You are here

Home » API reference » Security Review 7 » security_review.test » SecurityReviewTestCase

public function SecurityReviewTestCase::testUI in Security Review 7

File

tests/security_review.test, line 39
security_review.test. Drupal test cases for Security Review.

Class

SecurityReviewTestCase
Tests the functionality of the Security Review module.

Code

public function testUI() {
  $checklist = security_review_get_checklist();
  $secrev_checks = $checklist['security_review'];
  $this
    ->drupalGet('admin/reports/security-review');
  $this
    ->assertText('Click the button below to run the security checklist and review the results.');
  $this
    ->assertText('Before running the checklist please review the settings page at', 'First time message appears before checklist has been run.');
  $settings_path = 'admin/reports/security-review/settings';
  $this
    ->assertLinkByHref($settings_path, 0, 'Link to settings appears');
  $this
    ->drupalGet($settings_path);
  $this
    ->assertText('Untrusted roles', 'Untrusted roles header appears');
  $this
    ->assertFieldChecked('edit-security-review-untrusted-roles-1', 'Anonymous users are marked as untrusted');
  $this
    ->assertFieldChecked('edit-security-review-untrusted-roles-2', 'Authenticated users are marked as untrusted');
  $this
    ->assertNoFieldChecked('edit-security-review-untrusted-roles-3', 'Adminitrator users are not marked as untrusted');
  $this
    ->assertFieldChecked('edit-security-review-log', 'Log results is checked');
  $this
    ->assertText('Base URL check method');

  // Confirm checks are available for skipping here.
  foreach ($secrev_checks as $name => $check) {
    $this
      ->assertText($check['title'], "Skip option appears for {$name} check");
    $field = 'edit-security-review-skip-' . str_replace('_', '-', $name);
    $this
      ->assertNoFieldChecked($field, 'Adminitrator users are not marked as untrusted');
  }

  // Confirm check-specific help pages are working.
  foreach ($secrev_checks as $name => $check) {
    $path = 'admin/reports/security-review/help/security_review/' . $name;
    $this
      ->drupalGet($path);
    $this
      ->assertNoText('Check-specfic help', 'The top-level help text does not appear on check-specific pages');
  }

  // Run the checklist
  $this
    ->runChecklist();
  $this
    ->assertText('Review results from last run');
  $this
    ->assertText('Details');
  $this
    ->assertText('Skip');

  // Test status page test.
  $this
    ->drupalGet('admin/reports/status');
  $this
    ->assertText('There are failed Security Review checks');
  $this
    ->assertLinkByHref('admin/reports/security-review', 0, 'Link to checklist appears');
}