From 58a874fc5f294318eced9b58304f3cb91b26065b Mon Sep 17 00:00:00 2001
From: Chris Gross <gross.364@osu.edu>
Date: Thu, 17 Aug 2017 12:42:18 -0400
Subject: [PATCH] 7.x-1.2 Release Candidate 2

---
 profiles/wcm_base/CHANGELOG.txt               |   4 +
 .../modules/contrib/views/includes/ajax.inc   |   2 +-
 .../contrib/views/tests/views_ajax.test       | 109 ++++++++++++++++++
 .../contrib/views/tests/views_test.info       |   6 +-
 .../views/tests/views_test.views_default.inc  |  53 +++++++++
 .../wcm_base/modules/contrib/views/views.info |   7 +-
 .../modules/contrib/views/views_ui.info       |   6 +-
 profiles/wcm_base/wcm_base.make               |   2 +-
 8 files changed, 178 insertions(+), 11 deletions(-)
 create mode 100644 profiles/wcm_base/modules/contrib/views/tests/views_ajax.test

diff --git a/profiles/wcm_base/CHANGELOG.txt b/profiles/wcm_base/CHANGELOG.txt
index a282e055..e7bf9e2c 100644
--- a/profiles/wcm_base/CHANGELOG.txt
+++ b/profiles/wcm_base/CHANGELOG.txt
@@ -1,3 +1,7 @@
+WCM Base 7.x-1.2-rc2, 2017-08-17
+--------------------------------
+- WCM Base: Updated views to 7.x-3.17 per DRUPAL-SA-CONTRIB-2017-068.
+
 WCM Base 7.x-1.2-rc1, 2017-08-14
 --------------------------------
 - WCM Omega: Improved accessibility of AJAX-enabled views using aria-live.
diff --git a/profiles/wcm_base/modules/contrib/views/includes/ajax.inc b/profiles/wcm_base/modules/contrib/views/includes/ajax.inc
index 4b8825a6..90e4ca9b 100644
--- a/profiles/wcm_base/modules/contrib/views/includes/ajax.inc
+++ b/profiles/wcm_base/modules/contrib/views/includes/ajax.inc
@@ -40,7 +40,7 @@ function views_ajax() {
 
     // Load the view.
     $view = views_get_view($name);
-    if ($view && $view->access($display_id)) {
+    if ($view && $view->access($display_id) && $view->set_display($display_id) && $view->display_handler->use_ajax()) {
       // Fix 'q' for paging.
       if (!empty($path)) {
         $_GET['q'] = $path;
diff --git a/profiles/wcm_base/modules/contrib/views/tests/views_ajax.test b/profiles/wcm_base/modules/contrib/views/tests/views_ajax.test
new file mode 100644
index 00000000..3f553db4
--- /dev/null
+++ b/profiles/wcm_base/modules/contrib/views/tests/views_ajax.test
@@ -0,0 +1,109 @@
+<?php
+
+/**
+ * @file
+ * Definition of ViewsAjaxTest.
+ */
+
+/**
+ * Tests views ajax display.
+ */
+class ViewsAjaxTest extends ViewsSqlTest {
+  public static function getInfo() {
+    return array(
+      'name' => 'Ajax',
+      'description' => 'Test views with and without ajax enabled.',
+      'group' => 'Views Handlers',
+    );
+  }
+
+  public function setUp() {
+    parent::setUp('views', 'views_test');
+    // Create a second node.
+    $this->drupalCreateNode(array('type' => 'article', 'status' => NODE_PUBLISHED));
+  }
+
+  /**
+   * Perform a simple AJAX POST HTTP request.
+   *
+   * @param string $path
+   *   Drupal path where the request should be POSTed.
+   * @param string $accept
+   *   The value for the "Accept" header. Usually either 'application/json' or
+   *   'application/vnd.drupal-ajax'.
+   * @param array $post
+   *   The POST data. When making a 'application/vnd.drupal-ajax' request, the
+   *   Ajax page state data should be included. Use getAjaxPageStatePostData()
+   *   for that.
+   *
+   * @return
+   *   The content returned from the call to curl_exec().
+   */
+  public function simpleAjaxPost($path, $accept, $post = array()) {
+    $options['absolute'] = TRUE;
+    foreach ($post as $key => $value) {
+      // Encode according to application/x-www-form-urlencoded
+      // Both names and values needs to be urlencoded, according to
+      // http://www.w3.org/TR/html4/interact/forms.html#h-17.13.4.1
+      $post[$key] = urlencode($key) . '=' . urlencode($value);
+    }
+    $postfields = implode('&', $post);
+    $headers = array(
+      'Accept: ' . $accept,
+      'Content-Type: application/x-www-form-urlencoded',
+    );
+    return $this->curlExec(array(
+      CURLOPT_URL => url($path, $options),
+      CURLOPT_POST => TRUE,
+      CURLOPT_POSTFIELDS => $postfields,
+      CURLOPT_HTTPHEADER => $headers,
+    ));
+  }
+
+  /**
+   * Tests an ajax and non-ajax view.
+   */
+  public function testAjaxView() {
+    $this->drupalCreateNode();
+    $this->drupalGet('test_ajax_view');
+    $drupal_settings = $this->drupalGetSettings();
+    $this->assertTrue(isset($drupal_settings['views']['ajax_path']), 'The Ajax callback path is set in drupalSettings.');
+    $this->assertEqual(count($drupal_settings['views']['ajaxViews']), 1);
+    $view_entry = current(array_keys($drupal_settings['views']['ajaxViews']));
+    $this->assertEqual($drupal_settings['views']['ajaxViews'][$view_entry]['view_name'], 'test_ajax_view', 'The view\'s ajaxViews array entry has the correct \'view_name\' key.');
+    $this->assertEqual($drupal_settings['views']['ajaxViews'][$view_entry]['view_display_id'], 'page_1', 'The view\'s ajaxViews array entry has the correct \'view_display_id\' key.');
+
+    $post = [
+      'view_name' => 'test_ajax_view',
+      'view_display_id' => 'page_1',
+    ];
+
+    $response = $this->simpleAjaxPost('views/ajax', 'application/json', $post);
+    $data = drupal_json_decode($response);
+
+    $this->assertTrue(isset($data[0]['settings']['views']['ajaxViews']));
+
+    // Ensure that the view insert command is part of the result.
+    $this->assertEqual($data[1]['command'], 'insert');
+    $this->assertTrue(strpos($data[1]['selector'], '.view-dom-id-') === 0);
+
+    $this->drupalSetContent($data[1]['data']);
+    $result = $this->xpath('//div[contains(@class, "views-row")]');
+    $this->assertEqual(count($result), 2, 'Ensure that two items are rendered in the HTML.');
+
+    $post = [
+      'view_name' => 'test_noajax_view',
+      'view_display_id' => 'default',
+    ];
+
+    $response = $this->simpleAjaxPost('views/ajax', 'application/json', $post);
+    $data = drupal_json_decode($response);
+    // In Drupal 7 we get an ajax response with no commands instead of a 403 if
+    // the view cannot be accessed.
+    foreach ($data as $item) {
+      $this->assertIdentical('settings', $item['command']);
+      $this->assertTrue(empty($item['data']));
+    }
+  }
+
+}
diff --git a/profiles/wcm_base/modules/contrib/views/tests/views_test.info b/profiles/wcm_base/modules/contrib/views/tests/views_test.info
index b7864a8d..592df6f0 100644
--- a/profiles/wcm_base/modules/contrib/views/tests/views_test.info
+++ b/profiles/wcm_base/modules/contrib/views/tests/views_test.info
@@ -5,9 +5,9 @@ core = 7.x
 dependencies[] = views
 hidden = TRUE
 
-; Information added by Drupal.org packaging script on 2017-04-02
-version = "7.x-3.16"
+; Information added by Drupal.org packaging script on 2017-08-16
+version = "7.x-3.17"
 core = "7.x"
 project = "views"
-datestamp = "1491158591"
+datestamp = "1502903349"
 
diff --git a/profiles/wcm_base/modules/contrib/views/tests/views_test.views_default.inc b/profiles/wcm_base/modules/contrib/views/tests/views_test.views_default.inc
index 8843b26a..f19f34ad 100644
--- a/profiles/wcm_base/modules/contrib/views/tests/views_test.views_default.inc
+++ b/profiles/wcm_base/modules/contrib/views/tests/views_test.views_default.inc
@@ -1,3 +1,4 @@
+
 <?php
 
 /**
@@ -274,5 +275,57 @@ function views_test_views_default_views() {
 
   $views[$view->name] = $view;
 
+  $view = new view();
+  $view->name = 'test_ajax_view';
+  $view->description = '';
+  $view->tag = '';
+  $view->base_table = 'node';
+  $view->human_name = '';
+  $view->core = 0;
+  $view->api_version = '3.0';
+  $view->disabled = FALSE; /* Edit this to true to make a default view disabled initially */
+
+  /* Display: Master */
+  $handler = $view->new_display('default', 'Master', 'default');
+  $handler->display->display_options['use_ajax'] = TRUE;
+  $handler->display->display_options['use_more_always'] = FALSE;
+  $handler->display->display_options['access']['type'] = 'none';
+  $handler->display->display_options['cache']['type'] = 'none';
+  $handler->display->display_options['query']['type'] = 'views_query';
+  $handler->display->display_options['exposed_form']['type'] = 'basic';
+  $handler->display->display_options['pager']['type'] = 'none';
+  $handler->display->display_options['style_plugin'] = 'default';
+  $handler->display->display_options['row_plugin'] = 'node';
+
+  /* Display: Page */
+  $handler = $view->new_display('page', 'Page', 'page_1');
+  $handler->display->display_options['path'] = 'test_ajax_view';
+
+  $views[$view->name] = $view;
+
+  $view = new view();
+  $view->name = 'test_noajax_view';
+  $view->description = '';
+  $view->tag = '';
+  $view->base_table = 'node';
+  $view->human_name = '';
+  $view->core = 0;
+  $view->api_version = '3.0';
+  $view->disabled = FALSE; /* Edit this to true to make a default view disabled initially */
+
+  /* Display: Master */
+  $handler = $view->new_display('default', 'Master', 'default');
+  $handler->display->display_options['use_ajax'] = FALSE;
+  $handler->display->display_options['use_more_always'] = FALSE;
+  $handler->display->display_options['access']['type'] = 'none';
+  $handler->display->display_options['cache']['type'] = 'none';
+  $handler->display->display_options['query']['type'] = 'views_query';
+  $handler->display->display_options['exposed_form']['type'] = 'basic';
+  $handler->display->display_options['pager']['type'] = 'none';
+  $handler->display->display_options['style_plugin'] = 'default';
+  $handler->display->display_options['row_plugin'] = 'node';
+
+  $views[$view->name] = $view;
+
   return $views;
 }
diff --git a/profiles/wcm_base/modules/contrib/views/views.info b/profiles/wcm_base/modules/contrib/views/views.info
index fc903ed3..eabac635 100644
--- a/profiles/wcm_base/modules/contrib/views/views.info
+++ b/profiles/wcm_base/modules/contrib/views/views.info
@@ -301,6 +301,7 @@ files[] = tests/styles/views_plugin_style_unformatted.test
 files[] = tests/views_access.test
 files[] = tests/views_analyze.test
 files[] = tests/views_basic.test
+files[] = tests/views_ajax.test
 files[] = tests/views_argument_default.test
 files[] = tests/views_argument_validator.test
 files[] = tests/views_exposed_form.test
@@ -327,9 +328,9 @@ files[] = tests/views_cache.test
 files[] = tests/views_view.test
 files[] = tests/views_ui.test
 
-; Information added by Drupal.org packaging script on 2017-04-02
-version = "7.x-3.16"
+; Information added by Drupal.org packaging script on 2017-08-16
+version = "7.x-3.17"
 core = "7.x"
 project = "views"
-datestamp = "1491158591"
+datestamp = "1502903349"
 
diff --git a/profiles/wcm_base/modules/contrib/views/views_ui.info b/profiles/wcm_base/modules/contrib/views/views_ui.info
index 3bc37d5b..6c99a3e6 100644
--- a/profiles/wcm_base/modules/contrib/views/views_ui.info
+++ b/profiles/wcm_base/modules/contrib/views/views_ui.info
@@ -7,9 +7,9 @@ dependencies[] = views
 files[] = views_ui.module
 files[] = plugins/views_wizard/views_ui_base_views_wizard.class.php
 
-; Information added by Drupal.org packaging script on 2017-04-02
-version = "7.x-3.16"
+; Information added by Drupal.org packaging script on 2017-08-16
+version = "7.x-3.17"
 core = "7.x"
 project = "views"
-datestamp = "1491158591"
+datestamp = "1502903349"
 
diff --git a/profiles/wcm_base/wcm_base.make b/profiles/wcm_base/wcm_base.make
index 524106ea..969cabeb 100644
--- a/profiles/wcm_base/wcm_base.make
+++ b/profiles/wcm_base/wcm_base.make
@@ -159,7 +159,7 @@ projects[token][subdir] = contrib
 projects[token_filter][version] = 1.1
 projects[token_filter][subdir] = contrib
 
-projects[views][version] = 3.16
+projects[views][version] = 3.17
 projects[views][subdir] = contrib
 projects[views][patch][2037469] = http://drupal.org/files/issues/views-exposed-sorts-2037469-16.diff
 
-- 
GitLab