You are here

public function EntityAccessComplexTest::testMemberViewAnyUnpublishedAccess in Group 8

Same name and namespace in other branches
  1. 2.0.x tests/src/Kernel/EntityAccessComplexTest.php \Drupal\Tests\group\Kernel\EntityAccessComplexTest::testMemberViewAnyUnpublishedAccess()

Tests the viewing of any unpublished grouped entities for members.

File

tests/src/Kernel/EntityAccessComplexTest.php, line 396

Class

EntityAccessComplexTest
Tests that Group properly checks access for "complex" grouped entities.

Namespace

Drupal\Tests\group\Kernel

Code

public function testMemberViewAnyUnpublishedAccess() {
  $account = $this
    ->createUser([], $this->permissions);
  $node_1 = $this
    ->createNode([
    'type' => 'page',
    'status' => 0,
  ]);
  $node_2 = $this
    ->createNode([
    'type' => 'page',
    'status' => 0,
  ]);
  $node_3 = $this
    ->createNode([
    'type' => 'page',
    'status' => 0,
  ]);

  // Sanity check: Verify that we don't touch published nodes.
  $node_4 = $this
    ->createNode([
    'type' => 'page',
  ]);
  $group_a = $this
    ->createGroup([
    'type' => $this->groupTypeA
      ->id(),
  ]);
  $group_a
    ->addContent($node_1, 'node_as_content:page');
  $group_a
    ->addContent($node_4, 'node_as_content:page');
  $group_a
    ->addMember($this
    ->getCurrentUser());
  $group_a
    ->addMember($account);
  $group_b = $this
    ->createGroup([
    'type' => $this->groupTypeB
      ->id(),
  ]);
  $group_b
    ->addContent($node_2, 'node_as_content:page');
  $group_b
    ->addMember($this
    ->getCurrentUser());
  $group_b
    ->addMember($account);
  $this
    ->assertFalse($this->accessControlHandler
    ->access($node_1, 'view'), 'Members cannot see any unpublished grouped nodes without permission.');
  $this
    ->assertFalse($this->accessControlHandler
    ->access($node_2, 'view'), 'Members cannot see any unpublished grouped nodes without permission.');
  $this
    ->assertTrue($this->accessControlHandler
    ->access($node_3, 'view'), 'The unpublished node can be viewed by the owner.');
  $this
    ->assertFalse($this->accessControlHandler
    ->access($node_4, 'view'), 'The published grouped node cannot be viewed.');
  $this->groupTypeA
    ->getMemberRole()
    ->grantPermission('view any unpublished node_as_content:page entity')
    ->save();
  $this->groupTypeB
    ->getMemberRole()
    ->grantPermission('view any unpublished node_as_content:page entity')
    ->save();
  $this->accessControlHandler
    ->resetCache();
  $this
    ->assertTrue($this->accessControlHandler
    ->access($node_1, 'view'), 'Members can see any unpublished grouped nodes.');
  $this
    ->assertTrue($this->accessControlHandler
    ->access($node_2, 'view'), 'Members can see any unpublished grouped nodes.');
  $this
    ->assertTrue($this->accessControlHandler
    ->access($node_3, 'view'), 'The unpublished node can be viewed by the owner.');
  $this
    ->assertFalse($this->accessControlHandler
    ->access($node_4, 'view'), 'The published grouped node cannot be viewed.');
  $this
    ->setCurrentUser($account);
  $this
    ->assertTrue($this->accessControlHandler
    ->access($node_1, 'view'), 'Members can see any unpublished grouped nodes.');
  $this
    ->assertTrue($this->accessControlHandler
    ->access($node_2, 'view'), 'Members can see any unpublished grouped nodes.');
  $this
    ->assertFalse($this->accessControlHandler
    ->access($node_3, 'view'), 'The unpublished node cannot be viewed.');
  $this
    ->assertFalse($this->accessControlHandler
    ->access($node_4, 'view'), 'The published grouped node cannot be viewed.');
  $this
    ->setCurrentUser($this
    ->createUser([], $this->permissions));
  $this
    ->assertFalse($this->accessControlHandler
    ->access($node_1, 'view'), 'Non-members cannot see unpublished grouped nodes.');
  $this
    ->assertFalse($this->accessControlHandler
    ->access($node_2, 'view'), 'Non-members cannot see unpublished grouped nodes.');
  $this
    ->assertFalse($this->accessControlHandler
    ->access($node_3, 'view'), 'The unpublished node cannot be viewed.');
  $this
    ->assertFalse($this->accessControlHandler
    ->access($node_4, 'view'), 'The published grouped node cannot be viewed.');
}