X-Git-Url: http://www.aleph1.co.uk/gitweb/?p=yaffs-website;a=blobdiff_plain;f=web%2Fcore%2Fmodules%2Fupdate%2Ftests%2Fsrc%2FFunctional%2FUpdateCoreTest.php;fp=web%2Fcore%2Fmodules%2Fupdate%2Ftests%2Fsrc%2FFunctional%2FUpdateCoreTest.php;h=20ad53e81b233c0415fb60175ea298e3c75927e8;hp=5cd4b1026068653a6fd93feaa723b4c221b494a7;hb=0bf8d09d2542548982e81a441b1f16e75873a04f;hpb=74df008bdbb3a11eeea356744f39b802369bda3c

diff --git a/web/core/modules/update/tests/src/Functional/UpdateCoreTest.php b/web/core/modules/update/tests/src/Functional/UpdateCoreTest.php
index 5cd4b1026..20ad53e81 100644
--- a/web/core/modules/update/tests/src/Functional/UpdateCoreTest.php
+++ b/web/core/modules/update/tests/src/Functional/UpdateCoreTest.php
@@ -160,20 +160,188 @@ class UpdateCoreTest extends UpdateTestBase {
 
   /**
    * Tests the Update Manager module when a security update is available.
+   *
+   * @param string $site_patch_version
+   *   The patch version to set the site to for testing.
+   * @param string[] $expected_security_releases
+   *   The security releases, if any, that the status report should recommend.
+   * @param string $expected_update_message_type
+   *   The type of update message expected.
+   * @param string $fixture
+   *   The test fixture that contains the test XML.
+   *
+   * @dataProvider securityUpdateAvailabilityProvider
    */
-  public function testSecurityUpdateAvailable() {
-    foreach ([0, 1] as $minor_version) {
-      $this->setSystemInfo("8.$minor_version.0");
-      $this->refreshUpdateStatus(['drupal' => "$minor_version.2-sec"]);
-      $this->standardTests();
-      $this->assertNoText(t('Up to date'));
-      $this->assertNoText(t('Update available'));
-      $this->assertText(t('Security update required!'));
-      $this->assertRaw(\Drupal::l("8.$minor_version.2", Url::fromUri("http://example.com/drupal-8-$minor_version-2-release")), 'Link to release appears.');
-      $this->assertRaw(\Drupal::l(t('Download'), Url::fromUri("http://example.com/drupal-8-$minor_version-2.tar.gz")), 'Link to download appears.');
-      $this->assertRaw(\Drupal::l(t('Release notes'), Url::fromUri("http://example.com/drupal-8-$minor_version-2-release")), 'Link to release notes appears.');
-      $this->assertRaw('error.svg', 'Error icon was found.');
+  public function testSecurityUpdateAvailability($site_patch_version, array $expected_security_releases, $expected_update_message_type, $fixture) {
+    $this->setSystemInfo("8.$site_patch_version");
+    $this->refreshUpdateStatus(['drupal' => $fixture]);
+    $this->assertSecurityUpdates('drupal-8', $expected_security_releases, $expected_update_message_type, 'table.update');
+  }
+
+  /**
+   * Data provider method for testSecurityUpdateAvailability().
+   *
+   * These test cases rely on the following fixtures containing the following
+   * releases:
+   * - drupal.sec.0.1_0.2.xml
+   *   - 8.0.2 Security update
+   *   - 8.0.1 Security update, Insecure
+   *   - 8.0.0 Insecure
+   * - drupal.sec.0.2.xml
+   *   - 8.0.2 Security update
+   *   - 8.0.1 Insecure
+   *   - 8.0.0 Insecure
+   * - drupal.sec.0.2-rc2.xml
+   *   - 8.2.0-rc2 Security update
+   *   - 8.2.0-rc1 Insecure
+   *   - 8.2.0-beta2 Insecure
+   *   - 8.2.0-beta1 Insecure
+   *   - 8.2.0-alpha2 Insecure
+   *   - 8.2.0-alpha1 Insecure
+   *   - 8.1.2 Security update
+   *   - 8.1.1 Insecure
+   *   - 8.1.0 Insecure
+   *   - 8.0.2 Security update
+   *   - 8.0.1 Insecure
+   *   - 8.0.0 Insecure
+   * - drupal.sec.1.2.xml
+   *   - 8.1.2 Security update
+   *   - 8.1.1 Insecure
+   *   - 8.1.0 Insecure
+   *   - 8.0.2
+   *   - 8.0.1
+   *   - 8.0.0
+   * - drupal.sec.1.2_insecure.xml
+   *   - 8.1.2 Security update
+   *   - 8.1.1 Insecure
+   *   - 8.1.0 Insecure
+   *   - 8.0.2 Insecure
+   *   - 8.0.1 Insecure
+   *   - 8.0.0 Insecure
+   * - drupal.sec.0.2-rc2-b.xml
+   *   - 8.2.0-rc2
+   *   - 8.2.0-rc1
+   *   - 8.2.0-beta2
+   *   - 8.2.0-beta1
+   *   - 8.2.0-alpha2
+   *   - 8.2.0-alpha1
+   *   - 8.1.2 Security update
+   *   - 8.1.1 Insecure
+   *   - 8.1.0 Insecure
+   *   - 8.0.2 Security update
+   *   - 8.0.1 Insecure
+   *   - 8.0.0 Insecure
+   */
+  public function securityUpdateAvailabilityProvider() {
+    $test_cases = [
+      // Security release available for site minor release 0.
+      // No releases for next minor.
+      '0.0, 0.2' => [
+        'site_patch_version' => '0.0',
+        'expected_security_releases' => ['0.2'],
+        'expected_update_message_type' => static::SECURITY_UPDATE_REQUIRED,
+        'fixture' => 'sec.0.2',
+      ],
+      // Site on latest security release available for site minor release 0.
+      // Minor release 1 also has a security release, and the current release
+      // is marked as insecure.
+      '0.2, 0.2' => [
+        'site_patch_version' => '0.2',
+        'expected_security_release' => ['1.2', '2.0-rc2'],
+        'expected_update_message_type' => static::UPDATE_AVAILABLE,
+        'fixture' => 'sec.0.2-rc2',
+      ],
+      // Two security releases available for site minor release 0.
+      // 0.1 security release marked as insecure.
+      // No releases for next minor.
+      '0.0, 0.1 0.2' => [
+        'site_patch_version' => '0.0',
+        'expected_security_releases' => ['0.2'],
+        'expected_update_message_type' => static::SECURITY_UPDATE_REQUIRED,
+        'fixture' => 'sec.0.1_0.2',
+      ],
+      // Security release available for site minor release 1.
+      // No releases for next minor.
+      '1.0, 1.2' => [
+        'site_patch_version' => '1.0',
+        'expected_security_releases' => ['1.2'],
+        'expected_update_message_type' => static::SECURITY_UPDATE_REQUIRED,
+        'fixture' => 'sec.1.2',
+      ],
+      // Security release available for site minor release 0.
+      // Security release also available for next minor.
+      '0.0, 0.2 1.2' => [
+        'site_patch_version' => '0.0',
+        'expected_security_releases' => ['0.2', '1.2', '2.0-rc2'],
+        'expected_update_message_type' => static::SECURITY_UPDATE_REQUIRED,
+        'fixture' => 'sec.0.2-rc2',
+      ],
+      // No newer security release for site minor 1.
+      // Previous minor has security release.
+      '1.2, 0.2 1.2' => [
+        'site_patch_version' => '1.2',
+        'expected_security_releases' => [],
+        'expected_update_message_type' => static::UPDATE_NONE,
+        'fixture' => 'sec.0.2-rc2',
+      ],
+      // No security release available for site minor release 0.
+      // Security release available for next minor.
+      '0.0, 1.2, insecure' => [
+        'site_patch_version' => '0.0',
+        'expected_security_releases' => ['1.2'],
+        'expected_update_message_type' => static::SECURITY_UPDATE_REQUIRED,
+        'fixture' => 'sec.1.2_insecure',
+      ],
+      // All releases for minor 0 are secure.
+      // Security release available for next minor.
+      '0.0, 1.2, secure' => [
+        'site_patch_version' => '0.0',
+        'expected_security_release' => ['1.2'],
+        'expected_update_message_type' => static::UPDATE_AVAILABLE,
+        'fixture' => 'sec.1.2',
+      ],
+      '0.2, 1.2, secure' => [
+        'site_patch_version' => '0.2',
+        'expected_security_release' => ['1.2'],
+        'expected_update_message_type' => static::UPDATE_AVAILABLE,
+        'fixture' => 'sec.1.2',
+      ],
+      // Site on 2.0-rc2 which is a security release.
+      '2.0-rc2, 0.2 1.2' => [
+        'site_patch_version' => '2.0-rc2',
+        'expected_security_releases' => [],
+        'expected_update_message_type' => static::UPDATE_NONE,
+        'fixture' => 'sec.0.2-rc2',
+      ],
+    ];
+    $pre_releases = [
+      '2.0-alpha1',
+      '2.0-alpha2',
+      '2.0-beta1',
+      '2.0-beta2',
+      '2.0-rc1',
+      '2.0-rc2',
+    ];
+
+    // If the site is on an alpha/beta/RC of an upcoming minor and none of the
+    // alpha/beta/RC versions are marked insecure, no security update should be
+    // required.
+    foreach ($pre_releases as $pre_release) {
+      $test_cases["Pre-release:$pre_release, no security update"] = [
+        'site_patch_version' => $pre_release,
+        'expected_security_releases' => [],
+        'expected_update_message_type' => $pre_release === '2.0-rc2' ? static::UPDATE_NONE : static::UPDATE_AVAILABLE,
+        'fixture' => 'sec.0.2-rc2-b',
+      ];
     }
+
+    // @todo In https://www.drupal.org/node/2865920 add test cases:
+    //   - For all pre-releases for 8.2.0 except 8.2.0-rc2 using the
+    //     'sec.0.2-rc2' fixture to ensure that 8.2.0-rc2 is the only security
+    //     update.
+    //   - For 8.1.0 using fixture 'sec.0.2-rc2' to ensure that only security
+    //     updates are 8.1.2 and 8.2.0-rc2.
+    return $test_cases;
   }
 
   /**
@@ -270,7 +438,7 @@ class UpdateCoreTest extends UpdateTestBase {
       ->set('fetch.url', Url::fromRoute('update_test.update_test')->setAbsolute()->toString())
       ->save();
     $this->config('update_test.settings')
-      ->set('xml_map', ['drupal' => '0.2-sec'])
+      ->set('xml_map', ['drupal' => 'sec.0.2'])
       ->save();
 
     $this->drupalGet('admin/reports/updates');
@@ -289,8 +457,9 @@ class UpdateCoreTest extends UpdateTestBase {
     // Make sure duplicate messages don't appear on Update status pages.
     $this->drupalGet('admin/reports/status');
     // We're expecting "There is a security update..." inside the status report
-    // itself, but the drupal_set_message() appears as an li so we can prefix
-    // with that and search for the raw HTML.
+    // itself, but the message from
+    // \Drupal\Core\Messenger\MessengerInterface::addStatus() appears as an li
+    // so we can prefix with that and search for the raw HTML.
     $this->assertNoRaw('<li>' . t('There is a security update available for your version of Drupal.'));
 
     $this->drupalGet('admin/reports/updates');