You are here

public function LinkFieldCrudTest::testLinkCreate in Link 7

Creates a link field for the "page" type and creates a page with a link.

File

tests/LinkFieldCrudTest.test, line 51
Testing that users can not input bad URLs or labels.

Class

LinkFieldCrudTest
Testing that users can not input bad URLs or labels.

Code

public function testLinkCreate() {

  // libxml_use_internal_errors(true);
  $this->web_user = $this
    ->drupalCreateUser(array(
    'administer content types',
    'administer fields',
    'administer nodes',
    'administer filters',
    'access content',
    'create page content',
    'access administration pages',
  ));
  $this
    ->drupalLogin($this->web_user);

  // Create field.
  $name = strtolower($this
    ->randomName());
  $edit = array(
    'fields[_add_new_field][label]' => $name,
    'fields[_add_new_field][field_name]' => $name,
    'fields[_add_new_field][type]' => 'link_field',
    'fields[_add_new_field][widget_type]' => 'link_field',
  );
  $this
    ->drupalPost('admin/structure/types/manage/page/fields', $edit, t('Save'));
  $this
    ->drupalPost(NULL, array(), t('Save field settings'));
  $this
    ->drupalPost(NULL, array(), t('Save settings'));

  // Is field created?
  $this
    ->assertRaw(t('Saved %label configuration', array(
    '%label' => $name,
  )), 'Field added');
  node_types_rebuild();
  menu_rebuild();
  $permission = 'create page content';
  $this
    ->checkPermissions(array(
    $permission,
  ), TRUE);

  // Create page form
  // $this->drupalGet('node/add');.
  $this
    ->drupalGet('node/add/page');
  $field_name = 'field_' . $name;
  $this
    ->assertField('edit-field-' . $name . '-und-0-title', 'Title found');
  $this
    ->assertField('edit-field-' . $name . '-und-0-url', 'URL found');
  $input_test_cases = array(
    array(
      'href' => 'http://example.com/' . $this
        ->randomName(),
      'label' => $this
        ->randomName(),
      'msg' => 'Link found',
      'type' => self::LINK_INPUT_TYPE_GOOD,
    ),
    array(
      'href' => 'http://example.com/' . $this
        ->randomName(),
      'label' => $this
        ->randomName() . '<script>alert("hi");</script>',
      'msg' => 'JS in label',
      'type' => self::LINK_INPUT_TYPE_BAD_TITLE,
    ),
    array(
      'href' => 'http://example.com/' . $this
        ->randomName(),
      'label' => $this
        ->randomName() . '<script src="http://devil.site.com"></script>',
      'msg' => 'Remote JS in label',
      'type' => self::LINK_INPUT_TYPE_BAD_TITLE,
    ),
    array(
      'href' => 'http://example.com/' . $this
        ->randomName(),
      'label' => $this
        ->randomName() . '" onmouseover="alert(\'hi\')',
      'msg' => 'JS in label',
      'type' => self::LINK_INPUT_TYPE_BAD_TITLE,
    ),
    array(
      'href' => 'http://example.com/' . $this
        ->randomName(),
      'label' => $this
        ->randomName() . '\' onmouseover="alert(\'hi\')',
      'msg' => 'Escaped JS in label',
      'type' => self::LINK_INPUT_TYPE_BAD_TITLE,
    ),
    array(
      'href' => 'javascript:alert("http://example.com/' . $this
        ->randomName() . '")',
      'label' => $this
        ->randomName(),
      'msg' => 'JS in URL',
      'type' => self::LINK_INPUT_TYPE_BAD_URL,
    ),
    array(
      'href' => 'http://example.com?foo=bar&fruit=mango',
      'label' => $this
        ->randomName(),
      'msg' => 'URL with querystring',
      'type' => self::LINK_INPUT_TYPE_GOOD,
    ),
    array(
      'href' => 'http://ecs-es.kelkoo.es/ctl/go/sitesearchGo?.ts=1338833010331&.sig=qP9GXeEFH6syBzwmzYkxmsvp1EI-',
      'label' => 'http://ecs-es.kelkoo.es/ctl/go/sitesearchGo?.ts=1338833010331&.sig=qP9GXeEFH6syBzwmzYkxmsvp1EI-',
      'msg' => 'URL with . in querystring',
      'type' => self::LINK_INPUT_TYPE_GOOD,
    ),
  );
  $test_case = array(
    'href' => 'www.example.com/' . $this
      ->randomName(),
    'label' => $this
      ->randomName(),
    'msg' => 'Link found',
    'type' => self::LINK_INPUT_TYPE_GOOD,
  );
  $test_case['expected_href'] = 'http://' . $test_case['href'];
  $input_test_cases[] = $test_case;
  foreach ($input_test_cases as $input) {
    $this
      ->drupalLogin($this->web_user);
    $this
      ->drupalGet('node/add/page');
    $edit = array(
      'title' => $input['label'],
      $field_name . '[und][0][title]' => $input['label'],
      $field_name . '[und][0][url]' => $input['href'],
    );
    $this
      ->drupalPost(NULL, $edit, t('Save'));
    if ($input['type'] == self::LINK_INPUT_TYPE_BAD_URL) {
      $this
        ->assertRaw(t('The value %value provided for %field is not a valid URL.', array(
        '%field' => $name,
        '%value' => trim($input['href']),
      )), 'Not a valid URL: ' . $input['href']);
      continue;
    }
    else {
      $this
        ->assertRaw(' ' . t('has been created.', array(
        '@type' => 'Basic Page',
        '%title' => $edit['title'],
      )), 'Page created: ' . $input['href']);
    }
    $url = $this
      ->getUrl();

    // Change to Anonymous user.
    $this
      ->drupalLogout();
    $this
      ->drupalGet($url);

    // debug($this);
    // If simpletest starts using something to override the error system, this
    // will flag us and let us know it's broken.
    $this
      ->assertFalse(libxml_use_internal_errors(TRUE));
    $expected_href = $input['href'];
    if (isset($input['expected_href'])) {
      $expected_href = $input['expected_href'];
    }
    $elements = $this
      ->xpath('//a[@href="' . $expected_href . '" and text()="' . $input['label'] . '"]');
    libxml_use_internal_errors(FALSE);
    $this
      ->assertIdentical(isset($elements[0]), $input['type'] == self::LINK_INPUT_TYPE_GOOD, $input['msg']);
  }

  // libxml_use_internal_errors(FALSE);
}