function FileEntityAccessTestCase::testFileEntityAccess in File Entity (fieldable files) 7.2

Same name and namespace in other branches

1. 7.3 file_entity.test \FileEntityAccessTestCase::testFileEntityAccess()

Runs basic tests for file_entity_access function.

File

./file_entity.test, line 1317

Test integration for the file_entity module.

Class

FileEntityAccessTestCase

Tests the file entity access API.

Code

function testFileEntityAccess() {
  $file = $this
    ->createFileEntity(array(
    'type' => 'image',
  ));

  // Ensures user with 'bypass file access' permission can do everything.
  $web_user = $this
    ->drupalCreateUser(array(
    'bypass file access',
  ));
  $this
    ->assertFileEntityAccess(array(
    'create' => TRUE,
  ), NULL, $web_user);
  $this
    ->assertFileEntityAccess(array(
    'view' => TRUE,
    'download' => TRUE,
    'update' => TRUE,
    'delete' => TRUE,
  ), $file, $web_user);

  // A user with 'administer files' should not access CRUD operations.
  $web_user = $this
    ->drupalCreateUser(array(
    'administer files',
  ));
  $this
    ->assertFileEntityAccess(array(
    'view' => FALSE,
    'download' => FALSE,
    'update' => FALSE,
    'delete' => FALSE,
  ), $file, $web_user);

  // User cannot 'view files'.
  $web_user = $this
    ->drupalCreateUser(array(
    'create files',
  ));
  $this
    ->assertFileEntityAccess(array(
    'view' => FALSE,
  ), $file, $web_user);

  // But can upload new ones.
  $this
    ->assertFileEntityAccess(array(
    'create' => TRUE,
  ), NULL, $web_user);

  // User can view own files but no other files.
  $web_user = $this
    ->drupalCreateUser(array(
    'create files',
    'view own files',
  ));
  $this
    ->assertFileEntityAccess(array(
    'view' => FALSE,
  ), $file, $web_user);
  $file->uid = $web_user->uid;
  $this
    ->assertFileEntityAccess(array(
    'view' => TRUE,
  ), $file, $web_user);

  // User can download own files but no other files.
  $web_user = $this
    ->drupalCreateUser(array(
    'create files',
    'download own image files',
  ));
  $this
    ->assertFileEntityAccess(array(
    'download' => FALSE,
  ), $file, $web_user);
  $file->uid = $web_user->uid;
  $this
    ->assertFileEntityAccess(array(
    'download' => TRUE,
  ), $file, $web_user);

  // User can update own files but no other files.
  $web_user = $this
    ->drupalCreateUser(array(
    'create files',
    'view own files',
    'edit own image files',
  ));
  $this
    ->assertFileEntityAccess(array(
    'update' => FALSE,
  ), $file, $web_user);
  $file->uid = $web_user->uid;
  $this
    ->assertFileEntityAccess(array(
    'update' => TRUE,
  ), $file, $web_user);

  // User can delete own files but no other files.
  $web_user = $this
    ->drupalCreateUser(array(
    'create files',
    'view own files',
    'edit own image files',
    'delete own image files',
  ));
  $this
    ->assertFileEntityAccess(array(
    'delete' => FALSE,
  ), $file, $web_user);
  $file->uid = $web_user->uid;
  $this
    ->assertFileEntityAccess(array(
    'delete' => TRUE,
  ), $file, $web_user);

  // User can view any file.
  $web_user = $this
    ->drupalCreateUser(array(
    'create files',
    'view files',
  ));
  $this
    ->assertFileEntityAccess(array(
    'view' => TRUE,
  ), $file, $web_user);

  // User can download any file.
  $web_user = $this
    ->drupalCreateUser(array(
    'create files',
    'download any image files',
  ));
  $this
    ->assertFileEntityAccess(array(
    'download' => TRUE,
  ), $file, $web_user);

  // User can edit any file.
  $web_user = $this
    ->drupalCreateUser(array(
    'create files',
    'view files',
    'edit any image files',
  ));
  $this
    ->assertFileEntityAccess(array(
    'update' => TRUE,
  ), $file, $web_user);

  // User can delete any file.
  $web_user = $this
    ->drupalCreateUser(array(
    'create files',
    'view files',
    'edit any image files',
    'delete any image files',
  ));
  $this
    ->assertFileEntityAccess(array(
    'delete' => TRUE,
  ), $file, $web_user);
}