function NodeAdminTest::testContentAdminPageWithLimitedContentViewer
Tests that the content overview page does not filter out nodes.
File
-
core/
modules/ node/ tests/ src/ Functional/ NodeAdminTest.php, line 246
Class
- NodeAdminTest
- Tests node administration page functionality.
Namespace
Drupal\Tests\node\FunctionalCode
public function testContentAdminPageWithLimitedContentViewer() : void {
\Drupal::service('module_installer')->install([
'node_access_test',
]);
$this->addPrivateField(NodeType::load('page'));
node_access_rebuild();
$role_id = $this->drupalCreateRole([
'access content overview',
'view own unpublished content',
'node test view',
]);
$viewer_user = $this->drupalCreateUser(values: [
'roles' => [
$role_id,
],
]);
// Create published and unpublished content authored by an administrator and
// the viewer user.
$nodes_visible = [];
$nodes_visible[] = $this->drupalCreateNode([
'type' => 'page',
'uid' => $this->adminUser
->id(),
'title' => 'Published page by admin',
]);
$nodes_visible[] = $this->drupalCreateNode([
'type' => 'page',
'uid' => $viewer_user->id(),
'title' => 'Published own page',
]);
$nodes_visible[] = $this->drupalCreateNode([
'type' => 'page',
'uid' => $this->adminUser
->id(),
'title' => 'Published private page by admin',
'private' => [
'value' => 1,
],
]);
$nodes_visible[] = $this->drupalCreateNode([
'type' => 'page',
'uid' => $viewer_user->id(),
'title' => 'Published own private page',
'private' => [
'value' => 1,
],
]);
$nodes_visible[] = $this->drupalCreateNode([
'type' => 'page',
'uid' => $viewer_user->id(),
'title' => 'Unpublished own page',
'status' => NodeInterface::NOT_PUBLISHED,
]);
$nodes_visible[] = $this->drupalCreateNode([
'type' => 'page',
'uid' => $viewer_user->id(),
'title' => 'Unpublished own private page',
'status' => NodeInterface::NOT_PUBLISHED,
'private' => [
'value' => 1,
],
]);
$nodes_visible[] = $this->drupalCreateNode([
'type' => 'page',
'uid' => $this->adminUser
->id(),
'title' => 'Unpublished private page by admin',
'status' => NodeInterface::NOT_PUBLISHED,
'private' => [
'value' => 1,
],
]);
$this->drupalLogin($viewer_user);
// Confirm the current user has limited privileges.
$admin_permissions = [
'administer nodes',
'bypass node access',
];
foreach ($admin_permissions as $admin_permission) {
$this->assertFalse(\Drupal::service('current_user')->hasPermission($admin_permission), sprintf('The current user does not have "%s" permission.', $admin_permission));
}
// Confirm that the nodes are visible to the less privileged user.
foreach ($nodes_visible as $node) {
self::assertTrue($node->access('view', $viewer_user));
$this->drupalGet('admin/content');
$this->assertSession()
->linkByHrefExists('node/' . $node->id(), 0, sprintf('The "%s" node is visible on the admin/content page.', $node->getTitle()));
}
// Without the "node test view" permission the unpublished page of the
// admin user is not visible.
$this->drupalLogin($this->drupalCreateUser(values: [
'roles' => [
$this->drupalCreateRole([
'access content overview',
'view own unpublished content',
]),
],
]));
$unpublished_node_by_admin = $this->drupalCreateNode([
'type' => 'page',
'uid' => $this->adminUser
->id(),
'title' => 'Unpublished page by admin',
'status' => 0,
]);
self::assertFalse($unpublished_node_by_admin->access('view'));
$this->drupalGet('admin/content');
$this->assertSession()
->linkByHrefNotExists('node/' . $unpublished_node_by_admin->id());
}Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.