|
Chris@18
|
1 <?php
|
|
Chris@18
|
2
|
|
Chris@18
|
3 namespace Drupal\Tests\media\Kernel;
|
|
Chris@18
|
4
|
|
Chris@18
|
5 use Drupal\Core\Access\AccessResult;
|
|
Chris@18
|
6 use Drupal\Core\Access\AccessResultInterface;
|
|
Chris@18
|
7 use Drupal\media\Entity\Media;
|
|
Chris@18
|
8 use Drupal\Tests\user\Traits\UserCreationTrait;
|
|
Chris@18
|
9
|
|
Chris@18
|
10 /**
|
|
Chris@18
|
11 * Tests the media access control handler.
|
|
Chris@18
|
12 *
|
|
Chris@18
|
13 * @group media
|
|
Chris@18
|
14 *
|
|
Chris@18
|
15 * @coversDefaultClass \Drupal\media\MediaAccessControlHandler
|
|
Chris@18
|
16 */
|
|
Chris@18
|
17 class MediaAccessControlHandlerTest extends MediaKernelTestBase {
|
|
Chris@18
|
18
|
|
Chris@18
|
19 use UserCreationTrait;
|
|
Chris@18
|
20
|
|
Chris@18
|
21 /**
|
|
Chris@18
|
22 * Tests the media access control handler.
|
|
Chris@18
|
23 *
|
|
Chris@18
|
24 * @param string[] $permissions
|
|
Chris@18
|
25 * The permissions that the user should be given.
|
|
Chris@18
|
26 * @param array $entity_values
|
|
Chris@18
|
27 * Initial values from which to create the media entity.
|
|
Chris@18
|
28 * @param string $operation
|
|
Chris@18
|
29 * The operation, one of 'view', 'update' or 'delete'.
|
|
Chris@18
|
30 * @param \Drupal\Core\Access\AccessResultInterface $expected_result
|
|
Chris@18
|
31 * Expected result.
|
|
Chris@18
|
32 * @param string[] $expected_cache_contexts
|
|
Chris@18
|
33 * Expected cache contexts.
|
|
Chris@18
|
34 * @param string[] $expected_cache_tags
|
|
Chris@18
|
35 * Expected cache tags.
|
|
Chris@18
|
36 *
|
|
Chris@18
|
37 * @covers ::checkAccess
|
|
Chris@18
|
38 * @dataProvider providerAccess
|
|
Chris@18
|
39 */
|
|
Chris@18
|
40 public function testAccess(array $permissions, array $entity_values, $operation, AccessResultInterface $expected_result, array $expected_cache_contexts, array $expected_cache_tags) {
|
|
Chris@18
|
41 // Set a fixed ID so the type specific permissions match.
|
|
Chris@18
|
42 $media_type = $this->createMediaType('test', [
|
|
Chris@18
|
43 'id' => 'test',
|
|
Chris@18
|
44 ]);
|
|
Chris@18
|
45
|
|
Chris@18
|
46 $user = $this->createUser($permissions);
|
|
Chris@18
|
47
|
|
Chris@18
|
48 $entity_values += [
|
|
Chris@18
|
49 'status' => FALSE,
|
|
Chris@18
|
50 'uid' => $user->id(),
|
|
Chris@18
|
51 'bundle' => $media_type->id(),
|
|
Chris@18
|
52 ];
|
|
Chris@18
|
53
|
|
Chris@18
|
54 $entity = Media::create($entity_values);
|
|
Chris@18
|
55 $entity->save();
|
|
Chris@18
|
56 /** @var \Drupal\Core\Entity\EntityAccessControlHandlerInterface $access_handler */
|
|
Chris@18
|
57 $access_handler = $this->container->get('entity_type.manager')->getAccessControlHandler('media');
|
|
Chris@18
|
58 $this->assertAccess($expected_result, $expected_cache_contexts, $expected_cache_tags, $access_handler->access($entity, $operation, $user, TRUE));
|
|
Chris@18
|
59 }
|
|
Chris@18
|
60
|
|
Chris@18
|
61 /**
|
|
Chris@18
|
62 * @param string[] $permissions
|
|
Chris@18
|
63 * User permissions.
|
|
Chris@18
|
64 * @param \Drupal\Core\Access\AccessResultInterface $expected_result
|
|
Chris@18
|
65 * Expected result.
|
|
Chris@18
|
66 * @param string[] $expected_cache_contexts
|
|
Chris@18
|
67 * Expected cache contexts.
|
|
Chris@18
|
68 * @param string[] $expected_cache_tags
|
|
Chris@18
|
69 * Expected cache tags.
|
|
Chris@18
|
70 *
|
|
Chris@18
|
71 * @covers ::checkCreateAccess
|
|
Chris@18
|
72 * @dataProvider providerCreateAccess
|
|
Chris@18
|
73 */
|
|
Chris@18
|
74 public function testCreateAccess(array $permissions, AccessResultInterface $expected_result, array $expected_cache_contexts, array $expected_cache_tags) {
|
|
Chris@18
|
75 $user = $this->createUser($permissions);
|
|
Chris@18
|
76
|
|
Chris@18
|
77 /** @var \Drupal\Core\Entity\EntityAccessControlHandlerInterface $access_handler */
|
|
Chris@18
|
78 $access_handler = $this->container->get('entity_type.manager')->getAccessControlHandler('media');
|
|
Chris@18
|
79 $this->assertAccess($expected_result, $expected_cache_contexts, $expected_cache_tags, $access_handler->createAccess('test', $user, [], TRUE));
|
|
Chris@18
|
80 }
|
|
Chris@18
|
81
|
|
Chris@18
|
82 /**
|
|
Chris@18
|
83 * Asserts an access result.
|
|
Chris@18
|
84 *
|
|
Chris@18
|
85 * @param \Drupal\Core\Access\AccessResultInterface $expected_access_result
|
|
Chris@18
|
86 * The expected access result.
|
|
Chris@18
|
87 * @param string[] $expected_cache_contexts
|
|
Chris@18
|
88 * Expected contexts.
|
|
Chris@18
|
89 * @param string[] $expected_cache_tags
|
|
Chris@18
|
90 * Expected cache tags
|
|
Chris@18
|
91 * @param \Drupal\Core\Access\AccessResultInterface $actual
|
|
Chris@18
|
92 * The actual access result.
|
|
Chris@18
|
93 */
|
|
Chris@18
|
94 protected function assertAccess(AccessResultInterface $expected_access_result, array $expected_cache_contexts, array $expected_cache_tags, AccessResultInterface $actual) {
|
|
Chris@18
|
95 $this->assertSame($expected_access_result->isAllowed(), $actual->isAllowed());
|
|
Chris@18
|
96 $this->assertSame($expected_access_result->isForbidden(), $actual->isForbidden());
|
|
Chris@18
|
97 $this->assertSame($expected_access_result->isNeutral(), $actual->isNeutral());
|
|
Chris@18
|
98
|
|
Chris@18
|
99 $actual_cache_contexts = $actual->getCacheContexts();
|
|
Chris@18
|
100 sort($expected_cache_contexts);
|
|
Chris@18
|
101 sort($actual_cache_contexts);
|
|
Chris@18
|
102 $this->assertSame($expected_cache_contexts, $actual_cache_contexts);
|
|
Chris@18
|
103
|
|
Chris@18
|
104 $actual_cache_tags = $actual->getCacheTags();
|
|
Chris@18
|
105 sort($expected_cache_tags);
|
|
Chris@18
|
106 sort($actual_cache_tags);
|
|
Chris@18
|
107 $this->assertSame($expected_cache_tags, $actual_cache_tags);
|
|
Chris@18
|
108 }
|
|
Chris@18
|
109
|
|
Chris@18
|
110 /**
|
|
Chris@18
|
111 * Data provider for testAccess().
|
|
Chris@18
|
112 *
|
|
Chris@18
|
113 * @return array
|
|
Chris@18
|
114 * The data sets to test.
|
|
Chris@18
|
115 */
|
|
Chris@18
|
116 public function providerAccess() {
|
|
Chris@18
|
117 $test_data = [];
|
|
Chris@18
|
118
|
|
Chris@18
|
119 // Check published / unpublished media access for a user owning the media
|
|
Chris@18
|
120 // item without permissions.
|
|
Chris@18
|
121 $test_data['owner, no permissions / published / view'] = [
|
|
Chris@18
|
122 [],
|
|
Chris@18
|
123 ['status' => TRUE],
|
|
Chris@18
|
124 'view',
|
|
Chris@18
|
125 AccessResult::neutral(),
|
|
Chris@18
|
126 ['user.permissions'],
|
|
Chris@18
|
127 ['media:1'],
|
|
Chris@18
|
128 ];
|
|
Chris@18
|
129 $test_data['owner, no permissions / published / update'] = [
|
|
Chris@18
|
130 [],
|
|
Chris@18
|
131 ['status' => TRUE],
|
|
Chris@18
|
132 'update',
|
|
Chris@18
|
133 AccessResult::neutral(),
|
|
Chris@18
|
134 ['user.permissions'],
|
|
Chris@18
|
135 [],
|
|
Chris@18
|
136 ];
|
|
Chris@18
|
137 $test_data['owner, no permissions / published / delete'] = [
|
|
Chris@18
|
138 [],
|
|
Chris@18
|
139 ['status' => TRUE],
|
|
Chris@18
|
140 'delete',
|
|
Chris@18
|
141 AccessResult::neutral(),
|
|
Chris@18
|
142 ['user.permissions'],
|
|
Chris@18
|
143 [],
|
|
Chris@18
|
144 ];
|
|
Chris@18
|
145 $test_data['owner, no permissions / unpublished / view'] = [
|
|
Chris@18
|
146 [],
|
|
Chris@18
|
147 [],
|
|
Chris@18
|
148 'view',
|
|
Chris@18
|
149 AccessResult::neutral(),
|
|
Chris@18
|
150 ['user.permissions'],
|
|
Chris@18
|
151 ['media:1'],
|
|
Chris@18
|
152 ];
|
|
Chris@18
|
153 $test_data['owner, no permissions / unpublished / update'] = [
|
|
Chris@18
|
154 [],
|
|
Chris@18
|
155 [],
|
|
Chris@18
|
156 'update',
|
|
Chris@18
|
157 AccessResult::neutral(),
|
|
Chris@18
|
158 ['user.permissions'],
|
|
Chris@18
|
159 [],
|
|
Chris@18
|
160 ];
|
|
Chris@18
|
161 $test_data['owner, no permissions / unpublished / delete'] = [
|
|
Chris@18
|
162 [],
|
|
Chris@18
|
163 [],
|
|
Chris@18
|
164 'delete',
|
|
Chris@18
|
165 AccessResult::neutral(),
|
|
Chris@18
|
166 ['user.permissions'],
|
|
Chris@18
|
167 [],
|
|
Chris@18
|
168 ];
|
|
Chris@18
|
169
|
|
Chris@18
|
170 // Check published / unpublished media access for a user not owning the
|
|
Chris@18
|
171 // media item without permissions.
|
|
Chris@18
|
172 $test_data['not owner, no permissions / published / view'] = [
|
|
Chris@18
|
173 [],
|
|
Chris@18
|
174 ['uid' => 0, 'status' => TRUE],
|
|
Chris@18
|
175 'view',
|
|
Chris@18
|
176 AccessResult::neutral(),
|
|
Chris@18
|
177 ['user.permissions'],
|
|
Chris@18
|
178 ['media:1'],
|
|
Chris@18
|
179 ];
|
|
Chris@18
|
180 $test_data['not owner, no permissions / published / update'] = [
|
|
Chris@18
|
181 [],
|
|
Chris@18
|
182 ['uid' => 0, 'status' => TRUE],
|
|
Chris@18
|
183 'update',
|
|
Chris@18
|
184 AccessResult::neutral(),
|
|
Chris@18
|
185 ['user.permissions'],
|
|
Chris@18
|
186 [],
|
|
Chris@18
|
187 ];
|
|
Chris@18
|
188 $test_data['not owner, no permissions / published / delete'] = [
|
|
Chris@18
|
189 [],
|
|
Chris@18
|
190 ['uid' => 0, 'status' => TRUE],
|
|
Chris@18
|
191 'delete',
|
|
Chris@18
|
192 AccessResult::neutral(),
|
|
Chris@18
|
193 ['user.permissions'],
|
|
Chris@18
|
194 [],
|
|
Chris@18
|
195 ];
|
|
Chris@18
|
196 $test_data['not owner, no permissions / unpublished / view'] = [
|
|
Chris@18
|
197 [],
|
|
Chris@18
|
198 ['uid' => 0],
|
|
Chris@18
|
199 'view',
|
|
Chris@18
|
200 AccessResult::neutral(),
|
|
Chris@18
|
201 ['user.permissions'],
|
|
Chris@18
|
202 ['media:1'],
|
|
Chris@18
|
203 ];
|
|
Chris@18
|
204 $test_data['not owner, no permissions / unpublished / update'] = [
|
|
Chris@18
|
205 [],
|
|
Chris@18
|
206 ['uid' => 0],
|
|
Chris@18
|
207 'update',
|
|
Chris@18
|
208 AccessResult::neutral(),
|
|
Chris@18
|
209 ['user.permissions'],
|
|
Chris@18
|
210 [],
|
|
Chris@18
|
211 ];
|
|
Chris@18
|
212 $test_data['not owner, no permissions / unpublished / delete'] = [
|
|
Chris@18
|
213 [],
|
|
Chris@18
|
214 ['uid' => 0],
|
|
Chris@18
|
215 'delete',
|
|
Chris@18
|
216 AccessResult::neutral(),
|
|
Chris@18
|
217 ['user.permissions'],
|
|
Chris@18
|
218 [],
|
|
Chris@18
|
219 ];
|
|
Chris@18
|
220
|
|
Chris@18
|
221 // Check published / unpublished media access for a user owning the media
|
|
Chris@18
|
222 // item with only the 'view media' permission.
|
|
Chris@18
|
223 $test_data['owner, can view media / published / view'] = [
|
|
Chris@18
|
224 ['view media'],
|
|
Chris@18
|
225 ['status' => TRUE],
|
|
Chris@18
|
226 'view',
|
|
Chris@18
|
227 AccessResult::allowed(),
|
|
Chris@18
|
228 ['user.permissions'],
|
|
Chris@18
|
229 ['media:1'],
|
|
Chris@18
|
230 ];
|
|
Chris@18
|
231 $test_data['owner, can view media / published / update'] = [
|
|
Chris@18
|
232 ['view media'],
|
|
Chris@18
|
233 ['status' => TRUE],
|
|
Chris@18
|
234 'update',
|
|
Chris@18
|
235 AccessResult::neutral(),
|
|
Chris@18
|
236 ['user.permissions'],
|
|
Chris@18
|
237 [],
|
|
Chris@18
|
238 ];
|
|
Chris@18
|
239 $test_data['owner, can view media / published / delete'] = [
|
|
Chris@18
|
240 ['view media'],
|
|
Chris@18
|
241 ['status' => TRUE],
|
|
Chris@18
|
242 'delete',
|
|
Chris@18
|
243 AccessResult::neutral(),
|
|
Chris@18
|
244 ['user.permissions'],
|
|
Chris@18
|
245 [],
|
|
Chris@18
|
246 ];
|
|
Chris@18
|
247 $test_data['owner, can view media / unpublished / view'] = [
|
|
Chris@18
|
248 ['view media'],
|
|
Chris@18
|
249 [],
|
|
Chris@18
|
250 'view',
|
|
Chris@18
|
251 AccessResult::neutral(),
|
|
Chris@18
|
252 ['user.permissions'],
|
|
Chris@18
|
253 ['media:1'],
|
|
Chris@18
|
254 ];
|
|
Chris@18
|
255 $test_data['owner, can view media / unpublished / update'] = [
|
|
Chris@18
|
256 ['view media'],
|
|
Chris@18
|
257 [],
|
|
Chris@18
|
258 'update',
|
|
Chris@18
|
259 AccessResult::neutral(),
|
|
Chris@18
|
260 ['user.permissions'],
|
|
Chris@18
|
261 [],
|
|
Chris@18
|
262 ];
|
|
Chris@18
|
263 $test_data['owner, can view media / unpublished / delete'] = [
|
|
Chris@18
|
264 ['view media'],
|
|
Chris@18
|
265 [],
|
|
Chris@18
|
266 'delete',
|
|
Chris@18
|
267 AccessResult::neutral(),
|
|
Chris@18
|
268 ['user.permissions'],
|
|
Chris@18
|
269 [],
|
|
Chris@18
|
270 ];
|
|
Chris@18
|
271
|
|
Chris@18
|
272 // Check published / unpublished media access for a user not owning the
|
|
Chris@18
|
273 // media item with only the 'view media' permission.
|
|
Chris@18
|
274 $test_data['not owner, can view media / published / view'] = [
|
|
Chris@18
|
275 ['view media'],
|
|
Chris@18
|
276 ['uid' => 0, 'status' => TRUE],
|
|
Chris@18
|
277 'view',
|
|
Chris@18
|
278 AccessResult::allowed(),
|
|
Chris@18
|
279 ['user.permissions'],
|
|
Chris@18
|
280 ['media:1'],
|
|
Chris@18
|
281 ];
|
|
Chris@18
|
282 $test_data['not owner, can view media / published / update'] = [
|
|
Chris@18
|
283 ['view media'],
|
|
Chris@18
|
284 ['uid' => 0, 'status' => TRUE],
|
|
Chris@18
|
285 'update',
|
|
Chris@18
|
286 AccessResult::neutral(),
|
|
Chris@18
|
287 ['user.permissions'],
|
|
Chris@18
|
288 [],
|
|
Chris@18
|
289 ];
|
|
Chris@18
|
290 $test_data['not owner, can view media / published / delete'] = [
|
|
Chris@18
|
291 ['view media'],
|
|
Chris@18
|
292 ['uid' => 0, 'status' => TRUE],
|
|
Chris@18
|
293 'delete',
|
|
Chris@18
|
294 AccessResult::neutral(),
|
|
Chris@18
|
295 ['user.permissions'],
|
|
Chris@18
|
296 [],
|
|
Chris@18
|
297 ];
|
|
Chris@18
|
298 $test_data['not owner, can view media / unpublished / view'] = [
|
|
Chris@18
|
299 ['view media'],
|
|
Chris@18
|
300 ['uid' => 0],
|
|
Chris@18
|
301 'view',
|
|
Chris@18
|
302 AccessResult::neutral(),
|
|
Chris@18
|
303 ['user.permissions'],
|
|
Chris@18
|
304 ['media:1'],
|
|
Chris@18
|
305 ];
|
|
Chris@18
|
306 $test_data['not owner, can view media / unpublished / update'] = [
|
|
Chris@18
|
307 ['view media'],
|
|
Chris@18
|
308 ['uid' => 0],
|
|
Chris@18
|
309 'update',
|
|
Chris@18
|
310 AccessResult::neutral(),
|
|
Chris@18
|
311 ['user.permissions'],
|
|
Chris@18
|
312 [],
|
|
Chris@18
|
313 ];
|
|
Chris@18
|
314 $test_data['not owner, can view media / unpublished / delete'] = [
|
|
Chris@18
|
315 ['view media'],
|
|
Chris@18
|
316 ['uid' => 0],
|
|
Chris@18
|
317 'delete',
|
|
Chris@18
|
318 AccessResult::neutral(),
|
|
Chris@18
|
319 ['user.permissions'],
|
|
Chris@18
|
320 [],
|
|
Chris@18
|
321 ];
|
|
Chris@18
|
322
|
|
Chris@18
|
323 // Check published / unpublished media access for a user owning the media
|
|
Chris@18
|
324 // item with the 'view media' and 'view own unpublished' permission.
|
|
Chris@18
|
325 $test_data['owner, can view own unpublished media / published / view'] = [
|
|
Chris@18
|
326 ['view media', 'view own unpublished media'],
|
|
Chris@18
|
327 ['status' => TRUE],
|
|
Chris@18
|
328 'view',
|
|
Chris@18
|
329 AccessResult::allowed(),
|
|
Chris@18
|
330 ['user.permissions'],
|
|
Chris@18
|
331 ['media:1'],
|
|
Chris@18
|
332 ];
|
|
Chris@18
|
333 $test_data['owner, can view own unpublished media / published / update'] = [
|
|
Chris@18
|
334 ['view media', 'view own unpublished media'],
|
|
Chris@18
|
335 ['status' => TRUE],
|
|
Chris@18
|
336 'update',
|
|
Chris@18
|
337 AccessResult::neutral(),
|
|
Chris@18
|
338 ['user.permissions'],
|
|
Chris@18
|
339 [],
|
|
Chris@18
|
340 ];
|
|
Chris@18
|
341 $test_data['owner, can view own unpublished media / published / delete'] = [
|
|
Chris@18
|
342 ['view media', 'view own unpublished media'],
|
|
Chris@18
|
343 ['status' => TRUE],
|
|
Chris@18
|
344 'delete',
|
|
Chris@18
|
345 AccessResult::neutral(),
|
|
Chris@18
|
346 ['user.permissions'],
|
|
Chris@18
|
347 [],
|
|
Chris@18
|
348 ];
|
|
Chris@18
|
349 $test_data['owner, can view own unpublished media / unpublished / view'] = [
|
|
Chris@18
|
350 ['view media', 'view own unpublished media'],
|
|
Chris@18
|
351 [],
|
|
Chris@18
|
352 'view',
|
|
Chris@18
|
353 AccessResult::allowed(),
|
|
Chris@18
|
354 ['user.permissions', 'user'],
|
|
Chris@18
|
355 ['media:1'],
|
|
Chris@18
|
356 ];
|
|
Chris@18
|
357 $test_data['owner, can view own unpublished media / unpublished / update'] = [
|
|
Chris@18
|
358 ['view media', 'view own unpublished media'],
|
|
Chris@18
|
359 [],
|
|
Chris@18
|
360 'update',
|
|
Chris@18
|
361 AccessResult::neutral(),
|
|
Chris@18
|
362 ['user.permissions'],
|
|
Chris@18
|
363 [],
|
|
Chris@18
|
364 ];
|
|
Chris@18
|
365 $test_data['owner, can view own unpublished media / unpublished / delete'] = [
|
|
Chris@18
|
366 ['view media', 'view own unpublished media'],
|
|
Chris@18
|
367 [],
|
|
Chris@18
|
368 'delete',
|
|
Chris@18
|
369 AccessResult::neutral(),
|
|
Chris@18
|
370 ['user.permissions'],
|
|
Chris@18
|
371 [],
|
|
Chris@18
|
372 ];
|
|
Chris@18
|
373
|
|
Chris@18
|
374 // Check published / unpublished media access for a user not owning the
|
|
Chris@18
|
375 // media item with the 'view media' and 'view own unpublished' permission.
|
|
Chris@18
|
376 $test_data['not owner, can view own unpublished media / published / view'] = [
|
|
Chris@18
|
377 ['view media', 'view own unpublished media'],
|
|
Chris@18
|
378 ['uid' => 0, 'status' => TRUE],
|
|
Chris@18
|
379 'view',
|
|
Chris@18
|
380 AccessResult::allowed(),
|
|
Chris@18
|
381 ['user.permissions'],
|
|
Chris@18
|
382 ['media:1'],
|
|
Chris@18
|
383 ];
|
|
Chris@18
|
384 $test_data['not owner, can view own unpublished media / published / update'] = [
|
|
Chris@18
|
385 ['view media', 'view own unpublished media'],
|
|
Chris@18
|
386 ['uid' => 0, 'status' => TRUE],
|
|
Chris@18
|
387 'update',
|
|
Chris@18
|
388 AccessResult::neutral(),
|
|
Chris@18
|
389 ['user.permissions'],
|
|
Chris@18
|
390 [],
|
|
Chris@18
|
391 ];
|
|
Chris@18
|
392 $test_data['not owner, can view own unpublished media / published / delete'] = [
|
|
Chris@18
|
393 ['view media', 'view own unpublished media'],
|
|
Chris@18
|
394 ['uid' => 0, 'status' => TRUE],
|
|
Chris@18
|
395 'delete',
|
|
Chris@18
|
396 AccessResult::neutral(),
|
|
Chris@18
|
397 ['user.permissions'],
|
|
Chris@18
|
398 [],
|
|
Chris@18
|
399 ];
|
|
Chris@18
|
400 $test_data['not owner, can view own unpublished media / unpublished / view'] = [
|
|
Chris@18
|
401 ['view media', 'view own unpublished media'],
|
|
Chris@18
|
402 ['uid' => 0],
|
|
Chris@18
|
403 'view',
|
|
Chris@18
|
404 AccessResult::neutral(),
|
|
Chris@18
|
405 ['user.permissions', 'user'],
|
|
Chris@18
|
406 ['media:1'],
|
|
Chris@18
|
407 ];
|
|
Chris@18
|
408 $test_data['not owner, can view own unpublished media / unpublished / update'] = [
|
|
Chris@18
|
409 ['view media', 'view own unpublished media'],
|
|
Chris@18
|
410 ['uid' => 0],
|
|
Chris@18
|
411 'update',
|
|
Chris@18
|
412 AccessResult::neutral(),
|
|
Chris@18
|
413 ['user.permissions'],
|
|
Chris@18
|
414 [],
|
|
Chris@18
|
415 ];
|
|
Chris@18
|
416 $test_data['not owner, can view own unpublished media / unpublished / delete'] = [
|
|
Chris@18
|
417 ['view media', 'view own unpublished media'],
|
|
Chris@18
|
418 ['uid' => 0],
|
|
Chris@18
|
419 'delete',
|
|
Chris@18
|
420 AccessResult::neutral(),
|
|
Chris@18
|
421 ['user.permissions'],
|
|
Chris@18
|
422 [],
|
|
Chris@18
|
423 ];
|
|
Chris@18
|
424
|
|
Chris@18
|
425 return $test_data;
|
|
Chris@18
|
426 }
|
|
Chris@18
|
427
|
|
Chris@18
|
428 /**
|
|
Chris@18
|
429 * Data provider for testCreateAccess().
|
|
Chris@18
|
430 *
|
|
Chris@18
|
431 * @return array
|
|
Chris@18
|
432 * The data sets to test.
|
|
Chris@18
|
433 */
|
|
Chris@18
|
434 public function providerCreateAccess() {
|
|
Chris@18
|
435 $test_data = [];
|
|
Chris@18
|
436
|
|
Chris@18
|
437 // Check create access for a user without permissions.
|
|
Chris@18
|
438 $test_data['user, no permissions / create'] = [
|
|
Chris@18
|
439 [],
|
|
Chris@18
|
440 AccessResult::neutral()->setReason("The following permissions are required: 'administer media' OR 'create media'."),
|
|
Chris@18
|
441 ['user.permissions'],
|
|
Chris@18
|
442 [],
|
|
Chris@18
|
443 ];
|
|
Chris@18
|
444
|
|
Chris@18
|
445 // Check create access for a user with the 'view media' permission.
|
|
Chris@18
|
446 $test_data['user, can view media / create'] = [
|
|
Chris@18
|
447 [
|
|
Chris@18
|
448 'view media',
|
|
Chris@18
|
449 ],
|
|
Chris@18
|
450 AccessResult::neutral("The following permissions are required: 'administer media' OR 'create media'."),
|
|
Chris@18
|
451 ['user.permissions'],
|
|
Chris@18
|
452 [],
|
|
Chris@18
|
453 ];
|
|
Chris@18
|
454
|
|
Chris@18
|
455 // Check create access for a user with the 'view media' and 'view own
|
|
Chris@18
|
456 // unpublished media' permission.
|
|
Chris@18
|
457 $test_data['user, can view own unpublished media / create'] = [
|
|
Chris@18
|
458 [
|
|
Chris@18
|
459 'view media',
|
|
Chris@18
|
460 'view own unpublished media',
|
|
Chris@18
|
461 ],
|
|
Chris@18
|
462 AccessResult::neutral("The following permissions are required: 'administer media' OR 'create media'."),
|
|
Chris@18
|
463 ['user.permissions'],
|
|
Chris@18
|
464 [],
|
|
Chris@18
|
465 ];
|
|
Chris@18
|
466
|
|
Chris@18
|
467 // Check create access for a user with the 'view media', 'view own
|
|
Chris@18
|
468 // unpublished media', 'update any media' and 'delete any media' permission.
|
|
Chris@18
|
469 $test_data['user, can view own unpublished media and update or delete any media / create'] = [
|
|
Chris@18
|
470 [
|
|
Chris@18
|
471 'view media',
|
|
Chris@18
|
472 'view own unpublished media',
|
|
Chris@18
|
473 'update any media',
|
|
Chris@18
|
474 'delete any media',
|
|
Chris@18
|
475 ],
|
|
Chris@18
|
476 AccessResult::neutral("The following permissions are required: 'administer media' OR 'create media'."),
|
|
Chris@18
|
477 ['user.permissions'],
|
|
Chris@18
|
478 [],
|
|
Chris@18
|
479 ];
|
|
Chris@18
|
480
|
|
Chris@18
|
481 // Check create access for a user with the 'view media', 'view own
|
|
Chris@18
|
482 // unpublished media', 'update media' and 'delete media' permission.
|
|
Chris@18
|
483 $test_data['user, can view own unpublished media and update or delete own media / create'] = [
|
|
Chris@18
|
484 [
|
|
Chris@18
|
485 'view media',
|
|
Chris@18
|
486 'view own unpublished media',
|
|
Chris@18
|
487 'update media',
|
|
Chris@18
|
488 'delete media',
|
|
Chris@18
|
489 ],
|
|
Chris@18
|
490 AccessResult::neutral("The following permissions are required: 'administer media' OR 'create media'."),
|
|
Chris@18
|
491 ['user.permissions'],
|
|
Chris@18
|
492 [],
|
|
Chris@18
|
493 ];
|
|
Chris@18
|
494
|
|
Chris@18
|
495 // Check create access for a user with the 'view media', 'view own
|
|
Chris@18
|
496 // unpublished media', 'update any media', 'delete any media', 'update
|
|
Chris@18
|
497 // media' and 'delete media' permission.
|
|
Chris@18
|
498 $test_data['user, can view own unpublished media and update or delete all media / create'] = [
|
|
Chris@18
|
499 [
|
|
Chris@18
|
500 'view media',
|
|
Chris@18
|
501 'view own unpublished media',
|
|
Chris@18
|
502 'update any media',
|
|
Chris@18
|
503 'delete any media',
|
|
Chris@18
|
504 'update media',
|
|
Chris@18
|
505 'delete media',
|
|
Chris@18
|
506 ],
|
|
Chris@18
|
507 AccessResult::neutral("The following permissions are required: 'administer media' OR 'create media'."),
|
|
Chris@18
|
508 ['user.permissions'],
|
|
Chris@18
|
509 [],
|
|
Chris@18
|
510 ];
|
|
Chris@18
|
511
|
|
Chris@18
|
512 // Check create access for a user with all media permissions except 'create
|
|
Chris@18
|
513 // media' or 'administer media'.
|
|
Chris@18
|
514 $test_data['user, can not create or administer media / create'] = [
|
|
Chris@18
|
515 [
|
|
Chris@18
|
516 'access media overview',
|
|
Chris@18
|
517 'view media',
|
|
Chris@18
|
518 'view own unpublished media',
|
|
Chris@18
|
519 'update any media',
|
|
Chris@18
|
520 'delete any media',
|
|
Chris@18
|
521 'update media',
|
|
Chris@18
|
522 'delete media',
|
|
Chris@18
|
523 ],
|
|
Chris@18
|
524 AccessResult::neutral("The following permissions are required: 'administer media' OR 'create media'."),
|
|
Chris@18
|
525 ['user.permissions'],
|
|
Chris@18
|
526 [],
|
|
Chris@18
|
527 ];
|
|
Chris@18
|
528
|
|
Chris@18
|
529 // Check create access for a user with the 'create media' permission.
|
|
Chris@18
|
530 $test_data['user, can create media / create'] = [
|
|
Chris@18
|
531 [
|
|
Chris@18
|
532 'create media',
|
|
Chris@18
|
533 ],
|
|
Chris@18
|
534 AccessResult::allowed(),
|
|
Chris@18
|
535 ['user.permissions'],
|
|
Chris@18
|
536 [],
|
|
Chris@18
|
537 ];
|
|
Chris@18
|
538
|
|
Chris@18
|
539 // Check create access for a user with the 'administer media' permission.
|
|
Chris@18
|
540 $test_data['user, can administer media / create'] = [
|
|
Chris@18
|
541 [
|
|
Chris@18
|
542 'administer media',
|
|
Chris@18
|
543 ],
|
|
Chris@18
|
544 AccessResult::allowed(),
|
|
Chris@18
|
545 ['user.permissions'],
|
|
Chris@18
|
546 [],
|
|
Chris@18
|
547 ];
|
|
Chris@18
|
548
|
|
Chris@18
|
549 return $test_data;
|
|
Chris@18
|
550 }
|
|
Chris@18
|
551
|
|
Chris@18
|
552 }
|
