class PermissionsPerBundleTest

Same name in other branches
  1. 10 core/tests/Drupal/KernelTests/Core/Recipe/PermissionsPerBundleTest.php \Drupal\KernelTests\Core\Recipe\PermissionsPerBundleTest

@covers \Drupal\Core\Config\Action\Plugin\ConfigAction\PermissionsPerBundle @covers \Drupal\Core\Config\Action\Plugin\ConfigAction\Deriver\PermissionsPerBundleDeriver

@group Recipe

Hierarchy

Expanded class hierarchy of PermissionsPerBundleTest

File

core/tests/Drupal/KernelTests/Core/Recipe/PermissionsPerBundleTest.php, line 26

Namespace

Drupal\KernelTests\Core\Recipe
View source 
class PermissionsPerBundleTest extends KernelTestBase {
    use ContentTypeCreationTrait;
    use MediaTypeCreationTrait;
    use RecipeTestTrait;
    use TaxonomyTestTrait;
    use UserCreationTrait;
    
    /**
     * {@inheritdoc}
     */
    protected static $modules = [
        'field',
        'media',
        'media_test_source',
        'node',
        'system',
        'taxonomy',
        'text',
        'user',
    ];
    
    /**
     * {@inheritdoc}
     */
    protected function setUp() : void {
        parent::setUp();
        $this->installConfig('node');
        $this->createRole([], 'super_editor');
        $this->createContentType([
            'type' => 'article',
        ]);
        $this->createContentType([
            'type' => 'blog',
        ]);
        $this->createContentType([
            'type' => 'landing_page',
        ]);
        $this->createMediaType('test', [
            'id' => 'beautiful',
        ]);
        $this->createMediaType('test', [
            'id' => 'controversial',
        ]);
        $this->createMediaType('test', [
            'id' => 'special',
        ]);
        $this->createVocabulary([
            'vid' => 'tags',
        ]);
        $this->createVocabulary([
            'vid' => 'categories',
        ]);
    }
    
    /**
     * Tests granting multiple bundle-specific permissions.
     */
    public function testGrantPermissionsPerBundle() : void {
        $recipe_data = <<<YAML
name: 'Multi permissions!'
config:
  actions:
    user.role.super_editor:
      grantPermissionsForEachNodeType:
        - create %bundle content
        - edit own %bundle content
      grantPermissionsForEachMediaType:
        permissions:
          - create %bundle media
          - edit own %bundle media
      grantPermissionsForEachTaxonomyVocabulary: create terms in %bundle
YAML;
        $this->applyRecipeFromString($recipe_data);
        $expected_permissions = [
            'create article content',
            'create blog content',
            'create landing_page content',
            'edit own article content',
            'edit own blog content',
            'edit own landing_page content',
            'create beautiful media',
            'create controversial media',
            'create special media',
            'edit own beautiful media',
            'edit own controversial media',
            'edit own special media',
            'create terms in tags',
            'create terms in categories',
        ];
        $role = Role::load('super_editor');
        assert($role instanceof RoleInterface);
        foreach ($expected_permissions as $permission) {
            $this->assertTrue($role->hasPermission($permission));
        }
    }
    
    /**
     * Tests that the permissions-per-bundle action can only be applied to roles.
     */
    public function testActionIsOnlyAvailableToUserRoles() : void {
        $recipe_data = <<<YAML
name: 'Only for roles...'
config:
  actions:
    field.storage.node.body:
      grantPermissionsForEachNodeType:
        - create %bundle content
        - edit own %bundle content
YAML;
        $this->expectException(PluginNotFoundException::class);
        $this->expectExceptionMessage('The "field_storage_config" entity does not support the "grantPermissionsForEachNodeType" config action.');
        $this->applyRecipeFromString($recipe_data);
    }
    
    /**
     * Tests granting permissions for one bundle, then all of them.
     */
    public function testGrantPermissionsOnOneBundleThenAll() : void {
        $recipe_data = <<<YAML
name: 'All bundles except one'
config:
  actions:
    user.role.super_editor:
      grantPermissions:
        - create beautiful media
        - edit own beautiful media
      grantPermissionsForEachMediaType:
        - create %bundle media
        - edit own %bundle media
YAML;
        $this->applyRecipeFromString($recipe_data);
        $role = Role::load('super_editor');
        $this->assertInstanceOf(Role::class, $role);
        $this->assertTrue($role->hasPermission('create beautiful media'));
        $this->assertTrue($role->hasPermission('edit own beautiful media'));
        $this->assertTrue($role->hasPermission('create controversial media'));
        $this->assertTrue($role->hasPermission('edit own beautiful media'));
    }
    
    /**
     * Tests granting permissions for all bundles except certain ones.
     */
    public function testGrantPermissionsToAllBundlesExceptSome() : void {
        $recipe_data = <<<YAML
name: 'Bundle specific permissions with some exceptions'
config:
  actions:
    user.role.super_editor:
      grantPermissionsForEachNodeType:
        permissions:
          - view %bundle revisions
        except:
          - article
          - blog
      grantPermissionsForEachMediaType:
        permissions: view any %bundle media revisions
        except:
          - controversial
      grantPermissionsForEachTaxonomyVocabulary:
        permissions:
          - view term revisions in %bundle
        except: tags
YAML;
        $this->applyRecipeFromString($recipe_data);
        $role = Role::load('super_editor');
        $this->assertInstanceOf(Role::class, $role);
        $this->assertTrue($role->hasPermission('view landing_page revisions'));
        $this->assertFalse($role->hasPermission('view article revisions'));
        $this->assertFalse($role->hasPermission('view blog revisions'));
        $this->assertTrue($role->hasPermission('view any beautiful media revisions'));
        $this->assertTrue($role->hasPermission('view any special media revisions'));
        $this->assertFalse($role->hasPermission('view any controversial media revisions'));
        $this->assertTrue($role->hasPermission('view term revisions in categories'));
        $this->assertFalse($role->hasPermission('view term revisions in tags'));
    }
    
    /**
     * Tests that there is an exception if the permission templates are invalid.
     *
     * @param mixed $value
     *   The permission template which should raise an error.
     *
     * @testWith [["a %Bundle permission"]]
     *   [""]
     *   [[]]
     */
    public function testInvalidValue(mixed $value) : void {
        $value = Json::encode($value);
        $recipe_data = <<<YAML
name: 'Bad permission value'
config:
  actions:
    user.role.super_editor:
      grantPermissionsForEachMediaType: {<span class="php-variable">$value</span>}
YAML;
        $this->expectException(ConfigActionException::class);
        $this->expectExceptionMessage(" must be an array of strings that contain '%bundle'.");
        $this->applyRecipeFromString($recipe_data);
    }
    
    /**
     * Given a string of `recipe.yml` contents, applies it to the site.
     *
     * @param string $recipe_data
     *   The contents of `recipe.yml`.
     */
    private function applyRecipeFromString(string $recipe_data) : void {
        $recipe = $this->createRecipe($recipe_data);
        RecipeRunner::processRecipe($recipe);
    }

}

Members

Title Deprecated Modifiers Object type Summary Overriden Title Overrides
AssertContentTrait::$content protected property The current raw content.
AssertContentTrait::$drupalSettings protected property The drupalSettings value from the current raw $content.
AssertContentTrait::$elements protected property The XML structure parsed from the current raw $content. 1
AssertContentTrait::$plainTextContent protected property The plain-text content of raw $content (text nodes).
AssertContentTrait::assertEscaped protected function Passes if the raw text IS found escaped on the loaded page, fail otherwise.
AssertContentTrait::assertField protected function Asserts that a field exists with the given name or ID.
AssertContentTrait::assertFieldById Deprecated protected function Asserts that a field exists with the given ID and value.
AssertContentTrait::assertFieldByName protected function Asserts that a field exists with the given name and value.
AssertContentTrait::assertFieldByXPath protected function Asserts that a field exists in the current page by the given XPath.
AssertContentTrait::assertFieldChecked Deprecated protected function Asserts that a checkbox field in the current page is checked.
AssertContentTrait::assertFieldsByValue protected function Asserts that a field exists in the current page with a given Xpath result.
AssertContentTrait::assertLink protected function Passes if a link with the specified label is found.
AssertContentTrait::assertLinkByHref protected function Passes if a link containing a given href (part) is found.
AssertContentTrait::assertNoDuplicateIds Deprecated protected function Asserts that each HTML ID is used for just a single element.
AssertContentTrait::assertNoEscaped protected function Passes if raw text IS NOT found escaped on loaded page, fail otherwise.
AssertContentTrait::assertNoField Deprecated protected function Asserts that a field does not exist with the given name or ID.
AssertContentTrait::assertNoFieldById Deprecated protected function Asserts that a field does not exist with the given ID and value.
AssertContentTrait::assertNoFieldByName Deprecated protected function Asserts that a field does not exist with the given name and value.
AssertContentTrait::assertNoFieldByXPath Deprecated protected function Asserts that a field does not exist or its value does not match, by XPath.
AssertContentTrait::assertNoFieldChecked Deprecated protected function Asserts that a checkbox field in the current page is not checked.
AssertContentTrait::assertNoLink protected function Passes if a link with the specified label is not found.
AssertContentTrait::assertNoLinkByHref Deprecated protected function Passes if a link containing a given href (part) is not found.
AssertContentTrait::assertNoLinkByHrefInMainRegion Deprecated protected function Passes if a link containing a given href is not found in the main region.
AssertContentTrait::assertNoOption Deprecated protected function Asserts that a select option in the current page does not exist.
AssertContentTrait::assertNoOptionSelected Deprecated protected function Asserts that a select option in the current page is not checked.
AssertContentTrait::assertNoPattern protected function Triggers a pass if the perl regex pattern is not found in raw content.
AssertContentTrait::assertNoRaw protected function Passes if the raw text is NOT found on the loaded page, fail otherwise.
AssertContentTrait::assertNoText protected function Passes if the page (with HTML stripped) does not contains the text.
AssertContentTrait::assertNoTitle protected function Pass if the page title is not the given string.
AssertContentTrait::assertNoUniqueText Deprecated protected function Passes if the text is found MORE THAN ONCE on the text version of the page.
AssertContentTrait::assertOption protected function Asserts that a select option in the current page exists.
AssertContentTrait::assertOptionByText Deprecated protected function Asserts that a select option with the visible text exists.
AssertContentTrait::assertOptionSelected Deprecated protected function Asserts that a select option in the current page is checked.
AssertContentTrait::assertOptionSelectedWithDrupalSelector Deprecated protected function Asserts that a select option in the current page is checked.
AssertContentTrait::assertOptionWithDrupalSelector protected function Asserts that a select option in the current page exists.
AssertContentTrait::assertPattern protected function Triggers a pass if the Perl regex pattern is found in the raw content.
AssertContentTrait::assertRaw protected function Passes if the raw text IS found on the loaded page, fail otherwise.
AssertContentTrait::assertText protected function Passes if the page (with HTML stripped) contains the text.
AssertContentTrait::assertTextHelper protected function Helper for assertText and assertNoText.
AssertContentTrait::assertTextPattern Deprecated protected function Asserts that a Perl regex pattern is found in the plain-text content.
AssertContentTrait::assertThemeOutput protected function Asserts themed output.
AssertContentTrait::assertTitle protected function Pass if the page title is the given string.
AssertContentTrait::assertUniqueText Deprecated protected function Passes if the text is found ONLY ONCE on the text version of the page.
AssertContentTrait::assertUniqueTextHelper Deprecated protected function Helper for assertUniqueText and assertNoUniqueText.
AssertContentTrait::buildXPathQuery protected function Builds an XPath query.
AssertContentTrait::constructFieldXpath protected function Helper: Constructs an XPath for the given set of attributes and value.
AssertContentTrait::cssSelect protected function Searches elements using a CSS selector in the raw content.
AssertContentTrait::getAllOptions protected function Get all option elements, including nested options, in a select.
AssertContentTrait::getDrupalSettings protected function Gets the value of drupalSettings for the currently-loaded page.
AssertContentTrait::getRawContent protected function Gets the current raw content.
AssertContentTrait::getSelectedItem protected function Get the selected value from a select field.
AssertContentTrait::getTextContent protected function Retrieves the plain-text content from the current raw content.
AssertContentTrait::parse protected function Parse content returned from curlExec using DOM and SimpleXML.
AssertContentTrait::removeWhiteSpace protected function Removes all white-space between HTML tags from the raw content.
AssertContentTrait::setDrupalSettings protected function Sets the value of drupalSettings for the currently-loaded page.
AssertContentTrait::setRawContent protected function Sets the raw content (e.g. HTML).
AssertContentTrait::xpath protected function Performs an xpath search on the contents of the internal browser.
ConfigTestTrait::configImporter protected function Returns a ConfigImporter object to import test configuration.
ConfigTestTrait::copyConfig protected function Copies configuration objects from source storage to target storage.
ContentTypeCreationTrait::createContentType protected function Creates a custom content type based on default settings. 1
ExpectDeprecationTrait::expectDeprecation public function Adds an expected deprecation.
ExpectDeprecationTrait::getCallableName private static function Returns a callable as a string suitable for inclusion in a message.
ExpectDeprecationTrait::setUpErrorHandler public function Sets up the test error handler.
ExpectDeprecationTrait::tearDownErrorHandler public function Tears down the test error handler.
ExtensionListTestTrait::getModulePath protected function Gets the path for the specified module.
ExtensionListTestTrait::getThemePath protected function Gets the path for the specified theme.
KernelTestBase::$backupStaticAttributes protected property Back up and restore static class properties that may be changed by tests.
KernelTestBase::$backupStaticAttributesBlacklist protected property Contains a few static class properties for performance.
KernelTestBase::$classLoader protected property
KernelTestBase::$configImporter protected property @todo Move into Config test base class. 6
KernelTestBase::$configSchemaCheckerExclusions protected static property An array of config object names that are excluded from schema checking. 4
KernelTestBase::$container protected property
KernelTestBase::$databasePrefix protected property
KernelTestBase::$keyValue protected property The key_value service that must persist between container rebuilds.
KernelTestBase::$root protected property The app root.
KernelTestBase::$siteDirectory protected property
KernelTestBase::$strictConfigSchema protected property Set to TRUE to strict check all configuration saved. 9
KernelTestBase::$usesSuperUserAccessPolicy protected property Set to TRUE to make user 1 a super user. 3
KernelTestBase::$vfsRoot protected property The virtual filesystem root directory.
KernelTestBase::assertPostConditions protected function 1
KernelTestBase::bootEnvironment protected function Bootstraps a basic test environment.
KernelTestBase::bootKernel protected function Bootstraps a kernel for a test. 1
KernelTestBase::config protected function Configuration accessor for tests. Returns non-overridden configuration.
KernelTestBase::disableModules protected function Disables modules for this test.
KernelTestBase::enableModules protected function Enables modules for this test. 2
KernelTestBase::getConfigSchemaExclusions protected function Gets the config schema exclusions for this test.
KernelTestBase::getDatabaseConnectionInfo protected function Returns the Database connection info to be used for this test. 2
KernelTestBase::getDatabasePrefix public function
KernelTestBase::getExtensionsForModules private function Returns Extension objects for $modules to install.
KernelTestBase::getModulesToEnable private static function Returns the modules to install for this test.
KernelTestBase::initFileCache protected function Initializes the FileCache component.
KernelTestBase::installConfig protected function Installs default configuration for a given list of modules.
KernelTestBase::installEntitySchema protected function Installs the storage schema for a specific entity type.
KernelTestBase::installSchema protected function Installs database tables from a module schema definition.
KernelTestBase::register public function Registers test-specific services. Overrides ServiceProviderInterface::register 28
KernelTestBase::render protected function Renders a render array. 1
KernelTestBase::setInstallProfile protected function Sets the install profile and rebuilds the container to update it.
KernelTestBase::setSetting protected function Sets an in-memory Settings variable.
KernelTestBase::setUpBeforeClass public static function 1
KernelTestBase::setUpFilesystem protected function Sets up the filesystem, so things like the file directory. 3
KernelTestBase::tearDown protected function 7
KernelTestBase::tearDownCloseDatabaseConnection public function Additional tear down method to close the connection at the end.
KernelTestBase::vfsDump protected function Dumps the current state of the virtual filesystem to STDOUT.
KernelTestBase::__construct public function
KernelTestBase::__sleep public function Prevents serializing any properties.
MediaTypeCreationTrait::createMediaType protected function Create a media type for a source plugin.
PermissionsPerBundleTest::$modules protected static property Overrides KernelTestBase::$modules
PermissionsPerBundleTest::applyRecipeFromString private function Given a string of `recipe.yml` contents, applies it to the site.
PermissionsPerBundleTest::setUp protected function Overrides KernelTestBase::setUp
PermissionsPerBundleTest::testActionIsOnlyAvailableToUserRoles public function Tests that the permissions-per-bundle action can only be applied to roles.
PermissionsPerBundleTest::testGrantPermissionsOnOneBundleThenAll public function Tests granting permissions for one bundle, then all of them.
PermissionsPerBundleTest::testGrantPermissionsPerBundle public function Tests granting multiple bundle-specific permissions.
PermissionsPerBundleTest::testGrantPermissionsToAllBundlesExceptSome public function Tests granting permissions for all bundles except certain ones.
PermissionsPerBundleTest::testInvalidValue public function Tests that there is an exception if the permission templates are invalid.
RandomGeneratorTrait::getRandomGenerator protected function Gets the random generator for the utility methods.
RandomGeneratorTrait::randomMachineName protected function Generates a unique random string containing letters and numbers.
RandomGeneratorTrait::randomObject public function Generates a random PHP object.
RandomGeneratorTrait::randomString public function Generates a pseudo-random string of ASCII characters of codes 32 to 126.
RecipeTestTrait::alterRecipe protected function Alters an existing recipe.
RecipeTestTrait::applyRecipe protected function Applies a recipe to the site.
RecipeTestTrait::createRecipe protected function Creates a recipe in a temporary directory.
StorageCopyTrait::replaceStorageContents protected static function Copy the configuration from one storage to another and remove stale items.
TaxonomyTestTrait::createTaxonomyTermRevision protected function Creates a new revision for a given taxonomy term.
TaxonomyTestTrait::createTerm protected function Returns a new term with random properties given a vocabulary.
TaxonomyTestTrait::createVocabulary protected function Returns a new vocabulary with random properties.
TestRequirementsTrait::getDrupalRoot protected static function Returns the Drupal root directory.
UserCreationTrait::checkPermissions protected function Checks whether a given list of permission names is valid.
UserCreationTrait::createAdminRole protected function Creates an administrative role.
UserCreationTrait::createRole protected function Creates a role with specified permissions.
UserCreationTrait::createUser protected function Create a user with a given set of permissions.
UserCreationTrait::grantPermissions protected function Grant permissions to a user role.
UserCreationTrait::setCurrentUser protected function Switch the current logged in user.
UserCreationTrait::setUpCurrentUser protected function Creates a random user account and sets it as current user.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.