public function RoleDelegationIntegrationTest::testUserEditPage in User protect 8
Ensure the roles element is only accessible for the right users.
File
- tests/
src/ Functional/ RoleDelegation/ RoleDelegationIntegrationTest.php, line 104
Class
- RoleDelegationIntegrationTest
- Functional tests for integration with role_delegation.
Namespace
Drupal\Tests\userprotect\Functional\RoleDelegationCode
public function testUserEditPage() {
// Login as the delegated admin user. This user has permission to assign
// roles 1 and 2 to users.
$this
->drupalLogin($this->roleDelegatedAdminUser);
// Check if the delegated admin user can edit roles 1 and 2 on its own
// account page. Also check if the roles are presented by Role Delegation,
// not by Drupal core.
$this
->drupalGet(sprintf('/user/%s/edit', $this->roleDelegatedAdminUser
->id()));
$this
->assertSession()
->fieldNotExists(sprintf('roles[%s]', $this->rid1));
$this
->assertSession()
->fieldExists(sprintf('role_change[%s]', $this->rid1));
$this
->assertSession()
->fieldNotExists(sprintf('roles[%s]', $this->rid2));
$this
->assertSession()
->fieldExists(sprintf('role_change[%s]', $this->rid2));
// The admin user, having the admin role, has role protection. Ensure that
// the delegated admin user cannot edit its roles.
$this
->drupalGet(sprintf('/user/%s/edit', $this->adminUser
->id()));
$this
->assertSession()
->fieldNotExists(sprintf('roles[%s]', $this->rid1));
$this
->assertSession()
->fieldNotExists(sprintf('role_change[%s]', $this->rid1));
$this
->assertSession()
->fieldNotExists(sprintf('roles[%s]', $this->rid2));
$this
->assertSession()
->fieldNotExists(sprintf('role_change[%s]', $this->rid2));
// Login as roles admin user. This user has permission to assign all roles.
$this
->drupalLogin($this->regularRolesAdminUser);
// The delegated admin user does not have a protected role. Check if the
// roles admin user may edit its roles. Since the roles admin user has the
// specific Drupal core permission for assigning roles - 'administer
// permissions' - the roles should be presented by Drupal Core, not Role
// Delegation.
$this
->drupalGet(sprintf('/user/%s/edit', $this->roleDelegatedAdminUser
->id()));
$this
->assertSession()
->fieldExists(sprintf('roles[%s]', $this->rid1));
$this
->assertSession()
->fieldNotExists(sprintf('role_change[%s]', $this->rid1));
$this
->assertSession()
->fieldExists(sprintf('roles[%s]', $this->rid2));
$this
->assertSession()
->fieldNotExists(sprintf('role_change[%s]', $this->rid2));
// Since the admin user has role protection, ensure that the roles admin
// user cannot edit its roles.
$this
->drupalGet(sprintf('/user/%s/edit', $this->adminUser
->id()));
$this
->assertSession()
->fieldNotExists(sprintf('role_change[%s]', $this->rid1));
$this
->assertSession()
->elementAttributeContains('css', sprintf('[name="roles[%s]"]', $this->rid1), 'disabled', 'disabled');
$this
->assertSession()
->fieldNotExists(sprintf('role_change[%s]', $this->rid2));
$this
->assertSession()
->elementAttributeContains('css', sprintf('[name="roles[%s]"]', $this->rid2), 'disabled', 'disabled');
// Login as an user with the admin role. This user has all privileges.
$this
->drupalLogin($this->adminUser);
// Ensure the admin user can edit the roles of the delegated admin user.
$this
->drupalGet(sprintf('/user/%s/edit', $this->roleDelegatedAdminUser
->id()));
$this
->assertSession()
->fieldExists(sprintf('roles[%s]', $this->rid1));
$this
->assertSession()
->fieldNotExists(sprintf('role_change[%s]', $this->rid1));
$this
->assertSession()
->fieldExists(sprintf('roles[%s]', $this->rid2));
$this
->assertSession()
->fieldNotExists(sprintf('role_change[%s]', $this->rid2));
// Ensure the admin user can edit its own roles.
$this
->drupalGet(sprintf('/user/%s/edit', $this->adminUser
->id()));
$this
->assertSession()
->fieldExists(sprintf('roles[%s]', $this->rid1));
$this
->assertSession()
->fieldNotExists(sprintf('role_change[%s]', $this->rid1));
$this
->assertSession()
->fieldExists(sprintf('roles[%s]', $this->rid2));
$this
->assertSession()
->fieldNotExists(sprintf('role_change[%s]', $this->rid2));
}