function FileFieldWidgetTestCase::testTemporaryFileRemovalExploit

1 file.test FileFieldWidgetTestCase::testTemporaryFileRemovalExploit()

Tests exploiting the temporary file removal of another user using fid.

File

core/modules/file/tests/file.test, line 819: Tests for file.module.

Class

FileFieldWidgetTestCase: Tests file field widget.

Code

function testTemporaryFileRemovalExploit() {
  // Create a victim user.
  $victim_user = $this->backdropCreateUser();

  // Create an attacker user.
  $attacker_user = $this->backdropCreateUser(array(
    'access content',
    'create page content',
    'edit any page content',
  ));

  // Log in as the attacker user.
  $this->backdropLogin($attacker_user);

  // Perform tests using the newly created users.
  $this->doTestTemporaryFileRemovalExploit($victim_user->uid, $attacker_user->uid);
}