You are here

function CourseObjectBookTest::testBookCourseObjectContentAccess in Course 3.x

Books have special behavior when it comes to content access. All the sub pages should be protected.

@todo this test is broken. Node access not working the same way from within simpletest.

File

modules/course_book/tests/src/Functional/CourseObjectBookTest.php, line 75

Class

CourseObjectBookTest
Tests books in courses.

Namespace

Drupal\Tests\course_book\Functional

Code

function testBookCourseObjectContentAccess() {
  $this
    ->pass('Please fix me.');
  return;
  $this
    ->drupalLogin($this->admin_user);

  // We just turned on node_access_book which requires us to rebuild node
  // access.
  node_access_rebuild();

  // Create a course with 1 book.
  $courseNode = $this
    ->createCourse();
  $co1 = CourseObject::create([
    'object_type' => 'book',
  ]);
  $co1
    ->setCourse($courseNode->nid);

  // Set to private.
  $co1
    ->setOption('private', 1);
  $co1
    ->save();

  // Add some more book pages.
  $bp1 = $this
    ->drupalCreateNode(array(
    'type' => 'book',
    'book' => array(
      'bid' => $co1
        ->getInstanceId(),
    ),
  ));
  $bp2 = $this
    ->drupalCreateNode(array(
    'type' => 'book',
    'book' => array(
      'bid' => $co1
        ->getInstanceId(),
    ),
  ));

  // Simulate course_book_node_insert().
  $co1
    ->save();

  // Hack to simluate what happens on the UI. This test does not work
  // correctly from simpletest for some reason.
  Drupal::database()
    ->query("delete from {node_access} where realm = 'all'");

  // Try to visit the protected pages.
  $this
    ->drupalLogin($this->student_user);
  $this
    ->drupalGet("node/" . $co1
    ->getInstanceId());
  $this
    ->assertResponse(403);
  $this
    ->drupalGet("node/{$bp1->nid}");
  $this
    ->assertResponse(403);
  $this
    ->drupalGet("node/{$bp2->nid}");
  $this
    ->assertResponse(403);

  // Add a new page to the book, after it is already saved.
  $this
    ->drupalLogin($this->admin_user);
  $bp3 = $this
    ->drupalCreateNode(array(
    'type' => 'book',
    'book' => array(
      'bid' => $co1
        ->getInstanceId(),
    ),
  ));

  // Simulate course_book_node_insert().
  $co1
    ->save();

  // Hack to simluate what happens on the UI. This test does not work
  // correctly from simpletest for some reason.
  Drupal::database()
    ->query("delete from {node_access} where realm = 'all'");

  // Check that the new book page also had it's ACL set up.
  $this
    ->drupalLogin($this->student_user);
  $this
    ->drupalGet("node/{$bp3->nid}");
  $this
    ->assertResponse(403);

  // Enroll the user in the course and go to the first object.
  course_enroll($courseNode, $this->student_user);
  $this
    ->drupalGet("node/{$courseNode->nid}/object/" . $co1
    ->id());

  // Make sure user can access all the sub-pages now.
  $this
    ->drupalGet("node/{$bp1->nid}");
  $this
    ->assertResponse(200);
  $this
    ->drupalGet("node/{$bp2->nid}");
  $this
    ->assertResponse(200);
  $this
    ->drupalGet("node/{$bp3->nid}");
  $this
    ->assertResponse(200);
}