You are here

public function ProtectedNodeFieldCollection::testAuthenticatedNonAllowedView in Protected Node 7

Same name and namespace in other branches
  1. 1.0.x tests/protected_node.field_collection.test \ProtectedNodeFieldCollection::testAuthenticatedNonAllowedView()

Test function.

Test that a file on a node protected with per node protection can't be downloaded by an authenticated but not allowed user.

File

tests/protected_node.field_collection.test, line 144
Test protected node behavior with field collection private files.

Class

ProtectedNodeFieldCollection
Configure protected_node to use per node password and use private file field.

Code

public function testAuthenticatedNonAllowedView() {

  // Log in as Admin.
  $this
    ->drupalLogin($this->adminUser);

  // Generate random password.
  $password = $this
    ->randomName(10);

  // Create a new page node.
  $creation_info = $this
    ->createProtectedNodeWithFieldCollection($password);

  // Once the node created logout the user.
  $this
    ->drupalLogout();

  // Ensure the file cannot be downloaded.
  $this
    ->drupalLogin($this->normalNonAccessAllowedUser);
  $this
    ->drupalGet(file_create_url($creation_info['field_collection_item']->{$this->private_file_field_name}[LANGUAGE_NONE][0]['uri']));
  $this
    ->assertResponse(403, 'Confirmed that access is denied for the file without access to the node.');
}