You are here

Home » API reference » Workbench Access 8 » NodeAccessTest.php » NodeAccessTest

public function NodeAccessTest::testEditAccess in Workbench Access 8

Test edit access integration.

File

tests/src/Kernel/NodeAccessTest.php, line 127

Class

NodeAccessTest
Tests workbench_access integration with node access APIs.

Namespace

Drupal\Tests\workbench_access\Kernel

Code

public function testEditAccess() {

  // The first user in a kernel test gets UID 1, so we need to make sure we're
  // not testing with that user.
  $this
    ->createUser();

  // Create a section.
  $term = Term::create([
    'vid' => $this->vocabulary
      ->id(),
    'name' => 'Some section',
  ]);
  $term
    ->save();

  // Create two users with equal permissions but assign one of them to the
  // section.
  $permissions = [
    'create page content',
    'edit any page content',
    'access content',
    'delete any page content',
  ];
  $allowed_editor = $this
    ->createUser($permissions);
  $allowed_editor
    ->save();
  $this->userStorage
    ->addUser($this->scheme, $allowed_editor, [
    $term
      ->id(),
  ]);
  $editor_with_no_access = $this
    ->createUser($permissions);

  // Test a node that is not assigned to a section. Both should be allowed
  // because we do not assert access control by default.
  $node1 = $this
    ->createNode([
    'type' => 'page',
    'title' => 'foo',
  ]);
  $this
    ->assertTrue($this->accessHandler
    ->access($node1, 'update', $allowed_editor));
  $this
    ->assertTrue($this->accessHandler
    ->access($node1, 'update', $editor_with_no_access));
  $this
    ->assertTrue($this->accessHandler
    ->access($node1, 'delete', $allowed_editor));
  $this
    ->assertTrue($this->accessHandler
    ->access($node1, 'delete', $editor_with_no_access));

  // Create a node that is assigned to a section.
  $node2 = $this
    ->createNode([
    'type' => 'page',
    'title' => 'bar',
    WorkbenchAccessManagerInterface::FIELD_NAME => $term
      ->id(),
  ]);
  $this
    ->assertTrue($this->accessHandler
    ->access($node2, 'update', $allowed_editor));
  $this
    ->assertFalse($this->accessHandler
    ->access($node2, 'update', $editor_with_no_access));
  $this
    ->assertTrue($this->accessHandler
    ->access($node2, 'delete', $allowed_editor));
  $this
    ->assertFalse($this->accessHandler
    ->access($node2, 'delete', $editor_with_no_access));

  // With strict checking, nodes that are not assigned to a section return
  // false.
  $this
    ->config('workbench_access.settings')
    ->set('deny_on_empty', 1)
    ->save();

  // Test a new node because the results for $node1 are cached.
  $node3 = $this
    ->createNode([
    'type' => 'page',
    'title' => 'baz',
  ]);
  $this
    ->assertFalse($this->accessHandler
    ->access($node3, 'update', $allowed_editor));
  $this
    ->assertFalse($this->accessHandler
    ->access($node3, 'update', $editor_with_no_access));
  $this
    ->assertFalse($this->accessHandler
    ->access($node3, 'delete', $allowed_editor));
  $this
    ->assertFalse($this->accessHandler
    ->access($node3, 'delete', $editor_with_no_access));
}