Loading src/Controller/UserSessionInspector.php +3 −0 Original line number Diff line number Diff line Loading @@ -180,6 +180,9 @@ class UserSessionInspector extends ControllerBase { 'button', 'button--danger', ], 'data-test' => [ 'session-operation-delete-all', ], ], ]; Loading src/Form/DeleteSessionForm.php +0 −3 Original line number Diff line number Diff line Loading @@ -5,12 +5,9 @@ namespace Drupal\session_inspector\Form; use Drupal\Core\Form\ConfirmFormBase; use Drupal\Core\Form\FormStateInterface; use Drupal\Core\Url; use Drupal\session_inspector\Event\SessionEvent; use Drupal\session_inspector\Event\SessionInspectorEvents; use Drupal\session_inspector\SessionDeletionInterface; use Drupal\session_inspector\SessionInspectorInterface; use Symfony\Component\DependencyInjection\ContainerInterface; use Symfony\Component\EventDispatcher\EventDispatcherInterface; /** * Defines a confirmation form to allow users to delete sessions. Loading test/src/Functional/SessionInspectorTest.php +18 −1 Original line number Diff line number Diff line Loading @@ -67,7 +67,7 @@ class SessionInspectorTest extends BrowserTestBase { $this->assertEquals($uid, $this->container->get('state')->get('session_event.uid')); $this->assertEquals($sid, $this->container->get('state')->get('session_event.sid')); // The response is an access denied as the user is logged out. // The response is access denied as the user is logged out. $this->assertSession()->responseContains('Access denied'); // Ensure that we are not logged in anymore. Loading @@ -94,4 +94,21 @@ class SessionInspectorTest extends BrowserTestBase { $this->assertSession()->responseContains('Access denied'); } /** * Test that a user can delete all other sessions. */ public function testUserCanDeleteAllOtherSessions() { $user = $this->createUser(['inspect own user sessions']); $this->drupalLogin($user); $this->drupalGet('user/' . $user->id() . '/sessions'); // Delete all other sessions. $this->click('[data-test="session-operation-delete-all"]'); $this->click('[id="edit-submit"]'); // User is still logged in. $this->assertSession()->responseNotContains('Access denied'); } } Loading
src/Controller/UserSessionInspector.php +3 −0 Original line number Diff line number Diff line Loading @@ -180,6 +180,9 @@ class UserSessionInspector extends ControllerBase { 'button', 'button--danger', ], 'data-test' => [ 'session-operation-delete-all', ], ], ]; Loading
src/Form/DeleteSessionForm.php +0 −3 Original line number Diff line number Diff line Loading @@ -5,12 +5,9 @@ namespace Drupal\session_inspector\Form; use Drupal\Core\Form\ConfirmFormBase; use Drupal\Core\Form\FormStateInterface; use Drupal\Core\Url; use Drupal\session_inspector\Event\SessionEvent; use Drupal\session_inspector\Event\SessionInspectorEvents; use Drupal\session_inspector\SessionDeletionInterface; use Drupal\session_inspector\SessionInspectorInterface; use Symfony\Component\DependencyInjection\ContainerInterface; use Symfony\Component\EventDispatcher\EventDispatcherInterface; /** * Defines a confirmation form to allow users to delete sessions. Loading
test/src/Functional/SessionInspectorTest.php +18 −1 Original line number Diff line number Diff line Loading @@ -67,7 +67,7 @@ class SessionInspectorTest extends BrowserTestBase { $this->assertEquals($uid, $this->container->get('state')->get('session_event.uid')); $this->assertEquals($sid, $this->container->get('state')->get('session_event.sid')); // The response is an access denied as the user is logged out. // The response is access denied as the user is logged out. $this->assertSession()->responseContains('Access denied'); // Ensure that we are not logged in anymore. Loading @@ -94,4 +94,21 @@ class SessionInspectorTest extends BrowserTestBase { $this->assertSession()->responseContains('Access denied'); } /** * Test that a user can delete all other sessions. */ public function testUserCanDeleteAllOtherSessions() { $user = $this->createUser(['inspect own user sessions']); $this->drupalLogin($user); $this->drupalGet('user/' . $user->id() . '/sessions'); // Delete all other sessions. $this->click('[data-test="session-operation-delete-all"]'); $this->click('[id="edit-submit"]'); // User is still logged in. $this->assertSession()->responseNotContains('Access denied'); } }
