public function GNodeEditAccessTests::testMemberWithGlobalRoleEditAccess in Group 7
Test member with global role user's edit access to nodes in a group. This checks via several permissions: the update any node, update own node and administer group.
File
- modules/
gnode/ tests/ gnode.test, line 626 - Tests for the gnode module.
Class
- GNodeEditAccessTests
- Test for edit access control.
Code
public function testMemberWithGlobalRoleEditAccess() {
$group_type = $this
->createGroupType('example');
$group = $this
->createGroup('example', 'example');
$global_role = $this
->createRole('example_role');
$node = $this
->createNodeInGroup($group->gid);
$web_user = $this
->drupalCreateUser(array(
'access content',
));
$role_details = array(
'roles' => array(
'example_role',
),
'added_on' => REQUEST_TIME,
'added_by' => 1,
);
$group
->addMember($web_user->uid, $role_details);
$this
->drupalLogin($web_user);
$this
->assertNodeOperationAccess($node->nid, 'edit', 403, 'Group node is not editable by member granted a global role without update any page node permissions');
$global_role
->grantPermissions(array(
'update any page node',
));
$this
->assertNodeOperationAccess($node->nid, 'edit', 200, 'Group node is now editable by member granted a global role with update any page node permissions');
$global_role
->revokePermissions(array(
'update any page node',
));
$global_role
->grantPermissions(array(
'administer group',
));
$this
->assertNodeOperationAccess($node->nid, 'edit', 200, 'Group node is now editable by member granted a global role with administer group permissions');
$global_role
->revokePermissions(array(
'administer group',
));
$global_role
->grantPermissions(array(
'update own page node',
));
$this
->assertNodeOperationAccess($node->nid, 'edit', 403, 'Group node not owned by user is not editable by member granted a global role with update own page node permissions');
$node->uid = $web_user->uid;
node_save($node);
$this
->assertNodeOperationAccess($node->nid, 'edit', 200, 'Group node owned by user is editable by member granted a global role with update own page node permissions');
$this
->removeNodeFromGroup($node);
$this
->assertNodeOperationAccess($node->nid, 'edit', 403, 'Node not in group is not editable by member with standard access content permission');
}