FileFieldWidgetTest.php 17.7 KB
Newer Older
1 2 3 4 5 6 7 8
<?php

/**
 * @file
 * Definition of Drupal\file\Tests\FileFieldWidgetTest.
 */

namespace Drupal\file\Tests;
9 10

use Drupal\comment\Entity\Comment;
11
use Drupal\comment\Tests\CommentTestTrait;
12
use Drupal\Component\Utility\Html;
13
use Drupal\field\Entity\FieldConfig;
14
use Drupal\field_ui\Tests\FieldUiTestTrait;
15
use Drupal\user\RoleInterface;
16 17

/**
18 19 20 21
 * Tests the file field widget, single and multi-valued, with and without AJAX,
 * with public and private files.
 *
 * @group file
22 23
 */
class FileFieldWidgetTest extends FileFieldTestBase {
24

25
  use CommentTestTrait;
26 27
  use FieldUiTestTrait;

28 29 30 31 32 33 34 35
  /**
   * {@inheritdoc}
   */
  protected function setUp() {
    parent::setUp();
    $this->drupalPlaceBlock('system_breadcrumb_block');
  }

36 37 38 39 40
  /**
   * Modules to enable.
   *
   * @var array
   */
41
  public static $modules = array('comment', 'block');
42

43 44 45 46
  /**
   * Tests upload and remove buttons for a single-valued File field.
   */
  function testSingleValuedWidget() {
47
    $node_storage = $this->container->get('entity.manager')->getStorage('node');
48
    $type_name = 'article';
49
    $field_name = strtolower($this->randomMachineName());
50
    $this->createFileField($field_name, 'node', $type_name);
51 52 53 54 55 56

    $test_file = $this->getTestFile('text');

    foreach (array('nojs', 'js') as $type) {
      // Create a new node with the uploaded file and ensure it got uploaded
      // successfully.
57
      // @todo This only tests a 'nojs' submission, because drupalPostAjaxForm()
58 59
      //   does not yet support file uploads.
      $nid = $this->uploadNodeFile($test_file, $field_name, $type_name);
60 61
      $node_storage->resetCache(array($nid));
      $node = $node_storage->load($nid);
62
      $node_file = file_load($node->{$field_name}->target_id);
63
      $this->assertFileExists($node_file, 'New file saved to disk on node creation.');
64 65

      // Ensure the file can be downloaded.
66
      $this->drupalGet(file_create_url($node_file->getFileUri()));
67
      $this->assertResponse(200, 'Confirmed that the generated URL is correct by downloading the shipped file.');
68 69 70

      // Ensure the edit page has a remove button instead of an upload button.
      $this->drupalGet("node/$nid/edit");
71 72
      $this->assertNoFieldByXPath('//input[@type="submit"]', t('Upload'), 'Node with file does not display the "Upload" button.');
      $this->assertFieldByXpath('//input[@type="submit"]', t('Remove'), 'Node with file displays the "Remove" button.');
73 74 75 76

      // "Click" the remove button (emulating either a nojs or js submission).
      switch ($type) {
        case 'nojs':
77
          $this->drupalPostForm(NULL, array(), t('Remove'));
78 79 80
          break;
        case 'js':
          $button = $this->xpath('//input[@type="submit" and @value="' . t('Remove') . '"]');
81
          $this->drupalPostAjaxForm(NULL, array(), array((string) $button[0]['name'] => (string) $button[0]['value']));
82 83 84 85
          break;
      }

      // Ensure the page now has an upload button instead of a remove button.
86 87
      $this->assertNoFieldByXPath('//input[@type="submit"]', t('Remove'), 'After clicking the "Remove" button, it is no longer displayed.');
      $this->assertFieldByXpath('//input[@type="submit"]', t('Upload'), 'After clicking the "Remove" button, the "Upload" button is displayed.');
88
      // Test label has correct 'for' attribute.
89
      $label = $this->xpath("//label[@for='edit-" . Html::cleanCssIdentifier($field_name) . "-0-upload']");
90
      $this->assertTrue(isset($label[0]), 'Label for upload found.');
91 92

      // Save the node and ensure it does not have the file.
93
      $this->drupalPostForm(NULL, array(), t('Save and keep published'));
94 95
      $node_storage->resetCache(array($nid));
      $node = $node_storage->load($nid);
96
      $this->assertTrue(empty($node->{$field_name}->target_id), 'File was successfully removed from the node.');
97 98 99 100 101 102 103
    }
  }

  /**
   * Tests upload and remove buttons for multiple multi-valued File fields.
   */
  function testMultiValuedWidget() {
104
    $node_storage = $this->container->get('entity.manager')->getStorage('node');
105
    $type_name = 'article';
106
    // Use explicit names instead of random names for those fields, because of a
107
    // bug in drupalPostForm() with multiple file uploads in one form, where the
108 109 110 111 112 113
    // order of uploads depends on the order in which the upload elements are
    // added to the $form (which, in the current implementation of
    // FileStorage::listAll(), comes down to the alphabetical order on field
    // names).
    $field_name = 'test_file_field_1';
    $field_name2 = 'test_file_field_2';
114 115
    $this->createFileField($field_name, 'node', $type_name, array('cardinality' => 3));
    $this->createFileField($field_name2, 'node', $type_name, array('cardinality' => 3));
116 117 118 119 120 121 122 123 124

    $test_file = $this->getTestFile('text');

    foreach (array('nojs', 'js') as $type) {
      // Visit the node creation form, and upload 3 files for each field. Since
      // the field has cardinality of 3, ensure the "Upload" button is displayed
      // until after the 3rd file, and after that, isn't displayed. Because
      // SimpleTest triggers the last button with a given name, so upload to the
      // second field first.
125
      // @todo This is only testing a non-Ajax upload, because drupalPostAjaxForm()
126 127 128 129 130
      //   does not yet emulate jQuery's file upload.
      //
      $this->drupalGet("node/add/$type_name");
      foreach (array($field_name2, $field_name) as $each_field_name) {
        for ($delta = 0; $delta < 3; $delta++) {
131
          $edit = array('files[' . $each_field_name . '_' . $delta . '][]' => drupal_realpath($test_file->getFileUri()));
132
          // If the Upload button doesn't exist, drupalPostForm() will automatically
133
          // fail with an assertion message.
134
          $this->drupalPostForm(NULL, $edit, t('Upload'));
135 136
        }
      }
137
      $this->assertNoFieldByXpath('//input[@type="submit"]', t('Upload'), 'After uploading 3 files for each field, the "Upload" button is no longer displayed.');
138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153

      $num_expected_remove_buttons = 6;

      foreach (array($field_name, $field_name2) as $current_field_name) {
        // How many uploaded files for the current field are remaining.
        $remaining = 3;
        // Test clicking each "Remove" button. For extra robustness, test them out
        // of sequential order. They are 0-indexed, and get renumbered after each
        // iteration, so array(1, 1, 0) means:
        // - First remove the 2nd file.
        // - Then remove what is then the 2nd file (was originally the 3rd file).
        // - Then remove the first file.
        foreach (array(1,1,0) as $delta) {
          // Ensure we have the expected number of Remove buttons, and that they
          // are numbered sequentially.
          $buttons = $this->xpath('//input[@type="submit" and @value="Remove"]');
154
          $this->assertTrue(is_array($buttons) && count($buttons) === $num_expected_remove_buttons, format_string('There are %n "Remove" buttons displayed (JSMode=%type).', array('%n' => $num_expected_remove_buttons, '%type' => $type)));
155 156 157 158 159 160 161
          foreach ($buttons as $i => $button) {
            $key = $i >= $remaining ? $i - $remaining : $i;
            $check_field_name = $field_name2;
            if ($current_field_name == $field_name && $i < $remaining) {
              $check_field_name = $field_name;
            }

162
            $this->assertIdentical((string) $button['name'], $check_field_name . '_' . $key. '_remove_button');
163 164 165
          }

          // "Click" the remove button (emulating either a nojs or js submission).
166
          $button_name = $current_field_name . '_' . $delta . '_remove_button';
167 168
          switch ($type) {
            case 'nojs':
169
              // drupalPostForm() takes a $submit parameter that is the value of the
170 171 172 173
              // button whose click we want to emulate. Since we have multiple
              // buttons with the value "Remove", and want to control which one we
              // use, we change the value of the other ones to something else.
              // Since non-clicked buttons aren't included in the submitted POST
174
              // data, and since drupalPostForm() will result in $this being updated
175 176 177 178 179 180
              // with a newly rebuilt form, this doesn't cause problems.
              foreach ($buttons as $button) {
                if ($button['name'] != $button_name) {
                  $button['value'] = 'DUMMY';
                }
              }
181
              $this->drupalPostForm(NULL, array(), t('Remove'));
182 183
              break;
            case 'js':
184
              // drupalPostAjaxForm() lets us target the button precisely, so we don't
185
              // require the workaround used above for nojs.
186
              $this->drupalPostAjaxForm(NULL, array(), array($button_name => t('Remove')));
187 188 189 190 191 192 193
              break;
          }
          $num_expected_remove_buttons--;
          $remaining--;

          // Ensure an "Upload" button for the current field is displayed with the
          // correct name.
194
          $upload_button_name = $current_field_name . '_' . $remaining . '_upload_button';
195
          $buttons = $this->xpath('//input[@type="submit" and @value="Upload" and @name=:name]', array(':name' => $upload_button_name));
196
          $this->assertTrue(is_array($buttons) && count($buttons) == 1, format_string('The upload button is displayed with the correct name (JSMode=%type).', array('%type' => $type)));
197 198 199 200

          // Ensure only at most one button per field is displayed.
          $buttons = $this->xpath('//input[@type="submit" and @value="Upload"]');
          $expected = $current_field_name == $field_name ? 1 : 2;
201
          $this->assertTrue(is_array($buttons) && count($buttons) == $expected, format_string('After removing a file, only one "Upload" button for each possible field is displayed (JSMode=%type).', array('%type' => $type)));
202 203 204 205
        }
      }

      // Ensure the page now has no Remove buttons.
206
      $this->assertNoFieldByXPath('//input[@type="submit"]', t('Remove'), format_string('After removing all files, there is no "Remove" button displayed (JSMode=%type).', array('%type' => $type)));
207 208

      // Save the node and ensure it does not have any files.
209
      $this->drupalPostForm(NULL, array('title[0][value]' => $this->randomMachineName()), t('Save and publish'));
210 211 212
      $matches = array();
      preg_match('/node\/([0-9]+)/', $this->getUrl(), $matches);
      $nid = $matches[1];
213 214
      $node_storage->resetCache(array($nid));
      $node = $node_storage->load($nid);
215
      $this->assertTrue(empty($node->{$field_name}->target_id), 'Node was successfully saved without any files.');
216 217 218 219 220 221 222
    }
  }

  /**
   * Tests a file field with a "Private files" upload destination setting.
   */
  function testPrivateFileSetting() {
223
    $node_storage = $this->container->get('entity.manager')->getStorage('node');
224
    // Grant the admin user required permissions.
225
    user_role_grant_permissions($this->adminUser->roles[0]->target_id, array('administer node fields'));
226

227
    $type_name = 'article';
228
    $field_name = strtolower($this->randomMachineName());
229
    $this->createFileField($field_name, 'node', $type_name);
230
    $field = FieldConfig::loadByName('node', $type_name, $field_name);
231 232 233 234

    $test_file = $this->getTestFile('text');

    // Change the field setting to make its files private, and upload a file.
235 236
    $edit = array('field_storage[settings][uri_scheme]' => 'private');
    $this->drupalPostForm("admin/structure/types/manage/$type_name/fields/$field->id/storage", $edit, t('Save field settings'));
237
    $nid = $this->uploadNodeFile($test_file, $field_name, $type_name);
238 239
    $node_storage->resetCache(array($nid));
    $node = $node_storage->load($nid);
240
    $node_file = file_load($node->{$field_name}->target_id);
241
    $this->assertFileExists($node_file, 'New file saved to disk on node creation.');
242 243

    // Ensure the private file is available to the user who uploaded it.
244
    $this->drupalGet(file_create_url($node_file->getFileUri()));
245
    $this->assertResponse(200, 'Confirmed that the generated URL is correct by downloading the shipped file.');
246 247 248

    // Ensure we can't change 'uri_scheme' field settings while there are some
    // entities with uploaded files.
249 250
    $this->drupalGet("admin/structure/types/manage/$type_name/fields/$field->id/storage");
    $this->assertFieldByXpath('//input[@id="edit-field-storage-settings-uri-scheme-public" and @disabled="disabled"]', 'public', 'Upload destination setting disabled.');
251 252

    // Delete node and confirm that setting could be changed.
253
    $node->delete();
254 255
    $this->drupalGet("admin/structure/types/manage/$type_name/fields/$field->id/storage");
    $this->assertFieldByXpath('//input[@id="edit-field-storage-settings-uri-scheme-public" and not(@disabled)]', 'public', 'Upload destination setting enabled.');
256 257 258 259 260 261 262 263
  }

  /**
   * Tests that download restrictions on private files work on comments.
   */
  function testPrivateFileComment() {
    $user = $this->drupalCreateUser(array('access comments'));

264
    // Grant the admin user required comment permissions.
265
    $roles = $this->adminUser->getRoles();
266
    user_role_grant_permissions($roles[1], array('administer comment fields', 'administer comments'));
267 268 269

    // Revoke access comments permission from anon user, grant post to
    // authenticated.
270 271
    user_role_revoke_permissions(RoleInterface::ANONYMOUS_ID, array('access comments'));
    user_role_grant_permissions(RoleInterface::AUTHENTICATED_ID, array('post comments', 'skip comment approval'));
272 273

    // Create a new field.
274
    $this->addDefaultCommentField('node', 'article');
275 276 277 278 279

    $name = strtolower($this->randomMachineName());
    $label = $this->randomMachineName();
    $storage_edit = array('field_storage[settings][uri_scheme]' => 'private');
    $this->fieldUIAddNewField('admin/structure/comment/manage/comment', $name, $label, 'file', $storage_edit);
280

281
    // Manually clear cache on the tester side.
282
    \Drupal::entityManager()->clearCachedFieldDefinitions();
283

284 285
    // Create node.
    $edit = array(
286
      'title[0][value]' => $this->randomMachineName(),
287
    );
288
    $this->drupalPostForm('node/add/article', $edit, t('Save and publish'));
289
    $node = $this->drupalGetNodeByTitle($edit['title[0][value]']);
290 291 292 293

    // Add a comment with a file.
    $text_file = $this->getTestFile('text');
    $edit = array(
294
      'files[field_' . $name . '_' . 0 . ']' => drupal_realpath($text_file->getFileUri()),
295
      'comment_body[0][value]' => $comment_body = $this->randomMachineName(),
296
    );
297
    $this->drupalPostForm('node/' . $node->id(), $edit, t('Save'));
298 299 300 301 302 303 304 305

    // Get the comment ID.
    preg_match('/comment-([0-9]+)/', $this->getUrl(), $matches);
    $cid = $matches[1];

    // Log in as normal user.
    $this->drupalLogin($user);

306
    $comment = Comment::load($cid);
307
    $comment_file = $comment->{'field_' . $name}->entity;
308
    $this->assertFileExists($comment_file, 'New file saved to disk on node creation.');
309
    // Test authenticated file download.
310
    $url = file_create_url($comment_file->getFileUri());
311
    $this->assertNotEqual($url, NULL, 'Confirmed that the URL is valid');
312
    $this->drupalGet(file_create_url($comment_file->getFileUri()));
313
    $this->assertResponse(200, 'Confirmed that the generated URL is correct by downloading the shipped file.');
314 315 316

    // Test anonymous file download.
    $this->drupalLogout();
317
    $this->drupalGet(file_create_url($comment_file->getFileUri()));
318
    $this->assertResponse(403, 'Confirmed that access is denied for the file without the needed permission.');
319 320

    // Unpublishes node.
321
    $this->drupalLogin($this->adminUser);
322
    $this->drupalPostForm('node/' . $node->id() . '/edit', array(), t('Save and unpublish'));
323 324 325

    // Ensures normal user can no longer download the file.
    $this->drupalLogin($user);
326
    $this->drupalGet(file_create_url($comment_file->getFileUri()));
327
    $this->assertResponse(403, 'Confirmed that access is denied for the file without the needed permission.');
328 329
  }

330 331 332 333 334
  /**
   * Tests validation with the Upload button.
   */
  function testWidgetValidation() {
    $type_name = 'article';
335
    $field_name = strtolower($this->randomMachineName());
336
    $this->createFileField($field_name, 'node', $type_name);
337 338 339 340 341
    $this->updateFileField($field_name, $type_name, array('file_extensions' => 'txt'));

    foreach (array('nojs', 'js') as $type) {
      // Create node and prepare files for upload.
      $node = $this->drupalCreateNode(array('type' => 'article'));
342
      $nid = $node->id();
343 344 345
      $this->drupalGet("node/$nid/edit");
      $test_file_text = $this->getTestFile('text');
      $test_file_image = $this->getTestFile('image');
346
      $name = 'files[' . $field_name . '_0]';
347 348

      // Upload file with incorrect extension, check for validation error.
349
      $edit[$name] = drupal_realpath($test_file_image->getFileUri());
350 351
      switch ($type) {
        case 'nojs':
352
          $this->drupalPostForm(NULL, $edit, t('Upload'));
353 354 355
          break;
        case 'js':
          $button = $this->xpath('//input[@type="submit" and @value="' . t('Upload') . '"]');
356
          $this->drupalPostAjaxForm(NULL, $edit, array((string) $button[0]['name'] => (string) $button[0]['value']));
357 358 359 360 361 362
          break;
      }
      $error_message = t('Only files with the following extensions are allowed: %files-allowed.', array('%files-allowed' => 'txt'));
      $this->assertRaw($error_message, t('Validation error when file with wrong extension uploaded (JSMode=%type).', array('%type' => $type)));

      // Upload file with correct extension, check that error message is removed.
363
      $edit[$name] = drupal_realpath($test_file_text->getFileUri());
364 365
      switch ($type) {
        case 'nojs':
366
          $this->drupalPostForm(NULL, $edit, t('Upload'));
367 368 369
          break;
        case 'js':
          $button = $this->xpath('//input[@type="submit" and @value="' . t('Upload') . '"]');
370
          $this->drupalPostAjaxForm(NULL, $edit, array((string) $button[0]['name'] => (string) $button[0]['value']));
371 372 373 374 375
          break;
      }
      $this->assertNoRaw($error_message, t('Validation error removed when file with correct extension uploaded (JSMode=%type).', array('%type' => $type)));
    }
  }
376
}