node_access_example.test

  1. examples
    1. 7 node_access_example/node_access_example.test
    2. 8 node_access_example/node_access_example.test

Tests for Node Access example module.

Classes

NameDescription
NodeAccessExampleTestCase@file Tests for Node Access example module.

File

node_access_example/node_access_example.test
View source
  1. <?php

  2. 

  3. /**

  4.  * @file

  5.  * Tests for Node Access example module.

  6.  */

  7. class NodeAccessExampleTestCase extends DrupalWebTestCase {

  8. 

  9.   public static function getInfo() {

  10.     return array(

  11.       'name' => 'Node Access Example functionality',

  12.       'description' => 'Checks behavior of Node Access Example.',

  13.       'group' => 'Examples',

  14.     );

  15.   }

  16. 

  17.   /**

  18.    * Enable modules and create user with specific permissions.

  19.    */

  20.   public function setUp() {

  21.     parent::setUp('node_access_example', 'search');

  22.     node_access_rebuild();

  23.   }

  24. 

  25.   /**

  26.    * Test the "private" node access.

  27.    *

  28.    * - Create 3 users with "access content" and "create article" permissions.

  29.    * - Each user creates one private and one not private article.

  30.    * - Run cron to update search index.

  31.    * - Test that each user can view the other user's non-private article.

  32.    * - Test that each user cannot view the other user's private article.

  33.    * - Test that each user finds only appropriate (non-private + own private)

  34.    *   in search results.

  35.    * - Create another user with 'view any private content'.

  36.    * - Test that user 4 can view all content created above.

  37.    * - Test that user 4 can search for all content created above.

  38.    * - Test that user 4 cannot edit private content above.

  39.    * - Create another user with 'edit any private content'

  40.    * - Test that user 5 can edit private content.

  41.    * - Test that user 5 can delete private content.

  42.    * - Test listings of nodes with 'node_access' tag on database search.

  43.    */

  44.   function testNodeAccessBasic() {

  45.     $num_simple_users = 3;

  46.     $simple_users = array();

  47. 

  48.     // nodes keyed by uid and nid: $nodes[$uid][$nid] = $is_private;

  49.     $nodes_by_user = array();

  50.     $titles = array(); // Titles keyed by nid

  51.     $private_nodes = array(); // Array of nids marked private.

  52.     for ($i = 0; $i < $num_simple_users; $i++) {

  53.       $simple_users[$i] = $this->drupalCreateUser(array('access content', 'create article content', 'search content'));

  54.     }

  55.     foreach ($simple_users as $web_user) {

  56.       $this->drupalLogin($web_user);

  57.       foreach (array(0 => 'Public', 1 => 'Private') as $is_private => $type) {

  58.         $edit = array(

  59.           'title' => t('@private_public Article created by @user', array('@private_public' => $type, '@user' => $web_user->name)),

  60.         );

  61.         if ($is_private) {

  62.           $edit['private'] = TRUE;

  63.           $edit['body[und][0][value]'] = 'private node';

  64.         }

  65.         else {

  66.           $edit['body[und][0][value]'] = 'public node';

  67.         }

  68.         $this->drupalPost('node/add/article', $edit, t('Save'));

  69.         debug(t('Created article with private=@private', array('@private' => $is_private)));

  70.         $this->assertText(t('Article @title has been created', array('@title' => $edit['title'])));

  71.         $nid = db_query('SELECT nid FROM {node} WHERE title = :title', array(':title' => $edit['title']))->fetchField();

  72.         $this->assertText(t('New node @nid was created and private=@private', array('@nid' => $nid, '@private' => $is_private)));

  73.         $private_status = db_query('SELECT private FROM {node_access_example} where nid = :nid', array(':nid' => $nid))->fetchField();

  74.         $this->assertTrue($is_private == $private_status, t('Node was properly set to private or not private in node_access_example table.'));

  75.         if ($is_private) {

  76.           $private_nodes[] = $nid;

  77.         }

  78.         $titles[$nid] = $edit['title'];

  79.         $nodes_by_user[$web_user->uid][$nid] = $is_private;

  80.       }

  81.     }

  82.     debug($nodes_by_user);

  83.     $this->cronRun();  // Build the search index.

  84.     foreach ($simple_users as $web_user) {

  85.       $this->drupalLogin($web_user);

  86.       // Check to see that we find the number of search results expected.

  87.       $this->checkSearchResults('Private node', 1);

  88.       // Check own nodes to see that all are readable.

  89.       foreach (array_keys($nodes_by_user) as $uid) {

  90.         // All of this user's nodes should be readable to same.

  91.         if ($uid == $web_user->uid) {

  92.           foreach ($nodes_by_user[$uid] as $nid => $is_private) {

  93.             $this->drupalGet('node/' . $nid);

  94.             $this->assertResponse(200);

  95.             $this->assertTitle($titles[$nid] . ' | Drupal', t('Correct title for node found'));

  96.           }

  97.         }

  98.         else {

  99.           // Otherwise, for other users, private nodes should get a 403,

  100.           // but we should be able to read non-private nodes.

  101.           foreach ($nodes_by_user[$uid] as $nid => $is_private) {

  102.             $this->drupalGet('node/' . $nid);

  103.             $this->assertResponse($is_private ? 403 : 200, t('Node @nid by user @uid should get a @response for this user (@web_user_uid)', array('@nid' => $nid, '@uid' => $uid, '@response' => $is_private ? 403 : 200, '@web_user_uid' => $web_user->uid)));

  104.             if (!$is_private) {

  105.               $this->assertTitle($titles[$nid] . ' | Drupal', t('Correct title for node was found'));

  106.             }

  107.           }

  108.         }

  109.       }

  110. 

  111.       // Check to see that the correct nodes are shown on examples/node_access.

  112.       $this->drupalGet('examples/node_access');

  113.       $accessible = $this->xpath("//tr[contains(@class,'accessible')]");

  114.       $this->assertEqual(count($accessible), 1, t('One private item accessible'));

  115.       foreach ($accessible as $row) {

  116.         $this->assertEqual($row->td[2], $web_user->uid, t('Accessible row owned by this user'));

  117.       }

  118.     }

  119. 

  120.     // Now test that a user with 'access any private content' can view content.

  121.     $access_user = $this->drupalCreateUser(array('access content', 'create article content', 'access any private content', 'search content'));

  122.     $this->drupalLogin($access_user);

  123. 

  124.     // Check to see that we find the number of search results expected.

  125.     $this->checkSearchResults('Private node', 3);

  126. 

  127.     foreach ($nodes_by_user as $uid => $private_status) {

  128.       foreach ($private_status as $nid => $is_private) {

  129.         $this->drupalGet('node/' . $nid);

  130.         $this->assertResponse(200);

  131.       }

  132.     }

  133. 

  134.     // Check to see that the correct nodes are shown on examples/node_access.

  135.     // This user should be able to see all 3 of them.

  136.     $this->drupalGet('examples/node_access');

  137.     $accessible = $this->xpath("//tr[contains(@class,'accessible')]");

  138.     $this->assertEqual(count($accessible), 3);

  139. 

  140. 

  141.     // Test that a user named 'foobar' can edit any private node due to

  142.     // node_access_example_node_access(). Note that this user will not be

  143.     // able to search for private nodes, and will not have available nodes

  144.     // shown on examples/node_access, because node_access() is not called

  145.     // for node listings, only for actual access to a node.

  146.     $edit_user = $this->drupalCreateUser(array('access comments', 'access content', 'post comments', 'skip comment approval', 'search content'));

  147.     // Update the name of the user to 'foobar'.

  148.     $num_updated = db_update('users')

  149.       ->fields(array(

  150.           'name' => 'foobar',

  151.       ))

  152.       ->condition('uid', $edit_user->uid)

  153.       ->execute();

  154. 

  155.     $edit_user->name = 'foobar';

  156.     $this->drupalLogin($edit_user);

  157. 

  158.     // Try to edit each of the private nodes.

  159.     foreach ($private_nodes as $nid) {

  160.       $body = $this->randomName();

  161.       $edit = array('body[und][0][value]' => $body);

  162.       $this->drupalPost('node/' . $nid . '/edit', $edit, t('Save'));

  163.       $this->assertText(t('has been updated'), t('Node was updated by "foobar" user'));

  164.     }

  165. 

  166.     // Test that a privileged user can edit and delete private content.

  167.     // This test should go last, as the nodes get deleted.

  168.     $edit_user = $this->drupalCreateUser(array('access content', 'access any private content', 'edit any private content'));

  169.     $this->drupalLogin($edit_user);

  170.     foreach ($private_nodes as $nid) {

  171.       $body = $this->randomName();

  172.       $edit = array('body[und][0][value]' => $body);

  173.       $this->drupalPost('node/' . $nid . '/edit', $edit, t('Save'));

  174.       $this->assertText(t('has been updated'));

  175.       $this->drupalPost('node/' . $nid . '/edit', array(), t('Delete'));

  176.       $this->drupalPost(NULL, array(), t('Delete'));

  177.       $this->assertText(t('has been deleted'));

  178.     }

  179. 

  180. 

  181.   }

  182. 

  183.   /**

  184.    * On the search page, search for a string and assert the expected number

  185.    * of results.

  186.    * @param $search_query

  187.    *   String to search for

  188.    * @param $expected_result_count

  189.    *   Expected result count

  190.    */

  191.   function checkSearchResults($search_query, $expected_result_count) {

  192.     $this->drupalPost('search/node', array('keys' => $search_query), t('Search'));

  193.     $search_results = $this->xpath("//ol[contains(@class, 'search-results')]/li");

  194.     $this->assertEqual(count($search_results), $expected_result_count, t('Found the expected number of search results'));

  195.   }

  196. }

  197.
Login or register to post comments