|
Chris@0
|
1 <?php
|
|
Chris@0
|
2
|
|
Chris@0
|
3 namespace Drupal\Tests\user\Traits;
|
|
Chris@0
|
4
|
|
Chris@0
|
5 use Drupal\Component\Utility\SafeMarkup;
|
|
Chris@0
|
6 use Drupal\Core\Session\AccountInterface;
|
|
Chris@0
|
7 use Drupal\user\Entity\Role;
|
|
Chris@0
|
8 use Drupal\user\Entity\User;
|
|
Chris@0
|
9 use Drupal\user\RoleInterface;
|
|
Chris@0
|
10
|
|
Chris@0
|
11 /**
|
|
Chris@0
|
12 * Provides methods to create additional test users and switch the currently
|
|
Chris@0
|
13 * logged in one.
|
|
Chris@0
|
14 *
|
|
Chris@0
|
15 * This trait is meant to be used only by test classes.
|
|
Chris@0
|
16 */
|
|
Chris@0
|
17 trait UserCreationTrait {
|
|
Chris@0
|
18
|
|
Chris@0
|
19 /**
|
|
Chris@0
|
20 * Switch the current logged in user.
|
|
Chris@0
|
21 *
|
|
Chris@0
|
22 * @param \Drupal\Core\Session\AccountInterface $account
|
|
Chris@0
|
23 * The user account object.
|
|
Chris@0
|
24 */
|
|
Chris@0
|
25 protected function setCurrentUser(AccountInterface $account) {
|
|
Chris@0
|
26 \Drupal::currentUser()->setAccount($account);
|
|
Chris@0
|
27 }
|
|
Chris@0
|
28
|
|
Chris@0
|
29 /**
|
|
Chris@0
|
30 * Create a user with a given set of permissions.
|
|
Chris@0
|
31 *
|
|
Chris@0
|
32 * @param array $permissions
|
|
Chris@0
|
33 * Array of permission names to assign to user. Note that the user always
|
|
Chris@0
|
34 * has the default permissions derived from the "authenticated users" role.
|
|
Chris@0
|
35 * @param string $name
|
|
Chris@0
|
36 * The user name.
|
|
Chris@0
|
37 * @param bool $admin
|
|
Chris@0
|
38 * (optional) Whether the user should be an administrator
|
|
Chris@0
|
39 * with all the available permissions.
|
|
Chris@0
|
40 *
|
|
Chris@0
|
41 * @return \Drupal\user\Entity\User|false
|
|
Chris@0
|
42 * A fully loaded user object with pass_raw property, or FALSE if account
|
|
Chris@0
|
43 * creation fails.
|
|
Chris@0
|
44 */
|
|
Chris@0
|
45 protected function createUser(array $permissions = [], $name = NULL, $admin = FALSE) {
|
|
Chris@0
|
46 // Create a role with the given permission set, if any.
|
|
Chris@0
|
47 $rid = FALSE;
|
|
Chris@0
|
48 if ($permissions) {
|
|
Chris@0
|
49 $rid = $this->createRole($permissions);
|
|
Chris@0
|
50 if (!$rid) {
|
|
Chris@0
|
51 return FALSE;
|
|
Chris@0
|
52 }
|
|
Chris@0
|
53 }
|
|
Chris@0
|
54
|
|
Chris@0
|
55 // Create a user assigned to that role.
|
|
Chris@0
|
56 $edit = [];
|
|
Chris@0
|
57 $edit['name'] = !empty($name) ? $name : $this->randomMachineName();
|
|
Chris@0
|
58 $edit['mail'] = $edit['name'] . '@example.com';
|
|
Chris@0
|
59 $edit['pass'] = user_password();
|
|
Chris@0
|
60 $edit['status'] = 1;
|
|
Chris@0
|
61 if ($rid) {
|
|
Chris@0
|
62 $edit['roles'] = [$rid];
|
|
Chris@0
|
63 }
|
|
Chris@0
|
64
|
|
Chris@0
|
65 if ($admin) {
|
|
Chris@0
|
66 $edit['roles'][] = $this->createAdminRole();
|
|
Chris@0
|
67 }
|
|
Chris@0
|
68
|
|
Chris@0
|
69 $account = User::create($edit);
|
|
Chris@0
|
70 $account->save();
|
|
Chris@0
|
71
|
|
Chris@0
|
72 $this->assertTrue($account->id(), SafeMarkup::format('User created with name %name and pass %pass', ['%name' => $edit['name'], '%pass' => $edit['pass']]), 'User login');
|
|
Chris@0
|
73 if (!$account->id()) {
|
|
Chris@0
|
74 return FALSE;
|
|
Chris@0
|
75 }
|
|
Chris@0
|
76
|
|
Chris@0
|
77 // Add the raw password so that we can log in as this user.
|
|
Chris@0
|
78 $account->pass_raw = $edit['pass'];
|
|
Chris@0
|
79 // Support BrowserTestBase as well.
|
|
Chris@0
|
80 $account->passRaw = $account->pass_raw;
|
|
Chris@0
|
81 return $account;
|
|
Chris@0
|
82 }
|
|
Chris@0
|
83
|
|
Chris@0
|
84 /**
|
|
Chris@0
|
85 * Creates an administrative role.
|
|
Chris@0
|
86 *
|
|
Chris@0
|
87 * @param string $rid
|
|
Chris@0
|
88 * (optional) The role ID (machine name). Defaults to a random name.
|
|
Chris@0
|
89 * @param string $name
|
|
Chris@0
|
90 * (optional) The label for the role. Defaults to a random string.
|
|
Chris@0
|
91 * @param int $weight
|
|
Chris@0
|
92 * (optional) The weight for the role. Defaults NULL so that entity_create()
|
|
Chris@0
|
93 * sets the weight to maximum + 1.
|
|
Chris@0
|
94 *
|
|
Chris@0
|
95 * @return string
|
|
Chris@0
|
96 * Role ID of newly created role, or FALSE if role creation failed.
|
|
Chris@0
|
97 */
|
|
Chris@0
|
98 protected function createAdminRole($rid = NULL, $name = NULL, $weight = NULL) {
|
|
Chris@0
|
99 $rid = $this->createRole([], $rid, $name, $weight);
|
|
Chris@0
|
100 if ($rid) {
|
|
Chris@0
|
101 /** @var \Drupal\user\RoleInterface $role */
|
|
Chris@0
|
102 $role = Role::load($rid);
|
|
Chris@0
|
103 $role->setIsAdmin(TRUE);
|
|
Chris@0
|
104 $role->save();
|
|
Chris@0
|
105 }
|
|
Chris@0
|
106 return $rid;
|
|
Chris@0
|
107 }
|
|
Chris@0
|
108
|
|
Chris@0
|
109 /**
|
|
Chris@0
|
110 * Creates a role with specified permissions.
|
|
Chris@0
|
111 *
|
|
Chris@0
|
112 * @param array $permissions
|
|
Chris@0
|
113 * Array of permission names to assign to role.
|
|
Chris@0
|
114 * @param string $rid
|
|
Chris@0
|
115 * (optional) The role ID (machine name). Defaults to a random name.
|
|
Chris@0
|
116 * @param string $name
|
|
Chris@0
|
117 * (optional) The label for the role. Defaults to a random string.
|
|
Chris@0
|
118 * @param int $weight
|
|
Chris@0
|
119 * (optional) The weight for the role. Defaults NULL so that entity_create()
|
|
Chris@0
|
120 * sets the weight to maximum + 1.
|
|
Chris@0
|
121 *
|
|
Chris@0
|
122 * @return string
|
|
Chris@0
|
123 * Role ID of newly created role, or FALSE if role creation failed.
|
|
Chris@0
|
124 */
|
|
Chris@0
|
125 protected function createRole(array $permissions, $rid = NULL, $name = NULL, $weight = NULL) {
|
|
Chris@0
|
126 // Generate a random, lowercase machine name if none was passed.
|
|
Chris@0
|
127 if (!isset($rid)) {
|
|
Chris@0
|
128 $rid = strtolower($this->randomMachineName(8));
|
|
Chris@0
|
129 }
|
|
Chris@0
|
130 // Generate a random label.
|
|
Chris@0
|
131 if (!isset($name)) {
|
|
Chris@0
|
132 // In the role UI role names are trimmed and random string can start or
|
|
Chris@0
|
133 // end with a space.
|
|
Chris@0
|
134 $name = trim($this->randomString(8));
|
|
Chris@0
|
135 }
|
|
Chris@0
|
136
|
|
Chris@0
|
137 // Check the all the permissions strings are valid.
|
|
Chris@0
|
138 if (!$this->checkPermissions($permissions)) {
|
|
Chris@0
|
139 return FALSE;
|
|
Chris@0
|
140 }
|
|
Chris@0
|
141
|
|
Chris@0
|
142 // Create new role.
|
|
Chris@0
|
143 $role = Role::create([
|
|
Chris@0
|
144 'id' => $rid,
|
|
Chris@0
|
145 'label' => $name,
|
|
Chris@0
|
146 ]);
|
|
Chris@0
|
147 if (isset($weight)) {
|
|
Chris@0
|
148 $role->set('weight', $weight);
|
|
Chris@0
|
149 }
|
|
Chris@0
|
150 $result = $role->save();
|
|
Chris@0
|
151
|
|
Chris@0
|
152 $this->assertIdentical($result, SAVED_NEW, SafeMarkup::format('Created role ID @rid with name @name.', [
|
|
Chris@0
|
153 '@name' => var_export($role->label(), TRUE),
|
|
Chris@0
|
154 '@rid' => var_export($role->id(), TRUE),
|
|
Chris@0
|
155 ]), 'Role');
|
|
Chris@0
|
156
|
|
Chris@0
|
157 if ($result === SAVED_NEW) {
|
|
Chris@0
|
158 // Grant the specified permissions to the role, if any.
|
|
Chris@0
|
159 if (!empty($permissions)) {
|
|
Chris@0
|
160 $this->grantPermissions($role, $permissions);
|
|
Chris@0
|
161 $assigned_permissions = Role::load($role->id())->getPermissions();
|
|
Chris@0
|
162 $missing_permissions = array_diff($permissions, $assigned_permissions);
|
|
Chris@0
|
163 if (!$missing_permissions) {
|
|
Chris@0
|
164 $this->pass(SafeMarkup::format('Created permissions: @perms', ['@perms' => implode(', ', $permissions)]), 'Role');
|
|
Chris@0
|
165 }
|
|
Chris@0
|
166 else {
|
|
Chris@0
|
167 $this->fail(SafeMarkup::format('Failed to create permissions: @perms', ['@perms' => implode(', ', $missing_permissions)]), 'Role');
|
|
Chris@0
|
168 }
|
|
Chris@0
|
169 }
|
|
Chris@0
|
170 return $role->id();
|
|
Chris@0
|
171 }
|
|
Chris@0
|
172 else {
|
|
Chris@0
|
173 return FALSE;
|
|
Chris@0
|
174 }
|
|
Chris@0
|
175 }
|
|
Chris@0
|
176
|
|
Chris@0
|
177 /**
|
|
Chris@0
|
178 * Checks whether a given list of permission names is valid.
|
|
Chris@0
|
179 *
|
|
Chris@0
|
180 * @param array $permissions
|
|
Chris@0
|
181 * The permission names to check.
|
|
Chris@0
|
182 *
|
|
Chris@0
|
183 * @return bool
|
|
Chris@0
|
184 * TRUE if the permissions are valid, FALSE otherwise.
|
|
Chris@0
|
185 */
|
|
Chris@0
|
186 protected function checkPermissions(array $permissions) {
|
|
Chris@0
|
187 $available = array_keys(\Drupal::service('user.permissions')->getPermissions());
|
|
Chris@0
|
188 $valid = TRUE;
|
|
Chris@0
|
189 foreach ($permissions as $permission) {
|
|
Chris@0
|
190 if (!in_array($permission, $available)) {
|
|
Chris@0
|
191 $this->fail(SafeMarkup::format('Invalid permission %permission.', ['%permission' => $permission]), 'Role');
|
|
Chris@0
|
192 $valid = FALSE;
|
|
Chris@0
|
193 }
|
|
Chris@0
|
194 }
|
|
Chris@0
|
195 return $valid;
|
|
Chris@0
|
196 }
|
|
Chris@0
|
197
|
|
Chris@0
|
198 /**
|
|
Chris@0
|
199 * Grant permissions to a user role.
|
|
Chris@0
|
200 *
|
|
Chris@0
|
201 * @param \Drupal\user\RoleInterface $role
|
|
Chris@0
|
202 * The ID of a user role to alter.
|
|
Chris@0
|
203 * @param array $permissions
|
|
Chris@0
|
204 * (optional) A list of permission names to grant.
|
|
Chris@0
|
205 */
|
|
Chris@0
|
206 protected function grantPermissions(RoleInterface $role, array $permissions) {
|
|
Chris@0
|
207 foreach ($permissions as $permission) {
|
|
Chris@0
|
208 $role->grantPermission($permission);
|
|
Chris@0
|
209 }
|
|
Chris@0
|
210 $role->trustData()->save();
|
|
Chris@0
|
211 }
|
|
Chris@0
|
212
|
|
Chris@0
|
213 }
|
