You are here

Home » API reference » Album Photos 8.5 » PhotosAccessTest.php » PhotosAccessTest

public function PhotosAccessTest::testAlbumPrivacySettings in Album Photos 8.5

Same name and namespace in other branches
  1. 6.0.x photos_access/tests/src/Functional/PhotosAccessTest.php \Drupal\Tests\photos\Functional\PhotosAccessTest::testAlbumPrivacySettings()

Test album privacy settings.

File

photos_access/tests/src/Functional/PhotosAccessTest.php, line 166

Class

PhotosAccessTest
Test photos_access album privacy settings.

Namespace

Drupal\Tests\photos\Functional

Code

public function testAlbumPrivacySettings() {

  // Get album images.
  $photosImage = $this->container
    ->get('entity_type.manager')
    ->getStorage('photos_image')
    ->load(1);

  /* @var \Drupal\file\FileInterface $file */
  $file = $this->container
    ->get('entity_type.manager')
    ->getStorage('file')
    ->load($photosImage->field_image->target_id);

  // Check that owner does have access.
  $this
    ->checkAlbumAccess($photosImage, 200, 200, $file
    ->createFileUrl());

  // Switch to regular user.
  $this
    ->drupalLogin($this->accountViewPhotosOnly);
  $this
    ->checkAlbumAccess($photosImage, 403, 403, $file
    ->createFileUrl());

  // Set album privacy settings to open.
  $edit = [
    'privacy[viewid]' => 0,
  ];
  $this
    ->updateAlbumPrivacySettings($edit);

  // File moved to public file system.
  $file = $this->container
    ->get('entity_type.manager')
    ->getStorage('file')
    ->load($photosImage->field_image->target_id);

  // Switch to regular user.
  $this
    ->drupalLogin($this->accountViewPhotosOnly);

  // Allowed to view. Not allowed to edit.
  $this
    ->checkAlbumAccess($photosImage, 200, 403, $file
    ->createFileUrl());

  // Test password required.
  $edit = [
    'privacy[viewid]' => 3,
    'privacy[pass]' => 'test',
  ];
  $this
    ->updateAlbumPrivacySettings($edit);

  // File moved to private file system.
  $file = $this->container
    ->get('entity_type.manager')
    ->getStorage('file')
    ->load($photosImage->field_image->target_id);

  // Switch to regular user.
  $this
    ->drupalLogin($this->accountViewPhotosOnly);

  // Node page should redirect to password required page.
  $this
    ->drupalGet('node/' . $photosImage
    ->getAlbumId());
  $this
    ->assertResponse(200);
  $this
    ->assertText('Please enter password');

  // Image page should redirect to password required page.
  $this
    ->drupalGet('photos/' . $photosImage
    ->getAlbumId() . '/' . $photosImage
    ->id());
  $this
    ->assertResponse(200);
  $this
    ->assertText('Please enter password');

  // Raw image path should redirect to password required page.
  $this
    ->drupalGet($file
    ->createFileUrl());
  $this
    ->assertResponse(200);
  $this
    ->assertText('Please enter password');

  // Album views page should redirect to password required page.
  $this
    ->drupalGet('photos/views-test/' . $photosImage
    ->getAlbumId());
  $this
    ->assertResponse(200);
  $this
    ->assertText('Please enter password');

  // Test wrong password.
  $edit = [
    'pass' => 'wrong password',
  ];
  $this
    ->submitForm($edit, 'Submit');
  $this
    ->assertText('Password required');

  // Test correct password.
  $edit = [
    'pass' => 'test',
  ];
  $this
    ->submitForm($edit, 'Submit');

  // Check if album page is visible.
  $this
    ->assertResponse(200);
  $this
    ->assertText($this->album
    ->getTitle());

  // Node edit page should be access denied.
  $this
    ->drupalGet('node/' . $photosImage
    ->getAlbumId() . '/edit');
  $this
    ->assertResponse(403);

  // Test role access.
  $edit = [
    'privacy[viewid]' => 4,
    'privacy[roles][role_access_test]' => TRUE,
  ];
  $this
    ->updateAlbumPrivacySettings($edit);
  $file = $this->container
    ->get('entity_type.manager')
    ->getStorage('file')
    ->load($photosImage->field_image->target_id);

  // Switch to regular user.
  $this
    ->drupalLogin($this->accountViewPhotosOnly);

  // Not allowed to view or edit.
  $this
    ->checkAlbumAccess($photosImage, 403, 403, $file
    ->createFileUrl());

  // Switch to user with test_role_access role.
  $this
    ->drupalLogin($this->accountEditOwnPhotosRole);

  // Allowed to view and edit.
  $this
    ->checkAlbumAccess($photosImage, 200, 200, $file
    ->createFileUrl());

  // Test locked with collaborator.
  $edit = [
    'privacy[viewid]' => 1,
    'privacy[updateuser]' => $this->accountViewPhotosOnly
      ->getAccountName() . ' (' . $this->accountViewPhotosOnly
      ->id() . ')',
  ];
  $this
    ->updateAlbumPrivacySettings($edit);
  $file = $this->container
    ->get('entity_type.manager')
    ->getStorage('file')
    ->load($photosImage->field_image->target_id);

  // Switch to collaborator.
  $this
    ->drupalLogin($this->accountViewPhotosOnly);

  // Allowed to view or edit.
  $this
    ->checkAlbumAccess($photosImage, 200, 200, $file
    ->createFileUrl());

  // Remove collaborator.
  $edit = [
    'privacy[updateremove][' . $this->accountViewPhotosOnly
      ->id() . ']' => TRUE,
  ];
  $this
    ->updateAlbumPrivacySettings($edit);

  // Switch to collaborator that was removed.
  $this
    ->drupalLogin($this->accountViewPhotosOnly);

  // Not allowed to view or edit.
  $this
    ->checkAlbumAccess($photosImage, 403, 403, $file
    ->createFileUrl());
}