You are here

class PartyAccessTestCase in Party 8.2

Same name and namespace in other branches
  1. 7 tests/party_access.test \PartyAccessTestCase

Test Core Party functionality

Hierarchy

Expanded class hierarchy of PartyAccessTestCase

File

tests/party_access.test, line 11
Access Tests for the Party module.

View source
class PartyAccessTestCase extends PartyBaseTestCase {
  protected $privileged_user;
  public static function getInfo() {
    return array(
      'name' => 'Party Access',
      'description' => 'Party access test.',
      'group' => 'Party',
      'dependencies' => array(
        'email_confirm',
      ),
    );
  }

  /**
   * Set up the testing environment.
   *
   * Install party and party_profile, create a profile2 data set to test with,
   * and create an empty party.
   */
  public function setUp() {
    parent::setUp('party', 'party_profile', 'party_user');

    // Enable any modules required for the test
    // Set up a data set to test permission on.
    $this->data_set_name = 'profile2_' . $this
      ->createTestProfile2();

    // Create a party to have some fun with.
    $this->party = party_create();
    $this->party
      ->save();
  }

  /**
   * Test CRUD Access on Party Entities.
   *
   * @todo: I guess we should check that the pages for each of this options are
   *  inaccessible as well.
   */
  public function testPartyCRUDAccess() {

    // Create a user with no permissions.
    $user_no_access = $this
      ->drupalCreateUser();

    // Make a user with permission to view parties
    $user = $this
      ->drupalCreateUser(array(
      'view parties',
    ));

    // Assert that the user has access to view the party.
    $this
      ->assertTrue(party_access('view', $this->party, NULL, $user), t('A user with permission view parties can view them.'));

    // Assert that a user with no permissions cannot view the party.
    $this
      ->assertFalse(party_access('view', $this->party, NULL, $user_no_access), t('A user without permission to view parties cannot view them.'));

    // Make a user with permission to edit parties
    $user = $this
      ->drupalCreateUser(array(
      'edit parties',
    ));

    // Assert that the user has access to edit the party.
    $this
      ->assertTrue(party_access('edit', $this->party, NULL, $user), t('A user with permission edit parties can edit them.'));

    // Assert that a user with no permissions cannot edit the party.
    $this
      ->assertFalse(party_access('edit', $this->party, NULL, $user_no_access), t('A user without permission to edit parties cannot edit them.'));

    // Make a user with permission to delete parties
    $user = $this
      ->drupalCreateUser(array(
      'delete parties',
    ));

    // Assert that the user has access to delete the party.
    $this
      ->assertTrue(party_access('delete', $this->party, NULL, $user), t('A user with permission delete parties can delete them.'));

    // Assert that a user with no permissions cannot delete the party.
    $this
      ->assertFalse(party_access('delete', $this->party, NULL, $user_no_access), t('A user without permission to delete parties cannot delete them.'));
  }

  /**
   * Test Data Set CRUD Access.
   */
  public function testPartyDataSetCRUDAccess() {

    // Create a user with no permissions.
    $user_no_access = $this
      ->drupalCreateUser();

    // Create a user with permission to view a given data set
    $user = $this
      ->drupalCreateUser(array(
      'view party attached ' . $this->data_set_name,
    ));

    // Assert that the user has access to view the data set.
    $this
      ->assertTrue(party_access('view', $this->party, $this->data_set_name, $user), t('A user with permission to view a given data set can view it.'));

    // Assert that a user with no permission cannot view the data set.
    $this
      ->assertFalse(party_access('view', $this->party, $this->data_set_name, $user_no_access), t('A user without permission to view a given data set cannot view it.'));

    // Create a user with permission to edit a given data set
    $user = $this
      ->drupalCreateUser(array(
      'edit party attached ' . $this->data_set_name,
    ));

    // Assert that the user has access to edit the data set.
    $this
      ->assertTrue(party_access('edit', $this->party, $this->data_set_name, $user), t('A user with permission to edit a given data set can edit it.'));

    // Assert that a user with no permission cannot edit the data set.
    $this
      ->assertFalse(party_access('edit', $this->party, $this->data_set_name, $user_no_access), t('A user without permission to edit a given data set cannot edit it.'));

    // Create a user with permission to detach a given data set
    $user = $this
      ->drupalCreateUser(array(
      'detach party attached ' . $this->data_set_name,
    ));

    // Assert that the user has access to detach the data set.
    $this
      ->assertTrue(party_access('detach', $this->party, $this->data_set_name, $user), t('A user with permission to detach a given data set can detach it.'));

    // Assert that a user with no permission cannot detach the data set.
    $this
      ->assertFalse(party_access('detach', $this->party, $this->data_set_name, $user_no_access), t('A user without permission to detach a given data set cannot detach it.'));

    /**
    * @todo: Add a permission to 'add' a data set.
    *
        // Create a user with permission to add a given data set
        $user = $this->drupalCreateUser( array(
     'add party ' . $this->data_set_name,
        ));
        // Assert that the user has access to add the data set.
        $this->assertTrue(party_access('add', $this->party, $this->data_set_name, $user), t('A user with permission to add a given data set can add it.'));
        // Assert that a user with no permission cannot add the data set.
        $this->assertFalse(party_access('add', $this->party, $this->data_set_name, $user_no_access), t('A user without permission to add a given data set cannot add it.'));
    */

    // Create a user with permission to attach a given data set
    $user = $this
      ->drupalCreateUser(array(
      'attach party user',
    ));

    // Assert that the user has access to attach the data set.
    $this
      ->assertTrue(party_access('attach', $this->party, 'user', $user), t('A user with permission to attach a given data set can attach it.'));

    // Assert that a user with no permission cannot attach the data set.
    $this
      ->assertFalse(party_access('attach', $this->party, 'user', $user_no_access), t('A user without permission to attach a given data set cannot attach it.'));
  }

  /**
   * Test special data set crud behaviour.
   *
   * For some data set actions we need special access checks. For example, when
   * adding or attaching an entity party_party_access makes sure the maximum
   * number of attached entities is not going to be exceeded.
   */
  function testPartyDataSetSpecialCRUDAccess() {

    // Create a user with permission to attach a given data set
    $user = $this
      ->drupalCreateUser(array(
      'attach party ' . $this->data_set_name,
    ));

    // @todo: Create a party, attach an entity to a data set that is singleton
    //        and attempt to add another. Leaving this for now as I think we
    //        don't provide any data sets that are singleton by default.
  }

}

Members

Namesort descending Modifiers Type Description Overrides
PartyAccessTestCase::$privileged_user protected property
PartyAccessTestCase::getInfo public static function
PartyAccessTestCase::setUp public function Set up the testing environment.
PartyAccessTestCase::testPartyCRUDAccess public function Test CRUD Access on Party Entities.
PartyAccessTestCase::testPartyDataSetCRUDAccess public function Test Data Set CRUD Access.
PartyAccessTestCase::testPartyDataSetSpecialCRUDAccess function Test special data set crud behaviour.
PartyBaseTestCase::createTestProfile2 public function Create a test profile2 type and return the profile2 type machine name.