View source
<?php
namespace Drupal\Tests\social_comment\Kernel;
use Drupal\comment\CommentInterface;
use Drupal\Core\Entity\EntityInterface;
use Drupal\KernelTests\Core\Entity\EntityKernelTestBase;
use Drupal\Tests\node\Traits\NodeCreationTrait;
class CommentViewAccessTest extends EntityKernelTestBase {
use NodeCreationTrait;
public static $modules = [
'social_core',
'social_comment',
'comment',
'entity',
'social_user',
'user',
"role_delegation",
'node',
'field',
'text',
'filter',
];
private $storage;
private $node;
protected function setUp() : void {
parent::setUp();
$this
->config('social_core.settings')
->set('use_entity_access_api', TRUE)
->save(TRUE);
$this
->installEntitySchema('node');
$this
->installEntitySchema('user');
$this
->installEntitySchema('comment');
$this
->installSchema('comment', 'comment_entity_statistics');
$this
->installConfig([
'filter',
'comment',
'social_comment',
]);
$this->storage = $this->entityTypeManager
->getStorage('comment');
$this->node = $this
->createNode();
}
protected function setUpCurrentUser(array $values = [], array $permissions = [], $admin = FALSE) {
self::assertFalse($admin, "The current setUpCurrentUser workaround doesn't support admin users.");
$user = $this
->createUser($values, $permissions);
$this
->setCurrentUser($user);
return $user;
}
public function testUserCanNotViewCommentWithoutPermission() : void {
$this
->setUpCurrentUser([], [
'access comments',
]);
$this
->createComment($this->node, [
'status' => CommentInterface::NOT_PUBLISHED,
]);
$this
->createComment($this->node, [
'status' => CommentInterface::PUBLISHED,
]);
$this
->setUpCurrentUser();
$all_comments = $this->storage
->getQuery()
->accessCheck(FALSE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(2, $all_comments);
$visible_comments = $this->storage
->getQuery()
->accessCheck(TRUE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(0, $visible_comments);
}
public function testUserCanNotViewOwnUnpublishedComment() : void {
$this
->setUpCurrentUser([], [
'access comments',
]);
$this
->createComment($this->node, [
'status' => CommentInterface::NOT_PUBLISHED,
]);
$all_comments = $this->storage
->getQuery()
->accessCheck(FALSE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(1, $all_comments);
$visible_comments = $this->storage
->getQuery()
->accessCheck(TRUE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(0, $visible_comments);
}
public function testUserCanNotViewOtherUnpublishedComment() : void {
$this
->setUpCurrentUser([], [
'access comments',
]);
$this
->createComment($this->node, [
'status' => CommentInterface::NOT_PUBLISHED,
]);
$this
->setUpCurrentUser([], [
'access comments',
]);
$all_comments = $this->storage
->getQuery()
->accessCheck(FALSE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(1, $all_comments);
$visible_comments = $this->storage
->getQuery()
->accessCheck(TRUE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(0, $visible_comments);
}
public function testUserCanViewOnlyPublishedComment() {
$this
->setUpCurrentUser([], [
'access comments',
]);
$this
->createComment($this->node, [
'status' => CommentInterface::PUBLISHED,
]);
$this
->setUpCurrentUser([], [
'access comments',
]);
$this
->createComment($this->node, [
'status' => CommentInterface::PUBLISHED,
]);
$all_comments = $this->storage
->getQuery()
->accessCheck(FALSE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(2, $all_comments);
$visible_comments = $this->storage
->getQuery()
->accessCheck(TRUE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(2, $visible_comments);
}
private function createComment(EntityInterface $entity, array $values = []) : CommentInterface {
$comment = $this->storage
->create($values + [
'entity_id' => $entity
->id(),
'entity_type' => $entity
->getEntityTypeId(),
'comment_type' => 'comment',
'field_name' => 'comments',
]);
$comment
->save();
return $comment;
}
}