t('Secure Site (Caching disabled)'),
'desc' => t('Executes the Secure Site module test suite with caching disabled.'),
'group' => t('Secure Site module'),
);
}
function setUp() {
// Disable cache
$this->drupalVariableSet('cache', CACHE_DISABLED);
// Always call the setUp() function from the parent class
parent::setUp();
}
/**
* Check prerequisites
*/
function testPrerequisites() {
// 'Access secured pages' permission should be disabled for the
// authenticated or anonymous user for the tests to work correctly
$this->assertFalse(
array_key_exists(DRUPAL_ANONYMOUS_RID, user_roles(FALSE, 'access secured pages')),
t('Prerequisite Test #1; failure indicates other test results can\'t be trusted') .': %s'
);
$this->assertFalse(
array_key_exists(DRUPAL_AUTHENTICATED_RID, user_roles(FALSE, 'access secured pages')),
t('Prerequisite Test #2; failure indicates other test results can\'t be trusted') .': %s'
);
}
/**
* Check that using the deprecated HTTP Auth alternative method doesn't cause
* sites to be inaccessible (they should be accessible to anonymous users)
*/
function testLoginHTTPDeprecated() {
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH_ALT);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalGet(url(NULL, array('absolute' => TRUE))); // Passing NULL to url() returns the base site path
$this->assertResponse('200', t('Login: Deprecated HTTP Auth Alt') .': %s');
$this->assertNoAuthentication();
}
/**
* Check that anonymous users get the correct headers when using HTTP Auth
*/
function testLoginAnonymousHTTP() {
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('401', t('Login: Anonymous HTTP Auth') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm(variable_get('securesite_realm', variable_get('site_name', 'Drupal')));
}
/**
* Check that anonymous users get the correct headers when using the HTML
* login form
*/
function testLoginAnonymousHTML() {
$this->drupalVariableSet('securesite_enabled', SECURESITE_FORM);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('200', t('Login: Anonymous HTML form') .': %s');
$this->assertNoAuthentication();
$this->assertWantedRaw('
Login
');
}
/**
* Check that anonymous users get the correct headers when Secure Site is
* disabled
*/
function testLoginAnonymousDisabled() {
$this->drupalVariableSet('securesite_enabled', SECURESITE_DISABLED);
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('200', t('Login: Disabled') .': %s');
$this->assertNoAuthentication();
}
/**
* Check that privileged users can login with HTTP Auth enabled
*/
function testLoginPrivilegedHTTP() {
$realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
$privileged_user = $this->drupalCreateUserRolePerm(
array('access content', 'access secured pages')
);
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalGet(url("user/$privileged_user->uid", array('absolute' => TRUE)));
$this->assertResponse('401');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
$this->authenticate($privileged_user->name, $privileged_user->pass_raw);
$this->assertResponse('200', t('Login: Privileged HTTP Auth') .': %s');
$this->assertNoAuthentication();
$this->assertText($privileged_user->name);
$this->drupalGet(url('logout', array('absolute' => TRUE)));
$this->assertResponse('401');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
}
/**
* Check that unprivileged users get HTTP Auth when accessing secure pages
*/
function testLoginUnprivilegedHTTP() {
$realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
$unprivileged_user = $this->drupalCreateUserRolePerm(
array('access content')
);
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('401', t('Login: Unprivileged HTTP Auth') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
$this->authenticate($unprivileged_user->name, $unprivileged_user->pass_raw);
$this->assertResponse('401');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
$this->drupalGet(url('logout', array('absolute' => TRUE)));
$this->assertResponse('401');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
}
/**
* Check that unprivileged users don't get HTTP Auth when accessing unsecured pages
*/
function testLoginUnprivileged() {
$unprivileged_user = $this->drupalCreateUserRolePerm(
array('access content')
);
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
$this->drupalVariableSet('securesite_filter_pages', 'admin');
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('200', t('Login: Unprivileged unsecured') .': %s');
$this->assertNoAuthentication();
$this->assertText('User login');
$this->drupalLoginUser($unprivileged_user);
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->assertNoText('User login');
}
/**
* Check that users are able to login and logout from unsecured portions of
* the site after using the normal Drupal login form
*/
function testLogoutUnsecure() {
$privileged_user = $this->drupalCreateUserRolePerm(
array('access content', 'access secured pages')
);
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
// '/user' has to be whitelisted because drupalLoginUser() goes there to
// login
$this->drupalVariableSet('securesite_filter_pages', "\nuser");
$this->drupalGet(url('', array('absolute' => TRUE)));
$this->assertResponse('200', t('Logout: Unsecure') .': %s');
$this->assertNoAuthentication();
$this->drupalLoginUser($privileged_user);
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->drupalGet(url('logout', array('absolute' => TRUE)));
$this->assertResponse('200');
$this->assertNoAuthentication();
}
/**
* Check that users get an access denied warning when accessing secured
* portions of the site if they've already logged in and don't have access to
* the secure portion
*/
function testAccessDenied() {
$privileged_user = $this->drupalCreateUserRolePerm(
array('access content', 'access secured pages')
);
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', "\nuser");
$this->drupalLoginUser($privileged_user);
$this->drupalGet(url('user/1', array('absolute' => TRUE)));
$this->assertResponse('403', t('Access Denied') .': %s');
$this->assertWantedRaw('Access denied');
$this->drupalGet(url('logout', array('absolute' => TRUE)));
$this->assertResponse('200');
$this->assertNoAuthentication();
}
/**
* Check that guests can login when guest mode is enabled (a username and
* password are set)
*/
function testGuestLogin() {
$realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalVariableSet('securesite_guest_name', 'foo');
$this->drupalVariableSet('securesite_guest_pass', 'bar');
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('401', t('Guest Mode: Login') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
$this->authenticate('foo', 'bar');
$this->assertResponse('200');
$this->assertNoAuthentication();
// Age the session by 30 days to make sure it will be cleaned up and
// restart the test browser
$this->ageCookies(3600 * 24 * 30);
$this->restart();
// Now, check that HTTP Auth works normally
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('401', t('Guest Mode: Logout') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
}
/**
* Check that users get the correct page after previously logging in as a
* guest and not forcing a guest logout
*/
function testGuestFirstUnclean() {
$realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
$privileged_user = $this->drupalCreateUserRolePerm(
array('access content', 'access secured pages')
);
// Login as a guest first
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalVariableSet('securesite_guest_name', 'foo');
$this->drupalVariableSet('securesite_guest_pass', 'bar');
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('401', t('Guest Mode: Guest First Unclean') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
$this->authenticate('foo', 'bar');
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->assertText('User login');
// Now, restart (since logout isn't possible for guests) and login as a
// privileged user
$this->restart();
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->assertText('User login');
$this->drupalLoginUser($privileged_user);
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->assertNoText('User login');
}
/**
* Check that users get the correct page after previously logging in as a
* guest
*/
function testGuestFirstClean() {
$realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
$privileged_user = $this->drupalCreateUserRolePerm(
array('access content', 'access secured pages')
);
// Login as a guest first
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalVariableSet('securesite_guest_name', 'foo');
$this->drupalVariableSet('securesite_guest_pass', 'bar');
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('401', t('Guest Mode: Guest First Clean') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
$this->authenticate('foo', 'bar');
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->assertText('User login');
// Now, force guest logout, restart, and login as a privileged user
$this->ageCookies(3600 * 24 * 30);
$this->restart();
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('401');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
$this->authenticate($privileged_user->name, $privileged_user->pass_raw);
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->assertNoText('User login');
// TODO: Remove the following line once this test passes
cache_clear_all();
}
/**
* Check that guests get the correct page after previously logging in as a
* user
*/
function testGuestSecond() {
$realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
$privileged_user = $this->drupalCreateUserRolePerm(
array('access content', 'access secured pages')
);
// Login as a privileged user first
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalVariableSet('securesite_guest_name', 'foo');
$this->drupalVariableSet('securesite_guest_pass', 'bar');
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('401', t('Guest Mode: Guest Second') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
$this->authenticate($privileged_user->name, $privileged_user->pass_raw);
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->assertNoText('User login');
$this->drupalGet(url('logout', array('absolute' => TRUE)));
// Now, login as a guest
$this->assertResponse('401');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
$this->authenticate('foo', 'bar');
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->assertText('User login');
}
/**
* Check that guests are logged out if user had logged in after being a guest
*/
function testGuestUserLogout() {
$realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
$privileged_user = $this->drupalCreateUserRolePerm(
array('access content', 'access secured pages')
);
// Login as a guest first
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
$this->drupalVariableSet('securesite_filter_pages', 'user*');
$this->drupalVariableSet('securesite_guest_name', 'foo');
$this->drupalVariableSet('securesite_guest_pass', 'bar');
$this->drupalGet(url('user/login', array('absolute' => TRUE)));
$this->assertResponse('401', t('Guest Mode: Guest and User Logout') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
$this->authenticate('foo', 'bar');
$this->assertResponse('200');
$this->assertNoAuthentication();
// Now, login as a privileged user
$this->assertText('User account');
$this->drupalLoginUser($privileged_user);
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->assertNoText('User login');
// Now, logout should trigger an auth dialog
$this->drupalGet(url('logout', array('absolute' => TRUE)));
$this->assertResponse('401');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
}
/**
* Check that guest mode is correctly disabled when no username and password
* are set
*/
function testGuestDisabled() {
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalVariableSet('securesite_guest_name', NULL);
$this->drupalVariableSet('securesite_guest_pass', NULL);
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('401', t('Guest Mode: Disabled') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm(variable_get('securesite_realm', variable_get('site_name', 'Drupal')));
}
/**
* Test the cron bypass
*/
function testBypassCron() {
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalGet(url('cron.php', array('absolute' => TRUE)));
$this->assertResponse('200', t('Bypass: cron') .': %s');
$this->assertNoAuthentication();
}
/**
* Test the user #1 bypass
*
* TODO: Test disabled since it's not possible to get user #1's password to
* test login
*/
/*
function testBypassUser1() {
$user_one = user_load(array('uid' => 1));
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalGet(url("user/$user_one->uid", array('absolute' => TRUE)));
$this->authenticate($user_one->name, $user_one->pass);
$this->assertResponse('200', t('Bypass Test #4') .': %s');
$this->assertNoAuthentication();
$this->assertText($user_one->name);
$this->drupalGet(url('logout', array('absolute' => TRUE)));
}
*/
/**
* Test whitelist
*/
function testWhitelist() {
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', 'admin/*');
$this->drupalGet(url('admin/content', array('absolute' => TRUE)));
$this->assertResponse('403', t('Whitelist') .': %s');
$this->assertNoAuthentication();
$this->assertText('Access denied');
}
/**
* Test blacklist
*/
function testBlacklist() {
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
$this->drupalVariableSet('securesite_filter_pages', 'admin/*');
$this->drupalGet(url('admin/content', array('absolute' => TRUE)));
$this->assertResponse('401', t('Blacklist') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm(variable_get('securesite_realm', variable_get('site_name', 'Drupal')));
}
/**
* Check that the realm is correct when using the HTTP Auth method with the
* default SimpleTest User Agent string
*/
function testUserAgentDefault() {
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('401', t('UA Test #1') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm(variable_get('securesite_realm', variable_get('site_name', 'Drupal')));
}
/**
* Check that the realm is correct when using the HTTP Auth method with
* Opera's User Agent string
*/
function testUserAgentOpera() {
$realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
// Send the Opera 9.51 User-Agent header
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->addHeader('User-Agent: Opera/9.51 (Windows NT 5.1; U; en)');
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('401', t('User Agent: Opera') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm(new PatternExpectation("/$realm - \d\d\d*/"));
}
/**
* Check that the realm is correct when using the HTTP Auth method with
* Safari's User Agent string
*/
function testUserAgentSafari() {
$realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
// Send the Safari 3.1 User-Agent header
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->addHeader('User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_2; en-us) AppleWebKit/525.13 (KHTML, like Gecko) Version/3.1 Safari/525.13');
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('401', t('User Agent: Safari') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm(new PatternExpectation("/$realm - \d\d\d*/"));
}
/**
* Check that the realm is correct when using the HTTP Auth method with
* Internet Explorer's User Agent string
*/
function testUserAgentIE() {
$realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
// Send the Internet Explorer 8.0 Beta User-Agent header
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->addHeader('User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; WOW64; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.0.04506; Media Center PC 5.0; .NET CLR 1.1.4322)');
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('401', t('User Agent: IE') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm(new PatternExpectation("/$realm - \d\d\d*/"));
}
/**
* Check that the realm is correct when using the HTTP Auth method with
* Firefox's User Agent string
*/
function testUserAgentFirefox() {
$realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
// Send the Firefox 3.0.1 User-Agent header
$this->restart();
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->addHeader('User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1');
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('401', t('User Agent: Firefox') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
}
/**
* Tests for _securesite_filter_check()
*
* TODO: Add result explanations
* TODO: Verify correctness of test #11
*/
function testFilterCheck() {
$home = variable_get('site_frontpage', 'node');
// Disable Secure Site, as the init() stuff can get in the way
$this->drupalVariableSet('securesite_enabled', SECURESITE_DISABLED);
// Test #1: Basic Whitelist
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', 'node');
$this->assertTrue(_securesite_filter_check('node'), t('Filter Check Test #1') .': %s');
// Test #2: Basic Blacklist
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
$this->assertFalse(_securesite_filter_check('node'), t('Filter Check Test #2') .': %s');
// Test #3: Empty Whitelist
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->assertFalse(_securesite_filter_check($home), t('Filter Check Test #3') .': %s');
// Test #4: Empty Blacklist
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
$this->assertTrue(_securesite_filter_check($home), t('Filter Check Test #4') .': %s');
// Test #5: NULL Whitelist
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', NULL);
$this->assertFalse(_securesite_filter_check($home), t('Filter Check Test #5') .': %s');
// Test #6: NULL Blacklist
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
$this->assertTrue(_securesite_filter_check($home), t('Filter Check Test #6') .': %s');
// Test #7: Whitelist
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->assertTrue(_securesite_filter_check($home), t('Filter Check Test #7') .': %s');
// Test #8: Blacklist
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
$this->assertFalse(_securesite_filter_check($home), t('Filter Check Test #8') .': %s');
// Test #9: Empty Path
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->assertFalse(_securesite_filter_check(''), t('Filter Check Test #9') .': %s');
// Test #10: NULL Path
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->assertFalse(_securesite_filter_check(NULL), t('Filter Check Test #10') .': %s');
// Test #11: is the same as no path
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_BLACKLIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->assertFalse(_securesite_filter_check(''), t('Filter Check Test #11') .': %s');
}
/**
* Check that login works normally after previous login and logout using the
* normal HTML login form
*/
function testRepeatLoginUnsecure() {
$privileged_user = $this->drupalCreateUserRolePerm(
array('access content', 'access secured pages')
);
// Login, logout, then login and logout again
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', "\nuser");
$this->drupalGet(url('', array('absolute' => TRUE)));
$this->assertResponse('200', t('Repeat Login: Unsecure') .': %s');
$this->assertNoAuthentication();
$this->drupalLoginUser($privileged_user);
$this->drupalGet(url('logout', array('absolute' => TRUE)));
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->drupalGet(url('', array('absolute' => TRUE)));
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->drupalLoginUser($privileged_user);
$this->drupalGet(url('logout', array('absolute' => TRUE)));
$this->assertResponse('200');
$this->assertNoAuthentication();
}
/**
* Check that login works normally after previous login and logout when first
* not securing , then securing it
*/
function testRepeatLoginUnsecureFirst() {
$realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
$privileged_user = $this->drupalCreateUserRolePerm(
array('access content', 'access secured pages')
);
// Login, logout, then login and logout again
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', "\nuser");
$this->drupalGet(url('', array('absolute' => TRUE)));
$this->assertResponse('200', t('Repeat Login: Unsecure First') .': %s');
$this->assertNoAuthentication();
$this->drupalLoginUser($privileged_user);
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->drupalGet(url('logout', array('absolute' => TRUE)));
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalGet(url('', array('absolute' => TRUE)));
$this->assertResponse('401');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
$this->authenticate($privileged_user->name, $privileged_user->pass_raw);
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->drupalGet(url('logout', array('absolute' => TRUE)));
$this->assertResponse('401');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
}
/**
* Check that login works normally after previous login and logout when first
* securing , then not
*/
function testRepeatLoginSecureFirst() {
$realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
$privileged_user = $this->drupalCreateUserRolePerm(
array('access content', 'access secured pages')
);
// Login, logout, then login and logout again
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalGet(url('', array('absolute' => TRUE)));
$this->assertResponse('401', t('Repeat Login: Secure First') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
$this->authenticate($privileged_user->name, $privileged_user->pass_raw);
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->drupalGet(url('logout', array('absolute' => TRUE)));
$this->assertResponse('401');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
$this->drupalVariableSet('securesite_filter_pages', "\nuser");
$this->drupalGet(url('', array('absolute' => TRUE)));
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->drupalLoginUser($privileged_user);
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->drupalGet(url('logout', array('absolute' => TRUE)));
$this->assertResponse('200');
$this->assertNoAuthentication();
}
/**
* Check that the user doesn't get stuck on the logout page
*/
function testLogoutRedirect() {
$realm = variable_get('securesite_realm', variable_get('site_name', 'Drupal'));
$privileged_user = $this->drupalCreateUserRolePerm(
array('access content', 'access secured pages')
);
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('401', t('Logout Redirect') .': %s');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
$this->authenticate($privileged_user->name, $privileged_user->pass_raw);
$this->assertResponse('200');
$this->assertNoAuthentication();
$this->drupalGet(url('logout', array('absolute' => TRUE)));
$this->assertResponse('401');
$this->assertAuthentication('Basic');
$this->assertRealm($realm);
$this->authenticate($privileged_user->name, $privileged_user->pass_raw);
$this->assertResponse('200');
$this->assertNoAuthentication();
}
}
class SecureSiteCacheTest extends SecureSiteTest {
function get_info() {
return array(
'name' => t('Secure Site (Caching enabled)'),
'desc' => t('Executes the Secure Site module test suite with caching enabled.'),
'group' => t('Secure Site module'),
);
}
function setUp() {
// Always call the setUp() function from the parent class. Do it first
// here so the cache value is correct below.
parent::setUp();
// Enable cache
$this->drupalVariableSet('cache', CACHE_NORMAL);
}
}
/**
* Test the CLI bypass
*
* TODO: Test disabled since drush doesn't seem to get normal HTTP responses
*/
class SecureSiteCLITest extends DrupalTestCase {
/**
* Drupal SimpleTest method: return metadata about the test
*/
/*
function get_info() {
return array(
'name' => t('Secure Site CLI'),
'desc' => t('Executes CLI test for the Secure Site module.'),
'group' => t('Secure Site module'),
);
}
function testBypassCLI() {
// Test only runs when PHP is run from the command line
$this->drupalVariableSet('securesite_enabled', SECURESITE_AUTH);
$this->drupalVariableSet('securesite_filter_pages_type', SECURESITE_WHITELIST);
$this->drupalVariableSet('securesite_filter_pages', '');
$this->drupalGet(url(NULL, array('absolute' => TRUE)));
$this->assertResponse('200', t('Bypass: CLI; test will fail if not running Drupal via the command-line (try drush)') .': %s');
$this->assertNoAuthentication();
}
*/
}