You are here

Home » API reference » Content Access 6

content_access.test in Content Access 6

Same filename and directory in other branches
  1. 5 tests/content_access.test
  2. 7 tests/content_access.test

File

tests/content_access.test
View source 
<?php

/**
 * @file
 * Automatd SimpleTest Case for content access module
 */
require_once drupal_get_path('module', 'content_access') . '/tests/content_access_test_help.php';
class ContentAccessModuleTestCase extends ContentAccessTestCase {

  /**
   * Implementation of get_info() for information
   */
  function getInfo() {
    return array(
      'name' => t('Content Access Module Tests'),
      'description' => t('Various tests to check permission settings on nodes.'),
      'group' => t('Content Access'),
    );
  }
  function setUp() {
    parent::setUp();

    // Create test nodes
    $this->node1 = $this
      ->drupalCreateNode(array(
      'type' => $this->content_type_name,
    ));
    $this->node2 = $this
      ->drupalCreateNode(array(
      'type' => $this->content_type_name,
    ));
  }

  /**
   * Test for viewing nodes
   */
  function testViewAccess() {

    // Restrict access to the content type (access is only allowed for the author)
    $access_permissions = array(
      'view[1]' => FALSE,
      'view[2]' => FALSE,
    );
    $this
      ->changeAccessContentType($access_permissions);

    // Logout admin and try to access the node anonymously
    $this
      ->drupalLogout();
    $this
      ->drupalGet('node/' . $this->node1->nid);
    $this
      ->assertText(t('Access denied'), 'node is not viewable');

    // Login test user, view node, access must be denied
    $this
      ->drupalLogin($this->test_user);
    $this
      ->drupalGet('node/' . $this->node1->nid);
    $this
      ->assertText(t('Access denied'), 'node is not viewable');

    // Login admin and grant access for viewing to the test user
    $this
      ->drupalLogin($this->admin_user);
    $this
      ->changeAccessContentTypeKeyword('view');

    // Logout admin and try to access the node anonymously
    // access must be denied again
    $this
      ->drupalLogout();
    $this
      ->drupalGet('node/' . $this->node1->nid);
    $this
      ->assertText(t('Access denied'), 'node is not viewable');

    // Login test user, view node, access must be granted
    $this
      ->drupalLogin($this->test_user);
    $this
      ->drupalGet('node/' . $this->node1->nid);
    $this
      ->assertNoText(t('Access denied'), 'node is viewable');

    // Login admin and enable per node access
    $this
      ->drupalLogin($this->admin_user);
    $this
      ->changeAccessPerNode();

    // Restrict access on node2 for the test user role
    $this
      ->changeAccessNodeKeyword($this->node2, 'view', FALSE);

    // Logout admin and try to access both nodes anonymously
    $this
      ->drupalLogout();
    $this
      ->drupalGet('node/' . $this->node1->nid);
    $this
      ->assertText(t('Access denied'), 'node1 is not viewable');
    $this
      ->drupalGet('node/' . $this->node2->nid);
    $this
      ->assertText(t('Access denied'), 'node2 is not viewable');

    // Login test user, view node1, access must be granted
    $this
      ->drupalLogin($this->test_user);
    $this
      ->drupalGet('node/' . $this->node1->nid);
    $this
      ->assertNoText(t('Access denied'), 'node1 is viewable');

    // View node2, access must be denied
    $this
      ->drupalGet('node/' . $this->node2->nid);
    $this
      ->assertText(t('Access denied'), 'node2 is not viewable');

    // Login admin, swap permissions between content type and node2
    $this
      ->drupalLogin($this->admin_user);

    // Restrict access to content type
    $this
      ->changeAccessContentTypeKeyword('view', FALSE);

    // Grant access to node2
    $this
      ->changeAccessNodeKeyword($this->node2, 'view');

    // Logout admin and try to access both nodes anonymously
    $this
      ->drupalLogout();
    $this
      ->drupalGet('node/' . $this->node1->nid);
    $this
      ->assertText(t('Access denied'), 'node1 is not viewable');
    $this
      ->drupalGet('node/' . $this->node2->nid);
    $this
      ->assertText(t('Access denied'), 'node2 is not viewable');

    // Login test user, view node1, access must be denied
    $this
      ->drupalLogin($this->test_user);
    $this
      ->drupalGet('node/' . $this->node1->nid);
    $this
      ->assertText(t('Access denied'), 'node1 is not viewable');

    // View node2, access must be granted
    $this
      ->drupalGet('node/' . $this->node2->nid);
    $this
      ->assertNoText(t('Access denied'), 'node2 is viewable');
  }

  /**
   * Test for editing nodes
   */
  function testEditAccess() {

    // Logout admin and try to edit the node anonymously
    $this
      ->drupalLogout();
    $this
      ->drupalGet('node/' . $this->node1->nid . '/edit');
    $this
      ->assertText(t('Access denied'), 'edit access denied for anonymous');

    // Login test user, edit node, access must be denied
    $this
      ->drupalLogin($this->test_user);
    $this
      ->drupalGet('node/' . $this->node1->nid . '/edit');
    $this
      ->assertText(t('Access denied'), 'edit access denied for test user');

    // Login admin and grant access for editing to the test user
    $this
      ->drupalLogin($this->admin_user);
    $this
      ->changeAccessContentTypeKeyword('update');

    // Logout admin and try to edit the node anonymously
    // access must be denied again
    $this
      ->drupalLogout();
    $this
      ->drupalGet('node/' . $this->node1->nid . '/edit');
    $this
      ->assertText(t('Access denied'), 'edit access denied for anonymous');

    // Login test user, edit node, access must be granted
    $this
      ->drupalLogin($this->test_user);
    $this
      ->drupalGet('node/' . $this->node1->nid . '/edit');
    $this
      ->assertNoText(t('Access denied'), 'node1 is editable');

    // Login admin and enable per node access
    $this
      ->drupalLogin($this->admin_user);
    $this
      ->changeAccessPerNode();

    // Restrict access for this content type for the test user
    $this
      ->changeAccessContentTypeKeyword('update', FALSE);

    // Allow acces for node1 only
    $this
      ->changeAccessNodeKeyword($this->node1, 'update');

    // Logout admin and try to edit both nodes anonymously
    $this
      ->drupalLogout();
    $this
      ->drupalGet('node/' . $this->node1->nid . '/edit');
    $this
      ->assertText(t('Access denied'), 'node1 is not editable');
    $this
      ->drupalGet('node/' . $this->node2->nid . '/edit');
    $this
      ->assertText(t('Access denied'), 'node2 is not editable');

    // Login test user, edit node1, access must be granted
    $this
      ->drupalLogin($this->test_user);
    $this
      ->drupalGet('node/' . $this->node1->nid . '/edit');
    $this
      ->assertNoText(t('Access denied'), 'node1 is editable');

    // Edit node2, access must be denied
    $this
      ->drupalGet('node/' . $this->node2->nid . '/edit');
    $this
      ->assertText(t('Access denied'), 'node2 is not editable');

    // Login admin, swap permissions between node1 and node2
    $this
      ->drupalLogin($this->admin_user);

    // Grant edit access to node2
    $this
      ->changeAccessNodeKeyword($this->node2, 'update');

    // Restrict edit acces to node1
    $this
      ->changeAccessNodeKeyword($this->node1, 'update', FALSE);

    // Logout admin and try to edit both nodes anonymously
    $this
      ->drupalLogout();
    $this
      ->drupalGet('node/' . $this->node1->nid . '/edit');
    $this
      ->assertText(t('Access denied'), 'node1 is not editable');
    $this
      ->drupalGet('node/' . $this->node2->nid . '/edit');
    $this
      ->assertText(t('Access denied'), 'node2 is not editable');

    // Login test user, edit node1, access must be denied
    $this
      ->drupalLogin($this->test_user);
    $this
      ->drupalGet('node/' . $this->node1->nid . '/edit');
    $this
      ->assertText(t('Access denied'), 'node1 is not editable');

    // Edit node2, access must be granted
    $this
      ->drupalGet('node/' . $this->node2->nid . '/edit');
    $this
      ->assertNoText(t('Access denied'), 'node2 is editable');
  }

  /**
   * Test for deleting nodes
   */
  function testDeleteAccess() {

    // Logout admin and try to delete the node anonymously
    $this
      ->drupalLogout();
    $this
      ->drupalGet('node/' . $this->node1->nid . '/delete');
    $this
      ->assertText(t('Access denied'), 'delete access denied for anonymous');

    // Login test user, delete node, access must be denied
    $this
      ->drupalLogin($this->test_user);
    $this
      ->drupalGet('node/' . $this->node1->nid . '/delete');
    $this
      ->assertText(t('Access denied'), 'delete access denied for test user');

    // Login admin and grant access for deleting to the test user
    $this
      ->drupalLogin($this->admin_user);
    $this
      ->changeAccessContentTypeKeyword('delete');

    // Logout admin and try to edit the node anonymously
    // access must be denied again
    $this
      ->drupalLogout();
    $this
      ->drupalGet('node/' . $this->node1->nid . '/delete');
    $this
      ->assertText(t('Access denied'), 'delete access denied for anonymous');

    // Login test user, delete node, access must be granted
    $this
      ->drupalLogin($this->test_user);
    $this
      ->drupalPost('node/' . $this->node1->nid . '/delete', array(), 'Delete');
    $this
      ->assertRaw(t('%node has been deleted', array(
      '%node' => $this->node1->title,
    )), 'Test node was deleted successfully by test user');

    // Login admin and recreate test node1
    $this
      ->drupalLogin($this->admin_user);
    $this->node1 = $this
      ->drupalCreateNode(array(
      'type' => $this->content_type_name,
    ));

    // Enable per node access
    $this
      ->changeAccessPerNode();

    // Restrict access for this content type for the test user
    $this
      ->changeAccessContentTypeKeyword('delete', FALSE);

    // Allow acces for node1 only
    $this
      ->changeAccessNodeKeyword($this->node1, 'delete');

    // Logout admin and try to delete both nodes anonymously
    $this
      ->drupalLogout();
    $this
      ->drupalGet('node/' . $this->node1->nid . '/delete');
    $this
      ->assertText(t('Access denied'), 'node1 is not deletable');
    $this
      ->drupalGet('node/' . $this->node2->nid . '/delete');
    $this
      ->assertText(t('Access denied'), 'node2 is not deletable');

    // Login test user, delete node1, access must be granted
    $this
      ->drupalLogin($this->test_user);
    $this
      ->drupalGet('node/' . $this->node1->nid . '/delete');
    $this
      ->assertNoText(t('Access denied'), 'node1 is deletable');

    // Delete node2, access must be denied
    $this
      ->drupalGet('node/' . $this->node2->nid . '/delete');
    $this
      ->assertText(t('Access denied'), 'node2 is not deletable');

    // Login admin, swap permissions between node1 and node2
    $this
      ->drupalLogin($this->admin_user);

    // Grant delete access to node2
    $this
      ->changeAccessNodeKeyword($this->node2, 'delete');

    // Restrict delete acces to node1
    $this
      ->changeAccessNodeKeyword($this->node1, 'delete', FALSE);

    // Logout admin and try to delete both nodes anonymously
    $this
      ->drupalLogout();
    $this
      ->drupalGet('node/' . $this->node1->nid . '/delete');
    $this
      ->assertText(t('Access denied'), 'node1 is not deletable');
    $this
      ->drupalGet('node/' . $this->node2->nid . '/delete');
    $this
      ->assertText(t('Access denied'), 'node2 is not deletable');

    // Login test user, delete node1, access must be denied
    $this
      ->drupalLogin($this->test_user);
    $this
      ->drupalGet('node/' . $this->node1->nid . '/delete');
    $this
      ->assertText(t('Access denied'), 'node1 is not deletable');

    // Delete node2, access must be granted
    $this
      ->drupalGet('node/' . $this->node2->nid . '/delete');
    $this
      ->assertNoText(t('Access denied'), 'node2 is deletable');
  }

  /**
   * Test own view access
   */
  function testOwnViewAccess() {

    // Setup 2 test users
    $test_user1 = $this->test_user;
    $test_user2 = $this
      ->drupalCreateUser();

    // Change ownership of test nodes to test users
    $this->node1->uid = $test_user1->uid;
    node_save($this->node1);
    $this->node2->uid = $test_user2->uid;
    node_save($this->node2);

    // Remove all view permissions for this content type
    $access_permissions = array(
      'view[1]' => FALSE,
      'view[2]' => FALSE,
      'view_own[1]' => FALSE,
      'view_own[2]' => FALSE,
    );
    $this
      ->changeAccessContentType($access_permissions);

    // Allow view own content for test user 1 and 2 roles
    $this
      ->changeAccessContentTypeKeyword('view_own', TRUE, $test_user1);
    $this
      ->changeAccessContentTypeKeyword('view_own', TRUE, $test_user2);

    // Logout admin and try to access both nodes anonymously
    $this
      ->drupalLogout();
    $this
      ->drupalGet('node/' . $this->node1->nid);
    $this
      ->assertText(t('Access denied'), 'node1 is not viewable');
    $this
      ->drupalGet('node/' . $this->node2->nid);
    $this
      ->assertText(t('Access denied'), 'node2 is not viewable');

    // Login test user 1, view node1, access must be granted
    $this
      ->drupalLogin($test_user1);
    $this
      ->drupalGet('node/' . $this->node1->nid);
    $this
      ->assertNoText(t('Access denied'), 'node1 is viewable');

    // View node2, access must be denied
    $this
      ->drupalGet('node/' . $this->node2->nid);
    $this
      ->assertText(t('Access denied'), 'node2 is not viewable');

    // Login test user 2, view node1, access must be denied
    $this
      ->drupalLogin($test_user2);
    $this
      ->drupalGet('node/' . $this->node1->nid);
    $this
      ->assertText(t('Access denied'), 'node1 is not viewable');

    // View node2, access must be granted
    $this
      ->drupalGet('node/' . $this->node2->nid);
    $this
      ->assertNoText(t('Access denied'), 'node2 is viewable');
  }

}

Classes

Namesort descending Description
ContentAccessModuleTestCase