function WorkbenchModerationNodeAccessTestCase::testPublishedRevisionAccess in Workbench Moderation 7.2
Test access control to revisions.
File
- tests/
workbench_moderation.test, line 194 - workbench_moderation.test
Class
Code
function testPublishedRevisionAccess() {
$edit = array();
$init_title = $this
->randomName(8);
$edit['title'] = $init_title;
$edit['event'] = 'published';
$edit['event_comment'] = $this
->randomName(8);
$this
->drupalPost("node/add/article", $edit, t('Save'));
$this
->drupalGet("node/1");
$this
->assertText($init_title, t('Title is visible on draft node for logged in user.'));
// Edit the node, creating a new title, set to needs_review, create new revision.
$edit = array();
$second_title = $this
->randomName(8);
$edit['title'] = $second_title;
$edit['event'] = 'needs_review';
$edit['revision'] = 1;
$this
->drupalPost("node/1/edit", $edit, t('Save'));
// Edit the node, creating a new title, set to published, create new revision.
$edit = array();
$third_title = $this
->randomName(8);
$edit['title'] = $third_title;
$edit['event'] = 'published';
$edit['revision'] = 1;
$this
->drupalPost("node/1/edit", $edit, t('Save'));
// Fetch revisions to provide information for development.
$this
->drupalGet('node/1/revisions');
// Active Published: 4
// Published: 3
// Needs Review: 2
// Now we should have 2 published node revisions one of which is active.
// Check access to different revisions.
// Admin - has access to everything.
$this
->drupalGet('node/1/revisions/3/view');
$this
->assertResponse(200, 'Admin: Inactive published revision accessible');
$this
->assertText($init_title);
$this
->drupalGet('node/1/revisions/2/view');
$this
->assertResponse(200, 'Admin: Needs review revision accessible');
$this
->assertText($second_title);
$this
->drupalGet('node/1/revisions/4/view');
$this
->assertResponse(200, 'Admin: Active published revision accessible');
$this
->assertText($third_title);
// Anonymous - only can access the active published revision.
$this
->drupalLogout();
$this
->drupalGet('node/1/revisions/3/view');
$this
->assertResponse(403, 'Anonymous: Inactive published revision inaccessible');
$this
->assertNoTitle($init_title);
$this
->drupalGet('node/1/revisions/2/view');
$this
->assertResponse(403, 'Admin: Needs review revision inaccessible');
$this
->assertNoTitle($second_title);
$this
->drupalGet('node/1/revisions/4/view');
$this
->assertResponse(200, 'Anonymous: Active published revision accessible');
$this
->assertText($third_title);
// User with explicit state access sees all published revisions. But can't
// access revisions outside of that state.
$this
->drupalLogin($this->state_access_user);
$this
->drupalGet('node/1/revisions/3/view');
$this
->assertResponse(200, 'Published-Access-User: Inactive published revision accessible');
$this
->assertText($init_title);
$this
->drupalGet('node/1/revisions/2/view');
$this
->assertResponse(403, 'Published-Access-User: Needs review revision inaccessible');
$this
->assertNoTitle($second_title);
$this
->drupalGet('node/1/revisions/4/view');
$this
->assertResponse(200, 'Published-Access-User: Active published revision accessible');
$this
->assertText($third_title);
}