public function MediaLibraryAccessTest::testFieldWidgetEntityEditAccess in Drupal 9
Same name and namespace in other branches
- 8 core/modules/media_library/tests/src/Kernel/MediaLibraryAccessTest.php \Drupal\Tests\media_library\Kernel\MediaLibraryAccessTest::testFieldWidgetEntityEditAccess()
- 10 core/modules/media_library/tests/src/Kernel/MediaLibraryAccessTest.php \Drupal\Tests\media_library\Kernel\MediaLibraryAccessTest::testFieldWidgetEntityEditAccess()
Tests that the field widget opener respects entity-specific access.
File
- core/
modules/ media_library/ tests/ src/ Kernel/ MediaLibraryAccessTest.php, line 204
Class
- MediaLibraryAccessTest
- Tests the media library access.
Namespace
Drupal\Tests\media_library\KernelCode
public function testFieldWidgetEntityEditAccess() {
/** @var \Drupal\media_library\MediaLibraryUiBuilder $ui_builder */
$ui_builder = $this->container
->get('media_library.ui_builder');
$forbidden_entity = EntityTest::create([
'type' => 'test',
// This label will automatically cause an access denial.
// @see \Drupal\entity_test\EntityTestAccessControlHandler::checkAccess()
'name' => 'forbid_access',
]);
$forbidden_entity
->save();
// Create a media library state to test access.
$state = MediaLibraryState::create('media_library.opener.field_widget', [
'file',
'image',
], 'file', 2, [
'entity_type_id' => $forbidden_entity
->getEntityTypeId(),
'bundle' => $forbidden_entity
->bundle(),
'field_name' => 'field_test_media',
'entity_id' => $forbidden_entity
->id(),
]);
$access_result = $ui_builder
->checkAccess($this
->createUser(), $state);
$this
->assertAccess($access_result, FALSE, NULL, [], [
'url.query_args',
]);
$neutral_entity = EntityTest::create([
'type' => 'test',
// This label will result in neutral access.
// @see \Drupal\entity_test\EntityTestAccessControlHandler::checkAccess()
'name' => $this
->randomString(),
]);
$neutral_entity
->save();
$parameters = $state
->getOpenerParameters();
$parameters['entity_id'] = $neutral_entity
->id();
$state = MediaLibraryState::create($state
->getOpenerId(), $state
->getAllowedTypeIds(), $state
->getSelectedTypeId(), $state
->getAvailableSlots(), $parameters);
$access_result = $ui_builder
->checkAccess($this
->createUser(), $state);
$this
->assertTrue($access_result
->isNeutral());
$this
->assertAccess($access_result, FALSE, NULL, [], [
'url.query_args',
'user.permissions',
]);
// Give the user permission to edit the entity and assert that access is
// granted.
$account = $this
->createUser([
'administer entity_test content',
'view media',
]);
$access_result = $ui_builder
->checkAccess($account, $state);
$this
->assertAccess($access_result, TRUE, NULL, Views::getView('media_library')->storage
->getCacheTags(), [
'url.query_args',
'user.permissions',
]);
}