You are here

public function VocabularyPermissionsTest::testVocabularyPermissionsTaxonomyTerm in Drupal 10

Same name and namespace in other branches
  1. 8 core/modules/taxonomy/tests/src/Functional/VocabularyPermissionsTest.php \Drupal\Tests\taxonomy\Functional\VocabularyPermissionsTest::testVocabularyPermissionsTaxonomyTerm()
  2. 9 core/modules/taxonomy/tests/src/Functional/VocabularyPermissionsTest.php \Drupal\Tests\taxonomy\Functional\VocabularyPermissionsTest::testVocabularyPermissionsTaxonomyTerm()

Create, edit and delete a taxonomy term via the user interface.

File

core/modules/taxonomy/tests/src/Functional/VocabularyPermissionsTest.php, line 234

Class

VocabularyPermissionsTest
Tests the taxonomy vocabulary permissions.

Namespace

Drupal\Tests\taxonomy\Functional

Code

public function testVocabularyPermissionsTaxonomyTerm() {

  // Vocabulary used for creating, removing and editing terms.
  $vocabulary = $this
    ->createVocabulary();

  // Test as admin user.
  $user = $this
    ->drupalCreateUser([
    'administer taxonomy',
  ]);
  $this
    ->drupalLogin($user);

  // Visit the main taxonomy administration page.
  $this
    ->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary
    ->id() . '/add');
  $this
    ->assertSession()
    ->statusCodeEquals(200);
  $this
    ->assertSession()
    ->fieldExists('edit-name-0-value');

  // Submit the term.
  $edit = [];
  $edit['name[0][value]'] = $this
    ->randomMachineName();
  $this
    ->submitForm($edit, 'Save');
  $this
    ->assertSession()
    ->pageTextContains('Created new term ' . $edit['name[0][value]'] . '.');

  // Verify that the creation message contains a link to a term.
  $this
    ->assertSession()
    ->elementExists('xpath', '//div[@data-drupal-messages]//a[contains(@href, "term/")]');
  $terms = \Drupal::entityTypeManager()
    ->getStorage('taxonomy_term')
    ->loadByProperties([
    'name' => $edit['name[0][value]'],
  ]);
  $term = reset($terms);

  // Edit the term.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/edit');
  $this
    ->assertSession()
    ->statusCodeEquals(200);
  $this
    ->assertSession()
    ->pageTextContains($edit['name[0][value]']);
  $edit['name[0][value]'] = $this
    ->randomMachineName();
  $this
    ->submitForm($edit, 'Save');
  $this
    ->assertSession()
    ->pageTextContains('Updated term ' . $edit['name[0][value]'] . '.');

  // Delete the vocabulary.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/delete');
  $this
    ->assertSession()
    ->pageTextContains("Are you sure you want to delete the taxonomy term {$edit['name[0][value]']}?");

  // Confirm deletion.
  $this
    ->submitForm([], 'Delete');
  $this
    ->assertSession()
    ->pageTextContains("Deleted term {$edit['name[0][value]']}.");

  // Test as user with "create" permissions.
  $user = $this
    ->drupalCreateUser([
    "create terms in {$vocabulary->id()}",
  ]);
  $this
    ->drupalLogin($user);
  $assert_session = $this
    ->assertSession();

  // Create a new term.
  $this
    ->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary
    ->id() . '/add');
  $assert_session
    ->statusCodeEquals(200);
  $assert_session
    ->fieldExists('name[0][value]');

  // Submit the term.
  $edit = [];
  $edit['name[0][value]'] = $this
    ->randomMachineName();
  $this
    ->submitForm($edit, 'Save');
  $assert_session
    ->pageTextContains("Created new term {$edit['name[0][value]']}.");
  $terms = \Drupal::entityTypeManager()
    ->getStorage('taxonomy_term')
    ->loadByProperties([
    'name' => $edit['name[0][value]'],
  ]);
  $term = reset($terms);

  // Ensure that edit and delete access is denied.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/edit');
  $assert_session
    ->statusCodeEquals(403);
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/delete');
  $assert_session
    ->statusCodeEquals(403);

  // Test as user with "edit" permissions.
  $user = $this
    ->drupalCreateUser([
    "edit terms in {$vocabulary->id()}",
  ]);
  $this
    ->drupalLogin($user);

  // Ensure the taxonomy term add form is denied.
  $this
    ->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary
    ->id() . '/add');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Create a test term.
  $term = $this
    ->createTerm($vocabulary);

  // Edit the term.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/edit');
  $this
    ->assertSession()
    ->statusCodeEquals(200);
  $this
    ->assertSession()
    ->pageTextContains($term
    ->getName());
  $edit['name[0][value]'] = $this
    ->randomMachineName();
  $this
    ->submitForm($edit, 'Save');
  $this
    ->assertSession()
    ->pageTextContains('Updated term ' . $edit['name[0][value]'] . '.');

  // Verify that the update message contains a link to a term.
  $this
    ->assertSession()
    ->elementExists('xpath', '//div[@data-drupal-messages]//a[contains(@href, "term/")]');

  // Ensure the term cannot be deleted.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/delete');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Test as user with "delete" permissions.
  $user = $this
    ->drupalCreateUser([
    "delete terms in {$vocabulary->id()}",
  ]);
  $this
    ->drupalLogin($user);

  // Ensure the taxonomy term add form is denied.
  $this
    ->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary
    ->id() . '/add');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Create a test term.
  $term = $this
    ->createTerm($vocabulary);

  // Ensure that the term cannot be edited.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/edit');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Delete the vocabulary.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/delete');
  $this
    ->assertSession()
    ->pageTextContains("Are you sure you want to delete the taxonomy term {$term->getName()}?");

  // Confirm deletion.
  $this
    ->submitForm([], 'Delete');
  $this
    ->assertSession()
    ->pageTextContains("Deleted term {$term->getName()}.");

  // Test as user without proper permissions.
  $user = $this
    ->drupalCreateUser();
  $this
    ->drupalLogin($user);

  // Ensure the taxonomy term add form is denied.
  $this
    ->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary
    ->id() . '/add');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Create a test term.
  $term = $this
    ->createTerm($vocabulary);

  // Ensure that the term cannot be edited.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/edit');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Ensure the term cannot be deleted.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/delete');
  $this
    ->assertSession()
    ->statusCodeEquals(403);
}