DBLogTest.php 22.5 KB
Newer Older
1 2
<?php

3 4
/**
 * @file
5
 * Definition of Drupal\dblog\Tests\DBLogTest.
6 7
 */

8
namespace Drupal\dblog\Tests;
9 10

use Drupal\simpletest\WebTestBase;
11
use SimpleXMLElement;
12

13 14 15
/**
 * Tests logging messages to the database.
 */
16
class DBLogTest extends WebTestBase {
17 18 19 20 21 22

  /**
   * Modules to enable.
   *
   * @var array
   */
23
  public static $modules = array('dblog', 'node', 'forum', 'help');
24

25 26 27 28 29
  /**
   * A user with some relevent administrative permissions.
   *
   * @var object
   */
30
  protected $big_user;
31 32 33 34 35 36

  /**
   * A user without any permissions.
   *
   * @var object
   */
37 38
  protected $any_user;

39
  public static function getInfo() {
40
    return array(
41 42 43
      'name' => 'DBLog functionality',
      'description' => 'Generate events and verify dblog entries; verify user access to log reports based on persmissions.',
      'group' => 'DBLog',
44 45 46 47
    );
  }

  function setUp() {
48 49 50
    parent::setUp();

    // Create users with specific permissions.
51 52 53 54 55
    $this->big_user = $this->drupalCreateUser(array('administer site configuration', 'access administration pages', 'access site reports', 'administer users'));
    $this->any_user = $this->drupalCreateUser(array());
  }

  /**
56 57 58 59 60
   * Tests Database Logging module functionality through interfaces.
   *
   * First logs in users, then creates database log events, and finally tests
   * Database Logging module functionality through both the admin and user
   * interfaces.
61 62 63 64 65 66 67 68 69 70 71 72
   */
  function testDBLog() {
    // Login the admin user.
    $this->drupalLogin($this->big_user);

    $row_limit = 100;
    $this->verifyRowLimit($row_limit);
    $this->verifyCron($row_limit);
    $this->verifyEvents();
    $this->verifyReports();

    // Login the regular user.
73
    $this->drupalLogin($this->any_user);
74 75 76 77
    $this->verifyReports(403);
  }

  /**
78
   * Verifies setting of the database log row limit.
79
   *
80 81
   * @param int $row_limit
   *   The row limit.
82 83
   */
  private function verifyRowLimit($row_limit) {
84
    // Change the database log row limit.
85 86
    $edit = array();
    $edit['dblog_row_limit'] = $row_limit;
87
    $this->drupalPost('admin/config/development/logging', $edit, t('Save configuration'));
88
    $this->assertResponse(200);
89

90
    // Check row limit variable.
91
    $current_limit = config('dblog.settings')->get('row_limit');
92
    $this->assertTrue($current_limit == $row_limit, format_string('[Cache] Row limit variable of @count equals row limit of @limit', array('@count' => $current_limit, '@limit' => $row_limit)));
93 94 95
  }

  /**
96
   * Verifies that cron correctly applies the database log row limit.
97
   *
98 99
   * @param int $row_limit
   *   The row limit.
100 101 102 103
   */
  private function verifyCron($row_limit) {
    // Generate additional log entries.
    $this->generateLogEntries($row_limit + 10);
104
    // Verify that the database log row count exceeds the row limit.
105
    $count = db_query('SELECT COUNT(wid) FROM {watchdog}')->fetchField();
106
    $this->assertTrue($count > $row_limit, format_string('Dblog row count of @count exceeds row limit of @limit', array('@count' => $count, '@limit' => $row_limit)));
107

108
    // Run a cron job.
109
    $this->cronRun();
110 111
    // Verify that the database log row count equals the row limit plus one
    // because cron adds a record after it runs.
112
    $count = db_query('SELECT COUNT(wid) FROM {watchdog}')->fetchField();
113
    $this->assertTrue($count == $row_limit + 1, format_string('Dblog row count of @count equals row limit of @limit plus one', array('@count' => $count, '@limit' => $row_limit)));
114 115 116
  }

  /**
117
   * Generates a number of random database log events.
118
   *
119 120 121
   * @param int $count
   *   Number of watchdog entries to generate.
   * @param string $type
122
   *   (optional) The type of watchdog entry. Defaults to 'custom'.
123
   * @param int $severity
124
   *   (optional) The severity of the watchdog entry. Defaults to WATCHDOG_NOTICE.
125
   */
126
  private function generateLogEntries($count, $type = 'custom', $severity = WATCHDOG_NOTICE) {
127 128 129 130
    global $base_root;

    // Prepare the fields to be logged
    $log = array(
131
      'type'        => $type,
132 133
      'message'     => 'Log entry added to test the dblog row limit.',
      'variables'   => array(),
134
      'severity'    => $severity,
135 136
      'link'        => NULL,
      'user'        => $this->big_user,
137
      'uid'         => isset($this->big_user->uid) ? $this->big_user->uid : 0,
138
      'request_uri' => $base_root . request_uri(),
139
      'referer'     => $_SERVER['HTTP_REFERER'],
140
      'ip'          => '127.0.0.1',
141
      'timestamp'   => REQUEST_TIME,
142
      );
143
    $message = 'Log entry added to test the dblog row limit. Entry #';
144
    for ($i = 0; $i < $count; $i++) {
145
      $log['message'] = $message . $i;
146 147 148 149 150
      dblog_watchdog($log);
    }
  }

  /**
151
   * Confirms that database log reports are displayed at the correct paths.
152
   *
153
   * @param int $response
154
   *   (optional) HTTP response code. Defaults to 200.
155 156 157 158
   */
  private function verifyReports($response = 200) {
    $quote = '&#039;';

159
    // View the database log help page.
160 161 162
    $this->drupalGet('admin/help/dblog');
    $this->assertResponse($response);
    if ($response == 200) {
163
      $this->assertText(t('Database Logging'), 'DBLog help was displayed');
164 165
    }

166
    // View the database log report page.
167 168 169
    $this->drupalGet('admin/reports/dblog');
    $this->assertResponse($response);
    if ($response == 200) {
170
      $this->assertText(t('Recent log messages'), 'DBLog report was displayed');
171 172
    }

173
    // View the database log page-not-found report page.
174 175 176
    $this->drupalGet('admin/reports/page-not-found');
    $this->assertResponse($response);
    if ($response == 200) {
177
      $this->assertText(t('Top ' . $quote . 'page not found' . $quote . ' errors'), 'DBLog page-not-found report was displayed');
178 179
    }

180
    // View the database log access-denied report page.
181 182 183
    $this->drupalGet('admin/reports/access-denied');
    $this->assertResponse($response);
    if ($response == 200) {
184
      $this->assertText(t('Top ' . $quote . 'access denied' . $quote . ' errors'), 'DBLog access-denied report was displayed');
185 186
    }

187
    // View the database log event page.
188 189 190
    $this->drupalGet('admin/reports/event/1');
    $this->assertResponse($response);
    if ($response == 200) {
191
      $this->assertText(t('Details'), 'DBLog event node was displayed');
192 193 194 195
    }
  }

  /**
196
   * Generates and then verifies various types of events.
197 198 199 200
   */
  private function verifyEvents() {
    // Invoke events.
    $this->doUser();
201 202
    $this->drupalCreateContentType(array('type' => 'article', 'name' => t('Article')));
    $this->drupalCreateContentType(array('type' => 'page', 'name' => t('Basic page')));
203 204
    $this->doNode('article');
    $this->doNode('page');
205
    $this->doNode('forum');
206

207
    // When a user account is canceled, any content they created remains but the
208 209
    // uid = 0. Records in the watchdog table related to that user have the uid
    // set to zero.
210 211 212
  }

  /**
213
   * Generates and then verifies some user events.
214
   */
215
  private function doUser() {
216
    // Set user variables.
217
    $name = $this->randomName();
218
    $pass = user_password();
219 220
    // Add a user using the form to generate an add user event (which is not
    // triggered by drupalCreateUser).
221 222
    $edit = array();
    $edit['name'] = $name;
223
    $edit['mail'] = $name . '@example.com';
224 225 226
    $edit['pass[pass1]'] = $pass;
    $edit['pass[pass2]'] = $pass;
    $edit['status'] = 1;
227
    $this->drupalPost('admin/people/create', $edit, t('Create new account'));
228
    $this->assertResponse(200);
229
    // Retrieve the user object.
230
    $user = user_load_by_name($name);
231
    $this->assertTrue($user != NULL, format_string('User @name was loaded', array('@name' => $name)));
232 233
    // pass_raw property is needed by drupalLogin.
    $user->pass_raw = $pass;
234 235 236 237
    // Login user.
    $this->drupalLogin($user);
    // Logout user.
    $this->drupalLogout();
238
    // Fetch the row IDs in watchdog that relate to the user.
239
    $result = db_query('SELECT wid FROM {watchdog} WHERE uid = :uid', array(':uid' => $user->uid));
240
    foreach ($result as $row) {
241
      $ids[] = $row->wid;
242 243
    }
    $count_before = (isset($ids)) ? count($ids) : 0;
244
    $this->assertTrue($count_before > 0, format_string('DBLog contains @count records for @name', array('@count' => $count_before, '@name' => $user->name)));
245 246 247

    // Login the admin user.
    $this->drupalLogin($this->big_user);
248
    // Delete the user created at the start of this test.
249 250 251
    // We need to POST here to invoke batch_process() in the internal browser.
    $this->drupalPost('user/' . $user->uid . '/cancel', array('user_cancel_method' => 'user_cancel_reassign'), t('Cancel account'));

252
    // View the database log report.
253 254 255
    $this->drupalGet('admin/reports/dblog');
    $this->assertResponse(200);

256
    // Verify that the expected events were recorded.
257
    // Add user.
258 259
    // Default display includes name and email address; if too long, the email
    // address is replaced by three periods.
260
    $this->assertLogMessage(t('New user: %name %email.', array('%name' => $name, '%email' => '<' . $user->mail . '>')), 'DBLog event was recorded: [add user]');
261
    // Login user.
262
    $this->assertLogMessage(t('Session opened for %name.', array('%name' => $name)), 'DBLog event was recorded: [login user]');
263
    // Logout user.
264
    $this->assertLogMessage(t('Session closed for %name.', array('%name' => $name)), 'DBLog event was recorded: [logout user]');
265
    // Delete user.
266 267
    $message = t('Deleted user: %name %email.', array('%name' => $name, '%email' => '<' . $user->mail . '>'));
    $message_text = truncate_utf8(filter_xss($message, array()), 56, TRUE, TRUE);
268
    // Verify that the full message displays on the details page.
269 270 271 272 273 274 275 276 277 278
    $link = FALSE;
    if ($links = $this->xpath('//a[text()="' . html_entity_decode($message_text) . '"]')) {
      // Found link with the message text.
      $links = array_shift($links);
      foreach ($links->attributes() as $attr => $value) {
        if ($attr == 'href') {
          // Extract link to details page.
          $link = drupal_substr($value, strpos($value, 'admin/reports/event/'));
          $this->drupalGet($link);
          // Check for full message text on the details page.
279
          $this->assertRaw($message, 'DBLog event details was found: [delete user]');
280 281 282 283
          break;
        }
      }
    }
284
    $this->assertTrue($link, 'DBLog event was recorded: [delete user]');
285 286 287 288
    // Visit random URL (to generate page not found event).
    $not_found_url = $this->randomName(60);
    $this->drupalGet($not_found_url);
    $this->assertResponse(404);
289
    // View the database log page-not-found report page.
290 291
    $this->drupalGet('admin/reports/page-not-found');
    $this->assertResponse(200);
292
    // Check that full-length URL displayed.
293
    $this->assertText($not_found_url, 'DBLog event was recorded: [page not found]');
294 295 296
  }

  /**
297
   * Generates and then verifies some node events.
298
   *
299
   * @param string $type
300
   *   A node type (e.g., 'article', 'page' or 'forum').
301 302 303
   */
  private function doNode($type) {
    // Create user.
304
    $perm = array('create ' . $type . ' content', 'edit own ' . $type . ' content', 'delete own ' . $type . ' content');
305 306 307 308
    $user = $this->drupalCreateUser($perm);
    // Login user.
    $this->drupalLogin($user);

309 310
    // Create a node using the form in order to generate an add content event
    // (which is not triggered by drupalCreateNode).
311
    $edit = $this->getContent($type);
312
    $langcode = LANGUAGE_NOT_SPECIFIED;
313
    $title = $edit["title"];
314
    $this->drupalPost('node/add/' . $type, $edit, t('Save'));
315
    $this->assertResponse(200);
316
    // Retrieve the node object.
317
    $node = $this->drupalGetNodeByTitle($title);
318
    $this->assertTrue($node != NULL, format_string('Node @title was loaded', array('@title' => $title)));
319
    // Edit the node.
320
    $edit = $this->getContentUpdate($type);
321
    $this->drupalPost('node/' . $node->nid . '/edit', $edit, t('Save'));
322
    $this->assertResponse(200);
323
    // Delete the node.
324
    $this->drupalPost('node/' . $node->nid . '/delete', array(), t('Delete'));
325
    $this->assertResponse(200);
326
    // View the node (to generate page not found event).
327
    $this->drupalGet('node/' . $node->nid);
328
    $this->assertResponse(404);
329
    // View the database log report (to generate access denied event).
330 331 332 333 334
    $this->drupalGet('admin/reports/dblog');
    $this->assertResponse(403);

    // Login the admin user.
    $this->drupalLogin($this->big_user);
335
    // View the database log report.
336 337 338
    $this->drupalGet('admin/reports/dblog');
    $this->assertResponse(200);

339 340
    // Verify that node events were recorded.
    // Was node content added?
341
    $this->assertLogMessage(t('@type: added %title.', array('@type' => $type, '%title' => $title)), 'DBLog event was recorded: [content added]');
342
    // Was node content updated?
343
    $this->assertLogMessage(t('@type: updated %title.', array('@type' => $type, '%title' => $title)), 'DBLog event was recorded: [content updated]');
344
    // Was node content deleted?
345
    $this->assertLogMessage(t('@type: deleted %title.', array('@type' => $type, '%title' => $title)), 'DBLog event was recorded: [content deleted]');
346

347
    // View the database log access-denied report page.
348 349
    $this->drupalGet('admin/reports/access-denied');
    $this->assertResponse(200);
350
    // Verify that the 'access denied' event was recorded.
351
    $this->assertText(t('admin/reports/dblog'), 'DBLog event was recorded: [access denied]');
352

353
    // View the database log page-not-found report page.
354 355
    $this->drupalGet('admin/reports/page-not-found');
    $this->assertResponse(200);
356
    // Verify that the 'page not found' event was recorded.
357
    $this->assertText(t('node/@nid', array('@nid' => $node->nid)), 'DBLog event was recorded: [page not found]');
358 359 360
  }

  /**
361
   * Creates random content based on node content type.
362
   *
363 364 365 366 367
   * @param string $type
   *   Node content type (e.g., 'article').
   *
   * @return array
   *   Random content needed by various node types.
368 369
   */
  private function getContent($type) {
370
    $langcode = LANGUAGE_NOT_SPECIFIED;
371
    switch ($type) {
372
      case 'forum':
373
        $content = array(
374
          "title" => $this->randomName(8),
375 376
          "taxonomy_forums[$langcode]" => array(1),
          "body[$langcode][0][value]" => $this->randomName(32),
377
        );
378
      break;
379 380 381

      default:
        $content = array(
382
          "title" => $this->randomName(8),
383
          "body[$langcode][0][value]" => $this->randomName(32),
384
        );
385
      break;
386 387 388 389 390
    }
    return $content;
  }

  /**
391 392 393 394
   * Creates random content as an update based on node content type.
   *
   * @param string $type
   *   Node content type (e.g., 'article').
395
   *
396 397
   * @return array
   *   Random content needed by various node types.
398 399
   */
  private function getContentUpdate($type) {
400 401 402 403
    $langcode = LANGUAGE_NOT_SPECIFIED;
    $content = array(
      "body[$langcode][0][value]" => $this->randomName(32),
    );
404 405
    return $content;
  }
406 407

  /**
408 409 410 411
   * Tests the addition and clearing of log events through the admin interface.
   *
   * Logs in the admin user, creates a database log event, and tests the
   * functionality of clearing the database log through the admin interface.
412 413 414
   */
  protected function testDBLogAddAndClear() {
    global $base_root;
415
    // Get a count of how many watchdog entries already exist.
416 417 418 419 420
    $count = db_query('SELECT COUNT(*) FROM {watchdog}')->fetchField();
    $log = array(
      'type'        => 'custom',
      'message'     => 'Log entry added to test the doClearTest clear down.',
      'variables'   => array(),
421
      'severity'    => WATCHDOG_NOTICE,
422 423
      'link'        => NULL,
      'user'        => $this->big_user,
424
      'uid'         => isset($this->big_user->uid) ? $this->big_user->uid : 0,
425 426
      'request_uri' => $base_root . request_uri(),
      'referer'     => $_SERVER['HTTP_REFERER'],
427
      'ip'          => '127.0.0.1',
428 429 430 431
      'timestamp'   => REQUEST_TIME,
    );
    // Add a watchdog entry.
    dblog_watchdog($log);
432
    // Make sure the table count has actually been incremented.
433
    $this->assertEqual($count + 1, db_query('SELECT COUNT(*) FROM {watchdog}')->fetchField(), format_string('dblog_watchdog() added an entry to the dblog :count', array(':count' => $count)));
434 435
    // Login the admin user.
    $this->drupalLogin($this->big_user);
436
    // Post in order to clear the database table.
437
    $this->drupalPost('admin/reports/dblog', array(), t('Clear log messages'));
438
    // Count the rows in watchdog that previously related to the deleted user.
439
    $count = db_query('SELECT COUNT(*) FROM {watchdog}')->fetchField();
440
    $this->assertEqual($count, 0, format_string('DBLog contains :count records after a clear.', array(':count' => $count)));
441
  }
442 443

  /**
444
   * Tests the database log filter functionality at admin/reports/dblog.
445 446 447 448
   */
  protected function testFilter() {
    $this->drupalLogin($this->big_user);

449
    // Clear the log to ensure that only generated entries will be found.
450 451
    db_delete('watchdog')->execute();

452
    // Generate 9 random watchdog entries.
453 454 455 456
    $type_names = array();
    $types = array();
    for ($i = 0; $i < 3; $i++) {
      $type_names[] = $type_name = $this->randomName();
457
      $severity = WATCHDOG_EMERGENCY;
458 459
      for ($j = 0; $j < 3; $j++) {
        $types[] = $type = array(
460
          'count' => $j + 1,
461 462 463 464 465 466 467
          'type' => $type_name,
          'severity' => $severity++,
        );
        $this->generateLogEntries($type['count'], $type['type'], $type['severity']);
      }
    }

468
    // View the database log page.
469 470
    $this->drupalGet('admin/reports/dblog');

471
    // Confirm that all the entries are displayed.
472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496
    $count = $this->getTypeCount($types);
    foreach ($types as $key => $type) {
      $this->assertEqual($count[$key], $type['count'], 'Count matched');
    }

    // Filter by each type and confirm that entries with various severities are
    // displayed.
    foreach ($type_names as $type_name) {
      $edit = array(
        'type[]' => array($type_name),
      );
      $this->drupalPost(NULL, $edit, t('Filter'));

      // Count the number of entries of this type.
      $type_count = 0;
      foreach ($types as $type) {
        if ($type['type'] == $type_name) {
          $type_count += $type['count'];
        }
      }

      $count = $this->getTypeCount($types);
      $this->assertEqual(array_sum($count), $type_count, 'Count matched');
    }

497 498
    // Set the filter to match each of the two filter-type attributes and
    // confirm the correct number of entries are displayed.
499 500 501 502 503 504 505 506 507 508
    foreach ($types as $key => $type) {
      $edit = array(
        'type[]' => array($type['type']),
        'severity[]' => array($type['severity']),
      );
      $this->drupalPost(NULL, $edit, t('Filter'));

      $count = $this->getTypeCount($types);
      $this->assertEqual(array_sum($count), $type['count'], 'Count matched');
    }
509

510 511 512 513
    $this->drupalGet('admin/reports/dblog', array('query' => array('order' => 'Type')));
    $this->assertResponse(200);
    $this->assertText(t('Operations'), 'Operations text found');

514 515
    // Clear all logs and make sure the confirmation message is found.
    $this->drupalPost('admin/reports/dblog', array(), t('Clear log messages'));
516
    $this->assertText(t('Database log cleared.'), 'Confirmation message found');
517 518 519
  }

  /**
520
   * Gets the database log event information from the browser page.
521
   *
522 523 524 525 526 527
   * @return array
   *   List of log events where each event is an array with following keys:
   *   - severity: (int) A database log severity constant.
   *   - type: (string) The type of database log event.
   *   - message: (string) The message for this database log event.
   *   - user: (string) The user associated with this database log event.
528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545
   */
  protected function getLogEntries() {
    $entries = array();
    if ($table = $this->xpath('.//table[@id="admin-dblog"]')) {
      $table = array_shift($table);
      foreach ($table->tbody->tr as $row) {
        $entries[] = array(
          'severity' => $this->getSeverityConstant($row['class']),
          'type' => $this->asText($row->td[1]),
          'message' => $this->asText($row->td[3]),
          'user' => $this->asText($row->td[4]),
        );
      }
    }
    return $entries;
  }

  /**
546
   * Gets the count of database log entries by database log event type.
547
   *
548
   * @param array $types
549
   *   The type information to compare against.
550 551
   *
   * @return array
552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568
   *   The count of each type keyed by the key of the $types array.
   */
  protected function getTypeCount(array $types) {
    $entries = $this->getLogEntries();
    $count = array_fill(0, count($types), 0);
    foreach ($entries as $entry) {
      foreach ($types as $key => $type) {
        if ($entry['type'] == $type['type'] && $entry['severity'] == $type['severity']) {
          $count[$key]++;
          break;
        }
      }
    }
    return $count;
  }

  /**
569
   * Gets the watchdog severity constant corresponding to the CSS class.
570
   *
571
   * @param string $class
572
   *   CSS class attribute.
573 574
   *
   * @return int|null
575 576 577 578 579
   *   The watchdog severity constant or NULL if not found.
   */
  protected function getSeverityConstant($class) {
    // Reversed array from dblog_overview().
    $map = array(
580 581 582 583 584 585 586
      'dblog-debug' => WATCHDOG_DEBUG,
      'dblog-info' => WATCHDOG_INFO,
      'dblog-notice' => WATCHDOG_NOTICE,
      'dblog-warning' => WATCHDOG_WARNING,
      'dblog-error' => WATCHDOG_ERROR,
      'dblog-critical' => WATCHDOG_CRITICAL,
      'dblog-alert' => WATCHDOG_ALERT,
587
      'dblog-emergency' => WATCHDOG_EMERGENCY,
588 589 590 591 592 593 594 595 596 597 598 599 600
    );

    // Find the class that contains the severity.
    $classes = explode(' ', $class);
    foreach ($classes as $class) {
      if (isset($map[$class])) {
        return $map[$class];
      }
    }
    return NULL;
  }

  /**
601
   * Extracts the text contained by the XHTML element.
602
   *
603
   * @param SimpleXMLElement $element
604
   *   Element to extract text from.
605 606
   *
   * @return string
607 608 609 610 611 612 613 614
   *   Extracted text.
   */
  protected function asText(SimpleXMLElement $element) {
    if (!is_object($element)) {
      return $this->fail('The element is not an element.');
    }
    return trim(html_entity_decode(strip_tags($element->asXML())));
  }
615 616

  /**
617
   * Confirms that a log message appears on the database log overview screen.
618
   *
619 620 621
   * This function should only be used for the admin/reports/dblog page, because
   * it checks for the message link text truncated to 56 characters. Other log
   * pages have no detail links so they contain the full message text.
622
   *
623 624 625
   * @param string $log_message
   *   The database log message to check.
   * @param string $message
626 627 628
   *   The message to pass to simpletest.
   */
  protected function assertLogMessage($log_message, $message) {
629
    $message_text = truncate_utf8(filter_xss($log_message, array()), 56, TRUE, TRUE);
630 631 632
    // After filter_xss(), HTML entities should be converted to their character
    // equivalents because assertLink() uses this string in xpath() to query the
    // Document Object Model (DOM).
633
    $this->assertLink(html_entity_decode($message_text), 0, $message);
634
  }
635
}