You are here

function UserPermissionsTest::testUserPermissionChanges in Zircon Profile 8.0

Same name and namespace in other branches
  1. 8 core/modules/user/src/Tests/UserPermissionsTest.php \Drupal\user\Tests\UserPermissionsTest::testUserPermissionChanges()

Test changing user permissions through the permissions page.

File

core/modules/user/src/Tests/UserPermissionsTest.php, line 50
Contains \Drupal\user\Tests\UserPermissionsTest.

Class

UserPermissionsTest
Verify that role permissions can be added and removed via the permissions page.

Namespace

Drupal\user\Tests

Code

function testUserPermissionChanges() {
  $permissions_hash_generator = $this->container
    ->get('user_permissions_hash_generator');
  $storage = $this->container
    ->get('entity.manager')
    ->getStorage('user_role');

  // Create an additional role and mark it as admin role.
  Role::create([
    'is_admin' => TRUE,
    'id' => 'administrator',
    'label' => 'Administrator',
  ])
    ->save();
  $storage
    ->resetCache();
  $this
    ->drupalLogin($this->adminUser);
  $rid = $this->rid;
  $account = $this->adminUser;
  $previous_permissions_hash = $permissions_hash_generator
    ->generate($account);
  $this
    ->assertIdentical($previous_permissions_hash, $permissions_hash_generator
    ->generate($this->loggedInUser));

  // Add a permission.
  $this
    ->assertFalse($account
    ->hasPermission('administer users'), 'User does not have "administer users" permission.');
  $edit = array();
  $edit[$rid . '[administer users]'] = TRUE;
  $this
    ->drupalPostForm('admin/people/permissions', $edit, t('Save permissions'));
  $this
    ->assertText(t('The changes have been saved.'), 'Successful save message displayed.');
  $storage
    ->resetCache();
  $this
    ->assertTrue($account
    ->hasPermission('administer users'), 'User now has "administer users" permission.');
  $current_permissions_hash = $permissions_hash_generator
    ->generate($account);
  $this
    ->assertIdentical($current_permissions_hash, $permissions_hash_generator
    ->generate($this->loggedInUser));
  $this
    ->assertNotEqual($previous_permissions_hash, $current_permissions_hash, 'Permissions hash has changed.');
  $previous_permissions_hash = $current_permissions_hash;

  // Remove a permission.
  $this
    ->assertTrue($account
    ->hasPermission('access user profiles'), 'User has "access user profiles" permission.');
  $edit = array();
  $edit[$rid . '[access user profiles]'] = FALSE;
  $this
    ->drupalPostForm('admin/people/permissions', $edit, t('Save permissions'));
  $this
    ->assertText(t('The changes have been saved.'), 'Successful save message displayed.');
  $storage
    ->resetCache();
  $this
    ->assertFalse($account
    ->hasPermission('access user profiles'), 'User no longer has "access user profiles" permission.');
  $current_permissions_hash = $permissions_hash_generator
    ->generate($account);
  $this
    ->assertIdentical($current_permissions_hash, $permissions_hash_generator
    ->generate($this->loggedInUser));
  $this
    ->assertNotEqual($previous_permissions_hash, $current_permissions_hash, 'Permissions hash has changed.');

  // Ensure that the admin role doesn't have any checkboxes.
  $this
    ->drupalGet('admin/people/permissions');
  foreach (array_keys($this->container
    ->get('user.permissions')
    ->getPermissions()) as $permission) {
    $this
      ->assertNoFieldByName('administrator[' . $permission . ']');
  }
}