You are here

Home » API reference » Role Delegation 8 » RoleAssignTest.php » RoleAssignTest

public function RoleAssignTest::testRoleAccess in Role Delegation 8

Ensure we can only see the roles we have permission to assign.

File

tests/src/Functional/RoleAssignTest.php, line 29

Class

RoleAssignTest
Functional tests for assigning roles.

Namespace

Drupal\Tests\role_delegation\Functional

Code

public function testRoleAccess() {
  $rid1 = $this
    ->drupalCreateRole([]);
  $rid2 = $this
    ->drupalCreateRole([]);
  $rid3 = $this
    ->drupalCreateRole([]);

  // Only 2 of the 3 roles appear on the roles edit page.
  $current_user = $this
    ->drupalCreateUser([
    sprintf('assign %s role', $rid1),
    sprintf('assign %s role', $rid2),
  ]);
  $this
    ->drupalLogin($current_user);
  $account = $this
    ->drupalCreateUser();
  $this
    ->drupalGet(sprintf('/user/%s/roles', $account
    ->id()));
  $this
    ->assertSession()
    ->fieldExists(sprintf('role_change[%s]', $rid1));
  $this
    ->assertSession()
    ->fieldExists(sprintf('role_change[%s]', $rid2));
  $this
    ->assertSession()
    ->fieldNotExists(sprintf('role_change[%s]', $rid3));

  // A user who can access the real roles field should not see the role
  // delegation field.
  $current_user = $this
    ->drupalCreateUser([
    'administer users',
    'administer permissions',
    'assign all roles',
  ]);
  $this
    ->drupalLogin($current_user);
  $this
    ->drupalGet(sprintf('/user/%s/edit', $account
    ->id()));
  $this
    ->assertSession()
    ->fieldExists(sprintf('roles[%s]', $rid1));
  $this
    ->assertSession()
    ->fieldNotExists(sprintf('role_change[%s]', $rid1));

  // A user who can edit a user, but does not have access to the real role
  // field, but can delegate should see the role delegation field.
  $current_user = $this
    ->drupalCreateUser([
    'administer users',
    'assign all roles',
  ]);
  $this
    ->drupalLogin($current_user);
  $this
    ->drupalGet(sprintf('/user/%s/edit', $account
    ->id()));
  $this
    ->assertSession()
    ->fieldNotExists(sprintf('roles[%s]', $rid1), NULL);
  $this
    ->assertSession()
    ->fieldExists(sprintf('role_change[%s]', $rid1));

  // Similar, but single role permissions rather than assigning all roles.
  $current_user = $this
    ->drupalCreateUser([
    'administer users',
    sprintf('assign %s role', $rid1),
  ]);
  $this
    ->drupalLogin($current_user);
  $this
    ->drupalGet(sprintf('/user/%s/edit', $account
    ->id()));
  $this
    ->assertSession()
    ->fieldNotExists(sprintf('roles[%s]', $rid1), NULL);
  $this
    ->assertSession()
    ->fieldExists(sprintf('role_change[%s]', $rid1));
  $this
    ->assertSession()
    ->fieldNotExists(sprintf('role_change[%s]', $rid2), NULL);
}