MediaAccessTest.php in Media entity 8
File
tests/src/Functional/MediaAccessTest.php
View source
<?php
namespace Drupal\Tests\media_entity\Functional;
use Drupal\media_entity\Entity\Media;
use Drupal\user\Entity\Role;
class MediaAccessTest extends MediaEntityFunctionalTestBase {
protected $testBundle;
protected function setUp() {
parent::setUp();
$this->testBundle = $this
->drupalCreateMediaBundle();
}
public function testMediaAccess() {
$assert_session = $this
->assertSession();
$media = Media::create([
'bundle' => $this->testBundle
->id(),
'name' => 'Unnamed',
]);
$media
->save();
$user_media = Media::create([
'bundle' => $this->testBundle
->id(),
'name' => 'Unnamed',
'uid' => $this->nonAdminUser
->id(),
]);
$user_media
->save();
$this
->drupalGet('media/' . $user_media
->id());
$assert_session
->statusCodeEquals(200);
$this
->drupalGet('media/' . $user_media
->id() . '/edit');
$assert_session
->statusCodeEquals(200);
$this
->drupalGet('media/' . $user_media
->id() . '/delete');
$assert_session
->statusCodeEquals(200);
$this
->drupalLogin($this->nonAdminUser);
$role = Role::load('authenticated');
$this
->drupalGet('media/' . $media
->id());
$assert_session
->statusCodeEquals(403);
$this
->grantPermissions($role, [
'view media',
]);
$this
->drupalGet('media/' . $media
->id());
$assert_session
->statusCodeEquals(200);
$this
->drupalGet('media/add/' . $this->testBundle
->id());
$assert_session
->statusCodeEquals(403);
$this
->grantPermissions($role, [
'create media',
]);
$this
->drupalGet('media/add/' . $this->testBundle
->id());
$assert_session
->statusCodeEquals(200);
$this
->drupalGet('media/' . $user_media
->id() . '/edit');
$assert_session
->statusCodeEquals(403);
$this
->drupalGet('media/' . $user_media
->id() . '/delete');
$assert_session
->statusCodeEquals(403);
$this
->grantPermissions($role, [
'update media',
]);
$this
->grantPermissions($role, [
'delete media',
]);
$this
->drupalGet('media/' . $user_media
->id() . '/edit');
$assert_session
->statusCodeEquals(200);
$this
->drupalGet('media/' . $user_media
->id() . '/delete');
$assert_session
->statusCodeEquals(200);
$this
->drupalGet('media/' . $media
->id() . '/edit');
$assert_session
->statusCodeEquals(403);
$this
->drupalGet('media/' . $media
->id() . '/delete');
$assert_session
->statusCodeEquals(403);
$this
->grantPermissions($role, [
'update any media',
]);
$this
->grantPermissions($role, [
'delete any media',
]);
$this
->drupalGet('media/' . $media
->id() . '/edit');
$assert_session
->statusCodeEquals(200);
$this
->drupalGet('media/' . $media
->id() . '/delete');
$assert_session
->statusCodeEquals(200);
}
}