TaxonomyImageTest.php 3.25 KB
Newer Older
1 2
<?php

3
namespace Drupal\Tests\taxonomy\Functional;
4

5
use Drupal\field\Entity\FieldConfig;
6
use Drupal\Tests\TestFileCreationTrait;
7
use Drupal\user\RoleInterface;
8
use Drupal\file\Entity\File;
9
use Drupal\field\Entity\FieldStorageConfig;
10

11
/**
12 13 14
 * Tests access checks of private image fields.
 *
 * @group taxonomy
15 16 17
 */
class TaxonomyImageTest extends TaxonomyTestBase {

18 19 20 21 22
  use TestFileCreationTrait {
    getTestFiles as drupalGetTestFiles;
    compareFiles as drupalCompareFiles;
  }

23 24 25 26 27 28 29 30 31 32 33 34
  /**
   * Used taxonomy vocabulary.
   *
   * @var \Drupal\taxonomy\VocabularyInterface
   */
  protected $vocabulary;

  /**
   * Modules to enable.
   *
   * @var array
   */
35
  public static $modules = ['image'];
36

37
  protected function setUp() {
38 39 40
    parent::setUp();

    // Remove access content permission from registered users.
41
    user_role_revoke_permissions(RoleInterface::AUTHENTICATED_ID, ['access content']);
42 43

    $this->vocabulary = $this->createVocabulary();
44
    // Add a field to the vocabulary.
45 46
    $entity_type = 'taxonomy_term';
    $name = 'field_test';
47
    FieldStorageConfig::create([
48
      'field_name' => $name,
49 50
      'entity_type' => $entity_type,
      'type' => 'image',
51
      'settings' => [
52
        'uri_scheme' => 'private',
53 54
      ],
    ])->save();
55
    FieldConfig::create([
56 57 58
      'field_name' => $name,
      'entity_type' => $entity_type,
      'bundle' => $this->vocabulary->id(),
59
      'settings' => [],
60
    ])->save();
61
    entity_get_display($entity_type, $this->vocabulary->id(), 'default')
62
      ->setComponent($name, [
63
        'type' => 'image',
64 65
        'settings' => [],
      ])
66 67
      ->save();
    entity_get_form_display($entity_type, $this->vocabulary->id(), 'default')
68
      ->setComponent($name, [
69
        'type' => 'image_image',
70 71
        'settings' => [],
      ])
72 73 74 75
      ->save();
  }

  public function testTaxonomyImageAccess() {
76
    $user = $this->drupalCreateUser(['administer site configuration', 'administer taxonomy', 'access user profiles']);
77 78 79 80 81
    $this->drupalLogin($user);

    // Create a term and upload the image.
    $files = $this->drupalGetTestFiles('image');
    $image = array_pop($files);
82
    $edit['name[0][value]'] = $this->randomMachineName();
83
    $edit['files[field_test_0]'] = drupal_realpath($image->uri);
84
    $this->drupalPostForm('admin/structure/taxonomy/manage/' . $this->vocabulary->id() . '/add', $edit, t('Save'));
85
    $this->drupalPostForm(NULL, ['field_test[0][alt]' => $this->randomMachineName()], t('Save'));
86
    $terms = entity_load_multiple_by_properties('taxonomy_term', ['name' => $edit['name[0][value]']]);
87
    $term = reset($terms);
88
    $this->assertText(t('Created new term @name.', ['@name' => $term->getName()]));
89 90

    // Create a user that should have access to the file and one that doesn't.
91
    $access_user = $this->drupalCreateUser(['access content']);
92
    $no_access_user = $this->drupalCreateUser();
93
    $image = File::load($term->field_test->target_id);
94 95 96 97 98 99 100 101 102 103
    $this->drupalLogin($access_user);
    $this->drupalGet(file_create_url($image->getFileUri()));
    $this->assertResponse(200, 'Private image on term is accessible with right permission');

    $this->drupalLogin($no_access_user);
    $this->drupalGet(file_create_url($image->getFileUri()));
    $this->assertResponse(403, 'Private image on term not accessible without right permission');
  }

}