You are here

public function TaxonomyImageTest::testTaxonomyImageAccess in Drupal 8

Same name and namespace in other branches
  1. 9 core/modules/taxonomy/tests/src/Functional/TaxonomyImageTest.php \Drupal\Tests\taxonomy\Functional\TaxonomyImageTest::testTaxonomyImageAccess()
  2. 10 core/modules/taxonomy/tests/src/Functional/TaxonomyImageTest.php \Drupal\Tests\taxonomy\Functional\TaxonomyImageTest::testTaxonomyImageAccess()

File

core/modules/taxonomy/tests/src/Functional/TaxonomyImageTest.php, line 82

Class

TaxonomyImageTest
Tests access checks of private image fields.

Namespace

Drupal\Tests\taxonomy\Functional

Code

public function testTaxonomyImageAccess() {
  $user = $this
    ->drupalCreateUser([
    'administer site configuration',
    'administer taxonomy',
    'access user profiles',
  ]);
  $this
    ->drupalLogin($user);

  // Create a term and upload the image.
  $files = $this
    ->drupalGetTestFiles('image');
  $image = array_pop($files);
  $edit['name[0][value]'] = $this
    ->randomMachineName();
  $edit['files[field_test_0]'] = \Drupal::service('file_system')
    ->realpath($image->uri);
  $this
    ->drupalPostForm('admin/structure/taxonomy/manage/' . $this->vocabulary
    ->id() . '/add', $edit, t('Save'));
  $this
    ->drupalPostForm(NULL, [
    'field_test[0][alt]' => $this
      ->randomMachineName(),
  ], t('Save'));
  $terms = \Drupal::entityTypeManager()
    ->getStorage('taxonomy_term')
    ->loadByProperties([
    'name' => $edit['name[0][value]'],
  ]);
  $term = reset($terms);
  $this
    ->assertText(t('Created new term @name.', [
    '@name' => $term
      ->getName(),
  ]));

  // Create a user that should have access to the file and one that doesn't.
  $access_user = $this
    ->drupalCreateUser([
    'access content',
  ]);
  $no_access_user = $this
    ->drupalCreateUser();
  $image = File::load($term->field_test->target_id);

  // Ensure a user that should be able to access the file can access it.
  $this
    ->drupalLogin($access_user);
  $this
    ->drupalGet(file_create_url($image
    ->getFileUri()));
  $this
    ->assertSession()
    ->statusCodeEquals(200);

  // Ensure a user that should not be able to access the file cannot access
  // it.
  $this
    ->drupalLogin($no_access_user);
  $this
    ->drupalGet(file_create_url($image
    ->getFileUri()));
  $this
    ->assertSession()
    ->statusCodeEquals(403);
}