Mercurial > hg > isophonics-drupal-site

diff core/modules/tracker/tests/src/Functional/TrackerNodeAccessTest.php @ 0:4c8ae668cc8c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Initial import (non-working)
author Chris Cannam
date Wed, 29 Nov 2017 16:09:58 +0000
parents
children
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/core/modules/tracker/tests/src/Functional/TrackerNodeAccessTest.php	Wed Nov 29 16:09:58 2017 +0000
@@ -0,0 +1,75 @@
+<?php
+
+namespace Drupal\Tests\tracker\Functional;
+
+use Drupal\comment\Plugin\Field\FieldType\CommentItemInterface;
+use Drupal\comment\Tests\CommentTestTrait;
+use Drupal\node\Entity\NodeType;
+use Drupal\Tests\BrowserTestBase;
+
+/**
+ * Tests for private node access on /tracker.
+ *
+ * @group tracker
+ */
+class TrackerNodeAccessTest extends BrowserTestBase {
+
+  use CommentTestTrait;
+
+  /**
+   * Modules to enable.
+   *
+   * @var array
+   */
+  public static $modules = ['node', 'comment', 'tracker', 'node_access_test'];
+
+  protected function setUp() {
+    parent::setUp();
+    node_access_rebuild();
+    $this->drupalCreateContentType(['type' => 'page']);
+    node_access_test_add_field(NodeType::load('page'));
+    $this->addDefaultCommentField('node', 'page', 'comment', CommentItemInterface::OPEN);
+    \Drupal::state()->set('node_access_test.private', TRUE);
+  }
+
+  /**
+   * Ensure private node on /tracker is only visible to users with permission.
+   */
+  public function testTrackerNodeAccess() {
+    // Create user with node test view permission.
+    $access_user = $this->drupalCreateUser(['node test view', 'access user profiles']);
+
+    // Create user without node test view permission.
+    $no_access_user = $this->drupalCreateUser(['access user profiles']);
+
+    $this->drupalLogin($access_user);
+
+    // Create some nodes.
+    $private_node = $this->drupalCreateNode([
+      'title' => t('Private node test'),
+      'private' => TRUE,
+    ]);
+    $public_node = $this->drupalCreateNode([
+      'title' => t('Public node test'),
+      'private' => FALSE,
+    ]);
+
+    // User with access should see both nodes created.
+    $this->drupalGet('activity');
+    $this->assertText($private_node->getTitle(), 'Private node is visible to user with private access.');
+    $this->assertText($public_node->getTitle(), 'Public node is visible to user with private access.');
+    $this->drupalGet('user/' . $access_user->id() . '/activity');
+    $this->assertText($private_node->getTitle(), 'Private node is visible to user with private access.');
+    $this->assertText($public_node->getTitle(), 'Public node is visible to user with private access.');
+
+    // User without access should not see private node.
+    $this->drupalLogin($no_access_user);
+    $this->drupalGet('activity');
+    $this->assertNoText($private_node->getTitle(), 'Private node is not visible to user without private access.');
+    $this->assertText($public_node->getTitle(), 'Public node is visible to user without private access.');
+    $this->drupalGet('user/' . $access_user->id() . '/activity');
+    $this->assertNoText($private_node->getTitle(), 'Private node is not visible to user without private access.');
+    $this->assertText($public_node->getTitle(), 'Public node is visible to user without private access.');
+  }
+
+}