Commit 07e76fdd authored by Gábor Hojtsy's avatar Gábor Hojtsy

Issue #2942769 by alexpott, vaplas, smaz, Gábor Hojtsy, borisson_, Eli-T:...

Issue #2942769 by alexpott, vaplas, smaz, Gábor Hojtsy, borisson_, Eli-T: Consolidate umami .htaccess files and testing
parent 544740df
# Deny all requests from Apache 2.4+.
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
# Deny all requests from Apache 2.0-2.2.
<IfModule !mod_authz_core.c>
Deny from all
</IfModule>
# Turn off all options we don't need.
Options None
Options +FollowSymLinks
# Deny all requests from Apache 2.4+.
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
# Deny all requests from Apache 2.0-2.2.
<IfModule !mod_authz_core.c>
Deny from all
</IfModule>
# Turn off all options we don't need.
Options -Indexes -ExecCGI -Includes -MultiViews
<?php
namespace Drupal\Tests\demo_umami_content\Functional;
use Drupal\Core\Site\Settings;
use Drupal\Tests\BrowserTestBase;
/**
* Tests that files provided by demo_umami_content are not accessible.
*
* @group demo_umami_content
*/
class DefaultContentFilesAccessTest extends BrowserTestBase {
/**
* Tests that sample images, recipes and articles are not accessible.
*/
public function testAccessDeniedToFiles() {
// The demo_umami profile should not be used because we want to ensure that
// if you install another profile these files are not available.
$this->assertNotSame('demo_umami', Settings::get('install_profile'));
$files_to_test = [
'images/chocolate-brownie-umami.jpg',
'recipe_instructions/chocolate-brownie-umami.html',
'article_body/lets-hear-it-for-carrots.html',
'articles.csv',
];
foreach ($files_to_test as $file) {
// Hard code the path since the demo_umami profile is not installed.
$content_path = "core/profiles/demo_umami/modules/demo_umami_content/default_content/$file";
$this->assertFileExists($this->root . '/' . $content_path);
$this->drupalGet($content_path);
$this->assertSession()->statusCodeEquals(403);
}
}
}
......@@ -163,37 +163,4 @@ public function testDemonstrationWarningMessage() {
$web_assert->pageTextNotContains('This site is intended for demonstration purposes.');
}
/**
* Tests that sample images are not accessible to the webserver.
*/
public function testAccessDeniedToSampleImages() {
$file_name = 'chocolate-brownie-umami.jpg';
$file_path = '/' . drupal_get_path('module', 'demo_umami_content') . '/default_content/images/' . $file_name;
$this->assertTrue(file_exists(DRUPAL_ROOT . $file_path));
$this->drupalGet($file_path);
$this->assertSession()->statusCodeEquals(403);
}
/**
* Tests that sample recipes are not accessible to the webserver.
*/
public function testAccessDeniedToSampleRecipes() {
$file_name = 'chocolate-brownie-umami.html';
$file_path = '/' . drupal_get_path('module', 'demo_umami_content') . '/default_content/recipe_instructions/' . $file_name;
$this->assertTrue(file_exists(DRUPAL_ROOT . $file_path));
$this->drupalGet($file_path);
$this->assertSession()->statusCodeEquals(403);
}
/**
* Tests that sample articles are not accessible to the webserver.
*/
public function testAccessDeniedToSampleArticles() {
$file_name = 'lets-hear-it-for-carrots.html';
$file_path = '/' . drupal_get_path('module', 'demo_umami_content') . '/default_content/article_body/' . $file_name;
$this->assertTrue(file_exists(DRUPAL_ROOT . $file_path));
$this->drupalGet($file_path);
$this->assertSession()->statusCodeEquals(403);
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment