSetupTrait:: |
protected | function | Rewrites the settings.php file of the test site. | |
|
NodeCreationTrait:: |
protected | function | Creates a node based on default settings. Aliased as: drupalCreateNode | |
|
NodeCreationTrait:: |
public | function | Get a node from the database based on its title. Aliased as: drupalGetNodeByTitle | |
|
PhpunitCompatibilityTrait:: |
public | function | Returns a mock object for the specified class using the available method. | |
|
PhpunitCompatibilityTrait:: |
public | function | Compatibility layer for PHPUnit 6 to support PHPUnit 4 code. | |
|
RandomGeneratorTrait:: |
protected | property | The random generator. | |
|
RandomGeneratorTrait:: |
protected | function | Gets the random generator for the utility methods. | |
|
RandomGeneratorTrait:: |
protected | function | Generates a unique random string containing letters and numbers. | 1 |
|
RandomGeneratorTrait:: |
public | function | Generates a random PHP object. | |
|
RandomGeneratorTrait:: |
public | function | Generates a pseudo-random string of ASCII characters of codes 32 to 126. | |
|
RandomGeneratorTrait:: |
public | function | Callback for random string validation. | |
|
RefreshVariablesTrait:: |
protected | function | Refreshes in-memory configuration and state information. | 3 |
|
SessionTestTrait:: |
protected | property | The name of the session cookie. | |
|
SessionTestTrait:: |
protected | function | Generates a session cookie name. | |
|
SessionTestTrait:: |
protected | function | Returns the session name in use on the child site. | |
|
StorageCopyTrait:: |
protected static | function | Copy the configuration from one storage to another and remove stale items. | |
|
TestRequirementsTrait:: |
private | function | Checks missing module requirements. | |
|
TestRequirementsTrait:: |
protected | function | Check module requirements for the Drupal use case. | 1 |
|
TestRequirementsTrait:: |
protected static | function | Returns the Drupal root directory. | |
|
TestSetupTrait:: |
protected static | property | An array of config object names that are excluded from schema checking. | |
|
TestSetupTrait:: |
protected | property | The dependency injection container used in the test. | |
|
TestSetupTrait:: |
protected | property | The DrupalKernel instance used in the test. | |
|
TestSetupTrait:: |
protected | property | The site directory of the original parent site. | |
|
TestSetupTrait:: |
protected | property | The private file directory for the test environment. | |
|
TestSetupTrait:: |
protected | property | The public file directory for the test environment. | |
|
TestSetupTrait:: |
protected | property | The site directory of this test run. | |
|
TestSetupTrait:: |
protected | property | Set to TRUE to strict check all configuration saved. | 2 |
|
TestSetupTrait:: |
protected | property | The temporary file directory for the test environment. | |
|
TestSetupTrait:: |
protected | property | The test run ID. | |
|
TestSetupTrait:: |
protected | function | Changes the database connection to the prefixed one. | |
|
TestSetupTrait:: |
protected | function | Gets the config schema exclusions for this test. | |
|
TestSetupTrait:: |
public static | function | Returns the database connection to the site running Simpletest. | |
|
TestSetupTrait:: |
protected | function | Generates a database prefix for running tests. | 2 |
|
UiHelperTrait:: |
protected | property | The current user logged in using the Mink controlled browser. | |
|
UiHelperTrait:: |
protected | property | The number of meta refresh redirects to follow, or NULL if unlimited. | |
|
UiHelperTrait:: |
protected | property | The number of meta refresh redirects followed during ::drupalGet(). | |
|
UiHelperTrait:: |
public | function | Returns WebAssert object. | 1 |
|
UiHelperTrait:: |
protected | function | Builds an a absolute URL from a system path or a URL object. | |
|
UiHelperTrait:: |
protected | function | Checks for meta refresh tag and if found call drupalGet() recursively. | |
|
UiHelperTrait:: |
protected | function | Clicks the element with the given CSS selector. | |
|
UiHelperTrait:: |
protected | function | Follows a link by complete name. | |
|
UiHelperTrait:: |
protected | function | Searches elements using a CSS selector in the raw content. | |
|
UiHelperTrait:: |
protected | function | Retrieves a Drupal path or an absolute path. | 3 |
|
UiHelperTrait:: |
protected | function | Logs in a user using the Mink controlled browser. | |
|
UiHelperTrait:: |
protected | function | Logs a user out of the Mink controlled browser and confirms. | |
|
UiHelperTrait:: |
protected | function | Executes a form submission. | |
|
UiHelperTrait:: |
protected | function | Returns whether a given user account is logged in. | |
|
UiHelperTrait:: |
protected | function | Takes a path and returns an absolute path. | |
|
UiHelperTrait:: |
protected | function | Retrieves the plain-text content from the current page. | |
|
UiHelperTrait:: |
protected | function | Get the current URL from the browser. | |
|
UiHelperTrait:: |
protected | function | Prepare for a request to testing site. | 1 |
|
UiHelperTrait:: |
protected | function | Fills and submits a form. | |
|
UserCreationTrait:: |
protected | function | Checks whether a given list of permission names is valid. | |
|
UserCreationTrait:: |
protected | function | Creates an administrative role. | |
|
UserCreationTrait:: |
protected | function | Creates a role with specified permissions. Aliased as: drupalCreateRole | |
|
UserCreationTrait:: |
protected | function | Create a user with a given set of permissions. Aliased as: drupalCreateUser | |
|
UserCreationTrait:: |
protected | function | Grant permissions to a user role. | |
|
UserCreationTrait:: |
protected | function | Switch the current logged in user. | |
|
UserCreationTrait:: |
protected | function | Creates a random user account and sets it as current user. | |
|
UserPasswordResetTest:: |
protected | property | The user object to test password resetting. | |
|
UserPasswordResetTest:: |
protected | property |
The theme to install as the default for testing. Overrides BrowserTestBase:: |
|
|
UserPasswordResetTest:: |
public static | property |
Modules to enable. Overrides BrowserTestBase:: |
|
|
UserPasswordResetTest:: |
public | function | Makes assertions about a password reset not triggering IP flood control. | |
|
UserPasswordResetTest:: |
public | function | Makes assertions about a password reset not triggering user flood control. | |
|
UserPasswordResetTest:: |
public | function | Helper function to make assertions about an invalid password reset. | |
|
UserPasswordResetTest:: |
public | function | Makes assertions about a password reset triggering IP flood control. | |
|
UserPasswordResetTest:: |
public | function | Makes assertions about a password reset triggering user flood control. | |
|
UserPasswordResetTest:: |
public | function | Helper function to make assertions about a valid password reset. | |
|
UserPasswordResetTest:: |
public | function | Retrieves password reset email and extracts the login link. | |
|
UserPasswordResetTest:: |
protected | function |
Overrides BrowserTestBase:: |
|
|
UserPasswordResetTest:: |
public | function | Make sure that users cannot forge password reset URLs of other users. | |
|
UserPasswordResetTest:: |
public | function | Tests password reset functionality. | |
|
UserPasswordResetTest:: |
public | function | Test user password reset while logged in. | |
|
UserPasswordResetTest:: |
public | function | Tests password reset flood control for one IP. | |
|
UserPasswordResetTest:: |
public | function | Prefill the text box on incorrect login via link to password reset page. | |
|
UserPasswordResetTest:: |
public | function | Tests password reset flood control for one user. | |
|
UserPasswordResetTest:: |
public | function | Tests user password reset flood control is cleared on successful reset. | |
|
XdebugRequestTrait:: |
protected | function | Adds xdebug cookies, from request setup. |