Issue #3272786: Added feature to show the delete other sessions button only if... (2b76f9f3) · Commits · project / session_inspector

src/Controller/UserSessionInspector.php

+15 −13

Original line number	Diff line number	Diff line
		@@ -171,6 +171,7 @@ class UserSessionInspector extends ControllerBase {
		'#sessions' => $sessionsTable,
		];

		if (count($sessions) > 1) {
		$build['delete_all_sessions_link'] = [
		'#type' => 'link',
		'#url' => Url::fromRoute('session_inspector.delete_all', ['user' => $user->id()]),
		@@ -185,6 +186,7 @@ class UserSessionInspector extends ControllerBase {
		],
		],
		];
		}

		return $build;
		}

+15 −2

Original line number	Diff line number	Diff line
		@@ -2,6 +2,7 @@

		namespace Drupal\Tests\session_inspector\Functional;

		use Drupal\Core\Session\AnonymousUserSession;
		use Drupal\Tests\BrowserTestBase;

		/**
		@@ -101,13 +102,25 @@ class SessionInspectorTest extends BrowserTestBase {
		$user = $this->createUser(['inspect own user sessions']);
		$this->drupalLogin($user);

		// "Forget" the current session.
		$this->getSession()->setCookie(\Drupal::service('session_configuration')->getOptions(\Drupal::request())['name']);
		$this->loggedInUser = FALSE;
		\Drupal::currentUser()->setAccount(new AnonymousUserSession());

		// Log back in.
		$this->drupalLogin($user);

		// Go to session pages.
		$this->drupalGet('user/' . $user->id() . '/sessions');

		// Delete all other sessions.
		// Delete all other sessions, which will be there since we have logged
		// in twice.
		$this->click('[data-test="session-operation-delete-all"]');

		// Confirm the all session deletion form.
		$this->click('[id="edit-submit"]');

		// User is still logged in.
		// Check that the user is still logged in.
		$this->assertSession()->responseNotContains('Access denied');
		$this->assertSession()->responseContains('CURRENT');
		$this->assertSession()->responseContains('LOCATION');