public function ContentAccessModuleTest::testDeleteAccess in Content Access 8
Test for deleting nodes.
File
- tests/
src/ Functional/ ContentAccessModuleTest.php, line 264
Class
- ContentAccessModuleTest
- Automated BrowserTest Case for content access module.
Namespace
Drupal\Tests\content_access\FunctionalCode
public function testDeleteAccess() {
// Logout admin and try to delete the node anonymously.
$this
->drupalLogout();
$this
->drupalGet('node/' . $this->node1
->id() . '/delete');
$this
->assertSession()
->pageTextContains($this
->t('Access denied'));
// Login test user, delete node, access must be denied.
$this
->drupalLogin($this->testUser);
$this
->drupalGet('node/' . $this->node1
->id() . '/delete');
$this
->assertSession()
->pageTextContains($this
->t('Access denied'));
// Login admin and grant access for deleting to the test user.
$this
->drupalLogin($this->adminUser);
$this
->changeAccessContentTypeKeyword('delete');
// Logout admin and try to edit the node anonymously
// access must be denied again.
$this
->drupalLogout();
$this
->drupalGet('node/' . $this->node1
->id() . '/delete');
$this
->assertSession()
->pageTextContains($this
->t('Access denied'));
// Login test user, delete node, access must be granted.
$this
->drupalLogin($this->testUser);
$this
->drupalPostForm('node/' . $this->node1
->id() . '/delete', [], 'Delete');
$this
->assertRaw($this
->t('%node has been deleted', [
'%node' => $this->node1
->getTitle(),
]), 'Test node was deleted successfully by test user');
// Login admin and recreate test node1.
$this
->drupalLogin($this->adminUser);
$this->node1 = $this
->drupalCreateNode([
'type' => $this->contentType
->id(),
]);
// Enable per node access.
$this
->changeAccessPerNode();
// Restrict access for this content type for the test user.
$this
->changeAccessContentTypeKeyword('delete', FALSE);
// Allow acces for node1 only.
$this
->changeAccessNodeKeyword($this->node1, 'delete');
$this
->changeAccessNodeKeyword($this->node2, 'delete', FALSE);
// Logout admin and try to delete both nodes anonymously.
$this
->drupalLogout();
$this
->drupalGet('node/' . $this->node1
->id() . '/delete');
$this
->assertSession()
->pageTextContains($this
->t('Access denied'));
$this
->drupalGet('node/' . $this->node2
->id() . '/delete');
$this
->assertSession()
->pageTextContains($this
->t('Access denied'));
// Login test user, delete node1, access must be granted.
$this
->drupalLogin($this->testUser);
$this
->drupalGet('node/' . $this->node1
->id() . '/delete');
$this
->assertSession()
->pageTextNotContains($this
->t('Access denied'));
// Delete node2, access must be denied.
$this
->drupalGet('node/' . $this->node2
->id() . '/delete');
$this
->assertSession()
->pageTextContains($this
->t('Access denied'));
// Login admin, swap permissions between node1 and node2.
$this
->drupalLogin($this->adminUser);
// Grant delete access to node2.
$this
->changeAccessNodeKeyword($this->node2, 'delete');
// Restrict delete acces to node1.
$this
->changeAccessNodeKeyword($this->node1, 'delete', FALSE);
// Logout admin and try to delete both nodes anonymously.
$this
->drupalLogout();
$this
->drupalGet('node/' . $this->node1
->id() . '/delete');
$this
->assertSession()
->pageTextContains($this
->t('Access denied'));
$this
->drupalGet('node/' . $this->node2
->id() . '/delete');
$this
->assertSession()
->pageTextContains($this
->t('Access denied'));
// Login test user, delete node1, access must be denied.
$this
->drupalLogin($this->testUser);
$this
->drupalGet('node/' . $this->node1
->id() . '/delete');
$this
->assertSession()
->pageTextContains($this
->t('Access denied'));
// Delete node2, access must be granted.
$this
->drupalGet('node/' . $this->node2
->id() . '/delete');
$this
->assertSession()
->pageTextNotContains($this
->t('Access denied'));
}