annotate core/modules/comment/tests/src/Functional/CommentAccessTest.php @ 19:fa3358dc1485 tip

Add ndrum files
author Chris Cannam
date Wed, 28 Aug 2019 13:14:47 +0100
parents 129ea1e6d783
children
rev   line source
Chris@12 1 <?php
Chris@12 2
Chris@12 3 namespace Drupal\Tests\comment\Functional;
Chris@12 4
Chris@12 5 use Drupal\comment\Entity\Comment;
Chris@12 6 use Drupal\comment\Tests\CommentTestTrait;
Chris@12 7 use Drupal\node\Entity\NodeType;
Chris@12 8 use Drupal\Tests\BrowserTestBase;
Chris@12 9
Chris@12 10 /**
Chris@12 11 * Tests comment administration and preview access.
Chris@12 12 *
Chris@12 13 * @group comment
Chris@12 14 */
Chris@12 15 class CommentAccessTest extends BrowserTestBase {
Chris@12 16
Chris@12 17 use CommentTestTrait;
Chris@12 18
Chris@12 19 /**
Chris@12 20 * {@inheritdoc}
Chris@12 21 */
Chris@12 22 public static $modules = [
Chris@12 23 'node',
Chris@12 24 'comment',
Chris@12 25 ];
Chris@12 26
Chris@12 27 /**
Chris@12 28 * Node for commenting.
Chris@12 29 *
Chris@12 30 * @var \Drupal\node\NodeInterface
Chris@12 31 */
Chris@12 32 protected $unpublishedNode;
Chris@12 33
Chris@12 34 /**
Chris@12 35 * {@inheritdoc}
Chris@12 36 */
Chris@12 37 protected function setUp() {
Chris@12 38 parent::setUp();
Chris@12 39
Chris@12 40 $node_type = NodeType::create([
Chris@12 41 'type' => 'article',
Chris@12 42 'name' => 'Article',
Chris@12 43 ]);
Chris@12 44 $node_type->save();
Chris@12 45 $node_author = $this->drupalCreateUser([
Chris@12 46 'create article content',
Chris@12 47 'access comments',
Chris@12 48 ]);
Chris@12 49
Chris@12 50 $this->drupalLogin($this->drupalCreateUser([
Chris@12 51 'edit own comments',
Chris@12 52 'skip comment approval',
Chris@12 53 'post comments',
Chris@12 54 'access comments',
Chris@12 55 'access content',
Chris@12 56 ]));
Chris@12 57
Chris@12 58 $this->addDefaultCommentField('node', 'article');
Chris@12 59 $this->unpublishedNode = $this->createNode([
Chris@12 60 'title' => 'This is unpublished',
Chris@12 61 'uid' => $node_author->id(),
Chris@12 62 'status' => 0,
Chris@12 63 'type' => 'article',
Chris@12 64 ]);
Chris@12 65 $this->unpublishedNode->save();
Chris@12 66 }
Chris@12 67
Chris@12 68 /**
Chris@12 69 * Tests commenting disabled for access-blocked entities.
Chris@12 70 */
Chris@12 71 public function testCannotCommentOnEntitiesYouCannotView() {
Chris@12 72 $assert = $this->assertSession();
Chris@12 73
Chris@12 74 $comment_url = 'comment/reply/node/' . $this->unpublishedNode->id() . '/comment';
Chris@12 75
Chris@12 76 // Commenting on an unpublished node results in access denied.
Chris@12 77 $this->drupalGet($comment_url);
Chris@12 78 $assert->statusCodeEquals(403);
Chris@12 79
Chris@12 80 // Publishing the node grants access.
Chris@17 81 $this->unpublishedNode->setPublished()->save();
Chris@12 82 $this->drupalGet($comment_url);
Chris@12 83 $assert->statusCodeEquals(200);
Chris@12 84 }
Chris@12 85
Chris@12 86 /**
Chris@12 87 * Tests cannot view comment reply form on entities you cannot view.
Chris@12 88 */
Chris@12 89 public function testCannotViewCommentReplyFormOnEntitiesYouCannotView() {
Chris@12 90 $assert = $this->assertSession();
Chris@12 91
Chris@12 92 // Create a comment on an unpublished node.
Chris@12 93 $comment = Comment::create([
Chris@12 94 'entity_type' => 'node',
Chris@12 95 'name' => 'Tony',
Chris@12 96 'hostname' => 'magic.example.com',
Chris@12 97 'mail' => 'foo@example.com',
Chris@12 98 'subject' => 'Comment on unpublished node',
Chris@12 99 'entity_id' => $this->unpublishedNode->id(),
Chris@12 100 'comment_type' => 'comment',
Chris@12 101 'field_name' => 'comment',
Chris@12 102 'pid' => 0,
Chris@12 103 'uid' => $this->unpublishedNode->getOwnerId(),
Chris@12 104 'status' => 1,
Chris@12 105 ]);
Chris@12 106 $comment->save();
Chris@12 107
Chris@12 108 $comment_url = 'comment/reply/node/' . $this->unpublishedNode->id() . '/comment/' . $comment->id();
Chris@12 109
Chris@12 110 // Replying to a comment on an unpublished node results in access denied.
Chris@12 111 $this->drupalGet($comment_url);
Chris@12 112 $assert->statusCodeEquals(403);
Chris@12 113
Chris@12 114 // Publishing the node grants access.
Chris@17 115 $this->unpublishedNode->setPublished()->save();
Chris@12 116 $this->drupalGet($comment_url);
Chris@12 117 $assert->statusCodeEquals(200);
Chris@12 118 }
Chris@12 119
Chris@12 120 }