You are here

public function TemporaryJsonapiFileFieldUploaderTest::testCheckFileUploadAccessWithBaseField in Drupal 10

@covers ::checkFileUploadAccess

File

core/modules/jsonapi/tests/src/Kernel/Controller/TemporaryJsonapiFileFieldUploaderTest.php, line 88

Class

TemporaryJsonapiFileFieldUploaderTest
@coversDefaultClass \Drupal\jsonapi\Controller\TemporaryJsonapiFileFieldUploader @group jsonapi

Namespace

Drupal\Tests\jsonapi\Kernel\Controller

Code

public function testCheckFileUploadAccessWithBaseField() {

  // Create a set of users for access testing.
  $article_editor = User::create([
    'name' => 'article editor',
    'mail' => 'article@localhost',
    'status' => 1,
    // Do not use UID 1 as that has access to everything.
    'uid' => 2,
    'roles' => [
      'article editor',
    ],
  ]);
  $page_editor = User::create([
    'name' => 'page editor',
    'mail' => 'page@localhost',
    'status' => 1,
    'uid' => 3,
    'roles' => [
      'page editor',
    ],
  ]);
  $editor = User::create([
    'name' => 'editor',
    'mail' => 'editor@localhost',
    'status' => 1,
    'uid' => 3,
    'roles' => [
      'editor',
    ],
  ]);
  $no_access_user = User::create([
    'name' => 'no access',
    'mail' => 'user@localhost',
    'status' => 1,
    'uid' => 4,
  ]);

  // Create an entity to test access against.
  $node = Node::create([
    'title' => 'dummy_title',
    'type' => 'article',
    'uid' => 1,
  ]);

  // While the method is only used to check file fields it should work without
  // error for any field whether it is a base field or a bundle field.
  $base_field_definition = $this->container
    ->get('entity_field.manager')
    ->getBaseFieldDefinitions('node')['title'];
  $bundle_field_definition = $this->container
    ->get('entity_field.manager')
    ->getFieldDefinitions('node', 'article')['field_relationships'];

  // Tests the expected access result for each user.
  // The $article_editor account can edit any article.
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($article_editor, $base_field_definition, $node);
  $this
    ->assertTrue($result
    ->isAllowed());

  // The article editor cannot create a node of undetermined type.
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($article_editor, $base_field_definition);
  $this
    ->assertFalse($result
    ->isAllowed());

  // The article editor can edit any article.
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($article_editor, $bundle_field_definition, $node);
  $this
    ->assertTrue($result
    ->isAllowed());

  // The article editor can create an article. The type can be determined
  // because the field is a bundle field.
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($article_editor, $bundle_field_definition);
  $this
    ->assertTrue($result
    ->isAllowed());

  // The $editor account has the bypass node access permissions and can edit
  // and create all node types.
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($editor, $base_field_definition, $node);
  $this
    ->assertTrue($result
    ->isAllowed());
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($editor, $base_field_definition);
  $this
    ->assertTrue($result
    ->isAllowed());
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($editor, $bundle_field_definition, $node);
  $this
    ->assertTrue($result
    ->isAllowed());
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($editor, $bundle_field_definition);
  $this
    ->assertTrue($result
    ->isAllowed());

  // The $page_editor account can only edit and create pages therefore has no
  // access.
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($page_editor, $base_field_definition, $node);
  $this
    ->assertFalse($result
    ->isAllowed());
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($page_editor, $base_field_definition);
  $this
    ->assertFalse($result
    ->isAllowed());
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($page_editor, $bundle_field_definition, $node);
  $this
    ->assertFalse($result
    ->isAllowed());
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($page_editor, $bundle_field_definition);
  $this
    ->assertFalse($result
    ->isAllowed());

  // The $no_access_user account has no access at all.
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($no_access_user, $base_field_definition, $node);
  $this
    ->assertFalse($result
    ->isAllowed());
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($no_access_user, $base_field_definition);
  $this
    ->assertFalse($result
    ->isAllowed());
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($no_access_user, $bundle_field_definition, $node);
  $this
    ->assertFalse($result
    ->isAllowed());
  $result = TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($no_access_user, $bundle_field_definition);
  $this
    ->assertFalse($result
    ->isAllowed());
}