You are here

Home » API reference » Webform 6.x » WebformSubmissionViewAccessTrait.php » WebformSubmissionViewAccessTrait

protected function WebformSubmissionViewAccessTrait::checkUserSubmissionAccess in Webform 6.x

Same name and namespace in other branches
  1. 8.5 tests/src/Traits/WebformSubmissionViewAccessTrait.php \Drupal\Tests\webform\Traits\WebformSubmissionViewAccessTrait::checkUserSubmissionAccess()

Check user submission access.

Parameters

\Drupal\webform\WebformInterface $webform: The webform.

array $accounts: An associative array of test users.

See also

\Drupal\webform_access\Tests\WebformAccessSubmissionViewsTest::checkUserSubmissionAccess

3 calls to WebformSubmissionViewAccessTrait::checkUserSubmissionAccess()
WebformGroupSubmissionAccessTest::testWebformGroupAccessSubmissionViewsTest in modules/webform_group/tests/src/Functional/WebformGroupSubmissionAccessTest.php
Tests webform group access submission views.
WebformSubmissionViewsAccessTest::testEntityAccess in tests/src/Functional/WebformSubmissionViewsAccessTest.php
Test webform submission entity access in a view query.
WebformSubmissionViewsAccessTest::testPermissionAccess in tests/src/Functional/WebformSubmissionViewsAccessTest.php
Tests webform submission views enforce access per user's permissions.

File

tests/src/Traits/WebformSubmissionViewAccessTrait.php, line 22

Class

WebformSubmissionViewAccessTrait
Provides convenience methods for webform submission view access assertions in browser tests.

Namespace

Drupal\Tests\webform\Traits

Code

protected function checkUserSubmissionAccess(WebformInterface $webform, array $accounts) {

  /** @var \Drupal\webform\WebformSubmissionStorageInterface $webform_submission_storage */
  $webform_submission_storage = \Drupal::entityTypeManager()
    ->getStorage('webform_submission');

  // Reset the static cache to make sure we are hitting actual fresh access
  // results.
  \Drupal::entityTypeManager()
    ->getStorage('webform_submission')
    ->resetCache();
  \Drupal::entityTypeManager()
    ->getAccessControlHandler('webform_submission')
    ->resetCache();
  foreach ($accounts as $account_type => $account) {

    // Login the current user.
    if ($account_type !== 'anonymous_user') {
      $this
        ->drupalLogin($account);
    }

    // Get the webform_test_views_access view and the sid for each
    // displayed record.  Submission access is controlled via the query.
    // @see webform_query_webform_submission_access_alter()
    $this
      ->drupalGet('/admin/structure/webform/test/views_access');
    $views_sids = [];
    foreach ($this
      ->cssSelect('td.views-field-sid') as $node) {
      $views_sids[] = $node
        ->getText();
    }
    sort($views_sids);
    $expected_sids = [];

    // Load all webform submissions and check access using the access method.
    // @see \Drupal\webform\WebformSubmissionAccessControlHandler::checkAccess
    $webform_submissions = $webform_submission_storage
      ->loadByEntities($webform);
    foreach ($webform_submissions as $webform_submission) {
      if ($webform_submission
        ->access('view', $account)) {
        $expected_sids[] = $webform_submission
          ->id();
      }
    }
    sort($expected_sids);

    // Check that the views sids is equal to the expected sids.
    $this
      ->assertSame($expected_sids, $views_sids, "User '" . $account_type . "' access has correct access through view on webform submission entity type.");
    if ($account_type !== 'anonymous_user') {
      $this
        ->drupalLogout();
    }
  }
}