WebformAccessEntityPermissionsTest.php in Webform 6.x
File
tests/src/Functional/Access/WebformAccessEntityPermissionsTest.php
View source
<?php
namespace Drupal\Tests\webform\Functional\Access;
use Drupal\webform\Entity\Webform;
use Drupal\Tests\webform\Functional\WebformBrowserTestBase;
class WebformAccessEntityPermissionsTest extends WebformBrowserTestBase {
public static $modules = [
'node',
'webform',
'webform_test_submissions',
];
public function testAccessControlHandler() {
$own_account = $this
->drupalCreateUser([
'access webform overview',
'create webform',
'edit own webform',
'delete own webform',
]);
$any_account = $this
->drupalCreateUser([
'access webform overview',
'create webform',
'edit any webform',
'delete any webform',
]);
$this
->drupalLogin($own_account);
$this
->drupalPostForm('/admin/structure/webform/add', [
'id' => 'test_own',
'title' => 'test_own',
], 'Save');
$this
->drupalGet('/admin/structure/webform');
$this
->assertRaw('test_own');
$this
->drupalPostForm('/admin/structure/webform/manage/test_own', [
'elements' => "test:\n '#markup': 'test'",
], 'Save');
$this
->drupalGet('/admin/structure/webform/manage/test_own/duplicate');
$this
->assertResponse(200);
$this
->drupalGet('/admin/structure/webform/manage/test_own/delete');
$this
->assertResponse(200);
$this
->drupalGet('/admin/structure/webform/manage/test_own/results/submissions');
$this
->assertResponse(200);
$this
->drupalLogin($any_account);
$this
->drupalGet('/admin/structure/webform/manage/test_own/duplicate');
$this
->assertResponse(200);
$this
->drupalGet('/admin/structure/webform/manage/test_own/delete');
$this
->assertResponse(200);
$this
->drupalGet('/admin/structure/webform/manage/test_own/results/submissions');
$this
->assertResponse(200);
$own_webform = Webform::load('test_own');
$own_webform
->setOwner($any_account)
->save();
$this
->drupalLogin($own_account);
$this
->drupalGet('/admin/structure/webform');
$this
->assertNoRaw('test_own');
$this
->drupalGet('/admin/structure/webform/manage/test_own/duplicate');
$this
->assertResponse(403);
$this
->drupalGet('/admin/structure/webform/manage/test_own/delete');
$this
->assertResponse(403);
$this
->drupalGet('/admin/structure/webform/manage/test_own/results/submissions');
$this
->assertResponse(403);
}
}