public function ManagedRolePermissionsTest::testManagedRoleGranularPermissions in farmOS 2.x
Test that managed roles get granular entity permissions.
File
- modules/
core/ role/ tests/ src/ Kernel/ ManagedRolePermissionsTest.php, line 174
Class
- ManagedRolePermissionsTest
- Tests for Managed Role permissions.
Namespace
Drupal\Tests\farm_role\KernelCode
public function testManagedRoleGranularPermissions() {
/** @var \Drupal\user\RoleInterface $role */
$role = Role::load('farm_test');
// Get the roles entity type access settings.
$this
->assertNotEmpty($role
->getThirdPartySetting('farm_role', 'access', FALSE));
$access_settings = $role
->getThirdPartySetting('farm_role', 'access');
$entity_settings = $access_settings['entity'];
$log_settings = $entity_settings['type']['log'];
// Ensure the farm_test role's granular access is configured correctly.
// View all log types.
$this
->assertTrue(in_array('all', $log_settings['view any']));
// Create all log types.
$this
->assertTrue(in_array('observation', $log_settings['create']));
// Update any observation log.
$this
->assertTrue(in_array('observation', $log_settings['update any']));
// Update own log types.
$this
->assertTrue(in_array('all', $log_settings['update own']));
// Delete own log.
$this
->assertTrue(in_array('all', $log_settings['delete own']));
// Create a user.
$user = $this
->setUpCurrentUser([], [], FALSE);
$user
->addRole('farm_test');
// Log bundles.
$log_bundles = [
'observation',
'harvest',
];
// Test that the user only has permissions to specific log bundles
// as defined by the farm_test role.
foreach ($log_settings as $operation => $granted_bundles) {
foreach ($log_bundles as $bundle) {
$should_have_permission = in_array($bundle, $granted_bundles);
if (in_array('all', $granted_bundles)) {
$should_have_permission = TRUE;
}
$has_permission = $user
->hasPermission($operation . ' ' . $bundle . ' log');
$this
->assertEquals($should_have_permission, $has_permission);
}
}
}