bachir/popsu-d7
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

security upadtes

Browse Source
This commit is contained in:
Bachir Soussi Chiadmi
2017-09-25 15:16:35 +02:00
parent 650c6448e4
commit 8d8a60b615
240 changed files with 3022 additions and 1300 deletions
Download Patch File Download Diff File Expand all files Collapse all files

109
sites/all/modules/views/tests/views_ajax.test Normal file
View File

@@ -0,0 +1,109 @@
<?php
/**
* @file
* Definition of ViewsAjaxTest.
*/
/**
* Tests views ajax display.
*/
class ViewsAjaxTest extends ViewsSqlTest {
public static function getInfo() {
return array(
'name' => 'Ajax',
'description' => 'Test views with and without ajax enabled.',
'group' => 'Views Handlers',
);
}
public function setUp() {
parent::setUp('views', 'views_test');
// Create a second node.
$this->drupalCreateNode(array('type' => 'article', 'status' => NODE_PUBLISHED));
}
/**
* Perform a simple AJAX POST HTTP request.
*
* @param string $path
* Drupal path where the request should be POSTed.
* @param string $accept
* The value for the "Accept" header. Usually either 'application/json' or
* 'application/vnd.drupal-ajax'.
* @param array $post
* The POST data. When making a 'application/vnd.drupal-ajax' request, the
* Ajax page state data should be included. Use getAjaxPageStatePostData()
* for that.
*
* @return
* The content returned from the call to curl_exec().
*/
public function simpleAjaxPost($path, $accept, $post = array()) {
$options['absolute'] = TRUE;
foreach ($post as $key => $value) {
// Encode according to application/x-www-form-urlencoded
// Both names and values needs to be urlencoded, according to
// http://www.w3.org/TR/html4/interact/forms.html#h-17.13.4.1
$post[$key] = urlencode($key) . '=' . urlencode($value);
}
$postfields = implode('&', $post);
$headers = array(
'Accept: ' . $accept,
'Content-Type: application/x-www-form-urlencoded',
);
return $this->curlExec(array(
CURLOPT_URL => url($path, $options),
CURLOPT_POST => TRUE,
CURLOPT_POSTFIELDS => $postfields,
CURLOPT_HTTPHEADER => $headers,
));
}
/**
* Tests an ajax and non-ajax view.
*/
public function testAjaxView() {
$this->drupalCreateNode();
$this->drupalGet('test_ajax_view');
$drupal_settings = $this->drupalGetSettings();
$this->assertTrue(isset($drupal_settings['views']['ajax_path']), 'The Ajax callback path is set in drupalSettings.');
$this->assertEqual(count($drupal_settings['views']['ajaxViews']), 1);
$view_entry = current(array_keys($drupal_settings['views']['ajaxViews']));
$this->assertEqual($drupal_settings['views']['ajaxViews'][$view_entry]['view_name'], 'test_ajax_view', 'The view\'s ajaxViews array entry has the correct \'view_name\' key.');
$this->assertEqual($drupal_settings['views']['ajaxViews'][$view_entry]['view_display_id'], 'page_1', 'The view\'s ajaxViews array entry has the correct \'view_display_id\' key.');
$post = array(
'view_name' => 'test_ajax_view',
'view_display_id' => 'page_1',
);
$response = $this->simpleAjaxPost('views/ajax', 'application/json', $post);
$data = drupal_json_decode($response);
$this->assertTrue(isset($data[0]['settings']['views']['ajaxViews']));
// Ensure that the view insert command is part of the result.
$this->assertEqual($data[1]['command'], 'insert');
$this->assertTrue(strpos($data[1]['selector'], '.view-dom-id-') === 0);
$this->drupalSetContent($data[1]['data']);
$result = $this->xpath('//div[contains(@class, "views-row")]');
$this->assertEqual(count($result), 2, 'Ensure that two items are rendered in the HTML.');
$post = array(
'view_name' => 'test_noajax_view',
'view_display_id' => 'default',
);
$response = $this->simpleAjaxPost('views/ajax', 'application/json', $post);
$data = drupal_json_decode($response);
// In Drupal 7 we get an ajax response with no commands instead of a 403 if
// the view cannot be accessed.
foreach ($data as $item) {
$this->assertIdentical('settings', $item['command']);
$this->assertTrue(empty($item['data']));
}
}
}