function MediaLibraryAccessTest::testViewAccess
Same name in other branches
- 8.9.x core/modules/media_library/tests/src/Kernel/MediaLibraryAccessTest.php \Drupal\Tests\media_library\Kernel\MediaLibraryAccessTest::testViewAccess()
- 10 core/modules/media_library/tests/src/Kernel/MediaLibraryAccessTest.php \Drupal\Tests\media_library\Kernel\MediaLibraryAccessTest::testViewAccess()
- 11.x core/modules/media_library/tests/src/Kernel/MediaLibraryAccessTest.php \Drupal\Tests\media_library\Kernel\MediaLibraryAccessTest::testViewAccess()
Tests that media library access respects the media_library view.
File
-
core/
modules/ media_library/ tests/ src/ Kernel/ MediaLibraryAccessTest.php, line 338
Class
- MediaLibraryAccessTest
- Tests the media library access.
Namespace
Drupal\Tests\media_library\KernelCode
public function testViewAccess() {
/** @var \Drupal\media_library\MediaLibraryUiBuilder $ui_builder */
$ui_builder = $this->container
->get('media_library.ui_builder');
// Create a media library state to test access.
$state = MediaLibraryState::create('media_library.opener.field_widget', [
'file',
'image',
], 'file', 2, [
'entity_type_id' => 'entity_test',
'bundle' => 'test',
'field_name' => 'field_test_media',
]);
// Create a clone of the view so we can reset the original later.
$view_original = clone Views::getView('media_library');
// Create our test users. Both have permission to create entity_test content
// so that we can specifically test Views-related access checking.
// @see ::testEntityCreateAccess()
$forbidden_account = $this->createUser([
'create test entity_test_with_bundle entities',
]);
$allowed_account = $this->createUser([
'create test entity_test_with_bundle entities',
'view media',
]);
// Assert the 'view media' permission is needed to access the library and
// validate the cache dependencies.
$access_result = $ui_builder->checkAccess($forbidden_account, $state);
$this->assertAccess($access_result, FALSE, "The 'view media' permission is required.", $view_original->storage
->getCacheTags(), [
'url.query_args',
'user.permissions',
]);
// Assert that the media library access is denied when the view widget
// display is deleted.
$view_storage = Views::getView('media_library')->storage;
$displays = $view_storage->get('display');
unset($displays['widget']);
$view_storage->set('display', $displays);
$view_storage->save();
$access_result = $ui_builder->checkAccess($allowed_account, $state);
$this->assertAccess($access_result, FALSE, 'The media library widget display does not exist.', $view_original->storage
->getCacheTags());
// Restore the original view and assert that the media library controller
// works again.
$view_original->storage
->save();
$access_result = $ui_builder->checkAccess($allowed_account, $state);
$this->assertAccess($access_result, TRUE, NULL, $view_original->storage
->getCacheTags(), [
'url.query_args',
'user.permissions',
]);
// Assert that the media library access is denied when the entire media
// library view is deleted.
Views::getView('media_library')->storage
->delete();
$access_result = $ui_builder->checkAccess($allowed_account, $state);
$this->assertAccess($access_result, FALSE, 'The media library view does not exist.');
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.