Mercurial > hg > isophonics-drupal-site
diff core/modules/node/tests/src/Functional/NodeAccessRebuildNodeGrantsTest.php @ 0:4c8ae668cc8c
Initial import (non-working)
| author | Chris Cannam |
|---|---|
| date | Wed, 29 Nov 2017 16:09:58 +0000 |
| parents | |
| children | 129ea1e6d783 |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/core/modules/node/tests/src/Functional/NodeAccessRebuildNodeGrantsTest.php Wed Nov 29 16:09:58 2017 +0000 @@ -0,0 +1,118 @@ +<?php + +namespace Drupal\Tests\node\Functional; + +use Drupal\node\Entity\NodeType; + +/** + * Ensures that node access rebuild functions work correctly even + * when other modules implements hook_node_grants(). + * + * @group node + */ +class NodeAccessRebuildNodeGrantsTest extends NodeTestBase { + + /** + * A user to create nodes that only it has access to. + * + * @var \Drupal\user\UserInterface + */ + protected $webUser; + + /** + * A user to test the rebuild nodes feature which can't access the nodes. + * + * @var \Drupal\user\UserInterface + */ + protected $adminUser; + + /** + * {@inheritdoc} + */ + protected function setUp() { + parent::setUp(); + + $this->adminUser = $this->drupalCreateUser(['administer site configuration', 'access administration pages', 'access site reports']); + $this->drupalLogin($this->adminUser); + + $this->webUser = $this->drupalCreateUser(); + } + + /** + * Tests rebuilding the node access permissions table with content. + */ + public function testNodeAccessRebuildNodeGrants() { + \Drupal::service('module_installer')->install(['node_access_test']); + \Drupal::state()->set('node_access_test.private', TRUE); + node_access_test_add_field(NodeType::load('page')); + $this->resetAll(); + + // Create 30 nodes so that _node_access_rebuild_batch_operation() has to run + // more than once. + for ($i = 0; $i < 30; $i++) { + $nodes[] = $this->drupalCreateNode([ + 'uid' => $this->webUser->id(), + 'private' => [['value' => 1]] + ]); + } + + /** @var \Drupal\node\NodeGrantDatabaseStorageInterface $grant_storage */ + $grant_storage = \Drupal::service('node.grant_storage'); + // Default realm access and node records are present. + foreach ($nodes as $node) { + $this->assertTrue($node->private->value); + $this->assertTrue($grant_storage->access($node, 'view', $this->webUser)->isAllowed(), 'Prior to rebuilding node access the grant storage returns allowed for the node author.'); + $this->assertTrue($grant_storage->access($node, 'view', $this->adminUser)->isAllowed(), 'Prior to rebuilding node access the grant storage returns allowed for the admin user.'); + } + + $this->assertEqual(1, \Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is an all realm access record'); + $this->assertTrue(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions need to be rebuilt'); + + // Rebuild permissions. + $this->drupalGet('admin/reports/status'); + $this->clickLink(t('Rebuild permissions')); + $this->drupalPostForm(NULL, [], t('Rebuild permissions')); + $this->assertText(t('The content access permissions have been rebuilt.')); + + // Test if the rebuild by user that cannot bypass node access and does not + // have access to the nodes has been successful. + $this->assertFalse($this->adminUser->hasPermission('bypass node access')); + $this->assertNull(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions have been rebuilt'); + foreach ($nodes as $node) { + $this->assertTrue($grant_storage->access($node, 'view', $this->webUser)->isAllowed(), 'After rebuilding node access the grant storage returns allowed for the node author.'); + $this->assertFalse($grant_storage->access($node, 'view', $this->adminUser)->isForbidden(), 'After rebuilding node access the grant storage returns forbidden for the admin user.'); + } + $this->assertFalse(\Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is no all realm access record'); + + // Test an anonymous node access rebuild from code. + $this->drupalLogout(); + node_access_rebuild(); + foreach ($nodes as $node) { + $this->assertTrue($grant_storage->access($node, 'view', $this->webUser)->isAllowed(), 'After rebuilding node access the grant storage returns allowed for the node author.'); + $this->assertFalse($grant_storage->access($node, 'view', $this->adminUser)->isForbidden(), 'After rebuilding node access the grant storage returns forbidden for the admin user.'); + } + $this->assertFalse(\Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is no all realm access record'); + } + + /** + * Tests rebuilding the node access permissions table with no content. + */ + public function testNodeAccessRebuildNoAccessModules() { + // Default realm access is present. + $this->assertEqual(1, \Drupal::service('node.grant_storage')->count(), 'There is an all realm access record'); + + // No need to rebuild permissions. + $this->assertFalse(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions need to be rebuilt'); + + // Rebuild permissions. + $this->drupalGet('admin/reports/status'); + $this->clickLink(t('Rebuild permissions')); + $this->drupalPostForm(NULL, [], t('Rebuild permissions')); + $this->assertText(t('Content permissions have been rebuilt.')); + $this->assertNull(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions have been rebuilt'); + + // Default realm access is still present. + $this->assertEqual(1, \Drupal::service('node.grant_storage')->count(), 'There is an all realm access record'); + } + +}