You are here

function SearchCommentTest::testSearchResultsCommentAccess in Zircon Profile 8

Same name and namespace in other branches
  1. 8.0 core/modules/search/src/Tests/SearchCommentTest.php \Drupal\search\Tests\SearchCommentTest::testSearchResultsCommentAccess()

Verify access rules for comment indexing with different permissions.

File

core/modules/search/src/Tests/SearchCommentTest.php, line 222
Contains \Drupal\search\Tests\SearchCommentTest.

Class

SearchCommentTest
Tests integration searching comments.

Namespace

Drupal\search\Tests

Code

function testSearchResultsCommentAccess() {
  $comment_body = 'Test comment body';
  $this->commentSubject = 'Test comment subject';
  $roles = $this->adminUser
    ->getRoles(TRUE);
  $this->adminRole = $roles[0];

  // Create a node.
  // Make preview optional.
  $field = FieldConfig::loadByName('node', 'article', 'comment');
  $field
    ->setSetting('preview', DRUPAL_OPTIONAL);
  $field
    ->save();
  $this->node = $this
    ->drupalCreateNode(array(
    'type' => 'article',
  ));

  // Post a comment using 'Full HTML' text format.
  $edit_comment = array();
  $edit_comment['subject[0][value]'] = $this->commentSubject;
  $edit_comment['comment_body[0][value]'] = '<h1>' . $comment_body . '</h1>';
  $this
    ->drupalPostForm('comment/reply/node/' . $this->node
    ->id() . '/comment', $edit_comment, t('Save'));
  $this
    ->drupalLogout();
  $this
    ->setRolePermissions(RoleInterface::ANONYMOUS_ID);
  $this
    ->assertCommentAccess(FALSE, 'Anon user has search permission but no access comments permission, comments should not be indexed');
  $this
    ->setRolePermissions(RoleInterface::ANONYMOUS_ID, TRUE);
  $this
    ->assertCommentAccess(TRUE, 'Anon user has search permission and access comments permission, comments should be indexed');
  $this
    ->drupalLogin($this->adminUser);
  $this
    ->drupalGet('admin/people/permissions');

  // Disable search access for authenticated user to test admin user.
  $this
    ->setRolePermissions(RoleInterface::AUTHENTICATED_ID, FALSE, FALSE);
  $this
    ->setRolePermissions($this->adminRole);
  $this
    ->assertCommentAccess(FALSE, 'Admin user has search permission but no access comments permission, comments should not be indexed');
  $this
    ->drupalGet('node/' . $this->node
    ->id());
  $this
    ->setRolePermissions($this->adminRole, TRUE);
  $this
    ->assertCommentAccess(TRUE, 'Admin user has search permission and access comments permission, comments should be indexed');
  $this
    ->setRolePermissions(RoleInterface::AUTHENTICATED_ID);
  $this
    ->assertCommentAccess(FALSE, 'Authenticated user has search permission but no access comments permission, comments should not be indexed');
  $this
    ->setRolePermissions(RoleInterface::AUTHENTICATED_ID, TRUE);
  $this
    ->assertCommentAccess(TRUE, 'Authenticated user has search permission and access comments permission, comments should be indexed');

  // Verify that access comments permission is inherited from the
  // authenticated role.
  $this
    ->setRolePermissions(RoleInterface::AUTHENTICATED_ID, TRUE, FALSE);
  $this
    ->setRolePermissions($this->adminRole);
  $this
    ->assertCommentAccess(TRUE, 'Admin user has search permission and no access comments permission, but comments should be indexed because admin user inherits authenticated user\'s permission to access comments');

  // Verify that search content permission is inherited from the authenticated
  // role.
  $this
    ->setRolePermissions(RoleInterface::AUTHENTICATED_ID, TRUE, TRUE);
  $this
    ->setRolePermissions($this->adminRole, TRUE, FALSE);
  $this
    ->assertCommentAccess(TRUE, 'Admin user has access comments permission and no search permission, but comments should be indexed because admin user inherits authenticated user\'s permission to search');
}