Chris@0: <?php
Chris@0: 
Chris@0: namespace Drupal\Tests\user\Unit;
Chris@0: 
Chris@0: use Drupal\Core\Access\AccessResult;
Chris@0: use Drupal\Tests\UnitTestCase;
Chris@0: use Drupal\user\Access\PermissionAccessCheck;
Chris@0: use Symfony\Component\Routing\Route;
Chris@0: use Drupal\Core\Cache\Context\CacheContextsManager;
Chris@0: use Symfony\Component\DependencyInjection\ContainerBuilder;
Chris@0: 
Chris@0: /**
Chris@0:  * @coversDefaultClass \Drupal\user\Access\PermissionAccessCheck
Chris@0:  * @group Routing
Chris@0:  * @group Access
Chris@0:  */
Chris@0: class PermissionAccessCheckTest extends UnitTestCase {
Chris@0: 
Chris@0:   /**
Chris@0:    * The tested access checker.
Chris@0:    *
Chris@0:    * @var \Drupal\user\Access\PermissionAccessCheck
Chris@0:    */
Chris@0:   public $accessCheck;
Chris@0: 
Chris@0:   /**
Chris@0:    * The dependency injection container.
Chris@0:    *
Chris@0:    * @var \Symfony\Component\DependencyInjection\ContainerBuilder
Chris@0:    */
Chris@0:   protected $container;
Chris@0: 
Chris@0:   /**
Chris@0:    * {@inheritdoc}
Chris@0:    */
Chris@0:   protected function setUp() {
Chris@0:     parent::setUp();
Chris@0: 
Chris@0:     $this->container = new ContainerBuilder();
Chris@0:     $cache_contexts_manager = $this->prophesize(CacheContextsManager::class);
Chris@0:     $cache_contexts_manager->assertValidTokens()->willReturn(TRUE);
Chris@0:     $cache_contexts_manager->reveal();
Chris@0:     $this->container->set('cache_contexts_manager', $cache_contexts_manager);
Chris@0:     \Drupal::setContainer($this->container);
Chris@0: 
Chris@0:     $this->accessCheck = new PermissionAccessCheck();
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * Provides data for the testAccess method.
Chris@0:    *
Chris@0:    * @return array
Chris@0:    */
Chris@0:   public function providerTestAccess() {
Chris@0:     return [
Chris@0:       [[], FALSE],
Chris@0:       [['_permission' => 'allowed'], TRUE, ['user.permissions']],
Chris@0:       [['_permission' => 'denied'], FALSE, ['user.permissions'], "The 'denied' permission is required."],
Chris@0:       [['_permission' => 'allowed+denied'], TRUE, ['user.permissions']],
Chris@0:       [['_permission' => 'allowed+denied+other'], TRUE, ['user.permissions']],
Chris@0:       [['_permission' => 'allowed,denied'], FALSE, ['user.permissions'], "The following permissions are required: 'allowed' AND 'denied'."],
Chris@0:     ];
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * Tests the access check method.
Chris@0:    *
Chris@0:    * @dataProvider providerTestAccess
Chris@0:    * @covers ::access
Chris@0:    */
Chris@0:   public function testAccess($requirements, $access, array $contexts = [], $message = '') {
Chris@0:     $access_result = AccessResult::allowedIf($access)->addCacheContexts($contexts);
Chris@0:     if (!empty($message)) {
Chris@0:       $access_result->setReason($message);
Chris@0:     }
Chris@0:     $user = $this->getMock('Drupal\Core\Session\AccountInterface');
Chris@0:     $user->expects($this->any())
Chris@0:       ->method('hasPermission')
Chris@0:       ->will($this->returnValueMap([
Chris@0:           ['allowed', TRUE],
Chris@0:           ['denied', FALSE],
Chris@17:           ['other', FALSE],
Chris@0:         ]
Chris@0:       ));
Chris@0:     $route = new Route('', [], $requirements);
Chris@0: 
Chris@0:     $this->assertEquals($access_result, $this->accessCheck->access($route, $user));
Chris@0:   }
Chris@0: 
Chris@0: }