drupalCreateContentType(['type' => 'page', 'name' => 'Basic page']); // Set up the filter formats used by this test. $basic_html_format = FilterFormat::create([ 'format' => 'basic_html', 'name' => 'Basic HTML', 'filters' => [ 'filter_html' => [ 'status' => 1, 'settings' => [ 'allowed_html' => '
',
],
],
],
]);
$basic_html_format->save();
$restricted_html_format = FilterFormat::create([
'format' => 'restricted_html',
'name' => 'Restricted HTML',
'filters' => [
'filter_html' => [
'status' => TRUE,
'weight' => -10,
'settings' => [
'allowed_html' => '
',
],
],
'filter_autop' => [
'status' => TRUE,
'weight' => 0,
],
'filter_url' => [
'status' => TRUE,
'weight' => 0,
],
'filter_htmlcorrector' => [
'status' => TRUE,
'weight' => 10,
],
],
]);
$restricted_html_format->save();
$full_html_format = FilterFormat::create([
'format' => 'full_html',
'name' => 'Full HTML',
'weight' => 1,
'filters' => [],
]);
$full_html_format->save();
$this->adminUser = $this->drupalCreateUser([
'administer filters',
$basic_html_format->getPermissionName(),
$restricted_html_format->getPermissionName(),
$full_html_format->getPermissionName(),
'access site reports',
]);
$this->webUser = $this->drupalCreateUser(['create page content', 'edit own page content']);
user_role_grant_permissions('authenticated', [$basic_html_format->getPermissionName()]);
user_role_grant_permissions('anonymous', [$restricted_html_format->getPermissionName()]);
$this->drupalLogin($this->adminUser);
$this->drupalPlaceBlock('local_actions_block');
}
/**
* Tests the format administration functionality.
*/
public function testFormatAdmin() {
// Add text format.
$this->drupalGet('admin/config/content/formats');
$this->clickLink('Add text format');
$format_id = Unicode::strtolower($this->randomMachineName());
$name = $this->randomMachineName();
$edit = [
'format' => $format_id,
'name' => $name,
];
$this->drupalPostForm(NULL, $edit, t('Save configuration'));
// Verify default weight of the text format.
$this->drupalGet('admin/config/content/formats');
$this->assertFieldByName("formats[$format_id][weight]", 0, 'Text format weight was saved.');
// Change the weight of the text format.
$edit = [
"formats[$format_id][weight]" => 5,
];
$this->drupalPostForm('admin/config/content/formats', $edit, t('Save'));
$this->assertFieldByName("formats[$format_id][weight]", 5, 'Text format weight was saved.');
// Edit text format.
$this->drupalGet('admin/config/content/formats');
$destination = Url::fromRoute('filter.admin_overview')->toString();
$edit_href = Url::fromRoute('entity.filter_format.edit_form', ['filter_format' => $format_id], ['query' => ['destination' => $destination]])->toString();
$this->assertSession()->linkByHrefExists($edit_href);
$this->drupalGet('admin/config/content/formats/manage/' . $format_id);
$this->drupalPostForm(NULL, [], t('Save configuration'));
// Verify that the custom weight of the text format has been retained.
$this->drupalGet('admin/config/content/formats');
$this->assertFieldByName("formats[$format_id][weight]", 5, 'Text format weight was retained.');
// Disable text format.
$this->assertLinkByHref('admin/config/content/formats/manage/' . $format_id . '/disable');
$this->drupalGet('admin/config/content/formats/manage/' . $format_id . '/disable');
$this->drupalPostForm(NULL, [], t('Disable'));
// Verify that disabled text format no longer exists.
$this->drupalGet('admin/config/content/formats/manage/' . $format_id);
$this->assertResponse(404, 'Disabled text format no longer exists.');
// Attempt to create a format of the same machine name as the disabled
// format but with a different human readable name.
$edit = [
'format' => $format_id,
'name' => 'New format',
];
$this->drupalPostForm('admin/config/content/formats/add', $edit, t('Save configuration'));
$this->assertText('The machine-readable name is already in use. It must be unique.');
// Attempt to create a format of the same human readable name as the
// disabled format but with a different machine name.
$edit = [
'format' => 'new_format',
'name' => $name,
];
$this->drupalPostForm('admin/config/content/formats/add', $edit, t('Save configuration'));
$this->assertRaw(t('Text format names must be unique. A format named %name already exists.', [
'%name' => $name,
]));
}
/**
* Tests filter administration functionality.
*/
public function testFilterAdmin() {
$first_filter = 'filter_autop';
$second_filter = 'filter_url';
$basic = 'basic_html';
$restricted = 'restricted_html';
$full = 'full_html';
$plain = 'plain_text';
// Check that the fallback format exists and cannot be disabled.
$this->assertTrue($plain == filter_fallback_format(), 'The fallback format is set to plain text.');
$this->drupalGet('admin/config/content/formats');
$this->assertNoRaw('admin/config/content/formats/manage/' . $plain . '/disable', 'Disable link for the fallback format not found.');
$this->drupalGet('admin/config/content/formats/manage/' . $plain . '/disable');
$this->assertResponse(403, 'The fallback format cannot be disabled.');
// Verify access permissions to Full HTML format.
$full_format = FilterFormat::load($full);
$this->assertTrue($full_format->access('use', $this->adminUser), 'Admin user may use Full HTML.');
$this->assertFalse($full_format->access('use', $this->webUser), 'Web user may not use Full HTML.');
// Add an additional tag and extra spaces and returns.
$edit = [];
$edit['filters[filter_html][settings][allowed_html]'] = "
";
$this->drupalPostForm('admin/config/content/formats/manage/' . $restricted, $edit, t('Save configuration'));
$this->assertUrl('admin/config/content/formats');
$this->drupalGet('admin/config/content/formats/manage/' . $restricted);
$this->assertFieldByName('filters[filter_html][settings][allowed_html]', "
", 'Allowed HTML tag added.');
$elements = $this->xpath('//select[@name=:first]/following::select[@name=:second]', [
':first' => 'filters[' . $first_filter . '][weight]',
':second' => 'filters[' . $second_filter . '][weight]',
]);
$this->assertNotEmpty($elements, 'Order confirmed in admin interface.');
// Reorder filters.
$edit = [];
$edit['filters[' . $second_filter . '][weight]'] = 1;
$edit['filters[' . $first_filter . '][weight]'] = 2;
$this->drupalPostForm(NULL, $edit, t('Save configuration'));
$this->assertUrl('admin/config/content/formats');
$this->drupalGet('admin/config/content/formats/manage/' . $restricted);
$this->assertFieldByName('filters[' . $second_filter . '][weight]', 1, 'Order saved successfully.');
$this->assertFieldByName('filters[' . $first_filter . '][weight]', 2, 'Order saved successfully.');
$elements = $this->xpath('//select[@name=:first]/following::select[@name=:second]', [
':first' => 'filters[' . $second_filter . '][weight]',
':second' => 'filters[' . $first_filter . '][weight]',
]);
$this->assertNotEmpty($elements, 'Reorder confirmed in admin interface.');
$filter_format = FilterFormat::load($restricted);
foreach ($filter_format->filters() as $filter_name => $filter) {
if ($filter_name == $second_filter || $filter_name == $first_filter) {
$filters[] = $filter_name;
}
}
// Ensure that the second filter is now before the first filter.
$this->assertEqual($filter_format->filters($second_filter)->weight + 1, $filter_format->filters($first_filter)->weight, 'Order confirmed in configuration.');
// Add format.
$edit = [];
$edit['format'] = Unicode::strtolower($this->randomMachineName());
$edit['name'] = $this->randomMachineName();
$edit['roles[' . RoleInterface::AUTHENTICATED_ID . ']'] = 1;
$edit['filters[' . $second_filter . '][status]'] = TRUE;
$edit['filters[' . $first_filter . '][status]'] = TRUE;
$this->drupalPostForm('admin/config/content/formats/add', $edit, t('Save configuration'));
$this->assertUrl('admin/config/content/formats');
$this->assertRaw(t('Added text format %format.', ['%format' => $edit['name']]), 'New filter created.');
filter_formats_reset();
$format = FilterFormat::load($edit['format']);
$this->assertNotNull($format, 'Format found in database.');
$this->drupalGet('admin/config/content/formats/manage/' . $format->id());
$this->assertSession()->checkboxChecked('roles[' . RoleInterface::AUTHENTICATED_ID . ']');
$this->assertSession()->checkboxChecked('filters[' . $second_filter . '][status]');
$this->assertSession()->checkboxChecked('filters[' . $first_filter . '][status]');
// Disable new filter.
$this->drupalPostForm('admin/config/content/formats/manage/' . $format->id() . '/disable', [], t('Disable'));
$this->assertUrl('admin/config/content/formats');
$this->assertRaw(t('Disabled text format %format.', ['%format' => $edit['name']]), 'Format successfully disabled.');
// Allow authenticated users on full HTML.
$format = FilterFormat::load($full);
$edit = [];
$edit['roles[' . RoleInterface::ANONYMOUS_ID . ']'] = 0;
$edit['roles[' . RoleInterface::AUTHENTICATED_ID . ']'] = 1;
$this->drupalPostForm('admin/config/content/formats/manage/' . $full, $edit, t('Save configuration'));
$this->assertUrl('admin/config/content/formats');
$this->assertRaw(t('The text format %format has been updated.', ['%format' => $format->label()]), 'Full HTML format successfully updated.');
// Switch user.
$this->drupalLogin($this->webUser);
$this->drupalGet('node/add/page');
$this->assertRaw('', 'Full HTML filter accessible.');
// Use basic HTML and see if it removes tags that are not allowed.
$body = '' . $this->randomMachineName() . '';
$extra_text = 'text';
$text = $body . '
' . Html::escape($link) . '
';
$ampersand_as_code = '' . Html::escape($ampersand) . '
';
$this->drupalGet('filter/tips');
$this->assertRaw('' . $link_as_code . ' ');
$this->assertRaw('' . $link . ' ');
$this->assertRaw('' . $ampersand_as_code . ' ');
$this->assertRaw('' . $ampersand . ' ');
}
/**
* Tests whether a field using a disabled format is rendered.
*/
public function testDisabledFormat() {
// Create a node type and add a standard body field.
$node_type = NodeType::create(['type' => Unicode::strtolower($this->randomMachineName())]);
$node_type->save();
node_add_body_field($node_type, $this->randomString());
// Create a text format with a filter that returns a static string.
$format = FilterFormat::create([
'name' => $this->randomString(),
'format' => $format_id = Unicode::strtolower($this->randomMachineName()),
]);
$format->setFilterConfig('filter_static_text', ['status' => TRUE]);
$format->save();
// Create a new node of the new node type.
$node = Node::create([
'type' => $node_type->id(),
'title' => $this->randomString(),
]);
$body_value = $this->randomString();
$node->body->value = $body_value;
$node->body->format = $format_id;
$node->save();
// The format is used and we should see the static text instead of the body
// value.
$this->drupalGet($node->urlInfo());
$this->assertText('filtered text');
// Disable the format.
$format->disable()->save();
$this->drupalGet($node->urlInfo());
// The format is not used anymore.
$this->assertNoText('filtered text');
// The text is not displayed unfiltered or escaped.
$this->assertNoRaw($body_value);
$this->assertNoEscaped($body_value);
// Visit the dblog report page.
$this->drupalLogin($this->adminUser);
$this->drupalGet('admin/reports/dblog');
// The correct message has been logged.
$this->assertRaw(sprintf('Disabled text format: %s.', $format_id));
// Programmatically change the text format to something random so we trigger
// the missing text format message.
$format_id = $this->randomMachineName();
$node->body->format = $format_id;
$node->save();
$this->drupalGet($node->urlInfo());
// The text is not displayed unfiltered or escaped.
$this->assertNoRaw($body_value);
$this->assertNoEscaped($body_value);
// Visit the dblog report page.
$this->drupalGet('admin/reports/dblog');
// The missing text format message has been logged.
$this->assertRaw(sprintf('Missing text format: %s.', $format_id));
}
}