Chris@0
|
1 <?php
|
Chris@0
|
2
|
Chris@0
|
3 namespace Drupal\Tests\system\Kernel;
|
Chris@0
|
4
|
Chris@0
|
5 use Drupal\Core\Access\AccessResult;
|
Chris@0
|
6 use Drupal\Core\Cache\Context\CacheContextsManager;
|
Chris@0
|
7 use Drupal\Core\DependencyInjection\ContainerBuilder;
|
Chris@0
|
8 use Drupal\KernelTests\KernelTestBase;
|
Chris@0
|
9 use Drupal\system\Entity\Menu;
|
Chris@18
|
10 use Drupal\Tests\user\Traits\UserCreationTrait;
|
Chris@0
|
11
|
Chris@0
|
12 /**
|
Chris@0
|
13 * @coversDefaultClass \Drupal\system\MenuAccessControlHandler
|
Chris@0
|
14 * @group system
|
Chris@0
|
15 */
|
Chris@0
|
16 class MenuAccessControlHandlerTest extends KernelTestBase {
|
Chris@0
|
17
|
Chris@0
|
18 use UserCreationTrait {
|
Chris@0
|
19 createUser as drupalCreateUser;
|
Chris@0
|
20 }
|
Chris@0
|
21
|
Chris@0
|
22 /**
|
Chris@0
|
23 * Modules to enable.
|
Chris@0
|
24 *
|
Chris@0
|
25 * @var array
|
Chris@0
|
26 */
|
Chris@0
|
27 public static $modules = [
|
Chris@0
|
28 'system',
|
Chris@0
|
29 'user',
|
Chris@0
|
30 ];
|
Chris@0
|
31
|
Chris@0
|
32 /**
|
Chris@0
|
33 * The menu access control handler.
|
Chris@0
|
34 *
|
Chris@0
|
35 * @var \Drupal\Core\Entity\EntityAccessControlHandlerInterface
|
Chris@0
|
36 */
|
Chris@0
|
37 protected $accessControlHandler;
|
Chris@0
|
38
|
Chris@0
|
39 /**
|
Chris@0
|
40 * {@inheritdoc}
|
Chris@0
|
41 */
|
Chris@0
|
42 protected function setUp() {
|
Chris@0
|
43 parent::setUp();
|
Chris@0
|
44 $this->installEntitySchema('menu');
|
Chris@0
|
45 $this->installEntitySchema('user');
|
Chris@0
|
46 $this->installSchema('system', 'sequences');
|
Chris@0
|
47 $this->accessControlHandler = $this->container->get('entity_type.manager')->getAccessControlHandler('menu');
|
Chris@0
|
48 }
|
Chris@0
|
49
|
Chris@0
|
50 /**
|
Chris@0
|
51 * @covers ::checkAccess
|
Chris@0
|
52 * @covers ::checkCreateAccess
|
Chris@0
|
53 * @dataProvider testAccessProvider
|
Chris@0
|
54 */
|
Chris@0
|
55 public function testAccess($which_user, $which_entity, $view_label_access_result, $view_access_result, $update_access_result, $delete_access_result, $create_access_result) {
|
Chris@0
|
56 // We must always create user 1, so that a "normal" user has a ID >1.
|
Chris@0
|
57 $root_user = $this->drupalCreateUser();
|
Chris@0
|
58
|
Chris@0
|
59 if ($which_user === 'user1') {
|
Chris@0
|
60 $user = $root_user;
|
Chris@0
|
61 }
|
Chris@0
|
62 else {
|
Chris@0
|
63 $permissions = ($which_user === 'admin')
|
Chris@0
|
64 ? ['administer menu']
|
Chris@0
|
65 : [];
|
Chris@0
|
66 $user = $this->drupalCreateUser($permissions);
|
Chris@0
|
67 }
|
Chris@0
|
68
|
Chris@0
|
69 $entity_values = ($which_entity === 'unlocked')
|
Chris@0
|
70 ? ['locked' => FALSE]
|
Chris@0
|
71 : ['locked' => TRUE];
|
Chris@0
|
72 $entity_values['id'] = 'llama';
|
Chris@0
|
73 $entity = Menu::create($entity_values);
|
Chris@0
|
74 $entity->save();
|
Chris@0
|
75
|
Chris@0
|
76 static::assertEquals($view_label_access_result, $this->accessControlHandler->access($entity, 'view label', $user, TRUE));
|
Chris@0
|
77 static::assertEquals($view_access_result, $this->accessControlHandler->access($entity, 'view', $user, TRUE));
|
Chris@0
|
78 static::assertEquals($update_access_result, $this->accessControlHandler->access($entity, 'update', $user, TRUE));
|
Chris@0
|
79 static::assertEquals($delete_access_result, $this->accessControlHandler->access($entity, 'delete', $user, TRUE));
|
Chris@0
|
80 static::assertEquals($create_access_result, $this->accessControlHandler->createAccess(NULL, $user, [], TRUE));
|
Chris@0
|
81 }
|
Chris@0
|
82
|
Chris@0
|
83 public function testAccessProvider() {
|
Chris@0
|
84 $c = new ContainerBuilder();
|
Chris@0
|
85 $cache_contexts_manager = $this->prophesize(CacheContextsManager::class);
|
Chris@0
|
86 $cache_contexts_manager->assertValidTokens()->willReturn(TRUE);
|
Chris@0
|
87 $cache_contexts_manager->reveal();
|
Chris@0
|
88 $c->set('cache_contexts_manager', $cache_contexts_manager);
|
Chris@0
|
89 \Drupal::setContainer($c);
|
Chris@0
|
90
|
Chris@0
|
91 return [
|
Chris@0
|
92 'permissionless + unlocked' => [
|
Chris@0
|
93 'permissionless',
|
Chris@0
|
94 'unlocked',
|
Chris@0
|
95 AccessResult::allowed(),
|
Chris@0
|
96 AccessResult::neutral()->addCacheContexts(['user.permissions'])->setReason("The 'administer menu' permission is required."),
|
Chris@0
|
97 AccessResult::neutral()->addCacheContexts(['user.permissions'])->setReason("The 'administer menu' permission is required."),
|
Chris@0
|
98 AccessResult::neutral()->addCacheContexts(['user.permissions'])->setReason("The 'administer menu' permission is required.")->addCacheTags(['config:system.menu.llama']),
|
Chris@0
|
99 AccessResult::neutral()->addCacheContexts(['user.permissions'])->setReason("The 'administer menu' permission is required."),
|
Chris@0
|
100 ],
|
Chris@0
|
101 'permissionless + locked' => [
|
Chris@0
|
102 'permissionless',
|
Chris@0
|
103 'locked',
|
Chris@0
|
104 AccessResult::allowed(),
|
Chris@0
|
105 AccessResult::neutral()->addCacheContexts(['user.permissions'])->setReason("The 'administer menu' permission is required."),
|
Chris@0
|
106 AccessResult::neutral()->addCacheContexts(['user.permissions'])->setReason("The 'administer menu' permission is required."),
|
Chris@0
|
107 AccessResult::forbidden()->addCacheTags(['config:system.menu.llama'])->setReason("The Menu config entity is locked."),
|
Chris@0
|
108 AccessResult::neutral()->addCacheContexts(['user.permissions'])->setReason("The 'administer menu' permission is required."),
|
Chris@0
|
109 ],
|
Chris@0
|
110 'admin + unlocked' => [
|
Chris@0
|
111 'admin',
|
Chris@0
|
112 'unlocked',
|
Chris@0
|
113 AccessResult::allowed(),
|
Chris@0
|
114 AccessResult::allowed()->addCacheContexts(['user.permissions']),
|
Chris@0
|
115 AccessResult::allowed()->addCacheContexts(['user.permissions']),
|
Chris@0
|
116 AccessResult::allowed()->addCacheContexts(['user.permissions'])->addCacheTags(['config:system.menu.llama']),
|
Chris@0
|
117 AccessResult::allowed()->addCacheContexts(['user.permissions']),
|
Chris@0
|
118 ],
|
Chris@0
|
119 'admin + locked' => [
|
Chris@0
|
120 'admin',
|
Chris@0
|
121 'locked',
|
Chris@0
|
122 AccessResult::allowed(),
|
Chris@0
|
123 AccessResult::allowed()->addCacheContexts(['user.permissions']),
|
Chris@0
|
124 AccessResult::allowed()->addCacheContexts(['user.permissions']),
|
Chris@0
|
125 AccessResult::forbidden()->addCacheTags(['config:system.menu.llama'])->setReason("The Menu config entity is locked."),
|
Chris@0
|
126 AccessResult::allowed()->addCacheContexts(['user.permissions']),
|
Chris@0
|
127 ],
|
Chris@0
|
128 'user1 + unlocked' => [
|
Chris@0
|
129 'user1',
|
Chris@0
|
130 'unlocked',
|
Chris@0
|
131 AccessResult::allowed(),
|
Chris@0
|
132 AccessResult::allowed()->addCacheContexts(['user.permissions']),
|
Chris@0
|
133 AccessResult::allowed()->addCacheContexts(['user.permissions']),
|
Chris@0
|
134 AccessResult::allowed()->addCacheContexts(['user.permissions'])->addCacheTags(['config:system.menu.llama']),
|
Chris@0
|
135 AccessResult::allowed()->addCacheContexts(['user.permissions']),
|
Chris@0
|
136 ],
|
Chris@0
|
137 'user1 + locked' => [
|
Chris@0
|
138 'user1',
|
Chris@0
|
139 'locked',
|
Chris@0
|
140 AccessResult::allowed(),
|
Chris@0
|
141 AccessResult::allowed()->addCacheContexts(['user.permissions']),
|
Chris@0
|
142 AccessResult::allowed()->addCacheContexts(['user.permissions']),
|
Chris@0
|
143 AccessResult::forbidden()->addCacheTags(['config:system.menu.llama'])->setReason("The Menu config entity is locked."),
|
Chris@0
|
144 AccessResult::allowed()->addCacheContexts(['user.permissions']),
|
Chris@0
|
145 ],
|
Chris@0
|
146 ];
|
Chris@0
|
147 }
|
Chris@0
|
148
|
Chris@0
|
149 }
|