|
Chris@5
|
1 <?php
|
|
Chris@5
|
2
|
|
Chris@5
|
3 namespace Drupal\Tests\node\Functional;
|
|
Chris@5
|
4
|
|
Chris@5
|
5 use Drupal\Core\Url;
|
|
Chris@5
|
6 use Drupal\Tests\system\Functional\Cache\AssertPageCacheContextsAndTagsTrait;
|
|
Chris@5
|
7
|
|
Chris@5
|
8 /**
|
|
Chris@5
|
9 * Tests the node access automatic cacheability bubbling logic.
|
|
Chris@5
|
10 *
|
|
Chris@5
|
11 * @group node
|
|
Chris@5
|
12 * @group Cache
|
|
Chris@5
|
13 * @group cacheability_safeguards
|
|
Chris@5
|
14 */
|
|
Chris@5
|
15 class NodeAccessCacheabilityTest extends NodeTestBase {
|
|
Chris@5
|
16
|
|
Chris@5
|
17 use AssertPageCacheContextsAndTagsTrait;
|
|
Chris@5
|
18
|
|
Chris@5
|
19 /**
|
|
Chris@5
|
20 * Modules to enable.
|
|
Chris@5
|
21 *
|
|
Chris@5
|
22 * @var array
|
|
Chris@5
|
23 */
|
|
Chris@5
|
24 public static $modules = ['node_access_test', 'node_access_test_auto_bubbling'];
|
|
Chris@5
|
25
|
|
Chris@5
|
26 /**
|
|
Chris@5
|
27 * {@inheritdoc}
|
|
Chris@5
|
28 */
|
|
Chris@5
|
29 protected function setUp() {
|
|
Chris@5
|
30 parent::setUp();
|
|
Chris@5
|
31
|
|
Chris@5
|
32 node_access_rebuild();
|
|
Chris@5
|
33
|
|
Chris@5
|
34 // Create some content.
|
|
Chris@5
|
35 $this->drupalCreateNode();
|
|
Chris@5
|
36 $this->drupalCreateNode();
|
|
Chris@5
|
37 $this->drupalCreateNode();
|
|
Chris@5
|
38 $this->drupalCreateNode();
|
|
Chris@5
|
39 }
|
|
Chris@5
|
40
|
|
Chris@5
|
41 /**
|
|
Chris@5
|
42 * Tests that the node grants cache context is auto-added, only when needed.
|
|
Chris@5
|
43 *
|
|
Chris@5
|
44 * @see node_query_node_access_alter()
|
|
Chris@5
|
45 */
|
|
Chris@5
|
46 public function testNodeAccessCacheabilitySafeguard() {
|
|
Chris@5
|
47 $this->dumpHeaders = TRUE;
|
|
Chris@5
|
48
|
|
Chris@5
|
49 // The node grants cache context should be added automatically.
|
|
Chris@5
|
50 $this->drupalGet(new Url('node_access_test_auto_bubbling'));
|
|
Chris@5
|
51 $this->assertCacheContext('user.node_grants:view');
|
|
Chris@5
|
52
|
|
Chris@5
|
53 // The root user has the 'bypass node access' permission, which means the
|
|
Chris@5
|
54 // node grants cache context is not necessary.
|
|
Chris@5
|
55 $this->drupalLogin($this->rootUser);
|
|
Chris@5
|
56 $this->drupalGet(new Url('node_access_test_auto_bubbling'));
|
|
Chris@5
|
57 $this->assertNoCacheContext('user.node_grants:view');
|
|
Chris@5
|
58 $this->drupalLogout();
|
|
Chris@5
|
59
|
|
Chris@5
|
60 // Uninstall the module with the only hook_node_grants() implementation.
|
|
Chris@5
|
61 $this->container->get('module_installer')->uninstall(['node_access_test']);
|
|
Chris@5
|
62 $this->rebuildContainer();
|
|
Chris@5
|
63
|
|
Chris@5
|
64 // Because there are no node grants defined, there also is no need for the
|
|
Chris@5
|
65 // node grants cache context to be bubbled.
|
|
Chris@5
|
66 $this->drupalGet(new Url('node_access_test_auto_bubbling'));
|
|
Chris@5
|
67 $this->assertNoCacheContext('user.node_grants:view');
|
|
Chris@5
|
68 }
|
|
Chris@5
|
69
|
|
Chris@5
|
70 /**
|
|
Chris@5
|
71 * Tests that the user cache contexts are correctly set.
|
|
Chris@5
|
72 */
|
|
Chris@5
|
73 public function testNodeAccessCacheContext() {
|
|
Chris@5
|
74 // Create a user, with edit/delete own content permission.
|
|
Chris@5
|
75 $test_user1 = $this->drupalCreateUser([
|
|
Chris@5
|
76 'access content',
|
|
Chris@5
|
77 'edit own page content',
|
|
Chris@5
|
78 'delete own page content',
|
|
Chris@5
|
79 ]);
|
|
Chris@5
|
80
|
|
Chris@5
|
81 $this->drupalLogin($test_user1);
|
|
Chris@5
|
82
|
|
Chris@5
|
83 $node1 = $this->createNode(['type' => 'page']);
|
|
Chris@5
|
84
|
|
Chris@5
|
85 // User should be able to edit/delete their own content.
|
|
Chris@5
|
86 // Therefore after the access check in node_node_access the user cache
|
|
Chris@5
|
87 // context should be added.
|
|
Chris@5
|
88 $this->drupalGet('node/' . $node1->id() . '/edit');
|
|
Chris@5
|
89 $this->assertCacheContext('user');
|
|
Chris@5
|
90 $this->drupalGet('node/' . $node1->id() . '/delete');
|
|
Chris@5
|
91 $this->assertCacheContext('user');
|
|
Chris@5
|
92
|
|
Chris@5
|
93 // Create a user without edit/delete permission.
|
|
Chris@5
|
94 $test_user2 = $this->drupalCreateUser([
|
|
Chris@5
|
95 'access content',
|
|
Chris@5
|
96 ]);
|
|
Chris@5
|
97
|
|
Chris@5
|
98 $this->drupalLogin($test_user2);
|
|
Chris@5
|
99
|
|
Chris@5
|
100 $node2 = $this->createNode(['type' => 'page']);
|
|
Chris@5
|
101
|
|
Chris@5
|
102 // The user shouldn't have access to the node edit/delete pages.
|
|
Chris@5
|
103 // Therefore after the access check in node_node_access the user permissions
|
|
Chris@5
|
104 // cache context should be added.
|
|
Chris@5
|
105 $this->drupalGet('node/' . $node2->id() . '/edit');
|
|
Chris@5
|
106 $this->assertCacheContext('user.permissions');
|
|
Chris@5
|
107 $this->drupalGet('node/' . $node2->id() . '/delete');
|
|
Chris@5
|
108 $this->assertCacheContext('user.permissions');
|
|
Chris@5
|
109 }
|
|
Chris@5
|
110
|
|
Chris@5
|
111 }
|
