class RoleAccessTest in Search API 8
Tests the "Role-based access" processor.
@group search_api
Hierarchy
- class \Drupal\KernelTests\KernelTestBase extends \PHPUnit\Framework\TestCase implements ServiceProviderInterface uses AssertContentTrait, AssertLegacyTrait, AssertHelperTrait, ConfigTestTrait, PhpunitCompatibilityTrait, RandomGeneratorTrait, TestRequirementsTrait
- class \Drupal\Tests\search_api\Kernel\Processor\ProcessorTestBase
- class \Drupal\Tests\search_api\Kernel\Processor\RoleAccessTest uses ResultsTrait
- class \Drupal\Tests\search_api\Kernel\Processor\ProcessorTestBase
Expanded class hierarchy of RoleAccessTest
See also
\Drupal\search_api\Plugin\search_api\processor\RoleAccess
search_api_test_entity_access()
File
- tests/
src/ Kernel/ Processor/ RoleAccessTest.php, line 21
Namespace
Drupal\Tests\search_api\Kernel\ProcessorView source
class RoleAccessTest extends ProcessorTestBase {
use ResultsTrait;
/**
* The nodes created for testing.
*
* @var \Drupal\node\Entity\Node[]
*/
protected $nodes;
/**
* An array of test users assigned to each role.
*
* @var \Drupal\Core\Session\AccountInterface[]
*/
protected $testUsers;
/**
* {@inheritdoc}
*/
public function setUp($processor = NULL) {
parent::setUp('role_access');
$this
->installSchema('system', [
'sequences',
]);
NodeType::create([
'type' => 'page',
'name' => 'page',
])
->save();
// Enable the programmable role-based access controls found in the
// search_api_test module.
// @see search_api_test_entity_access()
\Drupal::state()
->set('search_api_test_add_role_access_control', TRUE);
// Create three test roles and the anonymous user role, all of which can
// access content. Since the test adds its own test access hook for each
// role, we do not want to test existing core access mechanisms.
foreach ([
'foo',
'bar',
'baz',
'anonymous',
'authenticated',
] as $role_id) {
Role::create([
'id' => $role_id,
'name' => $role_id,
])
->grantPermission('access content')
->save();
}
// Create a test user for each of the (non-anonymous) test roles.
foreach ([
'foo',
'bar',
'baz',
] as $role_id) {
$test_user = User::create([
'name' => $role_id,
]);
$test_user
->addRole($role_id);
$test_user
->save();
$this->testUsers[$role_id] = $test_user;
}
// Insert the special-case anonymous user.
$anonymous_user = User::create([
'uid' => 0,
'name' => '',
]);
$anonymous_user
->save();
$this->testUsers['anonymous'] = $anonymous_user;
// Insert the special case authenticated user.
$authenticated_user = User::create([
'name' => 'Authenticated',
]);
$authenticated_user
->save();
$this->testUsers['authenticated'] = $authenticated_user;
}
/**
* Tests the role based access filtering.
*/
public function testRoleBasedAccess() {
$allowed_foo = $this
->createTestNode('allow for foo role');
$allowed_bar = $this
->createTestNode('allow for bar role');
$allowed_anonymous = $this
->createTestNode('allow for anonymous role');
$allowed_authenticated = $this
->createTestNode('allow for authenticated role');
$allowed_all = $this
->createTestNode('allow for foo, bar, baz, anonymous, authenticated role');
$this->index
->reindex();
$this
->indexItems();
$query = \Drupal::getContainer()
->get('search_api.query_helper')
->createQuery($this->index);
$expected = [
'foo' => [
'node' => [
$allowed_all,
$allowed_foo,
$allowed_authenticated,
],
],
'bar' => [
'node' => [
$allowed_all,
$allowed_bar,
$allowed_authenticated,
],
],
'baz' => [
'node' => [
$allowed_all,
$allowed_authenticated,
],
],
'anonymous' => [
'node' => [
$allowed_anonymous,
$allowed_all,
],
],
'authenticated' => [
'node' => [
$allowed_authenticated,
$allowed_all,
],
],
];
foreach ($expected as $role_id => $expected_role_results) {
$cloned_query = clone $query;
$cloned_query
->setOption('search_api_access_account', $this->testUsers[$role_id]);
$result = $cloned_query
->execute();
$this
->assertResults($result, $expected_role_results);
}
}
/**
* Tests whether the correct field values are created for nodes.
*/
public function testComputedFieldValues() {
$allowed_foo = $this
->createTestNode('allow for foo role');
$allowed_bar = $this
->createTestNode('allow for bar role');
$allowed_anonymous = $this
->createTestNode('allow for anonymous role');
$allowed_authenticated = $this
->createTestNode('allow for authenticated role');
$allowed_all = $this
->createTestNode('allow for foo, bar, baz, anonymous, authenticated role');
$expected_roles = [
$allowed_foo => [
'foo',
],
$allowed_bar => [
'bar',
],
$allowed_anonymous => [
'anonymous',
],
$allowed_authenticated => [
'authenticated',
],
$allowed_all => [
'foo',
'bar',
'baz',
'anonymous',
'authenticated',
],
];
$fields_helper = \Drupal::getContainer()
->get('search_api.fields_helper');
$datasource = $this->index
->getDatasource('entity:node');
foreach ($expected_roles as $i => $roles) {
$node = $this->nodes[$i];
$item = $fields_helper
->createItemFromObject($this->index, $node
->getTypedData(), NULL, $datasource);
$this->processor
->addFieldValues($item);
$this
->assertEquals($roles, $item
->getField('role_access')
->getValues(), "Wrong roles computed for node \"{$node->label()}\".");
}
}
/**
* Tests whether the access check correctly defaults to the logged-in user.
*/
public function testDefaultingToLoggedInUser() {
$allowed_foo = $this
->createTestNode('allow for foo role');
\Drupal::currentUser()
->setAccount($this->testUsers['foo']);
$index_storage = \Drupal::entityTypeManager()
->getStorage('search_api_index');
$index_storage
->resetCache([
$this->index
->id(),
]);
$this->index = $index_storage
->load($this->index
->id());
$this->index
->reindex();
$this
->indexItems();
$query = \Drupal::getContainer()
->get('search_api.query_helper')
->createQuery($this->index);
$result = $query
->execute();
$this
->assertResults($result, [
'node' => [
$allowed_foo,
],
]);
}
/**
* Tests the account in the processor when it's based on an ID.
*/
public function testIdBasedCurrentUser() {
$allowed_foo = $this
->createTestNode('allow for foo role');
$this
->createTestNode('allow for bar role');
$this->index
->reindex();
$this
->indexItems();
$query = \Drupal::getContainer()
->get('search_api.query_helper')
->createQuery($this->index);
$query
->setOption('search_api_access_account', $this->testUsers['foo']
->id());
$result = $query
->execute();
$this
->assertResults($result, [
'node' => [
$allowed_foo,
],
]);
}
/**
* Tests whether the "search_api_bypass_access" query option is respected.
*/
public function testQueryAccessBypass() {
$disallowed = $this
->createTestNode('disallowed');
$this->index
->reindex();
$this
->indexItems();
$this
->assertEquals(1, $this->index
->getTrackerInstance()
->getIndexedItemsCount());
$query = \Drupal::getContainer()
->get('search_api.query_helper')
->createQuery($this->index, [
'search_api_bypass_access' => TRUE,
]);
$result = $query
->execute();
$expected = [
'node' => [
$disallowed,
],
];
$this
->assertResults($result, $expected);
}
/**
* Tests whether the property is correctly added by the processor.
*/
public function testAlterPropertyDefinitions() {
// Check for added properties when no datasource is given.
$properties = $this->processor
->getPropertyDefinitions(NULL);
$this
->assertArrayHasKey('search_api_role_access', $properties);
$property = $properties['search_api_role_access'];
$this
->assertInstanceOf(DataDefinitionInterface::class, $property);
$this
->assertEquals('string', $property
->getDataType());
// Verify that there are no properties if a datasource is given.
$datasource = $this->index
->getDatasource('entity:node');
$properties = $this->processor
->getPropertyDefinitions($datasource);
$this
->assertEquals([], $properties);
}
/**
* Creates a test node and return its key in the test nodes array.
*
* @param string $title
* The title of the node.
*
* @return int
* The position of the node in the test array.
*/
protected function createTestNode(string $title) : int {
$node = Node::create([
'status' => NodeInterface::PUBLISHED,
'type' => 'page',
'title' => $title,
]);
$node
->save();
$this->nodes[] = $node;
end($this->nodes);
return key($this->nodes);
}
}Members
Name |
Modifiers | Type | Description | Overrides |
|---|---|---|---|---|
|
AssertContentTrait:: |
protected | property | The current raw content. | |
|
AssertContentTrait:: |
protected | property | The drupalSettings value from the current raw $content. | |
|
AssertContentTrait:: |
protected | property | The XML structure parsed from the current raw $content. | 1 |
|
AssertContentTrait:: |
protected | property | The plain-text content of raw $content (text nodes). | |
|
AssertContentTrait:: |
protected | function | Passes if the raw text IS found escaped on the loaded page, fail otherwise. | |
|
AssertContentTrait:: |
protected | function | Asserts that a field exists with the given name or ID. | |
|
AssertContentTrait:: |
protected | function | Asserts that a field exists with the given ID and value. | |
|
AssertContentTrait:: |
protected | function | Asserts that a field exists with the given name and value. | |
|
AssertContentTrait:: |
protected | function | Asserts that a field exists in the current page by the given XPath. | |
|
AssertContentTrait:: |
protected | function | Asserts that a checkbox field in the current page is checked. | |
|
AssertContentTrait:: |
protected | function | Asserts that a field exists in the current page with a given Xpath result. | |
|
AssertContentTrait:: |
protected | function | Passes if a link with the specified label is found. | |
|
AssertContentTrait:: |
protected | function | Passes if a link containing a given href (part) is found. | |
|
AssertContentTrait:: |
protected | function | Asserts that each HTML ID is used for just a single element. | |
|
AssertContentTrait:: |
protected | function | Passes if the raw text IS NOT found escaped on the loaded page, fail otherwise. | |
|
AssertContentTrait:: |
protected | function | Asserts that a field does not exist with the given name or ID. | |
|
AssertContentTrait:: |
protected | function | Asserts that a field does not exist with the given ID and value. | |
|
AssertContentTrait:: |
protected | function | Asserts that a field does not exist with the given name and value. | |
|
AssertContentTrait:: |
protected | function | Asserts that a field does not exist or its value does not match, by XPath. | |
|
AssertContentTrait:: |
protected | function | Asserts that a checkbox field in the current page is not checked. | |
|
AssertContentTrait:: |
protected | function | Passes if a link with the specified label is not found. | |
|
AssertContentTrait:: |
protected | function | Passes if a link containing a given href (part) is not found. | |
|
AssertContentTrait:: |
protected | function | Passes if a link containing a given href is not found in the main region. | |
|
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page does not exist. | |
|
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page is not checked. | |
|
AssertContentTrait:: |
protected | function | Triggers a pass if the perl regex pattern is not found in raw content. | |
|
AssertContentTrait:: |
protected | function | Passes if the raw text is NOT found on the loaded page, fail otherwise. | |
|
AssertContentTrait:: |
protected | function | Passes if the page (with HTML stripped) does not contains the text. | |
|
AssertContentTrait:: |
protected | function | Pass if the page title is not the given string. | |
|
AssertContentTrait:: |
protected | function | Passes if the text is found MORE THAN ONCE on the text version of the page. | |
|
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page exists. | |
|
AssertContentTrait:: |
protected | function | Asserts that a select option with the visible text exists. | |
|
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page is checked. | |
|
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page is checked. | |
|
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page exists. | |
|
AssertContentTrait:: |
protected | function | Triggers a pass if the Perl regex pattern is found in the raw content. | |
|
AssertContentTrait:: |
protected | function | Passes if the raw text IS found on the loaded page, fail otherwise. | |
|
AssertContentTrait:: |
protected | function | Passes if the page (with HTML stripped) contains the text. | |
|
AssertContentTrait:: |
protected | function | Helper for assertText and assertNoText. | |
|
AssertContentTrait:: |
protected | function | Asserts that a Perl regex pattern is found in the plain-text content. | |
|
AssertContentTrait:: |
protected | function | Asserts themed output. | |
|
AssertContentTrait:: |
protected | function | Pass if the page title is the given string. | |
|
AssertContentTrait:: |
protected | function | Passes if the text is found ONLY ONCE on the text version of the page. | |
|
AssertContentTrait:: |
protected | function | Helper for assertUniqueText and assertNoUniqueText. | |
|
AssertContentTrait:: |
protected | function | Builds an XPath query. | |
|
AssertContentTrait:: |
protected | function | Helper: Constructs an XPath for the given set of attributes and value. | |
|
AssertContentTrait:: |
protected | function | Searches elements using a CSS selector in the raw content. | |
|
AssertContentTrait:: |
protected | function | Get all option elements, including nested options, in a select. | |
|
AssertContentTrait:: |
protected | function | Gets the value of drupalSettings for the currently-loaded page. | |
|
AssertContentTrait:: |
protected | function | Gets the current raw content. | |
|
AssertContentTrait:: |
protected | function | Get the selected value from a select field. | |
|
AssertContentTrait:: |
protected | function | Retrieves the plain-text content from the current raw content. | |
|
AssertContentTrait:: |
protected | function | Get the current URL from the cURL handler. | 1 |
|
AssertContentTrait:: |
protected | function | Parse content returned from curlExec using DOM and SimpleXML. | |
|
AssertContentTrait:: |
protected | function | Removes all white-space between HTML tags from the raw content. | |
|
AssertContentTrait:: |
protected | function | Sets the value of drupalSettings for the currently-loaded page. | |
|
AssertContentTrait:: |
protected | function | Sets the raw content (e.g. HTML). | |
|
AssertContentTrait:: |
protected | function | Performs an xpath search on the contents of the internal browser. | |
|
AssertHelperTrait:: |
protected static | function | Casts MarkupInterface objects into strings. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertTrue() instead. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertEquals() instead. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertSame() instead. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertEquals() instead. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertNotEquals() instead. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertNotSame() instead. | |
|
AssertLegacyTrait:: |
protected | function | Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertTrue() instead. | |
|
AssertLegacyTrait:: |
protected | function | ||
|
ConfigTestTrait:: |
protected | function | Returns a ConfigImporter object to import test configuration. | |
|
ConfigTestTrait:: |
protected | function | Copies configuration objects from source storage to target storage. | |
|
KernelTestBase:: |
protected | property | Back up and restore any global variables that may be changed by tests. | |
|
KernelTestBase:: |
protected | property | Back up and restore static class properties that may be changed by tests. | |
|
KernelTestBase:: |
protected | property | Contains a few static class properties for performance. | |
|
KernelTestBase:: |
protected | property | ||
|
KernelTestBase:: |
protected | property | @todo Move into Config test base class. | 7 |
|
KernelTestBase:: |
protected static | property | An array of config object names that are excluded from schema checking. | |
|
KernelTestBase:: |
protected | property | ||
|
KernelTestBase:: |
protected | property | ||
|
KernelTestBase:: |
protected | property | Do not forward any global state from the parent process to the processes that run the actual tests. | |
|
KernelTestBase:: |
protected | property | The app root. | |
|
KernelTestBase:: |
protected | property | Kernel tests are run in separate processes because they allow autoloading of code from extensions. Running the test in a separate process isolates this behavior from other tests. Subclasses should not override this property. | |
|
KernelTestBase:: |
protected | property | ||
|
KernelTestBase:: |
protected | property | Set to TRUE to strict check all configuration saved. | 6 |
|
KernelTestBase:: |
protected | property | The virtual filesystem root directory. | |
|
KernelTestBase:: |
protected | function | 1 | |
|
KernelTestBase:: |
protected | function | Bootstraps a basic test environment. | |
|
KernelTestBase:: |
private | function | Bootstraps a kernel for a test. | |
|
KernelTestBase:: |
protected | function | Configuration accessor for tests. Returns non-overridden configuration. | |
|
KernelTestBase:: |
protected | function | Disables modules for this test. | |
|
KernelTestBase:: |
protected | function | Enables modules for this test. | |
|
KernelTestBase:: |
protected | function | Gets the config schema exclusions for this test. | |
|
KernelTestBase:: |
protected | function | Returns the Database connection info to be used for this test. | 1 |
|
KernelTestBase:: |
public | function | ||
|
KernelTestBase:: |
private | function | Returns Extension objects for $modules to enable. | |
|
KernelTestBase:: |
private static | function | Returns the modules to enable for this test. | |
|
KernelTestBase:: |
protected | function | Initializes the FileCache component. | |
|
KernelTestBase:: |
protected | function | Installs default configuration for a given list of modules. | |
|
KernelTestBase:: |
protected | function | Installs the storage schema for a specific entity type. | |
|
KernelTestBase:: |
protected | function | Installs database tables from a module schema definition. | |
|
KernelTestBase:: |
protected | function | Returns whether the current test method is running in a separate process. | |
|
KernelTestBase:: |
protected | function | ||
|
KernelTestBase:: |
public | function |
Registers test-specific services. Overrides ServiceProviderInterface:: |
26 |
|
KernelTestBase:: |
protected | function | Renders a render array. | 1 |
|
KernelTestBase:: |
protected | function | Sets the install profile and rebuilds the container to update it. | |
|
KernelTestBase:: |
protected | function | Sets an in-memory Settings variable. | |
|
KernelTestBase:: |
public static | function | 1 | |
|
KernelTestBase:: |
protected | function | Sets up the filesystem, so things like the file directory. | 2 |
|
KernelTestBase:: |
protected | function | Stops test execution. | |
|
KernelTestBase:: |
protected | function | 6 | |
|
KernelTestBase:: |
public | function | @after | |
|
KernelTestBase:: |
protected | function | Dumps the current state of the virtual filesystem to STDOUT. | |
|
KernelTestBase:: |
public | function | BC: Automatically resolve former KernelTestBase class properties. | |
|
KernelTestBase:: |
public | function | Prevents serializing any properties. | |
|
PhpunitCompatibilityTrait:: |
public | function | Returns a mock object for the specified class using the available method. | |
|
PhpunitCompatibilityTrait:: |
public | function | Compatibility layer for PHPUnit 6 to support PHPUnit 4 code. | |
|
ProcessorTestBase:: |
protected | property | The search index used for this test. | |
|
ProcessorTestBase:: |
public static | property |
Modules to enable. Overrides KernelTestBase:: |
3 |
|
ProcessorTestBase:: |
protected | property | The processor used for this test. | 2 |
|
ProcessorTestBase:: |
protected | property | The search server used for this test. | |
|
ProcessorTestBase:: |
protected | function | Generates a single test item. | |
|
ProcessorTestBase:: |
protected | function | Generates some test items. | |
|
ProcessorTestBase:: |
protected | function | Indexes all (unindexed) items. | |
|
RandomGeneratorTrait:: |
protected | property | The random generator. | |
|
RandomGeneratorTrait:: |
protected | function | Gets the random generator for the utility methods. | |
|
RandomGeneratorTrait:: |
protected | function | Generates a unique random string containing letters and numbers. | 1 |
|
RandomGeneratorTrait:: |
public | function | Generates a random PHP object. | |
|
RandomGeneratorTrait:: |
public | function | Generates a pseudo-random string of ASCII characters of codes 32 to 126. | |
|
RandomGeneratorTrait:: |
public | function | Callback for random string validation. | |
|
ResultsTrait:: |
protected | function | Asserts that the search results contain the expected IDs. | |
|
RoleAccessTest:: |
protected | property | The nodes created for testing. | |
|
RoleAccessTest:: |
protected | property | An array of test users assigned to each role. | |
|
RoleAccessTest:: |
protected | function | Creates a test node and return its key in the test nodes array. | |
|
RoleAccessTest:: |
public | function |
Performs setup tasks before each individual test method is run. Overrides ProcessorTestBase:: |
|
|
RoleAccessTest:: |
public | function | Tests whether the property is correctly added by the processor. | |
|
RoleAccessTest:: |
public | function | Tests whether the correct field values are created for nodes. | |
|
RoleAccessTest:: |
public | function | Tests whether the access check correctly defaults to the logged-in user. | |
|
RoleAccessTest:: |
public | function | Tests the account in the processor when it's based on an ID. | |
|
RoleAccessTest:: |
public | function | Tests whether the "search_api_bypass_access" query option is respected. | |
|
RoleAccessTest:: |
public | function | Tests the role based access filtering. | |
|
StorageCopyTrait:: |
protected static | function | Copy the configuration from one storage to another and remove stale items. | |
|
TestRequirementsTrait:: |
private | function | Checks missing module requirements. | |
|
TestRequirementsTrait:: |
protected | function | Check module requirements for the Drupal use case. | 1 |
|
TestRequirementsTrait:: |
protected static | function | Returns the Drupal root directory. |