You are here

Home » API reference » Workbench Access 8 » NodeMenuTest.php » NodeMenuTest

public function NodeMenuTest::testEditAccess in Workbench Access 8

Test edit access integration.

File

tests/src/Kernel/NodeMenuTest.php, line 139

Class

NodeMenuTest
Tests workbench_access integration with node access via menu plugin.

Namespace

Drupal\Tests\workbench_access\Kernel

Code

public function testEditAccess() {

  // The first user in a kernel test gets UID 1, so we need to make sure we're
  // not testing with that user.
  $this
    ->createUser();

  // Create a menu link.
  $link = MenuLinkContent::create([
    'title' => 'Home',
    'link' => [
      [
        'uri' => 'route:<front>',
      ],
    ],
    'menu_name' => 'main',
  ]);
  $link
    ->save();

  // Create two users with equal permissions but assign one of them to the
  // section.
  $permissions = [
    'create page content',
    'create article content',
    'edit any page content',
    'edit any article content',
    'delete any article content',
    'access content',
    'delete any page content',
  ];
  $allowed_editor = $this
    ->createUser($permissions);
  $allowed_editor
    ->save();
  $this->userStorage
    ->addUser($this->scheme, $allowed_editor, [
    $link
      ->getPluginId(),
  ]);
  $editor_with_no_access = $this
    ->createUser($permissions);

  // Test a node that is not assigned to a section. Both should be allowed
  // because we do not assert access control by default.
  $node1 = $this
    ->createNode([
    'type' => 'page',
    'title' => 'foo',
  ]);
  $this
    ->assertTrue($this->accessHandler
    ->access($node1, 'update', $allowed_editor));
  $this
    ->assertTrue($this->accessHandler
    ->access($node1, 'update', $editor_with_no_access));
  $this
    ->assertTrue($this->accessHandler
    ->access($node1, 'delete', $allowed_editor));
  $this
    ->assertTrue($this->accessHandler
    ->access($node1, 'delete', $editor_with_no_access));

  // Create a node that is a child of the section.
  $node2 = $this
    ->createNode([
    'type' => 'page',
    'title' => 'bar',
  ]);
  _menu_ui_node_save($node2, [
    'title' => 'bar',
    'menu_name' => 'main',
    'description' => 'view bar',
    'parent' => $link
      ->getPluginId(),
  ]);
  $this
    ->assertTrue($this->accessHandler
    ->access($node2, 'update', $allowed_editor));
  $this
    ->assertFalse($this->accessHandler
    ->access($node2, 'update', $editor_with_no_access));
  $this
    ->assertTrue($this->accessHandler
    ->access($node2, 'delete', $allowed_editor));
  $this
    ->assertFalse($this->accessHandler
    ->access($node2, 'delete', $editor_with_no_access));

  // With strict checking, nodes that are not assigned to a section return
  // false.
  $this
    ->config('workbench_access.settings')
    ->set('deny_on_empty', 1)
    ->save();

  // Test a new node because the results for $node1 are cached.
  $node3 = $this
    ->createNode([
    'type' => 'page',
    'title' => 'baz',
  ]);
  $this
    ->assertFalse($this->accessHandler
    ->access($node3, 'update', $allowed_editor));
  $this
    ->assertFalse($this->accessHandler
    ->access($node3, 'update', $editor_with_no_access));
  $node1 = $this
    ->createNode([
    'type' => 'article',
    'title' => 'foo',
  ]);
  $this
    ->assertTrue($this->accessHandler
    ->access($node1, 'update', $allowed_editor));
  $this
    ->assertTrue($this->accessHandler
    ->access($node1, 'update', $editor_with_no_access));
  $this
    ->assertTrue($this->accessHandler
    ->access($node1, 'delete', $allowed_editor));
  $this
    ->assertTrue($this->accessHandler
    ->access($node1, 'delete', $editor_with_no_access));
}