class CommentAccessTest in Drupal 10
Same name and namespace in other branches
- 8 core/modules/comment/tests/src/Functional/CommentAccessTest.php \Drupal\Tests\comment\Functional\CommentAccessTest
- 9 core/modules/comment/tests/src/Functional/CommentAccessTest.php \Drupal\Tests\comment\Functional\CommentAccessTest
Tests comment administration and preview access.
@group comment
Hierarchy
- class \Drupal\Tests\BrowserTestBase extends \PHPUnit\Framework\TestCase uses \Drupal\Tests\PhpUnitCompatibilityTrait, \Symfony\Bridge\PhpUnit\ExpectDeprecationTrait, FunctionalTestSetupTrait, TestSetupTrait, BlockCreationTrait, ConfigTestTrait, ExtensionListTestTrait, ContentTypeCreationTrait, NodeCreationTrait, RandomGeneratorTrait, TestRequirementsTrait, PhpUnitWarnings, UiHelperTrait, UserCreationTrait, XdebugRequestTrait
- class \Drupal\Tests\comment\Functional\CommentAccessTest uses CommentTestTrait
Expanded class hierarchy of CommentAccessTest
File
- core/
modules/ comment/ tests/ src/ Functional/ CommentAccessTest.php, line 15
Namespace
Drupal\Tests\comment\FunctionalView source
class CommentAccessTest extends BrowserTestBase {
use CommentTestTrait;
/**
* {@inheritdoc}
*/
protected static $modules = [
'node',
'comment',
];
/**
* {@inheritdoc}
*/
protected $defaultTheme = 'stark';
/**
* Node for commenting.
*
* @var \Drupal\node\NodeInterface
*/
protected $unpublishedNode;
/**
* {@inheritdoc}
*/
protected function setUp() : void {
parent::setUp();
$node_type = NodeType::create([
'type' => 'article',
'name' => 'Article',
]);
$node_type
->save();
$node_author = $this
->drupalCreateUser([
'create article content',
'access comments',
]);
$this
->drupalLogin($this
->drupalCreateUser([
'edit own comments',
'skip comment approval',
'post comments',
'access comments',
'access content',
]));
$this
->addDefaultCommentField('node', 'article');
$this->unpublishedNode = $this
->createNode([
'title' => 'This is unpublished',
'uid' => $node_author
->id(),
'status' => 0,
'type' => 'article',
]);
$this->unpublishedNode
->save();
}
/**
* Tests commenting disabled for access-blocked entities.
*/
public function testCannotCommentOnEntitiesYouCannotView() {
$assert = $this
->assertSession();
$comment_url = 'comment/reply/node/' . $this->unpublishedNode
->id() . '/comment';
// Commenting on an unpublished node results in access denied.
$this
->drupalGet($comment_url);
$assert
->statusCodeEquals(403);
// Publishing the node grants access.
$this->unpublishedNode
->setPublished()
->save();
$this
->drupalGet($comment_url);
$assert
->statusCodeEquals(200);
}
/**
* Tests cannot view comment reply form on entities you cannot view.
*/
public function testCannotViewCommentReplyFormOnEntitiesYouCannotView() {
$assert = $this
->assertSession();
// Create a comment on an unpublished node.
$comment = Comment::create([
'entity_type' => 'node',
'name' => 'Tony',
'hostname' => 'magic.example.com',
'mail' => 'foo@example.com',
'subject' => 'Comment on unpublished node',
'entity_id' => $this->unpublishedNode
->id(),
'comment_type' => 'comment',
'field_name' => 'comment',
'pid' => 0,
'uid' => $this->unpublishedNode
->getOwnerId(),
'status' => 1,
]);
$comment
->save();
$comment_url = 'comment/reply/node/' . $this->unpublishedNode
->id() . '/comment/' . $comment
->id();
// Replying to a comment on an unpublished node results in access denied.
$this
->drupalGet($comment_url);
$assert
->statusCodeEquals(403);
// Publishing the node grants access.
$this->unpublishedNode
->setPublished()
->save();
$this
->drupalGet($comment_url);
$assert
->statusCodeEquals(200);
}
}