You are here

class AccessTest in Apigee Edge 8

Teams module access test.

@group apigee_edge @group apigee_edge_teams

Hierarchy

Expanded class hierarchy of AccessTest

File

modules/apigee_edge_teams/tests/src/Functional/AccessTest.php, line 33

Namespace

Drupal\Tests\apigee_edge_teams\Functional
View source
class AccessTest extends ApigeeEdgeTeamsFunctionalTestBase {

  /**
   * The team entity storage.
   *
   * @var \Drupal\apigee_edge_teams\Entity\Storage\TeamStorageInterface
   */
  protected $teamStorage;

  /**
   * The team app entity storage.
   *
   * @var \Drupal\apigee_edge_teams\Entity\Storage\TeamAppStorageInterface
   */
  protected $teamAppStorage;

  /**
   * Default user.
   *
   * @var \Drupal\user\UserInterface
   */
  protected $account;

  /**
   * Drupal user who is a member of the team.
   *
   * @var \Drupal\user\UserInterface
   */
  protected $teamMemberAccount;

  /**
   * Drupal user who is not a member of the team.
   *
   * @var \Drupal\user\UserInterface
   */
  protected $nonTeamMemberAccount;

  /**
   * The team membership manager service.
   *
   * @var \Drupal\apigee_edge_teams\TeamMembershipManagerInterface
   */
  protected $teamMembershipManager;

  /**
   * Team entity to test.
   *
   * @var \Drupal\apigee_edge_teams\Entity\TeamInterface
   */
  protected $team;

  /**
   * Team app entity to test.
   *
   * @var \Drupal\apigee_edge_teams\Entity\TeamAppInterface
   */
  protected $teamApp;

  /**
   * Team entity routes.
   *
   * Keyed by route id.
   *
   * @var \Symfony\Component\Routing\Route[]
   */
  protected $teamEntityRoutes = [];

  /**
   * Team app entity routes.
   *
   * Keyed by route id.
   *
   * @var \Symfony\Component\Routing\Route[]
   */
  protected $teamAppEntityRoutes = [];

  /**
   * Administer routes defined by the teams module.
   */
  protected const ADMIN_ROUTES = [
    'apigee_edge_teams.settings.team',
    'apigee_edge_teams.settings.team_app',
  ];

  /**
   * Team entity permission matrix.
   *
   * Key are site-wide permissions and values are routes without
   * entity.{entity_id}. that a user should have access with the permission.
   */
  protected const TEAM_PERMISSION_MATRIX = [
    'view any team' => [
      'canonical',
    ],
    'create team' => [
      'add_form',
    ],
    'update any team' => [
      'edit_form',
    ],
    'delete any team' => [
      'delete_form',
    ],
    'manage team members' => [
      'members',
      'add_members',
      'member.edit',
      'member.remove',
    ],
  ];

  /**
   * Team membership level permission matrix.
   *
   * Key are team-level permissions and values are routes without
   * entity.{entity_id}. that a user should have access with the permission.
   */
  protected const TEAM_MEMBER_PERMISSION_MATRIX = [
    'team_manage_members' => [
      'members',
      'add_members',
      'member.edit',
      'member.remove',
    ],
    'team_app_view' => [
      'canonical',
      'collection_by_team',
      'api_keys',
    ],
    'team_app_create' => [
      'add_form_for_team',
    ],
    'team_app_update' => [
      'edit_form',
    ],
    'team_app_delete' => [
      'delete_form',
    ],
    'team_app_analytics' => [
      'analytics',
    ],
    'team_app_add_api_key' => [
      'add_api_key_form',
    ],
  ];

  /**
   * User roles associated to permissions.
   *
   * @var \Drupal\user\RoleInterface[]
   */
  protected $roles;

  /**
   * The team role storage.
   *
   * @var \Drupal\apigee_edge_teams\Entity\Storage\TeamRoleStorageInterface
   */
  protected $teamRoleStorage;

  /**
   * The team member role storage.
   *
   * @var \Drupal\apigee_edge_teams\Entity\Storage\TeamMemberRoleStorageInterface
   */
  protected $teamMemberRoleStorage;

  /**
   * The team permission handler.
   *
   * @var \Drupal\apigee_edge_teams\TeamPermissionHandlerInterface
   */
  protected $teamPermissionHandler;

  /**
   * The state service.
   *
   * @var \Drupal\Core\State\State
   */
  protected $state;

  /**
   * {@inheritdoc}
   */
  protected static $modules = [
    'apigee_edge_teams_test',
  ];

  /**
   * {@inheritdoc}
   */
  protected function setUp() {
    parent::setUp();
    $this->teamStorage = $this->container
      ->get('entity_type.manager')
      ->getStorage('team');
    $this->teamAppStorage = $this->container
      ->get('entity_type.manager')
      ->getStorage('team_app');
    $this->teamRoleStorage = $this->container
      ->get('entity_type.manager')
      ->getStorage('team_role');
    $this->teamMemberRoleStorage = $this->container
      ->get('entity_type.manager')
      ->getStorage('team_member_role');
    $this->teamMembershipManager = $this->container
      ->get('apigee_edge_teams.team_membership_manager');
    $this->teamPermissionHandler = $this->container
      ->get('apigee_edge_teams.team_permissions');
    $this->state = $this->container
      ->get('state');
    $team_entity_type = $this->container
      ->get('entity_type.manager')
      ->getDefinition('team');
    $team_app_entity_type = $this->container
      ->get('entity_type.manager')
      ->getDefinition('team_app');

    /** @var \Drupal\Core\Entity\Routing\EntityRouteProviderInterface $provider */
    foreach ($this->container
      ->get('entity_type.manager')
      ->getRouteProviders('team') as $provider) {
      foreach ($provider
        ->getRoutes($team_entity_type) as $id => $route) {
        $this->teamEntityRoutes[$id] = $route;
      }
    }

    /** @var \Drupal\Core\Entity\Routing\EntityRouteProviderInterface $provider */
    foreach ($this->container
      ->get('entity_type.manager')
      ->getRouteProviders('team_app') as $provider) {
      foreach ($provider
        ->getRoutes($team_app_entity_type) as $id => $route) {
        $this->teamAppEntityRoutes[$id] = $route;
      }
    }

    // Skip api key routes. These are tested separately.
    $this->teamAppEntityRoutes = array_filter($this->teamAppEntityRoutes, function (Route $route) {
      return strpos($route
        ->getPath(), '{consumer_key}') === FALSE;
    });
    $this->team = $this->teamStorage
      ->create([
      'name' => mb_strtolower($this
        ->getRandomGenerator()
        ->name()),
    ]);
    $this->team
      ->save();
    $this->teamApp = $this->teamAppStorage
      ->create([
      'name' => mb_strtolower($this
        ->getRandomGenerator()
        ->name()),
      'companyName' => $this->team
        ->getName(),
    ]);
    $this->teamApp
      ->save();
    $this->account = $this
      ->createAccount();
    $this->nonTeamMemberAccount = $this
      ->createAccount();
    $this->teamMemberAccount = $this
      ->createAccount();
    $this->teamMembershipManager
      ->addMembers($this->team
      ->getName(), [
      $this->teamMemberAccount
        ->getEmail(),
    ]);

    // Create roles for team permissions.
    foreach (array_keys(static::TEAM_PERMISSION_MATRIX) as $permission) {
      $this->roles[$permission] = $this
        ->createRole([
        $permission,
      ], preg_replace('/[^a-z0-9_]+/', '_', $permission));
    }

    // Create roles for admin permissions.
    $this->roles['administer apigee edge'] = $this
      ->createRole([
      'administer apigee edge',
    ], 'administer_apigee_edge');
    $this->roles['administer team'] = $this
      ->createRole([
      'administer team',
    ], 'administer_team');
    $this->roles['manage team apps'] = $this
      ->createRole([
      'manage team apps',
    ], 'manage_team_apps');
  }

  /**
   * {@inheritdoc}
   */
  protected function tearDown() {
    if ($this->team !== NULL) {
      try {
        $this->teamStorage
          ->delete([
          $this->team,
        ]);
      } catch (\Exception $exception) {
        $this
          ->logException($exception);
      }
    }
    if ($this->account !== NULL) {
      try {
        $this->account
          ->delete();
      } catch (\Exception $exception) {
        $this
          ->logException($exception);
      }
    }
    if ($this->teamMemberAccount !== NULL) {
      try {
        $this->teamMemberAccount
          ->delete();
      } catch (\Exception $exception) {
        $this
          ->logException($exception);
      }
    }
    if ($this->nonTeamMemberAccount !== NULL) {
      try {
        $this->nonTeamMemberAccount
          ->delete();
      } catch (\Exception $exception) {
        $this
          ->logException($exception);
      }
    }
    parent::tearDown();
  }

  /**
   * Tests team, team membership level and admin permissions, team roles.
   */
  public function testAccess() {
    $this
      ->teamAccessTest();
    $this
      ->teamRoleAccessTest();
    $this
      ->teamExpansionTest();
  }

  /**
   * Tests team, team membership level and admin permissions.
   */
  protected function teamAccessTest() {

    // Ensure the current user is anonymous.
    if ($this->loggedInUser) {
      $this
        ->drupalLogout();
    }

    // Anonymous user has no access to team, team app and admin pages.
    $this
      ->validateTeamAccess();
    $this
      ->validateTeamAppAccess();
    $this
      ->validateAccessToAdminRoutes(FALSE);

    // The user is not a member of the team and it has no teams related
    // permission. It has no access to view any team or team app related page.
    $this
      ->drupalLogin($this->account);
    $this
      ->validateTeamAccess();
    $this
      ->validateTeamAppAccess();

    // The user is not a member of the team. Grant every team entity related
    // permission one by one and validate available UIs.
    foreach (array_keys(self::TEAM_PERMISSION_MATRIX) as $permission) {
      $this
        ->setUserPermissions([
        $permission,
      ]);
      $this
        ->validateTeamAccess();
      $this
        ->validateTeamAppAccess();
    }

    // The user is not a member of the team but it has every team related
    // permission. It has no access to view any team app page.
    $this
      ->setUserPermissions(array_keys(self::TEAM_PERMISSION_MATRIX));
    $this
      ->validateTeamAccess();
    $this
      ->validateTeamAppAccess();

    // The user is a member of the team but it has no team related site-wide
    // permission and every team permission is also revoked.
    $this->teamMembershipManager
      ->addMembers($this->team
      ->getName(), [
      $this->account
        ->getEmail(),
    ]);
    $this
      ->setUserPermissions([]);
    $this
      ->setTeamRolePermissionsOnUi(TeamRoleInterface::TEAM_MEMBER_ROLE, []);
    $this
      ->validateTeamAccess();
    $this
      ->validateTeamAppAccess();

    // The user is a member of the team. Check every team member level
    // permission one by one.
    foreach (array_keys(self::TEAM_MEMBER_PERMISSION_MATRIX) as $permission) {
      $this
        ->setTeamRolePermissionsOnUi(TeamRoleInterface::TEAM_MEMBER_ROLE, [
        $permission,
      ]);
      $this
        ->validateTeamAccess();
      $this
        ->validateTeamAppAccess();
    }

    // The user is not a member of the team but every team member operation is
    // enabled. The user has no access to the team and team app related pages.
    $this
      ->setTeamRolePermissionsOnUi(TeamRoleInterface::TEAM_MEMBER_ROLE, array_keys(self::TEAM_MEMBER_PERMISSION_MATRIX));
    $this->teamMembershipManager
      ->removeMembers($this->team
      ->getName(), [
      $this->account
        ->getEmail(),
    ]);
    $this
      ->validateTeamAccess();
    $this
      ->validateTeamAppAccess();

    // With administer apigee edge permission the user has no access to team,
    // team app and admin pages.
    $this
      ->setUserPermissions([
      'administer apigee edge',
    ]);
    $this
      ->validateTeamAccess();
    $this
      ->validateTeamAppAccess();
    $this
      ->validateAccessToAdminRoutes(FALSE);

    // With manage team apps permission the user has access to team app pages.
    $this
      ->setUserPermissions([
      'manage team apps',
    ]);
    $this
      ->validateTeamAccess();
    $this
      ->validateTeamAppAccess(TRUE);
    $this
      ->validateAccessToAdminRoutes(FALSE);

    // With administer teams permission the user has access to team, team app
    // and admin pages.
    $this
      ->setUserPermissions([
      'administer team',
    ]);
    $this
      ->validateTeamAccess(TRUE);
    $this
      ->validateTeamAppAccess(TRUE);
    $this
      ->validateAccessToAdminRoutes(TRUE);
  }

  /**
   * Tests team roles related UIs, permissions.
   */
  protected function teamRoleAccessTest() {

    // Ensure the current user is anonymous.
    if ($this->loggedInUser) {
      $this
        ->drupalLogout();
    }

    // The user is a member of the team and it has no teams related permission.
    // The user has the default "member" role in the team, the default member
    // role has no permissions.
    $this
      ->setUserPermissions([]);
    $this
      ->setTeamRolePermissionsOnUi(TeamRoleInterface::TEAM_MEMBER_ROLE, []);
    $this->teamMembershipManager
      ->addMembers($this->team
      ->getName(), [
      $this->account
        ->getEmail(),
    ]);

    // Create roles for every team membership level permission.
    $this
      ->drupalLogin($this->rootUser);
    foreach (array_keys(self::TEAM_MEMBER_PERMISSION_MATRIX) as $permission) {
      $this
        ->drupalPostForm(Url::fromRoute('entity.team_role.add_form'), [
        'label' => $permission,
        'id' => $permission,
      ], 'Save');
      $this
        ->setTeamRolePermissionsOnUi($permission, [
        $permission,
      ]);
    }

    // Grant team roles to the team member one by one.
    foreach (array_keys(self::TEAM_MEMBER_PERMISSION_MATRIX) as $permission) {
      $this
        ->drupalLogin($this->rootUser);
      $this->teamMemberRoleStorage
        ->addTeamRoles($this->account, $this->team, [
        $permission,
      ]);
      $this
        ->drupalLogin($this->account);
      $this
        ->validateTeamAccess();
      $this
        ->validateTeamAppAccess();
      $this
        ->drupalLogout();
    }

    // Revoke team roles from the team member one by one.
    foreach (array_keys(self::TEAM_MEMBER_PERMISSION_MATRIX) as $permission) {
      $this
        ->drupalLogin($this->rootUser);
      $this->teamMemberRoleStorage
        ->addTeamRoles($this->account, $this->team, [
        $permission,
      ]);
      $this
        ->drupalLogin($this->account);
      $this
        ->validateTeamAccess();
      $this
        ->validateTeamAppAccess();
      $this
        ->drupalLogout();
    }
  }

  /**
   * Tests apigee_edge_teams_test module.
   */
  protected function teamExpansionTest() {

    // Ensure that the apigee_edge_teams_test module properly extends the team
    // role permission UI.
    $this
      ->drupalLogin($this->rootUser);
    $this
      ->drupalGet(Url::fromRoute('apigee_edge_teams.settings.team.permissions'));

    // Check whether the permission group labels and the permission labels and
    // descriptions are visible.
    $this
      ->assertSession()
      ->pageTextContains('Apigee Edge Teams: Testing');
    $this
      ->assertSession()
      ->pageTextContains('Team permission test');
    $this
      ->assertSession()
      ->pageTextContains('Team permission test 1');
    $this
      ->assertSession()
      ->pageTextContains('This is the 1st team test permission.');
    $this
      ->assertSession()
      ->pageTextContains('Team permission test 2');
    $this
      ->assertSession()
      ->pageTextContains('Team permission test 3');
    $this
      ->assertSession()
      ->pageTextContains('This is the 3rd team test permission.');
    $this
      ->assertSession()
      ->pageTextContains('Team permission test 4');

    // Change the username to grant every team permission to the user in
    // apigee_edge_teams_test_apigee_edge_teams_developer_permissions_by_team_alter().
    // It is not necessary to save the developer associated with this user.
    $this
      ->disableUserPresave();
    $this->account
      ->setUsername(APIGEE_EDGE_TEAMS_TEST_SPECIAL_USERNAME_WITH_ALL_TEAM_PERMISSIONS);
    $this->account
      ->save();
    $this
      ->enableUserPresave();

    // Make sure that the user is no longer a member of the team anymore.
    if (in_array($this->team
      ->id(), $this->teamMembershipManager
      ->getTeams($this->account
      ->getEmail()))) {
      $this->teamMembershipManager
        ->removeMembers($this->team
        ->getName(), [
        $this->account
          ->getEmail(),
      ]);
    }
    $this
      ->assertNotContains($this->team
      ->id(), $this->teamMembershipManager
      ->getTeams($this->account
      ->getEmail()));
    $this
      ->drupalLogin($this->account);

    // Even if the account is not member of the team it should have access all
    // team related UIs that a team permission can grant access.
    // (The user can still not CRUD teams but it can access to the teams list.)
    $this
      ->validateTeamAccess();
    $this
      ->validateTeamAppAccess();

    // Now it can not just access to the team list, but it can see all teams
    // in the list and access all team related UIs because it has all team
    // permissions.
    $this->state
      ->set(APIGEE_EDGE_TEAMS_TEST_SPECIAL_USERNAME_CAN_VIEW_ANY_TEAM_STATE_KEY, TRUE);
    $this
      ->validateAccess($this->team
      ->toUrl(), Response::HTTP_OK);
  }

  /**
   * Checks whether the user has access to team pages.
   *
   * @param bool $admin_access
   *   TRUE if the user has access to every team page.
   */
  protected function validateTeamAccess(bool $admin_access = FALSE) {
    $route_ids_with_access = [];
    if ($admin_access) {
      $route_ids_with_access = array_map(function (string $route_id) {
        return str_replace('entity.team.', '', $route_id);
      }, array_keys($this->teamEntityRoutes));
    }
    else {
      foreach (array_keys(self::TEAM_PERMISSION_MATRIX) as $permission) {
        if ($this->account
          ->hasPermission($permission)) {
          $route_ids_with_access = array_merge($route_ids_with_access, self::TEAM_PERMISSION_MATRIX[$permission]);
        }
      }
      if ($this
        ->drupalUserIsLoggedIn($this->account)) {

        // Authenticated users always have access to team collection.
        $route_ids_with_access[] = 'collection';
      }

      // Team members always have access to the team canonical page.
      if (in_array($this->account
        ->getEmail(), $this->teamMembershipManager
        ->getMembers($this->team
        ->getName()))) {
        $route_ids_with_access[] = 'canonical';
      }

      // The developer is not necessarily a member of the team.
      if (in_array('team_manage_members', $this->teamPermissionHandler
        ->getDeveloperPermissionsByTeam($this->team, $this->account))) {
        $route_ids_with_access = array_merge($route_ids_with_access, self::TEAM_MEMBER_PERMISSION_MATRIX['team_manage_members']);
      }
    }
    foreach ($this->teamEntityRoutes as $route_id => $route) {
      $short_route_id = str_replace('entity.team.', '', $route_id);
      $rel = str_replace('_', '-', $short_route_id);

      // First try to use the entity to generate the url - and with that
      // make sure the url parameter resolver works on the entity.
      if ($this->team
        ->hasLinkTemplate($rel)) {
        $url = $this->team
          ->toUrl($rel);
        if (in_array($short_route_id, $route_ids_with_access)) {
          $this
            ->validateAccess($url, Response::HTTP_OK);
        }
        else {
          $this
            ->validateAccess($url, Response::HTTP_FORBIDDEN);
        }
      }
      else {

        // If the route is not registered as link in entity links - because
        // it contains a route parameter that the entity can not resolve -
        // fallback to the URL resolver. At this time these are the member.edit
        // and member.remove routes. Use a developer parameter in the route
        // which belongs to a member of the team and which belongs to a
        // non-member of the team and an email address of a non-existing
        // developer.
        $params = [
          'team' => $this->team
            ->id(),
        ];
        $this
          ->validateAccess(Url::fromRoute($route_id, $params + [
          'developer' => $this->teamMemberAccount
            ->getEmail(),
        ]), in_array($short_route_id, $route_ids_with_access) ? Response::HTTP_OK : Response::HTTP_FORBIDDEN);
        $this
          ->validateAccess(Url::fromRoute($route_id, $params + [
          'developer' => $this->nonTeamMemberAccount
            ->getEmail(),
        ]), Response::HTTP_FORBIDDEN);
        $this
          ->validateAccess(Url::fromRoute($route_id, $params + [
          'developer' => $this
            ->randomMachineName() . '@example.com',
        ]), Response::HTTP_NOT_FOUND);
      }
    }
  }

  /**
   * Checks whether the user has access to team app pages.
   *
   * @param bool $admin_access
   *   TRUE if the user has access to every team app page.
   *
   * @throws \Drupal\Core\Entity\EntityMalformedException
   */
  protected function validateTeamAppAccess(bool $admin_access = FALSE) {
    $route_ids_with_access = [];
    if ($admin_access) {
      $route_ids_with_access = array_map(function (string $route_id) {
        return str_replace('entity.team_app.', '', $route_id);
      }, array_keys($this->teamAppEntityRoutes));
    }
    else {

      // The developer is not necessarily a member of the team.
      foreach (array_keys(self::TEAM_MEMBER_PERMISSION_MATRIX) as $permission) {
        if (in_array($permission, $this->teamPermissionHandler
          ->getDeveloperPermissionsByTeam($this->team, $this->account))) {
          $route_ids_with_access = array_merge($route_ids_with_access, self::TEAM_MEMBER_PERMISSION_MATRIX[$permission]);
        }
      }
    }
    foreach ($this->teamAppEntityRoutes as $route_id => $route) {
      $short_route_id = str_replace('entity.team_app.', '', $route_id);
      $rel = str_replace('_', '-', $short_route_id);

      // First try to use the entity to generate the url - and with that
      // make sure the url parameter resolver works on the entity.
      if ($this->teamApp
        ->hasLinkTemplate($rel)) {
        $url = $this->teamApp
          ->toUrl($rel);
      }
      else {

        // If the route is not registered as link in entity links - because
        // it contains a route parameter that the entity can not resolve -
        // fallback to the URL resolver.
        $params = [
          'team' => $this->team
            ->id(),
        ];
        if (strpos($route
          ->getPath(), '{app}') !== FALSE) {
          $params['app'] = $this->teamApp
            ->getName();
        }
        $url = Url::fromRoute($route_id, $params);
      }
      if (in_array($short_route_id, $route_ids_with_access)) {
        $this
          ->validateAccess($url, Response::HTTP_OK);
      }
      else {
        $this
          ->validateAccess($url, Response::HTTP_FORBIDDEN);
      }
    }
  }

  /**
   * Checks whether the user has access to the given URL.
   *
   * @param \Drupal\Core\Url $url
   *   The Url object to check.
   * @param int $expected_response_status_code
   *   The expected HTTP response status code.
   */
  protected function validateAccess(Url $url, int $expected_response_status_code) {
    $this
      ->drupalGet($url
      ->toString());
    $code = $this
      ->getSession()
      ->getStatusCode();
    $current_user_roles = implode(', ', $this->account
      ->getRoles());
    $this
      ->assertEquals($expected_response_status_code, $code, "Visited path: {$url->getInternalPath()}. User roles: {$current_user_roles}");
  }

  /**
   * Checks whether the user has access to admin routes.
   *
   * @param bool $user_has_access
   *   TRUE if the user has access to admin routes, else FALSE.
   */
  protected function validateAccessToAdminRoutes(bool $user_has_access) {
    foreach (self::ADMIN_ROUTES as $route_name) {
      $this
        ->validateAccess(Url::fromRoute($route_name), $user_has_access ? Response::HTTP_OK : Response::HTTP_FORBIDDEN);
    }
  }

  /**
   * Sets team permissions.
   *
   * @param array $permissions
   *   Array of team permissions to give.
   */
  protected function setUserPermissions(array $permissions) {
    $old_roles = $this->account
      ->getRoles(TRUE);
    foreach ($old_roles as $old_role) {
      $this->account
        ->removeRole($old_role);
    }
    foreach ($permissions as $permission) {
      $this->account
        ->addRole($this->roles[$permission]);
    }

    // It is not necessary to save the developer associated with this user.
    $this
      ->disableUserPresave();
    $this->account
      ->save();
    $this
      ->enableUserPresave();
  }

  /**
   * Sets team role permissions.
   *
   * The team role permission admin UI is tested properly while changing the
   * permissions.
   *
   * @param string $role_name
   *   The ID of a team role.
   * @param array $permissions
   *   Team role permissions to enable.
   */
  protected function setTeamRolePermissionsOnUi(string $role_name, array $permissions) {

    // Save the original logged in user if there is any.
    // Note: The account switcher service is not working as it is expected this
    // is the reason why we need this workaround.
    $oldNotRootLoggedInUser = NULL;
    if ($this->loggedInUser && $this->loggedInUser
      ->id() != $this->rootUser
      ->id()) {
      $oldNotRootLoggedInUser = clone $this->loggedInUser;
    }

    // Save permissions with admin user.
    if ($oldNotRootLoggedInUser === NULL || $oldNotRootLoggedInUser
      ->id() !== $this->rootUser
      ->id()) {
      $this
        ->drupalLogin($this->rootUser);
    }
    $permission_changes = [];
    foreach (array_keys(self::TEAM_MEMBER_PERMISSION_MATRIX) as $permission) {
      $permission_changes["{$role_name}[{$permission}]"] = in_array($permission, $permissions);
    }
    $this
      ->drupalPostForm(Url::fromRoute('apigee_edge_teams.settings.team.permissions'), $permission_changes, 'Save permissions');

    // Dump permission configuration to the HTML output.
    $this
      ->drupalGet(Url::fromRoute('apigee_edge_teams.settings.team.permissions'));

    // Because changes made on the UI therefore _this_ instance of the team role
    // storage must be cleared manually.
    $this->teamRoleStorage
      ->resetCache([
      $role_name,
    ]);

    // Log back in with the old, not root user.
    if ($oldNotRootLoggedInUser) {
      if ($oldNotRootLoggedInUser
        ->id() === $this->account
        ->id()) {
        $this
          ->drupalLogin($this->account);
      }
      else {
        throw new \Exception("Unable to switch back to the originally logged user because it was neither the root user nor the simple authenticated user. Its user id: {$oldNotRootLoggedInUser->id()}.");
      }
    }
  }

}

Members

Namesort descending Modifiers Type Description Overrides
AccessTest::$account protected property Default user.
AccessTest::$modules protected static property Modules to enable. Overrides ApigeeEdgeTeamsFunctionalTestBase::$modules
AccessTest::$nonTeamMemberAccount protected property Drupal user who is not a member of the team.
AccessTest::$roles protected property User roles associated to permissions.
AccessTest::$state protected property The state service.
AccessTest::$team protected property Team entity to test.
AccessTest::$teamApp protected property Team app entity to test.
AccessTest::$teamAppEntityRoutes protected property Team app entity routes.
AccessTest::$teamAppStorage protected property The team app entity storage.
AccessTest::$teamEntityRoutes protected property Team entity routes.
AccessTest::$teamMemberAccount protected property Drupal user who is a member of the team.
AccessTest::$teamMemberRoleStorage protected property The team member role storage.
AccessTest::$teamMembershipManager protected property The team membership manager service.
AccessTest::$teamPermissionHandler protected property The team permission handler.
AccessTest::$teamRoleStorage protected property The team role storage.
AccessTest::$teamStorage protected property The team entity storage.
AccessTest::ADMIN_ROUTES protected constant Administer routes defined by the teams module.
AccessTest::setTeamRolePermissionsOnUi protected function Sets team role permissions.
AccessTest::setUp protected function Overrides ApigeeEdgeFunctionalTestBase::setUp
AccessTest::setUserPermissions protected function Sets team permissions.
AccessTest::teamAccessTest protected function Tests team, team membership level and admin permissions.
AccessTest::teamExpansionTest protected function Tests apigee_edge_teams_test module.
AccessTest::teamRoleAccessTest protected function Tests team roles related UIs, permissions.
AccessTest::TEAM_MEMBER_PERMISSION_MATRIX protected constant Team membership level permission matrix.
AccessTest::TEAM_PERMISSION_MATRIX protected constant Team entity permission matrix.
AccessTest::tearDown protected function Overrides BrowserTestBase::tearDown
AccessTest::testAccess public function Tests team, team membership level and admin permissions, team roles.
AccessTest::validateAccess protected function Checks whether the user has access to the given URL.
AccessTest::validateAccessToAdminRoutes protected function Checks whether the user has access to admin routes.
AccessTest::validateTeamAccess protected function Checks whether the user has access to team pages.
AccessTest::validateTeamAppAccess protected function Checks whether the user has access to team app pages.
ApigeeEdgeFunctionalTestBase::$defaultTheme protected property For tests relying on no markup at all or at least no core markup. Overrides BrowserTestBase::$defaultTheme
ApigeeEdgeFunctionalTestTrait::$mock_api_client_ready protected static property Use the mock_api_client or not. 9
ApigeeEdgeFunctionalTestTrait::clickLinkProperly protected function Implements link clicking properly.
ApigeeEdgeFunctionalTestTrait::createAccount protected function Creates a Drupal account.
ApigeeEdgeFunctionalTestTrait::createDeveloperApp protected function Creates an app for a user. Overrides ApigeeMockApiClientHelperTrait::createDeveloperApp
ApigeeEdgeFunctionalTestTrait::createProduct protected function Creates a product.
ApigeeEdgeFunctionalTestTrait::disableUserPresave protected function The corresponding developer will not be created if a Drupal user is saved.
ApigeeEdgeFunctionalTestTrait::drupalGetNoMetaRefresh protected function The same as drupalGet(), but ignores the meta refresh.
ApigeeEdgeFunctionalTestTrait::enableUserPresave protected function The corresponding developer will be created if a Drupal user is saved.
ApigeeEdgeFunctionalTestTrait::findLink protected function Finds a link on the current page.
ApigeeEdgeFunctionalTestTrait::fixUrl protected static function Returns absolute URL starts with a slash.
ApigeeEdgeFunctionalTestTrait::getApps protected function Loads all apps for a given user. 1
ApigeeEdgeFunctionalTestTrait::getRandomUniqueId protected function Gets a random unique ID.
ApigeeEdgeFunctionalTestTrait::initTestEnv protected function Initializes test environment with required configuration.
ApigeeEdgeFunctionalTestTrait::logException protected function Log the given exception using the class short name as type.
ApigeeEdgeUtilTestTrait::createTestKey protected function Creates a test key from environment variables, using config key storage.
ApigeeEdgeUtilTestTrait::invalidateKey protected function Removes the active key for testing with unset API credentials.
ApigeeEdgeUtilTestTrait::restoreKey protected function Restores the active key.
ApigeeEdgeUtilTestTrait::setKey protected function Set active authentication keys in config.
ApigeeMockApiClientHelperTrait::$entityTypeManager protected property The entity type manager.
ApigeeMockApiClientHelperTrait::$integration_enabled protected property If integration (real API connection) is enabled.
ApigeeMockApiClientHelperTrait::$mockResponseFactory protected property The mock response factory service.
ApigeeMockApiClientHelperTrait::$sdkConnector protected property The SDK connector service. 1
ApigeeMockApiClientHelperTrait::$stack protected property The mock handler stack is responsible for serving queued api responses.
ApigeeMockApiClientHelperTrait::addDeveloperMatchedResponse protected function Add matched developer response.
ApigeeMockApiClientHelperTrait::addOrganizationMatchedResponse protected function Add matched org response.
ApigeeMockApiClientHelperTrait::addUserToTeam public function Adds a user to a team.
ApigeeMockApiClientHelperTrait::apigeeTestHelperSetup protected function Setup.
ApigeeMockApiClientHelperTrait::apigeeTestPropertiesSetup protected function Setup.
ApigeeMockApiClientHelperTrait::createTeam protected function Helper to create a Team entity.
ApigeeMockApiClientHelperTrait::initAuth protected function Initialize SDK connector.
ApigeeMockApiClientHelperTrait::installExtraModules protected function Installs a given list of modules and rebuilds the cache.
ApigeeMockApiClientHelperTrait::queueCompaniesResponse protected function Queues up a mock companies response.
ApigeeMockApiClientHelperTrait::queueCompanyResponse protected function Queues up a mock company response.
ApigeeMockApiClientHelperTrait::queueDeveloperAppResponse protected function Helper to add Edge entity response to stack.
ApigeeMockApiClientHelperTrait::queueDeveloperResponse protected function Queues up a mock developer response.
ApigeeMockApiClientHelperTrait::queueDeveloperResponseFromDeveloper protected function Queues up a mock developer response.
ApigeeMockApiClientHelperTrait::queueDevsInCompanyResponse protected function Queues up a mock developers in a company response.
AssertHelperTrait::castSafeStrings protected static function Casts MarkupInterface objects into strings.
AssertLegacyTrait::assert protected function Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertTrue() instead.
AssertLegacyTrait::assertCacheTag protected function Asserts whether an expected cache tag was present in the last response.
AssertLegacyTrait::assertElementNotPresent protected function Asserts that the element with the given CSS selector is not present.
AssertLegacyTrait::assertElementPresent protected function Asserts that the element with the given CSS selector is present.
AssertLegacyTrait::assertEqual protected function Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertEquals() instead.
AssertLegacyTrait::assertEscaped protected function Passes if the raw text IS found escaped on the loaded page, fail otherwise.
AssertLegacyTrait::assertField protected function Asserts that a field exists with the given name or ID.
AssertLegacyTrait::assertFieldById protected function Asserts that a field exists with the given ID and value.
AssertLegacyTrait::assertFieldByName protected function Asserts that a field exists with the given name and value.
AssertLegacyTrait::assertFieldByXPath protected function Asserts that a field exists in the current page by the given XPath.
AssertLegacyTrait::assertFieldChecked protected function Asserts that a checkbox field in the current page is checked.
AssertLegacyTrait::assertFieldsByValue protected function Asserts that a field exists in the current page with a given Xpath result.
AssertLegacyTrait::assertHeader protected function Checks that current response header equals value.
AssertLegacyTrait::assertIdentical protected function Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertSame() instead.
AssertLegacyTrait::assertIdenticalObject protected function Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertEquals() instead.
AssertLegacyTrait::assertLink protected function Passes if a link with the specified label is found.
AssertLegacyTrait::assertLinkByHref protected function Passes if a link containing a given href (part) is found.
AssertLegacyTrait::assertNoCacheTag protected function Asserts whether an expected cache tag was absent in the last response.
AssertLegacyTrait::assertNoEscaped protected function Passes if the raw text is not found escaped on the loaded page.
AssertLegacyTrait::assertNoField protected function Asserts that a field does NOT exist with the given name or ID.
AssertLegacyTrait::assertNoFieldById protected function Asserts that a field does not exist with the given ID and value.
AssertLegacyTrait::assertNoFieldByName protected function Asserts that a field does not exist with the given name and value.
AssertLegacyTrait::assertNoFieldByXPath protected function Asserts that a field does not exist or its value does not match, by XPath.
AssertLegacyTrait::assertNoFieldChecked protected function Asserts that a checkbox field in the current page is not checked.
AssertLegacyTrait::assertNoLink protected function Passes if a link with the specified label is not found.
AssertLegacyTrait::assertNoLinkByHref protected function Passes if a link containing a given href (part) is not found.
AssertLegacyTrait::assertNoOption protected function Asserts that a select option does NOT exist in the current page.
AssertLegacyTrait::assertNoPattern protected function Triggers a pass if the Perl regex pattern is not found in the raw content.
AssertLegacyTrait::assertNoRaw protected function Passes if the raw text IS not found on the loaded page, fail otherwise. 1
AssertLegacyTrait::assertNotEqual protected function Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertNotEquals() instead.
AssertLegacyTrait::assertNoText protected function Passes if the page (with HTML stripped) does not contains the text. 1
AssertLegacyTrait::assertNotIdentical protected function Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertNotSame() instead.
AssertLegacyTrait::assertNoUniqueText protected function Passes if the text is found MORE THAN ONCE on the text version of the page.
AssertLegacyTrait::assertOption protected function Asserts that a select option in the current page exists.
AssertLegacyTrait::assertOptionByText protected function Asserts that a select option with the visible text exists.
AssertLegacyTrait::assertOptionSelected protected function Asserts that a select option in the current page is checked.
AssertLegacyTrait::assertPattern protected function Triggers a pass if the Perl regex pattern is found in the raw content.
AssertLegacyTrait::assertRaw protected function Passes if the raw text IS found on the loaded page, fail otherwise. 1
AssertLegacyTrait::assertResponse protected function Asserts the page responds with the specified response code. 1
AssertLegacyTrait::assertText protected function Passes if the page (with HTML stripped) contains the text. 1
AssertLegacyTrait::assertTextHelper protected function Helper for assertText and assertNoText.
AssertLegacyTrait::assertTitle protected function Pass if the page title is the given string.
AssertLegacyTrait::assertUniqueText protected function Passes if the text is found ONLY ONCE on the text version of the page.
AssertLegacyTrait::assertUrl protected function Passes if the internal browser's URL matches the given path.
AssertLegacyTrait::buildXPathQuery protected function Builds an XPath query.
AssertLegacyTrait::constructFieldXpath protected function Helper: Constructs an XPath for the given set of attributes and value.
AssertLegacyTrait::getAllOptions protected function Get all option elements, including nested options, in a select.
AssertLegacyTrait::getRawContent protected function Gets the current raw content.
AssertLegacyTrait::pass protected function Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertTrue() instead.
AssertLegacyTrait::verbose protected function
BlockCreationTrait::placeBlock protected function Creates a block instance based on default settings. Aliased as: drupalPlaceBlock
BrowserHtmlDebugTrait::$htmlOutputBaseUrl protected property The Base URI to use for links to the output files.
BrowserHtmlDebugTrait::$htmlOutputClassName protected property Class name for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputCounter protected property Counter for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputCounterStorage protected property Counter storage for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputDirectory protected property Directory name for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputEnabled protected property HTML output output enabled.
BrowserHtmlDebugTrait::$htmlOutputFile protected property The file name to write the list of URLs to.
BrowserHtmlDebugTrait::$htmlOutputTestId protected property HTML output test ID.
BrowserHtmlDebugTrait::formatHtmlOutputHeaders protected function Formats HTTP headers as string for HTML output logging.
BrowserHtmlDebugTrait::getHtmlOutputHeaders protected function Returns headers in HTML output format. 1
BrowserHtmlDebugTrait::htmlOutput protected function Logs a HTML output message in a text file.
BrowserHtmlDebugTrait::initBrowserOutputFile protected function Creates the directory to store browser output.
BrowserTestBase::$baseUrl protected property The base URL.
BrowserTestBase::$configImporter protected property The config importer that can be used in a test.
BrowserTestBase::$customTranslations protected property An array of custom translations suitable for drupal_rewrite_settings().
BrowserTestBase::$databasePrefix protected property The database prefix of this test run.
BrowserTestBase::$mink protected property Mink session manager.
BrowserTestBase::$minkDefaultDriverArgs protected property
BrowserTestBase::$minkDefaultDriverClass protected property 1
BrowserTestBase::$originalContainer protected property The original container.
BrowserTestBase::$originalShutdownCallbacks protected property The original array of shutdown function callbacks.
BrowserTestBase::$preserveGlobalState protected property
BrowserTestBase::$profile protected property The profile to install as a basis for testing. 39
BrowserTestBase::$root protected property The app root.
BrowserTestBase::$runTestInSeparateProcess protected property Browser tests are run in separate processes to prevent collisions between code that may be loaded by tests.
BrowserTestBase::$timeLimit protected property Time limit in seconds for the test.
BrowserTestBase::$translationFilesDirectory protected property The translation file directory for the test environment.
BrowserTestBase::cleanupEnvironment protected function Clean up the Simpletest environment.
BrowserTestBase::config protected function Configuration accessor for tests. Returns non-overridden configuration.
BrowserTestBase::cssSelectToXpath protected function Translates a CSS expression to its XPath equivalent.
BrowserTestBase::drupalGetHeader protected function Gets the value of an HTTP response header.
BrowserTestBase::drupalGetHeaders Deprecated protected function Returns all response headers.
BrowserTestBase::filePreDeleteCallback public static function Ensures test files are deletable.
BrowserTestBase::getDefaultDriverInstance protected function Gets an instance of the default Mink driver.
BrowserTestBase::getDrupalSettings protected function Gets the JavaScript drupalSettings variable for the currently-loaded page. 1
BrowserTestBase::getHttpClient protected function Obtain the HTTP client for the system under test.
BrowserTestBase::getMinkDriverArgs protected function Get the Mink driver args from an environment variable, if it is set. Can be overridden in a derived class so it is possible to use a different value for a subset of tests, e.g. the JavaScript tests. 1
BrowserTestBase::getOptions protected function Helper function to get the options of select field.
BrowserTestBase::getResponseLogHandler protected function Provides a Guzzle middleware handler to log every response received. Overrides BrowserHtmlDebugTrait::getResponseLogHandler
BrowserTestBase::getSession public function Returns Mink session.
BrowserTestBase::getSessionCookies protected function Get session cookies from current session.
BrowserTestBase::getTestMethodCaller protected function Retrieves the current calling line in the class under test. Overrides BrowserHtmlDebugTrait::getTestMethodCaller
BrowserTestBase::initFrontPage protected function Visits the front page when initializing Mink. 3
BrowserTestBase::initMink protected function Initializes Mink sessions. 1
BrowserTestBase::installDrupal public function Installs Drupal into the Simpletest site. 1
BrowserTestBase::registerSessions protected function Registers additional Mink sessions.
BrowserTestBase::translatePostValues protected function Transforms a nested array into a flat array suitable for drupalPostForm().
BrowserTestBase::xpath protected function Performs an xpath search on the contents of the internal browser.
BrowserTestBase::__construct public function 1
BrowserTestBase::__sleep public function Prevents serializing any properties.
ConfigTestTrait::configImporter protected function Returns a ConfigImporter object to import test configuration.
ConfigTestTrait::copyConfig protected function Copies configuration objects from source storage to target storage.
ContentTypeCreationTrait::createContentType protected function Creates a custom content type based on default settings. Aliased as: drupalCreateContentType 1
FunctionalTestSetupTrait::$apcuEnsureUniquePrefix protected property The flag to set 'apcu_ensure_unique_prefix' setting. 1
FunctionalTestSetupTrait::$classLoader protected property The class loader to use for installation and initialization of setup.
FunctionalTestSetupTrait::$configDirectories Deprecated protected property The config directories used in this test.
FunctionalTestSetupTrait::$rootUser protected property The "#1" admin user.
FunctionalTestSetupTrait::doInstall protected function Execute the non-interactive installer. 1
FunctionalTestSetupTrait::getDatabaseTypes protected function Returns all supported database driver installer objects.
FunctionalTestSetupTrait::initConfig protected function Initialize various configurations post-installation. 2
FunctionalTestSetupTrait::initKernel protected function Initializes the kernel after installation.
FunctionalTestSetupTrait::initSettings protected function Initialize settings created during install.
FunctionalTestSetupTrait::initUserSession protected function Initializes user 1 for the site to be installed.
FunctionalTestSetupTrait::installDefaultThemeFromClassProperty protected function Installs the default theme defined by `static::$defaultTheme` when needed.
FunctionalTestSetupTrait::installModulesFromClassProperty protected function Install modules defined by `static::$modules`. 1
FunctionalTestSetupTrait::installParameters protected function Returns the parameters that will be used when Simpletest installs Drupal. 9
FunctionalTestSetupTrait::prepareEnvironment protected function Prepares the current environment for running the test. 23
FunctionalTestSetupTrait::prepareRequestForGenerator protected function Creates a mock request and sets it on the generator.
FunctionalTestSetupTrait::prepareSettings protected function Prepares site settings and services before installation. 2
FunctionalTestSetupTrait::rebuildAll protected function Resets and rebuilds the environment after setup.
FunctionalTestSetupTrait::rebuildContainer protected function Rebuilds \Drupal::getContainer().
FunctionalTestSetupTrait::resetAll protected function Resets all data structures after having enabled new modules.
FunctionalTestSetupTrait::setContainerParameter protected function Changes parameters in the services.yml file.
FunctionalTestSetupTrait::setupBaseUrl protected function Sets up the base URL based upon the environment variable.
FunctionalTestSetupTrait::writeSettings protected function Rewrites the settings.php file of the test site.
NodeCreationTrait::createNode protected function Creates a node based on default settings. Aliased as: drupalCreateNode
NodeCreationTrait::getNodeByTitle public function Get a node from the database based on its title. Aliased as: drupalGetNodeByTitle
PhpunitCompatibilityTrait::getMock Deprecated public function Returns a mock object for the specified class using the available method.
PhpunitCompatibilityTrait::setExpectedException Deprecated public function Compatibility layer for PHPUnit 6 to support PHPUnit 4 code.
RandomGeneratorTrait::$randomGenerator protected property The random generator.
RandomGeneratorTrait::getRandomGenerator protected function Gets the random generator for the utility methods.
RandomGeneratorTrait::randomMachineName protected function Generates a unique random string containing letters and numbers. 1
RandomGeneratorTrait::randomObject public function Generates a random PHP object.
RandomGeneratorTrait::randomString public function Generates a pseudo-random string of ASCII characters of codes 32 to 126.
RandomGeneratorTrait::randomStringValidate public function Callback for random string validation.
RefreshVariablesTrait::refreshVariables protected function Refreshes in-memory configuration and state information. 3
SessionTestTrait::$sessionName protected property The name of the session cookie.
SessionTestTrait::generateSessionName protected function Generates a session cookie name.
SessionTestTrait::getSessionName protected function Returns the session name in use on the child site.
StorageCopyTrait::replaceStorageContents protected static function Copy the configuration from one storage to another and remove stale items.
TestRequirementsTrait::checkModuleRequirements private function Checks missing module requirements.
TestRequirementsTrait::checkRequirements protected function Check module requirements for the Drupal use case. 1
TestRequirementsTrait::getDrupalRoot protected static function Returns the Drupal root directory.
TestSetupTrait::$configSchemaCheckerExclusions protected static property An array of config object names that are excluded from schema checking.
TestSetupTrait::$container protected property The dependency injection container used in the test.
TestSetupTrait::$kernel protected property The DrupalKernel instance used in the test.
TestSetupTrait::$originalSite protected property The site directory of the original parent site.
TestSetupTrait::$privateFilesDirectory protected property The private file directory for the test environment.
TestSetupTrait::$publicFilesDirectory protected property The public file directory for the test environment.
TestSetupTrait::$siteDirectory protected property The site directory of this test run.
TestSetupTrait::$strictConfigSchema protected property Set to TRUE to strict check all configuration saved. 2
TestSetupTrait::$tempFilesDirectory protected property The temporary file directory for the test environment.
TestSetupTrait::$testId protected property The test run ID.
TestSetupTrait::changeDatabasePrefix protected function Changes the database connection to the prefixed one.
TestSetupTrait::getConfigSchemaExclusions protected function Gets the config schema exclusions for this test.
TestSetupTrait::getDatabaseConnection public static function Returns the database connection to the site running Simpletest.
TestSetupTrait::prepareDatabasePrefix protected function Generates a database prefix for running tests. 2
UiHelperTrait::$loggedInUser protected property The current user logged in using the Mink controlled browser.
UiHelperTrait::$maximumMetaRefreshCount protected property The number of meta refresh redirects to follow, or NULL if unlimited.
UiHelperTrait::$metaRefreshCount protected property The number of meta refresh redirects followed during ::drupalGet().
UiHelperTrait::assertSession public function Returns WebAssert object. 1
UiHelperTrait::buildUrl protected function Builds an a absolute URL from a system path or a URL object.
UiHelperTrait::checkForMetaRefresh protected function Checks for meta refresh tag and if found call drupalGet() recursively.
UiHelperTrait::click protected function Clicks the element with the given CSS selector.
UiHelperTrait::clickLink protected function Follows a link by complete name.
UiHelperTrait::cssSelect protected function Searches elements using a CSS selector in the raw content.
UiHelperTrait::drupalGet protected function Retrieves a Drupal path or an absolute path. 3
UiHelperTrait::drupalLogin protected function Logs in a user using the Mink controlled browser.
UiHelperTrait::drupalLogout protected function Logs a user out of the Mink controlled browser and confirms.
UiHelperTrait::drupalPostForm protected function Executes a form submission.
UiHelperTrait::drupalUserIsLoggedIn protected function Returns whether a given user account is logged in.
UiHelperTrait::getAbsoluteUrl protected function Takes a path and returns an absolute path.
UiHelperTrait::getTextContent protected function Retrieves the plain-text content from the current page.
UiHelperTrait::getUrl protected function Get the current URL from the browser.
UiHelperTrait::prepareRequest protected function Prepare for a request to testing site. 1
UiHelperTrait::submitForm protected function Fills and submits a form.
UserCreationTrait::checkPermissions protected function Checks whether a given list of permission names is valid.
UserCreationTrait::createAdminRole protected function Creates an administrative role.
UserCreationTrait::createRole protected function Creates a role with specified permissions. Aliased as: drupalCreateRole
UserCreationTrait::createUser protected function Create a user with a given set of permissions. Aliased as: drupalCreateUser
UserCreationTrait::grantPermissions protected function Grant permissions to a user role.
UserCreationTrait::setCurrentUser protected function Switch the current logged in user.
UserCreationTrait::setUpCurrentUser protected function Creates a random user account and sets it as current user.
XdebugRequestTrait::extractCookiesFromRequest protected function Adds xdebug cookies, from request setup.