You are here

Home » API reference » Spaces 6.3 » spaces_og.test » SpacesOGTestAccess

function SpacesOGTestAccess::testAccess in Spaces 6.3

Same name and namespace in other branches
  1. 7.3 spaces_og/tests/spaces_og.test \SpacesOGTestAccess::testAccess()
  2. 7 spaces_og/tests/spaces_og.test \SpacesOGTestAccess::testAccess()

Test access control lists. The purpose of this test is to verify that spaces presets result in proper OG settings. Further, resulting access grants and denies are tested to catch changes in OG API that potentially break assumed access walls.

File

spaces_og/tests/spaces_og.test, line 398

Class

SpacesOGTestAccess

Code

function testAccess() {

  /**
   * Create and verify public Group A ========================================
   */

  // Enable features_test as group feature.
  $this
    ->drupalPost('group-a/node/1/features', array(
    'spaces_features[features_test]' => '1',
  ), 'Save for Group A');
  $this
    ->pass($output);

  // Post in group and review access settings and group associations.
  $this
    ->drupalGet('group-a/node/add/features-test');
  $this
    ->assertText('A post of this type is public. All visitors will be able to see it.');
  $this
    ->drupalPost('group-a/node/add/features-test', array(
    'title' => 'Public post',
  ), 'Save');
  $this
    ->assertText('Testing: Features Public post has been created.');
  $this
    ->assertEqual(1, db_result(db_query('SELECT count(*) FROM {og_ancestry} WHERE group_nid = 1 AND nid = 2;')));
  $access = $this
    ->nodeAccess(2);
  $this
    ->assertEqual($access['og_public']['gid'], 0);
  $this
    ->assertEqual($access['og_public']['grant_view'], 1);
  $this
    ->assertEqual($access['og_public']['grant_update'], 0);
  $this
    ->assertEqual($access['og_public']['grant_delete'], 0);
  $this
    ->assertEqual($access['og_admin']['gid'], 1);
  $this
    ->assertEqual($access['og_admin']['grant_view'], 1);
  $this
    ->assertEqual($access['og_admin']['grant_update'], 1);
  $this
    ->assertEqual($access['og_admin']['grant_delete'], 1);
  $this
    ->assertEqual($access['og_subscriber']['gid'], 1);
  $this
    ->assertEqual($access['og_subscriber']['grant_view'], 1);
  $this
    ->assertEqual($access['og_subscriber']['grant_update'], 0);
  $this
    ->assertEqual($access['og_subscriber']['grant_delete'], 0);

  /**
   * Create and verify protected Group B =====================================
   */

  // Create group.
  $edit = array(
    'title' => 'Group B',
    'og_description' => 'Group B.',
    'purl[value]' => 'group-b',
    'spaces_preset_og' => 'og_controlled',
  );
  $this
    ->drupalPost('node/add/group', $edit, 'Save');
  $this
    ->assertEqual('og_controlled', unserialize(db_result(db_query('SELECT value from {spaces_overrides} WHERE id = 3'))));

  // Enable features_test as group feature.
  $this
    ->drupalPost('group-b/node/3/features', array(
    'spaces_features[features_test]' => '1',
  ), 'Save for Group B');

  // Post in group and review access settings and group associations.
  $this
    ->drupalGet('group-b/node/add/features-test');
  $this
    ->assertText('A post of this type is public. All visitors will be able to see it.');
  $this
    ->drupalPost('group-b/node/add/features-test', array(
    'title' => 'Protected post',
  ), 'Save');
  $this
    ->assertText('Testing: Features Protected post has been created.');
  $this
    ->assertEqual(1, db_result(db_query('SELECT count(*) FROM {og_ancestry} WHERE group_nid = 3 AND nid = 4;')));
  $access = $this
    ->nodeAccess(4);
  $this
    ->assertEqual($access['og_public']['gid'], 0);
  $this
    ->assertEqual($access['og_public']['grant_view'], 1);
  $this
    ->assertEqual($access['og_public']['grant_update'], 0);
  $this
    ->assertEqual($access['og_public']['grant_delete'], 0);
  $this
    ->assertEqual($access['og_admin']['gid'], 3);
  $this
    ->assertEqual($access['og_admin']['grant_view'], 1);
  $this
    ->assertEqual($access['og_admin']['grant_update'], 1);
  $this
    ->assertEqual($access['og_admin']['grant_delete'], 1);
  $this
    ->assertEqual($access['og_subscriber']['gid'], 3);
  $this
    ->assertEqual($access['og_subscriber']['grant_view'], 1);
  $this
    ->assertEqual($access['og_subscriber']['grant_update'], 0);
  $this
    ->assertEqual($access['og_subscriber']['grant_delete'], 0);

  /**
   * Create and verify private Group C =======================================
   */

  // Create group.
  $edit = array(
    'title' => 'Group C',
    'og_description' => 'Group C.',
    'purl[value]' => 'group-c',
    'spaces_preset_og' => 'og_private',
  );
  $this
    ->drupalPost('node/add/group', $edit, 'Save');
  $this
    ->assertEqual('og_private', unserialize(db_result(db_query('SELECT value from {spaces_overrides} WHERE id = 5'))));

  // Enable features_test as group feature.
  $this
    ->drupalPost('group-c/node/5/features', array(
    'spaces_features[features_test]' => '1',
  ), 'Save for Group C');

  // Post in group and review access settings and group associations.
  $this
    ->drupalGet('group-c/node/add/features-test');
  $this
    ->assertText('A post of this type is private. Only members of this group will be able to see it.');
  $this
    ->drupalPost('group-c/node/add/features-test', array(
    'title' => 'Private post',
  ), 'Save');
  $this
    ->assertText('Testing: Features Private post has been created.');
  $this
    ->assertEqual(1, db_result(db_query('SELECT count(*) FROM {og_ancestry} WHERE group_nid = 5 AND nid = 6;')));

  // Test ACL for group.
  $access = $this
    ->nodeAccess(5);
  $this
    ->assertEqual(isset($access['og_public']), FALSE);
  $this
    ->assertEqual($access['og_admin']['gid'], 5);
  $this
    ->assertEqual($access['og_admin']['grant_view'], 1);
  $this
    ->assertEqual($access['og_admin']['grant_update'], 1);
  $this
    ->assertEqual($access['og_admin']['grant_delete'], 0);
  $this
    ->assertEqual($access['og_subscriber']['gid'], 5);
  $this
    ->assertEqual($access['og_subscriber']['grant_view'], 1);
  $this
    ->assertEqual($access['og_subscriber']['grant_update'], 0);
  $this
    ->assertEqual($access['og_subscriber']['grant_delete'], 0);

  // Test ACL for post in group.
  $access = $this
    ->nodeAccess(6);
  $this
    ->assertEqual(isset($access['og_public']), FALSE);
  $this
    ->assertEqual($access['og_admin']['gid'], 5);
  $this
    ->assertEqual($access['og_admin']['grant_view'], 1);
  $this
    ->assertEqual($access['og_admin']['grant_update'], 1);
  $this
    ->assertEqual($access['og_admin']['grant_delete'], 1);
  $this
    ->assertEqual($access['og_subscriber']['gid'], 5);
  $this
    ->assertEqual($access['og_subscriber']['grant_view'], 1);
  $this
    ->assertEqual($access['og_subscriber']['grant_update'], 0);
  $this
    ->assertEqual($access['og_subscriber']['grant_delete'], 0);

  // Make sure there is no 'grant all'.
  $this
    ->assertEqual(0, db_result(db_query('SELECT COUNT(*) FROM {node_access} WHERE nid = 0 AND grant_view = 1')), 'Global grant_view is absent.');

  /**
   * Test Group A access =====================================================
   */
  $this
    ->loginSimpleUser();

  // Group node accessible.
  $this
    ->drupalGet('group-a/node/1');
  $this
    ->assertResponse(200);

  // Post in group accessible.
  $this
    ->drupalGet('group-a/node/2');
  $this
    ->assertResponse(200);
  $this
    ->assertText('Public post');

  // Can't add features_test .
  $this
    ->drupalGet('group-a/node/add/features-test');
  $this
    ->assertResponse(403);

  // Join.
  $this
    ->drupalPost('group-a/og/subscribe/1', array(), 'Join');
  $this
    ->assertText('You are now a member of Group A.');

  // Add features_test .
  $this
    ->drupalGet('group-a/node/add/features-test');
  $this
    ->assertResponse(200);
  $this
    ->drupalPost('group-a/node/add/features-test', array(
    'title' => 'Another public post',
  ), 'Save');
  $this
    ->assertText('Testing: Features Another public post has been created.');

  /**
   * Test Group B access =====================================================
   */

  // Group node accessible.
  $this
    ->drupalGet('group-b/node/3');
  $this
    ->assertResponse(200);

  // Post in group accessible.
  $this
    ->drupalGet('group-b/node/4');
  $this
    ->assertResponse(200);
  $this
    ->assertText('Protected post');

  // Can't add features_test .
  $this
    ->drupalGet('group-b/node/add/features-test');
  $this
    ->assertResponse(403);

  // Request membership.
  $this
    ->drupalPost('group-b/og/subscribe/3', array(), 'Join');
  $this
    ->assertText('Membership request to the Group B group awaits approval by an administrator.');

  // Grant membership.
  $this
    ->loginAdminUser();
  $this
    ->drupalGet('group-b/og/users/3');
  $this
    ->clickLink('approve');
  $this
    ->assertText('Membership request approved.');

  // Log back in as simple user and post a features_test post.
  $this
    ->loginSimpleUser();
  $this
    ->drupalGet('group-b/node/add/features-test');
  $this
    ->assertResponse(200);
  $this
    ->drupalPost('group-b/node/add/features-test', array(
    'title' => 'Another protected post',
  ), 'Save');
  $this
    ->assertText('Testing: Features Another protected post has been created.');

  /**
   * Test Group C access =====================================================
   */
  $this
    ->loginSimpleUser();

  // Group node not accessible.
  $this
    ->drupalGet('group-c/node/5');
  $this
    ->assertResponse(403);
  $this
    ->assertNoText('Group C');

  // Post in group not accessible.
  $this
    ->drupalGet('group-c/node/6');
  $this
    ->assertResponse(403);
  $this
    ->assertNoText('Private post');

  // Can't add features_test .
  $this
    ->drupalGet('group-c/node/add/features-test');
  $this
    ->assertResponse(403);

  // Can't request membership.
  $this
    ->drupalGet('group-c/og/subscribe/5');
  $this
    ->assertResponse(403);

  // Add user.
  $this
    ->loginAdminUser();
  $this
    ->drupalPost('group-c/og/users/5/add_user', array(
    'og_names' => $this->simple_user->name,
  ), 'Add users');
  $this
    ->assertText('1 user added to the group.');

  // Log in again, now we should be able to access the group fully.
  $this
    ->loginSimpleUser();

  // Group node accessible.
  $this
    ->drupalGet('group-c/node/5');
  $this
    ->assertResponse(200);
  $this
    ->assertText('Group C');

  // Post in group accessible.
  $this
    ->drupalGet('group-c/node/6');
  $this
    ->assertResponse(200);
  $this
    ->assertText('Private post');

  // Post features_test node.
  $this
    ->drupalGet('group-c/node/add/features-test');
  $this
    ->assertResponse(200);
  $this
    ->drupalPost('group-c/node/add/features-test', array(
    'title' => 'Another private post',
  ), 'Save');
  $this
    ->assertText('Testing: Features Another private post has been created.');

  /**
   * Privacy switch test =====================================================
   */
  $this
    ->loginAdminUser();
  $edit = array(
    'spaces_preset_og' => 'og_public',
  );
  $this
    ->drupalPost('group-c/node/5/edit', $edit, 'Save');
  $this
    ->assertText('The content access permissions need to be rebuilt.');
  $this
    ->drupalPost('admin/content/node-settings/rebuild', array(), 'Rebuild permissions');
  $this
    ->drupalPost("group-c/og/unsubscribe/5/{$this->simple_user->uid}", array(), 'Remove');
  $this
    ->loginSimpleUser();
  $this
    ->drupalGet('group-c/node/5');
  $this
    ->assertResponse(200);
  $this
    ->assertText('Group C');
  $this
    ->drupalGet('group-c/node/6');
  $this
    ->assertResponse(200);
  $this
    ->loginAdminUser();
  $edit = array(
    'spaces_preset_og' => 'og_private',
  );
  $this
    ->drupalPost('group-c/node/5/edit', $edit, 'Save');
  $this
    ->assertText('The content access permissions need to be rebuilt.');
  $this
    ->drupalPost('admin/content/node-settings/rebuild', array(), 'Rebuild permissions');
  $this
    ->loginSimpleUser();
  $this
    ->drupalGet('group-c/node/5');
  $this
    ->assertResponse(403);
  $this
    ->drupalGet('group-c/node/6');
  $this
    ->assertResponse(403);
}