3
* Gallery - a web based photo album viewer and editor
4
* Copyright (C) 2000-2007 Bharat Mediratta
6
* This program is free software; you can redistribute it and/or modify
7
* it under the terms of the GNU General Public License as published by
8
* the Free Software Foundation; either version 2 of the License, or (at
9
* your option) any later version.
11
* This program is distributed in the hope that it will be useful, but
12
* WITHOUT ANY WARRANTY; without even the implied warranty of
13
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14
* General Public License for more details.
16
* You should have received a copy of the GNU General Public License
17
* along with this program; if not, write to the Free Software
18
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
21
GalleryCoreApi::requireOnce('modules/core/classes/GalleryValidationPlugin.class');
24
* Test Ecard functionality
27
* @author Dariush Molavi <dari@nukedgallery.net>
28
* @version $Revision: 15669 $
30
class EcardControllerTest extends GalleryControllerTestCase {
32
function EcardControllerTest($methodName) {
33
$this->GalleryControllerTestCase($methodName, 'ecard.SendEcard');
40
$ret = $this->_markPluginParametersForCleanup('module', 'ecard');
42
print $ret->getAsHtml();
43
return $this->failWithStatus($ret);
45
$ret = GalleryCoreApi::setPluginParameter('module', 'ecard', 'validation.level', 'HIGH');
47
print $ret->getAsHtml();
48
return $this->failWithStatus($ret);
50
$ret = GalleryCoreApi::setPluginParameter('module', 'ecard', 'subject', 'You got eCard');
52
print $ret->getAsHtml();
53
return $this->failWithStatus($ret);
56
list ($ret, $this->_album) = $this->_createRandomAlbum($this->_getRootId());
58
print $ret->getAsHtml();
59
return $this->failWithStatus($ret);
61
$this->_markForCleanup($this->_album);
63
$ret = GalleryCoreApi::removeItemPermissions($this->_album->getId());
65
print $ret->getAsHtml();
66
return $this->failWithStatus($ret);
68
$ret = GalleryCoreApi::addUserPermission(
69
$this->_album->getId(), $gallery->getActiveUserId(), 'core.all');
71
print $ret->getAsHtml();
72
return $this->failWithStatus($ret);
74
list ($ret, $this->_everybodyId) =
75
GalleryCoreApi::getPluginParameter('module', 'core', 'id.everybodyGroup');
77
print $ret->getAsHtml();
78
return $this->failWithStatus($ret);
80
$ret = GalleryCoreApi::addGroupPermission(
81
$this->_album->getId(), $this->_everybodyId, 'core.view');
83
print $ret->getAsHtml();
84
return $this->failWithStatus($ret);
87
$pathComponent = 'test-' . rand(1, 5000);
88
$this->_itemFile = $pathComponent . '.dat';
89
$this->_resizeFile = $pathComponent . '.jpg';
90
list ($ret, $this->_item) = $this->_createRandomDataItem($this->_album->getId(),
91
'application/unknown', array('pathComponent' => $this->_itemFile));
93
print $ret->getAsHtml();
94
return $this->failWithStatus($ret);
96
list ($ret, $this->_resize) = $this->_createDerivative(
97
$this->_item, $this->_item->getId(), DERIVATIVE_TYPE_IMAGE_RESIZE,
98
'test-operation|100', 'image/jpeg', array('width' => 100, 'height' => 100));
100
print $ret->getAsHtml();
101
return $this->failWithStatus($ret);
104
/* Make sure translate calls during test won't generate any platform calls */
105
list ($ret) = GalleryCoreApi::getPermissionIds();
107
print $ret->getAsHtml();
108
return $this->failWithStatus($ret);
111
$this->_platform = new UnitTestPlatform();
112
$this->_controller->setPluginInstances(array());
115
function tearDown() {
116
$this->assert($this->_platform->isComplete(), $this->_platform->getRemaining());
120
function testCancel() {
121
$itemId = $this->_item->getId();
122
GalleryUtilities::putRequestVariable('itemId', $itemId);
123
GalleryUtilities::putRequestVariable('form[action][cancel]', 1);
125
$results = $this->handleRequest();
127
$this->assertEquals(array('redirect' => array('view' => 'core.ShowItem',
128
'itemId' => (int)$itemId),
134
function testMissingInputs() {
135
$itemId = $this->_item->getId();
136
GalleryUtilities::putRequestVariable('itemId', $itemId);
137
GalleryUtilities::putRequestVariable('form[action][send]', 1);
139
$results = $this->handleRequest();
141
array('delegate' => array('view' => 'ecard.SendEcard'),
143
'error' => array('form[error][to][missing]',
144
'form[error][from][missing]',
145
'form[error][text][missing]')),
149
function testInvalidEmail() {
150
$itemId = $this->_item->getId();
151
GalleryUtilities::putRequestVariable('itemId', $itemId);
153
GalleryUtilities::putRequestVariable('form[action][send]', 1);
154
GalleryUtilities::putRequestVariable('form[from]', 'bad!email@test.com');
155
GalleryUtilities::putRequestVariable('form[fromName]', 'Unit Tester');
156
GalleryUtilities::putRequestVariable('form[to]', 'bad!email2@test.com');
157
GalleryUtilities::putRequestVariable('form[text]', 'Test text');
159
$results = $this->handleRequest();
161
array('delegate' => array('view' => 'ecard.SendEcard'),
163
'error' => array('form[error][to][invalid]', 'form[error][from][invalid]')),
167
function testEcardNoSendPermission() {
169
$itemId = $this->_item->getId();
170
$ret = GalleryCoreApi::removeItemPermissions($itemId);
172
return $this->failWithStatus($ret);
175
GalleryUtilities::putRequestVariable('form[to]', 'example2@example.com');
176
GalleryUtilities::putRequestVariable('form[from]', 'example@example.com');
177
GalleryUtilities::putRequestVariable('form[fromName]', 'Unit Tester');
178
GalleryUtilities::putRequestVariable('form[text]', 'Test email');
179
GalleryUtilities::putRequestVariable('form[action][send]', 1);
180
GalleryUtilities::putRequestVariable('itemId', $itemId);
182
$gallery->setPlatform($this->_platform);
183
$this->handleRequest(ERROR_PERMISSION_DENIED);
186
function testSendEcard() {
188
$itemId = $this->_item->getId();
190
/* Use html format and param specified 'from' for this test */
191
$ret = GalleryCoreApi::setPluginParameter('module', 'ecard', 'format', 'html');
193
return $this->failWithStatus($ret);
195
$ret = GalleryCoreApi::setPluginParameter('module', 'ecard', 'from', 'eCard Test');
197
return $this->failWithStatus($ret);
200
$this->_platform->setReply('file_get_contents', array('fuzzy' => '/Message.txt/'),
201
'The plaintext message: %text% %link%');
202
$this->_platform->setReply('file_get_contents', array('fuzzy' => '/Message.html/'),
203
'The html message: %text% %link% %image%');
204
$this->_platform->setReply('mail', array(
205
'example2@example.com',
207
'fuzzy1' => '/plaintext message: Test < email http.*html '
208
. 'message: Test < email http.* ' . $this->_resizeFile . '/s',
209
'fuzzy2' => '/From: eCard Test/'),
211
$gallery->setPlatform($this->_platform);
213
GalleryUtilities::putRequestVariable('form[to]', 'example2@example.com');
214
GalleryUtilities::putRequestVariable('form[from]', 'example@example.com');
215
GalleryUtilities::putRequestVariable('form[fromName]', 'Unit Tester');
216
GalleryUtilities::putRequestVariable('form[text]', 'Test < email');
217
GalleryUtilities::putRequestVariable('form[action][send]', 1);
218
GalleryUtilities::putRequestVariable('itemId', $itemId);
220
$results = $this->handleRequest();
223
array('redirect' => array('view' => 'ecard.Confirmation', 'itemId' => (int)$itemId),
224
'status' => array('sent' => 1),
226
$results, 'Failed to send ecard');
229
function testLinkPermission() {
230
/* Verify that without public core.view permission, no link is included */
232
$itemId = $this->_item->getId();
234
$ret = GalleryCoreApi::removeGroupPermission($itemId, $this->_everybodyId, 'core.view');
236
return $this->failWithStatus($ret);
239
/* Use html format and param specified 'from' for this test */
240
$ret = GalleryCoreApi::setPluginParameter('module', 'ecard', 'format', 'html');
242
return $this->failWithStatus($ret);
244
$ret = GalleryCoreApi::setPluginParameter('module', 'ecard', 'from', 'eCard Test');
246
return $this->failWithStatus($ret);
249
$this->_platform->setReply('file_get_contents', array('fuzzy' => '/Message.txt/'),
250
'The plaintext message: %text% %link%');
251
$this->_platform->setReply('file_get_contents', array('fuzzy' => '/Message.html/'),
252
'The html message: %text% %link% %image%');
253
$this->_platform->setReply('mail', array(
254
'example2@example.com',
256
'fuzzy1' => '/plaintext message: Test < email [^h].*html message: Test < '
257
. 'email ' . $this->_resizeFile . '/s',
258
'fuzzy2' => '/From: eCard Test/'),
260
$gallery->setPlatform($this->_platform);
262
GalleryUtilities::putRequestVariable('form[to]', 'example2@example.com');
263
GalleryUtilities::putRequestVariable('form[from]', 'example@example.com');
264
GalleryUtilities::putRequestVariable('form[fromName]', 'Unit Tester');
265
GalleryUtilities::putRequestVariable('form[text]', 'Test < email');
266
GalleryUtilities::putRequestVariable('form[action][send]', 1);
267
GalleryUtilities::putRequestVariable('itemId', $itemId);
269
$results = $this->handleRequest();
272
array('redirect' => array('view' => 'ecard.Confirmation', 'itemId' => (int)$itemId),
273
'status' => array('sent' => 1),
275
$results, 'Failed to send ecard');
278
function testSizePermission() {
279
/* Verify permission check for size of image included in email */
281
$itemId = $this->_item->getId();
283
$ret = GalleryCoreApi::removeUserPermission(
284
$itemId, $gallery->getActiveUserId(), 'core.viewResizes');
286
return $this->failWithStatus($ret);
289
/* Use plain format and param specified 'from' for this test */
290
$ret = GalleryCoreApi::setPluginParameter('module', 'ecard', 'format', 'plain');
292
return $this->failWithStatus($ret);
294
$ret = GalleryCoreApi::setPluginParameter('module', 'ecard', 'from', 'eCard Test');
296
return $this->failWithStatus($ret);
299
$this->_platform->setReply('getDirectorySeparator', array(), '/');
300
$this->_platform->setReply('file_get_contents', array('fuzzy' => '/Message.txt/'),
302
$this->_platform->setReply('mail', array(
303
'example2@example.com',
305
'fuzzy1' => '/message: ' . $this->_itemFile . '/s',
306
'fuzzy2' => '/From: eCard Test/'),
308
$gallery->setPlatform($this->_platform);
310
GalleryUtilities::putRequestVariable('form[to]', 'example2@example.com');
311
GalleryUtilities::putRequestVariable('form[from]', 'example@example.com');
312
GalleryUtilities::putRequestVariable('form[fromName]', 'Unit Tester');
313
GalleryUtilities::putRequestVariable('form[text]', 'Test < email');
314
GalleryUtilities::putRequestVariable('form[action][send]', 1);
315
GalleryUtilities::putRequestVariable('itemId', $itemId);
317
$results = $this->handleRequest();
320
array('redirect' => array('view' => 'ecard.Confirmation', 'itemId' => (int)$itemId),
321
'status' => array('sent' => 1),
323
$results, 'Failed to send ecard');
326
function testValidationPlugin() {
328
$this->_controller->_pluginInstances = array(new AddEcardTestValidation());
330
$this->_becomeGuestUser();
331
$ret = GalleryCoreApi::addUserPermission($this->_item->getId(),
332
$gallery->getActiveUserId(), 'ecard.send');
334
return $this->failWithStatus($ret);
337
$gallery->setPlatform($this->_platform);
339
GalleryUtilities::putRequestVariable('itemId', $this->_item->getId());
340
GalleryUtilities::putRequestVariable('form[to]', 'example2@example.com');
341
GalleryUtilities::putRequestVariable('form[from]', 'example@example.com');
342
GalleryUtilities::putRequestVariable('form[fromName]', 'Unit Tester');
343
GalleryUtilities::putRequestVariable('form[text]', 'Test email');
344
GalleryUtilities::putRequestVariable('form[action][send]', 1);
346
/* Perform the request and verify validation plugin got error */
347
$results = $this->handleRequest();
348
$this->assertEquals(array('delegate' => array('view' => 'ecard.SendEcard'),
350
'error' => array('form[error][AddEcardTestValidation]')),
354
function testValidationAlternateGuest() {
356
$gallery->setConfig('anonymousUserId', $gallery->getActiveUserId());
357
$this->_controller->_pluginInstances = array(new AddEcardTestValidation());
358
$gallery->setPlatform($this->_platform);
360
GalleryUtilities::putRequestVariable('itemId', $this->_item->getId());
361
GalleryUtilities::putRequestVariable('form[to]', 'example2@example.com');
362
GalleryUtilities::putRequestVariable('form[from]', 'example@example.com');
363
GalleryUtilities::putRequestVariable('form[fromName]', 'Unit Tester');
364
GalleryUtilities::putRequestVariable('form[text]', 'Test email');
365
GalleryUtilities::putRequestVariable('form[action][send]', 1);
367
/* Perform the request and verify validation plugin got error */
368
$results = $this->handleRequest();
369
$this->assertEquals(array('delegate' => array('view' => 'ecard.SendEcard'),
371
'error' => array('form[error][AddEcardTestValidation]')),
375
function testValidationPluginOff() {
377
$this->_controller->_pluginInstances = array(new AddEcardTestValidation());
379
$ret = GalleryCoreApi::setPluginParameter('module', 'ecard', 'validation.level', 'OFF');
381
return $this->failWithStatus($ret);
383
/* Use plain format and form specified 'from' for this test */
384
$ret = GalleryCoreApi::setPluginParameter('module', 'ecard', 'format', 'plain');
386
return $this->failWithStatus($ret);
388
$ret = GalleryCoreApi::setPluginParameter('module', 'ecard', 'from', '');
390
return $this->failWithStatus($ret);
393
$this->_becomeGuestUser();
394
$ret = GalleryCoreApi::addUserPermission($this->_item->getId(),
395
$gallery->getActiveUserId(), 'ecard.send');
397
return $this->failWithStatus($ret);
399
$ret = GalleryCoreApi::addGroupPermission(
400
$this->_item->getId(), $this->_everybodyId, 'core.viewResizes');
402
return $this->failWithStatus($ret);
405
$this->_platform->setReply('file_get_contents', array('fuzzy' => '/Message.txt/'),
406
'The plaintext message: %text%');
407
$this->_platform->setReply('mail', array(
408
'example2@example.com',
410
'fuzzy1' => '/plaintext.*Test "email"(?!.*html message)/s',
411
'fuzzy2' => '/From: Unit Tester <example@example.com>/'),
413
$gallery->setPlatform($this->_platform);
415
GalleryUtilities::putRequestVariable('itemId', $this->_item->getId());
416
GalleryUtilities::putRequestVariable('form[to]', 'example2@example.com');
417
GalleryUtilities::putRequestVariable('form[from]', 'example@example.com');
418
GalleryUtilities::putRequestVariable('form[fromName]', 'Unit Tester');
419
GalleryUtilities::putRequestVariable('form[text]', 'Test "email"');
420
GalleryUtilities::putRequestVariable('form[action][send]', 1);
422
/* Perform the request and eCard sent (validation plugin skipped) */
423
$results = $this->handleRequest();
425
array('redirect' => array('view' => 'ecard.Confirmation',
426
'itemId' => (int)$this->_item->getId()),
427
'status' => array('sent' => 1),
429
$results, 'Failed to send ecard');
432
function testMaliciousContent() {
434
* Verify even in html markup mode, we don't send any user entered html.
435
* (if this changes then we'll need to use htmlSafe on content)
438
$itemId = $this->_item->getId();
440
$ret = $this->_setMarkupType('html', true);
442
return $this->failWithStatus($ret);
444
$ret = GalleryCoreApi::setPluginParameter('module', 'ecard', 'format', 'html');
446
return $this->failWithStatus($ret);
448
$ret = GalleryCoreApi::setPluginParameter('module', 'ecard', 'from', 'Bad eCard');
450
return $this->failWithStatus($ret);
453
$this->_platform->setReply('file_get_contents', array('fuzzy' => '/Message.txt/'),
454
'The plaintext message: %text%');
455
$this->_platform->setReply('file_get_contents', array('fuzzy' => '/Message.html/'),
456
'The html message: %text%');
457
$this->_platform->setReply('mail', array(
458
'sucker@example.com',
460
'fuzzy1' => '/plaintext message: Hi <script>alert.*' .
461
'html message: Hi <script>alert/s',
462
'fuzzy2' => '/From: Bad eCard/'),
464
$gallery->setPlatform($this->_platform);
466
GalleryUtilities::putRequestVariable('form[to]', 'sucker@example.com');
467
GalleryUtilities::putRequestVariable('form[from]', 'hacker@example.com');
468
GalleryUtilities::putRequestVariable('form[text]', 'Hi <script>alert(1);</script> friend');
469
GalleryUtilities::putRequestVariable('form[action][send]', 1);
470
GalleryUtilities::putRequestVariable('itemId', $itemId);
472
$results = $this->handleRequest();
474
array('redirect' => array('view' => 'ecard.Confirmation', 'itemId' => (int)$itemId),
475
'status' => array('sent' => 1),
477
$results, 'Failed to send ecard');
481
GalleryCoreApi::requireOnce('modules/core/classes/GalleryValidationPlugin.class');
482
class AddEcardTestValidation extends GalleryValidationPlugin {
483
function performValidation(&$form, $options=array()) {
485
array('form[error][AddEcardTestValidation]'), false);