annotate core/modules/taxonomy/tests/src/Functional/TermAccessTest.php @ 19:fa3358dc1485 tip

Add ndrum files
author Chris Cannam
date Wed, 28 Aug 2019 13:14:47 +0100
parents 129ea1e6d783
children
rev   line source
Chris@17 1 <?php
Chris@17 2
Chris@17 3 namespace Drupal\Tests\taxonomy\Functional;
Chris@17 4
Chris@17 5 use Drupal\taxonomy\Entity\Term;
Chris@17 6 use Drupal\taxonomy\TermInterface;
Chris@17 7 use Drupal\Tests\system\Functional\Cache\AssertPageCacheContextsAndTagsTrait;
Chris@17 8
Chris@17 9 /**
Chris@17 10 * Tests the taxonomy term access permissions.
Chris@17 11 *
Chris@17 12 * @group taxonomy
Chris@17 13 */
Chris@17 14 class TermAccessTest extends TaxonomyTestBase {
Chris@17 15
Chris@17 16 use AssertPageCacheContextsAndTagsTrait;
Chris@17 17
Chris@17 18 /**
Chris@17 19 * Test access control functionality for taxonomy terms.
Chris@17 20 */
Chris@17 21 public function testTermAccess() {
Chris@17 22 $assert_session = $this->assertSession();
Chris@17 23
Chris@17 24 $vocabulary = $this->createVocabulary();
Chris@17 25
Chris@17 26 // Create two terms.
Chris@17 27 $published_term = Term::create([
Chris@17 28 'vid' => $vocabulary->id(),
Chris@17 29 'name' => 'Published term',
Chris@17 30 'status' => 1,
Chris@17 31 ]);
Chris@17 32 $published_term->save();
Chris@17 33 $unpublished_term = Term::create([
Chris@17 34 'vid' => $vocabulary->id(),
Chris@17 35 'name' => 'Unpublished term',
Chris@17 36 'status' => 0,
Chris@17 37 ]);
Chris@17 38 $unpublished_term->save();
Chris@17 39
Chris@17 40 // Start off logged in as admin.
Chris@17 41 $this->drupalLogin($this->drupalCreateUser(['administer taxonomy']));
Chris@17 42
Chris@17 43 // Test the 'administer taxonomy' permission.
Chris@17 44 $this->drupalGet('taxonomy/term/' . $published_term->id());
Chris@17 45 $assert_session->statusCodeEquals(200);
Chris@17 46 $this->assertTermAccess($published_term, 'view', TRUE);
Chris@17 47 $this->drupalGet('taxonomy/term/' . $unpublished_term->id());
Chris@17 48 $assert_session->statusCodeEquals(200);
Chris@17 49 $this->assertTermAccess($unpublished_term, 'view', TRUE);
Chris@17 50
Chris@17 51 $this->drupalGet('taxonomy/term/' . $published_term->id() . '/edit');
Chris@17 52 $assert_session->statusCodeEquals(200);
Chris@17 53 $this->assertTermAccess($published_term, 'update', TRUE);
Chris@17 54 $this->drupalGet('taxonomy/term/' . $unpublished_term->id() . '/edit');
Chris@17 55 $assert_session->statusCodeEquals(200);
Chris@17 56 $this->assertTermAccess($unpublished_term, 'update', TRUE);
Chris@17 57
Chris@17 58 $this->drupalGet('taxonomy/term/' . $published_term->id() . '/delete');
Chris@17 59 $assert_session->statusCodeEquals(200);
Chris@17 60 $this->assertTermAccess($published_term, 'delete', TRUE);
Chris@17 61 $this->drupalGet('taxonomy/term/' . $unpublished_term->id() . '/delete');
Chris@17 62 $assert_session->statusCodeEquals(200);
Chris@17 63 $this->assertTermAccess($unpublished_term, 'delete', TRUE);
Chris@17 64
Chris@17 65 // Test the 'access content' permission.
Chris@17 66 $this->drupalLogin($this->drupalCreateUser(['access content']));
Chris@17 67
Chris@17 68 $this->drupalGet('taxonomy/term/' . $published_term->id());
Chris@17 69 $assert_session->statusCodeEquals(200);
Chris@17 70 $this->assertTermAccess($published_term, 'view', TRUE);
Chris@17 71
Chris@17 72 $this->drupalGet('taxonomy/term/' . $unpublished_term->id());
Chris@17 73 $assert_session->statusCodeEquals(403);
Chris@17 74 $this->assertTermAccess($unpublished_term, 'view', FALSE, "The 'access content' permission is required and the taxonomy term must be published.");
Chris@17 75
Chris@17 76 $this->drupalGet('taxonomy/term/' . $published_term->id() . '/edit');
Chris@17 77 $assert_session->statusCodeEquals(403);
Chris@17 78 $this->assertTermAccess($published_term, 'update', FALSE, "The following permissions are required: 'edit terms in {$vocabulary->id()}' OR 'administer taxonomy'.");
Chris@17 79 $this->drupalGet('taxonomy/term/' . $unpublished_term->id() . '/edit');
Chris@17 80 $assert_session->statusCodeEquals(403);
Chris@17 81 $this->assertTermAccess($unpublished_term, 'update', FALSE, "The following permissions are required: 'edit terms in {$vocabulary->id()}' OR 'administer taxonomy'.");
Chris@17 82
Chris@17 83 $this->drupalGet('taxonomy/term/' . $published_term->id() . '/delete');
Chris@17 84 $assert_session->statusCodeEquals(403);
Chris@17 85 $this->assertTermAccess($published_term, 'delete', FALSE, "The following permissions are required: 'delete terms in {$vocabulary->id()}' OR 'administer taxonomy'.");
Chris@17 86 $this->drupalGet('taxonomy/term/' . $unpublished_term->id() . '/delete');
Chris@17 87 $assert_session->statusCodeEquals(403);
Chris@17 88 $this->assertTermAccess($unpublished_term, 'delete', FALSE, "The following permissions are required: 'delete terms in {$vocabulary->id()}' OR 'administer taxonomy'.");
Chris@17 89
Chris@17 90 // Install the Views module and repeat the checks for the 'view' permission.
Chris@17 91 \Drupal::service('module_installer')->install(['views'], TRUE);
Chris@17 92 $this->rebuildContainer();
Chris@17 93
Chris@17 94 $this->drupalGet('taxonomy/term/' . $published_term->id());
Chris@17 95 $assert_session->statusCodeEquals(200);
Chris@17 96
Chris@17 97 // @todo Change this assertion to expect a 403 status code when
Chris@17 98 // https://www.drupal.org/project/drupal/issues/2983070 is fixed.
Chris@17 99 $this->drupalGet('taxonomy/term/' . $unpublished_term->id());
Chris@17 100 $assert_session->statusCodeEquals(404);
Chris@17 101 }
Chris@17 102
Chris@17 103 /**
Chris@17 104 * Checks access on taxonomy term.
Chris@17 105 *
Chris@17 106 * @param \Drupal\taxonomy\TermInterface $term
Chris@17 107 * A taxonomy term entity.
Chris@17 108 * @param $access_operation
Chris@17 109 * The entity operation, e.g. 'view', 'edit', 'delete', etc.
Chris@17 110 * @param bool $access_allowed
Chris@17 111 * Whether the current use has access to the given operation or not.
Chris@17 112 * @param string $access_reason
Chris@17 113 * (optional) The reason of the access result.
Chris@17 114 */
Chris@17 115 protected function assertTermAccess(TermInterface $term, $access_operation, $access_allowed, $access_reason = '') {
Chris@17 116 $access_result = $term->access($access_operation, NULL, TRUE);
Chris@17 117 $this->assertSame($access_allowed, $access_result->isAllowed());
Chris@17 118
Chris@17 119 if ($access_reason) {
Chris@17 120 $this->assertSame($access_reason, $access_result->getReason());
Chris@17 121 }
Chris@17 122 }
Chris@17 123
Chris@17 124 }