You are here

public function TaxonomyImageTest::testTaxonomyImageAccess in Drupal 9

Same name and namespace in other branches
  1. 8 core/modules/taxonomy/tests/src/Functional/TaxonomyImageTest.php \Drupal\Tests\taxonomy\Functional\TaxonomyImageTest::testTaxonomyImageAccess()
  2. 10 core/modules/taxonomy/tests/src/Functional/TaxonomyImageTest.php \Drupal\Tests\taxonomy\Functional\TaxonomyImageTest::testTaxonomyImageAccess()

File

core/modules/taxonomy/tests/src/Functional/TaxonomyImageTest.php, line 82

Class

TaxonomyImageTest
Tests access checks of private image fields.

Namespace

Drupal\Tests\taxonomy\Functional

Code

public function testTaxonomyImageAccess() {
  $user = $this
    ->drupalCreateUser([
    'administer site configuration',
    'administer taxonomy',
    'access user profiles',
  ]);
  $this
    ->drupalLogin($user);

  // Create a term and upload the image.
  $files = $this
    ->drupalGetTestFiles('image');
  $image = array_pop($files);
  $edit['name[0][value]'] = $this
    ->randomMachineName();
  $edit['files[field_test_0]'] = \Drupal::service('file_system')
    ->realpath($image->uri);
  $this
    ->drupalGet('admin/structure/taxonomy/manage/' . $this->vocabulary
    ->id() . '/add');
  $this
    ->submitForm($edit, 'Save');
  $this
    ->submitForm([
    'field_test[0][alt]' => $this
      ->randomMachineName(),
  ], 'Save');
  $terms = \Drupal::entityTypeManager()
    ->getStorage('taxonomy_term')
    ->loadByProperties([
    'name' => $edit['name[0][value]'],
  ]);
  $term = reset($terms);
  $this
    ->assertSession()
    ->pageTextContains('Created new term ' . $term
    ->getName() . '.');

  // Create a user that should have access to the file and one that doesn't.
  $access_user = $this
    ->drupalCreateUser([
    'access content',
  ]);
  $no_access_user = $this
    ->drupalCreateUser();
  $image = File::load($term->field_test->target_id);

  // Ensure a user that should be able to access the file can access it.
  $this
    ->drupalLogin($access_user);
  $this
    ->drupalGet($image
    ->createFileUrl(FALSE));
  $this
    ->assertSession()
    ->statusCodeEquals(200);

  // Ensure a user that should not be able to access the file cannot access
  // it.
  $this
    ->drupalLogin($no_access_user);
  $this
    ->drupalGet($image
    ->createFileUrl(FALSE));
  $this
    ->assertSession()
    ->statusCodeEquals(403);
}