View source
<?php
namespace Drupal\Tests\node\Functional\Views;
use Drupal\Component\Render\FormattableMarkup;
use Drupal\node\Entity\Node;
use Drupal\node\Entity\NodeType;
class BulkFormAccessTest extends NodeTestBase {
public static $modules = [
'node_test_views',
'node_access_test',
];
protected $defaultTheme = 'stark';
public static $testViews = [
'test_node_bulk_form',
];
protected $accessHandler;
protected function setUp($import_test_views = TRUE) {
parent::setUp($import_test_views);
$this
->drupalCreateContentType([
'type' => 'article',
'name' => 'Article',
]);
$this->accessHandler = \Drupal::entityTypeManager()
->getAccessControlHandler('node');
node_access_test_add_field(NodeType::load('article'));
node_access_rebuild();
\Drupal::state()
->set('node_access_test.private', TRUE);
}
public function testNodeEditAccess() {
$author = $this
->drupalCreateUser();
$node = $this
->drupalCreateNode([
'type' => 'article',
'private' => [
[
'value' => TRUE,
],
],
'uid' => $author
->id(),
]);
$account = $this
->drupalCreateUser([
'node test view',
]);
$this
->drupalLogin($account);
$this
->assertTrue($node
->isPublished(), 'Node is initially published.');
$this
->assertEqual(FALSE, $this->accessHandler
->access($node, 'update', $account), 'The node may not be edited.');
$edit = [
'node_bulk_form[0]' => TRUE,
'action' => 'node_unpublish_action',
];
$this
->drupalPostForm('test-node-bulk-form', $edit, t('Apply to selected items'));
$this
->assertRaw(new FormattableMarkup('No access to execute %action on the @entity_type_label %entity_label.', [
'%action' => 'Unpublish content',
'@entity_type_label' => 'Content',
'%entity_label' => $node
->label(),
]));
$node = Node::load($node
->id());
$this
->assertTrue($node
->isPublished(), 'The node is still published.');
$account = $this
->drupalCreateUser([
'administer nodes',
'node test view',
]);
$this
->drupalLogin($account);
$this
->assertTrue($node
->isPublished(), 'Node is initially published.');
$this
->assertEqual(FALSE, $node
->access('update', $account), 'The node may not be edited.');
$this
->assertEqual(TRUE, $node->status
->access('edit', $account), 'The node status can be edited.');
$edit = [
'node_bulk_form[0]' => TRUE,
'action' => 'node_unpublish_action',
];
$this
->drupalPostForm('test-node-bulk-form', $edit, t('Apply to selected items'));
$this
->assertNoRaw(new FormattableMarkup('%action was applied to 1 item.', [
'%action' => 'Unpublish content',
]));
$node = Node::load($node
->id());
$this
->assertTrue($node
->isPublished(), 'The node is still published.');
$this
->assertNotEmpty($this
->cssSelect('#views-form-test-node-bulk-form-page-1'));
$edit = [
'node_bulk_form[0]' => TRUE,
'action' => 'node_delete_action',
];
$this
->drupalPostForm('test-node-bulk-form', $edit, t('Apply to selected items'));
$this
->assertRaw(new FormattableMarkup('No access to execute %action on the @entity_type_label %entity_label.', [
'%action' => 'Delete content',
'@entity_type_label' => 'Content',
'%entity_label' => $node
->label(),
]));
$this
->assertNotEmpty($this
->cssSelect('#views-form-test-node-bulk-form-page-1'));
}
public function testNodeDeleteAccess() {
$author = $this
->drupalCreateUser();
$private_node = $this
->drupalCreateNode([
'type' => 'article',
'private' => [
[
'value' => TRUE,
],
],
'uid' => $author
->id(),
]);
$account = $this
->drupalCreateUser([
'access content',
'administer nodes',
'delete own article content',
'node test view',
]);
$own_node = $this
->drupalCreateNode([
'type' => 'article',
'private' => [
[
'value' => TRUE,
],
],
'uid' => $account
->id(),
]);
$this
->drupalLogin($account);
$this
->assertEqual(FALSE, $this->accessHandler
->access($private_node, 'delete', $account), 'The private node may not be deleted.');
$this
->assertEqual(TRUE, $this->accessHandler
->access($own_node, 'delete', $account), 'The own node may be deleted.');
$edit = [
'node_bulk_form[0]' => TRUE,
'node_bulk_form[1]' => TRUE,
'action' => 'node_delete_action',
];
$this
->drupalPostForm('test-node-bulk-form', $edit, t('Apply to selected items'));
$this
->drupalPostForm(NULL, [], t('Delete'));
$private_node = Node::load($private_node
->id());
$this
->assertNotNull($private_node, 'The private node has not been deleted.');
$own_node = Node::load($own_node
->id());
$this
->assertNull($own_node, 'The own node is deleted.');
}
}