Chris@0: drupalPlaceBlock('page_title_block'); Chris@14: $this->drupalPlaceBlock('local_actions_block'); Chris@14: $this->drupalPlaceBlock('help_block'); Chris@14: } Chris@14: Chris@14: /** Chris@14: * Create, edit and delete a vocabulary via the user interface. Chris@14: */ Chris@14: public function testVocabularyPermissionsVocabulary() { Chris@14: // VocabularyTest.php already tests for user with "administer taxonomy" Chris@14: // permission. Chris@14: Chris@14: // Test as user without proper permissions. Chris@14: $authenticated_user = $this->drupalCreateUser([]); Chris@14: $this->drupalLogin($authenticated_user); Chris@14: Chris@14: $assert_session = $this->assertSession(); Chris@14: Chris@14: // Visit the main taxonomy administration page. Chris@14: $this->drupalGet('admin/structure/taxonomy'); Chris@14: $assert_session->statusCodeEquals(403); Chris@14: Chris@14: // Test as user with "access taxonomy overview" permissions. Chris@14: $proper_user = $this->drupalCreateUser(['access taxonomy overview']); Chris@14: $this->drupalLogin($proper_user); Chris@14: Chris@14: // Visit the main taxonomy administration page. Chris@14: $this->drupalGet('admin/structure/taxonomy'); Chris@14: $assert_session->statusCodeEquals(200); Chris@14: $assert_session->pageTextContains('Vocabulary name'); Chris@14: $assert_session->linkNotExists('Add vocabulary'); Chris@14: } Chris@14: Chris@14: /** Chris@14: * Test the vocabulary overview permission. Chris@14: */ Chris@14: public function testTaxonomyVocabularyOverviewPermissions() { Chris@14: // Create two vocabularies, one with two terms, the other without any term. Chris@14: /** @var \Drupal\taxonomy\Entity\Vocabulary $vocabulary1 , $vocabulary2 */ Chris@14: $vocabulary1 = $this->createVocabulary(); Chris@14: $vocabulary2 = $this->createVocabulary(); Chris@14: $vocabulary1_id = $vocabulary1->id(); Chris@14: $vocabulary2_id = $vocabulary2->id(); Chris@14: $this->createTerm($vocabulary1); Chris@14: $this->createTerm($vocabulary1); Chris@14: Chris@14: // Assert expected help texts on first vocabulary. Chris@14: $edit_help_text = t('You can reorganize the terms in @capital_name using their drag-and-drop handles, and group terms under a parent term by sliding them under and to the right of the parent.', ['@capital_name' => Unicode::ucfirst($vocabulary1->label())]); Chris@14: $no_edit_help_text = t('@capital_name contains the following terms.', ['@capital_name' => Unicode::ucfirst($vocabulary1->label())]); Chris@14: Chris@14: $assert_session = $this->assertSession(); Chris@14: Chris@14: // Logged in as admin user with 'administer taxonomy' permission. Chris@14: $admin_user = $this->drupalCreateUser(['administer taxonomy']); Chris@14: $this->drupalLogin($admin_user); Chris@14: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview'); Chris@14: $assert_session->statusCodeEquals(200); Chris@14: $assert_session->linkExists('Edit'); Chris@14: $assert_session->linkExists('Delete'); Chris@14: $assert_session->linkExists('Add term'); Chris@14: $assert_session->buttonExists('Save'); Chris@14: $assert_session->pageTextContains('Weight'); Chris@16: $assert_session->fieldExists('Weight'); Chris@14: $assert_session->pageTextContains($edit_help_text); Chris@14: Chris@14: // Visit vocabulary overview without terms. 'Add term' should be shown. Chris@14: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview'); Chris@14: $assert_session->statusCodeEquals(200); Chris@14: $assert_session->pageTextContains('No terms available'); Chris@14: $assert_session->linkExists('Add term'); Chris@14: Chris@14: // Login as a user without any of the required permissions. Chris@14: $no_permission_user = $this->drupalCreateUser(); Chris@14: $this->drupalLogin($no_permission_user); Chris@14: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview'); Chris@14: $assert_session->statusCodeEquals(403); Chris@14: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview'); Chris@14: $assert_session->statusCodeEquals(403); Chris@14: Chris@14: // Log in as a user with only the overview permission, neither edit nor Chris@14: // delete operations must be available and no Save button. Chris@14: $overview_only_user = $this->drupalCreateUser(['access taxonomy overview']); Chris@14: $this->drupalLogin($overview_only_user); Chris@14: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview'); Chris@14: $assert_session->statusCodeEquals(200); Chris@14: $assert_session->linkNotExists('Edit'); Chris@14: $assert_session->linkNotExists('Delete'); Chris@14: $assert_session->buttonNotExists('Save'); Chris@16: $assert_session->pageTextContains('Weight'); Chris@16: $assert_session->fieldNotExists('Weight'); Chris@14: $assert_session->linkNotExists('Add term'); Chris@14: $assert_session->pageTextContains($no_edit_help_text); Chris@14: Chris@14: // Visit vocabulary overview without terms. 'Add term' should not be shown. Chris@14: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview'); Chris@14: $assert_session->statusCodeEquals(200); Chris@14: $assert_session->pageTextContains('No terms available'); Chris@14: $assert_session->linkNotExists('Add term'); Chris@14: Chris@14: // Login as a user with permission to edit terms, only edit link should be Chris@14: // visible. Chris@14: $edit_user = $this->createUser([ Chris@14: 'access taxonomy overview', Chris@14: 'edit terms in ' . $vocabulary1_id, Chris@14: 'edit terms in ' . $vocabulary2_id, Chris@14: ]); Chris@14: $this->drupalLogin($edit_user); Chris@14: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview'); Chris@14: $assert_session->statusCodeEquals(200); Chris@14: $assert_session->linkExists('Edit'); Chris@14: $assert_session->linkNotExists('Delete'); Chris@14: $assert_session->buttonExists('Save'); Chris@14: $assert_session->pageTextContains('Weight'); Chris@16: $assert_session->fieldExists('Weight'); Chris@14: $assert_session->linkNotExists('Add term'); Chris@14: $assert_session->pageTextContains($edit_help_text); Chris@14: Chris@14: // Visit vocabulary overview without terms. 'Add term' should not be shown. Chris@14: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview'); Chris@14: $assert_session->statusCodeEquals(200); Chris@14: $assert_session->pageTextContains('No terms available'); Chris@14: $assert_session->linkNotExists('Add term'); Chris@14: Chris@14: // Login as a user with permission only to delete terms. Chris@14: $edit_delete_user = $this->createUser([ Chris@14: 'access taxonomy overview', Chris@14: 'delete terms in ' . $vocabulary1_id, Chris@14: 'delete terms in ' . $vocabulary2_id, Chris@14: ]); Chris@14: $this->drupalLogin($edit_delete_user); Chris@14: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview'); Chris@14: $assert_session->statusCodeEquals(200); Chris@14: $assert_session->linkNotExists('Edit'); Chris@14: $assert_session->linkExists('Delete'); Chris@14: $assert_session->linkNotExists('Add term'); Chris@14: $assert_session->buttonNotExists('Save'); Chris@16: $assert_session->pageTextContains('Weight'); Chris@16: $assert_session->fieldNotExists('Weight'); Chris@14: $assert_session->pageTextContains($no_edit_help_text); Chris@14: Chris@14: // Visit vocabulary overview without terms. 'Add term' should not be shown. Chris@14: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview'); Chris@14: $assert_session->statusCodeEquals(200); Chris@14: $assert_session->pageTextContains('No terms available'); Chris@14: $assert_session->linkNotExists('Add term'); Chris@14: Chris@14: // Login as a user with permission to edit and delete terms. Chris@14: $edit_delete_user = $this->createUser([ Chris@14: 'access taxonomy overview', Chris@14: 'edit terms in ' . $vocabulary1_id, Chris@14: 'delete terms in ' . $vocabulary1_id, Chris@14: 'edit terms in ' . $vocabulary2_id, Chris@14: 'delete terms in ' . $vocabulary2_id, Chris@14: ]); Chris@14: $this->drupalLogin($edit_delete_user); Chris@14: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview'); Chris@14: $assert_session->statusCodeEquals(200); Chris@14: $assert_session->linkExists('Edit'); Chris@14: $assert_session->linkExists('Delete'); Chris@14: $assert_session->linkNotExists('Add term'); Chris@14: $assert_session->buttonExists('Save'); Chris@14: $assert_session->pageTextContains('Weight'); Chris@16: $assert_session->fieldExists('Weight'); Chris@14: $assert_session->pageTextContains($edit_help_text); Chris@14: Chris@14: // Visit vocabulary overview without terms. 'Add term' should not be shown. Chris@14: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview'); Chris@14: $assert_session->statusCodeEquals(200); Chris@14: $assert_session->pageTextContains('No terms available'); Chris@14: $assert_session->linkNotExists('Add term'); Chris@14: Chris@14: // Login as a user with permission to create new terms, only add new term Chris@14: // link should be visible. Chris@14: $edit_user = $this->createUser([ Chris@14: 'access taxonomy overview', Chris@14: 'create terms in ' . $vocabulary1_id, Chris@14: 'create terms in ' . $vocabulary2_id, Chris@14: ]); Chris@14: $this->drupalLogin($edit_user); Chris@14: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview'); Chris@14: $assert_session->statusCodeEquals(200); Chris@14: $assert_session->linkNotExists('Edit'); Chris@14: $assert_session->linkNotExists('Delete'); Chris@14: $assert_session->linkExists('Add term'); Chris@14: $assert_session->buttonNotExists('Save'); Chris@16: $assert_session->pageTextContains('Weight'); Chris@16: $assert_session->fieldNotExists('Weight'); Chris@14: $assert_session->pageTextContains($no_edit_help_text); Chris@14: Chris@14: // Visit vocabulary overview without terms. 'Add term' should not be shown. Chris@14: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview'); Chris@14: $assert_session->statusCodeEquals(200); Chris@14: $assert_session->pageTextContains('No terms available'); Chris@14: $assert_session->linkExists('Add term'); Chris@0: } Chris@0: Chris@0: /** Chris@0: * Create, edit and delete a taxonomy term via the user interface. Chris@0: */ Chris@0: public function testVocabularyPermissionsTaxonomyTerm() { Chris@0: // Vocabulary used for creating, removing and editing terms. Chris@0: $vocabulary = $this->createVocabulary(); Chris@0: Chris@0: // Test as admin user. Chris@0: $user = $this->drupalCreateUser(['administer taxonomy']); Chris@0: $this->drupalLogin($user); Chris@0: Chris@0: // Visit the main taxonomy administration page. Chris@0: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add'); Chris@0: $this->assertResponse(200); Chris@0: $this->assertField('edit-name-0-value', 'Add taxonomy term form opened successfully.'); Chris@0: Chris@0: // Submit the term. Chris@0: $edit = []; Chris@0: $edit['name[0][value]'] = $this->randomMachineName(); Chris@0: Chris@0: $this->drupalPostForm(NULL, $edit, t('Save')); Chris@0: $this->assertText(t('Created new term @name.', ['@name' => $edit['name[0][value]']]), 'Term created successfully.'); Chris@0: Chris@0: // Verify that the creation message contains a link to a term. Chris@0: $view_link = $this->xpath('//div[@class="messages"]//a[contains(@href, :href)]', [':href' => 'term/']); Chris@0: $this->assert(isset($view_link), 'The message area contains a link to a term'); Chris@0: Chris@14: $terms = \Drupal::entityTypeManager() Chris@14: ->getStorage('taxonomy_term') Chris@14: ->loadByProperties(['name' => $edit['name[0][value]']]); Chris@0: $term = reset($terms); Chris@0: Chris@0: // Edit the term. Chris@0: $this->drupalGet('taxonomy/term/' . $term->id() . '/edit'); Chris@0: $this->assertResponse(200); Chris@0: $this->assertText($edit['name[0][value]'], 'Edit taxonomy term form opened successfully.'); Chris@0: Chris@0: $edit['name[0][value]'] = $this->randomMachineName(); Chris@0: $this->drupalPostForm(NULL, $edit, t('Save')); Chris@0: $this->assertText(t('Updated term @name.', ['@name' => $edit['name[0][value]']]), 'Term updated successfully.'); Chris@0: Chris@0: // Delete the vocabulary. Chris@0: $this->drupalGet('taxonomy/term/' . $term->id() . '/delete'); Chris@0: $this->assertRaw(t('Are you sure you want to delete the @entity-type %label?', ['@entity-type' => 'taxonomy term', '%label' => $edit['name[0][value]']]), 'Delete taxonomy term form opened successfully.'); Chris@0: Chris@0: // Confirm deletion. Chris@0: $this->drupalPostForm(NULL, NULL, t('Delete')); Chris@0: $this->assertRaw(t('Deleted term %name.', ['%name' => $edit['name[0][value]']]), 'Term deleted.'); Chris@0: Chris@14: // Test as user with "create" permissions. Chris@14: $user = $this->drupalCreateUser(["create terms in {$vocabulary->id()}"]); Chris@14: $this->drupalLogin($user); Chris@14: Chris@14: $assert_session = $this->assertSession(); Chris@14: Chris@14: // Create a new term. Chris@14: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add'); Chris@14: $assert_session->statusCodeEquals(200); Chris@14: $assert_session->fieldExists('name[0][value]'); Chris@14: Chris@14: // Submit the term. Chris@14: $edit = []; Chris@14: $edit['name[0][value]'] = $this->randomMachineName(); Chris@14: Chris@14: $this->drupalPostForm(NULL, $edit, t('Save')); Chris@14: $assert_session->pageTextContains(t('Created new term @name.', ['@name' => $edit['name[0][value]']])); Chris@14: Chris@14: $terms = \Drupal::entityTypeManager() Chris@14: ->getStorage('taxonomy_term') Chris@14: ->loadByProperties(['name' => $edit['name[0][value]']]); Chris@14: $term = reset($terms); Chris@14: Chris@14: // Ensure that edit and delete access is denied. Chris@14: $this->drupalGet('taxonomy/term/' . $term->id() . '/edit'); Chris@14: $assert_session->statusCodeEquals(403); Chris@14: $this->drupalGet('taxonomy/term/' . $term->id() . '/delete'); Chris@14: $assert_session->statusCodeEquals(403); Chris@14: Chris@0: // Test as user with "edit" permissions. Chris@0: $user = $this->drupalCreateUser(["edit terms in {$vocabulary->id()}"]); Chris@0: $this->drupalLogin($user); Chris@0: Chris@0: // Visit the main taxonomy administration page. Chris@0: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add'); Chris@0: $this->assertResponse(403, 'Add taxonomy term form open failed.'); Chris@0: Chris@0: // Create a test term. Chris@0: $term = $this->createTerm($vocabulary); Chris@0: Chris@0: // Edit the term. Chris@0: $this->drupalGet('taxonomy/term/' . $term->id() . '/edit'); Chris@0: $this->assertResponse(200); Chris@0: $this->assertText($term->getName(), 'Edit taxonomy term form opened successfully.'); Chris@0: Chris@0: $edit['name[0][value]'] = $this->randomMachineName(); Chris@0: $this->drupalPostForm(NULL, $edit, t('Save')); Chris@0: $this->assertText(t('Updated term @name.', ['@name' => $edit['name[0][value]']]), 'Term updated successfully.'); Chris@0: Chris@0: // Verify that the update message contains a link to a term. Chris@0: $view_link = $this->xpath('//div[@class="messages"]//a[contains(@href, :href)]', [':href' => 'term/']); Chris@0: $this->assert(isset($view_link), 'The message area contains a link to a term'); Chris@0: Chris@0: // Delete the vocabulary. Chris@0: $this->drupalGet('taxonomy/term/' . $term->id() . '/delete'); Chris@0: $this->assertResponse(403, 'Delete taxonomy term form open failed.'); Chris@0: Chris@0: // Test as user with "delete" permissions. Chris@0: $user = $this->drupalCreateUser(["delete terms in {$vocabulary->id()}"]); Chris@0: $this->drupalLogin($user); Chris@0: Chris@0: // Visit the main taxonomy administration page. Chris@0: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add'); Chris@0: $this->assertResponse(403, 'Add taxonomy term form open failed.'); Chris@0: Chris@0: // Create a test term. Chris@0: $term = $this->createTerm($vocabulary); Chris@0: Chris@0: // Edit the term. Chris@0: $this->drupalGet('taxonomy/term/' . $term->id() . '/edit'); Chris@0: $this->assertResponse(403, 'Edit taxonomy term form open failed.'); Chris@0: Chris@0: // Delete the vocabulary. Chris@0: $this->drupalGet('taxonomy/term/' . $term->id() . '/delete'); Chris@0: $this->assertRaw(t('Are you sure you want to delete the @entity-type %label?', ['@entity-type' => 'taxonomy term', '%label' => $term->getName()]), 'Delete taxonomy term form opened successfully.'); Chris@0: Chris@0: // Confirm deletion. Chris@0: $this->drupalPostForm(NULL, NULL, t('Delete')); Chris@0: $this->assertRaw(t('Deleted term %name.', ['%name' => $term->getName()]), 'Term deleted.'); Chris@0: Chris@0: // Test as user without proper permissions. Chris@0: $user = $this->drupalCreateUser(); Chris@0: $this->drupalLogin($user); Chris@0: Chris@0: // Visit the main taxonomy administration page. Chris@0: $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add'); Chris@0: $this->assertResponse(403, 'Add taxonomy term form open failed.'); Chris@0: Chris@0: // Create a test term. Chris@0: $term = $this->createTerm($vocabulary); Chris@0: Chris@0: // Edit the term. Chris@0: $this->drupalGet('taxonomy/term/' . $term->id() . '/edit'); Chris@0: $this->assertResponse(403, 'Edit taxonomy term form open failed.'); Chris@0: Chris@0: // Delete the vocabulary. Chris@0: $this->drupalGet('taxonomy/term/' . $term->id() . '/delete'); Chris@0: $this->assertResponse(403, 'Delete taxonomy term form open failed.'); Chris@0: } Chris@0: Chris@0: }