View source
<?php
namespace Drupal\Tests\taxonomy\Functional;
use Drupal\Component\Utility\Unicode;
class VocabularyPermissionsTest extends TaxonomyTestBase {
public static $modules = [
'help',
];
protected $defaultTheme = 'stark';
protected function setUp() {
parent::setUp();
$this
->drupalPlaceBlock('page_title_block');
$this
->drupalPlaceBlock('local_actions_block');
$this
->drupalPlaceBlock('help_block');
}
public function testVocabularyPermissionsVocabulary() {
$authenticated_user = $this
->drupalCreateUser([]);
$this
->drupalLogin($authenticated_user);
$assert_session = $this
->assertSession();
$this
->drupalGet('admin/structure/taxonomy');
$assert_session
->statusCodeEquals(403);
$proper_user = $this
->drupalCreateUser([
'access taxonomy overview',
]);
$this
->drupalLogin($proper_user);
$this
->drupalGet('admin/structure/taxonomy');
$assert_session
->statusCodeEquals(200);
$assert_session
->pageTextContains('Vocabulary name');
$assert_session
->linkNotExists('Add vocabulary');
}
public function testTaxonomyVocabularyOverviewPermissions() {
$vocabulary1 = $this
->createVocabulary();
$vocabulary2 = $this
->createVocabulary();
$vocabulary1_id = $vocabulary1
->id();
$vocabulary2_id = $vocabulary2
->id();
$this
->createTerm($vocabulary1);
$this
->createTerm($vocabulary1);
$edit_help_text = t('You can reorganize the terms in @capital_name using their drag-and-drop handles, and group terms under a parent term by sliding them under and to the right of the parent.', [
'@capital_name' => Unicode::ucfirst($vocabulary1
->label()),
]);
$no_edit_help_text = t('@capital_name contains the following terms.', [
'@capital_name' => Unicode::ucfirst($vocabulary1
->label()),
]);
$assert_session = $this
->assertSession();
$admin_user = $this
->drupalCreateUser([
'administer taxonomy',
]);
$this
->drupalLogin($admin_user);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
$assert_session
->statusCodeEquals(200);
$assert_session
->linkExists('Edit');
$assert_session
->linkExists('Delete');
$assert_session
->linkExists('Add term');
$assert_session
->buttonExists('Save');
$assert_session
->pageTextContains('Weight');
$assert_session
->fieldExists('Weight');
$assert_session
->pageTextContains($edit_help_text);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
$assert_session
->statusCodeEquals(200);
$assert_session
->pageTextContains('No terms available');
$assert_session
->linkExists('Add term');
$no_permission_user = $this
->drupalCreateUser();
$this
->drupalLogin($no_permission_user);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
$assert_session
->statusCodeEquals(403);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
$assert_session
->statusCodeEquals(403);
$overview_only_user = $this
->drupalCreateUser([
'access taxonomy overview',
]);
$this
->drupalLogin($overview_only_user);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
$assert_session
->statusCodeEquals(200);
$assert_session
->linkNotExists('Edit');
$assert_session
->linkNotExists('Delete');
$assert_session
->buttonNotExists('Save');
$assert_session
->pageTextContains('Weight');
$assert_session
->fieldNotExists('Weight');
$assert_session
->linkNotExists('Add term');
$assert_session
->pageTextContains($no_edit_help_text);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
$assert_session
->statusCodeEquals(200);
$assert_session
->pageTextContains('No terms available');
$assert_session
->linkNotExists('Add term');
$edit_user = $this
->createUser([
'access taxonomy overview',
'edit terms in ' . $vocabulary1_id,
'edit terms in ' . $vocabulary2_id,
]);
$this
->drupalLogin($edit_user);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
$assert_session
->statusCodeEquals(200);
$assert_session
->linkExists('Edit');
$assert_session
->linkNotExists('Delete');
$assert_session
->buttonExists('Save');
$assert_session
->pageTextContains('Weight');
$assert_session
->fieldExists('Weight');
$assert_session
->linkNotExists('Add term');
$assert_session
->pageTextContains($edit_help_text);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
$assert_session
->statusCodeEquals(200);
$assert_session
->pageTextContains('No terms available');
$assert_session
->linkNotExists('Add term');
$edit_delete_user = $this
->createUser([
'access taxonomy overview',
'delete terms in ' . $vocabulary1_id,
'delete terms in ' . $vocabulary2_id,
]);
$this
->drupalLogin($edit_delete_user);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
$assert_session
->statusCodeEquals(200);
$assert_session
->linkNotExists('Edit');
$assert_session
->linkExists('Delete');
$assert_session
->linkNotExists('Add term');
$assert_session
->buttonNotExists('Save');
$assert_session
->pageTextContains('Weight');
$assert_session
->fieldNotExists('Weight');
$assert_session
->pageTextContains($no_edit_help_text);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
$assert_session
->statusCodeEquals(200);
$assert_session
->pageTextContains('No terms available');
$assert_session
->linkNotExists('Add term');
$edit_delete_user = $this
->createUser([
'access taxonomy overview',
'edit terms in ' . $vocabulary1_id,
'delete terms in ' . $vocabulary1_id,
'edit terms in ' . $vocabulary2_id,
'delete terms in ' . $vocabulary2_id,
]);
$this
->drupalLogin($edit_delete_user);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
$assert_session
->statusCodeEquals(200);
$assert_session
->linkExists('Edit');
$assert_session
->linkExists('Delete');
$assert_session
->linkNotExists('Add term');
$assert_session
->buttonExists('Save');
$assert_session
->pageTextContains('Weight');
$assert_session
->fieldExists('Weight');
$assert_session
->pageTextContains($edit_help_text);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
$assert_session
->statusCodeEquals(200);
$assert_session
->pageTextContains('No terms available');
$assert_session
->linkNotExists('Add term');
$edit_user = $this
->createUser([
'access taxonomy overview',
'create terms in ' . $vocabulary1_id,
'create terms in ' . $vocabulary2_id,
]);
$this
->drupalLogin($edit_user);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary1_id . '/overview');
$assert_session
->statusCodeEquals(200);
$assert_session
->linkNotExists('Edit');
$assert_session
->linkNotExists('Delete');
$assert_session
->linkExists('Add term');
$assert_session
->buttonNotExists('Save');
$assert_session
->pageTextContains('Weight');
$assert_session
->fieldNotExists('Weight');
$assert_session
->pageTextContains($no_edit_help_text);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary2_id . '/overview');
$assert_session
->statusCodeEquals(200);
$assert_session
->pageTextContains('No terms available');
$assert_session
->linkExists('Add term');
}
public function testVocabularyPermissionsTaxonomyTerm() {
$vocabulary = $this
->createVocabulary();
$user = $this
->drupalCreateUser([
'administer taxonomy',
]);
$this
->drupalLogin($user);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary
->id() . '/add');
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertField('edit-name-0-value', 'Add taxonomy term form opened successfully.');
$edit = [];
$edit['name[0][value]'] = $this
->randomMachineName();
$this
->drupalPostForm(NULL, $edit, t('Save'));
$this
->assertText(t('Created new term @name.', [
'@name' => $edit['name[0][value]'],
]), 'Term created successfully.');
$view_link = $this
->xpath('//div[@class="messages"]//a[contains(@href, :href)]', [
':href' => 'term/',
]);
$this
->assert(isset($view_link), 'The message area contains a link to a term');
$terms = \Drupal::entityTypeManager()
->getStorage('taxonomy_term')
->loadByProperties([
'name' => $edit['name[0][value]'],
]);
$term = reset($terms);
$this
->drupalGet('taxonomy/term/' . $term
->id() . '/edit');
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertText($edit['name[0][value]'], 'Edit taxonomy term form opened successfully.');
$edit['name[0][value]'] = $this
->randomMachineName();
$this
->drupalPostForm(NULL, $edit, t('Save'));
$this
->assertText(t('Updated term @name.', [
'@name' => $edit['name[0][value]'],
]), 'Term updated successfully.');
$this
->drupalGet('taxonomy/term/' . $term
->id() . '/delete');
$this
->assertRaw(t('Are you sure you want to delete the @entity-type %label?', [
'@entity-type' => 'taxonomy term',
'%label' => $edit['name[0][value]'],
]), 'Delete taxonomy term form opened successfully.');
$this
->drupalPostForm(NULL, NULL, t('Delete'));
$this
->assertRaw(t('Deleted term %name.', [
'%name' => $edit['name[0][value]'],
]), 'Term deleted.');
$user = $this
->drupalCreateUser([
"create terms in {$vocabulary->id()}",
]);
$this
->drupalLogin($user);
$assert_session = $this
->assertSession();
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary
->id() . '/add');
$assert_session
->statusCodeEquals(200);
$assert_session
->fieldExists('name[0][value]');
$edit = [];
$edit['name[0][value]'] = $this
->randomMachineName();
$this
->drupalPostForm(NULL, $edit, t('Save'));
$assert_session
->pageTextContains(t('Created new term @name.', [
'@name' => $edit['name[0][value]'],
]));
$terms = \Drupal::entityTypeManager()
->getStorage('taxonomy_term')
->loadByProperties([
'name' => $edit['name[0][value]'],
]);
$term = reset($terms);
$this
->drupalGet('taxonomy/term/' . $term
->id() . '/edit');
$assert_session
->statusCodeEquals(403);
$this
->drupalGet('taxonomy/term/' . $term
->id() . '/delete');
$assert_session
->statusCodeEquals(403);
$user = $this
->drupalCreateUser([
"edit terms in {$vocabulary->id()}",
]);
$this
->drupalLogin($user);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary
->id() . '/add');
$this
->assertSession()
->statusCodeEquals(403);
$term = $this
->createTerm($vocabulary);
$this
->drupalGet('taxonomy/term/' . $term
->id() . '/edit');
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertText($term
->getName(), 'Edit taxonomy term form opened successfully.');
$edit['name[0][value]'] = $this
->randomMachineName();
$this
->drupalPostForm(NULL, $edit, t('Save'));
$this
->assertText(t('Updated term @name.', [
'@name' => $edit['name[0][value]'],
]), 'Term updated successfully.');
$view_link = $this
->xpath('//div[@class="messages"]//a[contains(@href, :href)]', [
':href' => 'term/',
]);
$this
->assert(isset($view_link), 'The message area contains a link to a term');
$this
->drupalGet('taxonomy/term/' . $term
->id() . '/delete');
$this
->assertSession()
->statusCodeEquals(403);
$user = $this
->drupalCreateUser([
"delete terms in {$vocabulary->id()}",
]);
$this
->drupalLogin($user);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary
->id() . '/add');
$this
->assertSession()
->statusCodeEquals(403);
$term = $this
->createTerm($vocabulary);
$this
->drupalGet('taxonomy/term/' . $term
->id() . '/edit');
$this
->assertSession()
->statusCodeEquals(403);
$this
->drupalGet('taxonomy/term/' . $term
->id() . '/delete');
$this
->assertRaw(t('Are you sure you want to delete the @entity-type %label?', [
'@entity-type' => 'taxonomy term',
'%label' => $term
->getName(),
]), 'Delete taxonomy term form opened successfully.');
$this
->drupalPostForm(NULL, NULL, t('Delete'));
$this
->assertRaw(t('Deleted term %name.', [
'%name' => $term
->getName(),
]), 'Term deleted.');
$user = $this
->drupalCreateUser();
$this
->drupalLogin($user);
$this
->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary
->id() . '/add');
$this
->assertSession()
->statusCodeEquals(403);
$term = $this
->createTerm($vocabulary);
$this
->drupalGet('taxonomy/term/' . $term
->id() . '/edit');
$this
->assertSession()
->statusCodeEquals(403);
$this
->drupalGet('taxonomy/term/' . $term
->id() . '/delete');
$this
->assertSession()
->statusCodeEquals(403);
}
}