t('Secure Site (Caching disabled)'), 'desc' => t('Executes the Secure Site module test suite with caching disabled.'), 'group' => t('Secure Site module'), ); } function setUp() { // Disable cache $this->drupalVariableSet('cache', CACHE_DISABLED); // Always call the setUp() function from the parent class parent::setUp(); } /** * Check prerequisites */ function testPrerequisites() { // 'Access secured pages' permission should be disabled for the // authenticated or anonymous user for the tests to work correctly $this->assertFalse( array_key_exists(DRUPAL_ANONYMOUS_RID, user_roles(FALSE, 'access secured pages')), t('Prerequisite Test #1; failure indicates other test results can\'t be trusted') .': %s' ); $this->assertFalse( array_key_exists(DRUPAL_AUTHENTICATED_RID, user_roles(FALSE, 'access secured pages')), t('Prerequisite Test #2; failure indicates other test results can\'t be trusted') .': %s' ); } /** * Check that using the deprecated HTTP Auth alternative method doesn't cause * sites to be inaccessible (they should be accessible to anonymous users) */ function testLoginHTTPDeprecated() { $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH_ALT); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalGet(url(NULL, array('absolute' => TRUE))); // Passing NULL to url() returns the base site path $this->assertResponse('200', t('Login: Deprecated HTTP Auth Alt') .': %s'); $this->assertNoAuthentication(); } /** * Check that anonymous users get the correct headers when using HTTP Auth */ function testLoginAnonymousHTTP() { $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('401', t('Login: Anonymous HTTP Auth') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm(variable_get('securesite_realm', variable_get('site_name', 'Drupal'))); } /** * Check that anonymous users get the correct headers when using the HTML * login form */ function testLoginAnonymousHTML() { $this->drupalVariableSet('securesite_enabled', SECURESITE_FORM); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('200', t('Login: Anonymous HTML form') .': %s'); $this->assertNoAuthentication(); $this->assertWantedRaw('

Login

'); } /** * Check that anonymous users get the correct headers when Secure Site is * disabled */ function testLoginAnonymousDisabled() { $this->drupalVariableSet('securesite_enabled', SECURESITE_DISABLED); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('200', t('Login: Disabled') .': %s'); $this->assertNoAuthentication(); } /** * Check that privileged users can login with HTTP Auth enabled */ function testLoginPrivilegedHTTP() { $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal')); $privileged_user = $this->drupalCreateUserRolePerm( array('access content', 'access secured pages') ); $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalGet(url("user/$privileged_user->uid", array('absolute' => TRUE))); $this->assertResponse('401'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); $this->authenticate($privileged_user->name, $privileged_user->pass_raw); $this->assertResponse('200', t('Login: Privileged HTTP Auth') .': %s'); $this->assertNoAuthentication(); $this->assertText($privileged_user->name); $this->drupalGet(url('logout', array('absolute' => TRUE))); $this->assertResponse('401'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); } /** * Check that unprivileged users get HTTP Auth when accessing secure pages */ function testLoginUnprivilegedHTTP() { $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal')); $unprivileged_user = $this->drupalCreateUserRolePerm( array('access content') ); $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('401', t('Login: Unprivileged HTTP Auth') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); $this->authenticate($unprivileged_user->name, $unprivileged_user->pass_raw); $this->assertResponse('401'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); $this->drupalGet(url('logout', array('absolute' => TRUE))); $this->assertResponse('401'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); } /** * Check that unprivileged users don't get HTTP Auth when accessing unsecured pages */ function testLoginUnprivileged() { $unprivileged_user = $this->drupalCreateUserRolePerm( array('access content') ); $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST); $this->drupalVariableSet('securesite_filter_pages', 'admin'); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('200', t('Login: Unprivileged unsecured') .': %s'); $this->assertNoAuthentication(); $this->assertText('User login'); $this->drupalLoginUser($unprivileged_user); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->assertNoText('User login'); } /** * Check that users are able to login and logout from unsecured portions of * the site after using the normal Drupal login form */ function testLogoutUnsecure() { $privileged_user = $this->drupalCreateUserRolePerm( array('access content', 'access secured pages') ); $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); // '/user' has to be whitelisted because drupalLoginUser() goes there to // login $this->drupalVariableSet('securesite_filter_pages', "\nuser"); $this->drupalGet(url('', array('absolute' => TRUE))); $this->assertResponse('200', t('Logout: Unsecure') .': %s'); $this->assertNoAuthentication(); $this->drupalLoginUser($privileged_user); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->drupalGet(url('logout', array('absolute' => TRUE))); $this->assertResponse('200'); $this->assertNoAuthentication(); } /** * Check that users get an access denied warning when accessing secured * portions of the site if they've already logged in and don't have access to * the secure portion */ function testAccessDenied() { $privileged_user = $this->drupalCreateUserRolePerm( array('access content', 'access secured pages') ); $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', "\nuser"); $this->drupalLoginUser($privileged_user); $this->drupalGet(url('user/1', array('absolute' => TRUE))); $this->assertResponse('403', t('Access Denied') .': %s'); $this->assertWantedRaw('Access denied'); $this->drupalGet(url('logout', array('absolute' => TRUE))); $this->assertResponse('200'); $this->assertNoAuthentication(); } /** * Check that guests can login when guest mode is enabled (a username and * password are set) */ function testGuestLogin() { $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal')); $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalVariableSet('securesite_guest_name', 'foo'); $this->drupalVariableSet('securesite_guest_pass', 'bar'); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('401', t('Guest Mode: Login') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); $this->authenticate('foo', 'bar'); $this->assertResponse('200'); $this->assertNoAuthentication(); // Age the session by 30 days to make sure it will be cleaned up and // restart the test browser $this->ageCookies(3600 * 24 * 30); $this->restart(); // Now, check that HTTP Auth works normally $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('401', t('Guest Mode: Logout') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); } /** * Check that users get the correct page after previously logging in as a * guest and not forcing a guest logout */ function testGuestFirstUnclean() { $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal')); $privileged_user = $this->drupalCreateUserRolePerm( array('access content', 'access secured pages') ); // Login as a guest first $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalVariableSet('securesite_guest_name', 'foo'); $this->drupalVariableSet('securesite_guest_pass', 'bar'); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('401', t('Guest Mode: Guest First Unclean') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); $this->authenticate('foo', 'bar'); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->assertText('User login'); // Now, restart (since logout isn't possible for guests) and login as a // privileged user $this->restart(); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->assertText('User login'); $this->drupalLoginUser($privileged_user); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->assertNoText('User login'); } /** * Check that users get the correct page after previously logging in as a * guest */ function testGuestFirstClean() { $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal')); $privileged_user = $this->drupalCreateUserRolePerm( array('access content', 'access secured pages') ); // Login as a guest first $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalVariableSet('securesite_guest_name', 'foo'); $this->drupalVariableSet('securesite_guest_pass', 'bar'); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('401', t('Guest Mode: Guest First Clean') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); $this->authenticate('foo', 'bar'); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->assertText('User login'); // Now, force guest logout, restart, and login as a privileged user $this->ageCookies(3600 * 24 * 30); $this->restart(); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('401'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); $this->authenticate($privileged_user->name, $privileged_user->pass_raw); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->assertNoText('User login'); // TODO: Remove the following line once this test passes cache_clear_all(); } /** * Check that guests get the correct page after previously logging in as a * user */ function testGuestSecond() { $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal')); $privileged_user = $this->drupalCreateUserRolePerm( array('access content', 'access secured pages') ); // Login as a privileged user first $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalVariableSet('securesite_guest_name', 'foo'); $this->drupalVariableSet('securesite_guest_pass', 'bar'); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('401', t('Guest Mode: Guest Second') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); $this->authenticate($privileged_user->name, $privileged_user->pass_raw); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->assertNoText('User login'); $this->drupalGet(url('logout', array('absolute' => TRUE))); // Now, login as a guest $this->assertResponse('401'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); $this->authenticate('foo', 'bar'); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->assertText('User login'); } /** * Check that guests are logged out if user had logged in after being a guest */ function testGuestUserLogout() { $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal')); $privileged_user = $this->drupalCreateUserRolePerm( array('access content', 'access secured pages') ); // Login as a guest first $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST); $this->drupalVariableSet('securesite_filter_pages', 'user*'); $this->drupalVariableSet('securesite_guest_name', 'foo'); $this->drupalVariableSet('securesite_guest_pass', 'bar'); $this->drupalGet(url('user/login', array('absolute' => TRUE))); $this->assertResponse('401', t('Guest Mode: Guest and User Logout') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); $this->authenticate('foo', 'bar'); $this->assertResponse('200'); $this->assertNoAuthentication(); // Now, login as a privileged user $this->assertText('User account'); $this->drupalLoginUser($privileged_user); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->assertNoText('User login'); // Now, logout should trigger an auth dialog $this->drupalGet(url('logout', array('absolute' => TRUE))); $this->assertResponse('401'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); } /** * Check that guest mode is correctly disabled when no username and password * are set */ function testGuestDisabled() { $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalVariableSet('securesite_guest_name', NULL); $this->drupalVariableSet('securesite_guest_pass', NULL); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('401', t('Guest Mode: Disabled') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm(variable_get('securesite_realm', variable_get('site_name', 'Drupal'))); } /** * Test the cron bypass */ function testBypassCron() { $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalGet(url('cron.php', array('absolute' => TRUE))); $this->assertResponse('200', t('Bypass: cron') .': %s'); $this->assertNoAuthentication(); } /** * Test the user #1 bypass * * TODO: Test disabled since it's not possible to get user #1's password to * test login */ /* function testBypassUser1() { $user_one = user_load(array('uid' => 1)); $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalGet(url("user/$user_one->uid", array('absolute' => TRUE))); $this->authenticate($user_one->name, $user_one->pass); $this->assertResponse('200', t('Bypass Test #4') .': %s'); $this->assertNoAuthentication(); $this->assertText($user_one->name); $this->drupalGet(url('logout', array('absolute' => TRUE))); } */ /** * Test whitelist */ function testWhitelist() { $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', 'admin/*'); $this->drupalGet(url('admin/content', array('absolute' => TRUE))); $this->assertResponse('403', t('Whitelist') .': %s'); $this->assertNoAuthentication(); $this->assertText('Access denied'); } /** * Test blacklist */ function testBlacklist() { $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST); $this->drupalVariableSet('securesite_filter_pages', 'admin/*'); $this->drupalGet(url('admin/content', array('absolute' => TRUE))); $this->assertResponse('401', t('Blacklist') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm(variable_get('securesite_realm', variable_get('site_name', 'Drupal'))); } /** * Check that the realm is correct when using the HTTP Auth method with the * default SimpleTest User Agent string */ function testUserAgentDefault() { $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('401', t('UA Test #1') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm(variable_get('securesite_realm', variable_get('site_name', 'Drupal'))); } /** * Check that the realm is correct when using the HTTP Auth method with * Opera's User Agent string */ function testUserAgentOpera() { $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal')); // Send the Opera 9.51 User-Agent header $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->addHeader('User-Agent: Opera/9.51 (Windows NT 5.1; U; en)'); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('401', t('User Agent: Opera') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm(new PatternExpectation("/$realm - \d\d\d*/")); } /** * Check that the realm is correct when using the HTTP Auth method with * Safari's User Agent string */ function testUserAgentSafari() { $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal')); // Send the Safari 3.1 User-Agent header $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->addHeader('User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_2; en-us) AppleWebKit/525.13 (KHTML, like Gecko) Version/3.1 Safari/525.13'); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('401', t('User Agent: Safari') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm(new PatternExpectation("/$realm - \d\d\d*/")); } /** * Check that the realm is correct when using the HTTP Auth method with * Internet Explorer's User Agent string */ function testUserAgentIE() { $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal')); // Send the Internet Explorer 8.0 Beta User-Agent header $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->addHeader('User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; WOW64; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.0.04506; Media Center PC 5.0; .NET CLR 1.1.4322)'); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('401', t('User Agent: IE') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm(new PatternExpectation("/$realm - \d\d\d*/")); } /** * Check that the realm is correct when using the HTTP Auth method with * Firefox's User Agent string */ function testUserAgentFirefox() { $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal')); // Send the Firefox 3.0.1 User-Agent header $this->restart(); $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->addHeader('User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1'); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('401', t('User Agent: Firefox') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); } /** * Tests for _securesite_filter_check() * * TODO: Add result explanations * TODO: Verify correctness of test #11 */ function testFilterCheck() { $home = variable_get('site_frontpage', 'node'); // Disable Secure Site, as the init() stuff can get in the way $this->drupalVariableSet('securesite_enabled', SECURESITE_DISABLED); // Test #1: Basic Whitelist $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', 'node'); $this->assertTrue(_securesite_filter_check('node'), t('Filter Check Test #1') .': %s'); // Test #2: Basic Blacklist $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST); $this->assertFalse(_securesite_filter_check('node'), t('Filter Check Test #2') .': %s'); // Test #3: Empty Whitelist $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->assertFalse(_securesite_filter_check($home), t('Filter Check Test #3') .': %s'); // Test #4: Empty Blacklist $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST); $this->assertTrue(_securesite_filter_check($home), t('Filter Check Test #4') .': %s'); // Test #5: NULL Whitelist $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', NULL); $this->assertFalse(_securesite_filter_check($home), t('Filter Check Test #5') .': %s'); // Test #6: NULL Blacklist $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST); $this->assertTrue(_securesite_filter_check($home), t('Filter Check Test #6') .': %s'); // Test #7: Whitelist $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->assertTrue(_securesite_filter_check($home), t('Filter Check Test #7') .': %s'); // Test #8: Blacklist $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST); $this->assertFalse(_securesite_filter_check($home), t('Filter Check Test #8') .': %s'); // Test #9: Empty Path $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->assertFalse(_securesite_filter_check(''), t('Filter Check Test #9') .': %s'); // Test #10: NULL Path $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->assertFalse(_securesite_filter_check(NULL), t('Filter Check Test #10') .': %s'); // Test #11: is the same as no path $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->assertFalse(_securesite_filter_check(''), t('Filter Check Test #11') .': %s'); } /** * Check that login works normally after previous login and logout using the * normal HTML login form */ function testRepeatLoginUnsecure() { $privileged_user = $this->drupalCreateUserRolePerm( array('access content', 'access secured pages') ); // Login, logout, then login and logout again $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', "\nuser"); $this->drupalGet(url('', array('absolute' => TRUE))); $this->assertResponse('200', t('Repeat Login: Unsecure') .': %s'); $this->assertNoAuthentication(); $this->drupalLoginUser($privileged_user); $this->drupalGet(url('logout', array('absolute' => TRUE))); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->drupalGet(url('', array('absolute' => TRUE))); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->drupalLoginUser($privileged_user); $this->drupalGet(url('logout', array('absolute' => TRUE))); $this->assertResponse('200'); $this->assertNoAuthentication(); } /** * Check that login works normally after previous login and logout when first * not securing , then securing it */ function testRepeatLoginUnsecureFirst() { $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal')); $privileged_user = $this->drupalCreateUserRolePerm( array('access content', 'access secured pages') ); // Login, logout, then login and logout again $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', "\nuser"); $this->drupalGet(url('', array('absolute' => TRUE))); $this->assertResponse('200', t('Repeat Login: Unsecure First') .': %s'); $this->assertNoAuthentication(); $this->drupalLoginUser($privileged_user); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->drupalGet(url('logout', array('absolute' => TRUE))); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalGet(url('', array('absolute' => TRUE))); $this->assertResponse('401'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); $this->authenticate($privileged_user->name, $privileged_user->pass_raw); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->drupalGet(url('logout', array('absolute' => TRUE))); $this->assertResponse('401'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); } /** * Check that login works normally after previous login and logout when first * securing , then not */ function testRepeatLoginSecureFirst() { $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal')); $privileged_user = $this->drupalCreateUserRolePerm( array('access content', 'access secured pages') ); // Login, logout, then login and logout again $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalGet(url('', array('absolute' => TRUE))); $this->assertResponse('401', t('Repeat Login: Secure First') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); $this->authenticate($privileged_user->name, $privileged_user->pass_raw); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->drupalGet(url('logout', array('absolute' => TRUE))); $this->assertResponse('401'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); $this->drupalVariableSet('securesite_filter_pages', "\nuser"); $this->drupalGet(url('', array('absolute' => TRUE))); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->drupalLoginUser($privileged_user); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->drupalGet(url('logout', array('absolute' => TRUE))); $this->assertResponse('200'); $this->assertNoAuthentication(); } /** * Check that the user doesn't get stuck on the logout page */ function testLogoutRedirect() { $realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal')); $privileged_user = $this->drupalCreateUserRolePerm( array('access content', 'access secured pages') ); $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('401', t('Logout Redirect') .': %s'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); $this->authenticate($privileged_user->name, $privileged_user->pass_raw); $this->assertResponse('200'); $this->assertNoAuthentication(); $this->drupalGet(url('logout', array('absolute' => TRUE))); $this->assertResponse('401'); $this->assertAuthentication('Basic'); $this->assertRealm($realm); $this->authenticate($privileged_user->name, $privileged_user->pass_raw); $this->assertResponse('200'); $this->assertNoAuthentication(); } } class SecureSiteCacheTest extends SecureSiteTest { function get_info() { return array( 'name' => t('Secure Site (Caching enabled)'), 'desc' => t('Executes the Secure Site module test suite with caching enabled.'), 'group' => t('Secure Site module'), ); } function setUp() { // Always call the setUp() function from the parent class. Do it first // here so the cache value is correct below. parent::setUp(); // Enable cache $this->drupalVariableSet('cache', CACHE_NORMAL); } } /** * Test the CLI bypass * * TODO: Test disabled since drush doesn't seem to get normal HTTP responses */ class SecureSiteCLITest extends DrupalTestCase { /** * Drupal SimpleTest method: return metadata about the test */ /* function get_info() { return array( 'name' => t('Secure Site CLI'), 'desc' => t('Executes CLI test for the Secure Site module.'), 'group' => t('Secure Site module'), ); } function testBypassCLI() { // Test only runs when PHP is run from the command line $this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH); $this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST); $this->drupalVariableSet('securesite_filter_pages', ''); $this->drupalGet(url(NULL, array('absolute' => TRUE))); $this->assertResponse('200', t('Bypass: CLI; test will fail if not running Drupal via the command-line (try drush)') .': %s'); $this->assertNoAuthentication(); } */ }