class ManagedRolePermissionsTest in farmOS 2.x
Tests for Managed Role permissions.
@group farm
Hierarchy
- class \Drupal\KernelTests\KernelTestBase extends \PHPUnit\Framework\TestCase implements ServiceProviderInterface uses \Symfony\Bridge\PhpUnit\ExpectDeprecationTrait, AssertContentTrait, AssertLegacyTrait, ConfigTestTrait, ExtensionListTestTrait, PhpUnitCompatibilityTrait, RandomGeneratorTrait, TestRequirementsTrait, PhpUnitWarnings
- class \Drupal\Tests\farm_role\Kernel\ManagedRolePermissionsTest uses UserCreationTrait
Expanded class hierarchy of ManagedRolePermissionsTest
File
- modules/
core/ role/ tests/ src/ Kernel/ ManagedRolePermissionsTest.php, line 14
Namespace
Drupal\Tests\farm_role\KernelView source
class ManagedRolePermissionsTest extends KernelTestBase {
use UserCreationTrait;
/**
* {@inheritdoc}
*/
protected static $modules = [
'system',
'user',
'log',
'state_machine',
'farm_role',
'farm_role_test',
];
/**
* {@inheritdoc}
*/
protected function setUp() : void {
parent::setUp();
$this
->installEntitySchema('user');
$this
->installEntitySchema('log');
$this
->installSchema('system', [
'sequences',
]);
$this
->installConfig([
'farm_role',
'farm_role_test',
'log',
]);
}
/**
* Test that managed roles get default permissions.
*/
public function testManagedRoleDefaultAccess() {
// Create a user.
$user = $this
->setUpCurrentUser([], [], FALSE);
// Ensure the user does not have default permissions.
$this
->assertFalse($user
->hasPermission('test default permission'));
// Add farm_test role.
$user
->addRole('farm_test');
// Ensure the user has default permissions.
$this
->assertTrue($user
->hasPermission('test default permission'));
}
/**
* Test that managed roles with config access get config permissions.
*/
public function testManagedRoleConfigAccess() {
/** @var \Drupal\user\RoleInterface $role */
$role = Role::load('farm_test_manager');
// Test that the role's config setting is TRUE.
$this
->assertNotEmpty($role
->getThirdPartySetting('farm_role', 'access', FALSE));
$access_settings = $role
->getThirdPartySetting('farm_role', 'access');
$this
->assertTrue(!empty($access_settings['config']));
// Create a user.
$user = $this
->setUpCurrentUser([], [], FALSE);
// Ensure the user does not have config access permissions.
$this
->assertFalse($user
->hasPermission('test config access permission'));
// Ensure the farm_test does not provide config access permissions.
$user
->addRole('farm_test');
$this
->assertFalse($user
->hasPermission('test config access permission'));
// Ensure the farm_test_manager role provides config access permissions.
$user
->addRole('farm_test_manager');
$this
->assertTrue($user
->hasPermission('test config access permission'));
}
/**
* Test that managed roles get permissions provided by callbacks.
*/
public function testManagedRolePermissionCallbacks() {
// Create a user.
$user = $this
->setUpCurrentUser([], [], FALSE);
// Ensure the user does not include permission callback.
$this
->assertFalse($user
->hasPermission('default callback permission'));
// Ensure the farm_test includes valid callbacks permissions.
$user
->addRole('farm_test');
$this
->assertTrue($user
->hasPermission('default callback permission'));
$this
->assertFalse($user
->hasPermission('my manager permission'));
$this
->assertFalse($user
->hasPermission('recover all permission'));
// Ensure the farm_test_manager role includes valid callback perms.
$user
->addRole('farm_test_manager');
$this
->assertTrue($user
->hasPermission('default callback permission'));
$this
->assertTrue($user
->hasPermission('my manager permission'));
$this
->assertTrue($user
->hasPermission('recover all permission'));
}
/**
* Test that managed roles get high level operation permissions.
*/
public function testManagedRoleHighLevelOperations() {
/** @var \Drupal\user\RoleInterface $role */
$role = Role::load('farm_test_manager');
// Get the roles entity access settings.
$this
->assertNotEmpty($role
->getThirdPartySetting('farm_role', 'access', FALSE));
$access_settings = $role
->getThirdPartySetting('farm_role', 'access');
$entity_settings = $access_settings['entity'];
// List of high level operations.
$operations = [
'view all',
'create all',
'update all',
'delete all',
];
// Ensure that the role has access to each high level operation.
foreach ($operations as $operation) {
$this
->assertTrue(!empty($entity_settings[$operation]));
}
// Log bundles.
$log_bundles = [
'observation',
'harvest',
];
// Log entity operation prefixes.
$operation_prefixes = [
'view own',
'view any',
'create',
'update own',
'update any',
'delete own',
'delete any',
];
// Create a user.
$user = $this
->setUpCurrentUser([], [], FALSE);
// Ensure the user does not have permissions to logs.
foreach ($operation_prefixes as $prefix) {
foreach ($log_bundles as $bundle) {
$this
->assertFalse($user
->hasPermission($prefix . ' ' . $bundle . ' log'));
}
}
// Ensure farm_test_manager provides permissions for "default" log type.
$user
->addRole('farm_test_manager');
foreach ($operation_prefixes as $prefix) {
foreach ($log_bundles as $bundle) {
$this
->assertTrue($user
->hasPermission($prefix . ' ' . $bundle . ' log'));
}
}
}
/**
* Test that managed roles get granular entity permissions.
*/
public function testManagedRoleGranularPermissions() {
/** @var \Drupal\user\RoleInterface $role */
$role = Role::load('farm_test');
// Get the roles entity type access settings.
$this
->assertNotEmpty($role
->getThirdPartySetting('farm_role', 'access', FALSE));
$access_settings = $role
->getThirdPartySetting('farm_role', 'access');
$entity_settings = $access_settings['entity'];
$log_settings = $entity_settings['type']['log'];
// Ensure the farm_test role's granular access is configured correctly.
// View all log types.
$this
->assertTrue(in_array('all', $log_settings['view any']));
// Create all log types.
$this
->assertTrue(in_array('observation', $log_settings['create']));
// Update any observation log.
$this
->assertTrue(in_array('observation', $log_settings['update any']));
// Update own log types.
$this
->assertTrue(in_array('all', $log_settings['update own']));
// Delete own log.
$this
->assertTrue(in_array('all', $log_settings['delete own']));
// Create a user.
$user = $this
->setUpCurrentUser([], [], FALSE);
$user
->addRole('farm_test');
// Log bundles.
$log_bundles = [
'observation',
'harvest',
];
// Test that the user only has permissions to specific log bundles
// as defined by the farm_test role.
foreach ($log_settings as $operation => $granted_bundles) {
foreach ($log_bundles as $bundle) {
$should_have_permission = in_array($bundle, $granted_bundles);
if (in_array('all', $granted_bundles)) {
$should_have_permission = TRUE;
}
$has_permission = $user
->hasPermission($operation . ' ' . $bundle . ' log');
$this
->assertEquals($should_have_permission, $has_permission);
}
}
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
AssertContentTrait:: |
protected | property | The current raw content. | |
AssertContentTrait:: |
protected | property | The drupalSettings value from the current raw $content. | |
AssertContentTrait:: |
protected | property | The XML structure parsed from the current raw $content. | 1 |
AssertContentTrait:: |
protected | property | The plain-text content of raw $content (text nodes). | |
AssertContentTrait:: |
protected | function | Passes if the raw text IS found escaped on the loaded page, fail otherwise. | |
AssertContentTrait:: |
protected | function | Asserts that a field exists with the given name or ID. | |
AssertContentTrait:: |
protected | function | Asserts that a field exists with the given ID and value. | |
AssertContentTrait:: |
protected | function | Asserts that a field exists with the given name and value. | |
AssertContentTrait:: |
protected | function | Asserts that a field exists in the current page by the given XPath. | |
AssertContentTrait:: |
protected | function | Asserts that a checkbox field in the current page is checked. | |
AssertContentTrait:: |
protected | function | Asserts that a field exists in the current page with a given Xpath result. | |
AssertContentTrait:: |
protected | function | Passes if a link with the specified label is found. | |
AssertContentTrait:: |
protected | function | Passes if a link containing a given href (part) is found. | |
AssertContentTrait:: |
protected | function | Asserts that each HTML ID is used for just a single element. | |
AssertContentTrait:: |
protected | function | Passes if the raw text IS NOT found escaped on the loaded page, fail otherwise. | |
AssertContentTrait:: |
protected | function | Asserts that a field does not exist with the given name or ID. | |
AssertContentTrait:: |
protected | function | Asserts that a field does not exist with the given ID and value. | |
AssertContentTrait:: |
protected | function | Asserts that a field does not exist with the given name and value. | |
AssertContentTrait:: |
protected | function | Asserts that a field does not exist or its value does not match, by XPath. | |
AssertContentTrait:: |
protected | function | Asserts that a checkbox field in the current page is not checked. | |
AssertContentTrait:: |
protected | function | Passes if a link with the specified label is not found. | |
AssertContentTrait:: |
protected | function | Passes if a link containing a given href (part) is not found. | |
AssertContentTrait:: |
protected | function | Passes if a link containing a given href is not found in the main region. | |
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page does not exist. | |
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page is not checked. | |
AssertContentTrait:: |
protected | function | Triggers a pass if the perl regex pattern is not found in raw content. | |
AssertContentTrait:: |
protected | function | Passes if the raw text is NOT found on the loaded page, fail otherwise. | |
AssertContentTrait:: |
protected | function | Passes if the page (with HTML stripped) does not contains the text. | |
AssertContentTrait:: |
protected | function | Pass if the page title is not the given string. | |
AssertContentTrait:: |
protected | function | Passes if the text is found MORE THAN ONCE on the text version of the page. | |
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page exists. | |
AssertContentTrait:: |
protected | function | Asserts that a select option with the visible text exists. | |
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page is checked. | |
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page is checked. | |
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page exists. | |
AssertContentTrait:: |
protected | function | Triggers a pass if the Perl regex pattern is found in the raw content. | |
AssertContentTrait:: |
protected | function | Passes if the raw text IS found on the loaded page, fail otherwise. | |
AssertContentTrait:: |
protected | function | Passes if the page (with HTML stripped) contains the text. | |
AssertContentTrait:: |
protected | function | Helper for assertText and assertNoText. | |
AssertContentTrait:: |
protected | function | Asserts that a Perl regex pattern is found in the plain-text content. | |
AssertContentTrait:: |
protected | function | Asserts themed output. | |
AssertContentTrait:: |
protected | function | Pass if the page title is the given string. | |
AssertContentTrait:: |
protected | function | Passes if the text is found ONLY ONCE on the text version of the page. | |
AssertContentTrait:: |
protected | function | Helper for assertUniqueText and assertNoUniqueText. | |
AssertContentTrait:: |
protected | function | Builds an XPath query. | |
AssertContentTrait:: |
protected | function | Helper: Constructs an XPath for the given set of attributes and value. | |
AssertContentTrait:: |
protected | function | Searches elements using a CSS selector in the raw content. | |
AssertContentTrait:: |
protected | function | Get all option elements, including nested options, in a select. | |
AssertContentTrait:: |
protected | function | Gets the value of drupalSettings for the currently-loaded page. | |
AssertContentTrait:: |
protected | function | Gets the current raw content. | |
AssertContentTrait:: |
protected | function | Get the selected value from a select field. | |
AssertContentTrait:: |
protected | function | Retrieves the plain-text content from the current raw content. | |
AssertContentTrait:: |
protected | function | Get the current URL from the cURL handler. | 1 |
AssertContentTrait:: |
protected | function | Parse content returned from curlExec using DOM and SimpleXML. | |
AssertContentTrait:: |
protected | function | Removes all white-space between HTML tags from the raw content. | |
AssertContentTrait:: |
protected | function | Sets the value of drupalSettings for the currently-loaded page. | |
AssertContentTrait:: |
protected | function | Sets the raw content (e.g. HTML). | |
AssertContentTrait:: |
protected | function | Performs an xpath search on the contents of the internal browser. | |
AssertLegacyTrait:: |
protected | function | ||
AssertLegacyTrait:: |
protected | function | ||
AssertLegacyTrait:: |
protected | function | ||
AssertLegacyTrait:: |
protected | function | ||
AssertLegacyTrait:: |
protected | function | ||
AssertLegacyTrait:: |
protected | function | ||
AssertLegacyTrait:: |
protected | function | ||
AssertLegacyTrait:: |
protected | function | ||
ConfigTestTrait:: |
protected | function | Returns a ConfigImporter object to import test configuration. | |
ConfigTestTrait:: |
protected | function | Copies configuration objects from source storage to target storage. | |
ExtensionListTestTrait:: |
protected | function | Gets the path for the specified module. | |
ExtensionListTestTrait:: |
protected | function | Gets the path for the specified theme. | |
KernelTestBase:: |
protected | property | Back up and restore any global variables that may be changed by tests. | |
KernelTestBase:: |
protected | property | Back up and restore static class properties that may be changed by tests. | |
KernelTestBase:: |
protected | property | Contains a few static class properties for performance. | |
KernelTestBase:: |
protected | property | ||
KernelTestBase:: |
protected | property | @todo Move into Config test base class. | 7 |
KernelTestBase:: |
protected static | property | An array of config object names that are excluded from schema checking. | |
KernelTestBase:: |
protected | property | ||
KernelTestBase:: |
protected | property | ||
KernelTestBase:: |
protected | property | Do not forward any global state from the parent process to the processes that run the actual tests. | |
KernelTestBase:: |
protected | property | The app root. | |
KernelTestBase:: |
protected | property | Kernel tests are run in separate processes because they allow autoloading of code from extensions. Running the test in a separate process isolates this behavior from other tests. Subclasses should not override this property. | |
KernelTestBase:: |
protected | property | ||
KernelTestBase:: |
protected | property | Set to TRUE to strict check all configuration saved. | 6 |
KernelTestBase:: |
protected | property | The virtual filesystem root directory. | |
KernelTestBase:: |
protected | function | 1 | |
KernelTestBase:: |
protected | function | Bootstraps a basic test environment. | |
KernelTestBase:: |
private | function | Bootstraps a kernel for a test. | |
KernelTestBase:: |
protected | function | Configuration accessor for tests. Returns non-overridden configuration. | |
KernelTestBase:: |
protected | function | Disables modules for this test. | |
KernelTestBase:: |
protected | function | Enables modules for this test. | |
KernelTestBase:: |
protected | function | Gets the config schema exclusions for this test. | |
KernelTestBase:: |
protected | function | Returns the Database connection info to be used for this test. | 3 |
KernelTestBase:: |
public | function | ||
KernelTestBase:: |
private | function | Returns Extension objects for $modules to enable. | |
KernelTestBase:: |
private static | function | Returns the modules to enable for this test. | |
KernelTestBase:: |
protected | function | Initializes the FileCache component. | |
KernelTestBase:: |
protected | function | Installs default configuration for a given list of modules. | |
KernelTestBase:: |
protected | function | Installs the storage schema for a specific entity type. | |
KernelTestBase:: |
protected | function | Installs database tables from a module schema definition. | |
KernelTestBase:: |
protected | function | ||
KernelTestBase:: |
public | function |
Registers test-specific services. Overrides ServiceProviderInterface:: |
24 |
KernelTestBase:: |
protected | function | Renders a render array. | 1 |
KernelTestBase:: |
protected | function | Sets the install profile and rebuilds the container to update it. | |
KernelTestBase:: |
protected | function | Sets an in-memory Settings variable. | |
KernelTestBase:: |
public static | function | 1 | |
KernelTestBase:: |
protected | function | Sets up the filesystem, so things like the file directory. | 2 |
KernelTestBase:: |
protected | function | Stops test execution. | |
KernelTestBase:: |
protected | function | 4 | |
KernelTestBase:: |
public | function | @after | |
KernelTestBase:: |
protected | function | Dumps the current state of the virtual filesystem to STDOUT. | |
KernelTestBase:: |
public | function | Prevents serializing any properties. | |
ManagedRolePermissionsTest:: |
protected static | property |
Modules to enable. Overrides KernelTestBase:: |
|
ManagedRolePermissionsTest:: |
protected | function |
Overrides KernelTestBase:: |
|
ManagedRolePermissionsTest:: |
public | function | Test that managed roles with config access get config permissions. | |
ManagedRolePermissionsTest:: |
public | function | Test that managed roles get default permissions. | |
ManagedRolePermissionsTest:: |
public | function | Test that managed roles get granular entity permissions. | |
ManagedRolePermissionsTest:: |
public | function | Test that managed roles get high level operation permissions. | |
ManagedRolePermissionsTest:: |
public | function | Test that managed roles get permissions provided by callbacks. | |
PhpUnitWarnings:: |
private static | property | Deprecation warnings from PHPUnit to raise with @trigger_error(). | |
PhpUnitWarnings:: |
public | function | Converts PHPUnit deprecation warnings to E_USER_DEPRECATED. | |
RandomGeneratorTrait:: |
protected | property | The random generator. | |
RandomGeneratorTrait:: |
protected | function | Gets the random generator for the utility methods. | |
RandomGeneratorTrait:: |
protected | function | Generates a unique random string containing letters and numbers. | 1 |
RandomGeneratorTrait:: |
public | function | Generates a random PHP object. | |
RandomGeneratorTrait:: |
public | function | Generates a pseudo-random string of ASCII characters of codes 32 to 126. | |
RandomGeneratorTrait:: |
public | function | Callback for random string validation. | |
StorageCopyTrait:: |
protected static | function | Copy the configuration from one storage to another and remove stale items. | |
TestRequirementsTrait:: |
private | function | Checks missing module requirements. | |
TestRequirementsTrait:: |
protected | function | Check module requirements for the Drupal use case. | 1 |
TestRequirementsTrait:: |
protected static | function | Returns the Drupal root directory. | |
UserCreationTrait:: |
protected | function | Checks whether a given list of permission names is valid. | |
UserCreationTrait:: |
protected | function | Creates an administrative role. | |
UserCreationTrait:: |
protected | function | Creates a role with specified permissions. | |
UserCreationTrait:: |
protected | function | Create a user with a given set of permissions. | |
UserCreationTrait:: |
protected | function | Grant permissions to a user role. | |
UserCreationTrait:: |
protected | function | Switch the current logged in user. | |
UserCreationTrait:: |
protected | function | Creates a random user account and sets it as current user. |