public function WeatherPermissionTestCase::testPermissions in Weather 7.2
Same name and namespace in other branches
- 6.5 tests/permissions.test \WeatherPermissionTestCase::testPermissions()
- 7.3 tests/permissions.test \WeatherPermissionTestCase::testPermissions()
- 7 tests/permissions.test \WeatherPermissionTestCase::testPermissions()
Permissions of weather block.
This test requires that at least one system wide block is enabled.
File
- tests/
permissions.test, line 52 - Tests permission and access settings for different users.
Class
- WeatherPermissionTestCase
- Test class for permissions.
Code
public function testPermissions() {
// Set a fixed time for testing to 2013-10-07 20:00:00 UTC.
variable_set('weather_time_for_testing', 1381176000);
// This user is allowed to view the system block.
$normal_user = $this
->drupalCreateUser(array(
'access content',
));
// This user is allowed to administer a custom weather block.
$weather_user_1 = $this
->drupalCreateUser(array(
'access content',
'administer custom weather block',
));
// This user is also allowed to administer a custom weather block,
// like weather_user_1. However, he's not allowed to edit the
// custom block of weather_user_1. This catches bug #244087
// (Only one permission for everyone)
$weather_user_2 = $this
->drupalCreateUser(array(
'access content',
'administer custom weather block',
));
// This user is allowed to access the weather search page.
$weather_search_page_user = $this
->drupalCreateUser(array(
'access content',
'access weather search page',
));
// This user may setup a system-wide weather block.
$admin_user = $this
->drupalCreateUser(array(
'access content',
'administer custom weather block',
'administer system-wide weather',
'administer blocks',
));
// Test with admin user.
$this
->drupalLogin($admin_user);
// Get different pages.
$this
->drupalGet('node');
$this
->drupalGet('user/' . $admin_user->uid . '/weather');
$this
->assertText(t('Weather'));
$this
->drupalGet('admin/config/user-interface/weather');
$this
->assertText(t('Add display'));
$this
->assertText(t('Edit default display'));
$this
->assertText(t('Directory for custom images'));
$this
->assertNoText('Add location to this display');
// Enable a system-wide weather block.
$this
->drupalPost('admin/config/user-interface/weather/system-wide/add', array(), t('Save'));
$this
->drupalGet('admin/config/user-interface/weather');
$this
->assertText(t('Add display'));
$this
->assertText(t('Edit default display'));
$this
->assertText(t('Directory for custom images'));
$this
->assertText('Add location to this display');
$edit = array(
'blocks[weather_system_1][region]' => 'sidebar_second',
);
$this
->drupalPost('admin/structure/block', $edit, t('Save blocks'));
// Make sure that the weather block is not displayed without a configured place.
$this
->drupalGet('node');
$this
->assertNoRaw('<div class="weather">');
$this
->assertNoLink('Hamburg');
$this
->assertNoLinkByHref('weather/Germany/Hamburg/Hamburg');
// Configure the default place.
$this
->drupalPost('admin/config/user-interface/weather/system-wide/1/add', array(), t('Save'));
$this
->drupalGet('admin/config/user-interface/weather');
$this
->assertText(t('Add display'));
$this
->assertText(t('Edit default display'));
$this
->assertText(t('Directory for custom images'));
$this
->assertText('Hamburg');
$this
->assertText('Add location to this display');
// Make sure that the weather block is displayed now.
$this
->drupalGet('node');
$this
->assertRaw('<div class="weather">');
$this
->assertLink('Hamburg');
$this
->assertLinkByHref('weather/Germany/Hamburg/Hamburg/1');
// Logout current user.
$this
->drupalLogout();
// Test with normal user.
$this
->drupalLogin($normal_user);
// Get front page.
$this
->drupalGet('node');
$this
->assertText(t('Weather'));
$this
->assertRaw('<div class="weather">');
$this
->assertLink('Hamburg');
$this
->assertLinkByHref('weather/Germany/Hamburg/Hamburg/1');
// The user weather tab should not be there.
$this
->drupalGet('user/' . $normal_user->uid);
$this
->assertNoLink(t('Weather'));
$this
->assertNoLinkByHref('user/' . $normal_user->uid . '/weather');
// Using the direct URL should be forbidden.
$this
->drupalGet('user/' . $normal_user->uid . '/weather');
$this
->assertResponse(403);
$this
->assertText(t('Access denied'));
// Administration of weather module should be forbidden.
$this
->drupalGet('admin/config/user-interface/weather');
$this
->assertResponse(403);
$this
->assertText(t('Access denied'));
// Search page should be forbidden.
$this
->drupalGet('weather');
$this
->assertResponse(403);
$this
->assertText(t('Access denied'));
// Using the direct search URL should be forbidden.
$this
->drupalGet('weather/zollenspieker');
$this
->assertResponse(403);
$this
->assertText(t('Access denied'));
// The user may view the page with the detailed forecast of the
// system-wide display.
$this
->drupalGet('weather/Germany/Hamburg/Hamburg/1');
$this
->assertResponse(200);
$this
->assertText(t('Weather forecast'));
$this
->assertText('Hamburg');
// But the user may not view any other detailed forecasts.
// This needs the permission to access the search page.
$this
->drupalGet('weather/Germany/Hamburg/Zollenspieker');
$this
->assertResponse(403);
$this
->assertNoText('Zollenspieker');
$this
->drupalGet('weather/Germany/Hamburg/Zollenspieker/1');
$this
->assertResponse(403);
$this
->assertNoText('Zollenspieker');
// Logout current user.
$this
->drupalLogout();
// Test with weather user 1.
$this
->drupalLogin($weather_user_1);
// Get front page.
$this
->drupalGet('node');
$this
->assertText(t('Weather'));
$this
->assertRaw('<div class="weather">');
$this
->assertLink('Hamburg');
$this
->assertLinkByHref('weather/Germany/Hamburg/Hamburg/1');
// The user weather tab should be there.
$this
->drupalGet('user/' . $weather_user_1->uid);
$this
->assertLink(t('Weather'));
$this
->assertLinkByHref('user/' . $weather_user_1->uid . '/weather');
// Using the direct URL should be allowed.
$this
->drupalGet('user/' . $weather_user_1->uid . '/weather');
$this
->assertResponse(200);
$this
->assertLink(t('Add location to this display'));
$this
->assertLinkByHref('user/' . $weather_user_1->uid . '/weather/add');
// Administration of weather module should be forbidden.
$this
->drupalGet('admin/config/user-interface/weather');
$this
->assertResponse(403);
$this
->assertText(t('Access denied'));
// Search page should be forbidden.
$this
->drupalGet('weather');
$this
->assertResponse(403);
$this
->assertText(t('Access denied'));
// Using the direct search URL should be forbidden.
$this
->drupalGet('weather/zollenspieker');
$this
->assertResponse(403);
$this
->assertText(t('Access denied'));
// The user may view the page with the detailed forecast of the
// system-wide display.
$this
->drupalGet('weather/Germany/Hamburg/Hamburg/1');
$this
->assertResponse(200);
// But the user may not view any other detailed forecasts.
// This needs the permission to access the search page.
$this
->drupalGet('weather/Germany/Hamburg/Zollenspieker');
$this
->assertResponse(403);
$this
->assertNoText('Zollenspieker');
// Logout current user.
$this
->drupalLogout();
// Test with weather user 2.
$this
->drupalLogin($weather_user_2);
// Get front page.
$this
->drupalGet('node');
$this
->assertText(t('Weather'));
$this
->assertRaw('<div class="weather">');
$this
->assertLink('Hamburg');
$this
->assertLinkByHref('weather/Germany/Hamburg/Hamburg/1');
// The user weather tab should be there.
$this
->drupalGet('user/' . $weather_user_2->uid);
$this
->assertLink(t('Weather'));
$this
->assertLinkByHref('user/' . $weather_user_2->uid . '/weather');
// Using the direct URL should be allowed.
$this
->drupalGet('user/' . $weather_user_2->uid . '/weather');
$this
->assertResponse(200);
$this
->assertLink(t('Add location to this display'));
$this
->assertLinkByHref('user/' . $weather_user_2->uid . '/weather/add');
// Administration of weather module should be forbidden.
$this
->drupalGet('admin/config/user-interface/weather');
$this
->assertResponse(403);
$this
->assertText(t('Access denied'));
// Search page should be forbidden.
$this
->drupalGet('weather');
$this
->assertResponse(403);
$this
->assertText(t('Access denied'));
// Using the direct search URL should be forbidden.
$this
->drupalGet('weather/zollenspieker');
$this
->assertResponse(403);
$this
->assertText(t('Access denied'));
// The user may view the page with the detailed forecast of the
// system-wide display.
$this
->drupalGet('weather/Germany/Hamburg/Hamburg/1');
$this
->assertResponse(200);
// But the user may not view any other detailed forecasts.
// This needs the permission to access the search page.
$this
->drupalGet('weather/Germany/Hamburg/Zollenspieker');
$this
->assertResponse(403);
$this
->assertNoText('Zollenspieker');
// Do not allow editing another user's settings, see #244087.
$this
->drupalGet('user/' . $weather_user_1->uid . '/weather');
$this
->assertResponse(403);
$this
->assertText(t('Access denied'));
// Logout current user.
$this
->drupalLogout();
// Test with weather search page.
$this
->drupalLogin($weather_search_page_user);
// Get front page.
$this
->drupalGet('node');
$this
->assertText(t('Weather'));
$this
->assertRaw('<div class="weather">');
$this
->assertLink('Hamburg');
$this
->assertLinkByHref('weather/Germany/Hamburg/Hamburg/1');
// The user weather tab should not be there.
$this
->drupalGet('user/' . $weather_search_page_user->uid);
$this
->assertLink(t('Weather'));
$this
->assertNoLinkByHref('user/' . $weather_search_page_user->uid . '/weather');
// Using the direct URL should be forbidden.
$this
->drupalGet('user/' . $weather_search_page_user->uid . '/weather');
$this
->assertResponse(403);
$this
->assertText(t('Access denied'));
// Administration of weather module should be forbidden.
$this
->drupalGet('admin/config/user-interface/weather');
$this
->assertResponse(403);
$this
->assertText(t('Access denied'));
// Search page should be allowed.
$this
->drupalGet('weather');
$this
->assertResponse(200);
$this
->assertText(t('Search for a location'));
// Using the direct search URL should be allowed.
$this
->drupalGet('weather/zollenspieker');
$this
->assertResponse(200);
$this
->assertText(t('Zollenspieker'));
// Using the direct forecast URL should be allowed.
$this
->drupalGet('weather/Germany/Hamburg/Altona');
$this
->assertResponse(200);
$this
->assertText(t('Altona'));
// Get non-existent page.
$this
->drupalGet('weather/toddy');
$this
->assertText(t('Your search did not return any results.'));
// Logout current user.
$this
->drupalLogout();
}