Chris@0: setAccount($account); Chris@0: } Chris@0: Chris@0: /** Chris@0: * Create a user with a given set of permissions. Chris@0: * Chris@0: * @param array $permissions Chris@0: * Array of permission names to assign to user. Note that the user always Chris@0: * has the default permissions derived from the "authenticated users" role. Chris@0: * @param string $name Chris@0: * The user name. Chris@0: * @param bool $admin Chris@0: * (optional) Whether the user should be an administrator Chris@0: * with all the available permissions. Chris@0: * Chris@0: * @return \Drupal\user\Entity\User|false Chris@0: * A fully loaded user object with pass_raw property, or FALSE if account Chris@0: * creation fails. Chris@0: */ Chris@0: protected function createUser(array $permissions = [], $name = NULL, $admin = FALSE) { Chris@0: // Create a role with the given permission set, if any. Chris@0: $rid = FALSE; Chris@0: if ($permissions) { Chris@0: $rid = $this->createRole($permissions); Chris@0: if (!$rid) { Chris@0: return FALSE; Chris@0: } Chris@0: } Chris@0: Chris@0: // Create a user assigned to that role. Chris@0: $edit = []; Chris@0: $edit['name'] = !empty($name) ? $name : $this->randomMachineName(); Chris@0: $edit['mail'] = $edit['name'] . '@example.com'; Chris@0: $edit['pass'] = user_password(); Chris@0: $edit['status'] = 1; Chris@0: if ($rid) { Chris@0: $edit['roles'] = [$rid]; Chris@0: } Chris@0: Chris@0: if ($admin) { Chris@0: $edit['roles'][] = $this->createAdminRole(); Chris@0: } Chris@0: Chris@0: $account = User::create($edit); Chris@0: $account->save(); Chris@0: Chris@0: $this->assertTrue($account->id(), SafeMarkup::format('User created with name %name and pass %pass', ['%name' => $edit['name'], '%pass' => $edit['pass']]), 'User login'); Chris@0: if (!$account->id()) { Chris@0: return FALSE; Chris@0: } Chris@0: Chris@0: // Add the raw password so that we can log in as this user. Chris@0: $account->pass_raw = $edit['pass']; Chris@0: // Support BrowserTestBase as well. Chris@0: $account->passRaw = $account->pass_raw; Chris@0: return $account; Chris@0: } Chris@0: Chris@0: /** Chris@0: * Creates an administrative role. Chris@0: * Chris@0: * @param string $rid Chris@0: * (optional) The role ID (machine name). Defaults to a random name. Chris@0: * @param string $name Chris@0: * (optional) The label for the role. Defaults to a random string. Chris@0: * @param int $weight Chris@0: * (optional) The weight for the role. Defaults NULL so that entity_create() Chris@0: * sets the weight to maximum + 1. Chris@0: * Chris@0: * @return string Chris@0: * Role ID of newly created role, or FALSE if role creation failed. Chris@0: */ Chris@0: protected function createAdminRole($rid = NULL, $name = NULL, $weight = NULL) { Chris@0: $rid = $this->createRole([], $rid, $name, $weight); Chris@0: if ($rid) { Chris@0: /** @var \Drupal\user\RoleInterface $role */ Chris@0: $role = Role::load($rid); Chris@0: $role->setIsAdmin(TRUE); Chris@0: $role->save(); Chris@0: } Chris@0: return $rid; Chris@0: } Chris@0: Chris@0: /** Chris@0: * Creates a role with specified permissions. Chris@0: * Chris@0: * @param array $permissions Chris@0: * Array of permission names to assign to role. Chris@0: * @param string $rid Chris@0: * (optional) The role ID (machine name). Defaults to a random name. Chris@0: * @param string $name Chris@0: * (optional) The label for the role. Defaults to a random string. Chris@0: * @param int $weight Chris@0: * (optional) The weight for the role. Defaults NULL so that entity_create() Chris@0: * sets the weight to maximum + 1. Chris@0: * Chris@0: * @return string Chris@0: * Role ID of newly created role, or FALSE if role creation failed. Chris@0: */ Chris@0: protected function createRole(array $permissions, $rid = NULL, $name = NULL, $weight = NULL) { Chris@0: // Generate a random, lowercase machine name if none was passed. Chris@0: if (!isset($rid)) { Chris@0: $rid = strtolower($this->randomMachineName(8)); Chris@0: } Chris@0: // Generate a random label. Chris@0: if (!isset($name)) { Chris@0: // In the role UI role names are trimmed and random string can start or Chris@0: // end with a space. Chris@0: $name = trim($this->randomString(8)); Chris@0: } Chris@0: Chris@0: // Check the all the permissions strings are valid. Chris@0: if (!$this->checkPermissions($permissions)) { Chris@0: return FALSE; Chris@0: } Chris@0: Chris@0: // Create new role. Chris@0: $role = Role::create([ Chris@0: 'id' => $rid, Chris@0: 'label' => $name, Chris@0: ]); Chris@0: if (isset($weight)) { Chris@0: $role->set('weight', $weight); Chris@0: } Chris@0: $result = $role->save(); Chris@0: Chris@0: $this->assertIdentical($result, SAVED_NEW, SafeMarkup::format('Created role ID @rid with name @name.', [ Chris@0: '@name' => var_export($role->label(), TRUE), Chris@0: '@rid' => var_export($role->id(), TRUE), Chris@0: ]), 'Role'); Chris@0: Chris@0: if ($result === SAVED_NEW) { Chris@0: // Grant the specified permissions to the role, if any. Chris@0: if (!empty($permissions)) { Chris@0: $this->grantPermissions($role, $permissions); Chris@0: $assigned_permissions = Role::load($role->id())->getPermissions(); Chris@0: $missing_permissions = array_diff($permissions, $assigned_permissions); Chris@0: if (!$missing_permissions) { Chris@0: $this->pass(SafeMarkup::format('Created permissions: @perms', ['@perms' => implode(', ', $permissions)]), 'Role'); Chris@0: } Chris@0: else { Chris@0: $this->fail(SafeMarkup::format('Failed to create permissions: @perms', ['@perms' => implode(', ', $missing_permissions)]), 'Role'); Chris@0: } Chris@0: } Chris@0: return $role->id(); Chris@0: } Chris@0: else { Chris@0: return FALSE; Chris@0: } Chris@0: } Chris@0: Chris@0: /** Chris@0: * Checks whether a given list of permission names is valid. Chris@0: * Chris@0: * @param array $permissions Chris@0: * The permission names to check. Chris@0: * Chris@0: * @return bool Chris@0: * TRUE if the permissions are valid, FALSE otherwise. Chris@0: */ Chris@0: protected function checkPermissions(array $permissions) { Chris@0: $available = array_keys(\Drupal::service('user.permissions')->getPermissions()); Chris@0: $valid = TRUE; Chris@0: foreach ($permissions as $permission) { Chris@0: if (!in_array($permission, $available)) { Chris@0: $this->fail(SafeMarkup::format('Invalid permission %permission.', ['%permission' => $permission]), 'Role'); Chris@0: $valid = FALSE; Chris@0: } Chris@0: } Chris@0: return $valid; Chris@0: } Chris@0: Chris@0: /** Chris@0: * Grant permissions to a user role. Chris@0: * Chris@0: * @param \Drupal\user\RoleInterface $role Chris@0: * The ID of a user role to alter. Chris@0: * @param array $permissions Chris@0: * (optional) A list of permission names to grant. Chris@0: */ Chris@0: protected function grantPermissions(RoleInterface $role, array $permissions) { Chris@0: foreach ($permissions as $permission) { Chris@0: $role->grantPermission($permission); Chris@0: } Chris@0: $role->trustData()->save(); Chris@0: } Chris@0: Chris@0: }