public function EntityAccessTest::testNonMemberDeleteOwnAccess in Group 8
Same name and namespace in other branches
- 2.0.x tests/src/Kernel/EntityAccessTest.php \Drupal\Tests\group\Kernel\EntityAccessTest::testNonMemberDeleteOwnAccess()
Tests the deleting of own grouped entities for non-members.
File
- tests/
src/ Kernel/ EntityAccessTest.php, line 536
Class
- EntityAccessTest
- Tests that Group properly checks access for grouped entities.
Namespace
Drupal\Tests\group\KernelCode
public function testNonMemberDeleteOwnAccess() {
$account = $this
->createUser([], [
'administer entity_test_with_owner content',
]);
$entity_1 = $this
->createTestEntity();
$entity_2 = $this
->createTestEntity([
'uid' => $account
->id(),
]);
$entity_3 = $this
->createTestEntity();
$this->groupTypeA
->getOutsiderRole()
->grantPermission('delete own entity_test_as_content entity')
->save();
$this->groupTypeB
->getOutsiderRole()
->grantPermission('delete own entity_test_as_content entity')
->save();
$group_a = $this
->createGroup([
'type' => $this->groupTypeA
->id(),
]);
$group_a
->addContent($entity_1, 'entity_test_as_content');
$group_a
->addMember($account);
$group_b = $this
->createGroup([
'type' => $this->groupTypeB
->id(),
]);
$group_b
->addContent($entity_2, 'entity_test_as_content');
$group_b
->addMember($account);
$this
->assertTrue($this->accessControlHandler
->access($entity_1, 'delete'), 'Non-members can delete their own grouped test entities.');
$this
->assertFalse($this->accessControlHandler
->access($entity_2, 'delete'), 'Non-members cannot delete grouped test entities they do not own.');
$this
->assertTrue($this->accessControlHandler
->access($entity_3, 'delete'), 'The ungrouped test entity can be deleted.');
$this
->setCurrentUser($this
->createUser([], [
'administer entity_test_with_owner content',
]));
$this
->assertFalse($this->accessControlHandler
->access($entity_1, 'delete'), 'Non-members cannot delete grouped test entities they do not own.');
$this
->assertFalse($this->accessControlHandler
->access($entity_2, 'delete'), 'Non-members cannot delete grouped test entities they do not own.');
$this
->assertTrue($this->accessControlHandler
->access($entity_3, 'delete'), 'The ungrouped test entity can be deleted.');
$this
->setCurrentUser($account);
$this
->assertFalse($this->accessControlHandler
->access($entity_1, 'delete'), 'Members cannot delete grouped test entities.');
$this
->assertFalse($this->accessControlHandler
->access($entity_2, 'delete'), 'Members cannot delete grouped test entities.');
$this
->assertTrue($this->accessControlHandler
->access($entity_3, 'delete'), 'The ungrouped test entity can be deleted.');
}