public function ScaldAtomEntityTestCase::testScaldAtomPermissions in Scald: Media Management made easy 7

Permission tests.

File

tests/scald.test, line 354

Tests for scald.module.

Class

ScaldAtomEntityTestCase

Test the Scald atom entities.

Code

public function testScaldAtomPermissions() {
  $atom = $this
    ->createAtom();
  $atom2 = $this
    ->createAtom();

  // Switch user so that we can test directly with scald_render() with the
  // correct permission.
  global $user;
  $user = user_load($this->web_user->uid);

  // Try to view the atom.
  $this
    ->drupalGet('atom/' . $atom->sid);
  $this
    ->assertTitle($atom->title . ' | Drupal', 'Image atom can be accessed.');
  $this
    ->assertNoLink(t('Edit'), 'User cannot edit own atom.');

  // Enable the edit action bit.
  $this
    ->addAtomAction($atom, 'edit');
  $this
    ->drupalGet('atom/' . $atom->sid);
  $this
    ->assertLink(t('Edit'), 0, 'User can edit own atom.');

  // Revoke the atom.
  $this
    ->drupalGet('atom/' . $atom2->sid);
  $this
    ->assertResponse(200, 'Atom is available.');
  $this
    ->assertTitle($atom2->title . ' | Drupal', 'Image atom can be accessed.');
  $this
    ->deleteAtomAction($atom2, 'view');
  $this
    ->drupalGet('atom/' . $atom2->sid);
  $this
    ->assertResponse(403);
  $this
    ->deleteAtomAction($atom2, 'fetch');
  $this
    ->drupalGet('atom/' . $atom2->sid);
  $this
    ->assertResponse(404);

  // Now for embedded atoms. Use the easy way.
  $content = scald_render($atom2, 'full');
  $this
    ->assertNotIdentical(FALSE, strpos($content, t('You do not have access to view this Atom.')), 'Atom can no longer be viewed.');

  // User without permission.
  $web_user = $this
    ->drupalCreateUser(array(
    'fetch any atom',
  ));
  $this
    ->drupalLogin($web_user);
  $this
    ->drupalGet('atom/' . $atom->sid);
  $this
    ->assertResponse(403);
  $this
    ->drupalLogout();
  $this
    ->drupalGet('atom/' . $atom->sid);
  $this
    ->assertResponse(404);
}