function OgSubgroupsAccessFromDescendanceTestCase::testOgSubgroupsNodeAccessRecordsAlter in Subgroups for Organic groups 7
Test the view access of child node. Use cases: 1. grand parent group user tries to view private child groups node (with default access), that he is not part of. 2. Anonymous user tries to view private child groups node (with public access).
File
- ./
og_subgroups.test, line 126
Class
- OgSubgroupsAccessFromDescendanceTestCase
- Test the Organic groups subgroups API.
Code
function testOgSubgroupsNodeAccessRecordsAlter() {
// Create user.
$user1 = $this
->drupalCreateUser();
$user2 = $this
->drupalCreateUser();
$user3 = $this
->drupalCreateUser();
$user4 = $this
->drupalCreateUser();
$web_user = $this
->drupalCreateUser(array(
'create article content',
'create page content',
));
$this
->drupalLogin($web_user);
$groups = array();
// Create an entity that is a group.
$entity = entity_create('entity_test', array(
'name' => 'main',
'uid' => $user1->uid,
));
$entity->{OG_GROUP_FIELD}[LANGUAGE_NONE][0]['value'] = 1;
$entity
->save();
$groups[0]['group'] = og_get_group('entity_test', $entity->pid);
$groups[0]['entity'] = $entity;
// Create an entity that is a child group of the group above (0).
$entity = entity_create('entity_test', array(
'name' => 'first_child',
'uid' => $user2->uid,
));
$entity->{OG_GROUP_FIELD}[LANGUAGE_NONE][0]['value'] = 1;
$entity->{OG_AUDIENCE_FIELD}[LANGUAGE_NONE][0]['gid'] = $groups[0]['group']->gid;
$entity
->save();
$groups[1]['group'] = og_get_group('entity_test', $entity->pid);
$groups[1]['entity'] = $entity;
// Create a private entity group that is a child group of the group above. (1).
$entity = entity_create('entity_test', array(
'name' => 'second_child',
'uid' => $user3->uid,
));
$entity->{OG_GROUP_FIELD}[LANGUAGE_NONE][0]['value'] = 1;
$entity->{OG_AUDIENCE_FIELD}[LANGUAGE_NONE][0]['gid'] = $groups[1]['group']->gid;
$entity->{OG_ACCESS_FIELD}[LANGUAGE_NONE][0]['gid'] = 1;
$entity
->save();
$groups[2]['group'] = og_get_group('entity_test', $entity->pid);
$groups[2]['entity'] = $entity;
// Create an entity that is a group content of group ID 2.
$node = $this
->drupalCreateNode(array(
'type' => 'article',
'promote' => 1,
));
$node->{OG_AUDIENCE_FIELD}[LANGUAGE_NONE][0]['gid'] = $groups[2]['group']->gid;
node_save($node);
$groups[3]['node'] = $node;
$this
->drupalLogout();
// Assert the anonymous can't view the node.
$this
->drupalGet('node/' . $groups[3]['node']->nid);
$this
->assertResponse('403', t('Annonymous cannot view private node.'));
$this
->drupalLogin($user4);
$this
->drupalGet('node/' . $groups[3]['node']->nid);
$this
->assertResponse('403', t('Not group member or parrent cannot view private node.'));
// Assert another user is not a group member.
$this
->drupalLogin($user1);
$this
->drupalGet('node/' . $groups[3]['node']->nid);
$this
->assertResponse('200', t('Parent group user can view the node'));
}