You are here

Home » API reference » Masquerade 8.2 » MasqueradeAccessTest.php » MasqueradeAccessTest

public function MasqueradeAccessTest::testAccess in Masquerade 8.2

Tests masquerade access for different source and target users.

Test plan summary:

  • root » admin
  • admin » root
  • admin » moderator (more roles but less privileges)
  • admin » super (administrator and editor roles)
  • admin » lead (editor roles)
  • admin » masquerade (different role)
  • admin » auth (less roles)
  • moderator ! root
  • moderator ! admin (less roles but more privileges)
  • moderator ! editor (different roles + privileges)
  • moderator » super (administrator and editor roles)
  • moderator » lead (editor roles)
  • moderator » auth
  • [editor is access-logic-wise equal to moderator, so skipped]
  • masquerade ! root
  • masquerade ! admin (different role with more privileges)
  • masquerade ! moderator (more roles)
  • masquerade ! lead (editor roles)
  • masquerade ! super (administrator and editor roles)
  • masquerade » auth
  • masquerade ! masquerade (self)
  • lead ! root
  • lead ! admin (different role with more privileges)
  • lead ! moderator (more roles)
  • lead ! super (administrator and editor roles)
  • lead » editor
  • lead » auth
  • auth ! *

File

tests/src/Functional/MasqueradeAccessTest.php, line 50

Class

MasqueradeAccessTest
Tests masquerade access mechanism.

Namespace

Drupal\Tests\masquerade\Functional

Code

public function testAccess() {
  $this
    ->drupalLogin($this->rootUser);
  $this
    ->assertCanMasqueradeAs($this->admin_user);
  $this
    ->drupalLogin($this->admin_user);

  // Permission 'masquerade as super user' granted by default.
  $this
    ->assertCanMasqueradeAs($this->rootUser);

  // Permission 'masquerade as any user' granted by default.
  $this
    ->assertCanMasqueradeAs($this->moderator_user);
  $this
    ->assertCanMasqueradeAs($this->superUser);
  $this
    ->assertCanMasqueradeAs($this->leadEditorUser);
  $this
    ->assertCanMasqueradeAs($this->editor_user);
  $this
    ->assertCanMasqueradeAs($this->masquerade_user);
  $this
    ->assertCanMasqueradeAs($this->auth_user);

  // Test 'masquerade as any user' permission except UID 1.
  $this
    ->drupalLogin($this->moderator_user);
  $this
    ->assertCanNotMasqueradeAs($this->rootUser);
  $this
    ->assertCanMasqueradeAs($this->admin_user);
  $this
    ->assertCanMasqueradeAs($this->superUser);
  $this
    ->assertCanMasqueradeAs($this->leadEditorUser);
  $this
    ->assertCanMasqueradeAs($this->editor_user);
  $this
    ->assertCanMasqueradeAs($this->masquerade_user);
  $this
    ->assertCanMasqueradeAs($this->auth_user);

  // Test 'masquerade as @role' permission.
  $this
    ->drupalLogin($this->editor_user);
  $this
    ->assertCanNotMasqueradeAs($this->rootUser);
  $this
    ->assertCanNotMasqueradeAs($this->admin_user);
  $this
    ->assertCanNotMasqueradeAs($this->moderator_user);
  $this
    ->assertCanNotMasqueradeAs($this->superUser);
  $this
    ->assertCanNotMasqueradeAs($this->leadEditorUser);
  $this
    ->assertCanMasqueradeAs($this->masquerade_user);
  $this
    ->assertCanMasqueradeAs($this->auth_user);

  // Test 'masquerade as @role' permission.
  $this
    ->drupalLogin($this->leadEditorUser);
  $this
    ->assertCanNotMasqueradeAs($this->rootUser);
  $this
    ->assertCanNotMasqueradeAs($this->admin_user);
  $this
    ->assertCanNotMasqueradeAs($this->moderator_user);
  $this
    ->assertCanNotMasqueradeAs($this->superUser);
  $this
    ->assertCanNotMasqueradeAs($this->masquerade_user);
  $this
    ->assertCanMasqueradeAs($this->editor_user);
  $this
    ->assertCanMasqueradeAs($this->auth_user);

  // Test 'masquerade as authenticated' permission.
  $this
    ->drupalLogin($this->masquerade_user);
  $this
    ->assertCanNotMasqueradeAs($this->rootUser);
  $this
    ->assertCanNotMasqueradeAs($this->admin_user);
  $this
    ->assertCanNotMasqueradeAs($this->moderator_user);
  $this
    ->assertCanNotMasqueradeAs($this->superUser);
  $this
    ->assertCanNotMasqueradeAs($this->leadEditorUser);
  $this
    ->assertCanNotMasqueradeAs($this->editor_user);
  $this
    ->assertCanMasqueradeAs($this->auth_user);

  // Verify that a user cannot masquerade as himself.
  $edit = [
    'masquerade_as' => $this->masquerade_user
      ->getAccountName(),
  ];
  $this
    ->drupalGet('masquerade');
  $this
    ->submitForm($edit, 'Switch');
  $this
    ->assertSession()
    ->responseContains($this
    ->t('You cannot masquerade as yourself. Please choose a different user to masquerade as.'));
  $this
    ->assertSession()
    ->pageTextNotContains('Unmasquerade');

  // Basic 'masquerade' permission check.
  $this
    ->drupalLogin($this->auth_user);
  $this
    ->drupalGet('masquerade');
  $this
    ->assertSession()
    ->statusCodeEquals(403);
}