You are here

public function VocabularyPermissionsTest::testVocabularyPermissionsTaxonomyTerm in Drupal 8

Same name and namespace in other branches
  1. 9 core/modules/taxonomy/tests/src/Functional/VocabularyPermissionsTest.php \Drupal\Tests\taxonomy\Functional\VocabularyPermissionsTest::testVocabularyPermissionsTaxonomyTerm()

Create, edit and delete a taxonomy term via the user interface.

File

core/modules/taxonomy/tests/src/Functional/VocabularyPermissionsTest.php, line 228

Class

VocabularyPermissionsTest
Tests the taxonomy vocabulary permissions.

Namespace

Drupal\Tests\taxonomy\Functional

Code

public function testVocabularyPermissionsTaxonomyTerm() {

  // Vocabulary used for creating, removing and editing terms.
  $vocabulary = $this
    ->createVocabulary();

  // Test as admin user.
  $user = $this
    ->drupalCreateUser([
    'administer taxonomy',
  ]);
  $this
    ->drupalLogin($user);

  // Visit the main taxonomy administration page.
  $this
    ->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary
    ->id() . '/add');
  $this
    ->assertSession()
    ->statusCodeEquals(200);
  $this
    ->assertField('edit-name-0-value', 'Add taxonomy term form opened successfully.');

  // Submit the term.
  $edit = [];
  $edit['name[0][value]'] = $this
    ->randomMachineName();
  $this
    ->drupalPostForm(NULL, $edit, t('Save'));
  $this
    ->assertText(t('Created new term @name.', [
    '@name' => $edit['name[0][value]'],
  ]), 'Term created successfully.');

  // Verify that the creation message contains a link to a term.
  $view_link = $this
    ->xpath('//div[@class="messages"]//a[contains(@href, :href)]', [
    ':href' => 'term/',
  ]);
  $this
    ->assert(isset($view_link), 'The message area contains a link to a term');
  $terms = \Drupal::entityTypeManager()
    ->getStorage('taxonomy_term')
    ->loadByProperties([
    'name' => $edit['name[0][value]'],
  ]);
  $term = reset($terms);

  // Edit the term.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/edit');
  $this
    ->assertSession()
    ->statusCodeEquals(200);
  $this
    ->assertText($edit['name[0][value]'], 'Edit taxonomy term form opened successfully.');
  $edit['name[0][value]'] = $this
    ->randomMachineName();
  $this
    ->drupalPostForm(NULL, $edit, t('Save'));
  $this
    ->assertText(t('Updated term @name.', [
    '@name' => $edit['name[0][value]'],
  ]), 'Term updated successfully.');

  // Delete the vocabulary.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/delete');
  $this
    ->assertRaw(t('Are you sure you want to delete the @entity-type %label?', [
    '@entity-type' => 'taxonomy term',
    '%label' => $edit['name[0][value]'],
  ]), 'Delete taxonomy term form opened successfully.');

  // Confirm deletion.
  $this
    ->drupalPostForm(NULL, NULL, t('Delete'));
  $this
    ->assertRaw(t('Deleted term %name.', [
    '%name' => $edit['name[0][value]'],
  ]), 'Term deleted.');

  // Test as user with "create" permissions.
  $user = $this
    ->drupalCreateUser([
    "create terms in {$vocabulary->id()}",
  ]);
  $this
    ->drupalLogin($user);
  $assert_session = $this
    ->assertSession();

  // Create a new term.
  $this
    ->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary
    ->id() . '/add');
  $assert_session
    ->statusCodeEquals(200);
  $assert_session
    ->fieldExists('name[0][value]');

  // Submit the term.
  $edit = [];
  $edit['name[0][value]'] = $this
    ->randomMachineName();
  $this
    ->drupalPostForm(NULL, $edit, t('Save'));
  $assert_session
    ->pageTextContains(t('Created new term @name.', [
    '@name' => $edit['name[0][value]'],
  ]));
  $terms = \Drupal::entityTypeManager()
    ->getStorage('taxonomy_term')
    ->loadByProperties([
    'name' => $edit['name[0][value]'],
  ]);
  $term = reset($terms);

  // Ensure that edit and delete access is denied.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/edit');
  $assert_session
    ->statusCodeEquals(403);
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/delete');
  $assert_session
    ->statusCodeEquals(403);

  // Test as user with "edit" permissions.
  $user = $this
    ->drupalCreateUser([
    "edit terms in {$vocabulary->id()}",
  ]);
  $this
    ->drupalLogin($user);

  // Ensure the taxonomy term add form is denied.
  $this
    ->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary
    ->id() . '/add');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Create a test term.
  $term = $this
    ->createTerm($vocabulary);

  // Edit the term.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/edit');
  $this
    ->assertSession()
    ->statusCodeEquals(200);
  $this
    ->assertText($term
    ->getName(), 'Edit taxonomy term form opened successfully.');
  $edit['name[0][value]'] = $this
    ->randomMachineName();
  $this
    ->drupalPostForm(NULL, $edit, t('Save'));
  $this
    ->assertText(t('Updated term @name.', [
    '@name' => $edit['name[0][value]'],
  ]), 'Term updated successfully.');

  // Verify that the update message contains a link to a term.
  $view_link = $this
    ->xpath('//div[@class="messages"]//a[contains(@href, :href)]', [
    ':href' => 'term/',
  ]);
  $this
    ->assert(isset($view_link), 'The message area contains a link to a term');

  // Ensure the term cannot be deleted.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/delete');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Test as user with "delete" permissions.
  $user = $this
    ->drupalCreateUser([
    "delete terms in {$vocabulary->id()}",
  ]);
  $this
    ->drupalLogin($user);

  // Ensure the taxonomy term add form is denied.
  $this
    ->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary
    ->id() . '/add');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Create a test term.
  $term = $this
    ->createTerm($vocabulary);

  // Ensure that the term cannot be edited.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/edit');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Delete the vocabulary.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/delete');
  $this
    ->assertRaw(t('Are you sure you want to delete the @entity-type %label?', [
    '@entity-type' => 'taxonomy term',
    '%label' => $term
      ->getName(),
  ]), 'Delete taxonomy term form opened successfully.');

  // Confirm deletion.
  $this
    ->drupalPostForm(NULL, NULL, t('Delete'));
  $this
    ->assertRaw(t('Deleted term %name.', [
    '%name' => $term
      ->getName(),
  ]), 'Term deleted.');

  // Test as user without proper permissions.
  $user = $this
    ->drupalCreateUser();
  $this
    ->drupalLogin($user);

  // Ensure the taxonomy term add form is denied.
  $this
    ->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary
    ->id() . '/add');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Create a test term.
  $term = $this
    ->createTerm($vocabulary);

  // Ensure that the term cannot be edited.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/edit');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  // Ensure the term cannot be deleted.
  $this
    ->drupalGet('taxonomy/term/' . $term
    ->id() . '/delete');
  $this
    ->assertSession()
    ->statusCodeEquals(403);
}