class CommentViewAccessTest in Open Social 10.2.x
Same name and namespace in other branches
- 10.3.x modules/social_features/social_comment/tests/src/Kernel/CommentViewAccessTest.php \Drupal\Tests\social_comment\Kernel\CommentViewAccessTest
Tests comment view level access.
@group social_comment
Hierarchy
- class \Drupal\KernelTests\KernelTestBase extends \PHPUnit\Framework\TestCase implements ServiceProviderInterface uses \Symfony\Bridge\PhpUnit\ExpectDeprecationTrait, AssertContentTrait, AssertLegacyTrait, ConfigTestTrait, ExtensionListTestTrait, PhpUnitCompatibilityTrait, RandomGeneratorTrait, TestRequirementsTrait, PhpUnitWarnings
- class \Drupal\KernelTests\Core\Entity\EntityKernelTestBase uses UserCreationTrait
- class \Drupal\Tests\social_comment\Kernel\CommentViewAccessTest uses NodeCreationTrait
- class \Drupal\KernelTests\Core\Entity\EntityKernelTestBase uses UserCreationTrait
Expanded class hierarchy of CommentViewAccessTest
File
- modules/
social_features/ social_comment/ tests/ src/ Kernel/ CommentViewAccessTest.php, line 15
Namespace
Drupal\Tests\social_comment\KernelView source
class CommentViewAccessTest extends EntityKernelTestBase {
use NodeCreationTrait;
/**
* {@inheritdoc}
*/
public static $modules = [
// For its `use_entity_access_api` setting.
'social_core',
// For the comment functionality.
'social_comment',
'comment',
// For checking access to a comment.
'entity',
// For the comment author and viewer.
'social_user',
'user',
// User creation in social_user requires a service in role_delegation.
"role_delegation",
// social_comment configures comments for nodes.
'node',
// The default comment config contains a body text field.
'field',
'text',
'filter',
];
/**
* The comment storage.
*
* @var \Drupal\Core\Entity\EntityStorageInterface
*/
private $storage;
/**
* Node entity to use in this test.
*
* @var \Drupal\node\Entity\Node
*/
private $node;
/**
* {@inheritdoc}
*/
protected function setUp() : void {
parent::setUp();
// Manually enable query_access checks, until `use_entity_access_api` is no
// longer a setting. Installing all the `social_core` config doesn't work at
// the time of writing. This must happen before the comment entity is
// installed or its handlers will be incorrect.
$this
->config('social_core.settings')
->set('use_entity_access_api', TRUE)
->save(TRUE);
$this
->installEntitySchema('node');
$this
->installEntitySchema('user');
$this
->installEntitySchema('comment');
$this
->installSchema('comment', 'comment_entity_statistics');
$this
->installConfig([
'filter',
'comment',
'social_comment',
]);
$this->storage = $this->entityTypeManager
->getStorage('comment');
$this->node = $this
->createNode();
}
/**
* {@inheritdoc}
*
* Until https://www.drupal.org/project/drupal/issues/3039955 is fixed.
*/
protected function setUpCurrentUser(array $values = [], array $permissions = [], $admin = FALSE) {
self::assertFalse($admin, "The current setUpCurrentUser workaround doesn't support admin users.");
$user = $this
->createUser($values, $permissions);
$this
->setCurrentUser($user);
return $user;
}
/**
* Test that a user can not view comment without permission.
*
* Regardless of published status.
*/
public function testUserCanNotViewCommentWithoutPermission() : void {
$this
->setUpCurrentUser([], [
'access comments',
]);
$this
->createComment($this->node, [
'status' => CommentInterface::NOT_PUBLISHED,
]);
$this
->createComment($this->node, [
'status' => CommentInterface::PUBLISHED,
]);
// Create another user to try and view the comment.
$this
->setUpCurrentUser();
$all_comments = $this->storage
->getQuery()
->accessCheck(FALSE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(2, $all_comments);
$visible_comments = $this->storage
->getQuery()
->accessCheck(TRUE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(0, $visible_comments);
}
/**
* Test that a user can't view their own unpublished comments.
*/
public function testUserCanNotViewOwnUnpublishedComment() : void {
$this
->setUpCurrentUser([], [
'access comments',
]);
$this
->createComment($this->node, [
'status' => CommentInterface::NOT_PUBLISHED,
]);
$all_comments = $this->storage
->getQuery()
->accessCheck(FALSE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(1, $all_comments);
$visible_comments = $this->storage
->getQuery()
->accessCheck(TRUE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(0, $visible_comments);
}
/**
* Test that a user can't view other people's unpublished comments.
*/
public function testUserCanNotViewOtherUnpublishedComment() : void {
// Create a published comment.
$this
->setUpCurrentUser([], [
'access comments',
]);
$this
->createComment($this->node, [
'status' => CommentInterface::NOT_PUBLISHED,
]);
// Create another user to view the comment.
$this
->setUpCurrentUser([], [
'access comments',
]);
$all_comments = $this->storage
->getQuery()
->accessCheck(FALSE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(1, $all_comments);
$visible_comments = $this->storage
->getQuery()
->accessCheck(TRUE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(0, $visible_comments);
}
/**
* Test that a user can view everyone's published comments.
*/
public function testUserCanViewOnlyPublishedComment() {
$this
->setUpCurrentUser([], [
'access comments',
]);
$this
->createComment($this->node, [
'status' => CommentInterface::PUBLISHED,
]);
// Create another user to try and view the comment.
$this
->setUpCurrentUser([], [
'access comments',
]);
$this
->createComment($this->node, [
'status' => CommentInterface::PUBLISHED,
]);
$all_comments = $this->storage
->getQuery()
->accessCheck(FALSE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(2, $all_comments);
$visible_comments = $this->storage
->getQuery()
->accessCheck(TRUE)
->condition('entity_id', $this->node
->id())
->condition('comment_type', 'comment')
->execute();
self::assertCount(2, $visible_comments);
}
/**
* Create and save a comment entity.
*
* @param \Drupal\Core\Entity\EntityInterface $entity
* The entity the comment is made on.
* @param mixed[] $values
* An optional array of values to pass to Comment::create.
*
* @return \Drupal\comment\CommentInterface
* The created comment.
*
* @throws \Drupal\Core\Entity\EntityStorageException
*/
private function createComment(EntityInterface $entity, array $values = []) : CommentInterface {
/** @var \Drupal\comment\CommentInterface $comment */
$comment = $this->storage
->create($values + [
'entity_id' => $entity
->id(),
'entity_type' => $entity
->getEntityTypeId(),
'comment_type' => 'comment',
'field_name' => 'comments',
]);
$comment
->save();
return $comment;
}
}
Members
Name![]() |
Modifiers | Type | Description | Overrides |
---|---|---|---|---|
AssertContentTrait:: |
protected | property | The current raw content. | |
AssertContentTrait:: |
protected | property | The drupalSettings value from the current raw $content. | |
AssertContentTrait:: |
protected | property | The XML structure parsed from the current raw $content. | 1 |
AssertContentTrait:: |
protected | property | The plain-text content of raw $content (text nodes). | |
AssertContentTrait:: |
protected | function | Passes if the raw text IS found escaped on the loaded page, fail otherwise. | |
AssertContentTrait:: |
protected | function | Asserts that a field exists with the given name or ID. | |
AssertContentTrait:: |
protected | function | Asserts that a field exists with the given ID and value. | |
AssertContentTrait:: |
protected | function | Asserts that a field exists with the given name and value. | |
AssertContentTrait:: |
protected | function | Asserts that a field exists in the current page by the given XPath. | |
AssertContentTrait:: |
protected | function | Asserts that a checkbox field in the current page is checked. | |
AssertContentTrait:: |
protected | function | Asserts that a field exists in the current page with a given Xpath result. | |
AssertContentTrait:: |
protected | function | Passes if a link with the specified label is found. | |
AssertContentTrait:: |
protected | function | Passes if a link containing a given href (part) is found. | |
AssertContentTrait:: |
protected | function | Asserts that each HTML ID is used for just a single element. | |
AssertContentTrait:: |
protected | function | Passes if the raw text IS NOT found escaped on the loaded page, fail otherwise. | |
AssertContentTrait:: |
protected | function | Asserts that a field does not exist with the given name or ID. | |
AssertContentTrait:: |
protected | function | Asserts that a field does not exist with the given ID and value. | |
AssertContentTrait:: |
protected | function | Asserts that a field does not exist with the given name and value. | |
AssertContentTrait:: |
protected | function | Asserts that a field does not exist or its value does not match, by XPath. | |
AssertContentTrait:: |
protected | function | Asserts that a checkbox field in the current page is not checked. | |
AssertContentTrait:: |
protected | function | Passes if a link with the specified label is not found. | |
AssertContentTrait:: |
protected | function | Passes if a link containing a given href (part) is not found. | |
AssertContentTrait:: |
protected | function | Passes if a link containing a given href is not found in the main region. | |
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page does not exist. | |
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page is not checked. | |
AssertContentTrait:: |
protected | function | Triggers a pass if the perl regex pattern is not found in raw content. | |
AssertContentTrait:: |
protected | function | Passes if the raw text is NOT found on the loaded page, fail otherwise. | |
AssertContentTrait:: |
protected | function | Passes if the page (with HTML stripped) does not contains the text. | |
AssertContentTrait:: |
protected | function | Pass if the page title is not the given string. | |
AssertContentTrait:: |
protected | function | Passes if the text is found MORE THAN ONCE on the text version of the page. | |
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page exists. | |
AssertContentTrait:: |
protected | function | Asserts that a select option with the visible text exists. | |
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page is checked. | |
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page is checked. | |
AssertContentTrait:: |
protected | function | Asserts that a select option in the current page exists. | |
AssertContentTrait:: |
protected | function | Triggers a pass if the Perl regex pattern is found in the raw content. | |
AssertContentTrait:: |
protected | function | Passes if the raw text IS found on the loaded page, fail otherwise. | |
AssertContentTrait:: |
protected | function | Passes if the page (with HTML stripped) contains the text. | |
AssertContentTrait:: |
protected | function | Helper for assertText and assertNoText. | |
AssertContentTrait:: |
protected | function | Asserts that a Perl regex pattern is found in the plain-text content. | |
AssertContentTrait:: |
protected | function | Asserts themed output. | |
AssertContentTrait:: |
protected | function | Pass if the page title is the given string. | |
AssertContentTrait:: |
protected | function | Passes if the text is found ONLY ONCE on the text version of the page. | |
AssertContentTrait:: |
protected | function | Helper for assertUniqueText and assertNoUniqueText. | |
AssertContentTrait:: |
protected | function | Builds an XPath query. | |
AssertContentTrait:: |
protected | function | Helper: Constructs an XPath for the given set of attributes and value. | |
AssertContentTrait:: |
protected | function | Searches elements using a CSS selector in the raw content. | |
AssertContentTrait:: |
protected | function | Get all option elements, including nested options, in a select. | |
AssertContentTrait:: |
protected | function | Gets the value of drupalSettings for the currently-loaded page. | |
AssertContentTrait:: |
protected | function | Gets the current raw content. | |
AssertContentTrait:: |
protected | function | Get the selected value from a select field. | |
AssertContentTrait:: |
protected | function | Retrieves the plain-text content from the current raw content. | |
AssertContentTrait:: |
protected | function | Get the current URL from the cURL handler. | 1 |
AssertContentTrait:: |
protected | function | Parse content returned from curlExec using DOM and SimpleXML. | |
AssertContentTrait:: |
protected | function | Removes all white-space between HTML tags from the raw content. | |
AssertContentTrait:: |
protected | function | Sets the value of drupalSettings for the currently-loaded page. | |
AssertContentTrait:: |
protected | function | Sets the raw content (e.g. HTML). | |
AssertContentTrait:: |
protected | function | Performs an xpath search on the contents of the internal browser. | |
AssertLegacyTrait:: |
protected | function | ||
AssertLegacyTrait:: |
protected | function | ||
AssertLegacyTrait:: |
protected | function | ||
AssertLegacyTrait:: |
protected | function | ||
AssertLegacyTrait:: |
protected | function | ||
AssertLegacyTrait:: |
protected | function | ||
AssertLegacyTrait:: |
protected | function | ||
AssertLegacyTrait:: |
protected | function | ||
CommentViewAccessTest:: |
public static | property |
Modules to enable. Overrides EntityKernelTestBase:: |
|
CommentViewAccessTest:: |
private | property | Node entity to use in this test. | |
CommentViewAccessTest:: |
private | property | The comment storage. | |
CommentViewAccessTest:: |
private | function | Create and save a comment entity. | |
CommentViewAccessTest:: |
protected | function |
Overrides EntityKernelTestBase:: |
|
CommentViewAccessTest:: |
protected | function | Until https://www.drupal.org/project/drupal/issues/3039955 is fixed. | |
CommentViewAccessTest:: |
public | function | Test that a user can not view comment without permission. | |
CommentViewAccessTest:: |
public | function | Test that a user can't view other people's unpublished comments. | |
CommentViewAccessTest:: |
public | function | Test that a user can't view their own unpublished comments. | |
CommentViewAccessTest:: |
public | function | Test that a user can view everyone's published comments. | |
ConfigTestTrait:: |
protected | function | Returns a ConfigImporter object to import test configuration. | |
ConfigTestTrait:: |
protected | function | Copies configuration objects from source storage to target storage. | |
EntityKernelTestBase:: |
protected | property | The entity type manager service. | 1 |
EntityKernelTestBase:: |
protected | property | A list of generated identifiers. | |
EntityKernelTestBase:: |
protected | property | The state service. | |
EntityKernelTestBase:: |
protected | function | Creates a user. | |
EntityKernelTestBase:: |
protected | function | Generates a random ID avoiding collisions. | |
EntityKernelTestBase:: |
protected | function | Returns the entity_test hook invocation info. | |
EntityKernelTestBase:: |
protected | function | Installs a module and refreshes services. | |
EntityKernelTestBase:: |
protected | function | Refresh services. | 1 |
EntityKernelTestBase:: |
protected | function | Reloads the given entity from the storage and returns it. | |
EntityKernelTestBase:: |
protected | function | Uninstalls a module and refreshes services. | |
ExtensionListTestTrait:: |
protected | function | Gets the path for the specified module. | |
ExtensionListTestTrait:: |
protected | function | Gets the path for the specified theme. | |
KernelTestBase:: |
protected | property | Back up and restore any global variables that may be changed by tests. | |
KernelTestBase:: |
protected | property | Back up and restore static class properties that may be changed by tests. | |
KernelTestBase:: |
protected | property | Contains a few static class properties for performance. | |
KernelTestBase:: |
protected | property | ||
KernelTestBase:: |
protected | property | @todo Move into Config test base class. | 7 |
KernelTestBase:: |
protected static | property | An array of config object names that are excluded from schema checking. | |
KernelTestBase:: |
protected | property | ||
KernelTestBase:: |
protected | property | ||
KernelTestBase:: |
protected | property | Do not forward any global state from the parent process to the processes that run the actual tests. | |
KernelTestBase:: |
protected | property | The app root. | |
KernelTestBase:: |
protected | property | Kernel tests are run in separate processes because they allow autoloading of code from extensions. Running the test in a separate process isolates this behavior from other tests. Subclasses should not override this property. | |
KernelTestBase:: |
protected | property | ||
KernelTestBase:: |
protected | property | Set to TRUE to strict check all configuration saved. | 6 |
KernelTestBase:: |
protected | property | The virtual filesystem root directory. | |
KernelTestBase:: |
protected | function | 1 | |
KernelTestBase:: |
protected | function | Bootstraps a basic test environment. | |
KernelTestBase:: |
private | function | Bootstraps a kernel for a test. | |
KernelTestBase:: |
protected | function | Configuration accessor for tests. Returns non-overridden configuration. | |
KernelTestBase:: |
protected | function | Disables modules for this test. | |
KernelTestBase:: |
protected | function | Enables modules for this test. | |
KernelTestBase:: |
protected | function | Gets the config schema exclusions for this test. | |
KernelTestBase:: |
protected | function | Returns the Database connection info to be used for this test. | 3 |
KernelTestBase:: |
public | function | ||
KernelTestBase:: |
private | function | Returns Extension objects for $modules to enable. | |
KernelTestBase:: |
private static | function | Returns the modules to enable for this test. | |
KernelTestBase:: |
protected | function | Initializes the FileCache component. | |
KernelTestBase:: |
protected | function | Installs default configuration for a given list of modules. | |
KernelTestBase:: |
protected | function | Installs the storage schema for a specific entity type. | |
KernelTestBase:: |
protected | function | Installs database tables from a module schema definition. | |
KernelTestBase:: |
protected | function | ||
KernelTestBase:: |
public | function |
Registers test-specific services. Overrides ServiceProviderInterface:: |
24 |
KernelTestBase:: |
protected | function | Renders a render array. | 1 |
KernelTestBase:: |
protected | function | Sets the install profile and rebuilds the container to update it. | |
KernelTestBase:: |
protected | function | Sets an in-memory Settings variable. | |
KernelTestBase:: |
public static | function | 1 | |
KernelTestBase:: |
protected | function | Sets up the filesystem, so things like the file directory. | 2 |
KernelTestBase:: |
protected | function | Stops test execution. | |
KernelTestBase:: |
protected | function | 4 | |
KernelTestBase:: |
public | function | @after | |
KernelTestBase:: |
protected | function | Dumps the current state of the virtual filesystem to STDOUT. | |
KernelTestBase:: |
public | function | Prevents serializing any properties. | |
NodeCreationTrait:: |
protected | function | Creates a node based on default settings. | |
NodeCreationTrait:: |
public | function | Get a node from the database based on its title. | |
PhpUnitWarnings:: |
private static | property | Deprecation warnings from PHPUnit to raise with @trigger_error(). | |
PhpUnitWarnings:: |
public | function | Converts PHPUnit deprecation warnings to E_USER_DEPRECATED. | |
RandomGeneratorTrait:: |
protected | property | The random generator. | |
RandomGeneratorTrait:: |
protected | function | Gets the random generator for the utility methods. | |
RandomGeneratorTrait:: |
protected | function | Generates a unique random string containing letters and numbers. | 1 |
RandomGeneratorTrait:: |
public | function | Generates a random PHP object. | |
RandomGeneratorTrait:: |
public | function | Generates a pseudo-random string of ASCII characters of codes 32 to 126. | |
RandomGeneratorTrait:: |
public | function | Callback for random string validation. | |
StorageCopyTrait:: |
protected static | function | Copy the configuration from one storage to another and remove stale items. | |
TestRequirementsTrait:: |
private | function | Checks missing module requirements. | |
TestRequirementsTrait:: |
protected | function | Check module requirements for the Drupal use case. | 1 |
TestRequirementsTrait:: |
protected static | function | Returns the Drupal root directory. | |
UserCreationTrait:: |
protected | function | Checks whether a given list of permission names is valid. Aliased as: drupalCheckPermissions | |
UserCreationTrait:: |
protected | function | Creates an administrative role. Aliased as: drupalCreateAdminRole | |
UserCreationTrait:: |
protected | function | Creates a role with specified permissions. Aliased as: drupalCreateRole | |
UserCreationTrait:: |
protected | function | Create a user with a given set of permissions. Aliased as: drupalCreateUser | |
UserCreationTrait:: |
protected | function | Grant permissions to a user role. Aliased as: drupalGrantPermissions | |
UserCreationTrait:: |
protected | function | Switch the current logged in user. Aliased as: drupalSetCurrentUser | |
UserCreationTrait:: |
protected | function | Creates a random user account and sets it as current user. Aliased as: drupalSetUpCurrentUser |