public function WorkspaceBypassTest::testBypassOwnWorkspace in Drupal 9
Same name and namespace in other branches
- 8 core/modules/workspaces/tests/src/Functional/WorkspaceBypassTest.php \Drupal\Tests\workspaces\Functional\WorkspaceBypassTest::testBypassOwnWorkspace()
- 10 core/modules/workspaces/tests/src/Functional/WorkspaceBypassTest.php \Drupal\Tests\workspaces\Functional\WorkspaceBypassTest::testBypassOwnWorkspace()
Verifies that a user can edit anything in a workspace they own.
File
- core/
modules/ workspaces/ tests/ src/ Functional/ WorkspaceBypassTest.php, line 31
Class
- WorkspaceBypassTest
- Tests access bypass permission controls on workspaces.
Namespace
Drupal\Tests\workspaces\FunctionalCode
public function testBypassOwnWorkspace() {
$permissions = [
'create workspace',
'edit own workspace',
'view own workspace',
'bypass entity access own workspace',
];
$this
->createContentType([
'type' => 'test',
'label' => 'Test',
]);
$this
->setupWorkspaceSwitcherBlock();
$ditka = $this
->drupalCreateUser(array_merge($permissions, [
'create test content',
]));
// Login as a limited-access user and create a workspace.
$this
->drupalLogin($ditka);
$bears = $this
->createWorkspaceThroughUi('Bears', 'bears');
$this
->switchToWorkspace($bears);
// Now create a node in the Bears workspace, as the owner of that workspace.
$ditka_bears_node = $this
->createNodeThroughUi('Ditka Bears node', 'test');
$ditka_bears_node_id = $ditka_bears_node
->id();
// Editing both nodes should be possible.
$this
->drupalGet('/node/' . $ditka_bears_node_id . '/edit');
$this
->assertSession()
->statusCodeEquals(200);
// Create a new user that should be able to edit anything in the Bears
// workspace.
$lombardi = $this
->drupalCreateUser(array_merge($permissions, [
'view any workspace',
]));
$this
->drupalLogin($lombardi);
$this
->switchToWorkspace($bears);
// Editor 2 has the bypass permission but does not own the workspace and so,
// should not be able to create and edit any node.
$this
->drupalGet('/node/' . $ditka_bears_node_id . '/edit');
$this
->assertSession()
->statusCodeEquals(403);
}