public function TaxonomyAccessTest::testEditAccess in Workbench Access 8
Test edit access integration.
File
- tests/
src/ Kernel/ TaxonomyAccessTest.php, line 152
Class
- TaxonomyAccessTest
- Tests workbench_access integration with taxonomy.
Namespace
Drupal\Tests\workbench_access\KernelCode
public function testEditAccess() {
// The first user in a kernel test gets UID 1, so we need to make sure we're
// not testing with that user.
$this
->createUser();
// Create a section.
$term = Term::create([
'vid' => $this->vocabulary
->id(),
'name' => 'Some section',
]);
$term
->save();
// Create two users with equal permissions but assign one of them to the
// section.
$permissions = $this
->getPermissions();
$allowed_editor = $this
->createUser($permissions);
$allowed_editor
->save();
$this->userStorage
->addUser($this->scheme, $allowed_editor, [
$term
->id(),
]);
$editor_with_no_access = $this
->createUser($permissions);
// Test an entity that is not subject to access control.
$entity = Term::create([
'vid' => 'categories',
'name' => 'come on in',
]);
$this
->assertTrue($this->accessHandler
->access($entity, 'update', $allowed_editor));
$this
->assertTrue($this->accessHandler
->access($entity, 'update', $editor_with_no_access));
// Test an entity that is not assigned to a section. Both should be allowed
// because we do not assert access control by default.
$entity1 = Term::create([
'vid' => 'tags',
'name' => 'come on in',
]);
$this
->assertTrue($this->accessHandler
->access($entity1, 'update', $allowed_editor));
$this
->assertTrue($this->accessHandler
->access($entity1, 'update', $editor_with_no_access));
// Create an entity that is assigned to a section.
$entity2 = Term::create([
'vid' => 'tags',
'name' => 'restricted',
WorkbenchAccessManagerInterface::FIELD_NAME => $term
->id(),
]);
$this
->assertTrue($this->accessHandler
->access($entity2, 'update', $allowed_editor));
$this
->assertFalse($this->accessHandler
->access($entity2, 'update', $editor_with_no_access));
// With strict checking, entities that are not assigned to a section return
// false.
$this
->config('workbench_access.settings')
->set('deny_on_empty', 1)
->save();
// Test a new entity because the results for $entity1 are cached.
$entity3 = Term::create([
'vid' => 'tags',
'name' => 'restricted',
]);
$this
->assertFalse($this->accessHandler
->access($entity3, 'update', $allowed_editor));
$this
->assertFalse($this->accessHandler
->access($entity3, 'update', $editor_with_no_access));
// Delete the scheme.
$this->scheme
->delete();
// Should now allow access.
$this->accessHandler
->resetCache();
$this
->assertTrue($this->accessHandler
->access($entity2, 'update', $editor_with_no_access));
}