core security update
This commit is contained in:
Bachir Soussi Chiadmi
@@ -32,7 +32,7 @@ class ImageFieldTestCase extends DrupalWebTestCase {
|
||||
|
||||
function setUp() {
|
||||
parent::setUp('image');
|
||||
$this->admin_user = $this->drupalCreateUser(array('access content', 'access administration pages', 'administer site configuration', 'administer content types', 'administer nodes', 'create article content', 'edit any article content', 'delete any article content', 'administer image styles'));
|
||||
$this->admin_user = $this->drupalCreateUser(array('access content', 'access administration pages', 'administer site configuration', 'administer content types', 'administer nodes', 'create article content', 'edit any article content', 'delete any article content', 'administer image styles', 'administer fields'));
|
||||
$this->drupalLogin($this->admin_user);
|
||||
}
|
||||
|
||||
@@ -77,6 +77,24 @@ class ImageFieldTestCase extends DrupalWebTestCase {
|
||||
return field_create_instance($instance);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a random style.
|
||||
*
|
||||
* @return array
|
||||
* A list containing the details of the generated image style.
|
||||
*/
|
||||
function createRandomStyle() {
|
||||
$style_name = strtolower($this->randomName(10));
|
||||
$style_label = $this->randomString();
|
||||
image_style_save(array('name' => $style_name, 'label' => $style_label));
|
||||
$style_path = 'admin/config/media/image-styles/edit/' . $style_name;
|
||||
return array(
|
||||
'name' => $style_name,
|
||||
'label' => $style_label,
|
||||
'path' => $style_path,
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Upload an image to a node.
|
||||
*
|
||||
@@ -183,6 +201,22 @@ class ImageStylesPathAndUrlTestCase extends DrupalWebTestCase {
|
||||
$this->assertResponse(404, 'Accessing an image style URL with a source image that does not exist provides a 404 error response.');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that we do not pass an array to drupal_add_http_header.
|
||||
*/
|
||||
function testImageContentTypeHeaders() {
|
||||
$files = $this->drupalGetTestFiles('image');
|
||||
$file = array_shift($files);
|
||||
// Copy the test file to private folder.
|
||||
$private_file = file_copy($file, 'private://', FILE_EXISTS_RENAME);
|
||||
// Tell image_module_test module to return the headers we want to test.
|
||||
variable_set('image_module_test_invalid_headers', $private_file->uri);
|
||||
// Invoke image_style_deliver so it will try to set headers.
|
||||
$generated_url = image_style_url($this->style_name, $private_file->uri);
|
||||
$this->drupalGet($generated_url);
|
||||
variable_del('image_module_test_invalid_headers');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test image_style_url().
|
||||
*/
|
||||
@@ -251,7 +285,7 @@ class ImageStylesPathAndUrlTestCase extends DrupalWebTestCase {
|
||||
$this->assertEqual($this->drupalGetHeader('Content-Length'), $generated_image_info['file_size'], 'Expected Content-Length was reported.');
|
||||
if ($scheme == 'private') {
|
||||
$this->assertEqual($this->drupalGetHeader('Expires'), 'Sun, 19 Nov 1978 05:00:00 GMT', 'Expires header was sent.');
|
||||
$this->assertEqual($this->drupalGetHeader('Cache-Control'), 'no-cache, must-revalidate, post-check=0, pre-check=0', 'Cache-Control header was set to prevent caching.');
|
||||
$this->assertEqual($this->drupalGetHeader('Cache-Control'), 'no-cache, must-revalidate', 'Cache-Control header was set to prevent caching.');
|
||||
$this->assertEqual($this->drupalGetHeader('X-Image-Owned-By'), 'image_module_test', 'Expected custom header has been added.');
|
||||
|
||||
// Make sure that a second request to the already existing derivate works
|
||||
@@ -469,6 +503,58 @@ class ImageEffectsUnitTest extends ImageToolkitTestCase {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests the administrative user interface.
|
||||
*/
|
||||
class ImageAdminUiTestCase extends ImageFieldTestCase {
|
||||
public static function getInfo() {
|
||||
return array(
|
||||
'name' => 'Administrative user interface',
|
||||
'description' => 'Tests the forms used in the administrative user interface.',
|
||||
'group' => 'Image',
|
||||
);
|
||||
}
|
||||
|
||||
function setUp() {
|
||||
parent::setUp(array('image'));
|
||||
}
|
||||
|
||||
/**
|
||||
* Test if the help text is available on the add effect form.
|
||||
*/
|
||||
function testAddEffectHelpText() {
|
||||
// Create a random image style.
|
||||
$style = $this->createRandomStyle();
|
||||
|
||||
// Open the add effect form and check for the help text.
|
||||
$this->drupalGet($style['path'] . '/add/image_crop');
|
||||
$this->assertText(t('Cropping will remove portions of an image to make it the specified dimensions.'), 'The image style effect help text was displayed on the add effect page.');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test if the help text is available on the edit effect form.
|
||||
*/
|
||||
function testEditEffectHelpText() {
|
||||
// Create a random image style.
|
||||
$random_style = $this->createRandomStyle();
|
||||
|
||||
// Add the crop effect to the image style.
|
||||
$edit = array();
|
||||
$edit['data[width]'] = 20;
|
||||
$edit['data[height]'] = 20;
|
||||
$this->drupalPost($random_style['path'] . '/add/image_crop', $edit, t('Add effect'));
|
||||
|
||||
// Open the edit effect form and check for the help text.
|
||||
drupal_static_reset('image_styles');
|
||||
$style = image_style_load($random_style['name']);
|
||||
|
||||
foreach ($style['effects'] as $ieid => $effect) {
|
||||
$this->drupalGet($random_style['path'] . '/effects/' . $ieid);
|
||||
$this->assertText(t('Cropping will remove portions of an image to make it the specified dimensions.'), 'The image style effect help text was displayed on the edit effect page.');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests creation, deletion, and editing of image styles and effects.
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user