Commit 5009eff2 authored by David_Rothstein's avatar David_Rothstein

Issue #2749489 by pwolanin: Write test for the User module security issue from SA-CORE-2016-002

parent 15da2e8c
......@@ -62,3 +62,21 @@ function user_form_test_current_password($form, &$form_state, $account) {
function user_form_test_current_password_submit($form, &$form_state) {
drupal_set_message(t('The password has been validated and the form submitted successfully.'));
}
/**
* Implements hook_form_FORM_ID_alter().
*/
function user_form_test_form_user_profile_form_alter(&$form, &$form_state) {
if (variable_get('user_form_test_user_profile_form_rebuild', FALSE)) {
$form['#submit'][] = 'user_form_test_user_account_submit';
}
}
/**
* Submit function for user_profile_form().
*/
function user_form_test_user_account_submit($form, &$form_state) {
// Rebuild the form instead of letting the process end. This allows us to
// test for bugs that can be triggered in contributed modules.
$form_state['rebuild'] = TRUE;
}
......@@ -1988,6 +1988,55 @@ class UserEditTestCase extends DrupalWebTestCase {
}
}
/**
* Tests editing a user account with and without a form rebuild.
*/
class UserEditRebuildTestCase extends DrupalWebTestCase {
public static function getInfo() {
return array(
'name' => 'User edit with form rebuild',
'description' => 'Test user edit page when a form rebuild is triggered.',
'group' => 'User',
);
}
function setUp() {
parent::setUp('user_form_test');
}
/**
* Test user edit page when the form is set to rebuild.
*/
function testUserEditFormRebuild() {
$user1 = $this->drupalCreateUser(array('change own username'));
$this->drupalLogin($user1);
$roles = array_keys($user1->roles);
// Save the user form twice.
$edit = array();
$edit['current_pass'] = $user1->pass_raw;
$this->drupalPost("user/$user1->uid/edit", $edit, t('Save'));
$this->assertRaw(t("The changes have been saved."));
$this->drupalPost(NULL, $edit, t('Save'));
$this->assertRaw(t("The changes have been saved."));
$saved_user1 = entity_load_unchanged('user', $user1->uid);
$this->assertEqual(count($roles), count($saved_user1->roles), 'Count of user roles in database matches original count.');
$diff = array_diff(array_keys($saved_user1->roles), $roles);
$this->assertTrue(empty($diff), format_string('User roles in database match original: @roles', array('@roles' => implode(', ', $saved_user1->roles))));
// Set variable that causes the form to be rebuilt in user_form_test.module.
variable_set('user_form_test_user_profile_form_rebuild', TRUE);
$this->drupalPost("user/$user1->uid/edit", $edit, t('Save'));
$this->assertRaw(t("The changes have been saved."));
$this->drupalPost(NULL, $edit, t('Save'));
$this->assertRaw(t("The changes have been saved."));
$saved_user1 = entity_load_unchanged('user', $user1->uid);
$this->assertEqual(count($roles), count($saved_user1->roles), 'Count of user roles in database matches original count.');
$diff = array_diff(array_keys($saved_user1->roles), $roles);
$this->assertTrue(empty($diff), format_string('User roles in database match original: @roles', array('@roles' => implode(', ', $saved_user1->roles))));
}
}
/**
* Test case for user signatures.
*/
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment