Mercurial > hg > isophonics-drupal-site
view core/modules/node/tests/src/Kernel/NodeFieldAccessTest.php @ 0:4c8ae668cc8c
Initial import (non-working)
| author | Chris Cannam |
|---|---|
| date | Wed, 29 Nov 2017 16:09:58 +0000 |
| parents | |
| children | 129ea1e6d783 |
line wrap: on
line source
<?php namespace Drupal\Tests\node\Kernel; use Drupal\Component\Utility\SafeMarkup; use Drupal\KernelTests\Core\Entity\EntityKernelTestBase; use Drupal\node\Entity\Node; use Drupal\node\Entity\NodeType; /** * Tests node field level access. * * @group node */ class NodeFieldAccessTest extends EntityKernelTestBase { /** * Modules to enable. * * @var array */ public static $modules = ['node']; /** * Fields that only users with administer nodes permissions can change. * * @var array */ protected $administrativeFields = [ 'status', 'promote', 'sticky', 'created', 'uid', ]; /** * These fields are automatically managed and can not be changed by any user. * * @var array */ protected $readOnlyFields = ['changed', 'revision_uid', 'revision_timestamp']; /** * Test permissions on nodes status field. */ public function testAccessToAdministrativeFields() { // Create the page node type with revisions disabled. $page = NodeType::create([ 'type' => 'page', 'new_revision' => FALSE, ]); $page->save(); // Create the article node type with revisions disabled. $article = NodeType::create([ 'type' => 'article', 'new_revision' => TRUE, ]); $article->save(); // An administrator user. No user exists yet, ensure that the first user // does not have UID 1. $content_admin_user = $this->createUser(['uid' => 2], ['administer nodes']); // Two different editor users. $page_creator_user = $this->createUser([], ['create page content', 'edit own page content', 'delete own page content']); $page_manager_user = $this->createUser([], ['create page content', 'edit any page content', 'delete any page content']); // An unprivileged user. $page_unrelated_user = $this->createUser([], ['access content']); // List of all users $test_users = [ $content_admin_user, $page_creator_user, $page_manager_user, $page_unrelated_user, ]; // Create three "Basic pages". One is owned by our test-user // "page_creator", one by "page_manager", and one by someone else. $node1 = Node::create([ 'title' => $this->randomMachineName(8), 'uid' => $page_creator_user->id(), 'type' => 'page', ]); $node2 = Node::create([ 'title' => $this->randomMachineName(8), 'uid' => $page_manager_user->id(), 'type' => 'article', ]); $node3 = Node::create([ 'title' => $this->randomMachineName(8), 'type' => 'page', ]); foreach ($this->administrativeFields as $field) { // Checks on view operations. foreach ($test_users as $account) { $may_view = $node1->{$field}->access('view', $account); $this->assertTrue($may_view, SafeMarkup::format('Any user may view the field @name.', ['@name' => $field])); } // Checks on edit operations. $may_update = $node1->{$field}->access('edit', $page_creator_user); $this->assertFalse($may_update, SafeMarkup::format('Users with permission "edit own page content" is not allowed to the field @name.', ['@name' => $field])); $may_update = $node2->{$field}->access('edit', $page_creator_user); $this->assertFalse($may_update, SafeMarkup::format('Users with permission "edit own page content" is not allowed to the field @name.', ['@name' => $field])); $may_update = $node2->{$field}->access('edit', $page_manager_user); $this->assertFalse($may_update, SafeMarkup::format('Users with permission "edit any page content" is not allowed to the field @name.', ['@name' => $field])); $may_update = $node1->{$field}->access('edit', $page_manager_user); $this->assertFalse($may_update, SafeMarkup::format('Users with permission "edit any page content" is not allowed to the field @name.', ['@name' => $field])); $may_update = $node2->{$field}->access('edit', $page_unrelated_user); $this->assertFalse($may_update, SafeMarkup::format('Users not having permission "edit any page content" is not allowed to the field @name.', ['@name' => $field])); $may_update = $node1->{$field}->access('edit', $content_admin_user) && $node3->status->access('edit', $content_admin_user); $this->assertTrue($may_update, SafeMarkup::format('Users with permission "administer nodes" may edit @name fields on all nodes.', ['@name' => $field])); } foreach ($this->readOnlyFields as $field) { // Check view operation. foreach ($test_users as $account) { $may_view = $node1->{$field}->access('view', $account); $this->assertTrue($may_view, SafeMarkup::format('Any user may view the field @name.', ['@name' => $field])); } // Check edit operation. foreach ($test_users as $account) { $may_view = $node1->{$field}->access('edit', $account); $this->assertFalse($may_view, SafeMarkup::format('No user is not allowed to edit the field @name.', ['@name' => $field])); } } // Check the revision_log field on node 1 which has revisions disabled. $may_update = $node1->revision_log->access('edit', $content_admin_user); $this->assertTrue($may_update, 'A user with permission "administer nodes" can edit the revision_log field when revisions are disabled.'); $may_update = $node1->revision_log->access('edit', $page_creator_user); $this->assertFalse($may_update, 'A user without permission "administer nodes" can not edit the revision_log field when revisions are disabled.'); // Check the revision_log field on node 2 which has revisions enabled. $may_update = $node2->revision_log->access('edit', $content_admin_user); $this->assertTrue($may_update, 'A user with permission "administer nodes" can edit the revision_log field when revisions are enabled.'); $may_update = $node2->revision_log->access('edit', $page_creator_user); $this->assertTrue($may_update, 'A user without permission "administer nodes" can edit the revision_log field when revisions are enabled.'); } }