annotate core/modules/node/tests/src/Functional/NodeAccessBaseTableTest.php @ 19:fa3358dc1485 tip

Add ndrum files
author Chris Cannam
date Wed, 28 Aug 2019 13:14:47 +0100
parents af1871eacc83
children
rev   line source
Chris@0 1 <?php
Chris@0 2
Chris@0 3 namespace Drupal\Tests\node\Functional;
Chris@0 4
Chris@0 5 use Drupal\node\Entity\NodeType;
Chris@0 6
Chris@0 7 /**
Chris@0 8 * Tests behavior of the node access subsystem if the base table is not node.
Chris@0 9 *
Chris@0 10 * @group node
Chris@0 11 */
Chris@0 12 class NodeAccessBaseTableTest extends NodeTestBase {
Chris@0 13
Chris@0 14 /**
Chris@0 15 * Modules to enable.
Chris@0 16 *
Chris@0 17 * @var array
Chris@0 18 */
Chris@0 19 public static $modules = ['node_access_test', 'views'];
Chris@0 20
Chris@0 21 /**
Chris@0 22 * The installation profile to use with this test.
Chris@0 23 *
Chris@0 24 * This test class requires the "tags" taxonomy field.
Chris@0 25 *
Chris@0 26 * @var string
Chris@0 27 */
Chris@0 28 protected $profile = 'standard';
Chris@0 29
Chris@0 30 /**
Chris@0 31 * Nodes by user.
Chris@0 32 *
Chris@0 33 * @var array
Chris@0 34 */
Chris@0 35 protected $nodesByUser;
Chris@0 36
Chris@0 37 /**
Chris@0 38 * A public tid.
Chris@0 39 *
Chris@0 40 * @var \Drupal\Core\Database\StatementInterface
Chris@0 41 */
Chris@0 42 protected $publicTid;
Chris@0 43
Chris@0 44 /**
Chris@0 45 * A private tid.
Chris@0 46 *
Chris@0 47 * @var \Drupal\Core\Database\StatementInterface
Chris@0 48 */
Chris@0 49 protected $privateTid;
Chris@0 50
Chris@0 51 /**
Chris@0 52 * A web user.
Chris@0 53 */
Chris@0 54 protected $webUser;
Chris@0 55
Chris@0 56 /**
Chris@0 57 * The nids visible.
Chris@0 58 *
Chris@0 59 * @var array
Chris@0 60 */
Chris@0 61 protected $nidsVisible;
Chris@0 62
Chris@0 63 protected function setUp() {
Chris@0 64 parent::setUp();
Chris@0 65
Chris@0 66 node_access_test_add_field(NodeType::load('article'));
Chris@0 67
Chris@0 68 node_access_rebuild();
Chris@0 69 \Drupal::state()->set('node_access_test.private', TRUE);
Chris@0 70 }
Chris@0 71
Chris@0 72 /**
Chris@0 73 * Tests the "private" node access functionality.
Chris@0 74 *
Chris@0 75 * - Create 2 users with "access content" and "create article" permissions.
Chris@0 76 * - Each user creates one private and one not private article.
Chris@0 77 *
Chris@0 78 * - Test that each user can view the other user's non-private article.
Chris@0 79 * - Test that each user cannot view the other user's private article.
Chris@0 80 * - Test that each user finds only appropriate (non-private + own private)
Chris@0 81 * in taxonomy listing.
Chris@0 82 * - Create another user with 'view any private content'.
Chris@0 83 * - Test that user 4 can view all content created above.
Chris@0 84 * - Test that user 4 can view all content on taxonomy listing.
Chris@0 85 */
Chris@0 86 public function testNodeAccessBasic() {
Chris@0 87 $num_simple_users = 2;
Chris@0 88 $simple_users = [];
Chris@0 89
Chris@0 90 // Nodes keyed by uid and nid: $nodes[$uid][$nid] = $is_private;
Chris@0 91 $this->nodesByUser = [];
Chris@0 92 // Titles keyed by nid.
Chris@0 93 $titles = [];
Chris@0 94 // Array of nids marked private.
Chris@0 95 $private_nodes = [];
Chris@0 96 for ($i = 0; $i < $num_simple_users; $i++) {
Chris@0 97 $simple_users[$i] = $this->drupalCreateUser(['access content', 'create article content']);
Chris@0 98 }
Chris@0 99 foreach ($simple_users as $this->webUser) {
Chris@0 100 $this->drupalLogin($this->webUser);
Chris@0 101 foreach ([0 => 'Public', 1 => 'Private'] as $is_private => $type) {
Chris@0 102 $edit = [
Chris@18 103 'title[0][value]' => t('@private_public Article created by @user', ['@private_public' => $type, '@user' => $this->webUser->getAccountName()]),
Chris@0 104 ];
Chris@0 105 if ($is_private) {
Chris@0 106 $edit['private[0][value]'] = TRUE;
Chris@0 107 $edit['body[0][value]'] = 'private node';
Chris@0 108 $edit['field_tags[target_id]'] = 'private';
Chris@0 109 }
Chris@0 110 else {
Chris@0 111 $edit['body[0][value]'] = 'public node';
Chris@0 112 $edit['field_tags[target_id]'] = 'public';
Chris@0 113 }
Chris@0 114
Chris@0 115 $this->drupalPostForm('node/add/article', $edit, t('Save'));
Chris@0 116 $node = $this->drupalGetNodeByTitle($edit['title[0][value]']);
Chris@0 117 $this->assertEqual($is_private, (int) $node->private->value, 'The private status of the node was properly set in the node_access_test table.');
Chris@0 118 if ($is_private) {
Chris@0 119 $private_nodes[] = $node->id();
Chris@0 120 }
Chris@0 121 $titles[$node->id()] = $edit['title[0][value]'];
Chris@0 122 $this->nodesByUser[$this->webUser->id()][$node->id()] = $is_private;
Chris@0 123 }
Chris@0 124 }
Chris@0 125 $this->publicTid = db_query('SELECT tid FROM {taxonomy_term_field_data} WHERE name = :name AND default_langcode = 1', [':name' => 'public'])->fetchField();
Chris@0 126 $this->privateTid = db_query('SELECT tid FROM {taxonomy_term_field_data} WHERE name = :name AND default_langcode = 1', [':name' => 'private'])->fetchField();
Chris@0 127 $this->assertTrue($this->publicTid, 'Public tid was found');
Chris@0 128 $this->assertTrue($this->privateTid, 'Private tid was found');
Chris@0 129 foreach ($simple_users as $this->webUser) {
Chris@0 130 $this->drupalLogin($this->webUser);
Chris@0 131 // Check own nodes to see that all are readable.
Chris@0 132 foreach ($this->nodesByUser as $uid => $data) {
Chris@0 133 foreach ($data as $nid => $is_private) {
Chris@0 134 $this->drupalGet('node/' . $nid);
Chris@0 135 if ($is_private) {
Chris@0 136 $should_be_visible = $uid == $this->webUser->id();
Chris@0 137 }
Chris@0 138 else {
Chris@0 139 $should_be_visible = TRUE;
Chris@0 140 }
Chris@0 141 $this->assertResponse($should_be_visible ? 200 : 403, strtr('A %private node by user %uid is %visible for user %current_uid.', [
Chris@0 142 '%private' => $is_private ? 'private' : 'public',
Chris@0 143 '%uid' => $uid,
Chris@0 144 '%visible' => $should_be_visible ? 'visible' : 'not visible',
Chris@0 145 '%current_uid' => $this->webUser->id(),
Chris@0 146 ]));
Chris@0 147 }
Chris@0 148 }
Chris@0 149
Chris@0 150 // Check to see that the correct nodes are shown on taxonomy/private
Chris@0 151 // and taxonomy/public.
Chris@0 152 $this->assertTaxonomyPage(FALSE);
Chris@0 153 }
Chris@0 154
Chris@0 155 // Now test that a user with 'node test view' permissions can view content.
Chris@0 156 $access_user = $this->drupalCreateUser(['access content', 'create article content', 'node test view', 'search content']);
Chris@0 157 $this->drupalLogin($access_user);
Chris@0 158
Chris@0 159 foreach ($this->nodesByUser as $private_status) {
Chris@0 160 foreach ($private_status as $nid => $is_private) {
Chris@0 161 $this->drupalGet('node/' . $nid);
Chris@0 162 $this->assertResponse(200);
Chris@0 163 }
Chris@0 164 }
Chris@0 165
Chris@0 166 // This user should be able to see all of the nodes on the relevant
Chris@0 167 // taxonomy pages.
Chris@0 168 $this->assertTaxonomyPage(TRUE);
Chris@0 169
Chris@0 170 // Rebuild the node access permissions, repeat the test. This is done to
Chris@0 171 // ensure that node access is rebuilt correctly even if the current user
Chris@0 172 // does not have the bypass node access permission.
Chris@0 173 node_access_rebuild();
Chris@0 174
Chris@0 175 foreach ($this->nodesByUser as $private_status) {
Chris@0 176 foreach ($private_status as $nid => $is_private) {
Chris@0 177 $this->drupalGet('node/' . $nid);
Chris@0 178 $this->assertResponse(200);
Chris@0 179 }
Chris@0 180 }
Chris@0 181
Chris@0 182 // This user should be able to see all of the nodes on the relevant
Chris@0 183 // taxonomy pages.
Chris@0 184 $this->assertTaxonomyPage(TRUE);
Chris@0 185 }
Chris@0 186
Chris@0 187 /**
Chris@0 188 * Checks taxonomy/term listings to ensure only accessible nodes are listed.
Chris@0 189 *
Chris@0 190 * @param $is_admin
Chris@0 191 * A boolean indicating whether the current user is an administrator. If
Chris@0 192 * TRUE, all nodes should be listed. If FALSE, only public nodes and the
Chris@0 193 * user's own private nodes should be listed.
Chris@0 194 */
Chris@0 195 protected function assertTaxonomyPage($is_admin) {
Chris@0 196 foreach ([$this->publicTid, $this->privateTid] as $tid_is_private => $tid) {
Chris@0 197 $this->drupalGet("taxonomy/term/$tid");
Chris@0 198 $this->nidsVisible = [];
Chris@0 199 foreach ($this->xpath("//a[text()='Read more']") as $link) {
Chris@0 200 // See also testTranslationRendering() in NodeTranslationUITest.
Chris@0 201 $this->assertTrue(preg_match('|node/(\d+)$|', $link->getAttribute('href'), $matches), 'Read more points to a node');
Chris@0 202 $this->nidsVisible[$matches[1]] = TRUE;
Chris@0 203 }
Chris@0 204 foreach ($this->nodesByUser as $uid => $data) {
Chris@0 205 foreach ($data as $nid => $is_private) {
Chris@0 206 // Private nodes should be visible on the private term page,
Chris@0 207 // public nodes should be visible on the public term page.
Chris@0 208 $should_be_visible = $tid_is_private == $is_private;
Chris@0 209 // Non-administrators can only see their own nodes on the private
Chris@0 210 // term page.
Chris@0 211 if (!$is_admin && $tid_is_private) {
Chris@0 212 $should_be_visible = $should_be_visible && $uid == $this->webUser->id();
Chris@0 213 }
Chris@0 214 $this->assertIdentical(isset($this->nidsVisible[$nid]), $should_be_visible, strtr('A %private node by user %uid is %visible for user %current_uid on the %tid_is_private page.', [
Chris@0 215 '%private' => $is_private ? 'private' : 'public',
Chris@0 216 '%uid' => $uid,
Chris@0 217 '%visible' => isset($this->nidsVisible[$nid]) ? 'visible' : 'not visible',
Chris@0 218 '%current_uid' => $this->webUser->id(),
Chris@0 219 '%tid_is_private' => $tid_is_private ? 'private' : 'public',
Chris@0 220 ]));
Chris@0 221 }
Chris@0 222 }
Chris@0 223 }
Chris@0 224 }
Chris@0 225
Chris@0 226 }