public function TaxonomyImageTest::testTaxonomyImageAccess in Zircon Profile 8
Same name and namespace in other branches
- 8.0 core/modules/taxonomy/src/Tests/TaxonomyImageTest.php \Drupal\taxonomy\Tests\TaxonomyImageTest::testTaxonomyImageAccess()
File
- core/
modules/ taxonomy/ src/ Tests/ TaxonomyImageTest.php, line 72 - Contains \Drupal\taxonomy\Tests\TaxonomyImageTest.
Class
- TaxonomyImageTest
- Tests access checks of private image fields.
Namespace
Drupal\taxonomy\TestsCode
public function testTaxonomyImageAccess() {
$user = $this
->drupalCreateUser(array(
'administer site configuration',
'administer taxonomy',
'access user profiles',
));
$this
->drupalLogin($user);
// Create a term and upload the image.
$files = $this
->drupalGetTestFiles('image');
$image = array_pop($files);
$edit['name[0][value]'] = $this
->randomMachineName();
$edit['files[field_test_0]'] = drupal_realpath($image->uri);
$this
->drupalPostForm('admin/structure/taxonomy/manage/' . $this->vocabulary
->id() . '/add', $edit, t('Save'));
$this
->drupalPostForm(NULL, [
'field_test[0][alt]' => $this
->randomMachineName(),
], t('Save'));
$terms = entity_load_multiple_by_properties('taxonomy_term', array(
'name' => $edit['name[0][value]'],
));
$term = reset($terms);
$this
->assertText(t('Created new term @name.', array(
'@name' => $term
->getName(),
)));
// Create a user that should have access to the file and one that doesn't.
$access_user = $this
->drupalCreateUser(array(
'access content',
));
$no_access_user = $this
->drupalCreateUser();
$image = File::load($term->field_test->target_id);
$this
->drupalLogin($access_user);
$this
->drupalGet(file_create_url($image
->getFileUri()));
$this
->assertResponse(200, 'Private image on term is accessible with right permission');
$this
->drupalLogin($no_access_user);
$this
->drupalGet(file_create_url($image
->getFileUri()));
$this
->assertResponse(403, 'Private image on term not accessible without right permission');
}