You are here

Home » API reference » Subgroups for Organic groups 7 » og_subgroups.test » OgSubgroupsAccessFromDescendanceTestCase

function OgSubgroupsAccessFromDescendanceTestCase::testOgSubgroupsNodeAccessRecordsAlter in Subgroups for Organic groups 7

Test the view access of child node. Use cases: 1. grand parent group user tries to view private child groups node (with default access), that he is not part of. 2. Anonymous user tries to view private child groups node (with public access).

File

./og_subgroups.test, line 126

Class

OgSubgroupsAccessFromDescendanceTestCase
Test the Organic groups subgroups API.

Code

function testOgSubgroupsNodeAccessRecordsAlter() {

  // Create user.
  $user1 = $this
    ->drupalCreateUser();
  $user2 = $this
    ->drupalCreateUser();
  $user3 = $this
    ->drupalCreateUser();
  $user4 = $this
    ->drupalCreateUser();
  $web_user = $this
    ->drupalCreateUser(array(
    'create article content',
    'create page content',
  ));
  $this
    ->drupalLogin($web_user);
  $groups = array();

  // Create an entity that is a group.
  $entity = entity_create('entity_test', array(
    'name' => 'main',
    'uid' => $user1->uid,
  ));
  $entity->{OG_GROUP_FIELD}[LANGUAGE_NONE][0]['value'] = 1;
  $entity
    ->save();
  $groups[0]['group'] = og_get_group('entity_test', $entity->pid);
  $groups[0]['entity'] = $entity;

  // Create an entity that is a child group of the group above (0).
  $entity = entity_create('entity_test', array(
    'name' => 'first_child',
    'uid' => $user2->uid,
  ));
  $entity->{OG_GROUP_FIELD}[LANGUAGE_NONE][0]['value'] = 1;
  $entity->{OG_AUDIENCE_FIELD}[LANGUAGE_NONE][0]['gid'] = $groups[0]['group']->gid;
  $entity
    ->save();
  $groups[1]['group'] = og_get_group('entity_test', $entity->pid);
  $groups[1]['entity'] = $entity;

  // Create a private entity group that is a child group of the group above. (1).
  $entity = entity_create('entity_test', array(
    'name' => 'second_child',
    'uid' => $user3->uid,
  ));
  $entity->{OG_GROUP_FIELD}[LANGUAGE_NONE][0]['value'] = 1;
  $entity->{OG_AUDIENCE_FIELD}[LANGUAGE_NONE][0]['gid'] = $groups[1]['group']->gid;
  $entity->{OG_ACCESS_FIELD}[LANGUAGE_NONE][0]['gid'] = 1;
  $entity
    ->save();
  $groups[2]['group'] = og_get_group('entity_test', $entity->pid);
  $groups[2]['entity'] = $entity;

  // Create an entity that is a group content of group ID 2.
  $node = $this
    ->drupalCreateNode(array(
    'type' => 'article',
    'promote' => 1,
  ));
  $node->{OG_AUDIENCE_FIELD}[LANGUAGE_NONE][0]['gid'] = $groups[2]['group']->gid;
  node_save($node);
  $groups[3]['node'] = $node;
  $this
    ->drupalLogout();

  // Assert the anonymous can't view the node.
  $this
    ->drupalGet('node/' . $groups[3]['node']->nid);
  $this
    ->assertResponse('403', t('Annonymous cannot view private node.'));
  $this
    ->drupalLogin($user4);
  $this
    ->drupalGet('node/' . $groups[3]['node']->nid);
  $this
    ->assertResponse('403', t('Not group member or parrent cannot view private node.'));

  // Assert another user is not a group member.
  $this
    ->drupalLogin($user1);
  $this
    ->drupalGet('node/' . $groups[3]['node']->nid);
  $this
    ->assertResponse('200', t('Parent group user can view the node'));
}