/**
* Ensures that .htaccess and web.config files are present in Composer root.
*
* @param \Composer\Script\Event $event
*/
public static function ensureHtaccess(Event $event)
{
// The current working directory for composer scripts is where you run
// composer from.
$vendor_dir = $event->getComposer()->getConfig()->get('vendor-dir');
// Prevent access to vendor directory on Apache servers.
$htaccess_file = $vendor_dir . '/.htaccess';
if (!file_exists($htaccess_file)) {
file_put_contents($htaccess_file, FileStorage::htaccessLines(TRUE) . "\n");
}
// Prevent access to vendor directory on IIS servers.
$webconfig_file = $vendor_dir . '/web.config';
if (!file_exists($webconfig_file)) {
$lines = <<<EOT
<configuration>
<system.webServer>
<authorization>
<deny users="*">
</authorization>
</system.webServer>
</configuration>
EOT;
file_put_contents($webconfig_file, $lines . "\n");
}
}
/**
* Test directory handling functions.
*/
function testFileCheckDirectoryHandling()
{
// A directory to operate on.
$directory = file_default_scheme() . '://' . $this->randomMachineName() . '/' . $this->randomMachineName();
$this->assertFalse(is_dir($directory), 'Directory does not exist prior to testing.');
// Non-existent directory.
$this->assertFalse(file_prepare_directory($directory, 0), 'Error reported for non-existing directory.', 'File');
// Make a directory.
$this->assertTrue(file_prepare_directory($directory, FILE_CREATE_DIRECTORY), 'No error reported when creating a new directory.', 'File');
// Make sure directory actually exists.
$this->assertTrue(is_dir($directory), 'Directory actually exists.', 'File');
if (substr(PHP_OS, 0, 3) != 'WIN') {
// PHP on Windows doesn't support any kind of useful read-only mode for
// directories. When executing a chmod() on a directory, PHP only sets the
// read-only flag, which doesn't prevent files to actually be written
// in the directory on any recent version of Windows.
// Make directory read only.
@drupal_chmod($directory, 0444);
$this->assertFalse(file_prepare_directory($directory, 0), 'Error reported for a non-writeable directory.', 'File');
// Test directory permission modification.
$this->setSetting('file_chmod_directory', 0777);
$this->assertTrue(file_prepare_directory($directory, FILE_MODIFY_PERMISSIONS), 'No error reported when making directory writeable.', 'File');
}
// Test that the directory has the correct permissions.
$this->assertDirectoryPermissions($directory, 0777, 'file_chmod_directory setting is respected.');
// Remove .htaccess file to then test that it gets re-created.
@drupal_unlink(file_default_scheme() . '://.htaccess');
$this->assertFalse(is_file(file_default_scheme() . '://.htaccess'), 'Successfully removed the .htaccess file in the files directory.', 'File');
file_ensure_htaccess();
$this->assertTrue(is_file(file_default_scheme() . '://.htaccess'), 'Successfully re-created the .htaccess file in the files directory.', 'File');
// Verify contents of .htaccess file.
$file = file_get_contents(file_default_scheme() . '://.htaccess');
$this->assertEqual($file, FileStorage::htaccessLines(FALSE), 'The .htaccess file contains the proper content.', 'File');
}
/**
* @covers ::deleteAll
*/
public function testDeleteAll()
{
$php = new FileStorage($this->standardSettings);
$name = $this->randomMachineName() . '/' . $this->randomMachineName() . '.php';
// Find a global that doesn't exist.
do {
$random = mt_rand(10000, 100000);
} while (isset($GLOBALS[$random]));
// Write our the file so we can test deleting.
$code = "<?php\n\$GLOBALS[{$random}] = TRUE;";
$this->assertTrue($php->save($name, $code));
$php_read = new FileReadOnlyStorage($this->readonlyStorage);
$this->assertFalse($php_read->deleteAll());
// Make sure directory exists prior to removal.
$this->assertTrue(file_exists($this->directory . '/test'), 'File storage directory does not exist.');
}
/**
* Tests writing with one class and reading with another.
*
* @group Drupal
* @group PhpStorage
*/
public function testReadOnly()
{
$php = new FileStorage($this->standardSettings);
$name = $this->randomName() . '/' . $this->randomName() . '.php';
// Find a global that doesn't exist.
do {
$random = mt_rand(10000, 100000);
} while (isset($GLOBALS[$random]));
// Write out a PHP file and ensure it's successfully loaded.
$code = "<?php\n\$GLOBALS[{$random}] = TRUE;";
$success = $php->save($name, $code);
$this->assertSame($success, TRUE);
$php_read = new FileReadOnlyStorage($this->readonlyStorage);
$php_read->load($name);
$this->assertTrue($GLOBALS[$random]);
// If the file was successfully loaded, it must also exist, but ensure the
// exists() method returns that correctly.
$this->assertSame($php_read->exists($name), TRUE);
// Saving and deleting should always fail.
$this->assertFalse($php_read->save($name, $code));
$this->assertFalse($php_read->delete($name));
}
/**
* Tests file_save_htaccess().
*/
function testHtaccessSave()
{
// Prepare test directories.
$private = $this->publicFilesDirectory . '/test/private';
// Verify that file_save_htaccess() returns FALSE if .htaccess cannot be
// written and writes a correctly formatted message to the error log. Set
// $private to TRUE so all possible .htaccess lines are written.
$this->assertFalse(file_save_htaccess($private, TRUE));
$this->drupalLogin($this->rootUser);
$this->drupalGet('admin/reports/dblog');
$this->clickLink("Security warning: Couldn't write .htaccess file. Please…");
$lines = FileStorage::htaccessLines(TRUE);
foreach (array_filter(explode("\n", $lines)) as $line) {
$this->assertEscaped($line);
}
}
/**
* @covers ::deleteAll
*/
public function testDeleteAll()
{
// Write out some files.
$php = new FileStorage($this->standardSettings);
$name = $this->randomMachineName() . '/' . $this->randomMachineName() . '.php';
// Find a global that doesn't exist.
do {
$random = mt_rand(10000, 100000);
} while (isset($GLOBALS[$random]));
// Write out a PHP file and ensure it's successfully loaded.
$code = "<?php\n\$GLOBALS[{$random}] = TRUE;";
$this->assertTrue($php->save($name, $code), 'Saved php file');
$php->load($name);
$this->assertTrue($GLOBALS[$random], 'File saved correctly with correct value');
// Make sure directory exists prior to removal.
$this->assertTrue(file_exists($this->directory . '/test'), 'File storage directory does not exist.');
$this->assertTrue($php->deleteAll(), 'Delete all reported success');
$this->assertFalse($php->load($name));
$this->assertFalse(file_exists($this->directory . '/test'), 'File storage directory does not exist after call to deleteAll()');
// Should still return TRUE if directory has already been deleted.
$this->assertTrue($php->deleteAll(), 'Delete all succeeds with nothing to delete');
}
/**
* Tests deleteAll() method.
*
* @group Drupal
* @group PhpStorage
*/
public function testDeleteAll()
{
// Make sure directory exists prior to removal.
$this->assertTrue(file_exists(sys_get_temp_dir() . '/php/test'), 'File storage directory does not exist.');
// Write out some files.
$php = new FileStorage($this->standardSettings);
$name = $this->randomMachineName() . '/' . $this->randomMachineName() . '.php';
// Find a global that doesn't exist.
do {
$random = mt_rand(10000, 100000);
} while (isset($GLOBALS[$random]));
// Write out a PHP file and ensure it's successfully loaded.
$code = "<?php\n\$GLOBALS[{$random}] = TRUE;";
$success = $php->save($name, $code);
$this->assertSame($success, TRUE);
$php->load($name);
$this->assertTrue($GLOBALS[$random]);
$this->assertTrue($php->deleteAll());
$this->assertFalse($php->load($name));
$this->assertFalse(file_exists(sys_get_temp_dir() . '/php/test'), 'File storage directory still exists after call to deleteAll().');
// Should still return TRUE if directory has already been deleted.
$this->assertTrue($php->deleteAll());
}
