You are here

Home » API reference » Organic groups 8 » GroupLevelAccessTest.php » GroupLevelAccessTest

protected function GroupLevelAccessTest::setupUserAccessArbitraryPermissions in Organic groups 8

Sets up a matrix of users and roles with arbitrary permissions.

Return value

array[] A tuple containing the created test roles and users.

1 call to GroupLevelAccessTest::setupUserAccessArbitraryPermissions()
GroupLevelAccessTest::testUserAccessArbitraryPermissions in tests/src/Kernel/Access/GroupLevelAccessTest.php
Test access to an arbitrary permission.

File

tests/src/Kernel/Access/GroupLevelAccessTest.php, line 213

Class

GroupLevelAccessTest
Tests user access to group level entity operations and permissions.

Namespace

Drupal\Tests\og\Kernel\Access

Code

protected function setupUserAccessArbitraryPermissions() {
  $roles = [];
  $users = [];

  // Create another group to test per group/per account permission caching.
  // This is a group of the same entity type and bundle.
  $alternate_group = EntityTest::create([
    'type' => $this->groupBundle,
    'name' => $this
      ->randomString(),
    'user_id' => $this->ownerUser
      ->id(),
  ]);
  $alternate_group
    ->save();

  // Create a role with an arbitrary permission to test with.
  $roles['arbitrary_permission'] = $this
    ->createOgRole([
    'some_perm',
  ]);

  // Create a role with an arbitrary permission which will only be granted to
  // a member of the second group.
  $alternate_role = OgRole::create();
  $alternate_role
    ->setName($this
    ->randomMachineName())
    ->setLabel($this
    ->randomString())
    ->setGroupType($alternate_group
    ->getEntityTypeId())
    ->setGroupBundle($alternate_group
    ->bundle())
    ->grantPermission('some_perm_2')
    ->save();
  $roles['alternate'] = $alternate_role;

  // Create a user which is a member of both test groups and has an arbitrary
  // permission in both. This allows us to test that permissions do not leak
  // between different groups.
  $user = $this
    ->createUserWithOgRole($roles['arbitrary_permission']);
  $membership = Og::createMembership($alternate_group, $user);
  $membership
    ->addRole($alternate_role)
    ->save();
  $users['has_permission_in_both_groups'] = $user;

  // Create a user which is a member and has a role without any permissions.
  $role_without_permissions = $this
    ->createOgRole();
  $user = $this
    ->createUserWithOgRole($role_without_permissions);
  $users['has_no_permission'] = $user;
  return [
    $roles,
    $users,
  ];
}