You are here

Home » API reference » Webform Workflow 7 » webform_workflow_permissions.test » WebformWorkflowPermissionsTestCase

public function WebformWorkflowPermissionsTestCase::testViewEdit in Webform Workflow 7

Test view and edit permissions.

File

tests/webform_workflow_permissions.test, line 35
Workflow permissions tests.

Class

WebformWorkflowPermissionsTestCase
@file Workflow permissions tests.

Code

public function testViewEdit() {

  // Create a webform.
  $owner = $this
    ->drupalCreateUser(array(
    'create webform content',
    'edit own webform content',
    'access own webform results',
  ));
  $node = $this
    ->createDummyWebform(array(
    'uid' => $owner->uid,
  ));

  // Add two states to the webform.
  $state1 = $this
    ->createDummyState();
  $state2 = $this
    ->createDummyState();
  $this
    ->addStateToWebform($state1, $node);
  $this
    ->addStateToWebform($state2, $node);

  // Create two users, submitter 1 and 2. Submitter 1 has permission to access
  // his/her own webform submissions. Submitter 2 does not have any special
  // permissions.
  $submitter1 = $this
    ->drupalCreateUser(array(
    'access own webform submissions',
    'edit own webform submissions',
  ));
  $submitter2 = $this
    ->drupalCreateUser();

  // Create two webform submissions, by the above submitters.
  $submission1 = $this
    ->createDummySubmission($node, $submitter1);
  $submission2 = $this
    ->createDummySubmission($node, $submitter2);

  // Set submission 1 to state 1, and submission 2 to state 2.
  webform_workflow_transition($submission1, $state1);
  webform_workflow_transition($submission2, $state2);

  // Test view and edit permissions, which (so far) should have been
  // unaffected by the Webform Workflow module.
  $anonymous = drupal_anonymous_user();
  $ops = array(
    'view',
    'edit',
  );
  foreach ($ops as $op) {
    $this
      ->assertTrue(webform_submission_access($node, $submission1, $op, $submitter1), "Submitter 1 can {$op} own submission 1");
    $this
      ->assertFalse(webform_submission_access($node, $submission2, $op, $submitter2), "Submitter 2 cannot {$op} own submission 2");
    $this
      ->assertFalse(webform_submission_access($node, $submission2, $op, $submitter1), "Submitter 1 cannot {$op} submission 2");
    $this
      ->assertFalse(webform_submission_access($node, $submission1, $op, $submitter2), "Submitter 2 cannot {$op} submission 1");
    $this
      ->assertFalse(webform_submission_access($node, $submission1, $op, $anonymous), "Anonymous cannot {$op} submission 1");
    $this
      ->assertFalse(webform_submission_access($node, $submission2, $op, $anonymous), "Anonymous cannot {$op} submission 2");
  }
  $this
    ->assertTrue(webform_submission_access($node, $submission1, 'view', $owner), "Webform owner can view submission 1");
  $this
    ->assertTrue(webform_submission_access($node, $submission2, 'view', $owner), "Webform owner can view submission 2");

  // Modify state 2 so that it does grant view/edit access to submitter 2.
  foreach ($ops as $op) {
    $state2->permissions[$op][WEBFORM_WORKFLOW_ORIGINAL_SUBMITTER] = WEBFORM_WORKFLOW_ORIGINAL_SUBMITTER;
  }
  entity_save('webform_workflow_state', $state2);

  // Test the new permissions.
  foreach ($ops as $op) {
    $this
      ->assertTrue(webform_submission_access($node, $submission2, $op, $submitter2), "Submitter 2 can now {$op} own submission 2");
    $this
      ->assertFalse(webform_submission_access($node, $submission2, $op, $submitter1), "Submitter 1 still cannot {$op} submission 2");
  }

  // Modify state 2 so that it also grants view/edit access to submitter 1's
  // role.
  $rids = array_keys($submitter1->roles);
  $rid = end($rids);
  foreach ($ops as $op) {
    $state2->permissions[$op][$rid] = $rid;
  }
  entity_save('webform_workflow_state', $state2);

  // Test the new permissions.
  foreach ($ops as $op) {
    $this
      ->assertTrue(webform_submission_access($node, $submission2, $op, $submitter1), "Submitter 1 can now {$op} submission 2");
  }
}