function MediaLibraryAccessTest::testFieldWidgetEntityFieldAccess
Same name in other branches
- 8.9.x core/modules/media_library/tests/src/Kernel/MediaLibraryAccessTest.php \Drupal\Tests\media_library\Kernel\MediaLibraryAccessTest::testFieldWidgetEntityFieldAccess()
- 10 core/modules/media_library/tests/src/Kernel/MediaLibraryAccessTest.php \Drupal\Tests\media_library\Kernel\MediaLibraryAccessTest::testFieldWidgetEntityFieldAccess()
- 11.x core/modules/media_library/tests/src/Kernel/MediaLibraryAccessTest.php \Drupal\Tests\media_library\Kernel\MediaLibraryAccessTest::testFieldWidgetEntityFieldAccess()
Tests that the field widget opener respects entity field-level access.
@dataProvider providerFieldWidgetEntityFieldAccess
Parameters
string $field_type: The field type.
File
-
core/
modules/ media_library/ tests/ src/ Kernel/ MediaLibraryAccessTest.php, line 280
Class
- MediaLibraryAccessTest
- Tests the media library access.
Namespace
Drupal\Tests\media_library\KernelCode
public function testFieldWidgetEntityFieldAccess(string $field_type) {
$field_storage = FieldStorageConfig::create([
'type' => $field_type,
'entity_type' => 'entity_test',
// The media_library_test module will deny access to this field.
// @see media_library_test_entity_field_access()
'field_name' => 'field_media_no_access',
'settings' => [
'target_type' => 'media',
],
]);
$field_storage->save();
FieldConfig::create([
'field_storage' => $field_storage,
'bundle' => 'test',
])->save();
/** @var \Drupal\media_library\MediaLibraryUiBuilder $ui_builder */
$ui_builder = $this->container
->get('media_library.ui_builder');
// Create an account with administrative access to the test entity type,
// so that we can be certain that field access is checked.
$account = $this->createUser([
'administer entity_test content',
]);
// Test that access is denied even without an entity to work with.
$state = MediaLibraryState::create('media_library.opener.field_widget', [
'file',
'image',
], 'file', 2, [
'entity_type_id' => 'entity_test',
'bundle' => 'test',
'field_name' => $field_storage->getName(),
]);
$access_result = $ui_builder->checkAccess($account, $state);
$this->assertAccess($access_result, FALSE, 'Field access denied by test module', [], [
'url.query_args',
'user.permissions',
]);
// Assert that field access is also checked with a real entity.
$entity = EntityTest::create([
'type' => 'test',
'name' => $this->randomString(),
]);
$entity->save();
$parameters = $state->getOpenerParameters();
$parameters['entity_id'] = $entity->id();
$state = MediaLibraryState::create($state->getOpenerId(), $state->getAllowedTypeIds(), $state->getSelectedTypeId(), $state->getAvailableSlots(), $parameters);
$access_result = $ui_builder->checkAccess($account, $state);
$this->assertAccess($access_result, FALSE, 'Field access denied by test module', [], [
'url.query_args',
'user.permissions',
]);
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.