protected_node_rules.test in Protected Node 7

<?php

/**
 * @file
 * Test protected node rules functionality.
 */

/**
 * Test protected node rules functionality.
 */
class ProtectedNodeRules extends DrupalWebTestCase {

  /**
   * {@inheritdoc}
   */
  public static function getInfo() {
    return array(
      'name' => 'Protected node rules feature',
      'description' => 'This tests rules features.',
      'group' => 'Protected Node',
    );
  }

  /**
   * {@inheritdoc}
   */
  public function setUp() {
    parent::setUp('protected_node_rules');

    // Set the group.
    $this->group = 'Protected Node';

    // User with all needed permissions.
    $this->adminUser = $this
      ->drupalCreateUser(array(
      'access protected node password form',
      'edit any protected node password',
      'edit protected content',
      'administer site configuration',
      'administer nodes',
      'bypass node access',
      'administer content types',
    ));

    // Users with access protected node permission.
    $this->normalAccessAllowedUser = $this
      ->drupalCreateUser(array(
      'access protected node password form',
    ));
    $this->normalAccessAllowedUser2 = $this
      ->drupalCreateUser(array(
      'access protected node password form',
    ));

    // User with view published content permission.
    $this->normalNonAccessAllowedUser = $this
      ->drupalCreateUser(array(
      'access content',
    ));

    // Log in an Admin.
    $this
      ->drupalLogin($this->adminUser);

    // Submit the configuration form.
    $protected_node_settings = array(
      'protected_node_use_global_password' => PROTECTED_NODE_PER_NODE_PASSWORD,
    );
    $this
      ->drupalPost('admin/config/content/protected_node', $protected_node_settings, t('Save configuration'));
  }

  /**
   * Test function.
   *
   * Test that a rule can password protect a node.
   */
  public function testPasswordProtect() {
    $password = $this
      ->randomName(10);

    // Create a rule to password protect new node.
    $rule = rules_reaction_rule();
    $rule->label = t('Password protect page on presave.');
    $rule
      ->event('node_presave')
      ->action('protected_node_rules_action_password_protect', array(
      'node:select' => 'node',
      'passwd' => $password,
      'show_title' => 1,
    ));
    $rule
      ->save();

    // Create an unprotected basic page that will be protected by the rule.
    $node = $this
      ->drupalCreateNode();

    // User that can see published content shouldn't be able to get to the node.
    $this
      ->drupalLogin($this->normalNonAccessAllowedUser);
    $this
      ->drupalGet('node/' . $node->nid);
    $this
      ->assertResponse(403, "User with no access permission is not allowed to access a protected node");

    // User that can access protected node page tries to do so.
    $this
      ->drupalLogin($this->normalAccessAllowedUser);
    $form = array(
      'password' => $password,
    );
    $this
      ->drupalPost('node/' . $node->nid, $form, t('OK'));
    $text = $node->body[LANGUAGE_NONE][0]['value'];
    $this
      ->assertText($text, "User with right permission can access a protected node with right password", $this->group);
  }

  /**
   * Test function.
   *
   * Test that a rule can password protect a node with a random password.
   */
  public function testPasswordProtectNoValueGiven() {

    // Create an unprotected basic page.
    $node = $this
      ->drupalCreateNode();

    // Make sure it is viewable.
    $this
      ->drupalLogin($this->normalNonAccessAllowedUser);
    $this
      ->drupalGet('node/' . $node->nid);
    $text = $node->body[LANGUAGE_NONE][0]['value'];
    $this
      ->assertText($text, "User with no access permission can access an unprotected node");

    // Create a rule to password protect node on save if the node has no
    // password.
    $this
      ->drupalLogin($this->adminUser);
    $rule = rules_reaction_rule();
    $condition = rules_condition('protected_node_rules_condition_content_has_password')
      ->negate();
    $rule->label = t('Password protect page on presave.');
    $rule
      ->event('node_presave')
      ->condition($condition)
      ->action('protected_node_rules_action_password_protect', array(
      'node:select' => 'node',
      'passwd' => '',
      'show_title' => 1,
    ));
    $rule
      ->save();

    // Save the node so it is now protected.
    node_save($node);

    // Check the generated password.
    $password = $node->protected_node_clear_passwd;
    $this
      ->assertTrue(strlen($password) == 10, "Generated password is 10 characters.", $this->group);

    // Now the view content user can't see the node.
    $this
      ->drupalLogin($this->normalNonAccessAllowedUser);
    $this
      ->drupalGet('node/' . $node->nid);
    $this
      ->assertResponse(403, "User with no access permission is not allowed to access a protected node");

    // User that can access protected node page tries to do so.
    $this
      ->drupalLogin($this->normalAccessAllowedUser);
    $form = array(
      'password' => $password,
    );
    $this
      ->drupalPost('node/' . $node->nid, $form, t('OK'));
    $this
      ->assertText($text, "User with right permission can access a protected node with right password", $this->group);

    // Resave the node to ensure that the password has not been erased with
    // another generated password.
    node_save($node);

    // The view content user still can't see the node.
    $this
      ->drupalLogin($this->normalNonAccessAllowedUser);
    $this
      ->drupalGet('node/' . $node->nid);
    $this
      ->assertResponse(403, "User with no access permission is not allowed to access a protected node");

    // User that can access protected node page tries to do so.
    $this
      ->drupalLogin($this->normalAccessAllowedUser2);
    $form = array(
      'password' => $password,
    );
    $this
      ->drupalPost('node/' . $node->nid, $form, t('OK'));
    $this
      ->assertText($text, "User with right permission can access a protected node with right password", $this->group);
  }

}