You are here

public function ContentAccessModuleTest::testEditAccess in Content Access 8

Test for editing nodes.

File

tests/src/Functional/ContentAccessModuleTest.php, line 183

Class

ContentAccessModuleTest
Automated BrowserTest Case for content access module.

Namespace

Drupal\Tests\content_access\Functional

Code

public function testEditAccess() {

  // Logout admin and try to edit the node anonymously.
  $this
    ->drupalLogout();
  $this
    ->drupalGet('node/' . $this->node1
    ->id() . '/edit');
  $this
    ->assertSession()
    ->pageTextContains($this
    ->t('Access denied'));

  // Login test user, edit node, access must be denied.
  $this
    ->drupalLogin($this->testUser);
  $this
    ->drupalGet('node/' . $this->node1
    ->id() . '/edit');
  $this
    ->assertSession()
    ->pageTextContains($this
    ->t('Access denied'));

  // Login admin and grant access for editing to the test user.
  $this
    ->drupalLogin($this->adminUser);
  $this
    ->changeAccessContentTypeKeyword('update');

  // Logout admin and try to edit the node anonymously
  // access must be denied again.
  $this
    ->drupalLogout();
  $this
    ->drupalGet('node/' . $this->node1
    ->id() . '/edit');
  $this
    ->assertSession()
    ->pageTextContains($this
    ->t('Access denied'));

  // Login test user, edit node, access must be granted.
  $this
    ->drupalLogin($this->testUser);
  $this
    ->drupalGet('node/' . $this->node1
    ->id() . '/edit');
  $this
    ->assertSession()
    ->pageTextNotContains($this
    ->t('Access denied'));

  // Login admin and enable per node access.
  $this
    ->drupalLogin($this->adminUser);
  $this
    ->changeAccessPerNode();

  // Restrict access for this content type for the test user.
  $this
    ->changeAccessContentTypeKeyword('update', FALSE);

  // Allow acces for node1 only.
  $this
    ->changeAccessNodeKeyword($this->node1, 'update');
  $this
    ->changeAccessNodeKeyword($this->node2, 'update', FALSE);

  // Logout admin and try to edit both nodes anonymously.
  $this
    ->drupalLogout();
  $this
    ->drupalGet('node/' . $this->node1
    ->id() . '/edit');
  $this
    ->assertSession()
    ->pageTextContains($this
    ->t('Access denied'));
  $this
    ->drupalGet('node/' . $this->node2
    ->id() . '/edit');
  $this
    ->assertSession()
    ->pageTextContains($this
    ->t('Access denied'));

  // Login test user, edit node1, access must be granted.
  $this
    ->drupalLogin($this->testUser);
  $this
    ->drupalGet('node/' . $this->node1
    ->id() . '/edit');
  $this
    ->assertSession()
    ->pageTextNotContains($this
    ->t('Access denied'));

  // Edit node2, access must be denied.
  $this
    ->drupalGet('node/' . $this->node2
    ->id() . '/edit');
  $this
    ->assertSession()
    ->pageTextContains($this
    ->t('Access denied'));

  // Login admin, swap permissions between node1 and node2.
  $this
    ->drupalLogin($this->adminUser);

  // Grant edit access to node2.
  $this
    ->changeAccessNodeKeyword($this->node2, 'update');

  // Restrict edit access to node1.
  $this
    ->changeAccessNodeKeyword($this->node1, 'update', FALSE);

  // Logout admin and try to edit both nodes anonymously.
  $this
    ->drupalLogout();
  $this
    ->drupalGet('node/' . $this->node1
    ->id() . '/edit');
  $this
    ->assertSession()
    ->pageTextContains($this
    ->t('Access denied'));
  $this
    ->drupalGet('node/' . $this->node2
    ->id() . '/edit');
  $this
    ->assertSession()
    ->pageTextContains($this
    ->t('Access denied'));

  // Login test user, edit node1, access must be denied.
  $this
    ->drupalLogin($this->testUser);
  $this
    ->drupalGet('node/' . $this->node1
    ->id() . '/edit');
  $this
    ->assertSession()
    ->pageTextContains($this
    ->t('Access denied'));

  // Edit node2, access must be granted.
  $this
    ->drupalGet('node/' . $this->node2
    ->id() . '/edit');
  $this
    ->assertSession()
    ->pageTextNotContains($this
    ->t('Access denied'));
}