You are here

Home » API reference » Organic groups 7

og_field_access.test in Organic groups 7

Same filename and directory in other branches
  1. 7.2 og_field_access/og_field_access.test

Test organic groups field access module.

File

og_field_access/og_field_access.test
View source 
<?php

/**
 * @file
 * Test organic groups field access module.
 */

/**
 * Test OG access.
 */
class OgFieldAccessTestCase extends DrupalWebTestCase {
  public static function getInfo() {
    return array(
      'name' => 'Organic groups field access',
      'description' => 'Test the access control on fields.',
      'group' => 'Organic groups field access',
    );
  }
  function setUp() {
    parent::setUp('og_field_access');
  }

  /**
   * Group with access field.
   */
  function testOgFieldAccess() {
    $user1 = $this
      ->drupalCreateUser();
    $user2 = $this
      ->drupalCreateUser();
    $this
      ->drupalLogin($user1);
    $global_roles = og_get_global_roles();

    // Set global permissions.
    $anon_rid = array_search(OG_ANONYMOUS_ROLE, $global_roles);
    $permissions = array(
      'view body field' => 0,
      'update body field' => 0,
      // Allow non-members to edit the group, so we can test the node-edit page.
      'update group' => 1,
    );
    og_role_change_permissions($anon_rid, $permissions);

    // Create group and group content node types.
    $group_type = $this
      ->drupalCreateContentType();
    og_create_field(OG_GROUP_FIELD, 'node', $group_type->type);
    $group_content_type = $this
      ->drupalCreateContentType();
    og_create_field(OG_AUDIENCE_FIELD, 'node', $group_content_type->type);
    $this
      ->drupalLogin($user1);

    // Create a group node.
    $settings = array();
    $settings['type'] = $group_type->type;
    $settings[OG_GROUP_FIELD][LANGUAGE_NONE][0]['value'] = 1;
    $settings['body'][LANGUAGE_NONE][0]['value'] = $this
      ->randomName();
    $node = $this
      ->drupalCreateNode($settings);
    $group = og_get_group('node', $node->nid);

    // Assert another user is not a group member.
    $this
      ->drupalLogin($user2);
    $this
      ->assertFalse(og_is_member($group->gid, 'user', $user2), t('User is not a group member.'));

    // Assert user can't view the field.
    $this
      ->drupalGet('node/' . $node->nid);
    $this
      ->assertResponse('200', t('Non group member can view node.'));
    $this
      ->assertNoText($node->body[LANGUAGE_NONE][0]['value'], t('Non group member can not view field.'));

    // Change permissions and assert user can view the field.
    $permissions['view body field'] = 1;
    og_role_change_permissions($anon_rid, $permissions);
    $this
      ->drupalGet('node/' . $node->nid);
    $this
      ->assertText($node->body[LANGUAGE_NONE][0]['value'], t('Non group member can now view field.'));

    // Assert user can't edit the field.
    $this
      ->drupalGet('node/' . $node->nid . '/edit');
    $this
      ->assertResponse('200', t('Non group member can edit node.'));
    $this
      ->assertNoText($node->body[LANGUAGE_NONE][0]['value'], t('Non group member can not edit field.'));

    // Change permissions and assert user can view the field.
    $permissions['update body field'] = 1;
    og_role_change_permissions($anon_rid, $permissions);
    $this
      ->drupalGet('node/' . $node->nid . '/edit');
    $langcode = LANGUAGE_NONE;
    $this
      ->assertFieldByName("body[{$langcode}][0][value]", $node->body[LANGUAGE_NONE][0]['value'], t('Non group member can now edit field.'));

    // Assert field permissions on group content.
    $permissions['view body field'] = 0;
    og_role_change_permissions($anon_rid, $permissions);
    $settings = array();
    $settings['uid'] = $user1->uid;
    $settings['type'] = $group_content_type->type;
    $settings[OG_AUDIENCE_FIELD][LANGUAGE_NONE][0]['gid'] = $group->gid;
    $settings['body'][LANGUAGE_NONE][0]['value'] = $this
      ->randomName();
    $node = $this
      ->drupalCreateNode($settings);
    $this
      ->drupalLogin($user1);
    $this
      ->drupalGet('node/' . $node->nid);
    $this
      ->assertText($node->body[LANGUAGE_NONE][0]['value'], t('Group member can view field of a group content.'));
    $this
      ->drupalLogin($user2);
    $this
      ->drupalGet('node/' . $node->nid);
    $this
      ->assertNoText($node->body[LANGUAGE_NONE][0]['value'], t('Non member can not view field of a group content.'));

    // Assert field permissions on orphan group content.
    $settings = array();
    $settings['type'] = $group_content_type->type;
    $settings['uid'] = $user1->uid;
    $node = $this
      ->drupalCreateNode($settings);
    $this
      ->drupalGet('node/' . $node->nid);
    $this
      ->assertText($node->body[LANGUAGE_NONE][0]['value'], t('Non member can view field of an orphan group content.'));

    // Assert fields of nodes not related to OG are not being restricted.
    $user3 = $this
      ->drupalCreateUser(array(
      'access content',
      'create page content',
      'edit any page content',
    ));
    $this
      ->drupalLogin($user3);
    $node = $this
      ->drupalCreateNode();
    $this
      ->drupalGet('node/' . $node->nid);
    $this
      ->assertText($node->body[LANGUAGE_NONE][0]['value'], t('User can view field of content not related to Organic groups.'));
    $this
      ->drupalGet('node/' . $node->nid . '/edit');
    $this
      ->assertText($node->body[LANGUAGE_NONE][0]['value'], t('User can edit field of content not related to Organic groups.'));
  }

}

Classes

Namesort descending Description
OgFieldAccessTestCase Test OG access.