NodeAccessRebuildNodeGrantsTest.php

Same filename in other branches
  1. 9 core/modules/node/tests/src/Functional/NodeAccessRebuildNodeGrantsTest.php
  2. 8.9.x core/modules/node/tests/src/Functional/NodeAccessRebuildNodeGrantsTest.php
  3. 11.x core/modules/node/tests/src/Functional/NodeAccessRebuildNodeGrantsTest.php

Namespace

Drupal\Tests\node\Functional

File

core/modules/node/tests/src/Functional/NodeAccessRebuildNodeGrantsTest.php

View source
<?php

declare (strict_types=1);
namespace Drupal\Tests\node\Functional;

use Drupal\node\Entity\NodeType;

/**
 * Tests node access rebuild functions with multiple node access modules.
 *
 * @group node
 */
class NodeAccessRebuildNodeGrantsTest extends NodeTestBase {
    
    /**
     * {@inheritdoc}
     */
    protected $defaultTheme = 'stark';
    
    /**
     * A user to create nodes that only it has access to.
     *
     * @var \Drupal\user\UserInterface
     */
    protected $webUser;
    
    /**
     * A user to test the rebuild nodes feature which can't access the nodes.
     *
     * @var \Drupal\user\UserInterface
     */
    protected $adminUser;
    
    /**
     * {@inheritdoc}
     */
    protected function setUp() : void {
        parent::setUp();
        $this->adminUser = $this->drupalCreateUser([
            'administer site configuration',
            'access administration pages',
            'access site reports',
            'administer nodes',
        ]);
        $this->drupalLogin($this->adminUser);
        $this->webUser = $this->drupalCreateUser();
    }
    
    /**
     * Tests rebuilding the node access permissions table with content.
     */
    public function testNodeAccessRebuildNodeGrants() : void {
        \Drupal::service('module_installer')->install([
            'node_access_test',
        ]);
        \Drupal::state()->set('node_access_test.private', TRUE);
        node_access_test_add_field(NodeType::load('page'));
        $this->resetAll();
        // Create 30 nodes so that _node_access_rebuild_batch_operation() has to run
        // more than once.
        for ($i = 0; $i < 30; $i++) {
            $nodes[] = $this->drupalCreateNode([
                'uid' => $this->webUser
                    ->id(),
                'private' => [
                    [
                        'value' => 1,
                    ],
                ],
            ]);
        }
        
        /** @var \Drupal\node\NodeGrantDatabaseStorageInterface $grant_storage */
        $grant_storage = \Drupal::service('node.grant_storage');
        // Default realm access and node records are present.
        foreach ($nodes as $node) {
            $this->assertNotEmpty($node->private->value);
            $this->assertTrue($grant_storage->access($node, 'view', $this->webUser)
                ->isAllowed(), 'Prior to rebuilding node access the grant storage returns allowed for the node author.');
            $this->assertTrue($grant_storage->access($node, 'view', $this->adminUser)
                ->isAllowed(), 'Prior to rebuilding node access the grant storage returns allowed for the admin user.');
        }
        $this->assertEquals(1, \Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is an all realm access record');
        $this->assertTrue(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions need to be rebuilt');
        // Rebuild permissions.
        $this->drupalGet('admin/reports/status');
        $this->clickLink('Rebuild permissions');
        $this->submitForm([], 'Rebuild permissions');
        $this->assertSession()
            ->pageTextContains('The content access permissions have been rebuilt.');
        // Test if the rebuild by user that cannot bypass node access and does not
        // have access to the nodes has been successful.
        $this->assertFalse($this->adminUser
            ->hasPermission('bypass node access'));
        $this->assertNull(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions have been rebuilt');
        foreach ($nodes as $node) {
            $this->assertTrue($grant_storage->access($node, 'view', $this->webUser)
                ->isAllowed(), 'After rebuilding node access the grant storage returns allowed for the node author.');
            $this->assertFalse($grant_storage->access($node, 'view', $this->adminUser)
                ->isForbidden(), 'After rebuilding node access the grant storage returns forbidden for the admin user.');
        }
        $this->assertEmpty(\Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is no all realm access record');
        // Test an anonymous node access rebuild from code.
        $this->drupalLogout();
        node_access_rebuild();
        foreach ($nodes as $node) {
            $this->assertTrue($grant_storage->access($node, 'view', $this->webUser)
                ->isAllowed(), 'After rebuilding node access the grant storage returns allowed for the node author.');
            $this->assertFalse($grant_storage->access($node, 'view', $this->adminUser)
                ->isForbidden(), 'After rebuilding node access the grant storage returns forbidden for the admin user.');
        }
        $this->assertEmpty(\Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is no all realm access record');
    }
    
    /**
     * Tests rebuilding the node access permissions table with no content.
     */
    public function testNodeAccessRebuildNoAccessModules() : void {
        // Default realm access is present.
        $this->assertEquals(1, \Drupal::service('node.grant_storage')->count(), 'There is an all realm access record');
        // No need to rebuild permissions.
        $this->assertNull(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions need to be rebuilt');
        // Rebuild permissions.
        $this->drupalGet('admin/reports/status');
        $this->clickLink('Rebuild permissions');
        $this->submitForm([], 'Rebuild permissions');
        $this->assertSession()
            ->pageTextContains('Content permissions have been rebuilt.');
        $this->assertNull(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions have been rebuilt');
        // Default realm access is still present.
        $this->assertEquals(1, \Drupal::service('node.grant_storage')->count(), 'There is an all realm access record');
    }

}

Classes

Title Deprecated Summary
NodeAccessRebuildNodeGrantsTest Tests node access rebuild functions with multiple node access modules.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.