You are here

Home » API reference » Security.txt 7 » securitytxt.test » SecuritytxtModuleEnabledTestCase

public function SecuritytxtModuleEnabledTestCase::testPageAccess in Security.txt 7

Test page access for various users.

File

./securitytxt.test, line 163
Tests for securitytxt.module.

Class

SecuritytxtModuleEnabledTestCase
Test case with the Security.txt module enabled.

Code

public function testPageAccess() {

  // Anonymous user page access.
  $this
    ->drupalGet(self::SECURITY_TXT_PATH);
  $this
    ->assertResponse(404);
  $this
    ->drupalGet(self::SECURITY_TXT_SIG_PATH);
  $this
    ->assertResponse(404);
  $this
    ->drupalGet(self::SECURITY_TXT_CONF_PATH);
  $this
    ->assertResponse(403);
  $this
    ->drupalGet(self::SECURITY_TXT_CONF_SIGN_PATH);
  $this
    ->assertResponse(403);
  $this
    ->drupalGet(self::HELP_PATH);
  $this
    ->assertResponse(403);
  $this
    ->drupalGet(self::SECURITY_TXT_HELP_PATH);
  $this
    ->assertResponse(403);

  // Authenticated user page access.
  $this
    ->drupalLogin($this->authenticatedUser);
  $this
    ->drupalGet(self::SECURITY_TXT_PATH);
  $this
    ->assertResponse(404);
  $this
    ->drupalGet(self::SECURITY_TXT_SIG_PATH);
  $this
    ->assertResponse(404);
  $this
    ->drupalGet(self::SECURITY_TXT_CONF_PATH);
  $this
    ->assertResponse(403);
  $this
    ->drupalGet(self::SECURITY_TXT_CONF_SIGN_PATH);
  $this
    ->assertResponse(403);
  $this
    ->drupalGet(self::HELP_PATH);
  $this
    ->assertResponse(403);
  $this
    ->drupalGet(self::SECURITY_TXT_HELP_PATH);
  $this
    ->assertResponse(403);
  $this
    ->drupalLogout();

  // Administrator user page access.
  $this
    ->drupalLogin($this->administratorUser);
  $this
    ->drupalGet(self::SECURITY_TXT_PATH);
  $this
    ->assertResponse(404);
  $this
    ->drupalGet(self::SECURITY_TXT_SIG_PATH);
  $this
    ->assertResponse(404);
  $this
    ->drupalGet(self::SECURITY_TXT_CONF_PATH);
  $this
    ->assertResponse(200);
  $this
    ->drupalGet(self::SECURITY_TXT_CONF_SIGN_PATH);
  $this
    ->assertResponse(200);
  $this
    ->drupalGet(self::HELP_PATH);
  $this
    ->assertResponse(200);
  $this
    ->assertTitle(t('Help | Drupal'));
  $this
    ->assertLink(t('Security.txt'));
  $this
    ->drupalGet(self::SECURITY_TXT_HELP_PATH);
  $this
    ->assertResponse(200);
  $this
    ->assertTitle(t('Security.txt | Drupal'));
  $this
    ->assertText(t('The Security.txt module provides an implementation of the new'));
  $this
    ->drupalLogout();

  // Configure Security.txt module via direct database access.
  $enabled = TRUE;
  $contact_email = 'contact@example.com';
  $contact_phone = '+44-1632-123456';
  $contact_url = 'https://example.com/contact';
  $encryption_key_url = 'https://example.com/key';
  $policy_url = 'https://example.com/policy';
  $acknowledgement_url = 'https://example.com/acknowledgements';
  $signature_text = 'THIS IS THE SIGNATURE TEXT';
  $this
    ->setConfigurationViaDatabase($enabled, $contact_email, $contact_phone, $contact_url, $encryption_key_url, $policy_url, $acknowledgement_url, $signature_text);

  // Repeat access tests now that Security.txt module has been configured.
  // Anonymous user page access.
  $this
    ->checkSecurityTxtFile($enabled, $contact_email, $contact_phone, $contact_url, $encryption_key_url, $policy_url, $acknowledgement_url);
  $this
    ->checkSecurityTxtSigFile($enabled, $signature_text);
  $this
    ->drupalGet(self::SECURITY_TXT_CONF_PATH);
  $this
    ->assertResponse(403);
  $this
    ->drupalGet(self::SECURITY_TXT_CONF_SIGN_PATH);
  $this
    ->assertResponse(403);
  $this
    ->drupalGet(self::HELP_PATH);
  $this
    ->assertResponse(403);
  $this
    ->drupalGet(self::SECURITY_TXT_HELP_PATH);
  $this
    ->assertResponse(403);

  // Authenticated user page access.
  $this
    ->drupalLogin($this->authenticatedUser);
  $this
    ->checkSecurityTxtFile($enabled, $contact_email, $contact_phone, $contact_url, $encryption_key_url, $policy_url, $acknowledgement_url);
  $this
    ->checkSecurityTxtSigFile($enabled, $signature_text);
  $this
    ->drupalGet(self::SECURITY_TXT_CONF_PATH);
  $this
    ->assertResponse(403);
  $this
    ->drupalGet(self::SECURITY_TXT_CONF_SIGN_PATH);
  $this
    ->assertResponse(403);
  $this
    ->drupalGet(self::HELP_PATH);
  $this
    ->assertResponse(403);
  $this
    ->drupalGet(self::SECURITY_TXT_HELP_PATH);
  $this
    ->assertResponse(403);
  $this
    ->drupalLogout();

  // Administrator user page access.
  $this
    ->drupalLogin($this->administratorUser);
  $this
    ->checkSecurityTxtFile($enabled, $contact_email, $contact_phone, $contact_url, $encryption_key_url, $policy_url, $acknowledgement_url);
  $this
    ->checkSecurityTxtSigFile($enabled, $signature_text);
  $this
    ->drupalGet(self::SECURITY_TXT_CONF_PATH);
  $this
    ->assertResponse(200);
  $this
    ->drupalGet(self::SECURITY_TXT_CONF_SIGN_PATH);
  $this
    ->assertResponse(200);
  $this
    ->drupalGet(self::HELP_PATH);
  $this
    ->assertResponse(200);
  $this
    ->assertTitle(t('Help | Drupal'));
  $this
    ->assertLink(t('Security.txt'));
  $this
    ->drupalGet(self::SECURITY_TXT_HELP_PATH);
  $this
    ->assertResponse(200);
  $this
    ->assertTitle(t('Security.txt | Drupal'));
  $this
    ->assertText(t('The Security.txt module provides an implementation of the new'));
  $this
    ->drupalLogout();
}