You are here

public function RoleAccessCheckTest::testRoleAccess in Drupal 9

Same name and namespace in other branches
  1. 8 core/tests/Drupal/Tests/Core/Route/RoleAccessCheckTest.php \Drupal\Tests\Core\Route\RoleAccessCheckTest::testRoleAccess()
  2. 10 core/tests/Drupal/Tests/Core/Route/RoleAccessCheckTest.php \Drupal\Tests\Core\Route\RoleAccessCheckTest::testRoleAccess()

Tests role requirements on routes.

@dataProvider roleAccessProvider

Parameters

string $path: The path to check access for.

array $grant_accounts: A list of accounts which should have access to the given path.

array $deny_accounts: A list of accounts which should not have access to the given path.

See also

\Drupal\Tests\Core\Route\RouterRoleTest::getTestRouteCollection

\Drupal\Tests\Core\Route\RouterRoleTest::roleAccessProvider

File

core/tests/Drupal/Tests/Core/Route/RoleAccessCheckTest.php, line 142

Class

RoleAccessCheckTest
@coversDefaultClass \Drupal\user\Access\RoleAccessCheck @group Access @group Route

Namespace

Drupal\Tests\Core\Route

Code

public function testRoleAccess($path, $grant_accounts, $deny_accounts) {
  $cache_contexts_manager = $this
    ->prophesize(CacheContextsManager::class);
  $cache_contexts_manager
    ->assertValidTokens()
    ->willReturn(TRUE);
  $cache_contexts_manager
    ->reveal();
  $container = new Container();
  $container
    ->set('cache_contexts_manager', $cache_contexts_manager);
  \Drupal::setContainer($container);
  $role_access_check = new RoleAccessCheck();
  $collection = $this
    ->getTestRouteCollection();
  foreach ($grant_accounts as $account) {
    $message = sprintf('Access granted for user with the roles %s on path: %s', implode(', ', $account
      ->getRoles()), $path);
    $this
      ->assertEquals(AccessResult::allowed()
      ->addCacheContexts([
      'user.roles',
    ]), $role_access_check
      ->access($collection
      ->get($path), $account), $message);
  }

  // Check all users which don't have access.
  foreach ($deny_accounts as $account) {
    $message = sprintf('Access denied for user %s with the roles %s on path: %s', $account
      ->id(), implode(', ', $account
      ->getRoles()), $path);
    $has_access = $role_access_check
      ->access($collection
      ->get($path), $account);
    $this
      ->assertEquals(AccessResult::neutral()
      ->addCacheContexts([
      'user.roles',
    ]), $has_access, $message);
  }
}