function NodeRevisionPermissionsTest::testNodeRevisionAccessAnyType in Zircon Profile 8.0

Same name and namespace in other branches

1. 8 core/modules/node/src/Tests/NodeRevisionPermissionsTest.php \Drupal\node\Tests\NodeRevisionPermissionsTest::testNodeRevisionAccessAnyType()

Tests general revision access permissions.

File

core/modules/node/src/Tests/NodeRevisionPermissionsTest.php, line 69

Contains \Drupal\node\Tests\NodeRevisionPermissionsTest.

Class

NodeRevisionPermissionsTest

Tests user permissions for node revisions.

Namespace

Drupal\node\Tests

Code

function testNodeRevisionAccessAnyType() {

  // Create three users, one with each revision permission.
  foreach ($this->map as $op => $permission) {

    // Create the user.
    $account = $this
      ->drupalCreateUser(array(
      'access content',
      'edit any page content',
      'delete any page content',
      $permission,
    ));
    $account->op = $op;
    $this->accounts[] = $account;
  }

  // Create an admin account (returns TRUE for all revision permissions).
  $admin_account = $this
    ->drupalCreateUser(array(
    'access content',
    'administer nodes',
  ));
  $admin_account->is_admin = TRUE;
  $this->accounts['admin'] = $admin_account;
  $accounts['admin'] = $admin_account;

  // Create a normal account (returns FALSE for all revision permissions).
  $normal_account = $this
    ->drupalCreateUser();
  $normal_account->op = FALSE;
  $this->accounts[] = $normal_account;
  $accounts[] = $normal_account;
  $revision = $this->nodeRevisions['page'][1];
  $parameters = array(
    'op' => array_keys($this->map),
    'account' => $this->accounts,
  );
  $permutations = $this
    ->generatePermutations($parameters);
  $node_revision_access = \Drupal::service('access_check.node.revision');
  foreach ($permutations as $case) {

    // Skip this test if there are no revisions for the node.
    if (!($revision
      ->isDefaultRevision() && (db_query('SELECT COUNT(vid) FROM {node_field_revision} WHERE nid = :nid', array(
      ':nid' => $revision
        ->id(),
    ))
      ->fetchField() == 1 || $case['op'] == 'update' || $case['op'] == 'delete'))) {
      if (!empty($case['account']->is_admin) || $case['account']
        ->hasPermission($this->map[$case['op']])) {
        $this
          ->assertTrue($node_revision_access
          ->checkAccess($revision, $case['account'], $case['op']), "{$this->map[$case['op']]} granted.");
      }
      else {
        $this
          ->assertFalse($node_revision_access
          ->checkAccess($revision, $case['account'], $case['op']), "{$this->map[$case['op']]} not granted.");
      }
    }
  }

  // Test that access is FALSE for a node administrator with an invalid $node
  // or $op parameters.
  $admin_account = $accounts['admin'];
  $this
    ->assertFalse($node_revision_access
    ->checkAccess($revision, $admin_account, 'invalid-op'), 'NodeRevisionAccessCheck() returns FALSE with an invalid op.');
}