View source
<?php
namespace Drupal\Tests\access_unpublished\Functional;
use Drupal\access_unpublished\Entity\AccessToken;
use Drupal\node\Entity\NodeType;
use Drupal\Tests\BrowserTestBase;
use Drupal\Tests\content_moderation\Traits\ContentModerationTestTrait;
use Drupal\Tests\node\Traits\NodeCreationTrait;
use Drupal\user\RoleInterface;
class ContentModerationAccessTest extends BrowserTestBase {
use NodeCreationTrait;
use ContentModerationTestTrait;
protected $defaultTheme = 'classy';
protected static $modules = [
'access_unpublished',
'node',
'content_moderation',
];
protected $entity;
protected function setUp() {
parent::setUp();
NodeType::create([
'type' => 'page',
'name' => 'page',
])
->save();
user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, [
'access content',
'access_unpublished node page',
]);
$workflow = $this
->createEditorialWorkflow();
$workflow
->getTypePlugin()
->addEntityTypeAndBundle('node', 'page');
$workflow
->save();
$this->entity = $this
->createNode();
$assert_session = $this
->assertSession();
$this
->drupalGet($this->entity
->toUrl());
$assert_session
->statusCodeEquals(403);
}
public function testAccessWithValidToken() {
$assert_session = $this
->assertSession();
$validToken = AccessToken::create([
'entity_type' => 'node',
'entity_id' => $this->entity
->id(),
'value' => 'iAmValid',
'expire' => \Drupal::time()
->getRequestTime() + 10000,
]);
$validToken
->save();
$this
->drupalGet($this->entity
->toUrl('canonical'), [
'query' => [
'auHash' => 'iAmValid',
],
]);
$assert_session
->statusCodeEquals(200);
$this
->drupalGet($this->entity
->toUrl('canonical'), [
'query' => [
'auHash' => 123456,
],
]);
$assert_session
->statusCodeEquals(403);
$this
->drupalGet($this->entity
->toUrl());
$assert_session
->statusCodeEquals(403);
$this->entity
->set('moderation_state', 'published');
$this->entity
->save();
$this->entity
->set('moderation_state', 'draft');
$this->entity
->save();
$this
->drupalGet($this->entity
->toUrl('latest-version'), [
'query' => [
'auHash' => 'iAmValid',
],
]);
$assert_session
->statusCodeEquals(200);
$this
->drupalGet($this->entity
->toUrl('latest-version'), [
'query' => [
'auHash' => 123456,
],
]);
$assert_session
->statusCodeEquals(403);
$this
->drupalGet($this->entity
->toUrl());
$assert_session
->statusCodeEquals(200);
$validToken
->delete();
$this
->drupalGet($this->entity
->toUrl('latest-version'), [
'query' => [
'auHash' => 'iAmValid',
],
]);
$assert_session
->statusCodeEquals(403);
}
}