function NodeRevisionPermissionsTest::testNodeRevisionAccessAnyType

Same name and namespace in other branches
  1. 8.9.x core/modules/node/tests/src/Functional/NodeRevisionPermissionsTest.php \Drupal\Tests\node\Functional\NodeRevisionPermissionsTest::testNodeRevisionAccessAnyType()

Tests general revision access permissions.

File

core/modules/node/tests/src/Functional/NodeRevisionPermissionsTest.php, line 85

Class

NodeRevisionPermissionsTest
Tests user permissions for node revisions.

Namespace

Drupal\Tests\node\Functional

Code

public function testNodeRevisionAccessAnyType() {
  $this->expectDeprecation('NodeRevisionAccessCheck is deprecated in drupal:9.3.0 and will be removed before drupal:10.0.0. Use "_entity_access" requirement with relevant operation instead. See https://www.drupal.org/node/3161210');
  // Create three users, one with each revision permission.
  foreach ($this->map as $op => $permission) {
    // Create the user.
    $account = $this->drupalCreateUser([
      'access content',
      'edit any page content',
      'delete any page content',
      $permission,
    ]);
    $account->op = $op;
    $this->accounts[] = $account;
  }
  // Create an admin account (returns TRUE for all revision permissions).
  $admin_account = $this->drupalCreateUser([
    'access content',
    'administer nodes',
  ]);
  $admin_account->is_admin = TRUE;
  $this->accounts['admin'] = $admin_account;
  $accounts['admin'] = $admin_account;
  // Create a normal account (returns FALSE for all revision permissions).
  $normal_account = $this->drupalCreateUser();
  $normal_account->op = FALSE;
  $this->accounts[] = $normal_account;
  $accounts[] = $normal_account;
  $revision = $this->nodeRevisions['page'][1];
  $parameters = [
    'op' => array_keys($this->map),
    'account' => $this->accounts,
  ];
  $permutations = $this->generatePermutations($parameters);
  $node_revision_access = \Drupal::service('access_check.node.revision');
  $vids = \Drupal::entityQuery('node')->allRevisions()
    ->accessCheck(FALSE)
    ->condition('nid', $revision->id())
    ->execute();
  foreach ($permutations as $case) {
    // Skip this test if there are no revisions for the node.
    if (!($revision->isDefaultRevision() && (count($vids) == 1 || $case['op'] == 'update' || $case['op'] == 'delete'))) {
      if (!empty($case['account']->is_admin) || $case['account']->hasPermission($this->map[$case['op']])) {
        $this->assertTrue($node_revision_access->checkAccess($revision, $case['account'], $case['op']), "{$this->map[$case['op']]} granted.");
      }
      else {
        $this->assertFalse($node_revision_access->checkAccess($revision, $case['account'], $case['op']), "{$this->map[$case['op']]} not granted.");
      }
    }
  }
  // Test that access is FALSE for a node administrator with an invalid $node
  // or $op parameters.
  $admin_account = $accounts['admin'];
  $this->assertFalse($node_revision_access->checkAccess($revision, $admin_account, 'invalid-op'), 'NodeRevisionAccessCheck() returns FALSE with an invalid op.');
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.