You are here

public function CasUserFormFieldTest::testRestrictedEmailManagementWorks in CAS 8

Same name and namespace in other branches
  1. 2.x tests/src/Functional/CasUserFormFieldTest.php \Drupal\Tests\cas\Functional\CasUserFormFieldTest::testRestrictedEmailManagementWorks()

Tests the restricted email management feature.

File

tests/src/Functional/CasUserFormFieldTest.php, line 215

Class

CasUserFormFieldTest
Tests modifications to the account and registration forms.

Namespace

Drupal\Tests\cas\Functional

Code

public function testRestrictedEmailManagementWorks() {
  $admin = $this
    ->drupalCreateUser([
    'administer account settings',
    'administer users',
  ]);
  $non_cas_user = $this
    ->drupalCreateUser();
  $cas_user = $this
    ->drupalCreateUser();

  // Give the second user a CAS username association.
  $this->container
    ->get('cas.user_manager')
    ->setCasUsernameForAccount($cas_user, 'cas_user');

  // Enable the "restrict email management" feature.
  // Disable the "prevent normal login" feature so it doesn't interfere with
  // out logins.
  $this
    ->drupalLogin($admin);
  $edit = [
    'user_accounts[restrict_email_management]' => TRUE,
    'user_accounts[prevent_normal_login]' => FALSE,
  ];
  $this
    ->drupalPostForm('/admin/config/people/cas', $edit, 'Save configuration');
  $this
    ->assertEquals(TRUE, $this
    ->config('cas.settings')
    ->get('user_accounts.restrict_email_management'));
  $this
    ->drupalLogout();

  // The CAS module's modifications to the user account form and validation
  // should NOT take effect for non-CAS users, so test that such a user is
  // still able to manage their email as usual.
  $this
    ->drupalLogin($non_cas_user);
  $this
    ->drupalGet('/user/' . $non_cas_user
    ->id() . '/edit');
  $page = $this
    ->getSession()
    ->getPage();
  $this
    ->assertNotNull($page
    ->findField('mail'));
  $form_data = [
    'current_pass' => 'incorrectpassword',
    'mail' => 'new-noncasuser-email@sample.com',
  ];

  // First try changing data with wrong password to ensure the protected
  // password constraint still works.
  $this
    ->drupalPostForm('/user/' . $non_cas_user
    ->id() . '/edit', $form_data, 'Save');
  $this
    ->assertSession()
    ->responseContains('Your current password is missing or incorrect');

  // Now again with the correct current password.
  $form_data['current_pass'] = $non_cas_user->pass_raw;
  $this
    ->drupalPostForm('/user/' . $non_cas_user
    ->id() . '/edit', $form_data, 'Save');
  $this
    ->assertSession()
    ->responseContains('The changes have been saved.');

  // For CAS users, we modify the user form to disable the email field.
  $this
    ->drupalLogout();
  $this
    ->drupalLogin($cas_user);
  $this
    ->drupalGet('/user/' . $cas_user
    ->id() . '/edit');
  $page = $this
    ->getSession()
    ->getPage();
  $email_field = $page
    ->findField('mail');
  $this
    ->assertNotNull($email_field);
  $this
    ->assertEquals('disabled', $email_field
    ->getAttribute('disabled'));

  // An admin should not see a disabled email field for that same user.
  $this
    ->drupalLogout();
  $this
    ->drupalLogin($admin);
  $this
    ->drupalGet('/user/' . $cas_user
    ->id() . '/edit');
  $page = $this
    ->getSession()
    ->getPage();
  $email_field = $page
    ->findField('mail');
  $this
    ->assertNotNull($email_field);
  $this
    ->assertObjectNotHasAttribute('disabled', $email_field);

  // Now disable the "restrict email management" feature.
  $edit = [
    'user_accounts[restrict_email_management]' => FALSE,
  ];
  $this
    ->drupalPostForm('/admin/config/people/cas', $edit, 'Save configuration');
  $this
    ->assertEquals(FALSE, $this
    ->config('cas.settings')
    ->get('user_accounts.restrict_email_management'));
  $this
    ->drupalLogout();

  // And ensure that the email field on the CAS user's profile form is no
  // longer disabled.
  $this
    ->drupalLogin($cas_user);
  $this
    ->drupalGet('/user/' . $cas_user
    ->id() . '/edit');
  $page = $this
    ->getSession()
    ->getPage();
  $email_field = $page
    ->findField('mail');
  $this
    ->assertNotNull($email_field);
  $this
    ->assertEmpty($email_field
    ->getAttribute('disabled'));
}