You are here

Home » API reference » YAML Form 8 » YamlFormAccessTest.php » YamlFormAccessTest

public function YamlFormAccessTest::testAccessControlHandler in YAML Form 8

Tests form access rules.

File

src/Tests/YamlFormAccessTest.php, line 18

Class

YamlFormAccessTest
Tests for form access rules.

Namespace

Drupal\yamlform\Tests

Code

public function testAccessControlHandler() {

  // Login as user who can access own form.
  $this
    ->drupalLogin($this->ownFormUser);

  // Check create own form.
  $this
    ->drupalPostForm('admin/structure/yamlform/add', [
    'id' => 'test_own',
    'title' => 'test_own',
    'elements' => "test:\n  '#markup': 'test'",
  ], t('Save'));

  // Check duplicate own form.
  $this
    ->drupalGet('admin/structure/yamlform/manage/test_own/duplicate');
  $this
    ->assertResponse(200);

  // Check delete own form.
  $this
    ->drupalGet('admin/structure/yamlform/manage/test_own/delete');
  $this
    ->assertResponse(200);

  // Check access own form submissions.
  $this
    ->drupalGet('admin/structure/yamlform/manage/test_own/results/submissions');
  $this
    ->assertResponse(200);

  // Login as user who can access any form.
  $this
    ->drupalLogin($this->anyFormUser);

  // Check duplicate any form.
  $this
    ->drupalGet('admin/structure/yamlform/manage/test_own/duplicate');
  $this
    ->assertResponse(200);

  // Check delete any form.
  $this
    ->drupalGet('admin/structure/yamlform/manage/test_own/delete');
  $this
    ->assertResponse(200);

  // Check access any form submissions.
  $this
    ->drupalGet('admin/structure/yamlform/manage/test_own/results/submissions');
  $this
    ->assertResponse(200);

  // Change the owner of the form to 'any' user.
  $own_yamlform = YamlForm::load('test_own');
  $own_yamlform
    ->setOwner($this->anyFormUser)
    ->save();

  // Login as user who can access own form.
  $this
    ->drupalLogin($this->ownFormUser);

  // Check duplicate denied any form.
  $this
    ->drupalGet('admin/structure/yamlform/manage/test_own/duplicate');
  $this
    ->assertResponse(403);

  // Check delete denied any form.
  $this
    ->drupalGet('admin/structure/yamlform/manage/test_own/delete');
  $this
    ->assertResponse(403);

  // Check access denied any form submissions.
  $this
    ->drupalGet('admin/structure/yamlform/manage/test_own/results/submissions');
  $this
    ->assertResponse(403);
}