You are here

Home » API reference » Entity API 7 » entity.test » EntityMetadataTestCase

public function EntityMetadataTestCase::testAccess in Entity API 7

Test using access() method.

File

./entity.test, line 978
Entity CRUD API tests.

Class

EntityMetadataTestCase
Tests metadata wrappers.

Code

public function testAccess() {

  // Test without data.
  $account = $this
    ->drupalCreateUser(array(
    'bypass node access',
  ));
  $this
    ->assertTrue(entity_access('view', 'node', NULL, $account), 'Access without data checked.');

  // Test with actual data.
  $values[LANGUAGE_NONE][0] = array(
    'value' => '<b>2009-09-05</b>',
  );
  $values[LANGUAGE_NONE][1] = array(
    'value' => '2009-09-05',
  );
  $node = $this
    ->drupalCreateNode(array(
    'type' => 'page',
    $this->field_name => $values,
  ));
  $this
    ->assertTrue(entity_access('delete', 'node', $node, $account), 'Access with data checked.');

  // Test per property access without data.
  $account2 = $this
    ->drupalCreateUser(array(
    'bypass node access',
    'administer nodes',
  ));
  $wrapper = entity_metadata_wrapper('node', NULL, array(
    'bundle' => 'page',
  ));
  $this
    ->assertTrue($wrapper
    ->access('edit', $account), 'Access to node granted.');
  $this
    ->assertFalse($wrapper->status
    ->access('edit', $account), 'Access for admin property denied.');
  $this
    ->assertTrue($wrapper->status
    ->access('edit', $account2), 'Access for admin property allowed for the admin.');

  // Test per property access with data.
  $wrapper = entity_metadata_wrapper('node', $node, array(
    'bundle' => 'page',
  ));
  $this
    ->assertFalse($wrapper->status
    ->access('edit', $account), 'Access for admin property denied.');
  $this
    ->assertTrue($wrapper->status
    ->access('edit', $account2), 'Access for admin property allowed for the admin.');

  // Test field level access.
  $this
    ->assertTrue($wrapper->{$this->field_name}
    ->access('view'), 'Field access granted.');

  // Create node owned by anonymous and test access() method on each of its
  // properties.
  $node = $this
    ->drupalCreateNode(array(
    'type' => 'page',
    'uid' => 0,
  ));
  $wrapper = entity_metadata_wrapper('node', $node->nid);
  foreach ($wrapper as $name => $property) {
    $property
      ->access('view');
  }

  // Property access of entity references takes entity access into account.
  $node = $this
    ->drupalCreateNode(array(
    'type' => 'article',
  ));
  $wrapper = entity_metadata_wrapper('node', $node);
  $unprivileged_user = $this
    ->drupalCreateUser();
  $privileged_user = $this
    ->drupalCreateUser(array(
    'access user profiles',
  ));
  $this
    ->assertTrue($wrapper->author
    ->access('view', $privileged_user));
  $this
    ->assertFalse($wrapper->author
    ->access('view', $unprivileged_user));

  // Ensure the same works with multiple entity references by testing the
  // $node->field_tags example.
  $privileged_user = $this
    ->drupalCreateUser(array(
    'administer taxonomy',
  ));

  // Terms are view-able with access content, so make sure to remove this
  // permission first.
  user_role_revoke_permissions(DRUPAL_ANONYMOUS_RID, array(
    'access content',
  ));
  $unprivileged_user = drupal_anonymous_user();
  $this
    ->assertTrue($wrapper->field_tags
    ->access('view', $privileged_user), 'Privileged user has access.');
  $this
    ->assertTrue($wrapper->field_tags
    ->access('view', $unprivileged_user), 'Unprivileged user has access.');
  $this
    ->assertTrue($wrapper->field_tags[0]
    ->access('view', $privileged_user), 'Privileged user has access.');
  $this
    ->assertFalse($wrapper->field_tags[0]
    ->access('view', $unprivileged_user), 'Unprivileged user has no access.');
}