protected function AccessTest::teamAccessTest in Apigee Edge 8
Tests team, team membership level and admin permissions.
1 call to AccessTest::teamAccessTest()
- AccessTest::testAccess in modules/
apigee_edge_teams/ tests/ src/ Functional/ AccessTest.php - Tests team, team membership level and admin permissions, team roles.
File
- modules/
apigee_edge_teams/ tests/ src/ Functional/ AccessTest.php, line 315
Class
- AccessTest
- Teams module access test.
Namespace
Drupal\Tests\apigee_edge_teams\FunctionalCode
protected function teamAccessTest() {
// Ensure the current user is anonymous.
if ($this->loggedInUser) {
$this
->drupalLogout();
}
// Anonymous user has no access to team, team app and admin pages.
$this
->validateTeamAccess();
$this
->validateTeamAppAccess();
$this
->validateAccessToAdminRoutes(FALSE);
// The user is not a member of the team and it has no teams related
// permission. It has no access to view any team or team app related page.
$this
->drupalLogin($this->account);
$this
->validateTeamAccess();
$this
->validateTeamAppAccess();
// The user is not a member of the team. Grant every team entity related
// permission one by one and validate available UIs.
foreach (array_keys(self::TEAM_PERMISSION_MATRIX) as $permission) {
$this
->setUserPermissions([
$permission,
]);
$this
->validateTeamAccess();
$this
->validateTeamAppAccess();
}
// The user is not a member of the team but it has every team related
// permission. It has no access to view any team app page.
$this
->setUserPermissions(array_keys(self::TEAM_PERMISSION_MATRIX));
$this
->validateTeamAccess();
$this
->validateTeamAppAccess();
// The user is a member of the team but it has no team related site-wide
// permission and every team permission is also revoked.
$this->teamMembershipManager
->addMembers($this->team
->getName(), [
$this->account
->getEmail(),
]);
$this
->setUserPermissions([]);
$this
->setTeamRolePermissionsOnUi(TeamRoleInterface::TEAM_MEMBER_ROLE, []);
$this
->validateTeamAccess();
$this
->validateTeamAppAccess();
// The user is a member of the team. Check every team member level
// permission one by one.
foreach (array_keys(self::TEAM_MEMBER_PERMISSION_MATRIX) as $permission) {
$this
->setTeamRolePermissionsOnUi(TeamRoleInterface::TEAM_MEMBER_ROLE, [
$permission,
]);
$this
->validateTeamAccess();
$this
->validateTeamAppAccess();
}
// The user is not a member of the team but every team member operation is
// enabled. The user has no access to the team and team app related pages.
$this
->setTeamRolePermissionsOnUi(TeamRoleInterface::TEAM_MEMBER_ROLE, array_keys(self::TEAM_MEMBER_PERMISSION_MATRIX));
$this->teamMembershipManager
->removeMembers($this->team
->getName(), [
$this->account
->getEmail(),
]);
$this
->validateTeamAccess();
$this
->validateTeamAppAccess();
// With administer apigee edge permission the user has no access to team,
// team app and admin pages.
$this
->setUserPermissions([
'administer apigee edge',
]);
$this
->validateTeamAccess();
$this
->validateTeamAppAccess();
$this
->validateAccessToAdminRoutes(FALSE);
// With manage team apps permission the user has access to team app pages.
$this
->setUserPermissions([
'manage team apps',
]);
$this
->validateTeamAccess();
$this
->validateTeamAppAccess(TRUE);
$this
->validateAccessToAdminRoutes(FALSE);
// With administer teams permission the user has access to team, team app
// and admin pages.
$this
->setUserPermissions([
'administer team',
]);
$this
->validateTeamAccess(TRUE);
$this
->validateTeamAppAccess(TRUE);
$this
->validateAccessToAdminRoutes(TRUE);
}