From f635aa981147a12bc4ff985e5e8ea173933f1b79 Mon Sep 17 00:00:00 2001 From: Robbie Averill Date: Fri, 13 Jul 2018 15:09:14 +1200 Subject: [PATCH 1/3] Add subsite switching behat tests and a test that shows a UI bug in publishing --- .editorconfig | 2 +- .../behat/features/preview-navigation.feature | 46 ++++++++++--------- tests/behat/features/publish-a-page.feature | 25 ++++++++++ tests/behat/features/select-a-subsite.feature | 22 +++++++++ 4 files changed, 72 insertions(+), 23 deletions(-) create mode 100644 tests/behat/features/publish-a-page.feature create mode 100644 tests/behat/features/select-a-subsite.feature diff --git a/.editorconfig b/.editorconfig index babe7db..0d257c8 100644 --- a/.editorconfig +++ b/.editorconfig @@ -13,7 +13,7 @@ trim_trailing_whitespace = true [*.md] trim_trailing_whitespace = false -[*.yml] +[*.{yml,feature}] indent_size = 2 [{.travis.yml,package.json,composer.json}] diff --git a/tests/behat/features/preview-navigation.feature b/tests/behat/features/preview-navigation.feature index afc5d65..81492ac 100644 --- a/tests/behat/features/preview-navigation.feature +++ b/tests/behat/features/preview-navigation.feature @@ -1,25 +1,27 @@ Feature: Preview navigation - As a CMS user - I can navigate a subsite in the preview pane - In order to preview my content + As a CMS user + I can navigate a subsite in the preview pane + In order to preview my content - Background: - Given a "subsite" "My subsite" - And a "page" "My page" with "URLSegment"="my-page", "Content"="My page content anameahref" and "Subsite"="=>SilverStripe\Subsites\Model\Subsite.My subsite" - And a "page" "Other page" with "URLSegment"="other-page", "Content"="Other page content Goto my page>" and "Subsite"="=>SilverStripe\Subsites\Model\Subsite.My subsite" - Given a "member" "Joe" belonging to "Admin Group" with "Email"="joe@test.com" and "Password"="Password1" - And the "group" "Admin Group" has permissions "Full administrative rights" - And I log in with "joe@test.com" and "Password1" + Background: + Given a "subsite" "My subsite" + And a "page" "My page" with "URLSegment"="my-page", "Content"="My page content anameahref" and "Subsite"="=>SilverStripe\Subsites\Model\Subsite.My subsite" + And a "page" "Other page" with "URLSegment"="other-page", "Content"="Other page content Goto my page>" and "Subsite"="=>SilverStripe\Subsites\Model\Subsite.My subsite" + Given a "member" "Joe" belonging to "Admin Group" with "Email"="joe@test.com" and "Password"="Password1" + And the "group" "Admin Group" has permissions "Full administrative rights" + And I log in with "joe@test.com" and "Password1" - @javascript - Scenario: I can navigate the subsite preview - When I go to "admin" - And I select "My subsite" from "SubsitesSelect" - And I go to "admin/pages" - And I click on "My page" in the tree - And I set the CMS mode to "Preview mode" - And I follow "ahref" in preview - Then the preview contains "Other page content" - # We are already on the second page, follow a link to return to first one. - And I follow "Goto my page" in preview - Then the preview contains "My page content" + @javascript + Scenario: I can navigate the subsite preview + When I go to "admin" + And I select "My subsite" from "SubsitesSelect" + And I go to "admin/pages" + And I click on "My page" in the tree + And I set the CMS mode to "Preview mode" + And I follow "ahref" in preview + And I wait for 1 second + Then the preview contains "Other page content" + # We are already on the second page, follow a link to return to first one. + And I follow "Goto my page" in preview + And I wait for 1 second + Then the preview contains "My page content" diff --git a/tests/behat/features/publish-a-page.feature b/tests/behat/features/publish-a-page.feature new file mode 100644 index 0000000..ad0afc8 --- /dev/null +++ b/tests/behat/features/publish-a-page.feature @@ -0,0 +1,25 @@ +Feature: Publish a page + As a CMS user + I can author pages in a new subsite + So that I can separate my website content by site + + Background: + Given a "subsite" "Subsite B" + And a "page" "My page" with "URLSegment"="my-page", "Content"="My page content" + And I am logged in with "ADMIN" permissions + Then I go to "admin/pages" + + @javascript + Scenario: I can publish a new page + Given I select "Subsite B" from "SubsitesSelect" + When I press the "Add new" button + And I press the "Create" button + And I set the CMS mode to "Edit mode" + And I fill in the "Content" HTML field with "

Some test content

" + Then I should see a "Publish" button + And I should not see a "Published" button + + When I press the "Publish" button + And I wait for 3 seconds + Then I should see a "Published" button + And I should see a "Saved" button diff --git a/tests/behat/features/select-a-subsite.feature b/tests/behat/features/select-a-subsite.feature new file mode 100644 index 0000000..da72a2e --- /dev/null +++ b/tests/behat/features/select-a-subsite.feature @@ -0,0 +1,22 @@ +@javascript +Feature: Select a subsite + As a CMS user + I want to be able to select a subsite + So that I can edit content for a specific subsite + + Background: + Given a "subsite" "Subsite B" + And a "subsite" "Subsite B" + And a "page" "My page" with "URLSegment"="my-page", "Content"="My page content" + And I am logged in with "ADMIN" permissions + Then I go to "admin/pages" + + Scenario: Default site contains default pages + When I select "Main site" from "SubsitesSelect" + And I go to "admin/pages" + Then I should see "My page" in the tree + + Scenario: I can switch to another subsite + When I select "Subsite B" from "SubsitesSelect" + And I go to "admin/pages" + Then I should not see "My page" in the tree From 191c63bd9b2e7bd6c3ebe71af9980b09d6433e4a Mon Sep 17 00:00:00 2001 From: Robbie Averill Date: Fri, 13 Jul 2018 16:31:10 +1200 Subject: [PATCH 2/3] Remove extra subsite fixture definition --- tests/behat/features/select-a-subsite.feature | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/behat/features/select-a-subsite.feature b/tests/behat/features/select-a-subsite.feature index da72a2e..1b183d1 100644 --- a/tests/behat/features/select-a-subsite.feature +++ b/tests/behat/features/select-a-subsite.feature @@ -6,7 +6,6 @@ Feature: Select a subsite Background: Given a "subsite" "Subsite B" - And a "subsite" "Subsite B" And a "page" "My page" with "URLSegment"="my-page", "Content"="My page content" And I am logged in with "ADMIN" permissions Then I go to "admin/pages" From 4b6804eaabe26516069ca16063b9bef45107d9f3 Mon Sep 17 00:00:00 2001 From: Robbie Averill Date: Mon, 16 Jul 2018 11:22:58 +1200 Subject: [PATCH 3/3] [SS-2018-016] Group table name is escaped to prevent possibility of SQL injection --- src/Extensions/GroupSubsites.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Extensions/GroupSubsites.php b/src/Extensions/GroupSubsites.php index 3251a89..2e583f1 100644 --- a/src/Extensions/GroupSubsites.php +++ b/src/Extensions/GroupSubsites.php @@ -47,7 +47,7 @@ class GroupSubsites extends DataExtension implements PermissionProvider } // Migration for Group.SubsiteID data from when Groups only had a single subsite $schema = DataObject::getSchema(); - $groupTable = $schema->tableName(Group::class); + $groupTable = Convert::raw2sql($schema->tableName(Group::class)); $groupFields = DB::field_list($groupTable); // Detection of SubsiteID field is the trigger for old-style-subsiteID migration