You are here

class SecureSiteTest in Secure Site 5

Same name and namespace in other branches
  1. 6 tests/securesite.test \SecureSiteTest

Unit tests for the Secure Site module

Test coverage holes:

  • Bypass when logged in as User #1 (can't access user #1's password to

authenticate)

  • Bypass when using CLI (drush doesn't get normal HTTP response codes)

Hierarchy

Expanded class hierarchy of SecureSiteTest

File

tests/securesite.test, line 16
Secure Site module unit tests

View source
class SecureSiteTest extends DrupalTestCase {

  /**
   * Drupal SimpleTest method: return metadata about the test
   */
  function get_info() {
    return array(
      'name' => t('Secure Site (Caching disabled)'),
      'desc' => t('Executes the Secure Site module test suite with caching disabled.'),
      'group' => t('Secure Site module'),
    );
  }
  function setUp() {

    // Disable cache
    $this
      ->drupalVariableSet('cache', CACHE_DISABLED);

    // Always call the setUp() function from the parent class
    parent::setUp();
  }

  /**
   * Check prerequisites
   */
  function testPrerequisites() {

    // 'Access secured pages' permission should be disabled for the
    // authenticated or anonymous user for the tests to work correctly
    $this
      ->assertFalse(array_key_exists(DRUPAL_ANONYMOUS_RID, user_roles(FALSE, 'access secured pages')), t('Prerequisite Test #1; failure indicates other test results can\'t be trusted') . ': %s');
    $this
      ->assertFalse(array_key_exists(DRUPAL_AUTHENTICATED_RID, user_roles(FALSE, 'access secured pages')), t('Prerequisite Test #2;  failure indicates other test results can\'t be trusted') . ': %s');
  }

  /**
   * Check that using the deprecated HTTP Auth alternative method doesn't cause
   * sites to be inaccessible (they should be accessible to anonymous users)
   */
  function testLoginHTTPDeprecated() {
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH_ALT);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));

    // Passing NULL to url() returns the base site path
    $this
      ->assertResponse('200', t('Login: Deprecated HTTP Auth Alt') . ': %s');
    $this
      ->assertNoAuthentication();
  }

  /**
   * Check that anonymous users get the correct headers when using HTTP Auth
   */
  function testLoginAnonymousHTTP() {
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('Login: Anonymous HTTP Auth') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm(variable_get('securesite_realm', variable_get('site_name', 'Drupal')));
  }

  /**
   * Check that anonymous users get the correct headers when using the HTML
   * login form
   */
  function testLoginAnonymousHTML() {
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_FORM);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('200', t('Login: Anonymous HTML form') . ': %s');
    $this
      ->assertNoAuthentication();
    $this
      ->assertWantedRaw('<h1>Login</h1>');
  }

  /**
   * Check that anonymous users get the correct headers when Secure Site is
   * disabled
   */
  function testLoginAnonymousDisabled() {
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_DISABLED);
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('200', t('Login: Disabled') . ': %s');
    $this
      ->assertNoAuthentication();
  }

  /**
   * Check that privileged users can login with HTTP Auth enabled
   */
  function testLoginPrivilegedHTTP() {
    $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
    $privileged_user = $this
      ->drupalCreateUserRolePerm(array(
      'access content',
      'access secured pages',
    ));
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->drupalGet(url("user/{$privileged_user->uid}", NULL, NULL, TRUE));
    $this
      ->assertResponse('401');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
    $this
      ->authenticate($privileged_user->name, $privileged_user->pass_raw);
    $this
      ->assertResponse('200', t('Login: Privileged HTTP Auth') . ': %s');
    $this
      ->assertNoAuthentication();
    $this
      ->assertText($privileged_user->name);
    $this
      ->drupalGet(url('logout', NULL, NULL, TRUE));
    $this
      ->assertResponse('401');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
  }

  /**
   * Check that unprivileged users get HTTP Auth when accessing secure pages
   */
  function testLoginUnprivilegedHTTP() {
    $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
    $unprivileged_user = $this
      ->drupalCreateUserRolePerm(array(
      'access content',
    ));
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('Login: Unprivileged HTTP Auth') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
    $this
      ->authenticate($unprivileged_user->name, $unprivileged_user->pass_raw);
    $this
      ->assertResponse('401');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
    $this
      ->drupalGet(url('logout', NULL, NULL, TRUE));
    $this
      ->assertResponse('401');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
  }

  /**
   * Check that unprivileged users don't get HTTP Auth when accessing unsecured pages
   */
  function testLoginUnprivileged() {
    $unprivileged_user = $this
      ->drupalCreateUserRolePerm(array(
      'access content',
    ));
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', 'admin');
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('200', t('Login: Unprivileged unsecured') . ': %s');
    $this
      ->assertNoAuthentication();
    $this
      ->assertText('User login');
    $this
      ->drupalLoginUser($unprivileged_user);
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->assertNoText('User login');
  }

  /**
   * Check that users are able to login and logout from unsecured portions of
   * the site after using the normal Drupal login form
   */
  function testLogoutUnsecure() {
    $privileged_user = $this
      ->drupalCreateUserRolePerm(array(
      'access content',
      'access secured pages',
    ));
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);

    // '/user' has to be whitelisted because drupalLoginUser() goes there to
    // login
    $this
      ->drupalVariableSet('securesite_filter_pages', "<front>\nuser");
    $this
      ->drupalGet(url('<front>', NULL, NULL, TRUE));
    $this
      ->assertResponse('200', t('Logout: Unsecure') . ': %s');
    $this
      ->assertNoAuthentication();
    $this
      ->drupalLoginUser($privileged_user);
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->drupalGet(url('logout', NULL, NULL, TRUE));
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
  }

  /**
   * Check that users get an access denied warning when accessing secured
   * portions of the site if they've already logged in and don't have access to
   * the secure portion
   */
  function testAccessDenied() {
    $privileged_user = $this
      ->drupalCreateUserRolePerm(array(
      'access content',
      'access secured pages',
    ));
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', "<front>\nuser");
    $this
      ->drupalLoginUser($privileged_user);
    $this
      ->drupalGet(url('user/1', NULL, NULL, TRUE));
    $this
      ->assertResponse('403', t('Access Denied') . ': %s');
    $this
      ->assertWantedRaw('Access denied');
    $this
      ->drupalGet(url('logout', NULL, NULL, TRUE));
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
  }

  /**
   * Check that guests can login when guest mode is enabled (a username and
   * password are set)
   */
  function testGuestLogin() {
    $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->drupalVariableSet('securesite_guest_name', 'foo');
    $this
      ->drupalVariableSet('securesite_guest_pass', 'bar');
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('Guest Mode: Login') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
    $this
      ->authenticate('foo', 'bar');
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();

    // Age the session by 30 days to make sure it will be cleaned up and
    // restart the test browser
    $this
      ->ageCookies(3600 * 24 * 30);
    $this
      ->restart();

    // Now, check that HTTP Auth works normally
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('Guest Mode: Logout') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
  }

  /**
   * Check that users get the correct page after previously logging in as a
   * guest and not forcing a guest logout
   */
  function testGuestFirstUnclean() {
    $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
    $privileged_user = $this
      ->drupalCreateUserRolePerm(array(
      'access content',
      'access secured pages',
    ));

    // Login as a guest first
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->drupalVariableSet('securesite_guest_name', 'foo');
    $this
      ->drupalVariableSet('securesite_guest_pass', 'bar');
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('Guest Mode: Guest First Unclean') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
    $this
      ->authenticate('foo', 'bar');
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->assertText('User login');

    // Now, restart (since logout isn't possible for guests) and login as a
    // privileged user
    $this
      ->restart();
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->assertText('User login');
    $this
      ->drupalLoginUser($privileged_user);
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->assertNoText('User login');
  }

  /**
   * Check that users get the correct page after previously logging in as a
   * guest
   */
  function testGuestFirstClean() {
    $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
    $privileged_user = $this
      ->drupalCreateUserRolePerm(array(
      'access content',
      'access secured pages',
    ));

    // Login as a guest first
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->drupalVariableSet('securesite_guest_name', 'foo');
    $this
      ->drupalVariableSet('securesite_guest_pass', 'bar');
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('Guest Mode: Guest First Clean') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
    $this
      ->authenticate('foo', 'bar');
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->assertText('User login');

    // Now, force guest logout, restart, and login as a privileged user
    $this
      ->ageCookies(3600 * 24 * 30);
    $this
      ->restart();
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('401');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
    $this
      ->authenticate($privileged_user->name, $privileged_user->pass_raw);
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->assertNoText('User login');
  }

  /**
   * Check that guests get the correct page after previously logging in as a
   * user
   */
  function testGuestSecond() {
    $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
    $privileged_user = $this
      ->drupalCreateUserRolePerm(array(
      'access content',
      'access secured pages',
    ));

    // Login as a privileged user first
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->drupalVariableSet('securesite_guest_name', 'foo');
    $this
      ->drupalVariableSet('securesite_guest_pass', 'bar');
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('Guest Mode: Guest Second') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
    $this
      ->authenticate($privileged_user->name, $privileged_user->pass_raw);
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->assertNoText('User login');
    $this
      ->drupalGet(url('logout', NULL, NULL, TRUE));

    // Now, login as a guest
    $this
      ->assertResponse('401');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
    $this
      ->authenticate('foo', 'bar');
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->assertText('User login');
  }

  /**
   * Check that guests are logged out if user had logged in after being a guest
   */
  function testGuestUserLogout() {
    $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
    $privileged_user = $this
      ->drupalCreateUserRolePerm(array(
      'access content',
      'access secured pages',
    ));

    // Login as a guest first
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', 'user*');
    $this
      ->drupalVariableSet('securesite_guest_name', 'foo');
    $this
      ->drupalVariableSet('securesite_guest_pass', 'bar');
    $this
      ->drupalGet(url('user/login', NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('Guest Mode: Guest and User Logout') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
    $this
      ->authenticate('foo', 'bar');
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();

    // Now, login as a privileged user
    $this
      ->assertText('User account');
    $this
      ->drupalLoginUser($privileged_user);
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->assertNoText('User login');

    // Now, logout should trigger an auth dialog
    $this
      ->drupalGet(url('logout', NULL, NULL, TRUE));
    $this
      ->assertResponse('401');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
  }

  /**
   * Check that guest mode is correctly disabled when no username and password
   * are set
   */
  function testGuestDisabled() {
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->drupalVariableSet('securesite_guest_name', NULL);
    $this
      ->drupalVariableSet('securesite_guest_pass', NULL);
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('Guest Mode: Disabled') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm(variable_get('securesite_realm', variable_get('site_name', 'Drupal')));
  }

  /**
   * Test the cron bypass
   */
  function testBypassCron() {
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->drupalGet(url('cron.php', NULL, NULL, TRUE));
    $this
      ->assertResponse('200', t('Bypass: cron') . ': %s');
    $this
      ->assertNoAuthentication();
  }

  /**
   * Test the user #1 bypass
   *
   * TODO: Test disabled since it's not possible to get user #1's password to
   * test login
   */

  /*
    function testBypassUser1() {
      $user_one = user_load(array('uid' => 1));
      $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
      $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
      $this->drupalVariableSet('securesite_filter_pages', '');
      $this->drupalGet(url("user/$user_one->uid", NULL, NULL, TRUE));
      $this->authenticate($user_one->name, $user_one->pass);
      $this->assertResponse('200', t('Bypass Test #4') .': %s');
      $this->assertNoAuthentication();
      $this->assertText($user_one->name);
      $this->drupalGet(url('logout', NULL, NULL, TRUE));
    }
  */

  /**
   * Test whitelist
   */
  function testWhitelist() {
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', 'admin/*');
    $this
      ->drupalGet(url('admin/content', NULL, NULL, TRUE));
    $this
      ->assertResponse('403', t('Whitelist') . ': %s');
    $this
      ->assertNoAuthentication();
    $this
      ->assertText('Access denied');
  }

  /**
   * Test blacklist
   */
  function testBlacklist() {
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', 'admin/*');
    $this
      ->drupalGet(url('admin/content', NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('Blacklist') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm(variable_get('securesite_realm', variable_get('site_name', 'Drupal')));
  }

  /**
   * Check that the realm is correct when using the HTTP Auth method with the
   * default SimpleTest User Agent string
   */
  function testUserAgentDefault() {
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('UA Test #1') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm(variable_get('securesite_realm', variable_get('site_name', 'Drupal')));
  }

  /**
   * Check that the realm is correct when using the HTTP Auth method with
   * Opera's User Agent string
   */
  function testUserAgentOpera() {
    $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));

    // Send the Opera 9.51 User-Agent header
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->addHeader('User-Agent: Opera/9.51 (Windows NT 5.1; U; en)');
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('User Agent: Opera') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm(new PatternExpectation("/{$realm} - \\d\\d\\d*/"));
  }

  /**
   * Check that the realm is correct when using the HTTP Auth method with
   * Safari's User Agent string
   */
  function testUserAgentSafari() {
    $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));

    // Send the Safari 3.1 User-Agent header
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->addHeader('User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_2; en-us) AppleWebKit/525.13 (KHTML, like Gecko) Version/3.1 Safari/525.13');
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('User Agent: Safari') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm(new PatternExpectation("/{$realm} - \\d\\d\\d*/"));
  }

  /**
   * Check that the realm is correct when using the HTTP Auth method with
   * Internet Explorer's User Agent string
   */
  function testUserAgentIE() {
    $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));

    // Send the Internet Explorer 8.0 Beta User-Agent header
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->addHeader('User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; WOW64; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.0.04506; Media Center PC 5.0; .NET CLR 1.1.4322)');
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('User Agent: IE') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm(new PatternExpectation("/{$realm} - \\d\\d\\d*/"));
  }

  /**
   * Check that the realm is correct when using the HTTP Auth method with
   * Firefox's User Agent string
   */
  function testUserAgentFirefox() {
    $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));

    // Send the Firefox 3.0.1 User-Agent header
    $this
      ->restart();
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->addHeader('User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1');
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('User Agent: Firefox') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
  }

  /**
   * Tests for _securesite_filter_check()
   *
   * TODO: Add result explanations
   * TODO: Verify correctness of test #11
   */
  function testFilterCheck() {
    $home = variable_get('site_frontpage', 'node');

    // Disable Secure Site, as the init() stuff can get in the way
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_DISABLED);

    // Test #1: Basic Whitelist
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', 'node');
    $this
      ->assertTrue(_securesite_filter_check('node'), t('Filter Check Test #1') . ': %s');

    // Test #2: Basic Blacklist
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
    $this
      ->assertFalse(_securesite_filter_check('node'), t('Filter Check Test #2') . ': %s');

    // Test #3: Empty Whitelist
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->assertFalse(_securesite_filter_check($home), t('Filter Check Test #3') . ': %s');

    // Test #4: Empty Blacklist
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
    $this
      ->assertTrue(_securesite_filter_check($home), t('Filter Check Test #4') . ': %s');

    // Test #5: NULL Whitelist
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', NULL);
    $this
      ->assertFalse(_securesite_filter_check($home), t('Filter Check Test #5') . ': %s');

    // Test #6: NULL Blacklist
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
    $this
      ->assertTrue(_securesite_filter_check($home), t('Filter Check Test #6') . ': %s');

    // Test #7: <front> Whitelist
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '<front>');
    $this
      ->assertTrue(_securesite_filter_check($home), t('Filter Check Test #7') . ': %s');

    // Test #8: <front> Blacklist
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
    $this
      ->assertFalse(_securesite_filter_check($home), t('Filter Check Test #8') . ': %s');

    // Test #9: Empty Path
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->assertFalse(_securesite_filter_check(''), t('Filter Check Test #9') . ': %s');

    // Test #10: NULL Path
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->assertFalse(_securesite_filter_check(NULL), t('Filter Check Test #10') . ': %s');

    // Test #11: <front> is the same as no path
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '<front>');
    $this
      ->assertFalse(_securesite_filter_check(''), t('Filter Check Test #11') . ': %s');
  }

  /**
   * Check that login works normally after previous login and logout using the
   * normal HTML login form
   */
  function testRepeatLoginUnsecure() {
    $privileged_user = $this
      ->drupalCreateUserRolePerm(array(
      'access content',
      'access secured pages',
    ));

    // Login, logout, then login and logout again
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', "<front>\nuser");
    $this
      ->drupalGet(url('<front>', NULL, NULL, TRUE));
    $this
      ->assertResponse('200', t('Repeat Login: Unsecure') . ': %s');
    $this
      ->assertNoAuthentication();
    $this
      ->drupalLoginUser($privileged_user);
    $this
      ->drupalGet(url('logout', NULL, NULL, TRUE));
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->drupalGet(url('<front>', NULL, NULL, TRUE));
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->drupalLoginUser($privileged_user);
    $this
      ->drupalGet(url('logout', NULL, NULL, TRUE));
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
  }

  /**
   * Check that login works normally after previous login and logout when first
   * not securing <front>, then securing it
   */
  function testRepeatLoginUnsecureFirst() {
    $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
    $privileged_user = $this
      ->drupalCreateUserRolePerm(array(
      'access content',
      'access secured pages',
    ));

    // Login, logout, then login and logout again
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', "<front>\nuser");
    $this
      ->drupalGet(url('<front>', NULL, NULL, TRUE));
    $this
      ->assertResponse('200', t('Repeat Login: Unsecure First') . ': %s');
    $this
      ->assertNoAuthentication();
    $this
      ->drupalLoginUser($privileged_user);
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->drupalGet(url('logout', NULL, NULL, TRUE));
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->drupalGet(url('<front>', NULL, NULL, TRUE));
    $this
      ->assertResponse('401');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
    $this
      ->authenticate($privileged_user->name, $privileged_user->pass_raw);
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->drupalGet(url('logout', NULL, NULL, TRUE));
    $this
      ->assertResponse('401');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
  }

  /**
   * Check that login works normally after previous login and logout when first
   * securing <front>, then not
   */
  function testRepeatLoginSecureFirst() {
    $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
    $privileged_user = $this
      ->drupalCreateUserRolePerm(array(
      'access content',
      'access secured pages',
    ));

    // Login, logout, then login and logout again
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->drupalGet(url('<front>', NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('Repeat Login: Secure First') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
    $this
      ->authenticate($privileged_user->name, $privileged_user->pass_raw);
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->drupalGet(url('logout', NULL, NULL, TRUE));
    $this
      ->assertResponse('401');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
    $this
      ->drupalVariableSet('securesite_filter_pages', "<front>\nuser");
    $this
      ->drupalGet(url('<front>', NULL, NULL, TRUE));
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->drupalLoginUser($privileged_user);
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->drupalGet(url('logout', NULL, NULL, TRUE));
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
  }

  /**
   * Check that the user doesn't get stuck on the logout page
   */
  function testLogoutRedirect() {
    $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
    $privileged_user = $this
      ->drupalCreateUserRolePerm(array(
      'access content',
      'access secured pages',
    ));
    $this
      ->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
    $this
      ->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
    $this
      ->drupalVariableSet('securesite_filter_pages', '');
    $this
      ->drupalGet(url(NULL, NULL, NULL, TRUE));
    $this
      ->assertResponse('401', t('Logout Redirect') . ': %s');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
    $this
      ->authenticate($privileged_user->name, $privileged_user->pass_raw);
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
    $this
      ->drupalGet(url('logout', NULL, NULL, TRUE));
    $this
      ->assertResponse('401');
    $this
      ->assertAuthentication('Basic');
    $this
      ->assertRealm($realm);
    $this
      ->authenticate($privileged_user->name, $privileged_user->pass_raw);
    $this
      ->assertResponse('200');
    $this
      ->assertNoAuthentication();
  }

}

Members

Namesort descending Modifiers Type Description Overrides
DrupalTestCase::$_cleanupModules property
DrupalTestCase::$_cleanupRoles property
DrupalTestCase::$_cleanupUsers property
DrupalTestCase::$_cleanupVariables property
DrupalTestCase::$_content property
DrupalTestCase::assertCopy function Will trigger a pass if both parameters refer to different objects. Fail otherwise.
DrupalTestCase::assertEqual function Will trigger a pass if the two parameters have the same value only. Otherwise a fail.
DrupalTestCase::assertError function Confirms that an error has occurred and optionally that the error text matches exactly.
DrupalTestCase::assertErrorPattern function Confirms that an error has occurred and that the error text matches a Perl regular expression.
DrupalTestCase::assertIdentical function Will trigger a pass if the two parameters have the same value and same type. Otherwise a fail.
DrupalTestCase::assertIsA function Type and class test. Will pass if class matches the type name or is a subclass or if not an object, but the type is correct.
DrupalTestCase::assertNoErrors function Confirms that no errors have occurred so far in the test method.
DrupalTestCase::assertNotA function Type and class mismatch test. Will pass if class name or underling type does not match the one specified.
DrupalTestCase::assertNotEqual function Will trigger a pass if the two parameters have a different value. Otherwise a fail.
DrupalTestCase::assertNotIdentical function Will trigger a pass if the two parameters have the different value or different type.
DrupalTestCase::assertNotNull function Will be true if the value is set.
DrupalTestCase::assertNoUnwantedPattern function Will trigger a pass if the Perl regex pattern is not present in subject. Fail if found.
DrupalTestCase::assertNoUnwantedRaw function Will trigger a pass if the raw text is NOT found on the loaded page Fail otherwise.
DrupalTestCase::assertNull function Will be true if the value is null.
DrupalTestCase::assertReference function Will trigger a pass if both parameters refer to the same object. Fail otherwise.
DrupalTestCase::assertWantedPattern function Will trigger a pass if the Perl regex pattern is found in the subject. Fail otherwise.
DrupalTestCase::assertWantedRaw function Will trigger a pass if the raw text is found on the loaded page Fail otherwise.
DrupalTestCase::clickLink function Follows a link by name. Will click the first link found with this link text by default, or a later one if an index is given. Match is case insensitive with normalised space. Does make assertations if the click was sucessful or not and it does…
DrupalTestCase::drupalCheckAuth function @abstract Checks to see if we need to send a http-auth header to authenticate when browsing a site.
DrupalTestCase::drupalCreateRolePerm function Create a role / perm combination specified by permissions
DrupalTestCase::drupalCreateUserRolePerm function Creates a user / role / permissions combination specified by permissions
DrupalTestCase::drupalGet function @abstract Brokder for the get function adds the authentication headers if necessary @author Earnest Berry III <earnest.berry@gmail.com>
DrupalTestCase::drupalGetContent function @TODO: needs documentation
DrupalTestCase::drupalLoginUser function Logs in a user with the internal browser
DrupalTestCase::drupalModuleDisable function Disables a drupal module
DrupalTestCase::drupalModuleEnable function Enables a drupal module
DrupalTestCase::drupalPostRequest function Do a post request on a drupal page. It will be done as usual post request with SimpleBrowser
DrupalTestCase::drupalRawPost function @abstract Broker for the post function adds the authentication headers if necessary @author Earnest Berry III <earnest.berry@gmail.com>
DrupalTestCase::DrupalTestCase function
DrupalTestCase::drupalVariableSet function Set a druapl variable and keep track of the changes for tearDown()
DrupalTestCase::randomName function Generates a random string, to be used as name or whatever
DrupalTestCase::run function Just some info for the reporter
DrupalTestCase::tearDown function tearDown implementation, setting back switched modules etc 1
SecureSiteTest::get_info function Drupal SimpleTest method: return metadata about the test 1
SecureSiteTest::setUp function 1
SecureSiteTest::testAccessDenied function Check that users get an access denied warning when accessing secured portions of the site if they've already logged in and don't have access to the secure portion
SecureSiteTest::testBlacklist function Test blacklist
SecureSiteTest::testBypassCron function Test the cron bypass
SecureSiteTest::testFilterCheck function Tests for _securesite_filter_check()
SecureSiteTest::testGuestDisabled function Check that guest mode is correctly disabled when no username and password are set
SecureSiteTest::testGuestFirstClean function Check that users get the correct page after previously logging in as a guest
SecureSiteTest::testGuestFirstUnclean function Check that users get the correct page after previously logging in as a guest and not forcing a guest logout
SecureSiteTest::testGuestLogin function Check that guests can login when guest mode is enabled (a username and password are set)
SecureSiteTest::testGuestSecond function Check that guests get the correct page after previously logging in as a user
SecureSiteTest::testGuestUserLogout function Check that guests are logged out if user had logged in after being a guest
SecureSiteTest::testLoginAnonymousDisabled function Check that anonymous users get the correct headers when Secure Site is disabled
SecureSiteTest::testLoginAnonymousHTML function Check that anonymous users get the correct headers when using the HTML login form
SecureSiteTest::testLoginAnonymousHTTP function Check that anonymous users get the correct headers when using HTTP Auth
SecureSiteTest::testLoginHTTPDeprecated function Check that using the deprecated HTTP Auth alternative method doesn't cause sites to be inaccessible (they should be accessible to anonymous users)
SecureSiteTest::testLoginPrivilegedHTTP function Check that privileged users can login with HTTP Auth enabled
SecureSiteTest::testLoginUnprivileged function Check that unprivileged users don't get HTTP Auth when accessing unsecured pages
SecureSiteTest::testLoginUnprivilegedHTTP function Check that unprivileged users get HTTP Auth when accessing secure pages
SecureSiteTest::testLogoutRedirect function Check that the user doesn't get stuck on the logout page
SecureSiteTest::testLogoutUnsecure function Check that users are able to login and logout from unsecured portions of the site after using the normal Drupal login form
SecureSiteTest::testPrerequisites function Check prerequisites
SecureSiteTest::testRepeatLoginSecureFirst function Check that login works normally after previous login and logout when first securing <front>, then not
SecureSiteTest::testRepeatLoginUnsecure function Check that login works normally after previous login and logout using the normal HTML login form
SecureSiteTest::testRepeatLoginUnsecureFirst function Check that login works normally after previous login and logout when first not securing <front>, then securing it
SecureSiteTest::testUserAgentDefault function Check that the realm is correct when using the HTTP Auth method with the default SimpleTest User Agent string
SecureSiteTest::testUserAgentFirefox function Check that the realm is correct when using the HTTP Auth method with Firefox's User Agent string
SecureSiteTest::testUserAgentIE function Check that the realm is correct when using the HTTP Auth method with Internet Explorer's User Agent string
SecureSiteTest::testUserAgentOpera function Check that the realm is correct when using the HTTP Auth method with Opera's User Agent string
SecureSiteTest::testUserAgentSafari function Check that the realm is correct when using the HTTP Auth method with Safari's User Agent string
SecureSiteTest::testWhitelist function Test whitelist