View source
<?php
namespace Drupal\optimizely\Tests;
use Drupal\simpletest\WebTestBase;
class OptimizelyAccessTest extends WebTestBase {
protected $listingPage = 'admin/config/system/optimizely';
protected $addUpdatePage = 'admin/config/system/optimizely/add_update';
protected $deletePage = 'admin/config/system/optimizely/delete/2';
protected $settingsPage = 'admin/config/system/optimizely/settings';
protected $ajaxCallbackPage = 'ajax/optimizely';
protected $noPermissionsUser;
protected $somePermissionsUser;
protected $privilegedUser;
protected $optimizelyPermission = 'administer optimizely';
public static $modules = array(
'optimizely',
'node',
);
public static function getInfo() {
return array(
'name' => 'Optimizely Access',
'description' => 'Test that no part of the Optimizely module administration' . ' interface can be accessed without the necessary permissions.',
'group' => 'Optimizely',
);
}
public function setUp() {
parent::setUp();
$this
->drupalCreateContentType(array(
'type' => 'page',
'name' => 'Basic page',
));
$this->noPermissionsUser = $this
->drupalCreateUser(array());
$this->somePermissionsUser = $this
->drupalCreateUser(array(
'access content',
'create page content',
'edit own page content',
));
$this->privilegedUser = $this
->drupalCreateUser(array(
'access content',
'create page content',
'edit own page content',
$this->optimizelyPermission,
));
}
public function testOptimizelyPermission() {
$valid = $this
->checkPermissions(array(
'name' => $this->optimizelyPermission,
));
$this
->assertTrue($valid, t("<strong> '@perm' is a valid permission.</strong>", array(
'@perm' => $this->optimizelyPermission,
)), 'Optimizely');
}
public function testUserNoPermission() {
$this
->checkNoAccess($this->noPermissionsUser);
$this
->checkNoAccess($this->somePermissionsUser);
}
private function checkNoAccess($user) {
$access_forbidden = '403';
$this
->drupalLogin($user);
$this
->drupalGet($this->listingPage);
$this
->assertResponse($access_forbidden, "<strong>User without {$this->optimizelyPermission} permission may not" . " access project listing page -> {$this->listingPage} </strong>", 'Optimizely');
$this
->drupalGet($this->addUpdatePage);
$this
->assertResponse($access_forbidden, "<strong>User without {$this->optimizelyPermission} permission may not" . " access project add/update page -> {$this->addUpdatePage} </strong>", 'Optimizely');
$this
->drupalGet($this->deletePage);
$this
->assertResponse($access_forbidden, "<strong>User without {$this->optimizelyPermission} permission may not" . " access project delete page -> {$this->deletePage} </strong>", 'Optimizely');
$this
->drupalGet($this->settingsPage);
$this
->assertResponse($access_forbidden, "<strong>User without {$this->optimizelyPermission} permission may not" . " access project settings page -> {$this->settingsPage} </strong>", 'Optimizely');
$this
->drupalGet($this->ajaxCallbackPage);
$this
->assertResponse($access_forbidden, "<strong>User without {$this->optimizelyPermission} permission may not" . " access AJAX callback URL -> {$this->ajaxCallbackPage} </strong>", 'Optimizely');
$this
->drupalLogout();
}
public function testUserWithPermission() {
$access_ok = '200';
$this
->drupalLogin($this->privilegedUser);
$this
->drupalGet($this->listingPage);
$this
->assertResponse($access_ok, "<strong>User with {$this->optimizelyPermission} permission may" . " access project listing page -> {$this->listingPage} </strong>", 'Optimizely');
$this
->drupalGet($this->addUpdatePage);
$this
->assertResponse($access_ok, "<strong>User with {$this->optimizelyPermission} permission may" . " access project add/update page -> {$this->addUpdatePage} </strong>", 'Optimizely');
$this
->drupalGet($this->deletePage);
$this
->assertResponse($access_ok, "<strong>User with {$this->optimizelyPermission} permission may" . " access project delete page -> {$this->deletePage} </strong>", 'Optimizely');
$this
->drupalGet($this->settingsPage);
$this
->assertResponse($access_ok, "<strong>User with {$this->optimizelyPermission} permission may" . " access project settings page -> {$this->settingsPage} </strong>", 'Optimizely');
$this
->drupalLogout();
}
}