class FileFieldFileExtensionsUpdateTest
Tests file_post_update_add_txt_if_allows_insecure_extensions().
@group Update @group legacy
Hierarchy
- class \Drupal\Tests\BrowserTestBase uses \Drupal\Core\Test\FunctionalTestSetupTrait, \Drupal\Tests\UiHelperTrait, \Drupal\Core\Test\TestSetupTrait, \Drupal\Tests\block\Traits\BlockCreationTrait, \Drupal\FunctionalTests\AssertLegacyTrait, \Drupal\Tests\RandomGeneratorTrait, \Drupal\Tests\node\Traits\NodeCreationTrait, \Drupal\Tests\node\Traits\ContentTypeCreationTrait, \Drupal\Tests\ConfigTestTrait, \Drupal\Tests\TestRequirementsTrait, \Drupal\Tests\user\Traits\UserCreationTrait, \Drupal\Tests\XdebugRequestTrait, \Drupal\Tests\Traits\PhpUnitWarnings, \Drupal\Tests\PhpUnitCompatibilityTrait, \Symfony\Bridge\PhpUnit\ExpectDeprecationTrait, \Drupal\Tests\ExtensionListTestTrait extends \PHPUnit\Framework\TestCase
- class \Drupal\FunctionalTests\Update\UpdatePathTestBase uses \Drupal\Tests\UpdatePathTestTrait extends \Drupal\Tests\BrowserTestBase
- class \Drupal\Tests\file\Functional\Update\FileFieldFileExtensionsUpdateTest extends \Drupal\FunctionalTests\Update\UpdatePathTestBase
- class \Drupal\FunctionalTests\Update\UpdatePathTestBase uses \Drupal\Tests\UpdatePathTestTrait extends \Drupal\Tests\BrowserTestBase
Expanded class hierarchy of FileFieldFileExtensionsUpdateTest
File
-
core/
modules/ file/ tests/ src/ Functional/ Update/ FileFieldFileExtensionsUpdateTest.php, line 15
Namespace
Drupal\Tests\file\Functional\UpdateView source
class FileFieldFileExtensionsUpdateTest extends UpdatePathTestBase {
/**
* {@inheritdoc}
*/
protected static $modules = [
'file',
];
/**
* {@inheritdoc}
*/
protected function setDatabaseDumpFiles() {
$this->databaseDumpFiles = [
__DIR__ . '/../../../../../system/tests/fixtures/update/drupal-8.8.0.bare.standard.php.gz',
];
}
/**
* Tests adding txt extension to field that allow insecure extensions.
*/
public function testInsecureUpdatesNotAllowed() {
$this->setAllowedExtensions('php jpg');
$this->runUpdates();
$this->assertSession()
->statusCodeEquals('200');
$field = FieldConfig::load('node.article.field_image');
$this->assertSame('php jpg txt', $field->getSetting('file_extensions'));
}
/**
* Tests file fields that permit all extensions.
*/
public function testAllFileTypesAllowed() {
$this->setAllowedExtensions('');
$this->runUpdates();
$this->assertSession()
->statusCodeEquals('200');
$field = FieldConfig::load('node.article.field_image');
$this->assertSame('', $field->getSetting('file_extensions'));
}
/**
* Tests update when insecure uploads are allowed.
*/
public function testInsecureUpdatesAllowed() {
$this->setAllowedExtensions('php');
// Do direct database updates to avoid dependencies.
$connection = Database::getConnection();
$config = $connection->select('config')
->fields('config', [
'data',
])
->condition('collection', '')
->condition('name', 'system.file')
->execute()
->fetchField();
$config = unserialize($config);
$config['allow_insecure_uploads'] = TRUE;
$connection->update('config')
->fields([
'data' => serialize($config),
])
->condition('collection', '')
->condition('name', 'system.file')
->execute();
$this->runUpdates();
$this->assertSession()
->pageTextContains('The system is configured to allow insecure file uploads. No file field updates are necessary.');
$this->assertSession()
->statusCodeEquals('200');
$field = FieldConfig::load('node.article.field_image');
$this->assertSame('php', $field->getSetting('file_extensions'));
}
/**
* Sets the allowed extensions on the article image field.
*
* @param string $allowed_extensions
* The list of allowed extensions.
*/
protected function setAllowedExtensions(string $allowed_extensions) {
// Do direct database updates to avoid dependencies.
$connection = Database::getConnection();
$config = $connection->select('config')
->fields('config', [
'data',
])
->condition('collection', '')
->condition('name', 'field.field.node.article.field_image')
->execute()
->fetchField();
$config = unserialize($config);
$this->assertArrayHasKey('file_extensions', $config['settings']);
$config['settings']['file_extensions'] = $allowed_extensions;
$connection->update('config')
->fields([
'data' => serialize($config),
])
->condition('collection', '')
->condition('name', 'field.field.node.article.field_image')
->execute();
}
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.