You are here

public function TaxonomyImageTest::testTaxonomyImageAccess in Zircon Profile 8

Same name and namespace in other branches
  1. 8.0 core/modules/taxonomy/src/Tests/TaxonomyImageTest.php \Drupal\taxonomy\Tests\TaxonomyImageTest::testTaxonomyImageAccess()

File

core/modules/taxonomy/src/Tests/TaxonomyImageTest.php, line 72
Contains \Drupal\taxonomy\Tests\TaxonomyImageTest.

Class

TaxonomyImageTest
Tests access checks of private image fields.

Namespace

Drupal\taxonomy\Tests

Code

public function testTaxonomyImageAccess() {
  $user = $this
    ->drupalCreateUser(array(
    'administer site configuration',
    'administer taxonomy',
    'access user profiles',
  ));
  $this
    ->drupalLogin($user);

  // Create a term and upload the image.
  $files = $this
    ->drupalGetTestFiles('image');
  $image = array_pop($files);
  $edit['name[0][value]'] = $this
    ->randomMachineName();
  $edit['files[field_test_0]'] = drupal_realpath($image->uri);
  $this
    ->drupalPostForm('admin/structure/taxonomy/manage/' . $this->vocabulary
    ->id() . '/add', $edit, t('Save'));
  $this
    ->drupalPostForm(NULL, [
    'field_test[0][alt]' => $this
      ->randomMachineName(),
  ], t('Save'));
  $terms = entity_load_multiple_by_properties('taxonomy_term', array(
    'name' => $edit['name[0][value]'],
  ));
  $term = reset($terms);
  $this
    ->assertText(t('Created new term @name.', array(
    '@name' => $term
      ->getName(),
  )));

  // Create a user that should have access to the file and one that doesn't.
  $access_user = $this
    ->drupalCreateUser(array(
    'access content',
  ));
  $no_access_user = $this
    ->drupalCreateUser();
  $image = File::load($term->field_test->target_id);
  $this
    ->drupalLogin($access_user);
  $this
    ->drupalGet(file_create_url($image
    ->getFileUri()));
  $this
    ->assertResponse(200, 'Private image on term is accessible with right permission');
  $this
    ->drupalLogin($no_access_user);
  $this
    ->drupalGet(file_create_url($image
    ->getFileUri()));
  $this
    ->assertResponse(403, 'Private image on term not accessible without right permission');
}