You are here

Home » API reference » Protected Node 1.0.x » protected_node.field_collection.test » ProtectedNodeFieldCollection

public function ProtectedNodeFieldCollection::testAuthenticatedMultipleNodesAllowedView in Protected Node 1.0.x

Same name and namespace in other branches
  1. 7 tests/protected_node.field_collection.test \ProtectedNodeFieldCollection::testAuthenticatedMultipleNodesAllowedView()

Test function.

Test that a file used on two protected nodes with per node protection can be downloaded if the user has access to one node.

See function testPrivateFile() from file.test.

File

tests/protected_node.field_collection.test, line 168
Test protected node behavior with field collection private files.

Class

ProtectedNodeFieldCollection
Configure protected_node to use per node password and use private file field.

Code

public function testAuthenticatedMultipleNodesAllowedView() {

  // Log in as Admin.
  $this
    ->drupalLogin($this->adminUser);

  // Generate two random passwords.
  $password1 = $this
    ->randomName(10);
  $password2 = $this
    ->randomName(15);

  // Create two new page nodes.
  $creation_info1 = $this
    ->createProtectedNodeWithFieldCollection($password1);
  $creation_info2 = $this
    ->createProtectedNodeWithFieldCollection($password2);

  // Once the node created logout the user.
  $this
    ->drupalLogout();

  // Ensure the file cannot be downloaded.
  $this
    ->drupalLogin($this->normalNonAccessAllowedUser);
  $this
    ->drupalGet(file_create_url($creation_info1['field_collection_item']->{$this->private_file_field_name}[LANGUAGE_NONE][0]['uri']));
  $this
    ->assertResponse(403, 'Confirmed that access is denied for the file without access to the node.');

  // An authenticated user sees the first node.
  $this
    ->drupalLogin($this->normalAccessAllowedUser);
  $form = array(
    'password' => $password1,
  );
  $this
    ->drupalPost('node/' . $creation_info1['node']->nid, $form, t('OK'));
  $text = $creation_info1['node']->body[LANGUAGE_NONE][0]['value'];
  $this
    ->assertText($text, "User with right permission can access a protected node with the right password", $this->group);

  // An authenticated user can't see the second node.
  $this
    ->drupalGet('node/' . $creation_info2['node']->nid);
  $text = 'Protected page -- Enter password';
  $this
    ->assertText($text, "User with right permission can't access a protected node without entering the password", $this->group);

  // Ensure the file can be downloaded even if the user can't access the
  // second node.
  $this
    ->drupalGet(file_create_url($creation_info2['field_collection_item']->{$this->private_file_field_name}[LANGUAGE_NONE][0]['uri']));
  $this
    ->assertResponse(200, 'Confirmed that the generated URL is correct by downloading the shipped file on the second node.');
}