View source
<?php
class ModuleGrantsNodeAccessTestCase extends NodeAccessTestCase {
public static function getInfo() {
return array(
'name' => 'Node access with Module Grants',
'description' => 'Run node access test cases with Module Grants module enabled.',
'group' => 'Module grants',
);
}
function setUp() {
parent::setUp();
$success = module_enable(array(
'module_grants',
), TRUE);
$this
->assertTrue($success, t('Enabled module grants module'));
}
}
class ModuleGrantsNodeAccessRecordsTestCase extends NodeAccessRecordsTestCase {
public static function getInfo() {
return array(
'name' => 'Node access records with Module Grants',
'description' => 'Run node access records test cases with Module Grants module enabled.',
'group' => 'Module grants',
);
}
function setUp() {
parent::setUp();
$success = module_enable(array(
'module_grants',
), TRUE);
$this
->assertTrue($success, t('Enabled module grants module'));
}
}
class ModuleGrantsNodeAccessBaseTableTestCase extends NodeAccessBaseTableTestCase {
public static function getInfo() {
return array(
'name' => 'Node Access on any table with Module Grants',
'description' => 'Run node access on any table test cases with Module Grants module enabled.',
'group' => 'Module grants',
);
}
function setUp() {
parent::setUp();
$success = module_enable(array(
'module_grants',
), TRUE);
$this
->assertTrue($success, t('Enabled module grants module'));
}
}
class ModuleGrantsNodeQueryAlterTestCase extends NodeQueryAlter {
public static function getInfo() {
return array(
'name' => 'Node access queries with Module Grants',
'description' => 'Run node access queries test cases with Module Grants module enabled.',
'group' => 'Module grants',
);
}
function setUp() {
parent::setUp();
$success = module_enable(array(
'module_grants',
), TRUE);
$this
->assertTrue($success, t('Enabled module grants module'));
}
}
class ModuleGrantsNodeEntityFieldQueryAlterTestCase extends NodeQueryAlter {
public static function getInfo() {
return array(
'name' => 'Node entity query alter with Module Grants',
'description' => 'Run node entity query alter test cases with Module Grants module enabled.',
'group' => 'Module grants',
);
}
function setUp() {
parent::setUp();
$success = module_enable(array(
'module_grants',
), TRUE);
$this
->assertTrue($success, t('Enabled module grants module'));
}
}
class ModuleGrantsNodeAccessBaseTableWithTestModulesTestCase extends NodeAccessBaseTableTestCase {
public static function getInfo() {
return array(
'name' => 'Node Access on any table with Module Grants and color/number/animal test module',
'description' => 'Run node access on any table test cases with Module Grants module and color/number/animal test module enabled.',
'group' => 'Module grants',
);
}
function setUp() {
parent::setUp();
$success = module_enable(array(
'module_grants',
'module_grants_test_color',
'module_grants_test_number',
'module_grants_test_animal',
), TRUE);
$this
->assertTrue($success, t('Enabled module grants and test modules'));
node_access_rebuild();
variable_set('module_grants_OR_modules', TRUE);
}
}
class ModuleGrantsBaseTestCase extends DrupalWebTestCase {
protected $nodes;
protected $webUser;
function assetNodeViewAccess($node_accesses, $permissions = array()) {
$nodes = node_load_multiple(false);
node_delete_multiple(array_keys($nodes));
$this->nodes = array();
$vocabulary = taxonomy_vocabulary_machine_name_load('tags');
$this->term = $this
->createTerm($vocabulary);
$tags[LANGUAGE_NONE][0]['tid'] = $this->term->tid;
foreach ($node_accesses as $node_title => $access) {
$body[LANGUAGE_NONE][0]['value'] = 'A' . $node_title;
$node = $this
->drupalCreateNode(array(
'title' => $node_title,
'type' => 'article',
'field_tags' => $tags,
'body' => $body,
));
$this->nodes[$node_title] = $node;
}
$permissions += array(
'access content',
);
$this->webUser = $this
->drupalCreateUser($permissions);
$this
->drupalLogin($this->webUser);
foreach ($node_accesses as $node_title => $access) {
$node = $this->nodes[$node_title];
$this
->assertNodeAccess(array(
'view' => $access,
), $node, $this->webUser);
}
$this
->assertNodeQueryAlter($node_accesses, $this->webUser);
$this
->assertEntityFieldQueryAlter($node_accesses, $this->webUser);
$this
->assertNonBaseTableViewAccess($node_accesses, $this->webUser);
}
function getUserPermissions($account) {
$permissions = array();
foreach (user_role_permissions($account->roles) as $rid => $perms) {
$permissions += array_keys(array_filter($perms));
}
return $permissions;
}
function createTerm($vocabulary) {
$term = new stdClass();
$term->name = $this
->randomName();
$term->description = $this
->randomName();
$term->format = db_query_range('SELECT format FROM {filter_format}', 0, 1)
->fetchField();
$term->vid = $vocabulary->vid;
taxonomy_term_save($term);
return $term;
}
function assertNodeAccess($ops, $node, $account) {
foreach ($ops as $op => $result) {
$msg = t("node_access returns @result with operation '@op' for node '@title' with user permissions @permissions, lenient mode @lenient.", array(
'@result' => $result ? 'true' : 'false',
'@op' => $op,
'@title' => $node->title,
'@permissions' => implode(',', $this
->getUserPermissions($account)),
'@lenient' => variable_get('module_grants_lenient', true) ? 'on' : 'off',
));
$this
->assertEqual($result, node_access($op, $node, $account), $msg);
}
}
function assertNodeQueryAlter($node_accesses, $account) {
$num_of_visible_nodes = count(array_filter($node_accesses));
$msg = t("@count nodes were found for user with permissions @permissions, lenient mode @lenient.", array(
'@count' => $num_of_visible_nodes,
'@permissions' => implode(',', $this
->getUserPermissions($account)),
'@lenient' => variable_get('module_grants_lenient', true) ? 'on' : 'off',
));
$this
->drupalGet('node_access_test_page');
$this
->assertNoText('Exception', "No database exception");
if ($num_of_visible_nodes > 0) {
$this
->assertText("Yes, {$num_of_visible_nodes} nodes", $msg);
}
else {
$this
->assertText('No nodes', $msg);
}
try {
$query = db_select('node', 'mytab')
->fields('mytab');
$query
->addTag('node_access');
$query
->addMetaData('op', 'view');
$query
->addMetaData('account', $account);
$result = $query
->execute()
->fetchAll();
$this
->assertEqual(count($result), $num_of_visible_nodes, 'Use db_select with node_access tag: ' . $msg);
} catch (Exception $e) {
$this
->fail(t('Altered query is malformed'));
}
}
function assertEntityFieldQueryAlter($node_accesses, $account) {
$num_of_visible_nodes = count(array_filter($node_accesses));
$msg = t("@count nodes were found for user with permissions @permissions, lenient mode @lenient.", array(
'@count' => $num_of_visible_nodes,
'@permissions' => implode(',', $this
->getUserPermissions($account)),
'@lenient' => variable_get('module_grants_lenient', true) ? 'on' : 'off',
));
$this
->drupalGet('node_access_entity_test_page');
$this
->assertNoText('Exception', "No database exception");
if ($num_of_visible_nodes > 0) {
$this
->assertText("Yes, {$num_of_visible_nodes} nodes", $msg);
}
else {
$this
->assertText('No nodes', $msg);
}
}
function assertNonBaseTableViewAccess($node_accesses, $account) {
$tid = $this->term->tid;
$this
->drupalGet("taxonomy/term/{$tid}");
$this->nodes_visible = array();
foreach ($this
->xpath("//a[text()='Read more']") as $link) {
$this
->assertTrue(preg_match('|node/(\\d+)$|', (string) $link['href'], $matches), 'Read more points to a node');
$node = node_load($matches[1]);
$this->nodes_visible[$node->title] = $node;
}
foreach ($node_accesses as $node_title => $access) {
$msg = t("Node '@title' is @access on taxonomy term {$tid} page for user with permissions @permissions, lenient mode @lenient.", array(
'@title' => $node_title,
'@access' => $access ? 'visible' : 'not visible',
'@permissions' => implode(',', $this
->getUserPermissions($account)),
'@lenient' => variable_get('module_grants_lenient', true) ? 'on' : 'off',
));
$this
->assertEqual($access, isset($this->nodes_visible[$node_title]), $msg);
}
}
}
class ModuleGrantsViewOpTestCase extends ModuleGrantsBaseTestCase {
public static function getInfo() {
return array(
'name' => 'Module grants test cases for view operation',
'description' => 'These test cases cover the view operation\' access.',
'group' => 'Module grants',
);
}
function setUp() {
parent::setUp(array(
'node_access_test',
'module_grants',
'module_grants_test_color',
'module_grants_test_number',
'module_grants_test_animal',
));
node_access_rebuild();
}
function testViewOpWithModuleGrantsOff() {
$this
->pass('Test view operations with module grants off, and view all not enabled.');
$this
->doViewOpTestWithModuleGrantsOff(false);
}
function testViewOpWithModuleGrantsOffAndViewAll() {
$this
->pass('Test view operations with module grants off, and view all enabled.');
$this
->doViewOpTestWithModuleGrantsOff(true);
}
function doViewOpTestWithModuleGrantsOff($enable_view_all) {
if ($enable_view_all) {
_module_grants_test_add_view_all(module_grants_test_animal_get_grants(), 1000);
_module_grants_test_add_view_all(module_grants_test_color_get_grants(), 1001);
_module_grants_test_add_view_all(module_grants_test_number_get_grants(), 1002);
}
variable_set('module_grants_OR_modules', TRUE);
variable_set('node_access_test_private', FALSE);
parent::assetNodeViewAccess(array(
'Test node 1' => true,
'Test node 2' => true,
'Test node 3' => true,
), array(
'node test view',
));
parent::assetNodeViewAccess(array(
'Test node cat' => false,
'Test node dog' => true,
'Test node fish' => false,
'Test node cow' => true,
'Test node horse' => false,
), array(
'dog',
'cow',
));
parent::assetNodeViewAccess(array(
'Test node blue' => true,
'Test node green' => false,
'Test node red' => false,
), array(
'blue',
));
parent::assetNodeViewAccess(array(
'Test node one' => false,
'Test node two' => false,
'Test node three' => false,
), array());
parent::assetNodeViewAccess(array(
'Test node cat' => false,
'Test node dog' => true,
'Test node fish' => false,
'Test node cow' => false,
'Test node horse' => false,
'Test node blue' => true,
'Test node green' => false,
'Test node red' => false,
'Test node one' => false,
'Test node two' => false,
'Test node three' => true,
), array(
'dog',
'blue',
'three',
));
parent::assetNodeViewAccess(array(
'Test node cat blue' => true,
'Test node dog green' => true,
'Test node fish red' => false,
'Test node cow one' => false,
'Test node horse two' => false,
'Test node cat three' => true,
), array(
'dog',
'blue',
'three',
));
parent::assetNodeViewAccess(array(
'Test node cat blue one' => true,
'Test node dog green two' => true,
'Test node fish red three' => true,
'Test node dog blue three' => true,
'Test node cat green one' => false,
'Test node fish red two' => false,
), array(
'dog',
'blue',
'three',
));
}
function testViewOpWithModuleGrantsOn() {
$this
->pass('Test view operations with module grants on, and view all not enabled.');
variable_set('module_grants_OR_modules', FALSE);
variable_set('node_access_test_private', FALSE);
parent::assetNodeViewAccess(array(
'Test node 1' => true,
'Test node 2' => true,
'Test node 3' => true,
), array(
'node test view',
));
parent::assetNodeViewAccess(array(
'Test node cat' => false,
'Test node dog' => true,
'Test node fish' => false,
'Test node cow' => true,
'Test node horse' => false,
), array(
'dog',
'cow',
'node test view',
));
parent::assetNodeViewAccess(array(
'Test node blue' => true,
'Test node green' => false,
'Test node red' => false,
), array(
'blue',
'node test view',
));
variable_set('module_grants_lenient', true);
parent::assetNodeViewAccess(array(
'Test node one' => false,
'Test node two' => false,
'Test node three' => false,
), array(
'node test view',
));
variable_set('module_grants_lenient', false);
parent::assetNodeViewAccess(array(
'Test node one' => false,
'Test node two' => false,
'Test node three' => false,
), array(
'node test view',
));
variable_set('module_grants_lenient', true);
parent::assetNodeViewAccess(array(
'Test node cat' => false,
'Test node dog' => true,
'Test node fish' => false,
'Test node cow' => false,
'Test node horse' => false,
'Test node blue' => true,
'Test node green' => false,
'Test node red' => false,
'Test node one' => false,
'Test node two' => false,
'Test node three' => true,
), array(
'dog',
'blue',
'three',
'node test view',
));
parent::assetNodeViewAccess(array(
'Test node cat blue' => false,
'Test node dog green' => false,
'Test node fish red' => false,
'Test node cow one' => false,
'Test node horse two' => false,
'Test node cat three' => false,
'Test node dog blue' => true,
'Test node dog three' => true,
'Test node blue three' => true,
), array(
'dog',
'blue',
'three',
'node test view',
));
parent::assetNodeViewAccess(array(
'Test node cat blue one' => false,
'Test node dog green two' => false,
'Test node fish red three' => false,
'Test node cat green one' => false,
'Test node fish red two' => false,
'Test node dog blue three' => true,
), array(
'dog',
'blue',
'three',
'node test view',
));
variable_set('module_grants_lenient', false);
parent::assetNodeViewAccess(array(
'Test node cat' => false,
'Test node dog' => false,
'Test node fish' => false,
'Test node cow' => false,
'Test node horse' => false,
'Test node blue' => false,
'Test node green' => false,
'Test node red' => false,
'Test node one' => false,
'Test node two' => false,
'Test node three' => false,
), array(
'dog',
'blue',
'three',
'node test view',
));
parent::assetNodeViewAccess(array(
'Test node cat blue' => false,
'Test node dog green' => false,
'Test node fish red' => false,
'Test node cow one' => false,
'Test node horse two' => false,
'Test node cat three' => false,
'Test node dog blue' => false,
'Test node dog three' => false,
'Test node blue three' => false,
), array(
'dog',
'blue',
'three',
'node test view',
));
parent::assetNodeViewAccess(array(
'Test node cat blue one' => false,
'Test node dog green two' => false,
'Test node fish red three' => false,
'Test node cat green one' => false,
'Test node fish red two' => false,
'Test node dog blue three' => true,
), array(
'dog',
'blue',
'three',
'node test view',
));
}
function testViewOpWithModuleGrantsOnAndViewAll() {
$this
->pass('Test view operations with module grants on, and view all enabled.');
_module_grants_test_add_view_all(module_grants_test_animal_get_grants(), 1000);
_module_grants_test_add_view_all(module_grants_test_color_get_grants(), 1001);
_module_grants_test_add_view_all(module_grants_test_number_get_grants(), 1002);
variable_set('module_grants_OR_modules', FALSE);
variable_set('node_access_test_private', FALSE);
parent::assetNodeViewAccess(array(
'Test node 1' => true,
'Test node 2' => true,
'Test node 3' => true,
), array(
'node test view',
'view all pets',
'view all color',
'view all number',
));
parent::assetNodeViewAccess(array(
'Test node cat' => false,
'Test node dog' => true,
'Test node fish' => false,
'Test node cow' => true,
'Test node horse' => false,
), array(
'dog',
'cow',
'node test view',
'view all color',
'view all number',
));
parent::assetNodeViewAccess(array(
'Test node blue' => true,
'Test node green' => false,
'Test node red' => false,
), array(
'blue',
'node test view',
'view all pets',
'view all number',
));
parent::assetNodeViewAccess(array(
'Test node one' => false,
'Test node two' => false,
'Test node three' => false,
), array(
'node test view',
'view all pets',
'view all color',
));
parent::assetNodeViewAccess(array(
'Test node cat' => false,
'Test node dog' => false,
'Test node fish' => false,
'Test node cow' => false,
'Test node horse' => false,
'Test node blue' => false,
'Test node green' => false,
'Test node red' => false,
'Test node one' => false,
'Test node two' => false,
'Test node three' => false,
), array(
'dog',
'blue',
'three',
'node test view',
));
parent::assetNodeViewAccess(array(
'Test node cat blue' => false,
'Test node dog green' => false,
'Test node fish red' => false,
'Test node cow one' => false,
'Test node horse two' => false,
'Test node cat three' => false,
'Test node dog blue' => false,
'Test node dog three' => false,
'Test node blue three' => false,
), array(
'dog',
'blue',
'three',
'node test view',
));
parent::assetNodeViewAccess(array(
'Test node cat blue one' => false,
'Test node dog green two' => false,
'Test node fish red three' => false,
'Test node cat green one' => false,
'Test node fish red two' => false,
'Test node dog blue three' => true,
), array(
'dog',
'blue',
'three',
'node test view',
));
}
}
class ModuleGrantsBasicTestCase extends ModuleGrantsBaseTestCase {
public static function getInfo() {
return array(
'name' => 'Module grants basic test cases',
'description' => 'These test cases ensures module grants\' basic functionality.',
'group' => 'Module grants',
);
}
function setUp() {
parent::setUp(array(
'module_grants',
'module_grants_test_access_hook',
'module_grants_test_color',
'module_grants_test_number',
'module_grants_test_animal',
));
node_access_rebuild();
}
function testModuleImplementsHook() {
$hook = 'node_access';
$modules = module_implements($hook);
$this
->assertEqual(1, count($modules), "Only one module implements hook_node_access()");
$this
->assertTrue(array_shift($modules) === 'module_grants', "The module implements hook_node_access() is module_grants");
$module_implements = module_grants_set_node_access_implementations();
$this
->assertEqual(2, count($module_implements), "2 module's hook_node_access() is saved by module grants");
$this
->assertTrue(isset($module_implements['node']), "Node module's hook_node_access() is saved by module grants");
$this
->assertTrue(isset($module_implements['module_grants_test_access_hook']), "module_grants_test_access_hook module's hook_node_access() is saved by module grants");
}
function testNoModuleGrants() {
$account = $this
->drupalCreateUser(array(
'access content',
));
$this
->assertFalse(node_access('create', 'article', $account), t("User with only 'access content' permisson cannot create article"));
$node = $this
->drupalCreateNode(array(
'title' => "Test node dog blue three",
'type' => 'article',
));
foreach (array(
'view',
'update',
'delete',
) as $op) {
$account = $this
->drupalCreateUser(array(
'access content',
));
$this
->assertFalse(node_access($op, $node, $account), t("User with only 'access content' permission cannot {$op} article node @title", array(
'@title' => $node->title,
)));
}
}
function testHookNodeAccessAllow() {
$permission = 'module_grants_test_access_hook create all';
$account = $this
->drupalCreateUser(array(
$permission,
'access content',
));
$this
->assertTrue(node_access('create', 'article', $account), t("User with permission @permission can create article", array(
'@permission' => $permission,
)));
$node = $this
->drupalCreateNode(array(
'title' => "Test node dog blue three",
'type' => 'article',
));
foreach (array(
'view',
'update',
'delete',
) as $op) {
$permission = "module_grants_test_access_hook {$op} all";
$account = $this
->drupalCreateUser(array(
$permission,
'access content',
));
$this
->assertTrue(node_access($op, $node, $account), t("User with permission @permission can {$op} article node @title", array(
'@permission' => $permission,
'@title' => $node->title,
)));
}
}
function testQueryAlter() {
$body[LANGUAGE_NONE][0]['value'] = 'All';
$node = $this
->drupalCreateNode(array(
'title' => "Test node dog blue three",
'type' => 'article',
'body' => $body,
));
variable_set('module_grants_lenient', true);
$this
->assertNodeQueryAlter(array(), 0);
$this
->assertNodeQueryAlter(array(
'dog',
), 0);
$this
->assertNodeQueryAlter(array(
'cat',
), 0);
$this
->assertNodeQueryAlter(array(
'dog',
'blue',
), 0);
$this
->assertNodeQueryAlter(array(
'dog',
'red',
), 0);
$this
->assertNodeQueryAlter(array(
'dog',
'blue',
'three',
), 1);
$this
->assertNodeQueryAlter(array(
'dog',
'blue',
'two',
), 0);
variable_set('module_grants_lenient', false);
$this
->assertNodeQueryAlter(array(), 0);
$this
->assertNodeQueryAlter(array(
'dog',
), 0);
$this
->assertNodeQueryAlter(array(
'dog',
'blue',
), 0);
$this
->assertNodeQueryAlter(array(
'dog',
'blue',
'three',
), 1);
$this
->assertNodeQueryAlter(array(
'dog',
'blue',
'two',
), 0);
variable_set('module_grants_lenient', true);
$this
->assertEntityQueryAlter(array(), 0);
$this
->assertEntityQueryAlter(array(
'dog',
), 0);
$this
->assertEntityQueryAlter(array(
'cat',
), 0);
$this
->assertEntityQueryAlter(array(
'dog',
'blue',
), 0);
$this
->assertEntityQueryAlter(array(
'dog',
'red',
), 0);
$this
->assertEntityQueryAlter(array(
'dog',
'blue',
'three',
), 1);
$this
->assertEntityQueryAlter(array(
'dog',
'blue',
'two',
), 0);
variable_set('module_grants_lenient', false);
$this
->assertEntityQueryAlter(array(), 0);
$this
->assertEntityQueryAlter(array(
'dog',
), 0);
$this
->assertEntityQueryAlter(array(
'dog',
'blue',
), 0);
$this
->assertEntityQueryAlter(array(
'dog',
'blue',
'three',
), 1);
$this
->assertEntityQueryAlter(array(
'dog',
'blue',
'two',
), 0);
}
function assertNodeQueryAlter($permissions, $count) {
$permissions += array(
'access content',
);
$account = $this
->drupalCreateUser($permissions);
$msg = t("User with permissions @permissions can see @count nodes.", array(
'@permissions' => implode(',', $permissions),
'@count' => $count,
));
$query = db_select('node', 'mytab')
->fields('mytab');
$query
->addTag('node_access');
$query
->addMetadata('account', $account);
$result = $query
->execute()
->fetchAll();
$this
->assertEqual($count, count($result), $msg);
}
function assertEntityQueryAlter($permissions, $count) {
$permissions += array(
'access content',
);
$account = $this
->drupalCreateUser($permissions);
$msg = t("User with permissions @permissions can see @count node entities.", array(
'@permissions' => implode(',', $permissions),
'@count' => $count,
));
$query = new EntityFieldQuery();
$query
->entityCondition('entity_type', 'node')
->entityCondition('bundle', 'article')
->fieldCondition('body', 'value', 'A', 'STARTS_WITH')
->addMetaData('account', $account);
$result = $query
->execute();
$result_count = isset($result['node']) ? count($result['node']) : 0;
$this
->assertEqual($count, $result_count, $msg);
}
}
