Chris@0: <?php
Chris@0: 
Chris@0: namespace Drupal\editor\Tests;
Chris@0: 
Chris@0: use Drupal\Component\Serialization\Json;
Chris@0: use Drupal\Core\EventSubscriber\MainContentViewSubscriber;
Chris@0: use Drupal\simpletest\WebTestBase;
Chris@0: use Drupal\filter\Entity\FilterFormat;
Chris@0: 
Chris@0: /**
Chris@0:  * Tests Quick Edit module integration endpoints.
Chris@0:  *
Chris@0:  * @group editor
Chris@0:  */
Chris@0: class QuickEditIntegrationLoadingTest extends WebTestBase {
Chris@0: 
Chris@0:   /**
Chris@0:    * Modules to enable.
Chris@0:    *
Chris@0:    * @var array
Chris@0:    */
Chris@0:   public static $modules = ['quickedit', 'filter', 'node', 'editor'];
Chris@0: 
Chris@0:   /**
Chris@0:    * The basic permissions necessary to view content and use in-place editing.
Chris@0:    *
Chris@0:    * @var array
Chris@0:    */
Chris@0:   protected static $basicPermissions = ['access content', 'create article content', 'use text format filtered_html', 'access contextual links'];
Chris@0: 
Chris@0:   protected function setUp() {
Chris@0:     parent::setUp();
Chris@0: 
Chris@0:     // Create a text format.
Chris@0:     $filtered_html_format = FilterFormat::create([
Chris@0:       'format' => 'filtered_html',
Chris@0:       'name' => 'Filtered HTML',
Chris@0:       'weight' => 0,
Chris@0:       'filters' => [
Chris@0:         'filter_caption' => [
Chris@0:           'status' => 1,
Chris@0:         ],
Chris@0:       ],
Chris@0:     ]);
Chris@0:     $filtered_html_format->save();
Chris@0: 
Chris@0:     // Create a node type.
Chris@0:     $this->drupalCreateContentType([
Chris@0:       'type' => 'article',
Chris@0:       'name' => 'Article',
Chris@0:     ]);
Chris@0: 
Chris@0:     // Create one node of the above node type using the above text format.
Chris@0:     $this->drupalCreateNode([
Chris@0:       'type' => 'article',
Chris@0:       'body' => [
Chris@0:         0 => [
Chris@0:           'value' => '<p>Do you also love Drupal?</p><img src="druplicon.png" data-caption="Druplicon" />',
Chris@0:           'format' => 'filtered_html',
Chris@0:         ]
Chris@0:       ]
Chris@0:     ]);
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * Test loading of untransformed text when a user doesn't have access to it.
Chris@0:    */
Chris@0:   public function testUsersWithoutPermission() {
Chris@0:     // Create 3 users, each with insufficient permissions, i.e. without either
Chris@0:     // or both of the following permissions:
Chris@0:     // - the 'access in-place editing' permission
Chris@0:     // - the 'edit any article content' permission (necessary to edit node 1)
Chris@0:     $users = [
Chris@0:       $this->drupalCreateUser(static::$basicPermissions),
Chris@0:       $this->drupalCreateUser(array_merge(static::$basicPermissions, ['edit any article content'])),
Chris@0:       $this->drupalCreateUser(array_merge(static::$basicPermissions, ['access in-place editing']))
Chris@0:     ];
Chris@0: 
Chris@0:     // Now test with each of the 3 users with insufficient permissions.
Chris@0:     foreach ($users as $user) {
Chris@0:       $this->drupalLogin($user);
Chris@0:       $this->drupalGet('node/1');
Chris@0: 
Chris@0:       // Ensure the text is transformed.
Chris@0:       $this->assertRaw('<p>Do you also love Drupal?</p><figure role="group" class="caption caption-img"><img src="druplicon.png" /><figcaption>Druplicon</figcaption></figure>');
Chris@0: 
Chris@0:       // Retrieving the untransformed text should result in an 403 response and
Chris@0:       // return a different error message depending of the missing permission.
Chris@0:       $response = $this->drupalPost('editor/' . 'node/1/body/en/full', '', [], ['query' => [MainContentViewSubscriber::WRAPPER_FORMAT => 'drupal_ajax']]);
Chris@0:       $this->assertResponse(403);
Chris@0:       if (!$user->hasPermission('access in-place editing')) {
Chris@0:         $message = "The 'access in-place editing' permission is required.";
Chris@0:       }
Chris@0:       else {
Chris@0:         $message = '';
Chris@0:       }
Chris@0:       $this->assertIdentical(Json::encode(['message' => $message]), $response);
Chris@0:     }
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * Test loading of untransformed text when a user does have access to it.
Chris@0:    */
Chris@0:   public function testUserWithPermission() {
Chris@0:     $user = $this->drupalCreateUser(array_merge(static::$basicPermissions, ['edit any article content', 'access in-place editing']));
Chris@0:     $this->drupalLogin($user);
Chris@0:     $this->drupalGet('node/1');
Chris@0: 
Chris@0:     // Ensure the text is transformed.
Chris@0:     $this->assertRaw('<p>Do you also love Drupal?</p><figure role="group" class="caption caption-img"><img src="druplicon.png" /><figcaption>Druplicon</figcaption></figure>');
Chris@0: 
Chris@0:     $response = $this->drupalPost('editor/' . 'node/1/body/en/full', '', [], ['query' => [MainContentViewSubscriber::WRAPPER_FORMAT => 'drupal_ajax']]);
Chris@0:     $this->assertResponse(200);
Chris@0:     $ajax_commands = Json::decode($response);
Chris@0:     $this->assertIdentical(1, count($ajax_commands), 'The untransformed text POST request results in one AJAX command.');
Chris@0:     $this->assertIdentical('editorGetUntransformedText', $ajax_commands[0]['command'], 'The first AJAX command is an editorGetUntransformedText command.');
Chris@0:     $this->assertIdentical('<p>Do you also love Drupal?</p><img src="druplicon.png" data-caption="Druplicon" />', $ajax_commands[0]['data'], 'The editorGetUntransformedText command contains the expected data.');
Chris@0:   }
Chris@0: 
Chris@0: }