You are here

Home » API reference » Zircon Profile 8 » UserPasswordResetTest.php

class UserPasswordResetTest in Zircon Profile 8

Same name and namespace in other branches
  1. 8.0 core/modules/user/src/Tests/UserPasswordResetTest.php \Drupal\user\Tests\UserPasswordResetTest

Ensure that password reset methods work as expected.

@group user

Hierarchy

Expanded class hierarchy of UserPasswordResetTest

File

core/modules/user/src/Tests/UserPasswordResetTest.php, line 18
Contains \Drupal\user\Tests\UserPasswordResetTest.

Namespace

Drupal\user\Tests
View source 
class UserPasswordResetTest extends PageCacheTagsTestBase {

  /**
   * The profile to install as a basis for testing.
   *
   * This test uses the standard profile to test the password reset in
   * combination with an ajax request provided by the user picture configuration
   * in the standard profile.
   *
   * @var string
   */
  protected $profile = 'standard';

  /**
   * The user object to test password resetting.
   *
   * @var \Drupal\user\UserInterface
   */
  protected $account;

  /**
   * Modules to enable.
   *
   * @var array
   */
  public static $modules = [
    'block',
  ];

  /**
   * {@inheritdoc}
   */
  protected function setUp() {
    parent::setUp();
    $this
      ->drupalPlaceBlock('system_menu_block:account');

    // Create a user.
    $account = $this
      ->drupalCreateUser();

    // Activate user by logging in.
    $this
      ->drupalLogin($account);
    $this->account = User::load($account
      ->id());
    $this->account->pass_raw = $account->pass_raw;
    $this
      ->drupalLogout();

    // Set the last login time that is used to generate the one-time link so
    // that it is definitely over a second ago.
    $account->login = REQUEST_TIME - mt_rand(10, 100000);
    db_update('users_field_data')
      ->fields(array(
      'login' => $account
        ->getLastLoginTime(),
    ))
      ->condition('uid', $account
      ->id())
      ->execute();
  }

  /**
   * Tests password reset functionality.
   */
  function testUserPasswordReset() {

    // Try to reset the password for an invalid account.
    $this
      ->drupalGet('user/password');
    $edit = array(
      'name' => $this
        ->randomMachineName(32),
    );
    $this
      ->drupalPostForm(NULL, $edit, t('Submit'));
    $this
      ->assertText(t('@name is not recognized as a username or an email address.', array(
      '@name' => $edit['name'],
    )), 'Validation error message shown when trying to request password for invalid account.');
    $this
      ->assertEqual(count($this
      ->drupalGetMails(array(
      'id' => 'user_password_reset',
    ))), 0, 'No email was sent when requesting a password for an invalid account.');

    // Reset the password by username via the password reset page.
    $edit['name'] = $this->account
      ->getUsername();
    $this
      ->drupalPostForm(NULL, $edit, t('Submit'));

    // Verify that the user was sent an email.
    $this
      ->assertMail('to', $this->account
      ->getEmail(), 'Password email sent to user.');
    $subject = t('Replacement login information for @username at @site', array(
      '@username' => $this->account
        ->getUsername(),
      '@site' => $this
        ->config('system.site')
        ->get('name'),
    ));
    $this
      ->assertMail('subject', $subject, 'Password reset email subject is correct.');
    $resetURL = $this
      ->getResetURL();
    $this
      ->drupalGet($resetURL);
    $this
      ->assertFalse($this
      ->drupalGetHeader('X-Drupal-Cache'));

    // Ensure the password reset URL is not cached.
    $this
      ->drupalGet($resetURL);
    $this
      ->assertFalse($this
      ->drupalGetHeader('X-Drupal-Cache'));

    // Check the one-time login page.
    $this
      ->assertText($this->account
      ->getUsername(), 'One-time login page contains the correct username.');
    $this
      ->assertText(t('This login can be used only once.'), 'Found warning about one-time login.');
    $this
      ->assertTitle(t('Reset password | Drupal'), 'Page title is "Reset password".');

    // Check successful login.
    $this
      ->drupalPostForm(NULL, NULL, t('Log in'));
    $this
      ->assertLink(t('Log out'));
    $this
      ->assertTitle(t('@name | @site', array(
      '@name' => $this->account
        ->getUsername(),
      '@site' => $this
        ->config('system.site')
        ->get('name'),
    )), 'Logged in using password reset link.');

    // Make sure the ajax request from uploading a user picture does not
    // invalidate the reset token.
    $image = current($this
      ->drupalGetTestFiles('image'));
    $edit = array(
      'files[user_picture_0]' => drupal_realpath($image->uri),
    );
    $this
      ->drupalPostAjaxForm(NULL, $edit, 'user_picture_0_upload_button');

    // Change the forgotten password.
    $password = user_password();
    $edit = array(
      'pass[pass1]' => $password,
      'pass[pass2]' => $password,
    );
    $this
      ->drupalPostForm(NULL, $edit, t('Save'));
    $this
      ->assertText(t('The changes have been saved.'), 'Forgotten password changed.');

    // Verify that the password reset session has been destroyed.
    $this
      ->drupalPostForm(NULL, $edit, t('Save'));
    $this
      ->assertText(t('Your current password is missing or incorrect; it\'s required to change the Password.'), 'Password needed to make profile changes.');

    // Log out, and try to log in again using the same one-time link.
    $this
      ->drupalLogout();
    $this
      ->drupalGet($resetURL);
    $this
      ->assertText(t('You have tried to use a one-time login link that has either been used or is no longer valid. Please request a new one using the form below.'), 'One-time link is no longer valid.');

    // Request a new password again, this time using the email address.
    $this
      ->drupalGet('user/password');

    // Count email messages before to compare with after.
    $before = count($this
      ->drupalGetMails(array(
      'id' => 'user_password_reset',
    )));
    $edit = array(
      'name' => $this->account
        ->getEmail(),
    );
    $this
      ->drupalPostForm(NULL, $edit, t('Submit'));
    $this
      ->assertTrue(count($this
      ->drupalGetMails(array(
      'id' => 'user_password_reset',
    ))) === $before + 1, 'Email sent when requesting password reset using email address.');

    // Create a password reset link as if the request time was 60 seconds older than the allowed limit.
    $timeout = $this
      ->config('user.settings')
      ->get('password_reset_timeout');
    $bogus_timestamp = REQUEST_TIME - $timeout - 60;
    $_uid = $this->account
      ->id();
    $this
      ->drupalGet("user/reset/{$_uid}/{$bogus_timestamp}/" . user_pass_rehash($this->account, $bogus_timestamp));
    $this
      ->assertText(t('You have tried to use a one-time login link that has expired. Please request a new one using the form below.'), 'Expired password reset request rejected.');

    // Create a user, block the account, and verify that a login link is denied.
    $timestamp = REQUEST_TIME - 1;
    $blocked_account = $this
      ->drupalCreateUser()
      ->block();
    $blocked_account
      ->save();
    $this
      ->drupalGet("user/reset/" . $blocked_account
      ->id() . "/{$timestamp}/" . user_pass_rehash($blocked_account, $timestamp));
    $this
      ->assertResponse(403);

    // Verify a blocked user can not request a new password.
    $this
      ->drupalGet('user/password');

    // Count email messages before to compare with after.
    $before = count($this
      ->drupalGetMails(array(
      'id' => 'user_password_reset',
    )));
    $edit = array(
      'name' => $blocked_account
        ->getUsername(),
    );
    $this
      ->drupalPostForm(NULL, $edit, t('Submit'));
    $this
      ->assertRaw(t('%name is blocked or has not been activated yet.', array(
      '%name' => $blocked_account
        ->getUsername(),
    )), 'Notified user blocked accounts can not request a new password');
    $this
      ->assertTrue(count($this
      ->drupalGetMails(array(
      'id' => 'user_password_reset',
    ))) === $before, 'No email was sent when requesting password reset for a blocked account');

    // Verify a password reset link is invalidated when the user's email address changes.
    $this
      ->drupalGet('user/password');
    $edit = array(
      'name' => $this->account
        ->getUsername(),
    );
    $this
      ->drupalPostForm(NULL, $edit, t('Submit'));
    $old_email_reset_link = $this
      ->getResetURL();
    $this->account
      ->setEmail("1" . $this->account
      ->getEmail());
    $this->account
      ->save();
    $this
      ->drupalGet($old_email_reset_link);
    $this
      ->assertText(t('You have tried to use a one-time login link that has either been used or is no longer valid. Please request a new one using the form below.'), 'One-time link is no longer valid.');
  }

  /**
   * Retrieves password reset email and extracts the login link.
   */
  public function getResetURL() {

    // Assume the most recent email.
    $_emails = $this
      ->drupalGetMails();
    $email = end($_emails);
    $urls = array();
    preg_match('#.+user/reset/.+#', $email['body'], $urls);
    return $urls[0];
  }

  /**
   * Test user password reset while logged in.
   */
  public function testUserPasswordResetLoggedIn() {

    // Log in.
    $this
      ->drupalLogin($this->account);

    // Reset the password by username via the password reset page.
    $this
      ->drupalGet('user/password');
    $this
      ->drupalPostForm(NULL, NULL, t('Submit'));

    // Click the reset URL while logged and change our password.
    $resetURL = $this
      ->getResetURL();
    $this
      ->drupalGet($resetURL);
    $this
      ->drupalPostForm(NULL, NULL, t('Log in'));

    // Change the password.
    $password = user_password();
    $edit = array(
      'pass[pass1]' => $password,
      'pass[pass2]' => $password,
    );
    $this
      ->drupalPostForm(NULL, $edit, t('Save'));
    $this
      ->assertText(t('The changes have been saved.'), 'Password changed.');
  }

  /**
   * Prefill the text box on incorrect login via link to password reset page.
   */
  public function testUserResetPasswordTextboxFilled() {
    $this
      ->drupalGet('user/login');
    $edit = array(
      'name' => $this
        ->randomMachineName(),
      'pass' => $this
        ->randomMachineName(),
    );
    $this
      ->drupalPostForm('user/login', $edit, t('Log in'));
    $this
      ->assertRaw(t('Unrecognized username or password. <a href=":password">Have you forgotten your password?</a>', array(
      ':password' => \Drupal::url('user.pass', [], array(
        'query' => array(
          'name' => $edit['name'],
        ),
      )),
    )));
    unset($edit['pass']);
    $this
      ->drupalGet('user/password', array(
      'query' => array(
        'name' => $edit['name'],
      ),
    ));
    $this
      ->assertFieldByName('name', $edit['name'], 'User name found.');
  }

  /**
   * Make sure that users cannot forge password reset URLs of other users.
   */
  function testResetImpersonation() {

    // Create two identical user accounts except for the user name. They must
    // have the same empty password, so we can't use $this->drupalCreateUser().
    $edit = array();
    $edit['name'] = $this
      ->randomMachineName();
    $edit['mail'] = $edit['name'] . '@example.com';
    $edit['status'] = 1;
    $user1 = User::create($edit);
    $user1
      ->save();
    $edit['name'] = $this
      ->randomMachineName();
    $user2 = User::create($edit);
    $user2
      ->save();

    // Unique password hashes are automatically generated, the only way to
    // change that is to update it directly in the database.
    db_update('users_field_data')
      ->fields([
      'pass' => NULL,
    ])
      ->condition('uid', [
      $user1
        ->id(),
      $user2
        ->id(),
    ], 'IN')
      ->execute();
    \Drupal::entityManager()
      ->getStorage('user')
      ->resetCache();
    $user1 = User::load($user1
      ->id());
    $user2 = User::load($user2
      ->id());
    $this
      ->assertEqual($user1
      ->getPassword(), $user2
      ->getPassword(), 'Both users have the same password hash.');

    // The password reset URL must not be valid for the second user when only
    // the user ID is changed in the URL.
    $reset_url = user_pass_reset_url($user1);
    $attack_reset_url = str_replace("user/reset/{$user1->id()}", "user/reset/{$user2->id()}", $reset_url);
    $this
      ->drupalGet($attack_reset_url);
    $this
      ->assertNoText($user2
      ->getUsername(), 'The invalid password reset page does not show the user name.');
    $this
      ->assertUrl('user/password', array(), 'The user is redirected to the password reset request page.');
    $this
      ->assertText('You have tried to use a one-time login link that has either been used or is no longer valid. Please request a new one using the form below.');
  }

}

Members

Namesort descending Modifiers Type Description Overrides
AssertContentTrait::$content protected property The current raw content.
AssertContentTrait::$drupalSettings protected property The drupalSettings value from the current raw $content.
AssertContentTrait::$elements protected property The XML structure parsed from the current raw $content. 2
AssertContentTrait::$plainTextContent protected property The plain-text content of raw $content (text nodes).
AssertContentTrait::assertEscaped protected function Passes if the raw text IS found escaped on the loaded page, fail otherwise.
AssertContentTrait::assertField protected function Asserts that a field exists with the given name or ID.
AssertContentTrait::assertFieldById protected function Asserts that a field exists with the given ID and value.
AssertContentTrait::assertFieldByName protected function Asserts that a field exists with the given name and value.
AssertContentTrait::assertFieldByXPath protected function Asserts that a field exists in the current page by the given XPath.
AssertContentTrait::assertFieldChecked protected function Asserts that a checkbox field in the current page is checked.
AssertContentTrait::assertFieldsByValue protected function Asserts that a field exists in the current page with a given Xpath result.
AssertContentTrait::assertLink protected function Passes if a link with the specified label is found.
AssertContentTrait::assertLinkByHref protected function Passes if a link containing a given href (part) is found.
AssertContentTrait::assertNoDuplicateIds protected function Asserts that each HTML ID is used for just a single element.
AssertContentTrait::assertNoEscaped protected function Passes if the raw text IS NOT found escaped on the loaded page, fail otherwise.
AssertContentTrait::assertNoField protected function Asserts that a field does not exist with the given name or ID.
AssertContentTrait::assertNoFieldById protected function Asserts that a field does not exist with the given ID and value.
AssertContentTrait::assertNoFieldByName protected function Asserts that a field does not exist with the given name and value.
AssertContentTrait::assertNoFieldByXPath protected function Asserts that a field does not exist or its value does not match, by XPath.
AssertContentTrait::assertNoFieldChecked protected function Asserts that a checkbox field in the current page is not checked.
AssertContentTrait::assertNoLink protected function Passes if a link with the specified label is not found.
AssertContentTrait::assertNoLinkByHref protected function Passes if a link containing a given href (part) is not found.
AssertContentTrait::assertNoLinkByHrefInMainRegion protected function Passes if a link containing a given href is not found in the main region.
AssertContentTrait::assertNoOption protected function Asserts that a select option in the current page does not exist.
AssertContentTrait::assertNoOptionSelected protected function Asserts that a select option in the current page is not checked.
AssertContentTrait::assertNoPattern protected function Triggers a pass if the perl regex pattern is not found in raw content.
AssertContentTrait::assertNoRaw protected function Passes if the raw text is NOT found on the loaded page, fail otherwise.
AssertContentTrait::assertNoText protected function Passes if the page (with HTML stripped) does not contains the text.
AssertContentTrait::assertNoTitle protected function Pass if the page title is not the given string.
AssertContentTrait::assertNoUniqueText protected function Passes if the text is found MORE THAN ONCE on the text version of the page.
AssertContentTrait::assertOption protected function Asserts that a select option in the current page exists.
AssertContentTrait::assertOptionSelected protected function Asserts that a select option in the current page is checked.
AssertContentTrait::assertOptionSelectedWithDrupalSelector protected function Asserts that a select option in the current page is checked.
AssertContentTrait::assertOptionWithDrupalSelector protected function Asserts that a select option in the current page exists.
AssertContentTrait::assertPattern protected function Triggers a pass if the Perl regex pattern is found in the raw content.
AssertContentTrait::assertRaw protected function Passes if the raw text IS found on the loaded page, fail otherwise.
AssertContentTrait::assertText protected function Passes if the page (with HTML stripped) contains the text.
AssertContentTrait::assertTextHelper protected function Helper for assertText and assertNoText.
AssertContentTrait::assertTextPattern protected function Asserts that a Perl regex pattern is found in the plain-text content.
AssertContentTrait::assertThemeOutput protected function Asserts themed output.
AssertContentTrait::assertTitle protected function Pass if the page title is the given string.
AssertContentTrait::assertUniqueText protected function Passes if the text is found ONLY ONCE on the text version of the page.
AssertContentTrait::assertUniqueTextHelper protected function Helper for assertUniqueText and assertNoUniqueText.
AssertContentTrait::buildXPathQuery protected function Builds an XPath query.
AssertContentTrait::constructFieldXpath protected function Helper: Constructs an XPath for the given set of attributes and value.
AssertContentTrait::cssSelect protected function Searches elements using a CSS selector in the raw content.
AssertContentTrait::getAllOptions protected function Get all option elements, including nested options, in a select.
AssertContentTrait::getDrupalSettings protected function Gets the value of drupalSettings for the currently-loaded page.
AssertContentTrait::getRawContent protected function Gets the current raw content.
AssertContentTrait::getSelectedItem protected function Get the selected value from a select field.
AssertContentTrait::getTextContent protected function Retrieves the plain-text content from the current raw content.
AssertContentTrait::getUrl protected function Get the current URL from the cURL handler. 1
AssertContentTrait::parse protected function Parse content returned from curlExec using DOM and SimpleXML.
AssertContentTrait::removeWhiteSpace protected function Removes all white-space between HTML tags from the raw content.
AssertContentTrait::setDrupalSettings protected function Sets the value of drupalSettings for the currently-loaded page.
AssertContentTrait::setRawContent protected function Sets the raw content (e.g. HTML).
AssertContentTrait::xpath protected function Performs an xpath search on the contents of the internal browser.
AssertHelperTrait::castSafeStrings protected function Casts MarkupInterface objects into strings.
PageCacheTagsTestBase::$dumpHeaders protected property Always enable header dumping in page cache tags tests, this aids debugging. Overrides WebTestBase::$dumpHeaders
PageCacheTagsTestBase::verifyPageCache protected function Verify that when loading a given page, it's a page cache hit or miss.
RandomGeneratorTrait::$randomGenerator protected property The random generator.
RandomGeneratorTrait::getRandomGenerator protected function Gets the random generator for the utility methods.
RandomGeneratorTrait::randomMachineName protected function Generates a unique random string containing letters and numbers.
RandomGeneratorTrait::randomObject public function Generates a random PHP object.
RandomGeneratorTrait::randomString public function Generates a pseudo-random string of ASCII characters of codes 32 to 126.
RandomGeneratorTrait::randomStringValidate public function Callback for random string validation.
SessionTestTrait::$sessionName protected property The name of the session cookie.
SessionTestTrait::generateSessionName protected function Generates a session cookie name.
SessionTestTrait::getSessionName protected function Returns the session name in use on the child site.
TestBase::$assertions protected property Assertions thrown in that test case.
TestBase::$configImporter protected property The config importer that can used in a test. 5
TestBase::$configSchemaCheckerExclusions protected static property An array of config object names that are excluded from schema checking.
TestBase::$container protected property The dependency injection container used in the test.
TestBase::$databasePrefix protected property The database prefix of this test run.
TestBase::$dieOnFail public property Whether to die in case any test assertion fails.
TestBase::$httpAuthCredentials protected property HTTP authentication credentials (<username>:<password>).
TestBase::$httpAuthMethod protected property HTTP authentication method (specified as a CURLAUTH_* constant).
TestBase::$originalConf protected property The original configuration (variables), if available.
TestBase::$originalConfig protected property The original configuration (variables).
TestBase::$originalConfigDirectories protected property The original configuration directories.
TestBase::$originalContainer protected property The original container.
TestBase::$originalFileDirectory protected property The original file directory, before it was changed for testing purposes.
TestBase::$originalLanguage protected property The original language.
TestBase::$originalPrefix protected property The original database prefix when running inside Simpletest.
TestBase::$originalProfile protected property The original installation profile.
TestBase::$originalSessionName protected property The name of the session cookie of the test-runner.
TestBase::$originalSettings protected property The settings array.
TestBase::$originalSite protected property The site directory of the original parent site.
TestBase::$privateFilesDirectory protected property The private file directory for the test environment.
TestBase::$publicFilesDirectory protected property The public file directory for the test environment.
TestBase::$results public property Current results of this test case.
TestBase::$siteDirectory protected property The site directory of this test run.
TestBase::$skipClasses protected property This class is skipped when looking for the source of an assertion.
TestBase::$strictConfigSchema protected property Set to TRUE to strict check all configuration saved. 4
TestBase::$tempFilesDirectory protected property The temporary file directory for the test environment.
TestBase::$testId protected property The test run ID.
TestBase::$timeLimit protected property Time limit for the test.
TestBase::$translationFilesDirectory protected property The translation file directory for the test environment.
TestBase::$verbose public property TRUE if verbose debugging is enabled.
TestBase::$verboseClassName protected property Safe class name for use in verbose output filenames.
TestBase::$verboseDirectory protected property Directory where verbose output files are put.
TestBase::$verboseDirectoryUrl protected property URL to the verbose output file directory.
TestBase::$verboseId protected property Incrementing identifier for verbose output filenames.
TestBase::assert protected function Internal helper: stores the assert.
TestBase::assertEqual protected function Check to see if two values are equal.
TestBase::assertErrorLogged protected function Asserts that a specific error has been logged to the PHP error log.
TestBase::assertFalse protected function Check to see if a value is false.
TestBase::assertIdentical protected function Check to see if two values are identical.
TestBase::assertIdenticalObject protected function Checks to see if two objects are identical.
TestBase::assertNoErrorsLogged protected function Asserts that no errors have been logged to the PHP error.log thus far.
TestBase::assertNotEqual protected function Check to see if two values are not equal.
TestBase::assertNotIdentical protected function Check to see if two values are not identical.
TestBase::assertNotNull protected function Check to see if a value is not NULL.
TestBase::assertNull protected function Check to see if a value is NULL.
TestBase::assertTrue protected function Check to see if a value is not false.
TestBase::beforePrepareEnvironment protected function Act on global state information before the environment is altered for a test. 1
TestBase::changeDatabasePrefix private function Changes the database connection to the prefixed one.
TestBase::checkRequirements protected function Checks the matching requirements for Test. 2
TestBase::config protected function Configuration accessor for tests. Returns non-overridden configuration.
TestBase::configImporter public function Returns a ConfigImporter object to import test importing of configuration. 5
TestBase::copyConfig public function Copies configuration objects from source storage to target storage.
TestBase::deleteAssert public static function Delete an assertion record by message ID.
TestBase::error protected function Fire an error assertion. 3
TestBase::errorHandler public function Handle errors during test runs.
TestBase::exceptionHandler protected function Handle exceptions.
TestBase::fail protected function Fire an assertion that is always negative.
TestBase::filePreDeleteCallback public static function Ensures test files are deletable within file_unmanaged_delete_recursive().
TestBase::generatePermutations public static function Converts a list of possible parameters into a stack of permutations.
TestBase::getAssertionCall protected function Cycles through backtrace until the first non-assertion method is found.
TestBase::getConfigSchemaExclusions protected function Gets the config schema exclusions for this test.
TestBase::getDatabaseConnection public static function Returns the database connection to the site running Simpletest.
TestBase::getDatabasePrefix public function Gets the database prefix.
TestBase::getTempFilesDirectory public function Gets the temporary files directory.
TestBase::insertAssert public static function Store an assertion from outside the testing context.
TestBase::pass protected function Fire an assertion that is always positive.
TestBase::prepareDatabasePrefix private function Generates a database prefix for running tests.
TestBase::prepareEnvironment private function Prepares the current environment for running the test.
TestBase::restoreEnvironment private function Cleans up the test environment and restores the original environment.
TestBase::run public function Run all tests in this class. 1
TestBase::settingsSet protected function Changes in memory settings.
TestBase::storeAssertion protected function Helper method to store an assertion record in the configured database.
TestBase::verbose protected function Logs a verbose message in a text file.
UserCreationTrait::checkPermissions protected function Checks whether a given list of permission names is valid.
UserCreationTrait::createAdminRole protected function Creates an administrative role. Aliased as: drupalCreateAdminRole
UserCreationTrait::createRole protected function Creates a role with specified permissions. Aliased as: drupalCreateRole
UserCreationTrait::createUser protected function Create a user with a given set of permissions. Aliased as: drupalCreateUser
UserCreationTrait::grantPermissions protected function Grant permissions to a user role.
UserCreationTrait::setCurrentUser protected function Switch the current logged in user.
UserPasswordResetTest::$account protected property The user object to test password resetting.
UserPasswordResetTest::$modules public static property Modules to enable.
UserPasswordResetTest::$profile protected property The profile to install as a basis for testing. Overrides WebTestBase::$profile
UserPasswordResetTest::getResetURL public function Retrieves password reset email and extracts the login link.
UserPasswordResetTest::setUp protected function Sets up a Drupal site for running functional and integration tests. Overrides PageCacheTagsTestBase::setUp
UserPasswordResetTest::testResetImpersonation function Make sure that users cannot forge password reset URLs of other users.
UserPasswordResetTest::testUserPasswordReset function Tests password reset functionality.
UserPasswordResetTest::testUserPasswordResetLoggedIn public function Test user password reset while logged in.
UserPasswordResetTest::testUserResetPasswordTextboxFilled public function Prefill the text box on incorrect login via link to password reset page.
WebTestBase::$additionalCurlOptions protected property Additional cURL options.
WebTestBase::$assertAjaxHeader protected property Whether or not to assert the presence of the X-Drupal-Ajax-Token.
WebTestBase::$classLoader protected property The class loader to use for installation and initialization of setup.
WebTestBase::$configDirectories protected property The config directories used in this test.
WebTestBase::$cookieFile protected property The current cookie file used by cURL.
WebTestBase::$cookies protected property The cookies of the page currently loaded in the internal browser.
WebTestBase::$curlCookies protected property Cookies to set on curl requests.
WebTestBase::$curlHandle protected property The handle of the current cURL connection.
WebTestBase::$customTranslations protected property An array of custom translations suitable for drupal_rewrite_settings().
WebTestBase::$generatedTestFiles protected property Whether the files were copied to the test files directory.
WebTestBase::$headers protected property The headers of the page currently loaded in the internal browser.
WebTestBase::$kernel protected property The kernel used in this test. Overrides TestBase::$kernel
WebTestBase::$loggedInUser protected property The current user logged in using the internal browser.
WebTestBase::$maximumMetaRefreshCount protected property The number of meta refresh redirects to follow, or NULL if unlimited.
WebTestBase::$maximumRedirects protected property The maximum number of redirects to follow when handling responses.
WebTestBase::$metaRefreshCount protected property The number of meta refresh redirects followed during ::drupalGet().
WebTestBase::$originalBatch protected property The original batch, before it was changed for testing purposes.
WebTestBase::$originalShutdownCallbacks protected property The original shutdown handlers array, before it was cleaned for testing. Overrides TestBase::$originalShutdownCallbacks
WebTestBase::$originalUser protected property The original user, before it was changed to a clean uid = 1 for testing. Overrides TestBase::$originalUser
WebTestBase::$redirectCount protected property The number of redirects followed during the handling of a request.
WebTestBase::$rootUser protected property The "#1" admin user.
WebTestBase::$sessionId protected property The current session ID, if available.
WebTestBase::$url protected property The URL currently loaded in the internal browser.
WebTestBase::addCustomTranslations protected function Queues custom translations to be written to settings.php.
WebTestBase::assertBlockAppears protected function Checks to see whether a block appears on the page.
WebTestBase::assertCacheContext protected function Asserts whether an expected cache context was present in the last response.
WebTestBase::assertCacheTag protected function Asserts whether an expected cache tag was present in the last response.
WebTestBase::assertHeader protected function Check if a HTTP response header exists and has the expected value.
WebTestBase::assertMail protected function Asserts that the most recently sent email message has the given value.
WebTestBase::assertMailPattern protected function Asserts that the most recently sent email message has the pattern in it.
WebTestBase::assertMailString protected function Asserts that the most recently sent email message has the string in it.
WebTestBase::assertNoBlockAppears protected function Checks to see whether a block does not appears on the page.
WebTestBase::assertNoCacheContext protected function Asserts that a cache context was not present in the last response.
WebTestBase::assertNoCacheTag protected function Asserts whether an expected cache tag was absent in the last response.
WebTestBase::assertNoResponse protected function Asserts the page did not return the specified response code.
WebTestBase::assertResponse protected function Asserts the page responds with the specified response code.
WebTestBase::assertUrl protected function Passes if the internal browser's URL matches the given path.
WebTestBase::buildUrl protected function Builds an a absolute URL from a system path or a URL object.
WebTestBase::checkForMetaRefresh protected function Checks for meta refresh tag and if found call drupalGet() recursively.
WebTestBase::clickLink protected function Follows a link by complete name.
WebTestBase::clickLinkHelper protected function Provides a helper for ::clickLink() and ::clickLinkPartialName().
WebTestBase::clickLinkPartialName protected function Follows a link by partial name.
WebTestBase::cronRun protected function Runs cron in the Drupal installed by Simpletest.
WebTestBase::curlClose protected function Close the cURL handler and unset the handler.
WebTestBase::curlExec protected function Initializes and executes a cURL request. 2
WebTestBase::curlHeaderCallback protected function Reads headers and registers errors received from the tested site.
WebTestBase::curlInitialize protected function Initializes the cURL connection.
WebTestBase::doInstall protected function Execute the non-interactive installer.
WebTestBase::drupalBuildEntityView protected function Builds the renderable view of an entity.
WebTestBase::drupalCompareFiles protected function Compare two files based on size and file name.
WebTestBase::drupalCreateContentType protected function Creates a custom content type based on default settings.
WebTestBase::drupalCreateNode protected function Creates a node based on default settings.
WebTestBase::drupalGet protected function Retrieves a Drupal path or an absolute path. 1
WebTestBase::drupalGetAjax protected function Requests a path or URL in drupal_ajax format and JSON-decodes the response.
WebTestBase::drupalGetHeader protected function Gets the value of an HTTP response header.
WebTestBase::drupalGetHeaders protected function Gets the HTTP response headers of the requested page.
WebTestBase::drupalGetJSON protected function Retrieves a Drupal path or an absolute path and JSON decodes the result.
WebTestBase::drupalGetMails protected function Gets an array containing all emails sent during this test case.
WebTestBase::drupalGetNodeByTitle function Get a node from the database based on its title.
WebTestBase::drupalGetTestFiles protected function Gets a list of files that can be used in tests.
WebTestBase::drupalGetWithFormat protected function Retrieves a Drupal path or an absolute path for a given format.
WebTestBase::drupalGetXHR protected function Requests a Drupal path or an absolute path as if it is a XMLHttpRequest.
WebTestBase::drupalHead protected function Retrieves only the headers for a Drupal path or an absolute path.
WebTestBase::drupalLogin protected function Log in a user with the internal browser.
WebTestBase::drupalLogout protected function Logs a user out of the internal browser and confirms.
WebTestBase::drupalPlaceBlock protected function Creates a block instance based on default settings.
WebTestBase::drupalPost protected function Perform a POST HTTP request.
WebTestBase::drupalPostAjaxForm protected function Executes an Ajax form submission.
WebTestBase::drupalPostForm protected function Executes a form submission.
WebTestBase::drupalPostWithFormat protected function Performs a POST HTTP request with a specific format.
WebTestBase::drupalProcessAjaxResponse protected function Processes an AJAX response into current content.
WebTestBase::drupalUserIsLoggedIn protected function Returns whether a given user account is logged in.
WebTestBase::findBlockInstance protected function Find a block instance on the page.
WebTestBase::getAbsoluteUrl protected function Takes a path and returns an absolute path.
WebTestBase::getAjaxPageStatePostData protected function Get the Ajax page state from drupalSettings and prepare it for POSTing.
WebTestBase::getDatabaseTypes protected function Returns all supported database driver installer objects.
WebTestBase::handleForm protected function Handles form input related to drupalPostForm().
WebTestBase::initConfig protected function Initialize various configurations post-installation.
WebTestBase::initKernel protected function Initializes the kernel after installation.
WebTestBase::initSettings protected function Initialize settings created during install.
WebTestBase::initUserSession protected function Initializes user 1 for the site to be installed.
WebTestBase::installModulesFromClassProperty protected function Install modules defined by `static::$modules`.
WebTestBase::installParameters protected function Returns the parameters that will be used when Simpletest installs Drupal. 2
WebTestBase::isInChildSite protected function Returns whether the test is being executed from within a test site.
WebTestBase::prepareRequestForGenerator protected function Creates a mock request and sets it on the generator.
WebTestBase::prepareSettings protected function Prepares site settings and services before installation. 1
WebTestBase::rebuildAll protected function Reset and rebuild the environment after setup.
WebTestBase::rebuildContainer protected function Rebuilds \Drupal::getContainer().
WebTestBase::refreshVariables protected function Refreshes in-memory configuration and state information. 1
WebTestBase::resetAll protected function Resets all data structures after having enabled new modules.
WebTestBase::restoreBatch protected function Restore the original batch.
WebTestBase::serializePostValues protected function Serialize POST HTTP request values.
WebTestBase::setBatch protected function Preserve the original batch, and instantiate the test batch.
WebTestBase::setContainerParameter protected function Changes parameters in the services.yml file.
WebTestBase::setHttpResponseDebugCacheabilityHeaders protected function Enables/disables the cacheability headers.
WebTestBase::tearDown protected function Cleans up after testing. Overrides TestBase::tearDown 2
WebTestBase::translatePostValues protected function Transforms a nested array into a flat array suitable for WebTestBase::drupalPostForm().
WebTestBase::verboseEmail protected function Outputs to verbose the most recent $count emails sent.
WebTestBase::writeCustomTranslations protected function Writes custom translations to the test site's settings.php.
WebTestBase::writeSettings protected function Rewrites the settings.php file of the test site.
WebTestBase::__construct function Constructor for \Drupal\simpletest\WebTestBase. Overrides TestBase::__construct 1