class NodeAccessRebuildNodeGrantsTest in Drupal 10
Same name and namespace in other branches
- 8 core/modules/node/tests/src/Functional/NodeAccessRebuildNodeGrantsTest.php \Drupal\Tests\node\Functional\NodeAccessRebuildNodeGrantsTest
- 9 core/modules/node/tests/src/Functional/NodeAccessRebuildNodeGrantsTest.php \Drupal\Tests\node\Functional\NodeAccessRebuildNodeGrantsTest
Ensures that node access rebuild functions work correctly even when other modules implements hook_node_grants().
@group node
Hierarchy
- class \Drupal\Tests\BrowserTestBase extends \PHPUnit\Framework\TestCase uses \Drupal\Tests\PhpUnitCompatibilityTrait, \Symfony\Bridge\PhpUnit\ExpectDeprecationTrait, FunctionalTestSetupTrait, TestSetupTrait, BlockCreationTrait, ConfigTestTrait, ExtensionListTestTrait, ContentTypeCreationTrait, NodeCreationTrait, RandomGeneratorTrait, TestRequirementsTrait, PhpUnitWarnings, UiHelperTrait, UserCreationTrait, XdebugRequestTrait
- class \Drupal\Tests\node\Functional\NodeTestBase
- class \Drupal\Tests\node\Functional\NodeAccessRebuildNodeGrantsTest
- class \Drupal\Tests\node\Functional\NodeTestBase
Expanded class hierarchy of NodeAccessRebuildNodeGrantsTest
File
- core/
modules/ node/ tests/ src/ Functional/ NodeAccessRebuildNodeGrantsTest.php, line 13
Namespace
Drupal\Tests\node\FunctionalView source
class NodeAccessRebuildNodeGrantsTest extends NodeTestBase {
/**
* {@inheritdoc}
*/
protected $defaultTheme = 'stark';
/**
* A user to create nodes that only it has access to.
*
* @var \Drupal\user\UserInterface
*/
protected $webUser;
/**
* A user to test the rebuild nodes feature which can't access the nodes.
*
* @var \Drupal\user\UserInterface
*/
protected $adminUser;
/**
* {@inheritdoc}
*/
protected function setUp() : void {
parent::setUp();
$this->adminUser = $this
->drupalCreateUser([
'administer site configuration',
'access administration pages',
'access site reports',
]);
$this
->drupalLogin($this->adminUser);
$this->webUser = $this
->drupalCreateUser();
}
/**
* Tests rebuilding the node access permissions table with content.
*/
public function testNodeAccessRebuildNodeGrants() {
\Drupal::service('module_installer')
->install([
'node_access_test',
]);
\Drupal::state()
->set('node_access_test.private', TRUE);
node_access_test_add_field(NodeType::load('page'));
$this
->resetAll();
// Create 30 nodes so that _node_access_rebuild_batch_operation() has to run
// more than once.
for ($i = 0; $i < 30; $i++) {
$nodes[] = $this
->drupalCreateNode([
'uid' => $this->webUser
->id(),
'private' => [
[
'value' => 1,
],
],
]);
}
/** @var \Drupal\node\NodeGrantDatabaseStorageInterface $grant_storage */
$grant_storage = \Drupal::service('node.grant_storage');
// Default realm access and node records are present.
foreach ($nodes as $node) {
$this
->assertNotEmpty($node->private->value);
$this
->assertTrue($grant_storage
->access($node, 'view', $this->webUser)
->isAllowed(), 'Prior to rebuilding node access the grant storage returns allowed for the node author.');
$this
->assertTrue($grant_storage
->access($node, 'view', $this->adminUser)
->isAllowed(), 'Prior to rebuilding node access the grant storage returns allowed for the admin user.');
}
$this
->assertEquals(1, \Drupal::service('node.grant_storage')
->checkAll($this->webUser), 'There is an all realm access record');
$this
->assertTrue(\Drupal::state()
->get('node.node_access_needs_rebuild'), 'Node access permissions need to be rebuilt');
// Rebuild permissions.
$this
->drupalGet('admin/reports/status');
$this
->clickLink('Rebuild permissions');
$this
->submitForm([], 'Rebuild permissions');
$this
->assertSession()
->pageTextContains('The content access permissions have been rebuilt.');
// Test if the rebuild by user that cannot bypass node access and does not
// have access to the nodes has been successful.
$this
->assertFalse($this->adminUser
->hasPermission('bypass node access'));
$this
->assertNull(\Drupal::state()
->get('node.node_access_needs_rebuild'), 'Node access permissions have been rebuilt');
foreach ($nodes as $node) {
$this
->assertTrue($grant_storage
->access($node, 'view', $this->webUser)
->isAllowed(), 'After rebuilding node access the grant storage returns allowed for the node author.');
$this
->assertFalse($grant_storage
->access($node, 'view', $this->adminUser)
->isForbidden(), 'After rebuilding node access the grant storage returns forbidden for the admin user.');
}
$this
->assertEmpty(\Drupal::service('node.grant_storage')
->checkAll($this->webUser), 'There is no all realm access record');
// Test an anonymous node access rebuild from code.
$this
->drupalLogout();
node_access_rebuild();
foreach ($nodes as $node) {
$this
->assertTrue($grant_storage
->access($node, 'view', $this->webUser)
->isAllowed(), 'After rebuilding node access the grant storage returns allowed for the node author.');
$this
->assertFalse($grant_storage
->access($node, 'view', $this->adminUser)
->isForbidden(), 'After rebuilding node access the grant storage returns forbidden for the admin user.');
}
$this
->assertEmpty(\Drupal::service('node.grant_storage')
->checkAll($this->webUser), 'There is no all realm access record');
}
/**
* Tests rebuilding the node access permissions table with no content.
*/
public function testNodeAccessRebuildNoAccessModules() {
// Default realm access is present.
$this
->assertEquals(1, \Drupal::service('node.grant_storage')
->count(), 'There is an all realm access record');
// No need to rebuild permissions.
$this
->assertNull(\Drupal::state()
->get('node.node_access_needs_rebuild'), 'Node access permissions need to be rebuilt');
// Rebuild permissions.
$this
->drupalGet('admin/reports/status');
$this
->clickLink('Rebuild permissions');
$this
->submitForm([], 'Rebuild permissions');
$this
->assertSession()
->pageTextContains('Content permissions have been rebuilt.');
$this
->assertNull(\Drupal::state()
->get('node.node_access_needs_rebuild'), 'Node access permissions have been rebuilt');
// Default realm access is still present.
$this
->assertEquals(1, \Drupal::service('node.grant_storage')
->count(), 'There is an all realm access record');
}
}