Mercurial > hg > cmmr2012-drupal-site
comparison core/modules/comment/tests/src/Kernel/CommentFieldAccessTest.php @ 4:a9cd425dd02b
Update, including to Drupal core 8.6.10
| author | Chris Cannam |
|---|---|
| date | Thu, 28 Feb 2019 13:11:55 +0000 |
| parents | c75dbcec494b |
| children | 12f9dff5fda9 |
comparison
equal
deleted
inserted
replaced
| 3:307d7a7fd348 | 4:a9cd425dd02b |
|---|---|
| 3 namespace Drupal\Tests\comment\Kernel; | 3 namespace Drupal\Tests\comment\Kernel; |
| 4 | 4 |
| 5 use Drupal\comment\Entity\Comment; | 5 use Drupal\comment\Entity\Comment; |
| 6 use Drupal\comment\Entity\CommentType; | 6 use Drupal\comment\Entity\CommentType; |
| 7 use Drupal\comment\Tests\CommentTestTrait; | 7 use Drupal\comment\Tests\CommentTestTrait; |
| 8 use Drupal\Component\Utility\SafeMarkup; | 8 use Drupal\Component\Render\FormattableMarkup; |
| 9 use Drupal\Core\Session\AnonymousUserSession; | 9 use Drupal\Core\Session\AnonymousUserSession; |
| 10 use Drupal\entity_test\Entity\EntityTest; | 10 use Drupal\entity_test\Entity\EntityTest; |
| 11 use Drupal\field\Entity\FieldConfig; | 11 use Drupal\field\Entity\FieldConfig; |
| 12 use Drupal\KernelTests\Core\Entity\EntityKernelTestBase; | 12 use Drupal\KernelTests\Core\Entity\EntityKernelTestBase; |
| 13 use Drupal\Tests\Traits\Core\GeneratePermutationsTrait; | 13 use Drupal\Tests\Traits\Core\GeneratePermutationsTrait; |
| 200 ]); | 200 ]); |
| 201 | 201 |
| 202 // Generate permutations. | 202 // Generate permutations. |
| 203 $combinations = [ | 203 $combinations = [ |
| 204 'comment' => [$comment1, $comment2, $comment3, $comment4], | 204 'comment' => [$comment1, $comment2, $comment3, $comment4], |
| 205 'user' => [$comment_admin_user, $comment_enabled_user, $comment_no_edit_user, $comment_disabled_user, $anonymous_user] | 205 'user' => [$comment_admin_user, $comment_enabled_user, $comment_no_edit_user, $comment_disabled_user, $anonymous_user], |
| 206 ]; | 206 ]; |
| 207 $permutations = $this->generatePermutations($combinations); | 207 $permutations = $this->generatePermutations($combinations); |
| 208 | 208 |
| 209 // Check access to administrative fields. | 209 // Check access to administrative fields. |
| 210 foreach ($this->administrativeFields as $field) { | 210 foreach ($this->administrativeFields as $field) { |
| 211 foreach ($permutations as $set) { | 211 foreach ($permutations as $set) { |
| 212 $may_view = $set['comment']->{$field}->access('view', $set['user']); | 212 $may_view = $set['comment']->{$field}->access('view', $set['user']); |
| 213 $may_update = $set['comment']->{$field}->access('edit', $set['user']); | 213 $may_update = $set['comment']->{$field}->access('edit', $set['user']); |
| 214 $this->assertTrue($may_view, SafeMarkup::format('User @user can view field @field on comment @comment', [ | 214 $this->assertTrue($may_view, new FormattableMarkup('User @user can view field @field on comment @comment', [ |
| 215 '@user' => $set['user']->getUsername(), | 215 '@user' => $set['user']->getUsername(), |
| 216 '@comment' => $set['comment']->getSubject(), | 216 '@comment' => $set['comment']->getSubject(), |
| 217 '@field' => $field, | 217 '@field' => $field, |
| 218 ])); | 218 ])); |
| 219 $this->assertEqual($may_update, $set['user']->hasPermission('administer comments'), SafeMarkup::format('User @user @state update field @field on comment @comment', [ | 219 $this->assertEqual($may_update, $set['user']->hasPermission('administer comments'), new FormattableMarkup('User @user @state update field @field on comment @comment', [ |
| 220 '@user' => $set['user']->getUsername(), | 220 '@user' => $set['user']->getUsername(), |
| 221 '@state' => $may_update ? 'can' : 'cannot', | 221 '@state' => $may_update ? 'can' : 'cannot', |
| 222 '@comment' => $set['comment']->getSubject(), | 222 '@comment' => $set['comment']->getSubject(), |
| 223 '@field' => $field, | 223 '@field' => $field, |
| 224 ])); | 224 ])); |
| 226 } | 226 } |
| 227 | 227 |
| 228 // Check access to normal field. | 228 // Check access to normal field. |
| 229 foreach ($permutations as $set) { | 229 foreach ($permutations as $set) { |
| 230 $may_update = $set['comment']->access('update', $set['user']) && $set['comment']->subject->access('edit', $set['user']); | 230 $may_update = $set['comment']->access('update', $set['user']) && $set['comment']->subject->access('edit', $set['user']); |
| 231 $this->assertEqual($may_update, $set['user']->hasPermission('administer comments') || ($set['user']->hasPermission('edit own comments') && $set['user']->id() == $set['comment']->getOwnerId()), SafeMarkup::format('User @user @state update field subject on comment @comment', [ | 231 $this->assertEqual($may_update, $set['user']->hasPermission('administer comments') || ($set['user']->hasPermission('edit own comments') && $set['user']->id() == $set['comment']->getOwnerId()), new FormattableMarkup('User @user @state update field subject on comment @comment', [ |
| 232 '@user' => $set['user']->getUsername(), | 232 '@user' => $set['user']->getUsername(), |
| 233 '@state' => $may_update ? 'can' : 'cannot', | 233 '@state' => $may_update ? 'can' : 'cannot', |
| 234 '@comment' => $set['comment']->getSubject(), | 234 '@comment' => $set['comment']->getSubject(), |
| 235 ])); | 235 ])); |
| 236 } | 236 } |
| 248 } | 248 } |
| 249 else { | 249 else { |
| 250 $view_access = TRUE; | 250 $view_access = TRUE; |
| 251 $state = 'can'; | 251 $state = 'can'; |
| 252 } | 252 } |
| 253 $this->assertEqual($may_view, $view_access, SafeMarkup::format('User @user @state view field @field on comment @comment', [ | 253 $this->assertEqual($may_view, $view_access, new FormattableMarkup('User @user @state view field @field on comment @comment', [ |
| 254 '@user' => $set['user']->getUsername(), | 254 '@user' => $set['user']->getUsername(), |
| 255 '@comment' => $set['comment']->getSubject(), | 255 '@comment' => $set['comment']->getSubject(), |
| 256 '@field' => $field, | 256 '@field' => $field, |
| 257 '@state' => $state, | 257 '@state' => $state, |
| 258 ])); | 258 ])); |
| 259 $this->assertFalse($may_update, SafeMarkup::format('User @user @state update field @field on comment @comment', [ | 259 $this->assertFalse($may_update, new FormattableMarkup('User @user @state update field @field on comment @comment', [ |
| 260 '@user' => $set['user']->getUsername(), | 260 '@user' => $set['user']->getUsername(), |
| 261 '@state' => $may_update ? 'can' : 'cannot', | 261 '@state' => $may_update ? 'can' : 'cannot', |
| 262 '@comment' => $set['comment']->getSubject(), | 262 '@comment' => $set['comment']->getSubject(), |
| 263 '@field' => $field, | 263 '@field' => $field, |
| 264 ])); | 264 ])); |
| 269 foreach ($this->createOnlyFields as $field) { | 269 foreach ($this->createOnlyFields as $field) { |
| 270 // Check view operation. | 270 // Check view operation. |
| 271 foreach ($permutations as $set) { | 271 foreach ($permutations as $set) { |
| 272 $may_view = $set['comment']->{$field}->access('view', $set['user']); | 272 $may_view = $set['comment']->{$field}->access('view', $set['user']); |
| 273 $may_update = $set['comment']->{$field}->access('edit', $set['user']); | 273 $may_update = $set['comment']->{$field}->access('edit', $set['user']); |
| 274 $this->assertEqual($may_view, TRUE, SafeMarkup::format('User @user can view field @field on comment @comment', [ | 274 $this->assertEqual($may_view, TRUE, new FormattableMarkup('User @user can view field @field on comment @comment', [ |
| 275 '@user' => $set['user']->getUsername(), | 275 '@user' => $set['user']->getUsername(), |
| 276 '@comment' => $set['comment']->getSubject(), | 276 '@comment' => $set['comment']->getSubject(), |
| 277 '@field' => $field, | 277 '@field' => $field, |
| 278 ])); | 278 ])); |
| 279 $this->assertEqual($may_update, $set['user']->hasPermission('post comments') && $set['comment']->isNew(), SafeMarkup::format('User @user @state update field @field on comment @comment', [ | 279 $this->assertEqual($may_update, $set['user']->hasPermission('post comments') && $set['comment']->isNew(), new FormattableMarkup('User @user @state update field @field on comment @comment', [ |
| 280 '@user' => $set['user']->getUsername(), | 280 '@user' => $set['user']->getUsername(), |
| 281 '@state' => $may_update ? 'can' : 'cannot', | 281 '@state' => $may_update ? 'can' : 'cannot', |
| 282 '@comment' => $set['comment']->getSubject(), | 282 '@comment' => $set['comment']->getSubject(), |
| 283 '@field' => $field, | 283 '@field' => $field, |
| 284 ])); | 284 ])); |
| 296 $this->assertEqual($may_update, $set['user']->hasPermission('administer comments') || ( | 296 $this->assertEqual($may_update, $set['user']->hasPermission('administer comments') || ( |
| 297 $set['user']->isAnonymous() && | 297 $set['user']->isAnonymous() && |
| 298 $set['comment']->isNew() && | 298 $set['comment']->isNew() && |
| 299 $set['user']->hasPermission('post comments') && | 299 $set['user']->hasPermission('post comments') && |
| 300 $set['comment']->getFieldName() == 'comment_other' | 300 $set['comment']->getFieldName() == 'comment_other' |
| 301 ), SafeMarkup::format('User @user @state update field @field on comment @comment', [ | 301 ), new FormattableMarkup('User @user @state update field @field on comment @comment', [ |
| 302 '@user' => $set['user']->getUsername(), | 302 '@user' => $set['user']->getUsername(), |
| 303 '@state' => $may_update ? 'can' : 'cannot', | 303 '@state' => $may_update ? 'can' : 'cannot', |
| 304 '@comment' => $set['comment']->getSubject(), | 304 '@comment' => $set['comment']->getSubject(), |
| 305 '@field' => $field, | 305 '@field' => $field, |
| 306 ])); | 306 ])); |