View source
<?php
namespace Drupal\Tests\message_ui\Functional;
use Drupal\Component\Render\FormattableMarkup;
use Drupal\message_ui\MessagePermissions;
use Drupal\user\Entity\Role;
use Drupal\user\RoleInterface;
use Drupal\message\Entity\Message;
class MessageUiPermissionsTest extends AbstractTestMessageUi {
protected $accessHandler;
public function setUp() {
parent::setUp();
$this->accessHandler = \Drupal::entityTypeManager()
->getAccessControlHandler('message');
$this->account = $this
->drupalCreateUser();
$this->rid = Role::load(RoleInterface::AUTHENTICATED_ID)
->id();
$this
->createMessageTemplate('foo', 'Dummy test', 'Example text.', [
'Dummy message',
]);
}
public function testMessageUiPermissions() {
$this
->drupalLogin($this->account);
$create_url = '/message/add/foo';
$this
->drupalGet($create_url);
$this
->assertSession()
->statusCodeEquals(403);
$this
->grantMessageUiPermission('create');
$this
->drupalGet($create_url);
$this
->assertSession()
->statusCodeEquals(200);
$this
->drupalPostForm(NULL, [], t('Create'));
$msg_url = '/message/1';
$this
->grantMessageUiPermission('view');
$this
->drupalGet($msg_url);
$this
->assertSession()
->statusCodeEquals(200);
$this
->drupalGet($msg_url . '/edit');
$this
->assertSession()
->statusCodeEquals(403);
$this
->grantMessageUiPermission('edit');
$this
->drupalGet($msg_url . '/edit');
$this
->assertSession()
->statusCodeEquals(200);
$this
->drupalGet($msg_url . '/delete');
$this
->assertSession()
->statusCodeEquals(403);
$this
->grantMessageUiPermission('delete');
$this
->drupalPostForm($msg_url . '/delete', [], t('Delete'));
$this
->assertSession()
->statusCodeEquals(403);
user_role_grant_permissions($this->rid, [
'overview messages',
]);
$this
->drupalGet('/admin/content/messages');
$this
->assertSession()
->statusCodeEquals(200);
$this
->drupalLogout();
$user = $this
->drupalCreateUser([
'bypass message access control',
]);
$this
->drupalLogin($user);
$this
->drupalGet($create_url);
$this
->assertSession()
->statusCodeEquals(200);
}
public function testMessageUiAccessHook() {
\Drupal::service('module_installer')
->install([
'message_ui_test',
]);
$this
->drupalLogin($this->account);
$permissions = [
'create' => TRUE,
'view' => TRUE,
'delete' => FALSE,
'update' => FALSE,
];
$message_template = $this
->loadMessageTemplate('foo');
$message = Message::create([
'template' => $message_template
->id(),
]);
$message
->setOwner($this->account);
$message
->save();
foreach ($permissions as $op => $value) {
if ($op == 'create') {
$returned = $this->accessHandler
->createAccess($message_template
->id(), $this->account);
}
else {
$message->{$op} = $value;
$returned = $this->accessHandler
->access($message, $op, $this->account);
}
$params = [
'@operation' => $op,
'@value' => $value,
'@returned' => $returned,
];
$this
->assertEquals($value, $returned, new FormattableMarkup('The hook return @value for @operation when it need to return @returned', $params));
}
$class = new MessagePermissions();
$this
->assertEquals(count($class
->messageTemplatePermissions()), count($this->container
->get('entity_type.manager')
->getStorage('message_template')
->loadMultiple()) * 4);
}
}