public function WorkflowCustomStateTransitionAccessTest::testCustomWorkflowAccessOperations in Drupal 9
Same name and namespace in other branches
- 8 core/modules/workflows/tests/src/Functional/WorkflowCustomStateTransitionAccessTest.php \Drupal\Tests\workflows\Functional\WorkflowCustomStateTransitionAccessTest::testCustomWorkflowAccessOperations()
Tests the custom state/transition operation access rules.
File
- core/
modules/ workflows/ tests/ src/ Functional/ WorkflowCustomStateTransitionAccessTest.php, line 59
Class
- WorkflowCustomStateTransitionAccessTest
- Test custom provided workflow access for state/transition operations.
Namespace
Drupal\Tests\workflows\FunctionalCode
public function testCustomWorkflowAccessOperations() {
$this
->drupalLogin($this->adminUser);
$forbidden_paths = [
'admin/config/workflow/workflows/manage/test_type/state/cannot_delete/delete',
'admin/config/workflow/workflows/manage/test_type/state/cannot_update',
'admin/config/workflow/workflows/manage/test_type/transition/cannot_update',
'admin/config/workflow/workflows/manage/test_type/transition/cannot_delete/delete',
'admin/config/workflow/workflows/manage/test_type/add_state',
'admin/config/workflow/workflows/manage/test_type/add_transition',
];
// Until the list of forbidden operations have been set, the admin user
// should be able to access all the forbidden paths.
foreach ($forbidden_paths as $forbidden_path) {
$this
->drupalGet($forbidden_path);
$this
->assertSession()
->statusCodeEquals(200);
}
// Update the forbidden operations which deny access to the actions
// represented by the above paths.
$this->container
->get('state')
->set('workflow_type_test_forbidden_operations', [
'update-state:cannot_update',
'delete-state:cannot_delete',
'update-transition:cannot_update',
'delete-transition:cannot_delete',
'add-state',
'add-transition',
]);
foreach ($forbidden_paths as $forbidden_path) {
$this
->drupalGet($forbidden_path);
$this
->assertSession()
->statusCodeEquals(403);
}
}