View source
<?php
namespace Drupal\Tests\commerce_checkout\Kernel;
use Drupal\commerce_order\Entity\Order;
use Drupal\commerce_order\Entity\OrderInterface;
use Drupal\commerce_product\Entity\Product;
use Drupal\commerce_product\Entity\ProductVariation;
use Drupal\commerce_store\StoreCreationTrait;
use Drupal\Core\Url;
use Drupal\Tests\commerce_cart\Kernel\CartKernelTestBase;
use Drupal\user\UserInterface;
use Symfony\Cmf\Component\Routing\RouteObjectInterface;
use Symfony\Component\HttpFoundation\Request;
class CheckoutAccessTest extends CartKernelTestBase {
use StoreCreationTrait;
protected $accessManager;
protected $orderItemStorage;
protected $variation;
protected $store;
public static $modules = [
'commerce_checkout',
];
protected function setUp() : void {
parent::setUp();
$this
->installConfig('commerce_checkout');
$this
->createUser();
$this->accessManager = $this->container
->get('access_manager');
$this->orderItemStorage = $this->container
->get('entity_type.manager')
->getStorage('commerce_order_item');
$variation = ProductVariation::create([
'type' => 'default',
'sku' => $this
->randomMachineName(),
'price' => [
'number' => 999,
'currency_code' => 'USD',
],
]);
$variation
->save();
$product = Product::create([
'type' => 'default',
'title' => $this
->randomMachineName(),
'stores' => [
$this->store,
],
'variations' => [
$this->variation,
],
]);
$product
->save();
$this->variation = $this
->reloadEntity($variation);
$this->store = $this
->createStore();
}
public function testAccessCheckoutPermission() {
$user_with_access = $this
->createUser([], [
'access checkout',
]);
$user_without_access = $this
->createUser([], []);
$order = $this
->createOrder($user_with_access);
$request = $this
->createRequest($order);
$this
->assertTrue($this->accessManager
->checkRequest($request, $user_with_access));
$order = $this
->createOrder($user_without_access);
$request = $this
->createRequest($order);
$this
->assertFalse($this->accessManager
->checkRequest($request, $user_without_access));
}
public function testOwnerCheckoutAccess() {
$user1 = $this
->createUser([], [
'access checkout',
]);
$user2 = $this
->createUser([], [
'access checkout',
]);
$order = $this
->createOrder($user1);
$request = $this
->createRequest($order);
$this
->assertTrue($this->accessManager
->checkRequest($request, $user1));
$this
->assertFalse($this->accessManager
->checkRequest($request, $user2));
}
public function testCanceledOrderCheckout() {
$user1 = $this
->createUser([], [
'access checkout',
]);
$order = $this
->createOrder($user1);
$order
->getState()
->applyTransitionById('cancel');
$request = $this
->createRequest($order);
$this
->assertFalse($this->accessManager
->checkRequest($request, $user1));
}
public function testOrderMustHaveItems() {
$user1 = $this
->createUser([], [
'access checkout',
]);
$order = $this
->createOrder($user1);
$order
->setItems([]);
$request = $this
->createRequest($order);
$this
->assertFalse($this->accessManager
->checkRequest($request, $user1));
}
protected function createRequest(OrderInterface $order, $step = NULL) {
$url = Url::fromRoute('commerce_checkout.form', [
'commerce_order' => $order
->id(),
'step' => $step,
]);
$route_provider = $this->container
->get('router.route_provider');
$route = $route_provider
->getRouteByName($url
->getRouteName());
$request = Request::create($url
->toString());
$request->attributes
->add([
RouteObjectInterface::ROUTE_OBJECT => $route,
'commerce_order' => $order,
]);
$this->container
->get('request_stack')
->push($request);
return $request;
}
protected function createOrder(UserInterface $user) {
$order = Order::create([
'type' => 'default',
'state' => 'draft',
'mail' => $user
->getEmail(),
'uid' => $user
->id(),
'ip_address' => '127.0.0.1',
'order_number' => '6',
'store_id' => $this->store
->id(),
]);
$order_item = $this->orderItemStorage
->createFromPurchasableEntity($this->variation);
$order_item
->save();
$order
->addItem($order_item);
$order
->save();
return $order;
}
}