Mercurial > hg > isophonics-drupal-site
view core/modules/node/tests/src/Functional/NodeAccessRebuildNodeGrantsTest.php @ 17:129ea1e6d783
Update, including to Drupal core 8.6.10
author | Chris Cannam |
---|---|
date | Thu, 28 Feb 2019 13:21:36 +0000 |
parents | 4c8ae668cc8c |
children |
line wrap: on
line source
<?php namespace Drupal\Tests\node\Functional; use Drupal\node\Entity\NodeType; /** * Ensures that node access rebuild functions work correctly even * when other modules implements hook_node_grants(). * * @group node */ class NodeAccessRebuildNodeGrantsTest extends NodeTestBase { /** * A user to create nodes that only it has access to. * * @var \Drupal\user\UserInterface */ protected $webUser; /** * A user to test the rebuild nodes feature which can't access the nodes. * * @var \Drupal\user\UserInterface */ protected $adminUser; /** * {@inheritdoc} */ protected function setUp() { parent::setUp(); $this->adminUser = $this->drupalCreateUser(['administer site configuration', 'access administration pages', 'access site reports']); $this->drupalLogin($this->adminUser); $this->webUser = $this->drupalCreateUser(); } /** * Tests rebuilding the node access permissions table with content. */ public function testNodeAccessRebuildNodeGrants() { \Drupal::service('module_installer')->install(['node_access_test']); \Drupal::state()->set('node_access_test.private', TRUE); node_access_test_add_field(NodeType::load('page')); $this->resetAll(); // Create 30 nodes so that _node_access_rebuild_batch_operation() has to run // more than once. for ($i = 0; $i < 30; $i++) { $nodes[] = $this->drupalCreateNode([ 'uid' => $this->webUser->id(), 'private' => [['value' => 1]], ]); } /** @var \Drupal\node\NodeGrantDatabaseStorageInterface $grant_storage */ $grant_storage = \Drupal::service('node.grant_storage'); // Default realm access and node records are present. foreach ($nodes as $node) { $this->assertTrue($node->private->value); $this->assertTrue($grant_storage->access($node, 'view', $this->webUser)->isAllowed(), 'Prior to rebuilding node access the grant storage returns allowed for the node author.'); $this->assertTrue($grant_storage->access($node, 'view', $this->adminUser)->isAllowed(), 'Prior to rebuilding node access the grant storage returns allowed for the admin user.'); } $this->assertEqual(1, \Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is an all realm access record'); $this->assertTrue(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions need to be rebuilt'); // Rebuild permissions. $this->drupalGet('admin/reports/status'); $this->clickLink(t('Rebuild permissions')); $this->drupalPostForm(NULL, [], t('Rebuild permissions')); $this->assertText(t('The content access permissions have been rebuilt.')); // Test if the rebuild by user that cannot bypass node access and does not // have access to the nodes has been successful. $this->assertFalse($this->adminUser->hasPermission('bypass node access')); $this->assertNull(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions have been rebuilt'); foreach ($nodes as $node) { $this->assertTrue($grant_storage->access($node, 'view', $this->webUser)->isAllowed(), 'After rebuilding node access the grant storage returns allowed for the node author.'); $this->assertFalse($grant_storage->access($node, 'view', $this->adminUser)->isForbidden(), 'After rebuilding node access the grant storage returns forbidden for the admin user.'); } $this->assertFalse(\Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is no all realm access record'); // Test an anonymous node access rebuild from code. $this->drupalLogout(); node_access_rebuild(); foreach ($nodes as $node) { $this->assertTrue($grant_storage->access($node, 'view', $this->webUser)->isAllowed(), 'After rebuilding node access the grant storage returns allowed for the node author.'); $this->assertFalse($grant_storage->access($node, 'view', $this->adminUser)->isForbidden(), 'After rebuilding node access the grant storage returns forbidden for the admin user.'); } $this->assertFalse(\Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is no all realm access record'); } /** * Tests rebuilding the node access permissions table with no content. */ public function testNodeAccessRebuildNoAccessModules() { // Default realm access is present. $this->assertEqual(1, \Drupal::service('node.grant_storage')->count(), 'There is an all realm access record'); // No need to rebuild permissions. $this->assertFalse(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions need to be rebuilt'); // Rebuild permissions. $this->drupalGet('admin/reports/status'); $this->clickLink(t('Rebuild permissions')); $this->drupalPostForm(NULL, [], t('Rebuild permissions')); $this->assertText(t('Content permissions have been rebuilt.')); $this->assertNull(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions have been rebuilt'); // Default realm access is still present. $this->assertEqual(1, \Drupal::service('node.grant_storage')->count(), 'There is an all realm access record'); } }