class SecKitTestCaseTest in Security Kit 2.x
Same name and namespace in other branches
- 8 tests/src/Functional/SecKitTestCaseTest.php \Drupal\Tests\seckit\Functional\SecKitTestCaseTest
Functional tests for Security Kit.
@group seckit
Hierarchy
- class \Drupal\Tests\BrowserTestBase extends \PHPUnit\Framework\TestCase uses \Symfony\Bridge\PhpUnit\ExpectDeprecationTrait, FunctionalTestSetupTrait, TestSetupTrait, AssertLegacyTrait, BlockCreationTrait, ConfigTestTrait, ExtensionListTestTrait, ContentTypeCreationTrait, NodeCreationTrait, PhpUnitCompatibilityTrait, RandomGeneratorTrait, TestRequirementsTrait, PhpUnitWarnings, UiHelperTrait, UserCreationTrait, XdebugRequestTrait
- class \Drupal\Tests\seckit\Functional\SecKitTestCaseTest
Expanded class hierarchy of SecKitTestCaseTest
File
- tests/
src/ Functional/ SecKitTestCaseTest.php, line 14
Namespace
Drupal\Tests\seckit\FunctionalView source
class SecKitTestCaseTest extends BrowserTestBase {
/**
* Admin user for tests.
*
* @var object
*/
private $admin;
/**
* CSP report url.
*
* @var string
*/
private $reportPath;
/**
* Array of modules to enable.
*
* @var array
*/
public static $modules = [
'seckit',
'filter',
];
/**
* {@inheritdoc}
*/
protected $defaultTheme = 'stark';
/**
* If set all requests made with have an origin header set with its value.
*
* @var bool|string
*/
protected $originHeader = FALSE;
/**
* {@inheritdoc}
*/
public function setUp() {
parent::setUp();
$this->admin = $this
->drupalCreateUser([
'administer seckit',
]);
$this
->drupalLogin($this->admin);
$route_provider = \Drupal::service('router.route_provider');
$route = $route_provider
->getRouteByName('seckit.report');
// Need to remove leading slash so it is not escaped in string.
$path = $route
->getPath();
$this->reportPath = ltrim($path, '/');
// Inject a Guzzle middleware to generate debug output for every request
// performed in the test.
$client = $this
->getHttpClient();
$handler_stack = $client
->getConfig('handler');
$handler_stack
->push($this
->secKitRequestHeader());
}
/**
* Tests disabled Content Security Policy.
*/
public function testDisabledCsp() {
$form['seckit_xss[csp][checkbox]'] = FALSE;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('Content-Security-Policy', NULL);
$this
->assertSession()
->responseHeaderEquals('X-Content-Security-Policy', NULL);
$this
->assertSession()
->responseHeaderEquals('X-WebKit-CSP', NULL);
}
/**
* Tests Content Security Policy with all enabled directives.
*/
public function testCspHasAllDirectives() {
$form = [
'seckit_xss[csp][checkbox]' => TRUE,
'seckit_xss[csp][vendor-prefix][x]' => TRUE,
'seckit_xss[csp][vendor-prefix][webkit]' => TRUE,
'seckit_xss[csp][default-src]' => '*',
'seckit_xss[csp][script-src]' => '*',
'seckit_xss[csp][object-src]' => '*',
'seckit_xss[csp][style-src]' => '*',
'seckit_xss[csp][img-src]' => '*',
'seckit_xss[csp][media-src]' => '*',
'seckit_xss[csp][frame-src]' => '*',
'seckit_xss[csp][frame-ancestors]' => '*',
'seckit_xss[csp][child-src]' => '*',
'seckit_xss[csp][font-src]' => '*',
'seckit_xss[csp][connect-src]' => '*',
'seckit_xss[csp][report-uri]' => $this->reportPath,
'seckit_xss[csp][upgrade-req]' => TRUE,
];
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$expected = 'default-src *; script-src *; object-src *; style-src *; img-src *; media-src *; frame-src *; frame-ancestors *; child-src *; font-src *; connect-src *; report-uri ' . base_path() . $this->reportPath . '; upgrade-insecure-requests';
$this
->assertSession()
->responseHeaderEquals('Content-Security-Policy', $expected);
$this
->assertSession()
->responseHeaderEquals('X-Content-Security-Policy', $expected);
$this
->assertSession()
->responseHeaderEquals('X-WebKit-CSP', $expected);
}
/**
* Tests Content Security Policy without vendor-prefixed headers.
*/
public function testCspWithoutVendorPrefixes() {
$form = [
'seckit_xss[csp][checkbox]' => TRUE,
'seckit_xss[csp][vendor-prefix][x]' => FALSE,
'seckit_xss[csp][vendor-prefix][webkit]' => FALSE,
'seckit_xss[csp][default-src]' => '*',
'seckit_xss[csp][script-src]' => '*',
'seckit_xss[csp][object-src]' => '*',
'seckit_xss[csp][style-src]' => '*',
'seckit_xss[csp][img-src]' => '*',
'seckit_xss[csp][media-src]' => '*',
'seckit_xss[csp][frame-src]' => '*',
'seckit_xss[csp][frame-ancestors]' => '*',
'seckit_xss[csp][child-src]' => '*',
'seckit_xss[csp][font-src]' => '*',
'seckit_xss[csp][connect-src]' => '*',
'seckit_xss[csp][report-uri]' => $this->reportPath,
'seckit_xss[csp][upgrade-req]' => TRUE,
];
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$expected = 'default-src *; script-src *; object-src *; style-src *; img-src *; media-src *; frame-src *; frame-ancestors *; child-src *; font-src *; connect-src *; report-uri ' . base_path() . $this->reportPath . '; upgrade-insecure-requests';
$this
->assertSession()
->responseHeaderEquals('Content-Security-Policy', $expected);
$this
->assertSession()
->responseHeaderEquals('X-Content-Security-Policy', NULL);
$this
->assertSession()
->responseHeaderEquals('X-WebKit-CSP', NULL);
}
/**
* Tests Content Security Policy with X-Content-Security-Policy header.
*/
public function testCspWithCspVendorPrefix() {
$form = [
'seckit_xss[csp][checkbox]' => TRUE,
'seckit_xss[csp][vendor-prefix][x]' => TRUE,
'seckit_xss[csp][vendor-prefix][webkit]' => FALSE,
'seckit_xss[csp][default-src]' => '*',
'seckit_xss[csp][script-src]' => '*',
'seckit_xss[csp][object-src]' => '*',
'seckit_xss[csp][style-src]' => '*',
'seckit_xss[csp][img-src]' => '*',
'seckit_xss[csp][media-src]' => '*',
'seckit_xss[csp][frame-src]' => '*',
'seckit_xss[csp][frame-ancestors]' => '*',
'seckit_xss[csp][child-src]' => '*',
'seckit_xss[csp][font-src]' => '*',
'seckit_xss[csp][connect-src]' => '*',
'seckit_xss[csp][report-uri]' => $this->reportPath,
'seckit_xss[csp][upgrade-req]' => TRUE,
];
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$expected = 'default-src *; script-src *; object-src *; style-src *; img-src *; media-src *; frame-src *; frame-ancestors *; child-src *; font-src *; connect-src *; report-uri ' . base_path() . $this->reportPath . '; upgrade-insecure-requests';
$this
->assertSession()
->responseHeaderEquals('Content-Security-Policy', $expected);
$this
->assertSession()
->responseHeaderEquals('X-Content-Security-Policy', $expected);
$this
->assertSession()
->responseHeaderEquals('X-WebKit-CSP', NULL);
}
/**
* Tests Content Security Policy with the X-WebKit-CSP vendor-prefixed header.
*/
public function testCspWithWebkitCspVendorPrefix() {
$form = [
'seckit_xss[csp][checkbox]' => TRUE,
'seckit_xss[csp][vendor-prefix][x]' => FALSE,
'seckit_xss[csp][vendor-prefix][webkit]' => TRUE,
'seckit_xss[csp][default-src]' => '*',
'seckit_xss[csp][script-src]' => '*',
'seckit_xss[csp][object-src]' => '*',
'seckit_xss[csp][style-src]' => '*',
'seckit_xss[csp][img-src]' => '*',
'seckit_xss[csp][media-src]' => '*',
'seckit_xss[csp][frame-src]' => '*',
'seckit_xss[csp][frame-ancestors]' => '*',
'seckit_xss[csp][child-src]' => '*',
'seckit_xss[csp][font-src]' => '*',
'seckit_xss[csp][connect-src]' => '*',
'seckit_xss[csp][report-uri]' => $this->reportPath,
'seckit_xss[csp][upgrade-req]' => TRUE,
];
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$expected = 'default-src *; script-src *; object-src *; style-src *; img-src *; media-src *; frame-src *; frame-ancestors *; child-src *; font-src *; connect-src *; report-uri ' . base_path() . $this->reportPath . '; upgrade-insecure-requests';
$this
->assertSession()
->responseHeaderEquals('Content-Security-Policy', $expected);
$this
->assertSession()
->responseHeaderEquals('X-Content-Security-Policy', NULL);
$this
->assertSession()
->responseHeaderEquals('X-WebKit-CSP', $expected);
}
/**
* Tests Content Security Policy with policy-uri directive.
*
* In this case, only policy-uri directive should be present.
*/
public function testCspPolicyUriDirectiveOnly() {
$this
->markTestSkipped('Test/code needs to be fixed.');
$form = [
'seckit_xss[csp][checkbox]' => TRUE,
'seckit_xss[csp][vendor-prefix][x]' => TRUE,
'seckit_xss[csp][vendor-prefix][webkit]' => TRUE,
'seckit_xss[csp][default-src]' => '*',
'seckit_xss[csp][script-src]' => '*',
'seckit_xss[csp][object-src]' => '*',
'seckit_xss[csp][style-src]' => '*',
'seckit_xss[csp][img-src]' => '*',
'seckit_xss[csp][media-src]' => '*',
'seckit_xss[csp][frame-src]' => '*',
'seckit_xss[csp][child-src]' => '*',
'seckit_xss[csp][font-src]' => '*',
'seckit_xss[csp][connect-src]' => '*',
'seckit_xss[csp][report-uri]' => $this->reportPath,
'seckit_xss[csp][policy-uri]' => 'http://mysite.com/csp.xml',
];
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$expected = 'policy-uri http://mysite.com/csp.xml';
$this
->assertEqual($expected, $this
->drupalGetHeader('Content-Security-Policy'), t('Content-Security-Policy has only policy-uri.'));
$this
->assertEqual($expected, $this
->drupalGetHeader('X-Content-Security-Policy'), t('X-Content-Security-Policy has only policy-uri.'));
$this
->assertEqual($expected, $this
->drupalGetHeader('X-WebKit-CSP'), t('X-WebKit-CSP has only policy-uri.'));
}
/**
* Tests Content Security Policy with all directives empty.
*
* In this case, we should revert back to default values.
*/
public function testCspAllDirectivesEmpty() {
$form = [
'seckit_xss[csp][checkbox]' => TRUE,
'seckit_xss[csp][vendor-prefix][x]' => TRUE,
'seckit_xss[csp][vendor-prefix][webkit]' => TRUE,
'seckit_xss[csp][default-src]' => 'self',
'seckit_xss[csp][script-src]' => '',
'seckit_xss[csp][object-src]' => '',
'seckit_xss[csp][img-src]' => '',
'seckit_xss[csp][media-src]' => '',
'seckit_xss[csp][style-src]' => '',
'seckit_xss[csp][frame-src]' => '',
'seckit_xss[csp][frame-ancestors]' => '',
'seckit_xss[csp][child-src]' => '',
'seckit_xss[csp][font-src]' => '',
'seckit_xss[csp][connect-src]' => '',
'seckit_xss[csp][report-uri]' => $this->reportPath,
'seckit_xss[csp][upgrade-req]' => FALSE,
'seckit_xss[csp][policy-uri]' => '',
];
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$expected = "default-src self; report-uri " . base_path() . $this->reportPath;
$this
->assertSession()
->responseHeaderEquals('Content-Security-Policy', $expected);
$this
->assertSession()
->responseHeaderEquals('X-Content-Security-Policy', $expected);
$this
->assertSession()
->responseHeaderEquals('X-WebKit-CSP', $expected);
}
/**
* Tests Content Security Policy in report-only mode.
*/
public function testReportOnlyCsp() {
$form['seckit_xss[csp][checkbox]'] = TRUE;
$form['seckit_xss[csp][vendor-prefix][x]'] = TRUE;
$form['seckit_xss[csp][vendor-prefix][webkit]'] = TRUE;
$form['seckit_xss[csp][report-only]'] = TRUE;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderContains('Content-Security-Policy-Report-Only', 'report-uri');
$this
->assertSession()
->responseHeaderContains('X-Content-Security-Policy-Report-Only', 'report-uri');
$this
->assertSession()
->responseHeaderContains('X-WebKit-CSP-Report-Only', 'report-uri');
}
/**
* Tests different values for Content Security Policy report-uri.
*/
public function testCspReportUri() {
$report_uris = [
[
'uri' => '//example.com/csp-report',
'absolute' => TRUE,
'valid' => TRUE,
],
[
'uri' => 'https://example.com/report-uri',
'absolute' => TRUE,
'valid' => TRUE,
],
[
'uri' => 'http://in<val>.id/url',
'absolute' => TRUE,
'valid' => FALSE,
],
[
'uri' => $this->reportPath,
'absolute' => FALSE,
'valid' => TRUE,
],
[
// This path should be accessible to all users.
'uri' => 'filter/tips',
'absolute' => FALSE,
'valid' => TRUE,
],
[
'uri' => 'non-existent-path',
'absolute' => FALSE,
'valid' => FALSE,
],
[
// Used to test URI with leading slash.
'uri' => '/' . $this->reportPath,
'absolute' => FALSE,
'valid' => TRUE,
],
];
foreach ($report_uris as $report_uri) {
$form['seckit_xss[csp][checkbox]'] = TRUE;
$form['seckit_xss[csp][vendor-prefix][x]'] = TRUE;
$form['seckit_xss[csp][vendor-prefix][webkit]'] = TRUE;
$form['seckit_xss[csp][default-src]'] = 'self';
$form['seckit_xss[csp][report-uri]'] = $report_uri['uri'];
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
if ($report_uri['valid']) {
$base_path = $report_uri['absolute'] ? '' : base_path();
$expected = 'default-src self; report-uri ' . $base_path . $report_uri['uri'];
if (!$report_uri['absolute'] && strpos($report_uri['uri'], '/') === 0) {
// In this case, check that the leading slash on the relative path
// was not mistakenly turned into two leading slashes.
$expected = 'default-src self; report-uri ' . $base_path . ltrim($report_uri['uri'], '/');
}
$this
->assertSession()
->responseHeaderEquals('Content-Security-Policy', $expected);
$this
->assertSession()
->responseHeaderEquals('X-Content-Security-Policy', $expected);
$this
->assertSession()
->responseHeaderEquals('X-WebKit-CSP', $expected);
}
else {
if ($report_uri['absolute']) {
$expected = 'The CSP report-uri seems absolute but does not seem to be a valid URI.';
$uri_type = 'absolute';
}
else {
$expected = 'The CSP report-uri seems relative but does not seem to be a valid path.';
$uri_type = 'relative';
}
$this
->assertSession()
->responseContains($expected, sprintf('Invalid %s setting for CSP report-uri was rejected.', $uri_type));
}
}
}
/**
* Tests disabled X-XSS-Protection HTTP response header.
*/
public function testXxssProtectionIsDisabled() {
$form['seckit_xss[x_xss][select]'] = SeckitInterface::X_XSS_DISABLE;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('X-XSS-Protection', NULL);
}
/**
* Tests set to 0 X-XSS-Protection HTTP response header.
*/
public function testXxssProtectionIs0() {
$form['seckit_xss[x_xss][select]'] = SeckitInterface::X_XSS_0;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('X-XSS-Protection', '0');
}
/**
* Tests set to 1 X-XSS-Protection HTTP response header.
*/
public function testXxssProtectionIs1() {
$form['seckit_xss[x_xss][select]'] = SeckitInterface::X_XSS_1;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('X-XSS-Protection', '1');
}
/**
* Tests set to 1; mode=block X-XSS-Protection HTTP response header.
*/
public function testXxssProtectionIs1Block() {
$form['seckit_xss[x_xss][select]'] = SeckitInterface::X_XSS_1_BLOCK;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('X-XSS-Protection', '1; mode=block');
}
/**
* Tests HTTP Origin allows requests from the site.
*/
public function testOriginAllowsSite() {
$form['seckit_csrf[origin]'] = TRUE;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this->originHeader = \Drupal::request()
->getSchemeAndHttpHost();
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->statusCodeEquals(200);
}
/**
* Tests HTTP Origin allows requests from the specified source.
*
* Includes a single value in the whitelist.
*/
public function testOriginAllowsSpecifiedSource() {
$form = [
'seckit_csrf[origin]' => TRUE,
'seckit_csrf[origin_whitelist]' => 'http://www.example.com',
];
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this->originHeader = 'http://www.example.com';
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->statusCodeEquals(200);
}
/**
* Tests HTTP Origin allows requests from the specified source.
*
* Includes multiple values in the whitelist.
*/
public function testOriginAllowsSpecifiedSourceMultiWhitelist() {
$form = [
'seckit_csrf[origin]' => TRUE,
'seckit_csrf[origin_whitelist]' => 'http://www.example.com, https://www.example.com, https://example.com:8080',
];
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this->originHeader = 'http://www.example.com';
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->statusCodeEquals(200);
}
/**
* Tests HTTP Origin denies request.
*/
public function testOriginDeny() {
$form['seckit_csrf[origin]'] = TRUE;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this->originHeader = 'http://www.example.com';
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertEqual([], $_POST, t('POST is empty.'));
$this
->assertSession()
->statusCodeEquals(403);
}
/**
* Tests disabled X-Frame-Options HTTP response header.
*/
public function testXframeOptionsIsDisabled() {
$form['seckit_clickjacking[x_frame]'] = SeckitInterface::X_FRAME_DISABLE;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('X-Frame-Options', NULL);
}
/**
* Tests set to SAMEORIGIN X-Frame-Options HTTP response header.
*/
public function testXframeOptionsIsSameOrigin() {
$form['seckit_clickjacking[x_frame]'] = SeckitInterface::X_FRAME_SAMEORIGIN;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('X-Frame-Options', 'SAMEORIGIN');
}
/**
* Tests set to DENY X-Frame-Options HTTP response header.
*/
public function testXframeOptionsIsDeny() {
$form['seckit_clickjacking[x_frame]'] = SeckitInterface::X_FRAME_DENY;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('X-Frame-Options', 'DENY');
}
/**
* Tests set to ALLOW-FROM X-Frame-Options HTTP response header.
*/
public function testXframeOptionsIsAllowFrom() {
$form['seckit_clickjacking[x_frame]'] = SeckitInterface::X_FRAME_ALLOW_FROM;
$form['seckit_clickjacking[x_frame_allow_from]'] = 'http://www.google.com';
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('X-Frame-Options', 'ALLOW-FROM http://www.google.com');
}
/**
* Tests JS + CSS + Noscript protection.
*/
public function testJsCssNoscript() {
$form['seckit_clickjacking[js_css_noscript]'] = TRUE;
$form['seckit_clickjacking[noscript_message]'] = 'Sorry, your JavaScript is disabled.';
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$config = \Drupal::config('seckit.settings');
$noscript_message = $config
->get('seckit_clickjacking.noscript_message');
// @TODO this was duplicated from the Event subscriber, move to function
// in .module file?
$noscript_message = $noscript_message ? $noscript_message : $config
->get('seckit_clickjacking.noscript_message');
$path = base_path() . drupal_get_path('module', 'seckit');
$code = <<<EOT
<script type="text/javascript" src="{<span class="php-variable">$path</span>}/js/seckit.document_write.js"></script>
<link type="text/css" rel="stylesheet" id="seckit-clickjacking-no-body" media="all" href="{<span class="php-variable">$path</span>}/css/seckit.no_body.css" />
<!-- stop SecKit protection -->
<noscript>
<link type="text/css" rel="stylesheet" id="seckit-clickjacking-noscript-tag" media="all" href="{<span class="php-variable">$path</span>}/css/seckit.noscript_tag.css" />
<div id="seckit-noscript-tag">
{<span class="php-variable">$noscript_message</span>}
</div>
</noscript>
EOT;
$this
->assertSession()
->responseContains($code, t('JavaScript + CSS + Noscript protection is loaded.'));
}
/**
* Tests disabled HTTP Strict Transport Security.
*/
public function testDisabledHsts() {
$form['seckit_ssl[hsts]'] = FALSE;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('Strict-Transport-Security', NULL);
}
/**
* Tests HTTP Strict Transport Security has all directives.
*/
public function testHstsAllDirectves() {
$form = [
'seckit_ssl[hsts]' => TRUE,
'seckit_ssl[hsts_max_age]' => 1000,
'seckit_ssl[hsts_subdomains]' => 1,
];
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$expected = 'max-age=1000; includeSubDomains';
$this
->assertSession()
->responseHeaderEquals('Strict-Transport-Security', $expected);
}
/**
* Tests disabled From-Origin.
*/
public function testDisabledFromOrigin() {
$form['seckit_various[from_origin]'] = FALSE;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('From-Origin', NULL);
}
/**
* Tests enabled From-Origin.
*/
public function testEnabledFromOrigin() {
$form = [
'seckit_various[from_origin]' => TRUE,
'seckit_various[from_origin_destination]' => 'same',
];
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('From-Origin', 'same');
}
/**
* Tests disabled Referrer-Policy.
*/
public function testDisabledReferrerPolicy() {
$form['seckit_various[referrer_policy]'] = FALSE;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('Referrer-Policy', NULL);
}
/**
* Tests enabled Referrer-Policy.
*/
public function testEnabledReferrerPolicy() {
$form = [
'seckit_various[referrer_policy]' => TRUE,
'seckit_various[referrer_policy_policy]' => 'no-referrer-when-downgrade',
];
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('Referrer-Policy', 'no-referrer-when-downgrade');
}
/**
* Tests disabled Expect-CT.
*/
public function testDisabledExpectCt() {
$form['seckit_ct[expect_ct]'] = FALSE;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('Expect-CT', NULL);
}
/**
* Tests Enable Expect-CT.
*/
public function testEnableExpectCt() {
$form = [
'seckit_ct[expect_ct]' => TRUE,
'seckit_ct[max_age]' => 86400,
'seckit_ct[enforce]' => TRUE,
'seckit_ct[report_uri]' => 'https://www.example.com/report',
];
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$expected = 'max-age=86400, enforce, report-uri="https://www.example.com/report"';
$this
->assertSession()
->responseHeaderEquals('Expect-CT', $expected);
}
/**
* Tests disabled feature-policy.
*/
public function testDisabledFeaturePolicy() {
$form['seckit_fp[feature_policy]'] = FALSE;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertSession()
->responseHeaderEquals('Feature-Policy', NULL);
}
/**
* Tests enabled feature-policy.
*/
public function testEnabledFeaturePolicy() {
$form = [
'seckit_fp[feature_policy]' => TRUE,
'seckit_fp[feature_policy_policy]' => "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'",
];
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$expected = "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'";
$this
->assertSession()
->responseHeaderEquals('Feature-Policy', $expected);
}
/**
* Adds an origin to requests if $this->originHeader is set.
*
* @return \Closure
* A callback that adds an origin header to the request if necessary.
*/
protected function secKitRequestHeader() {
return function (callable $handler) {
return function (RequestInterface $request, array $options) use ($handler) {
if ($this->originHeader) {
$request = $request
->withHeader('origin', $this->originHeader);
}
return $handler($request, $options);
};
};
}
}Members
Name |
Modifiers | Type | Description | Overrides |
|---|---|---|---|---|
|
AssertLegacyTrait:: |
protected | function | ||
|
AssertLegacyTrait:: |
protected | function | Asserts whether an expected cache tag was present in the last response. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that the element with the given CSS selector is not present. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that the element with the given CSS selector is present. | |
|
AssertLegacyTrait:: |
protected | function | ||
|
AssertLegacyTrait:: |
protected | function | Passes if the raw text IS found escaped on the loaded page, fail otherwise. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field exists with the given name or ID. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field exists with the given ID and value. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field exists with the given name and value. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field exists in the current page by the given XPath. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a checkbox field in the current page is checked. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field exists in the current page with a given Xpath result. | |
|
AssertLegacyTrait:: |
protected | function | Checks that current response header equals value. | |
|
AssertLegacyTrait:: |
protected | function | ||
|
AssertLegacyTrait:: |
protected | function | ||
|
AssertLegacyTrait:: |
protected | function | Passes if a link with the specified label is found. | |
|
AssertLegacyTrait:: |
protected | function | Passes if a link containing a given href (part) is found. | |
|
AssertLegacyTrait:: |
protected | function | Asserts whether an expected cache tag was absent in the last response. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the raw text is not found escaped on the loaded page. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field does NOT exist with the given name or ID. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field does not exist with the given ID and value. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field does not exist with the given name and value. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a field does not exist or its value does not match, by XPath. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a checkbox field in the current page is not checked. | |
|
AssertLegacyTrait:: |
protected | function | Passes if a link with the specified label is not found. | |
|
AssertLegacyTrait:: |
protected | function | Passes if a link containing a given href (part) is not found. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a select option does NOT exist in the current page. | |
|
AssertLegacyTrait:: |
protected | function | Triggers a pass if the Perl regex pattern is not found in the raw content. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the raw text IS not found on the loaded page, fail otherwise. | |
|
AssertLegacyTrait:: |
protected | function | ||
|
AssertLegacyTrait:: |
protected | function | Passes if the page (with HTML stripped) does not contains the text. | |
|
AssertLegacyTrait:: |
protected | function | ||
|
AssertLegacyTrait:: |
protected | function | Passes if the text is found MORE THAN ONCE on the text version of the page. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a select option in the current page exists. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a select option with the visible text exists. | |
|
AssertLegacyTrait:: |
protected | function | Asserts that a select option in the current page is checked. | |
|
AssertLegacyTrait:: |
protected | function | Triggers a pass if the Perl regex pattern is found in the raw content. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the raw text IS found on the loaded page, fail otherwise. | |
|
AssertLegacyTrait:: |
protected | function | Asserts the page responds with the specified response code. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the page (with HTML stripped) contains the text. | |
|
AssertLegacyTrait:: |
protected | function | Helper for assertText and assertNoText. | |
|
AssertLegacyTrait:: |
protected | function | Pass if the page title is the given string. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the text is found ONLY ONCE on the text version of the page. | |
|
AssertLegacyTrait:: |
protected | function | Passes if the internal browser's URL matches the given path. | |
|
AssertLegacyTrait:: |
protected | function | Builds an XPath query. | |
|
AssertLegacyTrait:: |
protected | function | Helper: Constructs an XPath for the given set of attributes and value. | |
|
AssertLegacyTrait:: |
protected | function | Get all option elements, including nested options, in a select. | |
|
AssertLegacyTrait:: |
protected | function | Gets the current raw content. | |
|
AssertLegacyTrait:: |
protected | function | ||
|
AssertLegacyTrait:: |
protected | function | ||
|
BlockCreationTrait:: |
protected | function | Creates a block instance based on default settings. Aliased as: drupalPlaceBlock | |
|
BrowserHtmlDebugTrait:: |
protected | property | The Base URI to use for links to the output files. | |
|
BrowserHtmlDebugTrait:: |
protected | property | Class name for HTML output logging. | |
|
BrowserHtmlDebugTrait:: |
protected | property | Counter for HTML output logging. | |
|
BrowserHtmlDebugTrait:: |
protected | property | Counter storage for HTML output logging. | |
|
BrowserHtmlDebugTrait:: |
protected | property | Directory name for HTML output logging. | |
|
BrowserHtmlDebugTrait:: |
protected | property | HTML output output enabled. | |
|
BrowserHtmlDebugTrait:: |
protected | property | The file name to write the list of URLs to. | |
|
BrowserHtmlDebugTrait:: |
protected | property | HTML output test ID. | |
|
BrowserHtmlDebugTrait:: |
protected | function | Formats HTTP headers as string for HTML output logging. | |
|
BrowserHtmlDebugTrait:: |
protected | function | Returns headers in HTML output format. | 1 |
|
BrowserHtmlDebugTrait:: |
protected | function | Provides a Guzzle middleware handler to log every response received. | |
|
BrowserHtmlDebugTrait:: |
protected | function | Logs a HTML output message in a text file. | |
|
BrowserHtmlDebugTrait:: |
protected | function | Creates the directory to store browser output. | |
|
BrowserTestBase:: |
protected | property | The base URL. | |
|
BrowserTestBase:: |
protected | property | The config importer that can be used in a test. | |
|
BrowserTestBase:: |
protected | property | An array of custom translations suitable for drupal_rewrite_settings(). | |
|
BrowserTestBase:: |
protected | property | The database prefix of this test run. | |
|
BrowserTestBase:: |
protected | property | Mink session manager. | |
|
BrowserTestBase:: |
protected | property | Mink default driver params. | |
|
BrowserTestBase:: |
protected | property | Mink class for the default driver to use. | 1 |
|
BrowserTestBase:: |
protected | property | The original container. | |
|
BrowserTestBase:: |
protected | property | The original array of shutdown function callbacks. | |
|
BrowserTestBase:: |
protected | property | ||
|
BrowserTestBase:: |
protected | property | The profile to install as a basis for testing. | 39 |
|
BrowserTestBase:: |
protected | property | The app root. | |
|
BrowserTestBase:: |
protected | property | Browser tests are run in separate processes to prevent collisions between code that may be loaded by tests. | |
|
BrowserTestBase:: |
protected | property | Time limit in seconds for the test. | |
|
BrowserTestBase:: |
protected | property | The translation file directory for the test environment. | |
|
BrowserTestBase:: |
protected | function | Clean up the Simpletest environment. | |
|
BrowserTestBase:: |
protected | function | Configuration accessor for tests. Returns non-overridden configuration. | |
|
BrowserTestBase:: |
protected | function | Gets the value of an HTTP response header. | |
|
BrowserTestBase:: |
public static | function | Ensures test files are deletable. | |
|
BrowserTestBase:: |
protected | function | Gets an instance of the default Mink driver. | |
|
BrowserTestBase:: |
protected | function | Gets the JavaScript drupalSettings variable for the currently-loaded page. | 1 |
|
BrowserTestBase:: |
protected | function | Obtain the HTTP client for the system under test. | |
|
BrowserTestBase:: |
protected | function | Get the Mink driver args from an environment variable, if it is set. Can be overridden in a derived class so it is possible to use a different value for a subset of tests, e.g. the JavaScript tests. | 1 |
|
BrowserTestBase:: |
protected | function | Helper function to get the options of select field. | |
|
BrowserTestBase:: |
public | function | Returns Mink session. | |
|
BrowserTestBase:: |
protected | function | Get session cookies from current session. | |
|
BrowserTestBase:: |
protected | function |
Retrieves the current calling line in the class under test. Overrides BrowserHtmlDebugTrait:: |
|
|
BrowserTestBase:: |
protected | function | Visits the front page when initializing Mink. | 3 |
|
BrowserTestBase:: |
protected | function | Initializes Mink sessions. | 1 |
|
BrowserTestBase:: |
public | function | Installs Drupal into the Simpletest site. | 1 |
|
BrowserTestBase:: |
protected | function | Registers additional Mink sessions. | |
|
BrowserTestBase:: |
protected | function | Sets up the root application path. | |
|
BrowserTestBase:: |
public static | function | 1 | |
|
BrowserTestBase:: |
protected | function | 3 | |
|
BrowserTestBase:: |
protected | function | Transforms a nested array into a flat array suitable for submitForm(). | |
|
BrowserTestBase:: |
protected | function | Performs an xpath search on the contents of the internal browser. | |
|
BrowserTestBase:: |
public | function | Prevents serializing any properties. | |
|
ConfigTestTrait:: |
protected | function | Returns a ConfigImporter object to import test configuration. | |
|
ConfigTestTrait:: |
protected | function | Copies configuration objects from source storage to target storage. | |
|
ContentTypeCreationTrait:: |
protected | function | Creates a custom content type based on default settings. Aliased as: drupalCreateContentType | 1 |
|
ExtensionListTestTrait:: |
protected | function | Gets the path for the specified module. | |
|
ExtensionListTestTrait:: |
protected | function | Gets the path for the specified theme. | |
|
FunctionalTestSetupTrait:: |
protected | property | The flag to set 'apcu_ensure_unique_prefix' setting. | 1 |
|
FunctionalTestSetupTrait:: |
protected | property | The class loader to use for installation and initialization of setup. | |
|
FunctionalTestSetupTrait:: |
protected | property | The "#1" admin user. | |
|
FunctionalTestSetupTrait:: |
protected | function | Execute the non-interactive installer. | 1 |
|
FunctionalTestSetupTrait:: |
protected | function | Returns all supported database driver installer objects. | |
|
FunctionalTestSetupTrait:: |
protected | function | Initialize various configurations post-installation. | 1 |
|
FunctionalTestSetupTrait:: |
protected | function | Initializes the kernel after installation. | |
|
FunctionalTestSetupTrait:: |
protected | function | Initialize settings created during install. | |
|
FunctionalTestSetupTrait:: |
protected | function | Initializes user 1 for the site to be installed. | |
|
FunctionalTestSetupTrait:: |
protected | function | Installs the default theme defined by `static::$defaultTheme` when needed. | |
|
FunctionalTestSetupTrait:: |
protected | function | Install modules defined by `static::$modules`. | 1 |
|
FunctionalTestSetupTrait:: |
protected | function | Returns the parameters that will be used when Simpletest installs Drupal. | 9 |
|
FunctionalTestSetupTrait:: |
protected | function | Prepares the current environment for running the test. | 20 |
|
FunctionalTestSetupTrait:: |
protected | function | Creates a mock request and sets it on the generator. | |
|
FunctionalTestSetupTrait:: |
protected | function | Prepares site settings and services before installation. | 2 |
|
FunctionalTestSetupTrait:: |
protected | function | Resets and rebuilds the environment after setup. | |
|
FunctionalTestSetupTrait:: |
protected | function | Rebuilds \Drupal::getContainer(). | |
|
FunctionalTestSetupTrait:: |
protected | function | Resets all data structures after having enabled new modules. | |
|
FunctionalTestSetupTrait:: |
protected | function | Changes parameters in the services.yml file. | |
|
FunctionalTestSetupTrait:: |
protected | function | Sets up the base URL based upon the environment variable. | |
|
FunctionalTestSetupTrait:: |
protected | function | Rewrites the settings.php file of the test site. | 1 |
|
NodeCreationTrait:: |
protected | function | Creates a node based on default settings. Aliased as: drupalCreateNode | |
|
NodeCreationTrait:: |
public | function | Get a node from the database based on its title. Aliased as: drupalGetNodeByTitle | |
|
PhpUnitWarnings:: |
private static | property | Deprecation warnings from PHPUnit to raise with @trigger_error(). | |
|
PhpUnitWarnings:: |
public | function | Converts PHPUnit deprecation warnings to E_USER_DEPRECATED. | |
|
RandomGeneratorTrait:: |
protected | property | The random generator. | |
|
RandomGeneratorTrait:: |
protected | function | Gets the random generator for the utility methods. | |
|
RandomGeneratorTrait:: |
protected | function | Generates a unique random string containing letters and numbers. | 1 |
|
RandomGeneratorTrait:: |
public | function | Generates a random PHP object. | |
|
RandomGeneratorTrait:: |
public | function | Generates a pseudo-random string of ASCII characters of codes 32 to 126. | |
|
RandomGeneratorTrait:: |
public | function | Callback for random string validation. | |
|
RefreshVariablesTrait:: |
protected | function | Refreshes in-memory configuration and state information. | 1 |
|
SecKitTestCaseTest:: |
private | property | Admin user for tests. | |
|
SecKitTestCaseTest:: |
protected | property |
The theme to install as the default for testing. Overrides BrowserTestBase:: |
|
|
SecKitTestCaseTest:: |
public static | property |
Array of modules to enable. Overrides BrowserTestBase:: |
|
|
SecKitTestCaseTest:: |
protected | property | If set all requests made with have an origin header set with its value. | |
|
SecKitTestCaseTest:: |
private | property | CSP report url. | |
|
SecKitTestCaseTest:: |
protected | function | Adds an origin to requests if $this->originHeader is set. | |
|
SecKitTestCaseTest:: |
public | function |
Overrides BrowserTestBase:: |
|
|
SecKitTestCaseTest:: |
public | function | Tests Content Security Policy with all directives empty. | |
|
SecKitTestCaseTest:: |
public | function | Tests Content Security Policy with all enabled directives. | |
|
SecKitTestCaseTest:: |
public | function | Tests Content Security Policy with policy-uri directive. | |
|
SecKitTestCaseTest:: |
public | function | Tests different values for Content Security Policy report-uri. | |
|
SecKitTestCaseTest:: |
public | function | Tests Content Security Policy with X-Content-Security-Policy header. | |
|
SecKitTestCaseTest:: |
public | function | Tests Content Security Policy without vendor-prefixed headers. | |
|
SecKitTestCaseTest:: |
public | function | Tests Content Security Policy with the X-WebKit-CSP vendor-prefixed header. | |
|
SecKitTestCaseTest:: |
public | function | Tests disabled Content Security Policy. | |
|
SecKitTestCaseTest:: |
public | function | Tests disabled Expect-CT. | |
|
SecKitTestCaseTest:: |
public | function | Tests disabled feature-policy. | |
|
SecKitTestCaseTest:: |
public | function | Tests disabled From-Origin. | |
|
SecKitTestCaseTest:: |
public | function | Tests disabled HTTP Strict Transport Security. | |
|
SecKitTestCaseTest:: |
public | function | Tests disabled Referrer-Policy. | |
|
SecKitTestCaseTest:: |
public | function | Tests enabled feature-policy. | |
|
SecKitTestCaseTest:: |
public | function | Tests enabled From-Origin. | |
|
SecKitTestCaseTest:: |
public | function | Tests enabled Referrer-Policy. | |
|
SecKitTestCaseTest:: |
public | function | Tests Enable Expect-CT. | |
|
SecKitTestCaseTest:: |
public | function | Tests HTTP Strict Transport Security has all directives. | |
|
SecKitTestCaseTest:: |
public | function | Tests JS + CSS + Noscript protection. | |
|
SecKitTestCaseTest:: |
public | function | Tests HTTP Origin allows requests from the site. | |
|
SecKitTestCaseTest:: |
public | function | Tests HTTP Origin allows requests from the specified source. | |
|
SecKitTestCaseTest:: |
public | function | Tests HTTP Origin allows requests from the specified source. | |
|
SecKitTestCaseTest:: |
public | function | Tests HTTP Origin denies request. | |
|
SecKitTestCaseTest:: |
public | function | Tests Content Security Policy in report-only mode. | |
|
SecKitTestCaseTest:: |
public | function | Tests set to ALLOW-FROM X-Frame-Options HTTP response header. | |
|
SecKitTestCaseTest:: |
public | function | Tests set to DENY X-Frame-Options HTTP response header. | |
|
SecKitTestCaseTest:: |
public | function | Tests disabled X-Frame-Options HTTP response header. | |
|
SecKitTestCaseTest:: |
public | function | Tests set to SAMEORIGIN X-Frame-Options HTTP response header. | |
|
SecKitTestCaseTest:: |
public | function | Tests set to 0 X-XSS-Protection HTTP response header. | |
|
SecKitTestCaseTest:: |
public | function | Tests set to 1 X-XSS-Protection HTTP response header. | |
|
SecKitTestCaseTest:: |
public | function | Tests set to 1; mode=block X-XSS-Protection HTTP response header. | |
|
SecKitTestCaseTest:: |
public | function | Tests disabled X-XSS-Protection HTTP response header. | |
|
SessionTestTrait:: |
protected | property | The name of the session cookie. | |
|
SessionTestTrait:: |
protected | function | Generates a session cookie name. | |
|
SessionTestTrait:: |
protected | function | Returns the session name in use on the child site. | |
|
StorageCopyTrait:: |
protected static | function | Copy the configuration from one storage to another and remove stale items. | |
|
TestRequirementsTrait:: |
private | function | Checks missing module requirements. | |
|
TestRequirementsTrait:: |
protected | function | Check module requirements for the Drupal use case. | 1 |
|
TestRequirementsTrait:: |
protected static | function | Returns the Drupal root directory. | |
|
TestSetupTrait:: |
protected static | property | An array of config object names that are excluded from schema checking. | |
|
TestSetupTrait:: |
protected | property | The dependency injection container used in the test. | |
|
TestSetupTrait:: |
protected | property | The DrupalKernel instance used in the test. | |
|
TestSetupTrait:: |
protected | property | The site directory of the original parent site. | |
|
TestSetupTrait:: |
protected | property | The private file directory for the test environment. | |
|
TestSetupTrait:: |
protected | property | The public file directory for the test environment. | |
|
TestSetupTrait:: |
protected | property | The site directory of this test run. | |
|
TestSetupTrait:: |
protected | property | Set to TRUE to strict check all configuration saved. | 1 |
|
TestSetupTrait:: |
protected | property | The temporary file directory for the test environment. | |
|
TestSetupTrait:: |
protected | property | The test run ID. | |
|
TestSetupTrait:: |
protected | function | Changes the database connection to the prefixed one. | |
|
TestSetupTrait:: |
protected | function | Gets the config schema exclusions for this test. | |
|
TestSetupTrait:: |
public static | function | Returns the database connection to the site running Simpletest. | |
|
TestSetupTrait:: |
protected | function | Generates a database prefix for running tests. | 1 |
|
UiHelperTrait:: |
protected | property | The current user logged in using the Mink controlled browser. | |
|
UiHelperTrait:: |
protected | property | The number of meta refresh redirects to follow, or NULL if unlimited. | |
|
UiHelperTrait:: |
protected | property | The number of meta refresh redirects followed during ::drupalGet(). | |
|
UiHelperTrait:: |
public | function | Returns WebAssert object. | 1 |
|
UiHelperTrait:: |
protected | function | Builds an absolute URL from a system path or a URL object. | |
|
UiHelperTrait:: |
protected | function | Checks for meta refresh tag and if found call drupalGet() recursively. | |
|
UiHelperTrait:: |
protected | function | Clicks the element with the given CSS selector. | |
|
UiHelperTrait:: |
protected | function | Follows a link by complete name. | |
|
UiHelperTrait:: |
protected | function | Searches elements using a CSS selector in the raw content. | |
|
UiHelperTrait:: |
protected | function | Translates a CSS expression to its XPath equivalent. | |
|
UiHelperTrait:: |
protected | function | Retrieves a Drupal path or an absolute path. | 2 |
|
UiHelperTrait:: |
protected | function | Logs in a user using the Mink controlled browser. | |
|
UiHelperTrait:: |
protected | function | Logs a user out of the Mink controlled browser and confirms. | |
|
UiHelperTrait:: |
protected | function | Executes a form submission. | |
|
UiHelperTrait:: |
protected | function | Returns whether a given user account is logged in. | |
|
UiHelperTrait:: |
protected | function | Takes a path and returns an absolute path. | |
|
UiHelperTrait:: |
protected | function | Retrieves the plain-text content from the current page. | |
|
UiHelperTrait:: |
protected | function | Get the current URL from the browser. | |
|
UiHelperTrait:: |
protected | function | Determines if test is using DrupalTestBrowser. | |
|
UiHelperTrait:: |
protected | function | Prepare for a request to testing site. | 1 |
|
UiHelperTrait:: |
protected | function | Fills and submits a form. | |
|
UserCreationTrait:: |
protected | function | Checks whether a given list of permission names is valid. | |
|
UserCreationTrait:: |
protected | function | Creates an administrative role. | |
|
UserCreationTrait:: |
protected | function | Creates a role with specified permissions. Aliased as: drupalCreateRole | |
|
UserCreationTrait:: |
protected | function | Create a user with a given set of permissions. Aliased as: drupalCreateUser | |
|
UserCreationTrait:: |
protected | function | Grant permissions to a user role. | |
|
UserCreationTrait:: |
protected | function | Switch the current logged in user. | |
|
UserCreationTrait:: |
protected | function | Creates a random user account and sets it as current user. | |
|
XdebugRequestTrait:: |
protected | function | Adds xdebug cookies, from request setup. |