You are here

Home » API reference » Workspace 8 » WorkspaceBypassTest.php » WorkspaceBypassTest

public function WorkspaceBypassTest::testBypassOwnWorkspace in Workspace 8

Same name and namespace in other branches
  1. 8.2 tests/src/Functional/WorkspaceBypassTest.php \Drupal\Tests\workspace\Functional\WorkspaceBypassTest::testBypassOwnWorkspace()

Verifies that a user can edit anything in a workspace they own.

File

tests/src/Functional/WorkspaceBypassTest.php, line 101

Class

WorkspaceBypassTest
Tests access bypass permission controls on workspaces.

Namespace

Drupal\Tests\workspace\Functional

Code

public function testBypassOwnWorkspace() {
  $permissions = [
    'create_workspace',
    'edit_own_workspace',
    'view_own_workspace',
    'bypass_entity_access_own_workspace',
  ];
  $this
    ->createNodeType('Test', 'test');
  $this
    ->setupWorkspaceSwitcherBlock();
  $ditka = $this
    ->drupalCreateUser(array_merge($permissions, [
    'create test content',
  ]));

  // Login as a limited-access user and create a workspace.
  $this
    ->drupalLogin($ditka);
  $vanilla_node = $this
    ->createNodeThroughUI('Vanilla node', 'test');
  $bears = $this
    ->createWorkspaceThroughUI('Bears', 'bears');

  // Replicate all content from the default workspace to Bears.
  $live = $this
    ->getOneEntityByLabel('workspace', 'Live');

  /** @var \Drupal\workspace\ReplicatorManager $rm */
  $rm = \Drupal::service('workspace.replicator_manager');
  $rm
    ->replicate($this
    ->getPointerToWorkspace($live), $this
    ->getPointerToWorkspace($bears));
  \Drupal::service('cron')
    ->run();
  $this
    ->switchToWorkspace($bears);

  // Now create a node in the Bears workspace, as the owner of that workspace.
  $ditka_bears_node = $this
    ->createNodeThroughUI('Ditka Bears node', 'test');
  $ditka_bears_node_id = $ditka_bears_node
    ->id();

  // Editing both nodes should be possible.
  $this
    ->drupalGet('/node/' . $ditka_bears_node_id . '/edit');
  $session = $this
    ->getSession();
  $this
    ->assertEquals(200, $session
    ->getStatusCode());
  $bears_vanilla_node = $this
    ->getOneEntityByLabel('node', 'Vanilla node');
  $this
    ->drupalGet('/node/' . $bears_vanilla_node
    ->id() . '/edit');
  $session = $this
    ->getSession();
  $this
    ->assertEquals(200, $session
    ->getStatusCode());

  // Create a new user that should be able to edit anything in the Bears workspace.
  $lombardi = $this
    ->drupalCreateUser(array_merge($permissions, [
    'view_workspace_' . $bears
      ->id(),
  ]));
  $this
    ->drupalLogin($lombardi);
  $this
    ->switchToWorkspace($bears);

  // Because editor 2 has the bypass permission, he should be able to
  // create and edit any node.
  $this
    ->drupalGet('/node/' . $ditka_bears_node_id . '/edit');
  $session = $this
    ->getSession();
  $this
    ->assertEquals(403, $session
    ->getStatusCode());
  $this
    ->drupalGet('/node/' . $bears_vanilla_node
    ->id() . '/edit');
  $session = $this
    ->getSession();
  $this
    ->assertEquals(403, $session
    ->getStatusCode());
}