You are here

Home » API reference » Secure Pages 8 » SecurepagesTest.php » SecurepagesTest

function SecurepagesTest::_testFormAlter in Secure Pages 8

Tests the ability to alter form actions.

Uses the comment form, since it has an #action set.

1 call to SecurepagesTest::_testFormAlter()
SecurepagesTest::testSecurePages in src/Tests/SecurepagesTest.php
Runs all the tests in a sequence to avoid multiple re-installs.

File

src/Tests/SecurepagesTest.php, line 160
Contains \Drupal\securepages\Tests\SecurepagesTest.

Class

SecurepagesTest
Test Secure Pages redirects.

Namespace

Drupal\securepages\Tests

Code

function _testFormAlter() {
  $config = \Drupal::configFactory()
    ->getEditable('securepages.settings');
  $config
    ->set('switch', TRUE)
    ->save();

  // Enable anonymous user comments.
  user_role_change_permissions(AccountInterface::ANONYMOUS_ROLE, [
    'access comments' => TRUE,
    'post comments' => TRUE,
    'skip comment approval' => TRUE,
  ]);
  $account = $this
    ->drupalCreateUser([
    'access content',
    'access comments',
    'post comments',
    'skip comment approval',
  ]);
  $node = $this
    ->drupalCreateNode([
    'type' => 'article',
    'promote' => 1,
  ]);
  foreach (array(
    'anonymous',
    'authenticated',
  ) as $mode) {
    if ($mode == 'authenticated') {
      $this
        ->drupalLogin($account);
    }

    // Test plain HTTP posting to HTTPS.
    $config
      ->set('pages', [
      '/comment/reply/*',
      '/user*',
    ])
      ->save();
    $this
      ->drupalGet('node/' . $node
      ->id(), [
      'https' => FALSE,
    ]);
    $this
      ->assertFieldByXPath('//form[@class="comment-form" and starts-with(@action, "https:")]', NULL, "The {$mode} comment form action is https.");
    $this
      ->drupalPostForm(NULL, [
      'comment_body[0][value]' => 'test comment',
    ], t('Save'));
    $this
      ->assertRaw(t('Your comment has been posted.'));

    // Test HTTPS posting to plain HTTP.
    $config
      ->set('pages', [
      '/node/*',
      '/user*',
    ])
      ->save();
    $this
      ->drupalGet('node/' . $node
      ->id(), [
      'https' => TRUE,
    ]);
    $this
      ->assertUrl(Url::fromRoute('entity.node.canonical', [
      'node' => $node
        ->id(),
    ], [
      'https' => TRUE,
      'absolute' => TRUE,
    ]));
    $this
      ->assertFieldByXPath('//form[@class="comment-form" and starts-with(@action, "http:")]', NULL, "The {$mode} comment form action is http.");
    $this
      ->drupalPostForm(NULL, [
      'comment_body[0][value]' => 'test',
    ], t('Save'));
    $this
      ->assertRaw(t('Your comment has been posted.'));
  }
  $this
    ->drupalLogout();

  // Test the user login block.
  $this
    ->drupalGet('');
  $edit = [
    'name' => $account
      ->getAccountName(),
    'pass' => $account->pass_raw,
  ];
  $this
    ->drupalPostForm(NULL, $edit, t('Log in'));
  $this
    ->drupalGet('user/' . $account
    ->id() . '/edit');
  $this
    ->assertResponse(200);

  // Clean up.
  $this
    ->drupalLogout();
  $config
    ->set('switch', FALSE)
    ->set('pages', $this->pages_default)
    ->save();
}