/** * Ensures that .htaccess and web.config files are present in Composer root. * * @param \Composer\Script\Event $event */ public static function ensureHtaccess(Event $event) { // The current working directory for composer scripts is where you run // composer from. $vendor_dir = $event->getComposer()->getConfig()->get('vendor-dir'); // Prevent access to vendor directory on Apache servers. $htaccess_file = $vendor_dir . '/.htaccess'; if (!file_exists($htaccess_file)) { file_put_contents($htaccess_file, FileStorage::htaccessLines(TRUE) . "\n"); } // Prevent access to vendor directory on IIS servers. $webconfig_file = $vendor_dir . '/web.config'; if (!file_exists($webconfig_file)) { $lines = <<<EOT <configuration> <system.webServer> <authorization> <deny users="*"> </authorization> </system.webServer> </configuration> EOT; file_put_contents($webconfig_file, $lines . "\n"); } }
/** * Test directory handling functions. */ function testFileCheckDirectoryHandling() { // A directory to operate on. $directory = file_default_scheme() . '://' . $this->randomMachineName() . '/' . $this->randomMachineName(); $this->assertFalse(is_dir($directory), 'Directory does not exist prior to testing.'); // Non-existent directory. $this->assertFalse(file_prepare_directory($directory, 0), 'Error reported for non-existing directory.', 'File'); // Make a directory. $this->assertTrue(file_prepare_directory($directory, FILE_CREATE_DIRECTORY), 'No error reported when creating a new directory.', 'File'); // Make sure directory actually exists. $this->assertTrue(is_dir($directory), 'Directory actually exists.', 'File'); if (substr(PHP_OS, 0, 3) != 'WIN') { // PHP on Windows doesn't support any kind of useful read-only mode for // directories. When executing a chmod() on a directory, PHP only sets the // read-only flag, which doesn't prevent files to actually be written // in the directory on any recent version of Windows. // Make directory read only. @drupal_chmod($directory, 0444); $this->assertFalse(file_prepare_directory($directory, 0), 'Error reported for a non-writeable directory.', 'File'); // Test directory permission modification. $this->setSetting('file_chmod_directory', 0777); $this->assertTrue(file_prepare_directory($directory, FILE_MODIFY_PERMISSIONS), 'No error reported when making directory writeable.', 'File'); } // Test that the directory has the correct permissions. $this->assertDirectoryPermissions($directory, 0777, 'file_chmod_directory setting is respected.'); // Remove .htaccess file to then test that it gets re-created. @drupal_unlink(file_default_scheme() . '://.htaccess'); $this->assertFalse(is_file(file_default_scheme() . '://.htaccess'), 'Successfully removed the .htaccess file in the files directory.', 'File'); file_ensure_htaccess(); $this->assertTrue(is_file(file_default_scheme() . '://.htaccess'), 'Successfully re-created the .htaccess file in the files directory.', 'File'); // Verify contents of .htaccess file. $file = file_get_contents(file_default_scheme() . '://.htaccess'); $this->assertEqual($file, FileStorage::htaccessLines(FALSE), 'The .htaccess file contains the proper content.', 'File'); }
/** * @covers ::deleteAll */ public function testDeleteAll() { $php = new FileStorage($this->standardSettings); $name = $this->randomMachineName() . '/' . $this->randomMachineName() . '.php'; // Find a global that doesn't exist. do { $random = mt_rand(10000, 100000); } while (isset($GLOBALS[$random])); // Write our the file so we can test deleting. $code = "<?php\n\$GLOBALS[{$random}] = TRUE;"; $this->assertTrue($php->save($name, $code)); $php_read = new FileReadOnlyStorage($this->readonlyStorage); $this->assertFalse($php_read->deleteAll()); // Make sure directory exists prior to removal. $this->assertTrue(file_exists($this->directory . '/test'), 'File storage directory does not exist.'); }
/** * Tests writing with one class and reading with another. * * @group Drupal * @group PhpStorage */ public function testReadOnly() { $php = new FileStorage($this->standardSettings); $name = $this->randomName() . '/' . $this->randomName() . '.php'; // Find a global that doesn't exist. do { $random = mt_rand(10000, 100000); } while (isset($GLOBALS[$random])); // Write out a PHP file and ensure it's successfully loaded. $code = "<?php\n\$GLOBALS[{$random}] = TRUE;"; $success = $php->save($name, $code); $this->assertSame($success, TRUE); $php_read = new FileReadOnlyStorage($this->readonlyStorage); $php_read->load($name); $this->assertTrue($GLOBALS[$random]); // If the file was successfully loaded, it must also exist, but ensure the // exists() method returns that correctly. $this->assertSame($php_read->exists($name), TRUE); // Saving and deleting should always fail. $this->assertFalse($php_read->save($name, $code)); $this->assertFalse($php_read->delete($name)); }
/** * Tests file_save_htaccess(). */ function testHtaccessSave() { // Prepare test directories. $private = $this->publicFilesDirectory . '/test/private'; // Verify that file_save_htaccess() returns FALSE if .htaccess cannot be // written and writes a correctly formatted message to the error log. Set // $private to TRUE so all possible .htaccess lines are written. $this->assertFalse(file_save_htaccess($private, TRUE)); $this->drupalLogin($this->rootUser); $this->drupalGet('admin/reports/dblog'); $this->clickLink("Security warning: Couldn't write .htaccess file. Please…"); $lines = FileStorage::htaccessLines(TRUE); foreach (array_filter(explode("\n", $lines)) as $line) { $this->assertEscaped($line); } }
/** * @covers ::deleteAll */ public function testDeleteAll() { // Write out some files. $php = new FileStorage($this->standardSettings); $name = $this->randomMachineName() . '/' . $this->randomMachineName() . '.php'; // Find a global that doesn't exist. do { $random = mt_rand(10000, 100000); } while (isset($GLOBALS[$random])); // Write out a PHP file and ensure it's successfully loaded. $code = "<?php\n\$GLOBALS[{$random}] = TRUE;"; $this->assertTrue($php->save($name, $code), 'Saved php file'); $php->load($name); $this->assertTrue($GLOBALS[$random], 'File saved correctly with correct value'); // Make sure directory exists prior to removal. $this->assertTrue(file_exists($this->directory . '/test'), 'File storage directory does not exist.'); $this->assertTrue($php->deleteAll(), 'Delete all reported success'); $this->assertFalse($php->load($name)); $this->assertFalse(file_exists($this->directory . '/test'), 'File storage directory does not exist after call to deleteAll()'); // Should still return TRUE if directory has already been deleted. $this->assertTrue($php->deleteAll(), 'Delete all succeeds with nothing to delete'); }
/** * Tests deleteAll() method. * * @group Drupal * @group PhpStorage */ public function testDeleteAll() { // Make sure directory exists prior to removal. $this->assertTrue(file_exists(sys_get_temp_dir() . '/php/test'), 'File storage directory does not exist.'); // Write out some files. $php = new FileStorage($this->standardSettings); $name = $this->randomMachineName() . '/' . $this->randomMachineName() . '.php'; // Find a global that doesn't exist. do { $random = mt_rand(10000, 100000); } while (isset($GLOBALS[$random])); // Write out a PHP file and ensure it's successfully loaded. $code = "<?php\n\$GLOBALS[{$random}] = TRUE;"; $success = $php->save($name, $code); $this->assertSame($success, TRUE); $php->load($name); $this->assertTrue($GLOBALS[$random]); $this->assertTrue($php->deleteAll()); $this->assertFalse($php->load($name)); $this->assertFalse(file_exists(sys_get_temp_dir() . '/php/test'), 'File storage directory still exists after call to deleteAll().'); // Should still return TRUE if directory has already been deleted. $this->assertTrue($php->deleteAll()); }