You are here

function ContentAccessModuleTestCase::testEditAccess in Content Access 5

Same name and namespace in other branches
  1. 6 tests/content_access.test \ContentAccessModuleTestCase::testEditAccess()
  2. 7 tests/content_access.test \ContentAccessModuleTestCase::testEditAccess()

Test for editing nodes

File

tests/content_access.test, line 127

Class

ContentAccessModuleTestCase

Code

function testEditAccess() {

  // Logout admin and try to edit the node anonymously
  $this
    ->drupalGet(url('logout'));
  $this
    ->drupalGet(url('node/' . $this->node1->nid . '/edit'));
  $this
    ->assertText(t('Access denied'), 'edit access denied for anonymous');

  // Login test user, edit node, access must be denied
  $this
    ->drupalLoginUser($this->test_user);
  $this
    ->drupalGet(url('node/' . $this->node1->nid . '/edit'));
  $this
    ->assertText(t('Access denied'), 'edit access denied for test user');

  // Login admin and grant access for editing to the test user
  $this
    ->drupalGet(url('logout'));
  $this
    ->drupalLoginUser($this->admin_user);
  $this
    ->changeAccessContentTypeKeyword('update');

  // Logout admin and try to edit the node anonymously
  // access must be denied again
  $this
    ->drupalGet(url('logout'));
  $this
    ->drupalGet(url('node/' . $this->node1->nid . '/edit'));
  $this
    ->assertText(t('Access denied'), 'edit access denied for anonymous');

  // Login test user, edit node, access must be granted
  $this
    ->drupalLoginUser($this->test_user);
  $this
    ->drupalGet(url('node/' . $this->node1->nid . '/edit'));
  $this
    ->assertNoText(t('Access denied'), 'node1 is editable');

  // Login admin and enable per node access
  $this
    ->drupalGet(url('logout'));
  $this
    ->drupalLoginUser($this->admin_user);
  $this
    ->changeAccessPerNode();

  // Restrict edit access on node2 for the test user
  $this
    ->changeAccessNodeKeyword($this->node2, 'update', FALSE);

  // Logout admin and try to edit both nodes anonymously
  $this
    ->drupalGet(url('logout'));
  $this
    ->drupalGet(url('node/' . $this->node1->nid . '/edit'));
  $this
    ->assertText(t('Access denied'), 'node1 is not editable');
  $this
    ->drupalGet(url('node/' . $this->node2->nid . '/edit'));
  $this
    ->assertText(t('Access denied'), 'node2 is not editable');

  // Login test user, edit node1, access must be granted
  $this
    ->drupalLoginUser($this->test_user);
  $this
    ->drupalGet(url('node/' . $this->node1->nid . '/edit'));
  $this
    ->assertNoText(t('Access denied'), 'node1 is editable');

  // Edit node2, access must be denied
  $this
    ->drupalGet(url('node/' . $this->node2->nid . '/edit'));
  $this
    ->assertText(t('Access denied'), 'node2 is not editable');

  // Login admin, swap permissions between content type and node2
  $this
    ->drupalGet(url('logout'));
  $this
    ->drupalLoginUser($this->admin_user);

  // Restrict edit access to content type
  $this
    ->changeAccessContentTypeKeyword('update', FALSE);

  // Grant edit access to node2
  $this
    ->changeAccessNodeKeyword($this->node2, 'update');

  // Logout admin and try to edit both nodes anonymously
  $this
    ->drupalGet(url('logout'));
  $this
    ->drupalGet(url('node/' . $this->node1->nid . '/edit'));
  $this
    ->assertText(t('Access denied'), 'node1 is not editable');
  $this
    ->drupalGet(url('node/' . $this->node2->nid . '/edit'));
  $this
    ->assertText(t('Access denied'), 'node2 is not editable');

  // Login test user, edit node1, access must be denied
  $this
    ->drupalLoginUser($this->test_user);
  $this
    ->drupalGet(url('node/' . $this->node1->nid . '/edit'));
  $this
    ->assertText(t('Access denied'), 'node1 is not editable');

  // Edit node2, access must be granted
  $this
    ->drupalGet(url('node/' . $this->node2->nid . '/edit'));
  $this
    ->assertNoText(t('Access denied'), 'node2 is editable');
}