You are here

Home » API reference » Drupal 9 » WorkspaceBypassTest.php » WorkspaceBypassTest

public function WorkspaceBypassTest::testBypassOwnWorkspace in Drupal 9

Same name and namespace in other branches
  1. 8 core/modules/workspaces/tests/src/Functional/WorkspaceBypassTest.php \Drupal\Tests\workspaces\Functional\WorkspaceBypassTest::testBypassOwnWorkspace()
  2. 10 core/modules/workspaces/tests/src/Functional/WorkspaceBypassTest.php \Drupal\Tests\workspaces\Functional\WorkspaceBypassTest::testBypassOwnWorkspace()

Verifies that a user can edit anything in a workspace they own.

File

core/modules/workspaces/tests/src/Functional/WorkspaceBypassTest.php, line 31

Class

WorkspaceBypassTest
Tests access bypass permission controls on workspaces.

Namespace

Drupal\Tests\workspaces\Functional

Code

public function testBypassOwnWorkspace() {
  $permissions = [
    'create workspace',
    'edit own workspace',
    'view own workspace',
    'bypass entity access own workspace',
  ];
  $this
    ->createContentType([
    'type' => 'test',
    'label' => 'Test',
  ]);
  $this
    ->setupWorkspaceSwitcherBlock();
  $ditka = $this
    ->drupalCreateUser(array_merge($permissions, [
    'create test content',
  ]));

  // Login as a limited-access user and create a workspace.
  $this
    ->drupalLogin($ditka);
  $bears = $this
    ->createWorkspaceThroughUi('Bears', 'bears');
  $this
    ->switchToWorkspace($bears);

  // Now create a node in the Bears workspace, as the owner of that workspace.
  $ditka_bears_node = $this
    ->createNodeThroughUi('Ditka Bears node', 'test');
  $ditka_bears_node_id = $ditka_bears_node
    ->id();

  // Editing both nodes should be possible.
  $this
    ->drupalGet('/node/' . $ditka_bears_node_id . '/edit');
  $this
    ->assertSession()
    ->statusCodeEquals(200);

  // Create a new user that should be able to edit anything in the Bears
  // workspace.
  $lombardi = $this
    ->drupalCreateUser(array_merge($permissions, [
    'view any workspace',
  ]));
  $this
    ->drupalLogin($lombardi);
  $this
    ->switchToWorkspace($bears);

  // Editor 2 has the bypass permission but does not own the workspace and so,
  // should not be able to create and edit any node.
  $this
    ->drupalGet('/node/' . $ditka_bears_node_id . '/edit');
  $this
    ->assertSession()
    ->statusCodeEquals(403);
}