3 /*********************************************************************************
4 * SugarCRM Community Edition is a customer relationship management program developed by
5 * SugarCRM, Inc. Copyright (C) 2004-2013 SugarCRM Inc.
7 * This program is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU Affero General Public License version 3 as published by the
9 * Free Software Foundation with the addition of the following permission added
10 * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
11 * IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
12 * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
14 * This program is distributed in the hope that it will be useful, but WITHOUT
15 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
16 * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
19 * You should have received a copy of the GNU Affero General Public License along with
20 * this program; if not, see http://www.gnu.org/licenses or write to the Free
21 * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
24 * You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
25 * SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
27 * The interactive user interfaces in modified source and object code versions
28 * of this program must display Appropriate Legal Notices, as required under
29 * Section 5 of the GNU Affero General Public License version 3.
31 * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
32 * these Appropriate Legal Notices must retain the display of the "Powered by
33 * SugarCRM" logo. If the display of the logo is not reasonably feasible for
34 * technical reasons, the Appropriate Legal Notices must display the words
35 * "Powered by SugarCRM".
36 ********************************************************************************/
39 class Bug44831Test extends Sugar_PHPUnit_Framework_OutputTestCase
41 public function setUp()
43 $GLOBALS['current_user'] = SugarTestUserUtilities::createAnonymousUser();
44 $GLOBALS['app_list_strings'] = return_app_list_strings_language($GLOBALS['current_language']);
45 $GLOBALS['app_strings'] = return_application_language($GLOBALS['current_language']);
47 // Create a Custom editviewdefs.php
48 sugar_mkdir("custom/modules/Leads/metadata/",null,true);
50 if ( is_dir("cache/modules/Leads") )
51 rmdir_recursive("cache/modules/Leads");
53 if (file_exists("custom/modules/Leads/metadata/editviewdefs.php"))
54 unlink("custom/modules/Leads/metadata/editviewdefs.php");
56 // Create a very simple custom EditView Layout
57 if( $fh = @fopen("custom/modules/Leads/metadata/editviewdefs.php", 'w+') )
61 \$viewdefs['Leads']['EditView'] = array('templateMeta' => array (
62 'form' => array('buttons' => array ('SAVE', 'CANCEL'),
63 'hidden' => array ('<a>HiddenPlaceHolder</a>',
68 'widths' => array( array ('label' => '10', 'field' => '30'),
69 array ('label' => '10', 'field' => '30'),
71 'javascript' => array( array ('file' => 'custom/modules/Leads/javascript/LeadJS1.js'),
72 array ('file' => 'custom/modules/Leads/javascript/LeadJS2.js'),
75 'panels' => array ('default' => array (0 => array (0 => array ('name' => 'first_name',
77 1 => array ('name' => 'last_name',
80 1 => array (0 => array ('name' => 'unknown_field',
81 'customCode' => '<a href="#">Unknown Field Link</a>',
96 public function tearDown()
98 if ( is_dir("cache/modules/Leads") )
99 rmdir_recursive("cache/modules/Leads");
101 if (file_exists("custom/modules/Leads/metadata/editviewdefs.php"))
102 unlink("custom/modules/Leads/metadata/editviewdefs.php");
104 SugarTestUserUtilities::removeAllCreatedAnonymousUsers();
105 unset($GLOBALS['app_list_strings']);
106 unset($GLOBALS['current_user']);
107 unset($_SERVER['REQUEST_METHOD']);
113 public function testJSInjection()
115 $this->markTestIncomplete('Marked as skipped for now... too problematic');
117 require_once('include/utils/layout_utils.php');
118 $_SERVER['REQUEST_METHOD'] = "POST";
120 $lead = SugarTestLeadUtilities::createLead();
121 $lead->name = 'LeadName';
124 $_REQUEST['module'] = 'Leads';
125 $_REQUEST['action'] = 'EditView';
126 $_REQUEST['record'] = $lead->id;
128 require_once('include/MVC/Controller/ControllerFactory.php');
129 require_once('include/MVC/View/ViewFactory.php');
130 $GLOBALS['app']->controller = ControllerFactory::getController($_REQUEST['module']);
132 $GLOBALS['app']->controller->execute();
133 //$tStr = ob_get_clean();
135 // First of all, need to be sure that I'm actually dealing with my new custom DetailView Layout
136 $this->expectOutputRegex('/.*HiddenPlaceHolder.*/');
137 // Then check inclusion of LeadJS1.js
138 $this->expectOutputRegex('/.*<script src=\"custom\/modules\/Leads\/javascript\/LeadJS1\.js.*\"><\/script>.*/');
139 // Then check inclusion of LeadJS2.js
140 $this->expectOutputRegex('/.*<script src=\"custom\/modules\/Leads\/javascript\/LeadJS2\.js.*\"><\/script>.*/');
142 //unset($GLOBALS['app']->controller);
143 unset($_REQUEST['module']);
144 unset($_REQUEST['action']);
145 unset($_REQUEST['record']);
146 SugarTestLeadUtilities::removeAllCreatedLeads();