annotate core/modules/taxonomy/tests/src/Functional/VocabularyPermissionsTest.php @ 19:fa3358dc1485 tip

Add ndrum files
author Chris Cannam
date Wed, 28 Aug 2019 13:14:47 +0100
parents c2387f117808
children
rev   line source
Chris@0 1 <?php
Chris@0 2
Chris@0 3 namespace Drupal\Tests\taxonomy\Functional;
Chris@0 4
Chris@14 5 use Drupal\Component\Utility\Unicode;
Chris@14 6
Chris@0 7 /**
Chris@0 8 * Tests the taxonomy vocabulary permissions.
Chris@0 9 *
Chris@0 10 * @group taxonomy
Chris@0 11 */
Chris@0 12 class VocabularyPermissionsTest extends TaxonomyTestBase {
Chris@0 13
Chris@14 14 /**
Chris@14 15 * Modules to enable.
Chris@14 16 *
Chris@14 17 * @var array
Chris@14 18 */
Chris@14 19 public static $modules = ['help'];
Chris@14 20
Chris@0 21 protected function setUp() {
Chris@0 22 parent::setUp();
Chris@0 23
Chris@0 24 $this->drupalPlaceBlock('page_title_block');
Chris@14 25 $this->drupalPlaceBlock('local_actions_block');
Chris@14 26 $this->drupalPlaceBlock('help_block');
Chris@14 27 }
Chris@14 28
Chris@14 29 /**
Chris@14 30 * Create, edit and delete a vocabulary via the user interface.
Chris@14 31 */
Chris@14 32 public function testVocabularyPermissionsVocabulary() {
Chris@14 33 // VocabularyTest.php already tests for user with "administer taxonomy"
Chris@14 34 // permission.
Chris@14 35
Chris@14 36 // Test as user without proper permissions.
Chris@14 37 $authenticated_user = $this->drupalCreateUser([]);
Chris@14 38 $this->drupalLogin($authenticated_user);
Chris@14 39
Chris@14 40 $assert_session = $this->assertSession();
Chris@14 41
Chris@14 42 // Visit the main taxonomy administration page.
Chris@14 43 $this->drupalGet('admin/structure/taxonomy');
Chris@14 44 $assert_session->statusCodeEquals(403);
Chris@14 45
Chris@14 46 // Test as user with "access taxonomy overview" permissions.
Chris@14 47 $proper_user = $this->drupalCreateUser(['access taxonomy overview']);
Chris@14 48 $this->drupalLogin($proper_user);
Chris@14 49
Chris@14 50 // Visit the main taxonomy administration page.
Chris@14 51 $this->drupalGet('admin/structure/taxonomy');
Chris@14 52 $assert_session->statusCodeEquals(200);
Chris@14 53 $assert_session->pageTextContains('Vocabulary name');
Chris@14 54 $assert_session->linkNotExists('Add vocabulary');
Chris@14 55 }
Chris@14 56
Chris@14 57 /**
Chris@14 58 * Test the vocabulary overview permission.
Chris@14 59 */
Chris@14 60 public function testTaxonomyVocabularyOverviewPermissions() {
Chris@14 61 // Create two vocabularies, one with two terms, the other without any term.
Chris@14 62 /** @var \Drupal\taxonomy\Entity\Vocabulary $vocabulary1 , $vocabulary2 */
Chris@14 63 $vocabulary1 = $this->createVocabulary();
Chris@14 64 $vocabulary2 = $this->createVocabulary();
Chris@14 65 $vocabulary1_id = $vocabulary1->id();
Chris@14 66 $vocabulary2_id = $vocabulary2->id();
Chris@14 67 $this->createTerm($vocabulary1);
Chris@14 68 $this->createTerm($vocabulary1);
Chris@14 69
Chris@14 70 // Assert expected help texts on first vocabulary.
Chris@14 71 $edit_help_text = t('You can reorganize the terms in @capital_name using their drag-and-drop handles, and group terms under a parent term by sliding them under and to the right of the parent.', ['@capital_name' => Unicode::ucfirst($vocabulary1->label())]);
Chris@14 72 $no_edit_help_text = t('@capital_name contains the following terms.', ['@capital_name' => Unicode::ucfirst($vocabulary1->label())]);
Chris@14 73
Chris@14 74 $assert_session = $this->assertSession();
Chris@14 75
Chris@14 76 // Logged in as admin user with 'administer taxonomy' permission.
Chris@14 77 $admin_user = $this->drupalCreateUser(['administer taxonomy']);
Chris@14 78 $this->drupalLogin($admin_user);
Chris@14 79 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
Chris@14 80 $assert_session->statusCodeEquals(200);
Chris@14 81 $assert_session->linkExists('Edit');
Chris@14 82 $assert_session->linkExists('Delete');
Chris@14 83 $assert_session->linkExists('Add term');
Chris@14 84 $assert_session->buttonExists('Save');
Chris@14 85 $assert_session->pageTextContains('Weight');
Chris@16 86 $assert_session->fieldExists('Weight');
Chris@14 87 $assert_session->pageTextContains($edit_help_text);
Chris@14 88
Chris@14 89 // Visit vocabulary overview without terms. 'Add term' should be shown.
Chris@14 90 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
Chris@14 91 $assert_session->statusCodeEquals(200);
Chris@14 92 $assert_session->pageTextContains('No terms available');
Chris@14 93 $assert_session->linkExists('Add term');
Chris@14 94
Chris@14 95 // Login as a user without any of the required permissions.
Chris@14 96 $no_permission_user = $this->drupalCreateUser();
Chris@14 97 $this->drupalLogin($no_permission_user);
Chris@14 98 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
Chris@14 99 $assert_session->statusCodeEquals(403);
Chris@14 100 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
Chris@14 101 $assert_session->statusCodeEquals(403);
Chris@14 102
Chris@14 103 // Log in as a user with only the overview permission, neither edit nor
Chris@14 104 // delete operations must be available and no Save button.
Chris@14 105 $overview_only_user = $this->drupalCreateUser(['access taxonomy overview']);
Chris@14 106 $this->drupalLogin($overview_only_user);
Chris@14 107 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
Chris@14 108 $assert_session->statusCodeEquals(200);
Chris@14 109 $assert_session->linkNotExists('Edit');
Chris@14 110 $assert_session->linkNotExists('Delete');
Chris@14 111 $assert_session->buttonNotExists('Save');
Chris@16 112 $assert_session->pageTextContains('Weight');
Chris@16 113 $assert_session->fieldNotExists('Weight');
Chris@14 114 $assert_session->linkNotExists('Add term');
Chris@14 115 $assert_session->pageTextContains($no_edit_help_text);
Chris@14 116
Chris@14 117 // Visit vocabulary overview without terms. 'Add term' should not be shown.
Chris@14 118 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
Chris@14 119 $assert_session->statusCodeEquals(200);
Chris@14 120 $assert_session->pageTextContains('No terms available');
Chris@14 121 $assert_session->linkNotExists('Add term');
Chris@14 122
Chris@14 123 // Login as a user with permission to edit terms, only edit link should be
Chris@14 124 // visible.
Chris@14 125 $edit_user = $this->createUser([
Chris@14 126 'access taxonomy overview',
Chris@14 127 'edit terms in ' . $vocabulary1_id,
Chris@14 128 'edit terms in ' . $vocabulary2_id,
Chris@14 129 ]);
Chris@14 130 $this->drupalLogin($edit_user);
Chris@14 131 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
Chris@14 132 $assert_session->statusCodeEquals(200);
Chris@14 133 $assert_session->linkExists('Edit');
Chris@14 134 $assert_session->linkNotExists('Delete');
Chris@14 135 $assert_session->buttonExists('Save');
Chris@14 136 $assert_session->pageTextContains('Weight');
Chris@16 137 $assert_session->fieldExists('Weight');
Chris@14 138 $assert_session->linkNotExists('Add term');
Chris@14 139 $assert_session->pageTextContains($edit_help_text);
Chris@14 140
Chris@14 141 // Visit vocabulary overview without terms. 'Add term' should not be shown.
Chris@14 142 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
Chris@14 143 $assert_session->statusCodeEquals(200);
Chris@14 144 $assert_session->pageTextContains('No terms available');
Chris@14 145 $assert_session->linkNotExists('Add term');
Chris@14 146
Chris@14 147 // Login as a user with permission only to delete terms.
Chris@14 148 $edit_delete_user = $this->createUser([
Chris@14 149 'access taxonomy overview',
Chris@14 150 'delete terms in ' . $vocabulary1_id,
Chris@14 151 'delete terms in ' . $vocabulary2_id,
Chris@14 152 ]);
Chris@14 153 $this->drupalLogin($edit_delete_user);
Chris@14 154 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
Chris@14 155 $assert_session->statusCodeEquals(200);
Chris@14 156 $assert_session->linkNotExists('Edit');
Chris@14 157 $assert_session->linkExists('Delete');
Chris@14 158 $assert_session->linkNotExists('Add term');
Chris@14 159 $assert_session->buttonNotExists('Save');
Chris@16 160 $assert_session->pageTextContains('Weight');
Chris@16 161 $assert_session->fieldNotExists('Weight');
Chris@14 162 $assert_session->pageTextContains($no_edit_help_text);
Chris@14 163
Chris@14 164 // Visit vocabulary overview without terms. 'Add term' should not be shown.
Chris@14 165 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
Chris@14 166 $assert_session->statusCodeEquals(200);
Chris@14 167 $assert_session->pageTextContains('No terms available');
Chris@14 168 $assert_session->linkNotExists('Add term');
Chris@14 169
Chris@14 170 // Login as a user with permission to edit and delete terms.
Chris@14 171 $edit_delete_user = $this->createUser([
Chris@14 172 'access taxonomy overview',
Chris@14 173 'edit terms in ' . $vocabulary1_id,
Chris@14 174 'delete terms in ' . $vocabulary1_id,
Chris@14 175 'edit terms in ' . $vocabulary2_id,
Chris@14 176 'delete terms in ' . $vocabulary2_id,
Chris@14 177 ]);
Chris@14 178 $this->drupalLogin($edit_delete_user);
Chris@14 179 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
Chris@14 180 $assert_session->statusCodeEquals(200);
Chris@14 181 $assert_session->linkExists('Edit');
Chris@14 182 $assert_session->linkExists('Delete');
Chris@14 183 $assert_session->linkNotExists('Add term');
Chris@14 184 $assert_session->buttonExists('Save');
Chris@14 185 $assert_session->pageTextContains('Weight');
Chris@16 186 $assert_session->fieldExists('Weight');
Chris@14 187 $assert_session->pageTextContains($edit_help_text);
Chris@14 188
Chris@14 189 // Visit vocabulary overview without terms. 'Add term' should not be shown.
Chris@14 190 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
Chris@14 191 $assert_session->statusCodeEquals(200);
Chris@14 192 $assert_session->pageTextContains('No terms available');
Chris@14 193 $assert_session->linkNotExists('Add term');
Chris@14 194
Chris@14 195 // Login as a user with permission to create new terms, only add new term
Chris@14 196 // link should be visible.
Chris@14 197 $edit_user = $this->createUser([
Chris@14 198 'access taxonomy overview',
Chris@14 199 'create terms in ' . $vocabulary1_id,
Chris@14 200 'create terms in ' . $vocabulary2_id,
Chris@14 201 ]);
Chris@14 202 $this->drupalLogin($edit_user);
Chris@14 203 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
Chris@14 204 $assert_session->statusCodeEquals(200);
Chris@14 205 $assert_session->linkNotExists('Edit');
Chris@14 206 $assert_session->linkNotExists('Delete');
Chris@14 207 $assert_session->linkExists('Add term');
Chris@14 208 $assert_session->buttonNotExists('Save');
Chris@16 209 $assert_session->pageTextContains('Weight');
Chris@16 210 $assert_session->fieldNotExists('Weight');
Chris@14 211 $assert_session->pageTextContains($no_edit_help_text);
Chris@14 212
Chris@14 213 // Visit vocabulary overview without terms. 'Add term' should not be shown.
Chris@14 214 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
Chris@14 215 $assert_session->statusCodeEquals(200);
Chris@14 216 $assert_session->pageTextContains('No terms available');
Chris@14 217 $assert_session->linkExists('Add term');
Chris@0 218 }
Chris@0 219
Chris@0 220 /**
Chris@0 221 * Create, edit and delete a taxonomy term via the user interface.
Chris@0 222 */
Chris@0 223 public function testVocabularyPermissionsTaxonomyTerm() {
Chris@0 224 // Vocabulary used for creating, removing and editing terms.
Chris@0 225 $vocabulary = $this->createVocabulary();
Chris@0 226
Chris@0 227 // Test as admin user.
Chris@0 228 $user = $this->drupalCreateUser(['administer taxonomy']);
Chris@0 229 $this->drupalLogin($user);
Chris@0 230
Chris@0 231 // Visit the main taxonomy administration page.
Chris@0 232 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
Chris@0 233 $this->assertResponse(200);
Chris@0 234 $this->assertField('edit-name-0-value', 'Add taxonomy term form opened successfully.');
Chris@0 235
Chris@0 236 // Submit the term.
Chris@0 237 $edit = [];
Chris@0 238 $edit['name[0][value]'] = $this->randomMachineName();
Chris@0 239
Chris@0 240 $this->drupalPostForm(NULL, $edit, t('Save'));
Chris@0 241 $this->assertText(t('Created new term @name.', ['@name' => $edit['name[0][value]']]), 'Term created successfully.');
Chris@0 242
Chris@0 243 // Verify that the creation message contains a link to a term.
Chris@0 244 $view_link = $this->xpath('//div[@class="messages"]//a[contains(@href, :href)]', [':href' => 'term/']);
Chris@0 245 $this->assert(isset($view_link), 'The message area contains a link to a term');
Chris@0 246
Chris@14 247 $terms = \Drupal::entityTypeManager()
Chris@14 248 ->getStorage('taxonomy_term')
Chris@14 249 ->loadByProperties(['name' => $edit['name[0][value]']]);
Chris@0 250 $term = reset($terms);
Chris@0 251
Chris@0 252 // Edit the term.
Chris@0 253 $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
Chris@0 254 $this->assertResponse(200);
Chris@0 255 $this->assertText($edit['name[0][value]'], 'Edit taxonomy term form opened successfully.');
Chris@0 256
Chris@0 257 $edit['name[0][value]'] = $this->randomMachineName();
Chris@0 258 $this->drupalPostForm(NULL, $edit, t('Save'));
Chris@0 259 $this->assertText(t('Updated term @name.', ['@name' => $edit['name[0][value]']]), 'Term updated successfully.');
Chris@0 260
Chris@0 261 // Delete the vocabulary.
Chris@0 262 $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
Chris@0 263 $this->assertRaw(t('Are you sure you want to delete the @entity-type %label?', ['@entity-type' => 'taxonomy term', '%label' => $edit['name[0][value]']]), 'Delete taxonomy term form opened successfully.');
Chris@0 264
Chris@0 265 // Confirm deletion.
Chris@0 266 $this->drupalPostForm(NULL, NULL, t('Delete'));
Chris@0 267 $this->assertRaw(t('Deleted term %name.', ['%name' => $edit['name[0][value]']]), 'Term deleted.');
Chris@0 268
Chris@14 269 // Test as user with "create" permissions.
Chris@14 270 $user = $this->drupalCreateUser(["create terms in {$vocabulary->id()}"]);
Chris@14 271 $this->drupalLogin($user);
Chris@14 272
Chris@14 273 $assert_session = $this->assertSession();
Chris@14 274
Chris@14 275 // Create a new term.
Chris@14 276 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
Chris@14 277 $assert_session->statusCodeEquals(200);
Chris@14 278 $assert_session->fieldExists('name[0][value]');
Chris@14 279
Chris@14 280 // Submit the term.
Chris@14 281 $edit = [];
Chris@14 282 $edit['name[0][value]'] = $this->randomMachineName();
Chris@14 283
Chris@14 284 $this->drupalPostForm(NULL, $edit, t('Save'));
Chris@14 285 $assert_session->pageTextContains(t('Created new term @name.', ['@name' => $edit['name[0][value]']]));
Chris@14 286
Chris@14 287 $terms = \Drupal::entityTypeManager()
Chris@14 288 ->getStorage('taxonomy_term')
Chris@14 289 ->loadByProperties(['name' => $edit['name[0][value]']]);
Chris@14 290 $term = reset($terms);
Chris@14 291
Chris@14 292 // Ensure that edit and delete access is denied.
Chris@14 293 $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
Chris@14 294 $assert_session->statusCodeEquals(403);
Chris@14 295 $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
Chris@14 296 $assert_session->statusCodeEquals(403);
Chris@14 297
Chris@0 298 // Test as user with "edit" permissions.
Chris@0 299 $user = $this->drupalCreateUser(["edit terms in {$vocabulary->id()}"]);
Chris@0 300 $this->drupalLogin($user);
Chris@0 301
Chris@0 302 // Visit the main taxonomy administration page.
Chris@0 303 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
Chris@0 304 $this->assertResponse(403, 'Add taxonomy term form open failed.');
Chris@0 305
Chris@0 306 // Create a test term.
Chris@0 307 $term = $this->createTerm($vocabulary);
Chris@0 308
Chris@0 309 // Edit the term.
Chris@0 310 $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
Chris@0 311 $this->assertResponse(200);
Chris@0 312 $this->assertText($term->getName(), 'Edit taxonomy term form opened successfully.');
Chris@0 313
Chris@0 314 $edit['name[0][value]'] = $this->randomMachineName();
Chris@0 315 $this->drupalPostForm(NULL, $edit, t('Save'));
Chris@0 316 $this->assertText(t('Updated term @name.', ['@name' => $edit['name[0][value]']]), 'Term updated successfully.');
Chris@0 317
Chris@0 318 // Verify that the update message contains a link to a term.
Chris@0 319 $view_link = $this->xpath('//div[@class="messages"]//a[contains(@href, :href)]', [':href' => 'term/']);
Chris@0 320 $this->assert(isset($view_link), 'The message area contains a link to a term');
Chris@0 321
Chris@0 322 // Delete the vocabulary.
Chris@0 323 $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
Chris@0 324 $this->assertResponse(403, 'Delete taxonomy term form open failed.');
Chris@0 325
Chris@0 326 // Test as user with "delete" permissions.
Chris@0 327 $user = $this->drupalCreateUser(["delete terms in {$vocabulary->id()}"]);
Chris@0 328 $this->drupalLogin($user);
Chris@0 329
Chris@0 330 // Visit the main taxonomy administration page.
Chris@0 331 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
Chris@0 332 $this->assertResponse(403, 'Add taxonomy term form open failed.');
Chris@0 333
Chris@0 334 // Create a test term.
Chris@0 335 $term = $this->createTerm($vocabulary);
Chris@0 336
Chris@0 337 // Edit the term.
Chris@0 338 $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
Chris@0 339 $this->assertResponse(403, 'Edit taxonomy term form open failed.');
Chris@0 340
Chris@0 341 // Delete the vocabulary.
Chris@0 342 $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
Chris@0 343 $this->assertRaw(t('Are you sure you want to delete the @entity-type %label?', ['@entity-type' => 'taxonomy term', '%label' => $term->getName()]), 'Delete taxonomy term form opened successfully.');
Chris@0 344
Chris@0 345 // Confirm deletion.
Chris@0 346 $this->drupalPostForm(NULL, NULL, t('Delete'));
Chris@0 347 $this->assertRaw(t('Deleted term %name.', ['%name' => $term->getName()]), 'Term deleted.');
Chris@0 348
Chris@0 349 // Test as user without proper permissions.
Chris@0 350 $user = $this->drupalCreateUser();
Chris@0 351 $this->drupalLogin($user);
Chris@0 352
Chris@0 353 // Visit the main taxonomy administration page.
Chris@0 354 $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
Chris@0 355 $this->assertResponse(403, 'Add taxonomy term form open failed.');
Chris@0 356
Chris@0 357 // Create a test term.
Chris@0 358 $term = $this->createTerm($vocabulary);
Chris@0 359
Chris@0 360 // Edit the term.
Chris@0 361 $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
Chris@0 362 $this->assertResponse(403, 'Edit taxonomy term form open failed.');
Chris@0 363
Chris@0 364 // Delete the vocabulary.
Chris@0 365 $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
Chris@0 366 $this->assertResponse(403, 'Delete taxonomy term form open failed.');
Chris@0 367 }
Chris@0 368
Chris@0 369 }