UserBlocksUnitTests::testUserLoginBlock

7 user.test UserBlocksUnitTests::testUserLoginBlock()
8 user.test UserBlocksUnitTests::testUserLoginBlock()

Test the user login block.

File

modules/user/user.test, line 1501
Tests for user.module.

Code

function testUserLoginBlock() {
  // Create a user with some permission that anonymous users lack.
  $user = $this->drupalCreateUser(array('administer permissions'));

  // Log in using the block.
  $edit = array();
  $edit['name'] = $user->name;
  $edit['pass'] = $user->pass_raw;
  $this->drupalPost('admin/people/permissions', $edit, t('Log in'));
  $this->assertNoText(t('User login'), t('Logged in.'));

  // Check that we are still on the same page.
  $this->assertEqual(url('admin/people/permissions', array('absolute' => TRUE)), $this->getUrl(), t('Still on the same page after login for access denied page'));

  // Now, log out and repeat with a non-403 page.
  $this->drupalLogout();
  $this->drupalPost('filter/tips', $edit, t('Log in'));
  $this->assertNoText(t('User login'), t('Logged in.'));
  $this->assertPattern('!<title.*?' . t('Compose tips') . '.*?</title>!', t('Still on the same page after login for allowed page'));

  // Check that the user login block is not vulnerable to information
  // disclosure to third party sites.
  $this->drupalLogout();
  $this->drupalPost('http://example.com/', $edit, t('Log in'), array('external' => FALSE));
  // Check that we remain on the site after login.
  $this->assertEqual(url('user/' . $user->uid, array('absolute' => TRUE)), $this->getUrl(), t('Redirected to user profile page after login from the frontpage'));
}
Login or register to post comments