You are here

public function ContactPersonalTest::testPersonalContactAccess in Drupal 9

Same name and namespace in other branches
  1. 8 core/modules/contact/tests/src/Functional/ContactPersonalTest.php \Drupal\Tests\contact\Functional\ContactPersonalTest::testPersonalContactAccess()

Tests access to the personal contact form.

File

core/modules/contact/tests/src/Functional/ContactPersonalTest.php, line 139

Class

ContactPersonalTest
Tests personal contact form functionality.

Namespace

Drupal\Tests\contact\Functional

Code

public function testPersonalContactAccess() {

  // Test allowed access to admin user's contact form.
  $this
    ->drupalLogin($this->webUser);
  $this
    ->drupalGet('user/' . $this->adminUser
    ->id() . '/contact');
  $this
    ->assertSession()
    ->statusCodeEquals(200);

  // Check the page title is properly displayed.
  $this
    ->assertSession()
    ->pageTextContains('Contact ' . $this->adminUser
    ->getDisplayName());

  // Test denied access to admin user's own contact form.
  $this
    ->drupalLogout();
  $this
    ->drupalLogin($this->adminUser);
  $this
    ->drupalGet('user/' . $this->adminUser
    ->id() . '/contact');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Test allowed access to user with contact form enabled.
  $this
    ->drupalLogin($this->webUser);
  $this
    ->drupalGet('user/' . $this->contactUser
    ->id() . '/contact');
  $this
    ->assertSession()
    ->statusCodeEquals(200);

  // Test that there is no access to personal contact forms for users
  // without an email address configured.
  $original_email = $this->contactUser
    ->getEmail();
  $this->contactUser
    ->setEmail(FALSE)
    ->save();
  $this
    ->drupalGet('user/' . $this->contactUser
    ->id() . '/contact');
  $this
    ->assertSession()
    ->statusCodeEquals(404);

  // Test that the 'contact tab' does not appear on the user profiles
  // for users without an email address configured.
  $this
    ->drupalGet('user/' . $this->contactUser
    ->id());
  $contact_link = '/user/' . $this->contactUser
    ->id() . '/contact';
  $this
    ->assertSession()
    ->statusCodeEquals(200);
  $this
    ->assertSession()
    ->linkByHrefNotExists($contact_link, 'The "contact" tab is hidden on profiles for users with no email address');

  // Restore original email address.
  $this->contactUser
    ->setEmail($original_email)
    ->save();

  // Test denied access to the user's own contact form.
  $this
    ->drupalGet('user/' . $this->webUser
    ->id() . '/contact');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Test always denied access to the anonymous user contact form.
  $this
    ->drupalGet('user/0/contact');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Test that anonymous users can access the contact form.
  $this
    ->drupalLogout();
  user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, [
    'access user contact forms',
  ]);
  $this
    ->drupalGet('user/' . $this->contactUser
    ->id() . '/contact');
  $this
    ->assertSession()
    ->statusCodeEquals(200);

  // Test that anonymous users can access admin user's contact form.
  $this
    ->drupalGet('user/' . $this->adminUser
    ->id() . '/contact');
  $this
    ->assertSession()
    ->statusCodeEquals(200);
  $this
    ->assertCacheContext('user');

  // Revoke the personal contact permission for the anonymous user.
  user_role_revoke_permissions(RoleInterface::ANONYMOUS_ID, [
    'access user contact forms',
  ]);
  $this
    ->drupalGet('user/' . $this->contactUser
    ->id() . '/contact');
  $this
    ->assertSession()
    ->statusCodeEquals(403);
  $this
    ->assertCacheContext('user');
  $this
    ->drupalGet('user/' . $this->adminUser
    ->id() . '/contact');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Disable the personal contact form.
  $this
    ->drupalLogin($this->adminUser);
  $edit = [
    'contact_default_status' => FALSE,
  ];
  $this
    ->drupalGet('admin/config/people/accounts');
  $this
    ->submitForm($edit, 'Save configuration');
  $this
    ->assertSession()
    ->pageTextContains('The configuration options have been saved.');
  $this
    ->drupalLogout();

  // Re-create our contacted user with personal contact forms disabled by
  // default.
  $this->contactUser = $this
    ->drupalCreateUser();

  // Test denied access to a user with contact form disabled.
  $this
    ->drupalLogin($this->webUser);
  $this
    ->drupalGet('user/' . $this->contactUser
    ->id() . '/contact');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Test allowed access for admin user to a user with contact form disabled.
  $this
    ->drupalLogin($this->adminUser);
  $this
    ->drupalGet('user/' . $this->contactUser
    ->id() . '/contact');
  $this
    ->assertSession()
    ->statusCodeEquals(200);

  // Re-create our contacted user as a blocked user.
  $this->contactUser = $this
    ->drupalCreateUser();
  $this->contactUser
    ->block();
  $this->contactUser
    ->save();

  // Test that blocked users can still be contacted by admin.
  $this
    ->drupalGet('user/' . $this->contactUser
    ->id() . '/contact');
  $this
    ->assertSession()
    ->statusCodeEquals(200);

  // Test that blocked users cannot be contacted by non-admins.
  $this
    ->drupalLogin($this->webUser);
  $this
    ->drupalGet('user/' . $this->contactUser
    ->id() . '/contact');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Test enabling and disabling the contact page through the user profile
  // form.
  $this
    ->drupalGet('user/' . $this->webUser
    ->id() . '/edit');
  $this
    ->assertSession()
    ->checkboxNotChecked('edit-contact--2');
  $this
    ->assertNull(\Drupal::service('user.data')
    ->get('contact', $this->webUser
    ->id(), 'enabled'), 'Personal contact form disabled');
  $this
    ->submitForm([
    'contact' => TRUE,
  ], 'Save');
  $this
    ->assertSession()
    ->checkboxChecked('edit-contact--2');
  $this
    ->assertNotEmpty(\Drupal::service('user.data')
    ->get('contact', $this->webUser
    ->id(), 'enabled'), 'Personal contact form enabled');

  // Test with disabled global default contact form in combination with a user
  // that has the contact form enabled.
  $this
    ->config('contact.settings')
    ->set('user_default_enabled', FALSE)
    ->save();
  $this->contactUser = $this
    ->drupalCreateUser();
  \Drupal::service('user.data')
    ->set('contact', $this->contactUser
    ->id(), 'enabled', 1);
  $this
    ->drupalGet('user/' . $this->contactUser
    ->id() . '/contact');
  $this
    ->assertSession()
    ->statusCodeEquals(200);
}