function VocabularyPermissionsTest::testVocabularyPermissionsTaxonomyTerm

Same name and namespace in other branches
  1. 11.x core/modules/taxonomy/tests/src/Functional/VocabularyPermissionsTest.php \Drupal\Tests\taxonomy\Functional\VocabularyPermissionsTest::testVocabularyPermissionsTaxonomyTerm()
  2. 10 core/modules/taxonomy/tests/src/Functional/VocabularyPermissionsTest.php \Drupal\Tests\taxonomy\Functional\VocabularyPermissionsTest::testVocabularyPermissionsTaxonomyTerm()
  3. 9 core/modules/taxonomy/tests/src/Functional/VocabularyPermissionsTest.php \Drupal\Tests\taxonomy\Functional\VocabularyPermissionsTest::testVocabularyPermissionsTaxonomyTerm()

Create, edit and delete a taxonomy term via the user interface.

File

core/modules/taxonomy/tests/src/Functional/VocabularyPermissionsTest.php, line 228

Class

VocabularyPermissionsTest
Tests the taxonomy vocabulary permissions.

Namespace

Drupal\Tests\taxonomy\Functional

Code

public function testVocabularyPermissionsTaxonomyTerm() {
  // Vocabulary used for creating, removing and editing terms.
  $vocabulary = $this->createVocabulary();
  // Test as admin user.
  $user = $this->drupalCreateUser([
    'administer taxonomy',
  ]);
  $this->drupalLogin($user);
  // Visit the main taxonomy administration page.
  $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
  $this->assertSession()
    ->statusCodeEquals(200);
  $this->assertField('edit-name-0-value', 'Add taxonomy term form opened successfully.');
  // Submit the term.
  $edit = [];
  $edit['name[0][value]'] = $this->randomMachineName();
  $this->drupalPostForm(NULL, $edit, t('Save'));
  $this->assertText(t('Created new term @name.', [
    '@name' => $edit['name[0][value]'],
  ]), 'Term created successfully.');
  // Verify that the creation message contains a link to a term.
  $view_link = $this->xpath('//div[@class="messages"]//a[contains(@href, :href)]', [
    ':href' => 'term/',
  ]);
  $this->assert(isset($view_link), 'The message area contains a link to a term');
  $terms = \Drupal::entityTypeManager()->getStorage('taxonomy_term')
    ->loadByProperties([
    'name' => $edit['name[0][value]'],
  ]);
  $term = reset($terms);
  // Edit the term.
  $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
  $this->assertSession()
    ->statusCodeEquals(200);
  $this->assertText($edit['name[0][value]'], 'Edit taxonomy term form opened successfully.');
  $edit['name[0][value]'] = $this->randomMachineName();
  $this->drupalPostForm(NULL, $edit, t('Save'));
  $this->assertText(t('Updated term @name.', [
    '@name' => $edit['name[0][value]'],
  ]), 'Term updated successfully.');
  // Delete the vocabulary.
  $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
  $this->assertRaw(t('Are you sure you want to delete the @entity-type %label?', [
    '@entity-type' => 'taxonomy term',
    '%label' => $edit['name[0][value]'],
  ]), 'Delete taxonomy term form opened successfully.');
  // Confirm deletion.
  $this->drupalPostForm(NULL, NULL, t('Delete'));
  $this->assertRaw(t('Deleted term %name.', [
    '%name' => $edit['name[0][value]'],
  ]), 'Term deleted.');
  // Test as user with "create" permissions.
  $user = $this->drupalCreateUser([
    "create terms in {$vocabulary->id()}",
  ]);
  $this->drupalLogin($user);
  $assert_session = $this->assertSession();
  // Create a new term.
  $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
  $assert_session->statusCodeEquals(200);
  $assert_session->fieldExists('name[0][value]');
  // Submit the term.
  $edit = [];
  $edit['name[0][value]'] = $this->randomMachineName();
  $this->drupalPostForm(NULL, $edit, t('Save'));
  $assert_session->pageTextContains(t('Created new term @name.', [
    '@name' => $edit['name[0][value]'],
  ]));
  $terms = \Drupal::entityTypeManager()->getStorage('taxonomy_term')
    ->loadByProperties([
    'name' => $edit['name[0][value]'],
  ]);
  $term = reset($terms);
  // Ensure that edit and delete access is denied.
  $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
  $assert_session->statusCodeEquals(403);
  $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
  $assert_session->statusCodeEquals(403);
  // Test as user with "edit" permissions.
  $user = $this->drupalCreateUser([
    "edit terms in {$vocabulary->id()}",
  ]);
  $this->drupalLogin($user);
  // Ensure the taxonomy term add form is denied.
  $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
  $this->assertSession()
    ->statusCodeEquals(403);
  // Create a test term.
  $term = $this->createTerm($vocabulary);
  // Edit the term.
  $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
  $this->assertSession()
    ->statusCodeEquals(200);
  $this->assertText($term->getName(), 'Edit taxonomy term form opened successfully.');
  $edit['name[0][value]'] = $this->randomMachineName();
  $this->drupalPostForm(NULL, $edit, t('Save'));
  $this->assertText(t('Updated term @name.', [
    '@name' => $edit['name[0][value]'],
  ]), 'Term updated successfully.');
  // Verify that the update message contains a link to a term.
  $view_link = $this->xpath('//div[@class="messages"]//a[contains(@href, :href)]', [
    ':href' => 'term/',
  ]);
  $this->assert(isset($view_link), 'The message area contains a link to a term');
  // Ensure the term cannot be deleted.
  $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
  $this->assertSession()
    ->statusCodeEquals(403);
  // Test as user with "delete" permissions.
  $user = $this->drupalCreateUser([
    "delete terms in {$vocabulary->id()}",
  ]);
  $this->drupalLogin($user);
  // Ensure the taxonomy term add form is denied.
  $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
  $this->assertSession()
    ->statusCodeEquals(403);
  // Create a test term.
  $term = $this->createTerm($vocabulary);
  // Ensure that the term cannot be edited.
  $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
  $this->assertSession()
    ->statusCodeEquals(403);
  // Delete the vocabulary.
  $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
  $this->assertRaw(t('Are you sure you want to delete the @entity-type %label?', [
    '@entity-type' => 'taxonomy term',
    '%label' => $term->getName(),
  ]), 'Delete taxonomy term form opened successfully.');
  // Confirm deletion.
  $this->drupalPostForm(NULL, NULL, t('Delete'));
  $this->assertRaw(t('Deleted term %name.', [
    '%name' => $term->getName(),
  ]), 'Term deleted.');
  // Test as user without proper permissions.
  $user = $this->drupalCreateUser();
  $this->drupalLogin($user);
  // Ensure the taxonomy term add form is denied.
  $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
  $this->assertSession()
    ->statusCodeEquals(403);
  // Create a test term.
  $term = $this->createTerm($vocabulary);
  // Ensure that the term cannot be edited.
  $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
  $this->assertSession()
    ->statusCodeEquals(403);
  // Ensure the term cannot be deleted.
  $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
  $this->assertSession()
    ->statusCodeEquals(403);
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.