1 |
be58a50c
|
Assos Assos
|
<?php
|
2 |
|
|
|
3 |
|
|
/**
|
4 |
|
|
* @file
|
5 |
|
|
* Tests for reCAPTCHA module.
|
6 |
|
|
*/
|
7 |
|
|
class ReCaptchaBasicTest extends DrupalWebTestCase {
|
8 |
|
|
|
9 |
|
|
/**
|
10 |
|
|
* {@inheritdoc}
|
11 |
|
|
*/
|
12 |
|
|
public static function getInfo() {
|
13 |
|
|
return array(
|
14 |
|
|
'name' => t('reCAPTCHA basic tests'),
|
15 |
|
|
'description' => t('Test basic functionality of reCAPTCHA module.'),
|
16 |
|
|
'group' => t('reCAPTCHA'),
|
17 |
|
|
'dependencies' => array('captcha'),
|
18 |
|
|
);
|
19 |
|
|
}
|
20 |
|
|
|
21 |
|
|
/**
|
22 |
|
|
* {@inheritdoc}
|
23 |
|
|
*/
|
24 |
|
|
function setUp() {
|
25 |
|
|
parent::setUp('captcha', 'recaptcha');
|
26 |
|
|
module_load_include('inc', 'captcha');
|
27 |
|
|
|
28 |
|
|
// Create a normal user.
|
29 |
|
|
$permissions = array(
|
30 |
|
|
'access content',
|
31 |
|
|
);
|
32 |
|
|
$this->normal_user = $this->drupalCreateUser($permissions);
|
33 |
|
|
|
34 |
|
|
// Create an admin user.
|
35 |
|
|
$permissions += array(
|
36 |
|
|
'administer CAPTCHA settings',
|
37 |
|
|
'skip CAPTCHA',
|
38 |
|
|
'administer permissions',
|
39 |
|
|
'administer content types',
|
40 |
|
|
'administer recaptcha',
|
41 |
|
|
);
|
42 |
|
|
$this->admin_user = $this->drupalCreateUser($permissions);
|
43 |
|
|
}
|
44 |
|
|
|
45 |
|
|
/**
|
46 |
|
|
* Test access to the administration page.
|
47 |
|
|
*/
|
48 |
|
|
function testReCaptchaAdminAccess() {
|
49 |
|
|
$this->drupalLogin($this->admin_user);
|
50 |
|
|
$this->drupalGet('admin/config/people/captcha/recaptcha');
|
51 |
|
|
$this->assertNoText(t('Access denied'), 'Admin users should be able to access the reCAPTCHA admin page', 'reCAPTCHA');
|
52 |
|
|
$this->drupalLogout();
|
53 |
|
|
}
|
54 |
|
|
|
55 |
|
|
/**
|
56 |
|
|
* Test the reCAPTCHA settings form.
|
57 |
|
|
*/
|
58 |
|
|
function testReCaptchaAdminSettingsForm() {
|
59 |
|
|
$this->drupalLogin($this->admin_user);
|
60 |
|
|
|
61 |
|
|
$site_key = $this->randomName(40);
|
62 |
|
|
$secret_key = $this->randomName(40);
|
63 |
|
|
|
64 |
|
|
// Check form validation.
|
65 |
|
|
$edit['recaptcha_site_key'] = '';
|
66 |
|
|
$edit['recaptcha_secret_key'] = '';
|
67 |
|
|
$edit['recaptcha_tabindex'] = $this->randomName(2);
|
68 |
|
|
$this->drupalPost('admin/config/people/captcha/recaptcha', $edit, t('Save configuration'));
|
69 |
|
|
|
70 |
|
|
$this->assertRaw(t('Site key field is required.'), '[testReCaptchaConfiguration]: Empty site key detected.');
|
71 |
|
|
$this->assertRaw(t('Secret key field is required.'), '[testReCaptchaConfiguration]: Empty secret key detected.');
|
72 |
|
|
$this->assertRaw(t('The tabindex must be an integer.'), '[testReCaptchaConfiguration]: Invalid value for tab index detected.');
|
73 |
|
|
|
74 |
|
|
// Save form with valid values.
|
75 |
|
|
$edit['recaptcha_site_key'] = $site_key;
|
76 |
|
|
$edit['recaptcha_secret_key'] = $secret_key;
|
77 |
|
|
$edit['recaptcha_tabindex'] = 0;
|
78 |
|
|
$this->drupalPost('admin/config/people/captcha/recaptcha', $edit, t('Save configuration'));
|
79 |
|
|
$this->assertRaw(t('The configuration options have been saved.'), '[testReCaptchaConfiguration]: The configuration options have been saved.');
|
80 |
|
|
|
81 |
|
|
$this->assertNoRaw(t('Site key field is required.'), '[testReCaptchaConfiguration]: Site key was not empty.');
|
82 |
|
|
$this->assertNoRaw(t('Secret key field is required.'), '[testReCaptchaConfiguration]: Secret key was not empty.');
|
83 |
|
|
$this->assertNoRaw(t('The tabindex must be an integer.'), '[testReCaptchaConfiguration]: Tab index had a valid input.');
|
84 |
|
|
|
85 |
|
|
$this->drupalLogout();
|
86 |
|
|
}
|
87 |
|
|
|
88 |
|
|
/**
|
89 |
|
|
* Testing the protection of the user login form.
|
90 |
|
|
*/
|
91 |
|
|
function testReCaptchaOnLoginForm() {
|
92 |
|
|
global $language;
|
93 |
|
|
|
94 |
|
|
$site_key = $this->randomName(40);;
|
95 |
|
|
$secret_key = $this->randomName(40);;
|
96 |
|
|
$grecaptcha = '<div class="g-recaptcha" data-sitekey="' . $site_key . '" data-theme="light" data-type="image"></div>';
|
97 |
|
|
|
98 |
|
|
// Test if login works.
|
99 |
|
|
$this->drupalLogin($this->normal_user);
|
100 |
|
|
$this->drupalLogout();
|
101 |
|
|
|
102 |
|
|
$this->drupalGet('user');
|
103 |
|
|
$this->assertNoRaw($grecaptcha, '[testReCaptchaOnLoginForm]: reCAPTCHA is not shown on form.');
|
104 |
|
|
|
105 |
|
|
// Enable 'captcha/Math' CAPTCHA on login form.
|
106 |
|
|
captcha_set_form_id_setting('user_login', 'captcha/Math');
|
107 |
|
|
|
108 |
|
|
$this->drupalGet('user');
|
109 |
|
|
$this->assertNoRaw($grecaptcha, '[testReCaptchaOnLoginForm]: reCAPTCHA is not shown on form.');
|
110 |
|
|
|
111 |
|
|
// Enable 'recaptcha/reCAPTCHA' on login form.
|
112 |
|
|
captcha_set_form_id_setting('user_login', 'recaptcha/reCAPTCHA');
|
113 |
|
|
$result = captcha_get_form_id_setting('user_login');
|
114 |
|
|
$this->assertNotNull($result, 'A configuration has been found for CAPTCHA point: user_login', 'reCAPTCHA');
|
115 |
|
|
$this->assertEqual($result->module, 'recaptcha', 'reCAPTCHA module configured for CAPTCHA point: user_login', 'reCAPTCHA');
|
116 |
|
|
$this->assertEqual($result->captcha_type, 'reCAPTCHA', 'reCAPTCHA type has been configured for CAPTCHA point: user_login', 'reCAPTCHA');
|
117 |
|
|
|
118 |
|
|
// Check if a Math CAPTCHA is still shown on the login form. The site key
|
119 |
|
|
// and security key have not yet configured for reCAPTCHA. The module need
|
120 |
|
|
// to fall back to math captcha.
|
121 |
|
|
$this->drupalGet('user');
|
122 |
|
|
$this->assertRaw(t('Math question'), '[testReCaptchaOnLoginForm]: Math CAPTCHA is shown on form.');
|
123 |
|
|
|
124 |
|
|
// Configure site key and security key to show reCAPTCHA and no fall back.
|
125 |
|
|
variable_set('recaptcha_site_key', $site_key);
|
126 |
|
|
variable_set('recaptcha_secret_key', $secret_key);
|
127 |
|
|
|
128 |
|
|
// Check if there is a reCAPTCHA on the login form.
|
129 |
|
|
$this->drupalGet('user');
|
130 |
|
|
$this->assertRaw($grecaptcha, '[testReCaptchaOnLoginForm]: reCAPTCHA is shown on form.');
|
131 |
|
|
$this->assertRaw('<script src="https://www.google.com/recaptcha/api.js?hl=' . $language->language . '" async="async" defer="defer"></script>', '[testReCaptchaOnLoginForm]: reCAPTCHA is shown on form.');
|
132 |
|
|
$this->assertNoRaw($grecaptcha . '<noscript>', '[testReCaptchaOnLoginForm]: NoScript code is not enabled for the reCAPTCHA.');
|
133 |
|
|
|
134 |
|
|
// Test if the fall back url is properly build and noscript code added.
|
135 |
|
|
variable_set('recaptcha_noscript', 1);
|
136 |
|
|
$this->drupalGet('user');
|
137 |
|
|
$this->assertRaw($grecaptcha . '<noscript>', '[testReCaptchaOnLoginForm]: NoScript for reCAPTCHA is shown on form.');
|
138 |
|
|
$this->assertRaw('https://www.google.com/recaptcha/api/fallback?k=' . $site_key . '&hl=' . $language->language, '[testReCaptchaOnLoginForm]: Fallback URL with IFRAME has been found.');
|
139 |
|
|
|
140 |
|
|
// Check that data-size attribute does not exists.
|
141 |
|
|
variable_set('recaptcha_size', '');
|
142 |
|
|
$this->drupalGet('user');
|
143 |
|
|
$element = $this->xpath('//div[@class=:class and @data-size=:size]', array(':class' => 'g-recaptcha', ':size' => 'small'));
|
144 |
|
|
$this->assertFalse(!empty($element), 'Tag contains no data-size attribute.');
|
145 |
|
|
|
146 |
|
|
// Check that data-size attribute exists.
|
147 |
|
|
variable_set('recaptcha_size', 'small');
|
148 |
|
|
$this->drupalGet('user');
|
149 |
|
|
$element = $this->xpath('//div[@class=:class and @data-size=:size]', array(':class' => 'g-recaptcha', ':size' => 'small'));
|
150 |
|
|
$this->assertTrue(!empty($element), 'Tag contains data-size attribute and value.');
|
151 |
|
|
|
152 |
|
|
// Check that data-tabindex attribute does not exists.
|
153 |
|
|
variable_set('recaptcha_tabindex', 0);
|
154 |
|
|
$this->drupalGet('user');
|
155 |
|
|
$element = $this->xpath('//div[@class=:class and @data-tabindex=:index]', array(':class' => 'g-recaptcha', ':index' => 0));
|
156 |
|
|
$this->assertFalse(!empty($element), 'Tag contains no data-tabindex attribute.');
|
157 |
|
|
|
158 |
|
|
// Check that data-tabindex attribute exists.
|
159 |
|
|
variable_set('recaptcha_tabindex', 5);
|
160 |
|
|
$this->drupalGet('user');
|
161 |
|
|
$element = $this->xpath('//div[@class=:class and @data-tabindex=:index]', array(':class' => 'g-recaptcha', ':index' => 5));
|
162 |
|
|
$this->assertTrue(!empty($element), 'Tag contains data-tabindex attribute and value.');
|
163 |
|
|
|
164 |
|
|
// Try to log in, which should fail.
|
165 |
|
|
$edit['name'] = $this->normal_user->name;
|
166 |
|
|
$edit['pass'] = $this->normal_user->pass_raw;
|
167 |
|
|
$edit['captcha_response'] = '?';
|
168 |
|
|
|
169 |
|
|
$this->drupalPost('user', $edit, t('Log in'));
|
170 |
|
|
// Check for error message.
|
171 |
|
|
$this->assertText(t('The answer you entered for the CAPTCHA was not correct.'), 'CAPTCHA should block user login form', 'reCAPTCHA');
|
172 |
|
|
|
173 |
|
|
// And make sure that user is not logged in: check for name and password fields on ?q=user
|
174 |
|
|
$this->drupalGet('user');
|
175 |
|
|
$this->assertField('name', t('Username field found.'), 'reCAPTCHA');
|
176 |
|
|
$this->assertField('pass', t('Password field found.'), 'reCAPTCHA');
|
177 |
|
|
}
|
178 |
|
|
|
179 |
|
|
} |