You are here

public function JuiceboxFieldFormatterCase::testFieldFormatterAccess in Juicebox HTML5 Responsive Image Galleries 8.3

Same name and namespace in other branches
  1. 8.2 tests/src/Functional/JuiceboxFieldFormatterCase.php \Drupal\Tests\juicebox\Functional\JuiceboxFieldFormatterCase::testFieldFormatterAccess()

Test access to the Juicebox XML for the field formatter.

File

tests/src/Functional/JuiceboxFieldFormatterCase.php, line 119

Class

JuiceboxFieldFormatterCase
Tests the Juicebox field formatter.

Namespace

Drupal\Tests\juicebox\Functional

Code

public function testFieldFormatterAccess() {
  $node = $this->node;

  // The node and XML should be initially accessible (control test).
  $this
    ->drupalGet('node/' . $node
    ->id());
  $this
    ->assertResponse(200, 'Access allowed for published node.');
  $this
    ->drupalGet('juicebox/xml/field/node/' . $node
    ->id() . '/' . $this->instFieldName . '/full');
  $this
    ->assertRaw('<?xml version="1.0" encoding="UTF-8"', 'XML access allowed to published node (valid XML detected).');

  // Now unpublish the node as a way of making it inaccessible to
  // non-privileged users. There are unlimited ways that access can be
  // restricted, such as other perm settings, contrb module controls for
  // entities (node_access, tac, etc.), contrb module controls for fields
  // (field_permissions), etc. We can't test them all here, but we can run
  // this basic check to ensure that XML access restrictions kick-in.
  $node->status = NODE_NOT_PUBLISHED;
  $node
    ->save();

  // Re-check access.
  $this
    ->drupalGet('node/' . $node
    ->id());
  $this
    ->assertResponse(403, 'Access blocked for unpublished node.');
  $this
    ->drupalGet('juicebox/xml/field/node/' . $node
    ->id() . '/' . $this->instFieldName . '/full');
  $this
    ->assertResponse(403, 'XML access blocked for unpublished node.');
}