Mercurial > hg > isophonics-drupal-site

annotate core/modules/taxonomy/tests/src/Functional/VocabularyPermissionsTest.php @ 14:1fec387a4317

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update Drupal core to 8.5.2 via Composer
author Chris Cannam
date Mon, 23 Apr 2018 09:46:53 +0100
parents 4c8ae668cc8c
children c2387f117808
rev   line source
Chris@0 1 <?php
Chris@0 2
Chris@0 3 namespace Drupal\Tests\taxonomy\Functional;
Chris@0 4
Chris@14 5 use Drupal\Component\Utility\Unicode;
Chris@14 6
Chris@0 7 /**
Chris@0 8 * Tests the taxonomy vocabulary permissions.
Chris@0 9 *
Chris@0 10 * @group taxonomy
Chris@0 11 */
Chris@0 12 class VocabularyPermissionsTest extends TaxonomyTestBase {
Chris@0 13
Chris@14 14 /**
Chris@14 15 * Modules to enable.
Chris@14 16 *
Chris@14 17 * @var array
Chris@14 18 */
Chris@14 19 public static $modules = ['help'];
Chris@14 20
Chris@0 21 protected function setUp() {
Chris@0 22 parent::setUp();
Chris@0 23
Chris@0 24 $this->drupalPlaceBlock('page_title_block');
Chris@14 25 $this->drupalPlaceBlock('local_actions_block');
Chris@14 26 $this->drupalPlaceBlock('help_block');
Chris@14 27 }
Chris@14 28
Chris@14 29 /**
Chris@14 30 * Create, edit and delete a vocabulary via the user interface.
Chris@14 31 */
Chris@14 32 public function testVocabularyPermissionsVocabulary() {
Chris@14 33 // VocabularyTest.php already tests for user with "administer taxonomy"
Chris@14 34 // permission.
Chris@14 35
Chris@14 36 // Test as user without proper permissions.
Chris@14 37 $authenticated_user = $this->drupalCreateUser([]);
Chris@14 38 $this->drupalLogin($authenticated_user);
Chris@14 39
Chris@14 40 $assert_session = $this->assertSession();
Chris@14 41
Chris@14 42 // Visit the main taxonomy administration page.
Chris@14 43 $this->drupalGet('admin/structure/taxonomy');
Chris@14 44 $assert_session->statusCodeEquals(403);
Chris@14 45
Chris@14 46 // Test as user with "access taxonomy overview" permissions.
Chris@14 47 $proper_user = $this->drupalCreateUser(['access taxonomy overview']);
Chris@14 48 $this->drupalLogin($proper_user);
Chris@14 49
Chris@14 50 // Visit the main taxonomy administration page.
Chris@14 51 $this->drupalGet('admin/structure/taxonomy');
Chris@14 52 $assert_session->statusCodeEquals(200);
Chris@14 53 $assert_session->pageTextContains('Vocabulary name');
Chris@14 54 $assert_session->linkNotExists('Add vocabulary');
Chris@14 55 }
Chris@14 56
Chris@14 57 /**
Chris@14 58 * Test the vocabulary overview permission.
Chris@14 59 */
Chris@14 60 public function testTaxonomyVocabularyOverviewPermissions() {
Chris@14 61 // Create two vocabularies, one with two terms, the other without any term.
Chris@14 62 /** @var \Drupal\taxonomy\Entity\Vocabulary $vocabulary1 , $vocabulary2 */
Chris@14 63 $vocabulary1 = $this->createVocabulary();
Chris@14 64 $vocabulary2 = $this->createVocabulary();
Chris@14 65 $vocabulary1_id = $vocabulary1->id();
Chris@14 66 $vocabulary2_id = $vocabulary2->id();
Chris@14 67 $this->createTerm($vocabulary1);
Chris@14 68 $this->createTerm($vocabulary1);
Chris@14 69
Chris@14 70 // Assert expected help texts on first vocabulary.
Chris@14 71 $edit_help_text = t('You can reorganize the terms in @capital_name using their drag-and-drop handles, and group terms under a parent term by sliding them under and to the right of the parent.', ['@capital_name' => Unicode::ucfirst($vocabulary1->label())]);
Chris@14 72 $no_edit_help_text = t('@capital_name contains the following terms.', ['@capital_name' => Unicode::ucfirst($vocabulary1->label())]);
Chris@14 73
Chris@14 74 $assert_session = $this->assertSession();
Chris@14 75
Chris@14 76 // Logged in as admin user with 'administer taxonomy' permission.
Chris@14 77 $admin_user = $this->drupalCreateUser(['administer taxonomy']);
Chris@14 78 $this->drupalLogin($admin_user);
Chris@14 79 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
Chris@14 80 $assert_session->statusCodeEquals(200);
Chris@14 81 $assert_session->linkExists('Edit');
Chris@14 82 $assert_session->linkExists('Delete');
Chris@14 83 $assert_session->linkExists('Add term');
Chris@14 84 $assert_session->buttonExists('Save');
Chris@14 85 $assert_session->pageTextContains('Weight');
Chris@14 86 $assert_session->pageTextContains($edit_help_text);
Chris@14 87
Chris@14 88 // Visit vocabulary overview without terms. 'Add term' should be shown.
Chris@14 89 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
Chris@14 90 $assert_session->statusCodeEquals(200);
Chris@14 91 $assert_session->pageTextContains('No terms available');
Chris@14 92 $assert_session->linkExists('Add term');
Chris@14 93
Chris@14 94 // Login as a user without any of the required permissions.
Chris@14 95 $no_permission_user = $this->drupalCreateUser();
Chris@14 96 $this->drupalLogin($no_permission_user);
Chris@14 97 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
Chris@14 98 $assert_session->statusCodeEquals(403);
Chris@14 99 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
Chris@14 100 $assert_session->statusCodeEquals(403);
Chris@14 101
Chris@14 102 // Log in as a user with only the overview permission, neither edit nor
Chris@14 103 // delete operations must be available and no Save button.
Chris@14 104 $overview_only_user = $this->drupalCreateUser(['access taxonomy overview']);
Chris@14 105 $this->drupalLogin($overview_only_user);
Chris@14 106 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
Chris@14 107 $assert_session->statusCodeEquals(200);
Chris@14 108 $assert_session->linkNotExists('Edit');
Chris@14 109 $assert_session->linkNotExists('Delete');
Chris@14 110 $assert_session->buttonNotExists('Save');
Chris@14 111 $assert_session->pageTextNotContains('Weight');
Chris@14 112 $assert_session->linkNotExists('Add term');
Chris@14 113 $assert_session->pageTextContains($no_edit_help_text);
Chris@14 114
Chris@14 115 // Visit vocabulary overview without terms. 'Add term' should not be shown.
Chris@14 116 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
Chris@14 117 $assert_session->statusCodeEquals(200);
Chris@14 118 $assert_session->pageTextContains('No terms available');
Chris@14 119 $assert_session->linkNotExists('Add term');
Chris@14 120
Chris@14 121 // Login as a user with permission to edit terms, only edit link should be
Chris@14 122 // visible.
Chris@14 123 $edit_user = $this->createUser([
Chris@14 124 'access taxonomy overview',
Chris@14 125 'edit terms in ' . $vocabulary1_id,
Chris@14 126 'edit terms in ' . $vocabulary2_id,
Chris@14 127 ]);
Chris@14 128 $this->drupalLogin($edit_user);
Chris@14 129 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
Chris@14 130 $assert_session->statusCodeEquals(200);
Chris@14 131 $assert_session->linkExists('Edit');
Chris@14 132 $assert_session->linkNotExists('Delete');
Chris@14 133 $assert_session->buttonExists('Save');
Chris@14 134 $assert_session->pageTextContains('Weight');
Chris@14 135 $assert_session->linkNotExists('Add term');
Chris@14 136 $assert_session->pageTextContains($edit_help_text);
Chris@14 137
Chris@14 138 // Visit vocabulary overview without terms. 'Add term' should not be shown.
Chris@14 139 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
Chris@14 140 $assert_session->statusCodeEquals(200);
Chris@14 141 $assert_session->pageTextContains('No terms available');
Chris@14 142 $assert_session->linkNotExists('Add term');
Chris@14 143
Chris@14 144 // Login as a user with permission only to delete terms.
Chris@14 145 $edit_delete_user = $this->createUser([
Chris@14 146 'access taxonomy overview',
Chris@14 147 'delete terms in ' . $vocabulary1_id,
Chris@14 148 'delete terms in ' . $vocabulary2_id,
Chris@14 149 ]);
Chris@14 150 $this->drupalLogin($edit_delete_user);
Chris@14 151 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
Chris@14 152 $assert_session->statusCodeEquals(200);
Chris@14 153 $assert_session->linkNotExists('Edit');
Chris@14 154 $assert_session->linkExists('Delete');
Chris@14 155 $assert_session->linkNotExists('Add term');
Chris@14 156 $assert_session->buttonNotExists('Save');
Chris@14 157 $assert_session->pageTextNotContains('Weight');
Chris@14 158 $assert_session->pageTextContains($no_edit_help_text);
Chris@14 159
Chris@14 160 // Visit vocabulary overview without terms. 'Add term' should not be shown.
Chris@14 161 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
Chris@14 162 $assert_session->statusCodeEquals(200);
Chris@14 163 $assert_session->pageTextContains('No terms available');
Chris@14 164 $assert_session->linkNotExists('Add term');
Chris@14 165
Chris@14 166 // Login as a user with permission to edit and delete terms.
Chris@14 167 $edit_delete_user = $this->createUser([
Chris@14 168 'access taxonomy overview',
Chris@14 169 'edit terms in ' . $vocabulary1_id,
Chris@14 170 'delete terms in ' . $vocabulary1_id,
Chris@14 171 'edit terms in ' . $vocabulary2_id,
Chris@14 172 'delete terms in ' . $vocabulary2_id,
Chris@14 173 ]);
Chris@14 174 $this->drupalLogin($edit_delete_user);
Chris@14 175 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
Chris@14 176 $assert_session->statusCodeEquals(200);
Chris@14 177 $assert_session->linkExists('Edit');
Chris@14 178 $assert_session->linkExists('Delete');
Chris@14 179 $assert_session->linkNotExists('Add term');
Chris@14 180 $assert_session->buttonExists('Save');
Chris@14 181 $assert_session->pageTextContains('Weight');
Chris@14 182 $assert_session->pageTextContains($edit_help_text);
Chris@14 183
Chris@14 184 // Visit vocabulary overview without terms. 'Add term' should not be shown.
Chris@14 185 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
Chris@14 186 $assert_session->statusCodeEquals(200);
Chris@14 187 $assert_session->pageTextContains('No terms available');
Chris@14 188 $assert_session->linkNotExists('Add term');
Chris@14 189
Chris@14 190 // Login as a user with permission to create new terms, only add new term
Chris@14 191 // link should be visible.
Chris@14 192 $edit_user = $this->createUser([
Chris@14 193 'access taxonomy overview',
Chris@14 194 'create terms in ' . $vocabulary1_id,
Chris@14 195 'create terms in ' . $vocabulary2_id,
Chris@14 196 ]);
Chris@14 197 $this->drupalLogin($edit_user);
Chris@14 198 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
Chris@14 199 $assert_session->statusCodeEquals(200);
Chris@14 200 $assert_session->linkNotExists('Edit');
Chris@14 201 $assert_session->linkNotExists('Delete');
Chris@14 202 $assert_session->linkExists('Add term');
Chris@14 203 $assert_session->buttonNotExists('Save');
Chris@14 204 $assert_session->pageTextNotContains('Weight');
Chris@14 205 $assert_session->pageTextContains($no_edit_help_text);
Chris@14 206
Chris@14 207 // Visit vocabulary overview without terms. 'Add term' should not be shown.
Chris@14 208 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
Chris@14 209 $assert_session->statusCodeEquals(200);
Chris@14 210 $assert_session->pageTextContains('No terms available');
Chris@14 211 $assert_session->linkExists('Add term');
Chris@0 212 }
Chris@0 213
Chris@0 214 /**
Chris@0 215 * Create, edit and delete a taxonomy term via the user interface.
Chris@0 216 */
Chris@0 217 public function testVocabularyPermissionsTaxonomyTerm() {
Chris@0 218 // Vocabulary used for creating, removing and editing terms.
Chris@0 219 $vocabulary = $this->createVocabulary();
Chris@0 220
Chris@0 221 // Test as admin user.
Chris@0 222 $user = $this->drupalCreateUser(['administer taxonomy']);
Chris@0 223 $this->drupalLogin($user);
Chris@0 224
Chris@0 225 // Visit the main taxonomy administration page.
Chris@0 226 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
Chris@0 227 $this->assertResponse(200);
Chris@0 228 $this->assertField('edit-name-0-value', 'Add taxonomy term form opened successfully.');
Chris@0 229
Chris@0 230 // Submit the term.
Chris@0 231 $edit = [];
Chris@0 232 $edit['name[0][value]'] = $this->randomMachineName();
Chris@0 233
Chris@0 234 $this->drupalPostForm(NULL, $edit, t('Save'));
Chris@0 235 $this->assertText(t('Created new term @name.', ['@name' => $edit['name[0][value]']]), 'Term created successfully.');
Chris@0 236
Chris@0 237 // Verify that the creation message contains a link to a term.
Chris@0 238 $view_link = $this->xpath('//div[@class="messages"]//a[contains(@href, :href)]', [':href' => 'term/']);
Chris@0 239 $this->assert(isset($view_link), 'The message area contains a link to a term');
Chris@0 240
Chris@14 241 $terms = \Drupal::entityTypeManager()
Chris@14 242 ->getStorage('taxonomy_term')
Chris@14 243 ->loadByProperties(['name' => $edit['name[0][value]']]);
Chris@0 244 $term = reset($terms);
Chris@0 245
Chris@0 246 // Edit the term.
Chris@0 247 $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
Chris@0 248 $this->assertResponse(200);
Chris@0 249 $this->assertText($edit['name[0][value]'], 'Edit taxonomy term form opened successfully.');
Chris@0 250
Chris@0 251 $edit['name[0][value]'] = $this->randomMachineName();
Chris@0 252 $this->drupalPostForm(NULL, $edit, t('Save'));
Chris@0 253 $this->assertText(t('Updated term @name.', ['@name' => $edit['name[0][value]']]), 'Term updated successfully.');
Chris@0 254
Chris@0 255 // Delete the vocabulary.
Chris@0 256 $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
Chris@0 257 $this->assertRaw(t('Are you sure you want to delete the @entity-type %label?', ['@entity-type' => 'taxonomy term', '%label' => $edit['name[0][value]']]), 'Delete taxonomy term form opened successfully.');
Chris@0 258
Chris@0 259 // Confirm deletion.
Chris@0 260 $this->drupalPostForm(NULL, NULL, t('Delete'));
Chris@0 261 $this->assertRaw(t('Deleted term %name.', ['%name' => $edit['name[0][value]']]), 'Term deleted.');
Chris@0 262
Chris@14 263 // Test as user with "create" permissions.
Chris@14 264 $user = $this->drupalCreateUser(["create terms in {$vocabulary->id()}"]);
Chris@14 265 $this->drupalLogin($user);
Chris@14 266
Chris@14 267 $assert_session = $this->assertSession();
Chris@14 268
Chris@14 269 // Create a new term.
Chris@14 270 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
Chris@14 271 $assert_session->statusCodeEquals(200);
Chris@14 272 $assert_session->fieldExists('name[0][value]');
Chris@14 273
Chris@14 274 // Submit the term.
Chris@14 275 $edit = [];
Chris@14 276 $edit['name[0][value]'] = $this->randomMachineName();
Chris@14 277
Chris@14 278 $this->drupalPostForm(NULL, $edit, t('Save'));
Chris@14 279 $assert_session->pageTextContains(t('Created new term @name.', ['@name' => $edit['name[0][value]']]));
Chris@14 280
Chris@14 281 $terms = \Drupal::entityTypeManager()
Chris@14 282 ->getStorage('taxonomy_term')
Chris@14 283 ->loadByProperties(['name' => $edit['name[0][value]']]);
Chris@14 284 $term = reset($terms);
Chris@14 285
Chris@14 286 // Ensure that edit and delete access is denied.
Chris@14 287 $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
Chris@14 288 $assert_session->statusCodeEquals(403);
Chris@14 289 $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
Chris@14 290 $assert_session->statusCodeEquals(403);
Chris@14 291
Chris@0 292 // Test as user with "edit" permissions.
Chris@0 293 $user = $this->drupalCreateUser(["edit terms in {$vocabulary->id()}"]);
Chris@0 294 $this->drupalLogin($user);
Chris@0 295
Chris@0 296 // Visit the main taxonomy administration page.
Chris@0 297 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
Chris@0 298 $this->assertResponse(403, 'Add taxonomy term form open failed.');
Chris@0 299
Chris@0 300 // Create a test term.
Chris@0 301 $term = $this->createTerm($vocabulary);
Chris@0 302
Chris@0 303 // Edit the term.
Chris@0 304 $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
Chris@0 305 $this->assertResponse(200);
Chris@0 306 $this->assertText($term->getName(), 'Edit taxonomy term form opened successfully.');
Chris@0 307
Chris@0 308 $edit['name[0][value]'] = $this->randomMachineName();
Chris@0 309 $this->drupalPostForm(NULL, $edit, t('Save'));
Chris@0 310 $this->assertText(t('Updated term @name.', ['@name' => $edit['name[0][value]']]), 'Term updated successfully.');
Chris@0 311
Chris@0 312 // Verify that the update message contains a link to a term.
Chris@0 313 $view_link = $this->xpath('//div[@class="messages"]//a[contains(@href, :href)]', [':href' => 'term/']);
Chris@0 314 $this->assert(isset($view_link), 'The message area contains a link to a term');
Chris@0 315
Chris@0 316 // Delete the vocabulary.
Chris@0 317 $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
Chris@0 318 $this->assertResponse(403, 'Delete taxonomy term form open failed.');
Chris@0 319
Chris@0 320 // Test as user with "delete" permissions.
Chris@0 321 $user = $this->drupalCreateUser(["delete terms in {$vocabulary->id()}"]);
Chris@0 322 $this->drupalLogin($user);
Chris@0 323
Chris@0 324 // Visit the main taxonomy administration page.
Chris@0 325 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
Chris@0 326 $this->assertResponse(403, 'Add taxonomy term form open failed.');
Chris@0 327
Chris@0 328 // Create a test term.
Chris@0 329 $term = $this->createTerm($vocabulary);
Chris@0 330
Chris@0 331 // Edit the term.
Chris@0 332 $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
Chris@0 333 $this->assertResponse(403, 'Edit taxonomy term form open failed.');
Chris@0 334
Chris@0 335 // Delete the vocabulary.
Chris@0 336 $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
Chris@0 337 $this->assertRaw(t('Are you sure you want to delete the @entity-type %label?', ['@entity-type' => 'taxonomy term', '%label' => $term->getName()]), 'Delete taxonomy term form opened successfully.');
Chris@0 338
Chris@0 339 // Confirm deletion.
Chris@0 340 $this->drupalPostForm(NULL, NULL, t('Delete'));
Chris@0 341 $this->assertRaw(t('Deleted term %name.', ['%name' => $term->getName()]), 'Term deleted.');
Chris@0 342
Chris@0 343 // Test as user without proper permissions.
Chris@0 344 $user = $this->drupalCreateUser();
Chris@0 345 $this->drupalLogin($user);
Chris@0 346
Chris@0 347 // Visit the main taxonomy administration page.
Chris@0 348 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
Chris@0 349 $this->assertResponse(403, 'Add taxonomy term form open failed.');
Chris@0 350
Chris@0 351 // Create a test term.
Chris@0 352 $term = $this->createTerm($vocabulary);
Chris@0 353
Chris@0 354 // Edit the term.
Chris@0 355 $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
Chris@0 356 $this->assertResponse(403, 'Edit taxonomy term form open failed.');
Chris@0 357
Chris@0 358 // Delete the vocabulary.
Chris@0 359 $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
Chris@0 360 $this->assertResponse(403, 'Delete taxonomy term form open failed.');
Chris@0 361 }
Chris@0 362
Chris@0 363 }