View source
<?php
namespace Drupal\Tests\og_menu\Kernel;
use Drupal\KernelTests\KernelTestBase;
use Drupal\entity_test\Entity\EntityTest;
use Drupal\og\Entity\OgMembership;
use Drupal\og\Og;
use Drupal\og\OgGroupAudienceHelperInterface;
use Drupal\og\OgMembershipInterface;
use Drupal\og_menu\Entity\OgMenu;
use Drupal\og_menu\Entity\OgMenuInstance;
use Drupal\user\Entity\Role;
use Drupal\user\Entity\User;
use Drupal\user\RoleInterface;
class OgMenuAccessTest extends KernelTestBase {
public static $modules = [
'entity_test',
'field',
'og',
'og_menu',
'system',
'user',
];
protected $users;
protected $group;
protected $groupBundle;
protected $ogMenu;
protected $ogMenuInstance;
protected function setUp() {
parent::setUp();
$this
->installConfig([
'og',
]);
$this
->installEntitySchema('entity_test');
$this
->installEntitySchema('og_membership');
$this
->installEntitySchema('ogmenu');
$this
->installEntitySchema('ogmenu_instance');
$this
->installEntitySchema('user');
$this
->installSchema('system', 'sequences');
$this->users['uid1'] = User::create([
'name' => $this
->randomString(),
]);
$this->users['uid1']
->save();
$admin_role = Role::create([
'id' => $this
->randomMachineName(),
'label' => $this
->randomString(),
]);
$admin_role
->grantPermission('administer organic groups')
->save();
$this->users['ogadmin'] = User::create([
'name' => $this
->randomString(),
'roles' => [
$admin_role
->id(),
],
]);
$this->users['ogadmin']
->save();
$og_menu_admin_role = Role::create([
'id' => $this
->randomMachineName(),
'label' => $this
->randomString(),
]);
$og_menu_admin_role
->grantPermission('administer group')
->grantPermission('administer og menu')
->save();
$this->users['ogmenuadmin'] = User::create([
'name' => $this
->randomString(),
'roles' => [
$og_menu_admin_role
->id(),
],
]);
$this->users['ogmenuadmin']
->save();
$this->users['groupadmin'] = User::create([
'name' => $this
->randomString(),
]);
$this->users['groupadmin']
->save();
$this->users['groupmember'] = User::create([
'name' => $this
->randomString(),
]);
$this->users['groupmember']
->save();
$this->users['authenticated'] = User::create([
'name' => $this
->randomString(),
]);
$this->users['authenticated']
->save();
$this->groupBundle = mb_strtolower($this
->randomMachineName());
Og::groupTypeManager()
->addGroup('entity_test', $this->groupBundle);
$this->group = EntityTest::create([
'type' => $this->groupBundle,
'name' => $this
->randomString(),
'user_id' => $this->users['groupadmin']
->id(),
]);
$this->group
->save();
$membership = OgMembership::create([
'type' => OgMembershipInterface::TYPE_DEFAULT,
]);
$membership
->setOwner($this->users['groupmember'])
->setGroup($this->group)
->save();
$this->ogMenu = OgMenu::create([
'label' => $this
->randomString(),
'id' => $this
->randomMachineName(),
]);
$this->ogMenu
->save();
$this->ogMenuInstance = OgMenuInstance::create([
'id' => $this
->randomMachineName(),
'type' => $this->ogMenu
->id(),
OgGroupAudienceHelperInterface::DEFAULT_FIELD => $this->group
->id(),
]);
$this->ogMenuInstance
->save();
}
public function testOgMenuEntityAccess() {
$expected_operations = [
'uid1' => [
'create' => TRUE,
'update' => TRUE,
'view' => TRUE,
'delete' => TRUE,
],
'ogadmin' => [
'create' => FALSE,
'update' => FALSE,
'view' => FALSE,
'delete' => FALSE,
],
'ogmenuadmin' => [
'create' => TRUE,
'update' => TRUE,
'view' => TRUE,
'delete' => TRUE,
],
'groupadmin' => [
'create' => FALSE,
'update' => FALSE,
'view' => FALSE,
'delete' => FALSE,
],
'groupmember' => [
'create' => FALSE,
'update' => FALSE,
'view' => FALSE,
'delete' => FALSE,
],
'authenticated' => [
'create' => FALSE,
'update' => FALSE,
'view' => FALSE,
'delete' => FALSE,
],
];
foreach ($expected_operations as $user_key => $operations) {
\Drupal::currentUser()
->setAccount($this->users[$user_key]);
foreach ($operations as $operation => $expected) {
$message = "User {$user_key} " . ($expected ? 'has' : 'does not have') . " access to the {$operation} operation.";
$this
->assertEquals($expected, $this->ogMenu
->access($operation), $message);
}
}
$this
->assertFalse($this->ogMenu
->access('update'));
}
public function testDeleteUnsavedAccess() {
$ogmenu = OgMenu::create([
'label' => $this
->randomString(),
'id' => $this
->randomMachineName(),
]);
$ogmenu_instance = OgMenuInstance::create([
'id' => $this
->randomMachineName(),
'type' => $ogmenu
->id(),
]);
$user_keys = [
'ogadmin',
'ogmenuadmin',
'groupadmin',
'groupmember',
'authenticated',
];
foreach ($user_keys as $user_key) {
\Drupal::currentUser()
->setAccount($this->users[$user_key]);
foreach ([
'ogmenu',
'ogmenu_instance',
] as $entity_type) {
$message = "User {$user_key} should not be able to delete an unsaved {$entity_type} entity.";
$this
->assertFalse(${$entity_type}
->access('delete'), $message);
}
}
}
public function testUnsupportedOperation() {
$user_keys = [
'uid1' => TRUE,
'ogadmin' => TRUE,
'ogmenuadmin' => FALSE,
'groupadmin' => FALSE,
'groupmember' => FALSE,
'authenticated' => FALSE,
];
foreach ($user_keys as $user_key => $expected_access) {
$message = "User {$user_key} should " . ($expected_access ? '' : 'not') . " be granted access to an unsupported operation by default.";
$this
->assertEquals($expected_access, $this->ogMenuInstance
->access('some-non-existing-operation', $this->users[$user_key]), $message);
}
}
}