function TrackerNodeAccessTest::testTrackerNodeAccess

Same name in other branches
  1. 8.9.x core/modules/tracker/tests/src/Functional/TrackerNodeAccessTest.php \Drupal\Tests\tracker\Functional\TrackerNodeAccessTest::testTrackerNodeAccess()
  2. 10 core/modules/tracker/tests/src/Functional/TrackerNodeAccessTest.php \Drupal\Tests\tracker\Functional\TrackerNodeAccessTest::testTrackerNodeAccess()
  3. 11.x core/modules/tracker/tests/src/Functional/TrackerNodeAccessTest.php \Drupal\Tests\tracker\Functional\TrackerNodeAccessTest::testTrackerNodeAccess()

Ensure private node on /tracker is only visible to users with permission.

File

core/modules/tracker/tests/src/Functional/TrackerNodeAccessTest.php, line 77

Class

TrackerNodeAccessTest
Tests for private node access on /tracker.

Namespace

Drupal\Tests\tracker\Functional

Code

public function testTrackerNodeAccess() {
    // Create user with node test view permission.
    $access_user = $this->drupalCreateUser([
        'node test view',
        'access user profiles',
    ]);
    // Create user without node test view permission.
    $no_access_user = $this->drupalCreateUser([
        'access user profiles',
    ]);
    $this->drupalLogin($access_user);
    // Create some nodes.
    $private_node = $this->drupalCreateNode([
        'title' => 'Private node test',
        'private' => TRUE,
    ]);
    $public_node = $this->drupalCreateNode([
        'title' => 'Public node test',
        'private' => FALSE,
    ]);
    // User with access should see both nodes created.
    $this->drupalGet('activity');
    $this->assertSession()
        ->pageTextContains($private_node->getTitle());
    $this->assertSession()
        ->pageTextContains($public_node->getTitle());
    $this->drupalGet('user/' . $access_user->id() . '/activity');
    $this->assertSession()
        ->pageTextContains($private_node->getTitle());
    $this->assertSession()
        ->pageTextContains($public_node->getTitle());
    // User without access should not see private node.
    $this->drupalLogin($no_access_user);
    $this->drupalGet('activity');
    $this->assertSession()
        ->pageTextNotContains($private_node->getTitle());
    $this->assertSession()
        ->pageTextContains($public_node->getTitle());
    $this->drupalGet('user/' . $access_user->id() . '/activity');
    $this->assertSession()
        ->pageTextNotContains($private_node->getTitle());
    $this->assertSession()
        ->pageTextContains($public_node->getTitle());
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.