function FilterAdminTest::testFilterAdmin

Tests filter administration functionality.

File

core/modules/filter/tests/src/Functional/FilterAdminTest.php, line 199

Class

FilterAdminTest

Thoroughly test the administrative interface of the filter module.

Namespace

Code

public function testFilterAdmin() : void {
  $first_filter = 'filter_autop';
  $second_filter = 'filter_url';
  $basic = 'basic_html';
  $restricted = 'restricted_html';
  $full = 'full_html';
  $plain = 'plain_text';
  // Check that the fallback format exists and cannot be disabled.
  $this->assertSame($plain, filter_fallback_format(), 'The fallback format is set to plain text.');
  $this->drupalGet('admin/config/content/formats');
  $this->assertSession()
    ->responseNotContains('admin/config/content/formats/manage/' . $plain . '/disable');
  $this->drupalGet('admin/config/content/formats/manage/' . $plain . '/disable');
  $this->assertSession()
    ->statusCodeEquals(403);
  // Verify access permissions to Full HTML format.
  $full_format = FilterFormat::load($full);
  $this->assertTrue($full_format->access('use', $this->adminUser), 'Admin user may use Full HTML.');
  $this->assertFalse($full_format->access('use', $this->webUser), 'Web user may not use Full HTML.');
  // Add an additional tag and extra spaces and returns.
  $edit = [];
  $edit['filters[filter_html][settings][allowed_html]'] = "<a>   <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>\r\n<quote>";
  $this->drupalGet('admin/config/content/formats/manage/' . $restricted);
  $this->submitForm($edit, 'Save configuration');
  $this->assertSession()
    ->addressEquals('admin/config/content/formats/manage/' . $restricted);
  $this->drupalGet('admin/config/content/formats/manage/' . $restricted);
  // Check that the allowed HTML tag was added and the string reformatted.
  $this->assertSession()
    ->fieldValueEquals('filters[filter_html][settings][allowed_html]', "<a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <quote>");
  $this->assertSession()
    ->elementExists('xpath', "//select[@name='filters[" . $first_filter . "][weight]']/following::select[@name='filters[" . $second_filter . "][weight]']");
  // Reorder filters.
  $edit = [];
  $edit['filters[' . $second_filter . '][weight]'] = 1;
  $edit['filters[' . $first_filter . '][weight]'] = 2;
  $this->submitForm($edit, 'Save configuration');
  $this->assertSession()
    ->addressEquals('admin/config/content/formats/manage/' . $restricted);
  $this->drupalGet('admin/config/content/formats/manage/' . $restricted);
  $this->assertSession()
    ->fieldValueEquals('filters[' . $second_filter . '][weight]', 1);
  $this->assertSession()
    ->fieldValueEquals('filters[' . $first_filter . '][weight]', 2);
  $this->assertSession()
    ->elementExists('xpath', "//select[@name='filters[" . $second_filter . "][weight]']/following::select[@name='filters[" . $first_filter . "][weight]']");
  $filter_format = FilterFormat::load($restricted);
  foreach ($filter_format->filters() as $filter_name => $filter) {
    if ($filter_name == $second_filter || $filter_name == $first_filter) {
      $filters[] = $filter_name;
    }
  }
  // Ensure that the second filter is now before the first filter.
  $this->assertEquals($filter_format->filters($second_filter)->weight + 1, $filter_format->filters($first_filter)->weight, 'Order confirmed in configuration.');
  // Add format.
  $edit = [];
  $edit['format'] = $this->randomMachineName();
  $edit['name'] = $this->randomMachineName();
  $edit['roles[' . RoleInterface::AUTHENTICATED_ID . ']'] = 1;
  $edit['filters[' . $second_filter . '][status]'] = TRUE;
  $edit['filters[' . $first_filter . '][status]'] = TRUE;
  $this->drupalGet('admin/config/content/formats/add');
  $this->submitForm($edit, 'Save configuration');
  $this->assertSession()
    ->addressEquals('admin/config/content/formats');
  $this->assertSession()
    ->statusMessageContains("Added text format {$edit['name']}.", 'status');
  filter_formats_reset();
  $format = FilterFormat::load($edit['format']);
  $this->assertNotNull($format, 'Format found in database.');
  $this->drupalGet('admin/config/content/formats/manage/' . $format->id());
  $this->assertSession()
    ->checkboxChecked('roles[' . RoleInterface::AUTHENTICATED_ID . ']');
  $this->assertSession()
    ->checkboxChecked('filters[' . $second_filter . '][status]');
  $this->assertSession()
    ->checkboxChecked('filters[' . $first_filter . '][status]');
  /** @var \Drupal\user\Entity\Role $role */
  $role = Role::load(RoleInterface::AUTHENTICATED_ID);
  $this->assertTrue($role->hasPermission($format->getPermissionName()), 'The authenticated role has permission to use the filter.');
  // Disable new filter.
  $this->drupalGet('admin/config/content/formats/manage/' . $format->id() . '/disable');
  $this->submitForm([], 'Disable');
  $this->assertSession()
    ->addressEquals('admin/config/content/formats');
  $this->assertSession()
    ->statusMessageContains("Disabled text format {$edit['name']}.", 'status');
  $role = Role::load(RoleInterface::AUTHENTICATED_ID);
  $this->assertFalse($role->hasPermission($format->getPermissionName()), 'The filter permission has been removed from the authenticated role');
  // Allow authenticated users on full HTML.
  $format = FilterFormat::load($full);
  $edit = [];
  $edit['roles[' . RoleInterface::ANONYMOUS_ID . ']'] = 0;
  $edit['roles[' . RoleInterface::AUTHENTICATED_ID . ']'] = 1;
  $this->drupalGet('admin/config/content/formats/manage/' . $full);
  $this->submitForm($edit, 'Save configuration');
  $this->assertSession()
    ->addressEquals('admin/config/content/formats/manage/' . $full);
  $this->assertSession()
    ->statusMessageContains("The text format {$format->label()} has been updated.", 'status');
  // Switch user.
  $this->drupalLogin($this->webUser);
  $this->drupalGet('node/add/page');
  $this->assertSession()
    ->responseContains('<option value="' . $full . '">Full HTML</option>');
  // Use basic HTML and see if it removes tags that are not allowed.
  $body = '<em>' . $this->randomMachineName() . '</em>';
  $extra_text = 'text';
  $text = $body . '<random>' . $extra_text . '</random>';
  $edit = [];
  $edit['title[0][value]'] = $this->randomMachineName();
  $edit['body[0][value]'] = $text;
  $edit['body[0][format]'] = $basic;
  $this->drupalGet('node/add/page');
  $this->submitForm($edit, 'Save');
  $this->assertSession()
    ->statusMessageContains('Basic page ' . $edit['title[0][value]'] . ' has been created.', 'status');
  // Verify that the creation message contains a link to a node.
  $this->assertSession()
    ->elementExists('xpath', '//div[@aria-label="Status message"]//a[contains(@href, "node/")]');
  $node = $this->drupalGetNodeByTitle($edit['title[0][value]']);
  $this->assertNotEmpty($node, 'Node found in database.');
  $this->drupalGet('node/' . $node->id());
  // Check that filter removed invalid tag.
  $this->assertSession()
    ->responseContains($body . $extra_text);
  // Use plain text and see if it escapes all tags, whether allowed or not.
  // In order to test plain text, we have to enable the hidden variable for
  // "show_fallback_format", which displays plain text in the format list.
  $this->config('filter.settings')
    ->set('always_show_fallback_choice', TRUE)
    ->save();
  $edit = [];
  $edit['body[0][format]'] = $plain;
  $this->drupalGet('node/' . $node->id() . '/edit');
  $this->submitForm($edit, 'Save');
  $this->drupalGet('node/' . $node->id());
  $this->assertSession()
    ->assertEscaped($text);
  $this->config('filter.settings')
    ->set('always_show_fallback_choice', FALSE)
    ->save();
  // Switch user.
  $this->drupalLogin($this->adminUser);
  // Clean up.
  // Allowed tags.
  $edit = [];
  $edit['filters[filter_html][settings][allowed_html]'] = '<a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>';
  $this->drupalGet('admin/config/content/formats/manage/' . $basic);
  $this->submitForm($edit, 'Save configuration');
  $this->assertSession()
    ->addressEquals('admin/config/content/formats/manage/' . $basic);
  $this->drupalGet('admin/config/content/formats/manage/' . $basic);
  $this->assertSession()
    ->fieldValueEquals('filters[filter_html][settings][allowed_html]', $edit['filters[filter_html][settings][allowed_html]']);
  // Full HTML.
  $edit = [];
  $edit['roles[' . RoleInterface::AUTHENTICATED_ID . ']'] = FALSE;
  $this->drupalGet('admin/config/content/formats/manage/' . $full);
  $this->submitForm($edit, 'Save configuration');
  $this->assertSession()
    ->addressEquals('admin/config/content/formats/manage/' . $full);
  $this->assertSession()
    ->statusMessageContains("The text format {$format->label()} has been updated.", 'status');
  $this->drupalGet('admin/config/content/formats/manage/' . $full);
  $this->assertSession()
    ->fieldValueEquals('roles[' . RoleInterface::AUTHENTICATED_ID . ']', $edit['roles[' . RoleInterface::AUTHENTICATED_ID . ']']);
  // Filter order.
  $edit = [];
  $edit['filters[' . $second_filter . '][weight]'] = 2;
  $edit['filters[' . $first_filter . '][weight]'] = 1;
  $this->drupalGet('admin/config/content/formats/manage/' . $basic);
  $this->submitForm($edit, 'Save configuration');
  $this->assertSession()
    ->addressEquals('admin/config/content/formats/manage/' . $basic);
  $this->drupalGet('admin/config/content/formats/manage/' . $basic);
  $this->assertSession()
    ->fieldValueEquals('filters[' . $second_filter . '][weight]', $edit['filters[' . $second_filter . '][weight]']);
  $this->assertSession()
    ->fieldValueEquals('filters[' . $first_filter . '][weight]', $edit['filters[' . $first_filter . '][weight]']);
}