Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Open sidebar
project
drupal
Commits
29133d32
Commit
29133d32
authored
Aug 30, 2016
by
catch
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Issue
#2791955
by larowlan: Convert \Drupal\node\Tests\NodeAccessTest to a KernelTest
parent
fc4f5cca
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
262 additions
and
105 deletions
+262
-105
core/modules/node/src/Tests/NodeAccessGrantsTest.php
core/modules/node/src/Tests/NodeAccessGrantsTest.php
+0
-33
core/modules/node/src/Tests/NodeAccessTest.php
core/modules/node/src/Tests/NodeAccessTest.php
+0
-72
core/modules/node/tests/src/Kernel/NodeAccessTest.php
core/modules/node/tests/src/Kernel/NodeAccessTest.php
+262
-0
No files found.
core/modules/node/src/Tests/NodeAccessGrantsTest.php
deleted
100644 → 0
View file @
fc4f5cca
<?php
namespace
Drupal\node\Tests
;
/**
* Tests basic node_access functionality with hook_node_grants().
*
* This test just wraps the existing default permissions test while a module
* that implements hook_node_grants() is enabled.
*
* @see \Drupal\node\NodeGrantDatabaseStorage
*
* @group node
*/
class
NodeAccessGrantsTest
extends
NodeAccessTest
{
/**
* Modules to enable.
*
* @var array
*/
public
static
$modules
=
array
(
'node_access_test_empty'
);
/**
* Test operations not supported by node grants.
*/
function
testUnsupportedOperation
()
{
$web_user
=
$this
->
drupalCreateUser
([
'access content'
]);
$node
=
$this
->
drupalCreateNode
();
$this
->
assertNodeAccess
([
'random_operation'
=>
FALSE
],
$node
,
$web_user
);
}
}
core/modules/node/src/Tests/NodeAccessTest.php
deleted
100644 → 0
View file @
fc4f5cca
<?php
namespace
Drupal\node\Tests
;
use
Drupal\user\RoleInterface
;
/**
* Tests basic node_access functionality.
*
* Note that hook_node_access_records() is covered in another test class.
*
* @group node
* @todo Cover hook_node_access in a separate test class.
*/
class
NodeAccessTest
extends
NodeTestBase
{
protected
function
setUp
()
{
parent
::
setUp
();
// Clear permissions for authenticated users.
$this
->
config
(
'user.role.'
.
RoleInterface
::
AUTHENTICATED_ID
)
->
set
(
'permissions'
,
array
())
->
save
();
}
/**
* Runs basic tests for node_access function.
*/
function
testNodeAccess
()
{
// Ensures user without 'access content' permission can do nothing.
$web_user1
=
$this
->
drupalCreateUser
(
array
(
'create page content'
,
'edit any page content'
,
'delete any page content'
));
$node1
=
$this
->
drupalCreateNode
(
array
(
'type'
=>
'page'
));
$this
->
assertNodeCreateAccess
(
$node1
->
bundle
(),
FALSE
,
$web_user1
);
$this
->
assertNodeAccess
(
array
(
'view'
=>
FALSE
,
'update'
=>
FALSE
,
'delete'
=>
FALSE
),
$node1
,
$web_user1
);
// Ensures user with 'bypass node access' permission can do everything.
$web_user2
=
$this
->
drupalCreateUser
(
array
(
'bypass node access'
));
$node2
=
$this
->
drupalCreateNode
(
array
(
'type'
=>
'page'
));
$this
->
assertNodeCreateAccess
(
$node2
->
bundle
(),
TRUE
,
$web_user2
);
$this
->
assertNodeAccess
(
array
(
'view'
=>
TRUE
,
'update'
=>
TRUE
,
'delete'
=>
TRUE
),
$node2
,
$web_user2
);
// User cannot 'view own unpublished content'.
$web_user3
=
$this
->
drupalCreateUser
(
array
(
'access content'
));
$node3
=
$this
->
drupalCreateNode
(
array
(
'status'
=>
0
,
'uid'
=>
$web_user3
->
id
()));
$this
->
assertNodeAccess
(
array
(
'view'
=>
FALSE
),
$node3
,
$web_user3
);
// User cannot create content without permission.
$this
->
assertNodeCreateAccess
(
$node3
->
bundle
(),
FALSE
,
$web_user3
);
// User can 'view own unpublished content', but another user cannot.
$web_user4
=
$this
->
drupalCreateUser
(
array
(
'access content'
,
'view own unpublished content'
));
$web_user5
=
$this
->
drupalCreateUser
(
array
(
'access content'
,
'view own unpublished content'
));
$node4
=
$this
->
drupalCreateNode
(
array
(
'status'
=>
0
,
'uid'
=>
$web_user4
->
id
()));
$this
->
assertNodeAccess
(
array
(
'view'
=>
TRUE
,
'update'
=>
FALSE
),
$node4
,
$web_user4
);
$this
->
assertNodeAccess
(
array
(
'view'
=>
FALSE
),
$node4
,
$web_user5
);
// Tests the default access provided for a published node.
$node5
=
$this
->
drupalCreateNode
();
$this
->
assertNodeAccess
(
array
(
'view'
=>
TRUE
,
'update'
=>
FALSE
,
'delete'
=>
FALSE
),
$node5
,
$web_user3
);
// Tests the "edit any BUNDLE" and "delete any BUNDLE" permissions.
$web_user6
=
$this
->
drupalCreateUser
(
array
(
'access content'
,
'edit any page content'
,
'delete any page content'
));
$node6
=
$this
->
drupalCreateNode
(
array
(
'type'
=>
'page'
));
$this
->
assertNodeAccess
(
array
(
'view'
=>
TRUE
,
'update'
=>
TRUE
,
'delete'
=>
TRUE
),
$node6
,
$web_user6
);
// Tests the "edit own BUNDLE" and "delete own BUNDLE" permission.
$web_user7
=
$this
->
drupalCreateUser
(
array
(
'access content'
,
'edit own page content'
,
'delete own page content'
));
// User should not be able to edit or delete nodes they do not own.
$this
->
assertNodeAccess
(
array
(
'view'
=>
TRUE
,
'update'
=>
FALSE
,
'delete'
=>
FALSE
),
$node6
,
$web_user7
);
// User should be able to edit or delete nodes they own.
$node7
=
$this
->
drupalCreateNode
(
array
(
'type'
=>
'page'
,
'uid'
=>
$web_user7
->
id
()));
$this
->
assertNodeAccess
(
array
(
'view'
=>
TRUE
,
'update'
=>
TRUE
,
'delete'
=>
TRUE
),
$node7
,
$web_user7
);
}
}
core/modules/node/tests/src/Kernel/NodeAccessTest.php
0 → 100644
View file @
29133d32
<?php
namespace
Drupal\Tests\node\Kernel
;
use
Drupal\Component\Render\FormattableMarkup
;
use
Drupal\Core\Session\AccountInterface
;
use
Drupal\KernelTests\KernelTestBase
;
use
Drupal\node\NodeInterface
;
use
Drupal\simpletest\ContentTypeCreationTrait
;
use
Drupal\simpletest\NodeCreationTrait
;
use
Drupal\simpletest\UserCreationTrait
;
use
Drupal\user\RoleInterface
;
/**
* Tests basic node_access functionality.
*
* @group node
*/
class
NodeAccessTest
extends
KernelTestBase
{
use
NodeCreationTrait
{
getNodeByTitle
as
drupalGetNodeByTitle
;
createNode
as
drupalCreateNode
;
}
use
UserCreationTrait
{
createUser
as
drupalCreateUser
;
createRole
as
drupalCreateRole
;
createAdminRole
as
drupalCreateAdminRole
;
}
use
ContentTypeCreationTrait
{
createContentType
as
drupalCreateContentType
;
}
/**
* {@inheritdoc}
*/
public
static
$modules
=
[
'node'
,
'datetime'
,
'user'
,
'system'
,
'filter'
,
'field'
,
'text'
,
];
/**
* Access handler.
*
* @var \Drupal\Core\Entity\EntityAccessControlHandlerInterface
*/
protected
$accessHandler
;
/**
* {@inheritdoc}
*/
protected
function
setUp
()
{
parent
::
setUp
();
$this
->
installSchema
(
'system'
,
'sequences'
);
$this
->
installSchema
(
'node'
,
'node_access'
);
$this
->
installEntitySchema
(
'user'
);
$this
->
installEntitySchema
(
'node'
);
$this
->
installConfig
(
'filter'
);
$this
->
installConfig
(
'node'
);
$this
->
accessHandler
=
$this
->
container
->
get
(
'entity_type.manager'
)
->
getAccessControlHandler
(
'node'
);
// Clear permissions for authenticated users.
$this
->
config
(
'user.role.'
.
RoleInterface
::
AUTHENTICATED_ID
)
->
set
(
'permissions'
,
[])
->
save
();
// Create user 1 who has special permissions.
$this
->
drupalCreateUser
();
// Create a node type.
$this
->
drupalCreateContentType
(
array
(
'type'
=>
'page'
,
'name'
=>
'Basic page'
,
'display_submitted'
=>
FALSE
,
));
}
/**
* Runs basic tests for node_access function.
*/
public
function
testNodeAccess
()
{
// Ensures user without 'access content' permission can do nothing.
$web_user1
=
$this
->
drupalCreateUser
([
'create page content'
,
'edit any page content'
,
'delete any page content'
,
]);
$node1
=
$this
->
drupalCreateNode
([
'type'
=>
'page'
]);
$this
->
assertNodeCreateAccess
(
$node1
->
bundle
(),
FALSE
,
$web_user1
);
$this
->
assertNodeAccess
([
'view'
=>
FALSE
,
'update'
=>
FALSE
,
'delete'
=>
FALSE
,
],
$node1
,
$web_user1
);
// Ensures user with 'bypass node access' permission can do everything.
$web_user2
=
$this
->
drupalCreateUser
([
'bypass node access'
]);
$node2
=
$this
->
drupalCreateNode
([
'type'
=>
'page'
]);
$this
->
assertNodeCreateAccess
(
$node2
->
bundle
(),
TRUE
,
$web_user2
);
$this
->
assertNodeAccess
([
'view'
=>
TRUE
,
'update'
=>
TRUE
,
'delete'
=>
TRUE
,
],
$node2
,
$web_user2
);
// User cannot 'view own unpublished content'.
$web_user3
=
$this
->
drupalCreateUser
([
'access content'
]);
$node3
=
$this
->
drupalCreateNode
([
'status'
=>
0
,
'uid'
=>
$web_user3
->
id
(),
]);
$this
->
assertNodeAccess
([
'view'
=>
FALSE
],
$node3
,
$web_user3
);
// User cannot create content without permission.
$this
->
assertNodeCreateAccess
(
$node3
->
bundle
(),
FALSE
,
$web_user3
);
// User can 'view own unpublished content', but another user cannot.
$web_user4
=
$this
->
drupalCreateUser
([
'access content'
,
'view own unpublished content'
,
]);
$web_user5
=
$this
->
drupalCreateUser
([
'access content'
,
'view own unpublished content'
,
]);
$node4
=
$this
->
drupalCreateNode
([
'status'
=>
0
,
'uid'
=>
$web_user4
->
id
(),
]);
$this
->
assertNodeAccess
([
'view'
=>
TRUE
,
'update'
=>
FALSE
,
],
$node4
,
$web_user4
);
$this
->
assertNodeAccess
([
'view'
=>
FALSE
],
$node4
,
$web_user5
);
// Tests the default access provided for a published node.
$node5
=
$this
->
drupalCreateNode
();
$this
->
assertNodeAccess
([
'view'
=>
TRUE
,
'update'
=>
FALSE
,
'delete'
=>
FALSE
,
],
$node5
,
$web_user3
);
// Tests the "edit any BUNDLE" and "delete any BUNDLE" permissions.
$web_user6
=
$this
->
drupalCreateUser
([
'access content'
,
'edit any page content'
,
'delete any page content'
,
]);
$node6
=
$this
->
drupalCreateNode
([
'type'
=>
'page'
]);
$this
->
assertNodeAccess
([
'view'
=>
TRUE
,
'update'
=>
TRUE
,
'delete'
=>
TRUE
,
],
$node6
,
$web_user6
);
// Tests the "edit own BUNDLE" and "delete own BUNDLE" permission.
$web_user7
=
$this
->
drupalCreateUser
([
'access content'
,
'edit own page content'
,
'delete own page content'
,
]);
// User should not be able to edit or delete nodes they do not own.
$this
->
assertNodeAccess
([
'view'
=>
TRUE
,
'update'
=>
FALSE
,
'delete'
=>
FALSE
,
],
$node6
,
$web_user7
);
// User should be able to edit or delete nodes they own.
$node7
=
$this
->
drupalCreateNode
([
'type'
=>
'page'
,
'uid'
=>
$web_user7
->
id
(),
]);
$this
->
assertNodeAccess
([
'view'
=>
TRUE
,
'update'
=>
TRUE
,
'delete'
=>
TRUE
,
],
$node7
,
$web_user7
);
}
/**
* Test operations not supported by node grants.
*/
public
function
testUnsupportedOperation
()
{
$this
->
enableModules
([
'node_access_test_empty'
]);
$web_user
=
$this
->
drupalCreateUser
([
'access content'
]);
$node
=
$this
->
drupalCreateNode
();
$this
->
assertNodeAccess
([
'random_operation'
=>
FALSE
],
$node
,
$web_user
);
}
/**
* Asserts that node access correctly grants or denies access.
*
* @param array $ops
* An associative array of the expected node access grants for the node
* and account, with each key as the name of an operation (e.g. 'view',
* 'delete') and each value a Boolean indicating whether access to that
* operation should be granted.
* @param \Drupal\node\NodeInterface $node
* The node object to check.
* @param \Drupal\Core\Session\AccountInterface $account
* The user account for which to check access.
*/
public
function
assertNodeAccess
(
array
$ops
,
NodeInterface
$node
,
AccountInterface
$account
)
{
foreach
(
$ops
as
$op
=>
$result
)
{
$this
->
assertEquals
(
$result
,
$this
->
accessHandler
->
access
(
$node
,
$op
,
$account
),
$this
->
nodeAccessAssertMessage
(
$op
,
$result
,
$node
->
language
()
->
getId
()));
}
}
/**
* Asserts that node create access correctly grants or denies access.
*
* @param string $bundle
* The node bundle to check access to.
* @param bool $result
* Whether access should be granted or not.
* @param \Drupal\Core\Session\AccountInterface $account
* The user account for which to check access.
* @param string|null $langcode
* (optional) The language code indicating which translation of the node
* to check. If NULL, the untranslated (fallback) access is checked.
*/
public
function
assertNodeCreateAccess
(
$bundle
,
$result
,
AccountInterface
$account
,
$langcode
=
NULL
)
{
$this
->
assertEquals
(
$result
,
$this
->
accessHandler
->
createAccess
(
$bundle
,
$account
,
[
'langcode'
=>
$langcode
,
]),
$this
->
nodeAccessAssertMessage
(
'create'
,
$result
,
$langcode
));
}
/**
* Constructs an assert message to display which node access was tested.
*
* @param string $operation
* The operation to check access for.
* @param bool $result
* Whether access should be granted or not.
* @param string|null $langcode
* (optional) The language code indicating which translation of the node
* to check. If NULL, the untranslated (fallback) access is checked.
*
* @return string
* An assert message string which contains information in plain English
* about the node access permission test that was performed.
*/
public
function
nodeAccessAssertMessage
(
$operation
,
$result
,
$langcode
=
NULL
)
{
return
new
FormattableMarkup
(
'Node access returns @result with operation %op, language code %langcode.'
,
[
'@result'
=>
$result
?
'true'
:
'false'
,
'%op'
=>
$operation
,
'%langcode'
=>
!
empty
(
$langcode
)
?
$langcode
:
'empty'
,
]
);
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment