class NodeAccessTest
Same name in this branch
- 11.x core/modules/content_moderation/tests/src/Kernel/NodeAccessTest.php \Drupal\Tests\content_moderation\Kernel\NodeAccessTest
- 11.x core/modules/content_moderation/tests/src/Functional/NodeAccessTest.php \Drupal\Tests\content_moderation\Functional\NodeAccessTest
Same name and namespace in other branches
- 9 core/modules/content_moderation/tests/src/Kernel/NodeAccessTest.php \Drupal\Tests\content_moderation\Kernel\NodeAccessTest
- 9 core/modules/content_moderation/tests/src/Functional/NodeAccessTest.php \Drupal\Tests\content_moderation\Functional\NodeAccessTest
- 9 core/modules/node/tests/src/Kernel/NodeAccessTest.php \Drupal\Tests\node\Kernel\NodeAccessTest
- 8.9.x core/modules/content_moderation/tests/src/Kernel/NodeAccessTest.php \Drupal\Tests\content_moderation\Kernel\NodeAccessTest
- 8.9.x core/modules/content_moderation/tests/src/Functional/NodeAccessTest.php \Drupal\Tests\content_moderation\Functional\NodeAccessTest
- 8.9.x core/modules/node/tests/src/Kernel/NodeAccessTest.php \Drupal\Tests\node\Kernel\NodeAccessTest
- 10 core/modules/content_moderation/tests/src/Kernel/NodeAccessTest.php \Drupal\Tests\content_moderation\Kernel\NodeAccessTest
- 10 core/modules/content_moderation/tests/src/Functional/NodeAccessTest.php \Drupal\Tests\content_moderation\Functional\NodeAccessTest
- 10 core/modules/node/tests/src/Kernel/NodeAccessTest.php \Drupal\Tests\node\Kernel\NodeAccessTest
Tests basic node_access functionality.
@group node
Hierarchy
- class \Drupal\KernelTests\KernelTestBase extends \PHPUnit\Framework\TestCase implements \Drupal\Core\DependencyInjection\ServiceProviderInterface uses \Drupal\KernelTests\AssertContentTrait, \Drupal\Tests\RandomGeneratorTrait, \Drupal\Tests\ConfigTestTrait, \Drupal\Tests\ExtensionListTestTrait, \Drupal\Tests\TestRequirementsTrait, \Drupal\Tests\PhpUnitCompatibilityTrait, \Prophecy\PhpUnit\ProphecyTrait, \Drupal\TestTools\Extension\DeprecationBridge\ExpectDeprecationTrait
- class \Drupal\Tests\node\Kernel\NodeAccessTestBase extends \Drupal\KernelTests\KernelTestBase uses \Drupal\Tests\node\Traits\NodeCreationTrait, \Drupal\Tests\user\Traits\UserCreationTrait, \Drupal\Tests\node\Traits\ContentTypeCreationTrait
- class \Drupal\Tests\node\Kernel\NodeAccessTest extends \Drupal\Tests\node\Kernel\NodeAccessTestBase
- class \Drupal\Tests\node\Kernel\NodeAccessTestBase extends \Drupal\KernelTests\KernelTestBase uses \Drupal\Tests\node\Traits\NodeCreationTrait, \Drupal\Tests\user\Traits\UserCreationTrait, \Drupal\Tests\node\Traits\ContentTypeCreationTrait
Expanded class hierarchy of NodeAccessTest
File
-
core/
modules/ node/ tests/ src/ Kernel/ NodeAccessTest.php, line 12
Namespace
Drupal\Tests\node\KernelView source
class NodeAccessTest extends NodeAccessTestBase {
/**
* Runs basic tests for node_access function.
*/
public function testNodeAccess() : void {
// Ensures user without 'access content' permission can do nothing.
$web_user1 = $this->drupalCreateUser([
'create page content',
'edit any page content',
'delete any page content',
]);
$node1 = $this->drupalCreateNode([
'type' => 'page',
]);
$this->assertNodeCreateAccess($node1->bundle(), FALSE, $web_user1);
$this->assertNodeAccess([
'view' => FALSE,
'update' => FALSE,
'delete' => FALSE,
], $node1, $web_user1);
// Ensures user with 'bypass node access' permission can do everything.
$web_user2 = $this->drupalCreateUser([
'bypass node access',
]);
$node2 = $this->drupalCreateNode([
'type' => 'page',
]);
$this->assertNodeCreateAccess($node2->bundle(), TRUE, $web_user2);
$this->assertNodeAccess([
'view' => TRUE,
'update' => TRUE,
'delete' => TRUE,
], $node2, $web_user2);
// User cannot 'view own unpublished content'.
$web_user3 = $this->drupalCreateUser([
'access content',
]);
$node3 = $this->drupalCreateNode([
'status' => 0,
'uid' => $web_user3->id(),
]);
$this->assertNodeAccess([
'view' => FALSE,
], $node3, $web_user3);
// User cannot create content without permission.
$this->assertNodeCreateAccess($node3->bundle(), FALSE, $web_user3);
// User can 'view own unpublished content', but another user cannot.
$web_user4 = $this->drupalCreateUser([
'access content',
'view own unpublished content',
]);
$web_user5 = $this->drupalCreateUser([
'access content',
'view own unpublished content',
]);
$node4 = $this->drupalCreateNode([
'status' => 0,
'uid' => $web_user4->id(),
]);
$this->assertNodeAccess([
'view' => TRUE,
'update' => FALSE,
], $node4, $web_user4);
$this->assertNodeAccess([
'view' => FALSE,
], $node4, $web_user5);
// Tests the default access provided for a published node.
$node5 = $this->drupalCreateNode();
$this->assertNodeAccess([
'view' => TRUE,
'update' => FALSE,
'delete' => FALSE,
], $node5, $web_user3);
// Tests the "edit any BUNDLE" and "delete any BUNDLE" permissions.
$web_user6 = $this->drupalCreateUser([
'access content',
'edit any page content',
'delete any page content',
]);
$node6 = $this->drupalCreateNode([
'type' => 'page',
]);
$this->assertNodeAccess([
'view' => TRUE,
'update' => TRUE,
'delete' => TRUE,
], $node6, $web_user6);
// Tests the "edit own BUNDLE" and "delete own BUNDLE" permission.
$web_user7 = $this->drupalCreateUser([
'access content',
'edit own page content',
'delete own page content',
]);
// User should not be able to edit or delete nodes they do not own.
$this->assertNodeAccess([
'view' => TRUE,
'update' => FALSE,
'delete' => FALSE,
], $node6, $web_user7);
// User should be able to edit or delete nodes they own.
$node7 = $this->drupalCreateNode([
'type' => 'page',
'uid' => $web_user7->id(),
]);
$this->assertNodeAccess([
'view' => TRUE,
'update' => TRUE,
'delete' => TRUE,
], $node7, $web_user7);
}
/**
* Tests operations not supported by node grants.
*/
public function testUnsupportedOperation() : void {
$this->enableModules([
'node_access_test_empty',
]);
$web_user = $this->drupalCreateUser([
'access content',
]);
$node = $this->drupalCreateNode();
$this->assertNodeAccess([
'random_operation' => FALSE,
], $node, $web_user);
}
/**
* Tests node grants for queries with node access checks and base table join.
*/
public function testQueryWithBaseTableJoin() : void {
$this->enableModules([
'node_access_test_empty',
]);
$this->drupalCreateNode([
'type' => 'page',
]);
$this->drupalCreateNode([
'type' => 'page',
]);
$container = \Drupal::getContainer();
$container->get('current_user')
->setAccount($this->drupalCreateUser());
$query = \Drupal::database()->select('node_field_data', 'n');
// Intentionally add a left join of the base table on the base table with a
// failing condition. This can, for example, happen in views with non
// required relations.
$query->leftJoin('node_field_data', 'nc', 'n.changed = nc.nid');
$query->addTag('node_access');
$this->assertEquals(2, $query->countQuery()
->execute()
->fetchField());
$query = \Drupal::database()->select('node_field_data', 'n');
// Use a Condition object to do the left join to test that this is handled
// correctly.
$join_cond = \Drupal::database()->condition('AND')
->where('[n].[changed] = [n].[changed]');
$join_cond->compile(\Drupal::database(), $query);
$query->leftJoin('node_field_data', 'nc', (string) $join_cond);
$query->addTag('node_access');
$this->assertEquals(4, $query->countQuery()
->execute()
->fetchField());
}
}
Members
Title Sort descending | Modifiers | Object type | Summary | Member alias | Overriden Title | Overrides |
---|---|---|---|---|---|---|
AssertContentTrait::$content | protected | property | The current raw content. | |||
AssertContentTrait::$drupalSettings | protected | property | The drupalSettings value from the current raw $content. | |||
AssertContentTrait::$elements | protected | property | The XML structure parsed from the current raw $content. | 1 | ||
AssertContentTrait::$plainTextContent | protected | property | The plain-text content of raw $content (text nodes). | |||
AssertContentTrait::assertEscaped | protected | function | Passes if the raw text IS found escaped on the loaded page, fail otherwise. | |||
AssertContentTrait::assertField | protected | function | Asserts that a field exists with the given name or ID. | |||
AssertContentTrait::assertFieldById | protected | function | Asserts that a field exists with the given ID and value. | |||
AssertContentTrait::assertFieldByName | protected | function | Asserts that a field exists with the given name and value. | |||
AssertContentTrait::assertFieldByXPath | protected | function | Asserts that a field exists in the current page by the given XPath. | |||
AssertContentTrait::assertFieldChecked | protected | function | Asserts that a checkbox field in the current page is checked. | |||
AssertContentTrait::assertFieldsByValue | protected | function | Asserts that a field exists in the current page with a given Xpath result. | |||
AssertContentTrait::assertLink | protected | function | Passes if a link with the specified label is found. | |||
AssertContentTrait::assertLinkByHref | protected | function | Passes if a link containing a given href (part) is found. | |||
AssertContentTrait::assertNoDuplicateIds | protected | function | Asserts that each HTML ID is used for just a single element. | |||
AssertContentTrait::assertNoEscaped | protected | function | Passes if raw text IS NOT found escaped on loaded page, fail otherwise. | |||
AssertContentTrait::assertNoField | protected | function | Asserts that a field does not exist with the given name or ID. | |||
AssertContentTrait::assertNoFieldById | protected | function | Asserts that a field does not exist with the given ID and value. | |||
AssertContentTrait::assertNoFieldByName | protected | function | Asserts that a field does not exist with the given name and value. | |||
AssertContentTrait::assertNoFieldByXPath | protected | function | Asserts that a field does not exist or its value does not match, by XPath. | |||
AssertContentTrait::assertNoFieldChecked | protected | function | Asserts that a checkbox field in the current page is not checked. | |||
AssertContentTrait::assertNoLink | protected | function | Passes if a link with the specified label is not found. | |||
AssertContentTrait::assertNoLinkByHref | protected | function | Passes if a link containing a given href (part) is not found. | |||
AssertContentTrait::assertNoLinkByHrefInMainRegion | protected | function | Passes if a link containing a given href is not found in the main region. | |||
AssertContentTrait::assertNoOption | protected | function | Asserts that a select option in the current page does not exist. | |||
AssertContentTrait::assertNoOptionSelected | protected | function | Asserts that a select option in the current page is not checked. | |||
AssertContentTrait::assertNoPattern | protected | function | Triggers a pass if the perl regex pattern is not found in raw content. | |||
AssertContentTrait::assertNoRaw | protected | function | Passes if the raw text is NOT found on the loaded page, fail otherwise. | |||
AssertContentTrait::assertNoText | protected | function | Passes if the page (with HTML stripped) does not contains the text. | |||
AssertContentTrait::assertNoTitle | protected | function | Pass if the page title is not the given string. | |||
AssertContentTrait::assertNoUniqueText | protected | function | Passes if the text is found MORE THAN ONCE on the text version of the page. | |||
AssertContentTrait::assertOption | protected | function | Asserts that a select option in the current page exists. | |||
AssertContentTrait::assertOptionByText | protected | function | Asserts that a select option with the visible text exists. | |||
AssertContentTrait::assertOptionSelected | protected | function | Asserts that a select option in the current page is checked. | |||
AssertContentTrait::assertOptionSelectedWithDrupalSelector | protected | function | Asserts that a select option in the current page is checked. | |||
AssertContentTrait::assertOptionWithDrupalSelector | protected | function | Asserts that a select option in the current page exists. | |||
AssertContentTrait::assertPattern | protected | function | Triggers a pass if the Perl regex pattern is found in the raw content. | |||
AssertContentTrait::assertRaw | protected | function | Passes if the raw text IS found on the loaded page, fail otherwise. | |||
AssertContentTrait::assertText | protected | function | Passes if the page (with HTML stripped) contains the text. | |||
AssertContentTrait::assertTextHelper | protected | function | Helper for assertText and assertNoText. | |||
AssertContentTrait::assertTextPattern | protected | function | Asserts that a Perl regex pattern is found in the plain-text content. | |||
AssertContentTrait::assertThemeOutput | protected | function | Asserts themed output. | |||
AssertContentTrait::assertTitle | protected | function | Pass if the page title is the given string. | |||
AssertContentTrait::assertUniqueText | protected | function | Passes if the text is found ONLY ONCE on the text version of the page. | |||
AssertContentTrait::assertUniqueTextHelper | protected | function | Helper for assertUniqueText and assertNoUniqueText. | |||
AssertContentTrait::buildXPathQuery | protected | function | Builds an XPath query. | |||
AssertContentTrait::constructFieldXpath | protected | function | Helper: Constructs an XPath for the given set of attributes and value. | |||
AssertContentTrait::cssSelect | protected | function | Searches elements using a CSS selector in the raw content. | |||
AssertContentTrait::getAllOptions | protected | function | Get all option elements, including nested options, in a select. | |||
AssertContentTrait::getDrupalSettings | protected | function | Gets the value of drupalSettings for the currently-loaded page. | |||
AssertContentTrait::getRawContent | protected | function | Gets the current raw content. | |||
AssertContentTrait::getSelectedItem | protected | function | Get the selected value from a select field. | |||
AssertContentTrait::getTextContent | protected | function | Retrieves the plain-text content from the current raw content. | |||
AssertContentTrait::parse | protected | function | Parse content returned from curlExec using DOM and SimpleXML. | |||
AssertContentTrait::removeWhiteSpace | protected | function | Removes all white-space between HTML tags from the raw content. | |||
AssertContentTrait::setDrupalSettings | protected | function | Sets the value of drupalSettings for the currently-loaded page. | |||
AssertContentTrait::setRawContent | protected | function | Sets the raw content (e.g. HTML). | |||
AssertContentTrait::xpath | protected | function | Performs an xpath search on the contents of the internal browser. | |||
ConfigTestTrait::configImporter | protected | function | Returns a ConfigImporter object to import test configuration. | |||
ConfigTestTrait::copyConfig | protected | function | Copies configuration objects from source storage to target storage. | |||
ContentTypeCreationTrait::createContentType | protected | function | Creates a custom content type based on default settings. | Aliased as: drupalCreateContentType | 1 | |
ExpectDeprecationTrait::expectDeprecation | public | function | Adds an expected deprecation. | |||
ExpectDeprecationTrait::getCallableName | private static | function | Returns a callable as a string suitable for inclusion in a message. | |||
ExpectDeprecationTrait::setUpErrorHandler | public | function | Sets up the test error handler. | |||
ExpectDeprecationTrait::tearDownErrorHandler | public | function | Tears down the test error handler. | |||
ExtensionListTestTrait::getModulePath | protected | function | Gets the path for the specified module. | |||
ExtensionListTestTrait::getThemePath | protected | function | Gets the path for the specified theme. | |||
KernelTestBase::$backupStaticAttributes | protected | property | Back up and restore static class properties that may be changed by tests. | |||
KernelTestBase::$backupStaticAttributesBlacklist | protected | property | Contains a few static class properties for performance. | |||
KernelTestBase::$classLoader | protected | property | ||||
KernelTestBase::$configImporter | protected | property | @todo Move into Config test base class. | 6 | ||
KernelTestBase::$configSchemaCheckerExclusions | protected static | property | An array of config object names that are excluded from schema checking. | 3 | ||
KernelTestBase::$container | protected | property | ||||
KernelTestBase::$databasePrefix | protected | property | ||||
KernelTestBase::$keyValue | protected | property | The key_value service that must persist between container rebuilds. | |||
KernelTestBase::$root | protected | property | The app root. | |||
KernelTestBase::$siteDirectory | protected | property | ||||
KernelTestBase::$strictConfigSchema | protected | property | Set to TRUE to strict check all configuration saved. | 9 | ||
KernelTestBase::$usesSuperUserAccessPolicy | protected | property | Set to TRUE to make user 1 a super user. | 8 | ||
KernelTestBase::$vfsRoot | protected | property | The virtual filesystem root directory. | |||
KernelTestBase::assertPostConditions | protected | function | 1 | |||
KernelTestBase::bootEnvironment | protected | function | Bootstraps a basic test environment. | |||
KernelTestBase::bootKernel | protected | function | Bootstraps a kernel for a test. | 1 | ||
KernelTestBase::config | protected | function | Configuration accessor for tests. Returns non-overridden configuration. | |||
KernelTestBase::disableModules | protected | function | Disables modules for this test. | |||
KernelTestBase::enableModules | protected | function | Enables modules for this test. | 1 | ||
KernelTestBase::getConfigSchemaExclusions | protected | function | Gets the config schema exclusions for this test. | |||
KernelTestBase::getDatabaseConnectionInfo | protected | function | Returns the Database connection info to be used for this test. | 2 | ||
KernelTestBase::getDatabasePrefix | public | function | ||||
KernelTestBase::getExtensionsForModules | private | function | Returns Extension objects for $modules to enable. | |||
KernelTestBase::getModulesToEnable | private static | function | Returns the modules to enable for this test. | |||
KernelTestBase::initFileCache | protected | function | Initializes the FileCache component. | |||
KernelTestBase::installConfig | protected | function | Installs default configuration for a given list of modules. | |||
KernelTestBase::installEntitySchema | protected | function | Installs the storage schema for a specific entity type. | |||
KernelTestBase::installSchema | protected | function | Installs database tables from a module schema definition. | |||
KernelTestBase::register | public | function | Registers test-specific services. | Overrides ServiceProviderInterface::register | 27 | |
KernelTestBase::render | protected | function | Renders a render array. | 1 | ||
KernelTestBase::setInstallProfile | protected | function | Sets the install profile and rebuilds the container to update it. | |||
KernelTestBase::setSetting | protected | function | Sets an in-memory Settings variable. | |||
KernelTestBase::setUpBeforeClass | public static | function | 1 | |||
KernelTestBase::setUpFilesystem | protected | function | Sets up the filesystem, so things like the file directory. | 2 | ||
KernelTestBase::tearDown | protected | function | 7 | |||
KernelTestBase::tearDownCloseDatabaseConnection | public | function | Additional tear down method to close the connection at the end. | |||
KernelTestBase::vfsDump | protected | function | Dumps the current state of the virtual filesystem to STDOUT. | |||
KernelTestBase::__construct | public | function | ||||
KernelTestBase::__sleep | public | function | Prevents serializing any properties. | |||
NodeAccessTest::testNodeAccess | public | function | Runs basic tests for node_access function. | |||
NodeAccessTest::testQueryWithBaseTableJoin | public | function | Tests node grants for queries with node access checks and base table join. | |||
NodeAccessTest::testUnsupportedOperation | public | function | Tests operations not supported by node grants. | |||
NodeAccessTestBase::$accessHandler | protected | property | Access handler. | |||
NodeAccessTestBase::$modules | protected static | property | Modules to enable. | Overrides KernelTestBase::$modules | 5 | |
NodeAccessTestBase::assertNodeAccess | public | function | Asserts that node access correctly grants or denies access. | |||
NodeAccessTestBase::assertNodeCreateAccess | public | function | Asserts that node create access correctly grants or denies access. | |||
NodeAccessTestBase::nodeAccessAssertMessage | public | function | Constructs an assert message to display which node access was tested. | |||
NodeAccessTestBase::setUp | protected | function | Overrides KernelTestBase::setUp | 4 | ||
NodeCreationTrait::createNode | protected | function | Creates a node based on default settings. | Aliased as: drupalCreateNode | ||
NodeCreationTrait::getNodeByTitle | public | function | Get a node from the database based on its title. | Aliased as: drupalGetNodeByTitle | ||
RandomGeneratorTrait::getRandomGenerator | protected | function | Gets the random generator for the utility methods. | |||
RandomGeneratorTrait::randomMachineName | protected | function | Generates a unique random string containing letters and numbers. | |||
RandomGeneratorTrait::randomObject | public | function | Generates a random PHP object. | |||
RandomGeneratorTrait::randomString | public | function | Generates a pseudo-random string of ASCII characters of codes 32 to 126. | |||
StorageCopyTrait::replaceStorageContents | protected static | function | Copy the configuration from one storage to another and remove stale items. | |||
TestRequirementsTrait::getDrupalRoot | protected static | function | Returns the Drupal root directory. | |||
UserCreationTrait::checkPermissions | protected | function | Checks whether a given list of permission names is valid. | |||
UserCreationTrait::createAdminRole | protected | function | Creates an administrative role. | Aliased as: drupalCreateAdminRole | ||
UserCreationTrait::createRole | protected | function | Creates a role with specified permissions. | Aliased as: drupalCreateRole | ||
UserCreationTrait::createUser | protected | function | Create a user with a given set of permissions. | Aliased as: drupalCreateUser | ||
UserCreationTrait::grantPermissions | protected | function | Grant permissions to a user role. | |||
UserCreationTrait::setCurrentUser | protected | function | Switch the current logged in user. | |||
UserCreationTrait::setUpCurrentUser | protected | function | Creates a random user account and sets it as current user. |
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.