class FileFieldFileExtensionsUpdateTest

Tests file_post_update_add_txt_if_allows_insecure_extensions().

@group Update @group legacy

Hierarchy

class \Drupal\Tests\BrowserTestBase uses \Drupal\Core\Test\FunctionalTestSetupTrait, \Drupal\Tests\UiHelperTrait, \Drupal\Core\Test\TestSetupTrait, \Drupal\Tests\block\Traits\BlockCreationTrait, \Drupal\FunctionalTests\AssertLegacyTrait, \Drupal\Tests\RandomGeneratorTrait, \Drupal\Tests\node\Traits\NodeCreationTrait, \Drupal\Tests\node\Traits\ContentTypeCreationTrait, \Drupal\Tests\ConfigTestTrait, \Drupal\Tests\TestRequirementsTrait, \Drupal\Tests\user\Traits\UserCreationTrait, \Drupal\Tests\XdebugRequestTrait, \Drupal\Tests\Traits\PhpUnitWarnings, \Drupal\Tests\PhpUnitCompatibilityTrait, \Symfony\Bridge\PhpUnit\ExpectDeprecationTrait, \Drupal\Tests\ExtensionListTestTrait extends \PHPUnit\Framework\TestCase
- class \Drupal\FunctionalTests\Update\UpdatePathTestBase uses \Drupal\Tests\UpdatePathTestTrait extends \Drupal\Tests\BrowserTestBase
  - class \Drupal\Tests\file\Functional\Update\FileFieldFileExtensionsUpdateTest extends \Drupal\FunctionalTests\Update\UpdatePathTestBase

Expanded class hierarchy of FileFieldFileExtensionsUpdateTest

File

core/modules/file/tests/src/Functional/Update/FileFieldFileExtensionsUpdateTest.php, line 15

Namespace

Drupal\Tests\file\Functional\Update

View on git.drupalcode.org

View source

class FileFieldFileExtensionsUpdateTest extends UpdatePathTestBase {
  
  /**
   * {@inheritdoc}
   */
  protected static $modules = [
    'file',
  ];
  
  /**
   * {@inheritdoc}
   */
  protected function setDatabaseDumpFiles() {
    $this->databaseDumpFiles = [
      __DIR__ . '/../../../../../system/tests/fixtures/update/drupal-8.8.0.bare.standard.php.gz',
    ];
  }
  
  /**
   * Tests adding txt extension to field that allow insecure extensions.
   */
  public function testInsecureUpdatesNotAllowed() {
    $this->setAllowedExtensions('php jpg');
    $this->runUpdates();
    $this->assertSession()
      ->statusCodeEquals('200');
    $field = FieldConfig::load('node.article.field_image');
    $this->assertSame('php jpg txt', $field->getSetting('file_extensions'));
  }
  
  /**
   * Tests file fields that permit all extensions.
   */
  public function testAllFileTypesAllowed() {
    $this->setAllowedExtensions('');
    $this->runUpdates();
    $this->assertSession()
      ->statusCodeEquals('200');
    $field = FieldConfig::load('node.article.field_image');
    $this->assertSame('', $field->getSetting('file_extensions'));
  }
  
  /**
   * Tests update when insecure uploads are allowed.
   */
  public function testInsecureUpdatesAllowed() {
    $this->setAllowedExtensions('php');
    // Do direct database updates to avoid dependencies.
    $connection = Database::getConnection();
    $config = $connection->select('config')
      ->fields('config', [
      'data',
    ])
      ->condition('collection', '')
      ->condition('name', 'system.file')
      ->execute()
      ->fetchField();
    $config = unserialize($config);
    $config['allow_insecure_uploads'] = TRUE;
    $connection->update('config')
      ->fields([
      'data' => serialize($config),
    ])
      ->condition('collection', '')
      ->condition('name', 'system.file')
      ->execute();
    $this->runUpdates();
    $this->assertSession()
      ->pageTextContains('The system is configured to allow insecure file uploads. No file field updates are necessary.');
    $this->assertSession()
      ->statusCodeEquals('200');
    $field = FieldConfig::load('node.article.field_image');
    $this->assertSame('php', $field->getSetting('file_extensions'));
  }
  
  /**
   * Sets the allowed extensions on the article image field.
   *
   * @param string $allowed_extensions
   *   The list of allowed extensions.
   */
  protected function setAllowedExtensions(string $allowed_extensions) {
    // Do direct database updates to avoid dependencies.
    $connection = Database::getConnection();
    $config = $connection->select('config')
      ->fields('config', [
      'data',
    ])
      ->condition('collection', '')
      ->condition('name', 'field.field.node.article.field_image')
      ->execute()
      ->fetchField();
    $config = unserialize($config);
    $this->assertArrayHasKey('file_extensions', $config['settings']);
    $config['settings']['file_extensions'] = $allowed_extensions;
    $connection->update('config')
      ->fields([
      'data' => serialize($config),
    ])
      ->condition('collection', '')
      ->condition('name', 'field.field.node.article.field_image')
      ->execute();
  }

}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.

Breadcrumb

class FileFieldFileExtensionsUpdateTest

Hierarchy

File

Namespace

API Navigation