public function EntityMetadataIntegrationTestCase::testComments in Entity API 7
Test properties of a comment.
File
- ./
entity.test, line 1570 - Entity CRUD API tests.
Class
- EntityMetadataIntegrationTestCase
- Tests provided entity property info of the core modules.
Code
public function testComments() {
$title = 'Node 1';
$node = $this
->drupalCreateNode(array(
'title' => $title,
'type' => 'page',
));
$author = $this
->drupalCreateUser(array(
'access comments',
'post comments',
'edit own comments',
));
$comment = (object) array(
'subject' => 'topic',
'nid' => $node->nid,
'uid' => $author->uid,
'cid' => FALSE,
'pid' => 0,
'homepage' => '',
'language' => LANGUAGE_NONE,
'hostname' => ip_address(),
);
$comment->comment_body[LANGUAGE_NONE][0] = array(
'value' => 'text',
'format' => 0,
);
comment_save($comment);
$wrapper = entity_metadata_wrapper('comment', $comment);
foreach ($wrapper as $key => $value) {
if ($key != 'parent') {
$this
->assertValue($wrapper, $key);
}
}
$this
->assertEmpty($wrapper, 'parent');
// Test comment entity access.
$admin_user = $this
->drupalCreateUser(array(
'access comments',
'administer comments',
'access user profiles',
));
// Also grant access to view user accounts to test the comment author
// property.
$unprivileged_user = $this
->drupalCreateUser(array(
'access comments',
'access user profiles',
));
// Published comments can be viewed and edited by the author.
$this
->assertTrue($wrapper
->access('view', $author), 'Comment author is allowed to view the published comment.');
$this
->assertTrue($wrapper
->access('edit', $author), 'Comment author is allowed to edit the published comment.');
// We cannot use $wrapper->access('delete') here because it only understands
// view and edit.
$this
->assertFalse(entity_access('delete', 'comment', $comment, $author), 'Comment author is not allowed to delete the published comment.');
// Administrators can do anything with published comments.
$this
->assertTrue($wrapper
->access('view', $admin_user), 'Comment administrator is allowed to view the published comment.');
$this
->assertTrue($wrapper
->access('edit', $admin_user), 'Comment administrator is allowed to edit the published comment.');
$this
->assertTrue(entity_access('delete', 'comment', $comment, $admin_user), 'Comment administrator is allowed to delete the published comment.');
// Unpriviledged users can only view the published comment.
$this
->assertTrue($wrapper
->access('view', $unprivileged_user), 'Unprivileged user is allowed to view the published comment.');
$this
->assertFalse($wrapper
->access('edit', $unprivileged_user), 'Unprivileged user is not allowed to edit the published comment.');
$this
->assertFalse(entity_access('delete', 'comment', $comment, $unprivileged_user), 'Unprivileged user is not allowed to delete the published comment.');
// Test property view access.
$view_access = array(
'name',
'homepage',
'subject',
'created',
'author',
'node',
'parent',
'url',
'edit_url',
);
foreach ($view_access as $property_name) {
$this
->assertTrue($wrapper->{$property_name}
->access('view', $unprivileged_user), "Unpriviledged user can view the {$property_name} property.");
}
$view_denied = array(
'hostname',
'mail',
'status',
);
foreach ($view_denied as $property_name) {
$this
->assertFalse($wrapper->{$property_name}
->access('view', $unprivileged_user), "Unpriviledged user can not view the {$property_name} property.");
$this
->assertTrue($wrapper->{$property_name}
->access('view', $admin_user), "Admin user can view the {$property_name} property.");
}
// The author is allowed to edit the comment subject if they have the
// 'edit own comments' permission.
$this
->assertTrue($wrapper->subject
->access('edit', $author), "Author can edit the subject property.");
$this
->assertFalse($wrapper->subject
->access('edit', $unprivileged_user), "Unpriviledged user cannot edit the subject property.");
$this
->assertTrue($wrapper->subject
->access('edit', $admin_user), "Admin user can edit the subject property.");
$edit_denied = array(
'hostname',
'mail',
'status',
'name',
'homepage',
'created',
'parent',
'node',
'author',
);
foreach ($edit_denied as $property_name) {
$this
->assertFalse($wrapper->{$property_name}
->access('edit', $author), "Author cannot edit the {$property_name} property.");
$this
->assertTrue($wrapper->{$property_name}
->access('edit', $admin_user), "Admin user can edit the {$property_name} property.");
}
// Test access to unpublished comments.
$comment->status = COMMENT_NOT_PUBLISHED;
comment_save($comment);
// Unpublished comments cannot be accessed by the author.
$this
->assertFalse($wrapper
->access('view', $author), 'Comment author is not allowed to view the unpublished comment.');
$this
->assertFalse($wrapper
->access('edit', $author), 'Comment author is not allowed to edit the unpublished comment.');
$this
->assertFalse(entity_access('delete', 'comment', $comment, $author), 'Comment author is not allowed to delete the unpublished comment.');
// Administrators can do anything with unpublished comments.
$this
->assertTrue($wrapper
->access('view', $admin_user), 'Comment administrator is allowed to view the unpublished comment.');
$this
->assertTrue($wrapper
->access('edit', $admin_user), 'Comment administrator is allowed to edit the unpublished comment.');
$this
->assertTrue(entity_access('delete', 'comment', $comment, $admin_user), 'Comment administrator is allowed to delete the unpublished comment.');
// Unpriviledged users cannot access unpublished comments.
$this
->assertFalse($wrapper
->access('view', $unprivileged_user), 'Unprivileged user is not allowed to view the unpublished comment.');
$this
->assertFalse($wrapper
->access('edit', $unprivileged_user), 'Unprivileged user is not allowed to edit the unpublished comment.');
$this
->assertFalse(entity_access('delete', 'comment', $comment, $unprivileged_user), 'Unprivileged user is not allowed to delete the unpublished comment.');
}