function WorkspaceEntityDeleteTest::testNodeDeleteWithBypassAccessPermission

Test node deletion with workspaces and the 'bypass node access' permission.

File

core/modules/workspaces/tests/src/Functional/WorkspaceEntityDeleteTest.php, line 129

Class

WorkspaceEntityDeleteTest

Tests entity deletions with workspaces.

Namespace

Code

public function testNodeDeleteWithBypassAccessPermission() : void {
  $assert_session = $this->assertSession();
  $permissions = [
    'administer workspaces',
    'create workspace',
    'access content overview',
    'bypass node access',
  ];
  $editor = $this->drupalCreateUser($permissions);
  $this->drupalLogin($editor);
  // Create a published node in Live.
  $published_live = $this->createNodeThroughUi('Test 1 published - live', 'article');
  $stage = Workspace::load('stage');
  $this->switchToWorkspace($stage);
  // A user with the 'bypass node access' permission will be able to see the
  // 'Delete' operation button, but it shouldn't be able to perform the
  // deletion.
  $this->drupalGet('admin/content');
  $assert_session->linkByHrefExists($published_live->toUrl('delete-form')
    ->toString());
  $this->clickLink('Delete');
  $assert_session->pageTextContains('This content item can only be deleted in the Live workspace.');
  $assert_session->buttonNotExists('Delete');
  $this->drupalGet($published_live->toUrl('delete-form')
    ->toString());
  $assert_session->pageTextContains('This content item can only be deleted in the Live workspace.');
  $assert_session->buttonNotExists('Delete');
  // Go back to Live and check that the delete form is not affected by the
  // workspace delete protection.
  $this->switchToLive();
  $this->drupalGet($published_live->toUrl('delete-form')
    ->toString());
  $assert_session->pageTextNotContains('This content item can only be deleted in the Live workspace.');
  $assert_session->buttonExists('Delete');
}