class TrackerNodeAccessTest
Same name and namespace in other branches
- 10 core/modules/tracker/tests/src/Functional/TrackerNodeAccessTest.php \Drupal\Tests\tracker\Functional\TrackerNodeAccessTest
- 8.9.x core/modules/tracker/tests/src/Functional/TrackerNodeAccessTest.php \Drupal\Tests\tracker\Functional\TrackerNodeAccessTest
Tests for private node access on /tracker.
@group tracker
Hierarchy
- class \Drupal\Tests\BrowserTestBase uses \Drupal\Core\Test\FunctionalTestSetupTrait, \Drupal\Tests\UiHelperTrait, \Drupal\Core\Test\TestSetupTrait, \Drupal\Tests\block\Traits\BlockCreationTrait, \Drupal\FunctionalTests\AssertLegacyTrait, \Drupal\Tests\RandomGeneratorTrait, \Drupal\Tests\node\Traits\NodeCreationTrait, \Drupal\Tests\node\Traits\ContentTypeCreationTrait, \Drupal\Tests\ConfigTestTrait, \Drupal\Tests\TestRequirementsTrait, \Drupal\Tests\user\Traits\UserCreationTrait, \Drupal\Tests\XdebugRequestTrait, \Drupal\Tests\Traits\PhpUnitWarnings, \Drupal\Tests\PhpUnitCompatibilityTrait, \Symfony\Bridge\PhpUnit\ExpectDeprecationTrait, \Drupal\Tests\ExtensionListTestTrait extends \PHPUnit\Framework\TestCase
- class \Drupal\Tests\tracker\Functional\TrackerNodeAccessTest uses \Drupal\comment\Tests\CommentTestTrait extends \Drupal\Tests\BrowserTestBase
Expanded class hierarchy of TrackerNodeAccessTest
File
-
core/
modules/ tracker/ tests/ src/ Functional/ TrackerNodeAccessTest.php, line 15
Namespace
Drupal\Tests\tracker\FunctionalView source
class TrackerNodeAccessTest extends BrowserTestBase {
use CommentTestTrait;
/**
* Modules to enable.
*
* @var array
*/
protected static $modules = [
'node',
'comment',
'tracker',
'node_access_test',
];
/**
* {@inheritdoc}
*/
protected $defaultTheme = 'stark';
/**
* {@inheritdoc}
*/
protected function setUp() : void {
parent::setUp();
node_access_rebuild();
$this->drupalCreateContentType([
'type' => 'page',
]);
node_access_test_add_field(NodeType::load('page'));
$this->addDefaultCommentField('node', 'page', 'comment', CommentItemInterface::OPEN);
\Drupal::state()->set('node_access_test.private', TRUE);
}
/**
* Ensure that tracker_cron is not access sensitive.
*/
public function testTrackerNodeAccessIndexing() {
// The node is private and not authored by the anonymous user, so any entity
// queries run for the anonymous user will miss it.
$author = $this->drupalCreateUser();
$private_node = $this->drupalCreateNode([
'title' => 'Private node test',
'private' => TRUE,
'uid' => $author->id(),
]);
// Remove index entries, and index as tracker_install() does.
\Drupal::database()->delete('tracker_node')
->execute();
\Drupal::state()->set('tracker.index_nid', $private_node->id());
tracker_cron();
// Test that the private node has been indexed and so can be viewed by a
// user with node test view permission.
$user = $this->drupalCreateUser([
'node test view',
]);
$this->drupalLogin($user);
$this->drupalGet('activity');
$this->assertSession()
->pageTextContains($private_node->getTitle());
}
/**
* Ensure private node on /tracker is only visible to users with permission.
*/
public function testTrackerNodeAccess() {
// Create user with node test view permission.
$access_user = $this->drupalCreateUser([
'node test view',
'access user profiles',
]);
// Create user without node test view permission.
$no_access_user = $this->drupalCreateUser([
'access user profiles',
]);
$this->drupalLogin($access_user);
// Create some nodes.
$private_node = $this->drupalCreateNode([
'title' => 'Private node test',
'private' => TRUE,
]);
$public_node = $this->drupalCreateNode([
'title' => 'Public node test',
'private' => FALSE,
]);
// User with access should see both nodes created.
$this->drupalGet('activity');
$this->assertSession()
->pageTextContains($private_node->getTitle());
$this->assertSession()
->pageTextContains($public_node->getTitle());
$this->drupalGet('user/' . $access_user->id() . '/activity');
$this->assertSession()
->pageTextContains($private_node->getTitle());
$this->assertSession()
->pageTextContains($public_node->getTitle());
// User without access should not see private node.
$this->drupalLogin($no_access_user);
$this->drupalGet('activity');
$this->assertSession()
->pageTextNotContains($private_node->getTitle());
$this->assertSession()
->pageTextContains($public_node->getTitle());
$this->drupalGet('user/' . $access_user->id() . '/activity');
$this->assertSession()
->pageTextNotContains($private_node->getTitle());
$this->assertSession()
->pageTextContains($public_node->getTitle());
}
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.