Révision 5587145e
Ajouté par Assos Assos il y a presque 7 ans
drupal7/modules/file/tests/file.test | ||
---|---|---|
1551 | 1551 |
$this->assertNoRaw($node_file->filename, 'File without view field access permission does not appear after attempting to attach it to a new node.'); |
1552 | 1552 |
$this->drupalGet(file_create_url($node_file->uri)); |
1553 | 1553 |
$this->assertResponse(403, 'Confirmed that access is denied for the file without view field access permission after attempting to attach it to a new node.'); |
1554 |
|
|
1555 |
// As an anonymous user, create a temporary file with no references and |
|
1556 |
// confirm that only the session that uploaded it may view it. |
|
1557 |
$this->drupalLogout(); |
|
1558 |
user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array( |
|
1559 |
"create $type_name content", |
|
1560 |
'access content', |
|
1561 |
)); |
|
1562 |
$test_file = $this->getTestFile('text'); |
|
1563 |
$this->drupalGet('node/add/' . $type_name); |
|
1564 |
$edit = array('files[' . $field_name . '_' . LANGUAGE_NONE . '_0]' => drupal_realpath($test_file->uri)); |
|
1565 |
$this->drupalPost(NULL, $edit, t('Upload')); |
|
1566 |
$files = file_load_multiple(array(), array('uid' => 0)); |
|
1567 |
$this->assertEqual(1, count($files), 'Loaded one anonymous file.'); |
|
1568 |
$file = end($files); |
|
1569 |
$this->assertNotEqual($file->status, FILE_STATUS_PERMANENT, 'File is temporary.'); |
|
1570 |
$usage = file_usage_list($file); |
|
1571 |
$this->assertFalse($usage, 'No file usage found.'); |
|
1572 |
$file_url = file_create_url($file->uri); |
|
1573 |
$this->drupalGet($file_url); |
|
1574 |
$this->assertResponse(200, 'Confirmed that the anonymous uploader has access to the temporary file.'); |
|
1575 |
// Close the prior connection and remove the session cookie. |
|
1576 |
$this->curlClose(); |
|
1577 |
$this->cookies = array(); |
|
1578 |
$this->drupalGet($file_url); |
|
1579 |
$this->assertResponse(403, 'Confirmed that another anonymous user cannot access the temporary file.'); |
|
1580 |
|
|
1581 |
// As an anonymous user, create a permanent file that is referenced by a |
|
1582 |
// published node and confirm that all anonymous users may view it. |
|
1583 |
$test_file = $this->getTestFile('text'); |
|
1584 |
$this->drupalGet('node/add/' . $type_name); |
|
1585 |
$edit = array(); |
|
1586 |
$edit['title'] = $this->randomName(); |
|
1587 |
$edit['files[' . $field_name . '_' . LANGUAGE_NONE . '_0]'] = drupal_realpath($test_file->uri); |
|
1588 |
$this->drupalPost(NULL, $edit, t('Save')); |
|
1589 |
$new_node = $this->drupalGetNodeByTitle($edit['title']); |
|
1590 |
$file = file_load($new_node->{$field_name}[LANGUAGE_NONE][0]['fid']); |
|
1591 |
$this->assertEqual($file->status, FILE_STATUS_PERMANENT, 'File is permanent.'); |
|
1592 |
$usage = file_usage_list($file); |
|
1593 |
$this->assertTrue($usage, 'File usage found.'); |
|
1594 |
$file_url = file_create_url($file->uri); |
|
1595 |
$this->drupalGet($file_url); |
|
1596 |
$this->assertResponse(200, 'Confirmed that the anonymous uploader has access to the permanent file that is referenced by a published node.'); |
|
1597 |
// Close the prior connection and remove the session cookie. |
|
1598 |
$this->curlClose(); |
|
1599 |
$this->cookies = array(); |
|
1600 |
$this->drupalGet($file_url); |
|
1601 |
$this->assertResponse(200, 'Confirmed that another anonymous user also has access to the permanent file that is referenced by a published node.'); |
|
1602 |
|
|
1603 |
// As an anonymous user, create a permanent file that is referenced by an |
|
1604 |
// unpublished node and confirm that no anonymous users may view it (even |
|
1605 |
// the session that uploaded the file) because they cannot view the |
|
1606 |
// unpublished node. |
|
1607 |
$test_file = $this->getTestFile('text'); |
|
1608 |
$this->drupalGet('node/add/' . $type_name); |
|
1609 |
$edit = array(); |
|
1610 |
$edit['title'] = $this->randomName(); |
|
1611 |
$edit['files[' . $field_name . '_' . LANGUAGE_NONE . '_0]'] = drupal_realpath($test_file->uri); |
|
1612 |
$this->drupalPost(NULL, $edit, t('Save')); |
|
1613 |
$new_node = $this->drupalGetNodeByTitle($edit['title']); |
|
1614 |
$new_node->status = NODE_NOT_PUBLISHED; |
|
1615 |
node_save($new_node); |
|
1616 |
$file = file_load($new_node->{$field_name}[LANGUAGE_NONE][0]['fid']); |
|
1617 |
$this->assertEqual($file->status, FILE_STATUS_PERMANENT, 'File is permanent.'); |
|
1618 |
$usage = file_usage_list($file); |
|
1619 |
$this->assertTrue($usage, 'File usage found.'); |
|
1620 |
$file_url = file_create_url($file->uri); |
|
1621 |
$this->drupalGet($file_url); |
|
1622 |
$this->assertResponse(403, 'Confirmed that the anonymous uploader cannot access the permanent file when it is referenced by an unpublished node.'); |
|
1623 |
// Close the prior connection and remove the session cookie. |
|
1624 |
$this->curlClose(); |
|
1625 |
$this->cookies = array(); |
|
1626 |
$this->drupalGet($file_url); |
|
1627 |
$this->assertResponse(403, 'Confirmed that another anonymous user cannot access the permanent file when it is referenced by an unpublished node.'); |
|
1554 | 1628 |
} |
1555 | 1629 |
} |
1556 | 1630 |
|
Formats disponibles : Unified diff
Update to 7.56