function EditorPrivateFileReferenceFilterTest::testEditorPrivateFileReferenceFilter
Same name in other branches
- 8.9.x core/modules/editor/tests/src/Functional/EditorPrivateFileReferenceFilterTest.php \Drupal\Tests\editor\Functional\EditorPrivateFileReferenceFilterTest::testEditorPrivateFileReferenceFilter()
- 10 core/modules/editor/tests/src/Functional/EditorPrivateFileReferenceFilterTest.php \Drupal\Tests\editor\Functional\EditorPrivateFileReferenceFilterTest::testEditorPrivateFileReferenceFilter()
- 11.x core/modules/editor/tests/src/Functional/EditorPrivateFileReferenceFilterTest.php \Drupal\Tests\editor\Functional\EditorPrivateFileReferenceFilterTest::testEditorPrivateFileReferenceFilter()
Tests the editor file reference filter with private files.
File
-
core/
modules/ editor/ tests/ src/ Functional/ EditorPrivateFileReferenceFilterTest.php, line 43
Class
- EditorPrivateFileReferenceFilterTest
- Tests Editor module's file reference filter with private files.
Namespace
Drupal\Tests\editor\FunctionalCode
public function testEditorPrivateFileReferenceFilter() {
$author = $this->drupalCreateUser();
$this->drupalLogin($author);
// Create a content type with a body field.
$this->drupalCreateContentType([
'type' => 'page',
'name' => 'Basic page',
]);
// Create a file in the 'private:// ' stream.
$filename = 'test.png';
$src = '/system/files/' . $filename;
/** @var \Drupal\file\FileInterface $file */
$file = File::create([
'uri' => 'private://' . $filename,
]);
$file->setTemporary();
$file->setOwner($author);
// Create the file itself.
file_put_contents($file->getFileUri(), $this->randomString());
$file->save();
// The image should be visible for its author.
$this->drupalGet($src);
$this->assertSession()
->statusCodeEquals(200);
// The not-yet-permanent image should NOT be visible for anonymous.
$this->drupalLogout();
$this->drupalGet($src);
$this->assertSession()
->statusCodeEquals(403);
// Resave the file to be permanent.
$file->setPermanent();
$file->save();
// Create some nodes to ensure file usage count does not match the ID's
// of the nodes we are going to check.
for ($i = 0; $i < 5; $i++) {
$this->drupalCreateNode([
'type' => 'page',
'uid' => $author->id(),
]);
}
// Create a node with its body field properly pointing to the just-created
// file.
$published_node = $this->drupalCreateNode([
'type' => 'page',
'body' => [
'value' => '<img alt="alt" data-entity-type="file" data-entity-uuid="' . $file->uuid() . '" src="' . $src . '" />',
'format' => 'private_images',
],
'uid' => $author->id(),
]);
// Create an unpublished node with its body field properly pointing to the
// just-created file.
$unpublished_node = $this->drupalCreateNode([
'type' => 'page',
'status' => NodeInterface::NOT_PUBLISHED,
'body' => [
'value' => '<img alt="alt" data-entity-type="file" data-entity-uuid="' . $file->uuid() . '" src="' . $src . '" />',
'format' => 'private_images',
],
'uid' => $author->id(),
]);
// Do the actual test. The image should be visible for anonymous users,
// because they can view the published node. Even though they can't view
// the unpublished node.
$this->drupalGet($published_node->toUrl());
$this->assertSession()
->statusCodeEquals(200);
$this->drupalGet($unpublished_node->toUrl());
$this->assertSession()
->statusCodeEquals(403);
$this->drupalGet($src);
$this->assertSession()
->statusCodeEquals(200);
// When the published node is also unpublished, the image should also
// become inaccessible to anonymous users.
$published_node->setUnpublished()
->save();
$this->drupalGet($published_node->toUrl());
$this->assertSession()
->statusCodeEquals(403);
$this->drupalGet($src);
$this->assertSession()
->statusCodeEquals(403);
// Disallow anonymous users to view the entity, which then should also
// disallow them to view the image.
$published_node->setPublished()
->save();
Role::load(RoleInterface::ANONYMOUS_ID)->revokePermission('access content')
->save();
$this->drupalGet($published_node->toUrl());
$this->assertSession()
->statusCodeEquals(403);
$this->drupalGet($src);
$this->assertSession()
->statusCodeEquals(403);
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.