You are here

public function UserPermissionsTest::testUserPermissionChanges in Drupal 10

Same name and namespace in other branches
  1. 8 core/modules/user/tests/src/Functional/UserPermissionsTest.php \Drupal\Tests\user\Functional\UserPermissionsTest::testUserPermissionChanges()
  2. 9 core/modules/user/tests/src/Functional/UserPermissionsTest.php \Drupal\Tests\user\Functional\UserPermissionsTest::testUserPermissionChanges()

Tests changing user permissions through the permissions pages.

File

core/modules/user/tests/src/Functional/UserPermissionsTest.php, line 56

Class

UserPermissionsTest
Verify that role permissions can be added and removed via the permissions pages.

Namespace

Drupal\Tests\user\Functional

Code

public function testUserPermissionChanges() {
  $permissions_hash_generator = $this->container
    ->get('user_permissions_hash_generator');
  $storage = $this->container
    ->get('entity_type.manager')
    ->getStorage('user_role');

  // Create an additional role and mark it as admin role.
  Role::create([
    'is_admin' => TRUE,
    'id' => 'administrator',
    'label' => 'Administrator',
  ])
    ->save();
  $storage
    ->resetCache();
  $this
    ->drupalLogin($this->adminUser);
  $rid = $this->rid;
  $account = $this->adminUser;
  $previous_permissions_hash = $permissions_hash_generator
    ->generate($account);
  $this
    ->assertSame($previous_permissions_hash, $permissions_hash_generator
    ->generate($this->loggedInUser));

  // Add a permission.
  $this
    ->assertFalse($account
    ->hasPermission('administer users'), 'User does not have "administer users" permission.');
  $edit = [];
  $edit[$rid . '[administer users]'] = TRUE;
  $this
    ->drupalGet('admin/people/permissions');
  $this
    ->submitForm($edit, 'Save permissions');
  $this
    ->assertSession()
    ->pageTextContains('The changes have been saved.');
  $storage
    ->resetCache();
  $this
    ->assertTrue($account
    ->hasPermission('administer users'), 'User now has "administer users" permission.');
  $current_permissions_hash = $permissions_hash_generator
    ->generate($account);
  $this
    ->assertSame($current_permissions_hash, $permissions_hash_generator
    ->generate($this->loggedInUser));
  $this
    ->assertNotEquals($previous_permissions_hash, $current_permissions_hash, 'Permissions hash has changed.');
  $previous_permissions_hash = $current_permissions_hash;

  // Remove a permission.
  $this
    ->assertTrue($account
    ->hasPermission('access user profiles'), 'User has "access user profiles" permission.');
  $edit = [];
  $edit[$rid . '[access user profiles]'] = FALSE;
  $this
    ->drupalGet('admin/people/permissions');
  $this
    ->submitForm($edit, 'Save permissions');
  $this
    ->assertSession()
    ->pageTextContains('The changes have been saved.');
  $storage
    ->resetCache();
  $this
    ->assertFalse($account
    ->hasPermission('access user profiles'), 'User no longer has "access user profiles" permission.');
  $current_permissions_hash = $permissions_hash_generator
    ->generate($account);
  $this
    ->assertSame($current_permissions_hash, $permissions_hash_generator
    ->generate($this->loggedInUser));
  $this
    ->assertNotEquals($previous_permissions_hash, $current_permissions_hash, 'Permissions hash has changed.');

  // Permissions can be changed using the module-specific pages with the same
  // result.
  $edit = [];
  $edit[$rid . '[access user profiles]'] = TRUE;
  $this
    ->drupalGet('admin/people/permissions/module/user');
  $this
    ->submitForm($edit, 'Save permissions');
  $this
    ->assertSession()
    ->pageTextContains('The changes have been saved.');
  $storage
    ->resetCache();
  $this
    ->assertTrue($account
    ->hasPermission('access user profiles'), 'User again has "access user profiles" permission.');
  $current_permissions_hash = $permissions_hash_generator
    ->generate($account);
  $this
    ->assertSame($current_permissions_hash, $permissions_hash_generator
    ->generate($this->loggedInUser));
  $this
    ->assertEquals($previous_permissions_hash, $current_permissions_hash, 'Permissions hash has reverted.');

  // Ensure that the admin role doesn't have any checkboxes.
  $this
    ->drupalGet('admin/people/permissions');
  foreach (array_keys($this->container
    ->get('user.permissions')
    ->getPermissions()) as $permission) {
    $this
      ->assertSession()
      ->checkboxChecked('administrator[' . $permission . ']');
    $this
      ->assertSession()
      ->fieldDisabled('administrator[' . $permission . ']');
  }
}