You are here

Home » API reference » Content Access 5 » content_access.test » ContentAccessModuleTestCase

function ContentAccessModuleTestCase::testDeleteAccess in Content Access 5

Same name and namespace in other branches
  1. 6 tests/content_access.test \ContentAccessModuleTestCase::testDeleteAccess()
  2. 7 tests/content_access.test \ContentAccessModuleTestCase::testDeleteAccess()

Test for deleting nodes

File

tests/content_access.test, line 210

Class

ContentAccessModuleTestCase

Code

function testDeleteAccess() {

  // Logout admin and try to delete the node anonymously
  $this
    ->drupalGet(url('logout'));
  $this
    ->drupalGet(url('node/' . $this->node1->nid . '/delete'));
  $this
    ->assertText(t('Access denied'), 'delete access denied for anonymous');

  // Login test user, delete node, access must be denied
  $this
    ->drupalLoginUser($this->test_user);
  $this
    ->drupalGet(url('node/' . $this->node1->nid . '/delete'));
  $this
    ->assertText(t('Access denied'), 'delete access denied for test user');

  // Login admin and grant access for deleting to the test user
  $this
    ->drupalGet(url('logout'));
  $this
    ->drupalLoginUser($this->admin_user);
  $this
    ->changeAccessContentTypeKeyword('delete');

  // Logout admin and try to edit the node anonymously
  // access must be denied again
  $this
    ->drupalGet(url('logout'));
  $this
    ->drupalGet(url('node/' . $this->node1->nid . '/delete'));
  $this
    ->assertText(t('Access denied'), 'delete access denied for anonymous');

  // Login test user, delete node, access must be granted
  $this
    ->drupalLoginUser($this->test_user);
  $this
    ->drupalPostRequest('node/' . $this->node1->nid . '/delete', array(), 'Delete');
  $this
    ->assertWantedRaw(t('%node has been deleted', array(
    '%node' => $this->node1->title,
  )), 'Test node was deleted successfully by test user');

  // Login admin and recreate test node1
  $this
    ->drupalGet(url('logout'));
  $this
    ->drupalLoginUser($this->admin_user);
  $this->node1 = $this
    ->createNode();

  // Enable per node access
  $this
    ->changeAccessPerNode();

  // Restrict delete access on node2 for the test user
  $this
    ->changeAccessNodeKeyword($this->node2, 'delete', FALSE);

  // Logout admin and try to delete both nodes anonymously
  $this
    ->drupalGet(url('logout'));
  $this
    ->drupalGet(url('node/' . $this->node1->nid . '/delete'));
  $this
    ->assertText(t('Access denied'), 'node1 is not deletable');
  $this
    ->drupalGet(url('node/' . $this->node2->nid . '/delete'));
  $this
    ->assertText(t('Access denied'), 'node2 is not deletable');

  // Login test user, delete node1, access must be granted
  $this
    ->drupalLoginUser($this->test_user);
  $this
    ->drupalGet(url('node/' . $this->node1->nid . '/delete'));
  $this
    ->assertNoText(t('Access denied'), 'node1 is deletable');

  // Delete node2, access must be denied
  $this
    ->drupalGet(url('node/' . $this->node2->nid . '/delete'));
  $this
    ->assertText(t('Access denied'), 'node2 is not deletable');

  // Login admin, swap permissions between content type and node2
  $this
    ->drupalGet(url('logout'));
  $this
    ->drupalLoginUser($this->admin_user);

  // Restrict delete access to content type
  $this
    ->changeAccessContentTypeKeyword('delete', FALSE);

  // Grant delete access to node2
  $this
    ->changeAccessNodeKeyword($this->node2, 'delete');

  // Logout admin and try to delete both nodes anonymously
  $this
    ->drupalGet(url('logout'));
  $this
    ->drupalGet(url('node/' . $this->node1->nid . '/delete'));
  $this
    ->assertText(t('Access denied'), 'node1 is not deletable');
  $this
    ->drupalGet(url('node/' . $this->node2->nid . '/delete'));
  $this
    ->assertText(t('Access denied'), 'node2 is not deletable');

  // Login test user, delete node1, access must be denied
  $this
    ->drupalLoginUser($this->test_user);
  $this
    ->drupalGet(url('node/' . $this->node1->nid . '/delete'));
  $this
    ->assertText(t('Access denied'), 'node1 is not deletable');

  // Delete node2, access must be granted
  $this
    ->drupalGet(url('node/' . $this->node2->nid . '/delete'));
  $this
    ->assertNoText(t('Access denied'), 'node2 is deletable');
}