Mercurial > hg > isophonics-drupal-site

comparison core/modules/node/tests/src/Functional/NodeAccessRebuildNodeGrantsTest.php @ 0:4c8ae668cc8c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Initial import (non-working)
author Chris Cannam
date Wed, 29 Nov 2017 16:09:58 +0000
parents
children 129ea1e6d783
comparison
equal deleted inserted replaced
-1:000000000000 0:4c8ae668cc8c
1 <?php
2
3 namespace Drupal\Tests\node\Functional;
4
5 use Drupal\node\Entity\NodeType;
6
7 /**
8 * Ensures that node access rebuild functions work correctly even
9 * when other modules implements hook_node_grants().
10 *
11 * @group node
12 */
13 class NodeAccessRebuildNodeGrantsTest extends NodeTestBase {
14
15 /**
16 * A user to create nodes that only it has access to.
17 *
18 * @var \Drupal\user\UserInterface
19 */
20 protected $webUser;
21
22 /**
23 * A user to test the rebuild nodes feature which can't access the nodes.
24 *
25 * @var \Drupal\user\UserInterface
26 */
27 protected $adminUser;
28
29 /**
30 * {@inheritdoc}
31 */
32 protected function setUp() {
33 parent::setUp();
34
35 $this->adminUser = $this->drupalCreateUser(['administer site configuration', 'access administration pages', 'access site reports']);
36 $this->drupalLogin($this->adminUser);
37
38 $this->webUser = $this->drupalCreateUser();
39 }
40
41 /**
42 * Tests rebuilding the node access permissions table with content.
43 */
44 public function testNodeAccessRebuildNodeGrants() {
45 \Drupal::service('module_installer')->install(['node_access_test']);
46 \Drupal::state()->set('node_access_test.private', TRUE);
47 node_access_test_add_field(NodeType::load('page'));
48 $this->resetAll();
49
50 // Create 30 nodes so that _node_access_rebuild_batch_operation() has to run
51 // more than once.
52 for ($i = 0; $i < 30; $i++) {
53 $nodes[] = $this->drupalCreateNode([
54 'uid' => $this->webUser->id(),
55 'private' => [['value' => 1]]
56 ]);
57 }
58
59 /** @var \Drupal\node\NodeGrantDatabaseStorageInterface $grant_storage */
60 $grant_storage = \Drupal::service('node.grant_storage');
61 // Default realm access and node records are present.
62 foreach ($nodes as $node) {
63 $this->assertTrue($node->private->value);
64 $this->assertTrue($grant_storage->access($node, 'view', $this->webUser)->isAllowed(), 'Prior to rebuilding node access the grant storage returns allowed for the node author.');
65 $this->assertTrue($grant_storage->access($node, 'view', $this->adminUser)->isAllowed(), 'Prior to rebuilding node access the grant storage returns allowed for the admin user.');
66 }
67
68 $this->assertEqual(1, \Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is an all realm access record');
69 $this->assertTrue(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions need to be rebuilt');
70
71 // Rebuild permissions.
72 $this->drupalGet('admin/reports/status');
73 $this->clickLink(t('Rebuild permissions'));
74 $this->drupalPostForm(NULL, [], t('Rebuild permissions'));
75 $this->assertText(t('The content access permissions have been rebuilt.'));
76
77 // Test if the rebuild by user that cannot bypass node access and does not
78 // have access to the nodes has been successful.
79 $this->assertFalse($this->adminUser->hasPermission('bypass node access'));
80 $this->assertNull(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions have been rebuilt');
81 foreach ($nodes as $node) {
82 $this->assertTrue($grant_storage->access($node, 'view', $this->webUser)->isAllowed(), 'After rebuilding node access the grant storage returns allowed for the node author.');
83 $this->assertFalse($grant_storage->access($node, 'view', $this->adminUser)->isForbidden(), 'After rebuilding node access the grant storage returns forbidden for the admin user.');
84 }
85 $this->assertFalse(\Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is no all realm access record');
86
87 // Test an anonymous node access rebuild from code.
88 $this->drupalLogout();
89 node_access_rebuild();
90 foreach ($nodes as $node) {
91 $this->assertTrue($grant_storage->access($node, 'view', $this->webUser)->isAllowed(), 'After rebuilding node access the grant storage returns allowed for the node author.');
92 $this->assertFalse($grant_storage->access($node, 'view', $this->adminUser)->isForbidden(), 'After rebuilding node access the grant storage returns forbidden for the admin user.');
93 }
94 $this->assertFalse(\Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is no all realm access record');
95 }
96
97 /**
98 * Tests rebuilding the node access permissions table with no content.
99 */
100 public function testNodeAccessRebuildNoAccessModules() {
101 // Default realm access is present.
102 $this->assertEqual(1, \Drupal::service('node.grant_storage')->count(), 'There is an all realm access record');
103
104 // No need to rebuild permissions.
105 $this->assertFalse(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions need to be rebuilt');
106
107 // Rebuild permissions.
108 $this->drupalGet('admin/reports/status');
109 $this->clickLink(t('Rebuild permissions'));
110 $this->drupalPostForm(NULL, [], t('Rebuild permissions'));
111 $this->assertText(t('Content permissions have been rebuilt.'));
112 $this->assertNull(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions have been rebuilt');
113
114 // Default realm access is still present.
115 $this->assertEqual(1, \Drupal::service('node.grant_storage')->count(), 'There is an all realm access record');
116 }
117
118 }