function UserBlocksTest::testUserLoginBlock in Zircon Profile 8
Same name and namespace in other branches
- 8.0 core/modules/user/src/Tests/UserBlocksTest.php \Drupal\user\Tests\UserBlocksTest::testUserLoginBlock()
Test the user login block.
File
- core/
modules/ user/ src/ Tests/ UserBlocksTest.php, line 69 - Contains \Drupal\user\Tests\UserBlocksTest.
Class
- UserBlocksTest
- Tests user blocks.
Namespace
Drupal\user\TestsCode
function testUserLoginBlock() {
// Create a user with some permission that anonymous users lack.
$user = $this
->drupalCreateUser(array(
'administer permissions',
));
// Log in using the block.
$edit = array();
$edit['name'] = $user
->getUsername();
$edit['pass'] = $user->pass_raw;
$this
->drupalPostForm('admin/people/permissions', $edit, t('Log in'));
$this
->assertNoText(t('User login'), 'Logged in.');
// Check that we are still on the same page.
$this
->assertUrl(\Drupal::url('user.admin_permissions', [], [
'absolute' => TRUE,
]), [], 'Still on the same page after login for access denied page');
// Now, log out and repeat with a non-403 page.
$this
->drupalLogout();
$this
->drupalPostForm('filter/tips', $edit, t('Log in'));
$this
->assertNoText(t('User login'), 'Logged in.');
$this
->assertPattern('!<title.*?' . t('Compose tips') . '.*?</title>!', 'Still on the same page after login for allowed page');
// Check that the user login block is not vulnerable to information
// disclosure to third party sites.
$this
->drupalLogout();
$this
->drupalPostForm('http://example.com/', $edit, t('Log in'), array(
'external' => FALSE,
));
// Check that we remain on the site after login.
$this
->assertUrl($user
->url('canonical', [
'absolute' => TRUE,
]), [], 'Redirected to user profile page after login from the frontpage');
}