You are here

public function WorkspaceBypassTest::testBypassOwnWorkspace in Workspace 8.2

Same name and namespace in other branches
  1. 8 tests/src/Functional/WorkspaceBypassTest.php \Drupal\Tests\workspace\Functional\WorkspaceBypassTest::testBypassOwnWorkspace()

Verifies that a user can edit anything in a workspace they own.

File

tests/src/Functional/WorkspaceBypassTest.php, line 26

Class

WorkspaceBypassTest
Tests access bypass permission controls on workspaces.

Namespace

Drupal\Tests\workspace\Functional

Code

public function testBypassOwnWorkspace() {
  $permissions = [
    'create workspace',
    'edit own workspace',
    'view own workspace',
    'bypass entity access own workspace',
  ];
  $this
    ->createContentType([
    'type' => 'test',
    'label' => 'Test',
  ]);
  $this
    ->setupWorkspaceSwitcherBlock();
  $ditka = $this
    ->drupalCreateUser(array_merge($permissions, [
    'create test content',
  ]));

  // Login as a limited-access user and create a workspace.
  $this
    ->drupalLogin($ditka);
  $bears = $this
    ->createWorkspaceThroughUi('Bears', 'bears');
  $this
    ->switchToWorkspace($bears);

  // Now create a node in the Bears workspace, as the owner of that workspace.
  $ditka_bears_node = $this
    ->createNodeThroughUi('Ditka Bears node', 'test');
  $ditka_bears_node_id = $ditka_bears_node
    ->id();

  // Editing both nodes should be possible.
  $this
    ->drupalGet('/node/' . $ditka_bears_node_id . '/edit');
  $this
    ->assertSession()
    ->statusCodeEquals(200);

  // Create a new user that should be able to edit anything in the Bears
  // workspace.
  $lombardi = $this
    ->drupalCreateUser(array_merge($permissions, [
    'view any workspace',
  ]));
  $this
    ->drupalLogin($lombardi);
  $this
    ->switchToWorkspace($bears);

  // Because editor 2 has the bypass permission, he should be able to create
  // and edit any node.
  $this
    ->drupalGet('/node/' . $ditka_bears_node_id . '/edit');
  $this
    ->assertSession()
    ->statusCodeEquals(403);
}