function VocabularyPermissionsTest::testVocabularyPermissionsTaxonomyTerm

Same name in other branches
  1. 9 core/modules/taxonomy/tests/src/Functional/VocabularyPermissionsTest.php \Drupal\Tests\taxonomy\Functional\VocabularyPermissionsTest::testVocabularyPermissionsTaxonomyTerm()
  2. 8.9.x core/modules/taxonomy/tests/src/Functional/VocabularyPermissionsTest.php \Drupal\Tests\taxonomy\Functional\VocabularyPermissionsTest::testVocabularyPermissionsTaxonomyTerm()
  3. 10 core/modules/taxonomy/tests/src/Functional/VocabularyPermissionsTest.php \Drupal\Tests\taxonomy\Functional\VocabularyPermissionsTest::testVocabularyPermissionsTaxonomyTerm()

Create, edit and delete a taxonomy term via the user interface.

File

core/modules/taxonomy/tests/src/Functional/VocabularyPermissionsTest.php, line 248

Class

VocabularyPermissionsTest
Tests the taxonomy vocabulary permissions.

Namespace

Drupal\Tests\taxonomy\Functional

Code

public function testVocabularyPermissionsTaxonomyTerm() : void {
    // Vocabulary used for creating, removing and editing terms.
    $vocabulary = $this->createVocabulary();
    // Test as admin user.
    $user = $this->drupalCreateUser([
        'administer taxonomy',
    ]);
    $this->drupalLogin($user);
    // Visit the main taxonomy administration page.
    $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
    $this->assertSession()
        ->statusCodeEquals(200);
    $this->assertSession()
        ->fieldExists('edit-name-0-value');
    // Submit the term.
    $edit = [];
    $edit['name[0][value]'] = $this->randomMachineName();
    $this->submitForm($edit, 'Save');
    $this->assertSession()
        ->pageTextContains('Created new term ' . $edit['name[0][value]'] . '.');
    // Verify that the creation message contains a link to a term.
    $this->assertSession()
        ->elementExists('xpath', '//div[@data-drupal-messages]//a[contains(@href, "term/")]');
    $terms = \Drupal::entityTypeManager()->getStorage('taxonomy_term')
        ->loadByProperties([
        'name' => $edit['name[0][value]'],
    ]);
    $term = reset($terms);
    // Edit the term.
    $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
    $this->assertSession()
        ->statusCodeEquals(200);
    $this->assertSession()
        ->pageTextContains($edit['name[0][value]']);
    $edit['name[0][value]'] = $this->randomMachineName();
    $this->submitForm($edit, 'Save');
    $this->assertSession()
        ->pageTextContains('Updated term ' . $edit['name[0][value]'] . '.');
    // Delete the vocabulary.
    $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
    $this->assertSession()
        ->pageTextContains("Are you sure you want to delete the taxonomy term {$edit['name[0][value]']}?");
    // Confirm deletion.
    $this->submitForm([], 'Delete');
    $this->assertSession()
        ->pageTextContains("Deleted term {$edit['name[0][value]']}.");
    // Test as user with "create" permissions.
    $user = $this->drupalCreateUser([
        "create terms in {$vocabulary->id()}",
    ]);
    $this->drupalLogin($user);
    $assert_session = $this->assertSession();
    // Create a new term.
    $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
    $assert_session->statusCodeEquals(200);
    $assert_session->fieldExists('name[0][value]');
    // Submit the term.
    $edit = [];
    $edit['name[0][value]'] = $this->randomMachineName();
    $this->submitForm($edit, 'Save');
    $assert_session->pageTextContains("Created new term {$edit['name[0][value]']}.");
    $terms = \Drupal::entityTypeManager()->getStorage('taxonomy_term')
        ->loadByProperties([
        'name' => $edit['name[0][value]'],
    ]);
    $term = reset($terms);
    // Ensure that edit and delete access is denied.
    $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
    $assert_session->statusCodeEquals(403);
    $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
    $assert_session->statusCodeEquals(403);
    // Test as user with "edit" permissions.
    $user = $this->drupalCreateUser([
        "edit terms in {$vocabulary->id()}",
    ]);
    $this->drupalLogin($user);
    // Ensure the taxonomy term add form is denied.
    $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
    $this->assertSession()
        ->statusCodeEquals(403);
    // Create a test term.
    $term = $this->createTerm($vocabulary);
    // Edit the term.
    $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
    $this->assertSession()
        ->statusCodeEquals(200);
    $this->assertSession()
        ->pageTextContains($term->getName());
    $edit['name[0][value]'] = $this->randomMachineName();
    $this->submitForm($edit, 'Save');
    $this->assertSession()
        ->pageTextContains('Updated term ' . $edit['name[0][value]'] . '.');
    // Verify that the update message contains a link to a term.
    $this->assertSession()
        ->elementExists('xpath', '//div[@data-drupal-messages]//a[contains(@href, "term/")]');
    // Ensure the term cannot be deleted.
    $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
    $this->assertSession()
        ->statusCodeEquals(403);
    // Test as user with "delete" permissions.
    $user = $this->drupalCreateUser([
        "delete terms in {$vocabulary->id()}",
    ]);
    $this->drupalLogin($user);
    // Ensure the taxonomy term add form is denied.
    $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
    $this->assertSession()
        ->statusCodeEquals(403);
    // Create a test term.
    $term = $this->createTerm($vocabulary);
    // Ensure that the term cannot be edited.
    $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
    $this->assertSession()
        ->statusCodeEquals(403);
    // Delete the vocabulary.
    $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
    $this->assertSession()
        ->pageTextContains("Are you sure you want to delete the taxonomy term {$term->getName()}?");
    // Confirm deletion.
    $this->submitForm([], 'Delete');
    $this->assertSession()
        ->pageTextContains("Deleted term {$term->getName()}.");
    // Test as user without proper permissions.
    $user = $this->drupalCreateUser();
    $this->drupalLogin($user);
    // Ensure the taxonomy term add form is denied.
    $this->drupalGet('admin/structure/taxonomy/manage/' . $vocabulary->id() . '/add');
    $this->assertSession()
        ->statusCodeEquals(403);
    // Create a test term.
    $term = $this->createTerm($vocabulary);
    // Ensure that the term cannot be edited.
    $this->drupalGet('taxonomy/term/' . $term->id() . '/edit');
    $this->assertSession()
        ->statusCodeEquals(403);
    // Ensure the term cannot be deleted.
    $this->drupalGet('taxonomy/term/' . $term->id() . '/delete');
    $this->assertSession()
        ->statusCodeEquals(403);
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.