Révision 5587145e
Ajouté par Assos Assos il y a presque 7 ans
| drupal7/modules/file/tests/file.test | ||
|---|---|---|
| 1551 | 1551 |
$this->assertNoRaw($node_file->filename, 'File without view field access permission does not appear after attempting to attach it to a new node.'); |
| 1552 | 1552 |
$this->drupalGet(file_create_url($node_file->uri)); |
| 1553 | 1553 |
$this->assertResponse(403, 'Confirmed that access is denied for the file without view field access permission after attempting to attach it to a new node.'); |
| 1554 |
|
|
| 1555 |
// As an anonymous user, create a temporary file with no references and |
|
| 1556 |
// confirm that only the session that uploaded it may view it. |
|
| 1557 |
$this->drupalLogout(); |
|
| 1558 |
user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array( |
|
| 1559 |
"create $type_name content", |
|
| 1560 |
'access content', |
|
| 1561 |
)); |
|
| 1562 |
$test_file = $this->getTestFile('text');
|
|
| 1563 |
$this->drupalGet('node/add/' . $type_name);
|
|
| 1564 |
$edit = array('files[' . $field_name . '_' . LANGUAGE_NONE . '_0]' => drupal_realpath($test_file->uri));
|
|
| 1565 |
$this->drupalPost(NULL, $edit, t('Upload'));
|
|
| 1566 |
$files = file_load_multiple(array(), array('uid' => 0));
|
|
| 1567 |
$this->assertEqual(1, count($files), 'Loaded one anonymous file.'); |
|
| 1568 |
$file = end($files); |
|
| 1569 |
$this->assertNotEqual($file->status, FILE_STATUS_PERMANENT, 'File is temporary.'); |
|
| 1570 |
$usage = file_usage_list($file); |
|
| 1571 |
$this->assertFalse($usage, 'No file usage found.'); |
|
| 1572 |
$file_url = file_create_url($file->uri); |
|
| 1573 |
$this->drupalGet($file_url); |
|
| 1574 |
$this->assertResponse(200, 'Confirmed that the anonymous uploader has access to the temporary file.'); |
|
| 1575 |
// Close the prior connection and remove the session cookie. |
|
| 1576 |
$this->curlClose(); |
|
| 1577 |
$this->cookies = array(); |
|
| 1578 |
$this->drupalGet($file_url); |
|
| 1579 |
$this->assertResponse(403, 'Confirmed that another anonymous user cannot access the temporary file.'); |
|
| 1580 |
|
|
| 1581 |
// As an anonymous user, create a permanent file that is referenced by a |
|
| 1582 |
// published node and confirm that all anonymous users may view it. |
|
| 1583 |
$test_file = $this->getTestFile('text');
|
|
| 1584 |
$this->drupalGet('node/add/' . $type_name);
|
|
| 1585 |
$edit = array(); |
|
| 1586 |
$edit['title'] = $this->randomName(); |
|
| 1587 |
$edit['files[' . $field_name . '_' . LANGUAGE_NONE . '_0]'] = drupal_realpath($test_file->uri); |
|
| 1588 |
$this->drupalPost(NULL, $edit, t('Save'));
|
|
| 1589 |
$new_node = $this->drupalGetNodeByTitle($edit['title']); |
|
| 1590 |
$file = file_load($new_node->{$field_name}[LANGUAGE_NONE][0]['fid']);
|
|
| 1591 |
$this->assertEqual($file->status, FILE_STATUS_PERMANENT, 'File is permanent.'); |
|
| 1592 |
$usage = file_usage_list($file); |
|
| 1593 |
$this->assertTrue($usage, 'File usage found.'); |
|
| 1594 |
$file_url = file_create_url($file->uri); |
|
| 1595 |
$this->drupalGet($file_url); |
|
| 1596 |
$this->assertResponse(200, 'Confirmed that the anonymous uploader has access to the permanent file that is referenced by a published node.'); |
|
| 1597 |
// Close the prior connection and remove the session cookie. |
|
| 1598 |
$this->curlClose(); |
|
| 1599 |
$this->cookies = array(); |
|
| 1600 |
$this->drupalGet($file_url); |
|
| 1601 |
$this->assertResponse(200, 'Confirmed that another anonymous user also has access to the permanent file that is referenced by a published node.'); |
|
| 1602 |
|
|
| 1603 |
// As an anonymous user, create a permanent file that is referenced by an |
|
| 1604 |
// unpublished node and confirm that no anonymous users may view it (even |
|
| 1605 |
// the session that uploaded the file) because they cannot view the |
|
| 1606 |
// unpublished node. |
|
| 1607 |
$test_file = $this->getTestFile('text');
|
|
| 1608 |
$this->drupalGet('node/add/' . $type_name);
|
|
| 1609 |
$edit = array(); |
|
| 1610 |
$edit['title'] = $this->randomName(); |
|
| 1611 |
$edit['files[' . $field_name . '_' . LANGUAGE_NONE . '_0]'] = drupal_realpath($test_file->uri); |
|
| 1612 |
$this->drupalPost(NULL, $edit, t('Save'));
|
|
| 1613 |
$new_node = $this->drupalGetNodeByTitle($edit['title']); |
|
| 1614 |
$new_node->status = NODE_NOT_PUBLISHED; |
|
| 1615 |
node_save($new_node); |
|
| 1616 |
$file = file_load($new_node->{$field_name}[LANGUAGE_NONE][0]['fid']);
|
|
| 1617 |
$this->assertEqual($file->status, FILE_STATUS_PERMANENT, 'File is permanent.'); |
|
| 1618 |
$usage = file_usage_list($file); |
|
| 1619 |
$this->assertTrue($usage, 'File usage found.'); |
|
| 1620 |
$file_url = file_create_url($file->uri); |
|
| 1621 |
$this->drupalGet($file_url); |
|
| 1622 |
$this->assertResponse(403, 'Confirmed that the anonymous uploader cannot access the permanent file when it is referenced by an unpublished node.'); |
|
| 1623 |
// Close the prior connection and remove the session cookie. |
|
| 1624 |
$this->curlClose(); |
|
| 1625 |
$this->cookies = array(); |
|
| 1626 |
$this->drupalGet($file_url); |
|
| 1627 |
$this->assertResponse(403, 'Confirmed that another anonymous user cannot access the permanent file when it is referenced by an unpublished node.'); |
|
| 1554 | 1628 |
} |
| 1555 | 1629 |
} |
| 1556 | 1630 |
|
Formats disponibles : Unified diff
Update to 7.56