View source
<?php
namespace Drupal\Tests\workspaces\Kernel;
use Drupal\Core\Access\AccessResult;
use Drupal\KernelTests\KernelTestBase;
use Drupal\Tests\user\Traits\UserCreationTrait;
use Drupal\workspaces\Entity\Workspace;
use Drupal\workspaces\WorkspaceAccessException;
class WorkspaceAccessTest extends KernelTestBase {
use UserCreationTrait;
protected static $modules = [
'user',
'system',
'workspaces',
'workspace_access_test',
'path_alias',
];
protected function setUp() : void {
parent::setUp();
$this
->installSchema('system', [
'sequences',
]);
$this
->installSchema('workspaces', [
'workspace_association',
]);
$this
->installEntitySchema('workspace');
$this
->installEntitySchema('user');
$this
->createUser();
}
public function operationCases() {
return [
[
'create',
'administer workspaces',
],
[
'create',
'create workspace',
],
[
'view',
'administer workspaces',
],
[
'view',
'view any workspace',
],
[
'view',
'view own workspace',
],
[
'update',
'administer workspaces',
],
[
'update',
'edit any workspace',
],
[
'update',
'edit own workspace',
],
[
'delete',
'administer workspaces',
],
[
'delete',
'delete any workspace',
],
[
'delete',
'delete own workspace',
],
];
}
public function testWorkspaceAccess($operation, $permission) {
$user = $this
->createUser();
$this
->setCurrentUser($user);
$workspace = Workspace::create([
'id' => 'oak',
]);
$workspace
->save();
$this
->assertFalse($workspace
->access($operation, $user));
\Drupal::entityTypeManager()
->getAccessControlHandler('workspace')
->resetCache();
$role = $this
->createRole([
$permission,
]);
$user
->addRole($role);
$this
->assertTrue($workspace
->access($operation, $user));
}
public function testPublishWorkspaceAccess() {
$user = $this
->createUser([
'view own workspace',
'edit own workspace',
]);
$this
->setCurrentUser($user);
$workspace = Workspace::create([
'id' => 'stage',
]);
$workspace
->save();
$workspace
->publish();
\Drupal::state()
->set('workspace_access_test.result.publish', AccessResult::forbidden());
\Drupal::entityTypeManager()
->getAccessControlHandler('workspace')
->resetCache();
$this
->expectException(WorkspaceAccessException::class);
$workspace
->publish();
}
public function testWorkspaceSelection() {
$own_permission_user = $this
->createUser([
'view own workspace',
]);
$any_permission_user = $this
->createUser([
'view any workspace',
]);
$admin_permission_user = $this
->createUser([
'administer workspaces',
]);
$created_time = \Drupal::time()
->getCurrentTime();
Workspace::create([
'uid' => $own_permission_user
->id(),
'id' => 'top1',
'label' => 'top1',
'created' => ++$created_time,
])
->save();
Workspace::create([
'uid' => $own_permission_user
->id(),
'id' => 'child1_1',
'parent' => 'top1',
'label' => 'child1_1',
'created' => ++$created_time,
])
->save();
Workspace::create([
'uid' => $any_permission_user
->id(),
'id' => 'child1_2',
'parent' => 'top1',
'label' => 'child1_2',
'created' => ++$created_time,
])
->save();
Workspace::create([
'uid' => $any_permission_user
->id(),
'id' => 'child1_2_1',
'parent' => 'child1_2',
'label' => 'child1_2_1',
'created' => ++$created_time,
])
->save();
Workspace::create([
'uid' => $admin_permission_user
->id(),
'id' => 'top2',
'label' => 'top2',
'created' => ++$created_time,
])
->save();
Workspace::create([
'uid' => $admin_permission_user
->id(),
'id' => 'child2_1',
'parent' => 'top2',
'label' => 'child2_1',
'created' => ++$created_time,
])
->save();
$selection_handler = \Drupal::service('plugin.manager.entity_reference_selection')
->getInstance([
'target_type' => 'workspace',
'handler' => 'default',
'sort' => [
'field' => 'created',
'direction' => 'asc',
],
]);
$this
->setCurrentUser($own_permission_user);
$expected = [
'top1',
'child1_1',
];
$this
->assertEquals($expected, array_keys($selection_handler
->getReferenceableEntities()['workspace']));
$this
->assertEquals($expected, array_keys($selection_handler
->getReferenceableEntities(NULL, 'CONTAINS', 3)['workspace']));
$expected = [
'top1',
];
$this
->assertEquals($expected, array_keys($selection_handler
->getReferenceableEntities('top')['workspace']));
$expected_all = [
'top1',
'child1_1',
'child1_2',
'child1_2_1',
'top2',
'child2_1',
];
$expected_3 = [
'top1',
'child1_1',
'child1_2',
];
$expected_top = [
'top1',
'top2',
];
$this
->setCurrentUser($any_permission_user);
$this
->assertEquals($expected_all, array_keys($selection_handler
->getReferenceableEntities()['workspace']));
$this
->assertEquals($expected_3, array_keys($selection_handler
->getReferenceableEntities(NULL, 'CONTAINS', 3)['workspace']));
$this
->assertEquals($expected_top, array_keys($selection_handler
->getReferenceableEntities('top')['workspace']));
$this
->setCurrentUser($admin_permission_user);
$this
->assertEquals($expected_all, array_keys($selection_handler
->getReferenceableEntities()['workspace']));
$this
->assertEquals($expected_3, array_keys($selection_handler
->getReferenceableEntities(NULL, 'CONTAINS', 3)['workspace']));
$this
->assertEquals($expected_top, array_keys($selection_handler
->getReferenceableEntities('top')['workspace']));
}
}