public function PhotosAccessTest::testAlbumPrivacySettings in Album Photos 6.0.x
Same name and namespace in other branches
- 8.5 photos_access/tests/src/Functional/PhotosAccessTest.php \Drupal\Tests\photos\Functional\PhotosAccessTest::testAlbumPrivacySettings()
Test album privacy settings.
File
- photos_access/
tests/ src/ Functional/ PhotosAccessTest.php, line 160
Class
- PhotosAccessTest
- Test photos_access album privacy settings.
Namespace
Drupal\Tests\photos\FunctionalCode
public function testAlbumPrivacySettings() {
// Get album images.
$photosImage = $this->container
->get('entity_type.manager')
->getStorage('photos_image')
->load(1);
/** @var \Drupal\file\FileInterface $file */
$file = $this->container
->get('entity_type.manager')
->getStorage('file')
->load($photosImage->field_image->target_id);
// Check that owner does have access.
$this
->checkAlbumAccess($photosImage, 200, 200, $file
->createFileUrl());
// Switch to regular user.
$this
->drupalLogin($this->accountViewPhotosOnly);
$this
->checkAlbumAccess($photosImage, 403, 403, $file
->createFileUrl());
// Set album privacy settings to open.
$edit = [
'photos_privacy[viewid]' => 0,
];
$this
->updateAlbumPrivacySettings($edit);
// File moved to public file system.
$file = $this->container
->get('entity_type.manager')
->getStorage('file')
->load($photosImage->field_image->target_id);
// Switch to regular user.
$this
->drupalLogin($this->accountViewPhotosOnly);
// Allowed to view. Not allowed to edit.
$this
->checkAlbumAccess($photosImage, 200, 403, $file
->createFileUrl());
// Test password required.
$edit = [
'photos_privacy[viewid]' => 3,
'photos_privacy[pass]' => 'test',
];
$this
->updateAlbumPrivacySettings($edit);
// File moved to private file system.
$file = $this->container
->get('entity_type.manager')
->getStorage('file')
->load($photosImage->field_image->target_id);
// Switch to regular user.
$this
->drupalLogin($this->accountViewPhotosOnly);
// Node page should redirect to password required page.
$this
->drupalGet('node/' . $photosImage
->getAlbumId());
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertSession()
->responseContains('Please enter password');
// Image page should redirect to password required page.
$this
->drupalGet('photos/' . $photosImage
->getAlbumId() . '/' . $photosImage
->id());
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertSession()
->responseContains('Please enter password');
// Raw image path should redirect to password required page.
$this
->drupalGet($file
->createFileUrl());
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertSession()
->responseContains('Please enter password');
// Album views page should redirect to password required page.
$this
->drupalGet('photos/views-test/' . $photosImage
->getAlbumId());
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertSession()
->responseContains('Please enter password');
// Test wrong password.
$edit = [
'pass' => 'wrong password',
];
$this
->submitForm($edit, 'Submit');
$this
->assertSession()
->responseContains('Password required');
// Test correct password.
$edit = [
'pass' => 'test',
];
$this
->submitForm($edit, 'Submit');
// Check if album page is visible.
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertSession()
->responseContains($this->album
->getTitle());
// Node edit page should be access denied.
$this
->drupalGet('node/' . $photosImage
->getAlbumId() . '/edit');
$this
->assertSession()
->statusCodeEquals(403);
// Test role access.
$edit = [
'photos_privacy[viewid]' => 4,
'photos_privacy[roles][role_access_test]' => TRUE,
];
$this
->updateAlbumPrivacySettings($edit);
$file = $this->container
->get('entity_type.manager')
->getStorage('file')
->load($photosImage->field_image->target_id);
// Switch to regular user.
$this
->drupalLogin($this->accountViewPhotosOnly);
// Not allowed to view or edit.
$this
->checkAlbumAccess($photosImage, 403, 403, $file
->createFileUrl());
// Switch to user with test_role_access role.
$this
->drupalLogin($this->accountEditOwnPhotosRole);
// Allowed to view and edit.
$this
->checkAlbumAccess($photosImage, 200, 200, $file
->createFileUrl());
// Test locked with collaborator.
$edit = [
'photos_privacy[viewid]' => 1,
'photos_privacy[updateuser]' => $this->accountViewPhotosOnly
->getAccountName() . ' (' . $this->accountViewPhotosOnly
->id() . ')',
];
$this
->updateAlbumPrivacySettings($edit);
$file = $this->container
->get('entity_type.manager')
->getStorage('file')
->load($photosImage->field_image->target_id);
// Switch to collaborator.
$this
->drupalLogin($this->accountViewPhotosOnly);
// Allowed to view or edit.
$this
->checkAlbumAccess($photosImage, 200, 200, $file
->createFileUrl());
// Remove collaborator.
$edit = [
'photos_privacy[updateremove][' . $this->accountViewPhotosOnly
->id() . ']' => TRUE,
];
$this
->updateAlbumPrivacySettings($edit);
// Switch to collaborator that was removed.
$this
->drupalLogin($this->accountViewPhotosOnly);
// Not allowed to view or edit.
$this
->checkAlbumAccess($photosImage, 403, 403, $file
->createFileUrl());
// Test password in database, then change to private with collaborator.
$edit = [
'photos_privacy[updateuser]' => $this->accountEditOwnPhotosRole
->getAccountName() . ' (' . $this->accountEditOwnPhotosRole
->id() . ')',
];
$this
->updateAlbumPrivacySettings($edit);
// Switch to non collaborator user.
$this
->drupalLogin($this->accountViewPhotosOnly);
// Not allowed to view or edit.
$this
->checkAlbumAccess($photosImage, 403, 403, $file
->createFileUrl());
}