class UserCancelTest

Same name in other branches
  1. 9 core/modules/user/tests/src/Functional/UserCancelTest.php \Drupal\Tests\user\Functional\UserCancelTest
  2. 8.9.x core/modules/user/tests/src/Functional/UserCancelTest.php \Drupal\Tests\user\Functional\UserCancelTest
  3. 11.x core/modules/user/tests/src/Functional/UserCancelTest.php \Drupal\Tests\user\Functional\UserCancelTest

Ensure that account cancellation methods work as expected.

@group user @group #slow

Hierarchy

Expanded class hierarchy of UserCancelTest

File

core/modules/user/tests/src/Functional/UserCancelTest.php, line 22

Namespace

Drupal\Tests\user\Functional
View source
class UserCancelTest extends BrowserTestBase {
    use CommentTestTrait;
    
    /**
     * {@inheritdoc}
     */
    protected static $modules = [
        'node',
        'comment',
    ];
    
    /**
     * {@inheritdoc}
     */
    protected $defaultTheme = 'stark';
    
    /**
     * {@inheritdoc}
     */
    protected function setUp() : void {
        parent::setUp();
        $this->drupalCreateContentType([
            'type' => 'page',
            'name' => 'Basic page',
        ]);
    }
    
    /**
     * Attempt to cancel account without permission.
     */
    public function testUserCancelWithoutPermission() : void {
        $node_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('node');
        $this->config('user.settings')
            ->set('cancel_method', 'user_cancel_reassign')
            ->save();
        $user_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('user');
        // Create a user.
        $account = $this->drupalCreateUser([]);
        $this->drupalLogin($account);
        // Load a real user object.
        $user_storage->resetCache([
            $account->id(),
        ]);
        $account = $user_storage->load($account->id());
        // Create a node.
        $node = $this->drupalCreateNode([
            'uid' => $account->id(),
        ]);
        // Attempt to cancel account.
        $this->drupalGet('user/' . $account->id() . '/edit');
        $this->assertSession()
            ->pageTextNotContains("Cancel account");
        // Attempt bogus account cancellation request confirmation.
        $timestamp = $account->getLastLoginTime();
        $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$timestamp}/" . user_pass_rehash($account, $timestamp));
        $this->assertSession()
            ->statusCodeEquals(403);
        $user_storage->resetCache([
            $account->id(),
        ]);
        $account = $user_storage->load($account->id());
        $this->assertTrue($account->isActive(), 'User account was not canceled.');
        // Confirm user's content has not been altered.
        $node_storage->resetCache([
            $node->id(),
        ]);
        $test_node = $node_storage->load($node->id());
        $this->assertEquals($account->id(), $test_node->getOwnerId(), 'Node of the user has not been altered.');
        $this->assertTrue($test_node->isPublished());
    }
    
    /**
     * Tests ability to change the permission for canceling users.
     */
    public function testUserCancelChangePermission() : void {
        \Drupal::service('module_installer')->install([
            'user_form_test',
        ]);
        $this->config('user.settings')
            ->set('cancel_method', 'user_cancel_reassign')
            ->save();
        // Create a regular user.
        $account = $this->drupalCreateUser([]);
        $admin_user = $this->drupalCreateUser([
            'cancel other accounts',
        ]);
        $this->drupalLogin($admin_user);
        // Delete regular user.
        $this->drupalGet('user_form_test_cancel/' . $account->id());
        $this->submitForm([], 'Confirm');
        // Confirm deletion.
        $this->assertSession()
            ->pageTextContains("Account {$account->getAccountName()} has been deleted.");
        $this->assertNull(User::load($account->id()), 'User is not found in the database.');
    }
    
    /**
     * Tests that user account for uid 1 cannot be cancelled.
     *
     * This should never be possible, or the site owner would become unable to
     * administer the site.
     */
    public function testUserCancelUid1() : void {
        $user_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('user');
        \Drupal::service('module_installer')->install([
            'views',
        ]);
        // Try to cancel uid 1's account with a different user.
        $admin_user = $this->drupalCreateUser([
            'administer users',
        ]);
        $this->drupalLogin($admin_user);
        $edit = [
            'action' => 'user_cancel_user_action',
            'user_bulk_form[0]' => TRUE,
        ];
        $this->drupalGet('admin/people');
        $this->submitForm($edit, 'Apply to selected items');
        // Verify that uid 1's account was not cancelled.
        $user_storage->resetCache([
            1,
        ]);
        $user1 = $user_storage->load(1);
        $this->assertTrue($user1->isActive(), 'User #1 still exists and is not blocked.');
    }
    
    /**
     * Attempt invalid account cancellations.
     */
    public function testUserCancelInvalid() : void {
        $node_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('node');
        $this->config('user.settings')
            ->set('cancel_method', 'user_cancel_reassign')
            ->save();
        $user_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('user');
        // Create a user.
        $account = $this->drupalCreateUser([
            'cancel account',
        ]);
        $this->drupalLogin($account);
        // Load a real user object.
        $user_storage->resetCache([
            $account->id(),
        ]);
        $account = $user_storage->load($account->id());
        // Create a node.
        $node = $this->drupalCreateNode([
            'uid' => $account->id(),
        ]);
        // Attempt to cancel account.
        $this->drupalGet('user/' . $account->id() . '/cancel');
        $timestamp = time();
        $this->submitForm([], 'Confirm');
        $this->assertSession()
            ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
        // Attempt bogus account cancellation request confirmation.
        $bogus_timestamp = $timestamp + 60;
        $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$bogus_timestamp}/" . user_pass_rehash($account, $bogus_timestamp));
        $this->assertSession()
            ->pageTextContains('You have tried to use an account cancellation link that has expired. Request a new one using the form below.');
        $user_storage->resetCache([
            $account->id(),
        ]);
        $account = $user_storage->load($account->id());
        $this->assertTrue($account->isActive(), 'User account was not canceled.');
        // Attempt expired account cancellation request confirmation.
        $bogus_timestamp = $timestamp - 86400 - 60;
        $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$bogus_timestamp}/" . user_pass_rehash($account, $bogus_timestamp));
        $this->assertSession()
            ->pageTextContains('You have tried to use an account cancellation link that has expired. Request a new one using the form below.');
        $user_storage->resetCache([
            $account->id(),
        ]);
        $account = $user_storage->load($account->id());
        $this->assertTrue($account->isActive(), 'User account was not canceled.');
        // Confirm user's content has not been altered.
        $node_storage->resetCache([
            $node->id(),
        ]);
        $test_node = $node_storage->load($node->id());
        $this->assertEquals($account->id(), $test_node->getOwnerId(), 'Node of the user has not been altered.');
        $this->assertTrue($test_node->isPublished());
    }
    
    /**
     * Disable account and keep all content.
     */
    public function testUserBlock() : void {
        $this->config('user.settings')
            ->set('cancel_method', 'user_cancel_block')
            ->save();
        $user_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('user');
        // Create a user.
        $web_user = $this->drupalCreateUser([
            'cancel account',
        ]);
        $this->drupalLogin($web_user);
        // Load a real user object.
        $user_storage->resetCache([
            $web_user->id(),
        ]);
        $account = $user_storage->load($web_user->id());
        // Attempt to cancel account.
        $this->drupalGet('user/' . $account->id() . '/cancel');
        $this->assertSession()
            ->pageTextContains('Are you sure you want to cancel your account?');
        $this->assertSession()
            ->pageTextContains('Your account will be blocked and you will no longer be able to log in. All of your content will remain attributed to your username.');
        $this->assertSession()
            ->pageTextNotContains('Cancellation method');
        // Confirm account cancellation.
        $timestamp = time();
        $this->submitForm([], 'Confirm');
        $this->assertSession()
            ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
        // Confirm account cancellation request.
        $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$timestamp}/" . user_pass_rehash($account, $timestamp));
        $user_storage->resetCache([
            $account->id(),
        ]);
        $account = $user_storage->load($account->id());
        $this->assertTrue($account->isBlocked(), 'User has been blocked.');
        // Confirm that the confirmation message made it through to the end user.
        $this->assertSession()
            ->pageTextContains("Account {$account->getAccountName()} has been disabled.");
    }
    
    /**
     * Disable account and unpublish all content.
     */
    public function testUserBlockUnpublish() : void {
        $node_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('node');
        $this->config('user.settings')
            ->set('cancel_method', 'user_cancel_block_unpublish')
            ->save();
        // Create comment field on page.
        $this->addDefaultCommentField('node', 'page');
        $user_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('user');
        // Create a user.
        $account = $this->drupalCreateUser([
            'cancel account',
        ]);
        $this->drupalLogin($account);
        // Load a real user object.
        $user_storage->resetCache([
            $account->id(),
        ]);
        $account = $user_storage->load($account->id());
        // Create a node with two revisions.
        $node = $this->drupalCreateNode([
            'uid' => $account->id(),
        ]);
        $settings = get_object_vars($node);
        $settings['revision'] = 1;
        $node = $this->drupalCreateNode($settings);
        // Add a comment to the page.
        $comment_subject = $this->randomMachineName(8);
        $comment_body = $this->randomMachineName(8);
        $comment = Comment::create([
            'subject' => $comment_subject,
            'comment_body' => $comment_body,
            'entity_id' => $node->id(),
            'entity_type' => 'node',
            'field_name' => 'comment',
            'status' => CommentInterface::PUBLISHED,
            'uid' => $account->id(),
        ]);
        $comment->save();
        // Attempt to cancel account.
        $this->drupalGet('user/' . $account->id() . '/cancel');
        $this->assertSession()
            ->pageTextContains('Are you sure you want to cancel your account?');
        $this->assertSession()
            ->pageTextContains('Your account will be blocked and you will no longer be able to log in. All of your content will be hidden from everyone but administrators.');
        // Confirm account cancellation.
        $timestamp = time();
        $this->submitForm([], 'Confirm');
        $this->assertSession()
            ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
        // Confirm account cancellation request.
        $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$timestamp}/" . user_pass_rehash($account, $timestamp));
        // Confirm that the user was redirected to the front page.
        $this->assertSession()
            ->addressEquals('');
        $this->assertSession()
            ->statusCodeEquals(200);
        // Confirm that the confirmation message made it through to the end user.
        $this->assertSession()
            ->pageTextContains("Account {$account->getAccountName()} has been disabled.");
        $user_storage->resetCache([
            $account->id(),
        ]);
        $account = $user_storage->load($account->id());
        $this->assertTrue($account->isBlocked(), 'User has been blocked.');
        // Confirm user's content has been unpublished.
        $node_storage->resetCache([
            $node->id(),
        ]);
        $test_node = $node_storage->load($node->id());
        $this->assertFalse($test_node->isPublished(), 'Node of the user has been unpublished.');
        $test_node = $node_storage->loadRevision($node->getRevisionId());
        $this->assertFalse($test_node->isPublished(), 'Node revision of the user has been unpublished.');
        $storage = \Drupal::entityTypeManager()->getStorage('comment');
        $storage->resetCache([
            $comment->id(),
        ]);
        $comment = $storage->load($comment->id());
        $this->assertFalse($comment->isPublished(), 'Comment of the user has been unpublished.');
    }
    
    /**
     * Tests nodes are unpublished even if inaccessible to cancelling user.
     */
    public function testUserBlockUnpublishNodeAccess() : void {
        \Drupal::service('module_installer')->install([
            'node_access_test',
            'user_form_test',
        ]);
        // Setup node access
        node_access_rebuild();
        node_access_test_add_field(NodeType::load('page'));
        \Drupal::state()->set('node_access_test.private', TRUE);
        $this->config('user.settings')
            ->set('cancel_method', 'user_cancel_block_unpublish')
            ->save();
        // Create a user.
        $user_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('user');
        $account = $this->drupalCreateUser([
            'cancel account',
        ]);
        // Load a real user object.
        $user_storage->resetCache([
            $account->id(),
        ]);
        $account = $user_storage->load($account->id());
        // Create a published private node.
        $node = $this->drupalCreateNode([
            'uid' => $account->id(),
            'type' => 'page',
            'status' => 1,
            'private' => TRUE,
        ]);
        // Cancel node author.
        $admin_user = $this->drupalCreateUser([
            'cancel other accounts',
        ]);
        $this->drupalLogin($admin_user);
        $this->drupalGet('user_form_test_cancel/' . $account->id());
        $this->submitForm([], 'Confirm');
        // Confirm node has been unpublished, even though the admin user
        // does not have permission to access it.
        $node_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('node');
        $node_storage->resetCache([
            $node->id(),
        ]);
        $test_node = $node_storage->load($node->id());
        $this->assertFalse($test_node->isPublished(), 'Node of the user has been unpublished.');
    }
    
    /**
     * Delete account and anonymize all content.
     */
    public function testUserAnonymize() : void {
        $node_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('node');
        $this->config('user.settings')
            ->set('cancel_method', 'user_cancel_reassign')
            ->save();
        // Create comment field on page.
        $this->addDefaultCommentField('node', 'page');
        $user_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('user');
        // Create a user.
        $account = $this->drupalCreateUser([
            'cancel account',
        ]);
        $this->drupalLogin($account);
        // Load a real user object.
        $user_storage->resetCache([
            $account->id(),
        ]);
        $account = $user_storage->load($account->id());
        // Create a simple node.
        $node = $this->drupalCreateNode([
            'uid' => $account->id(),
        ]);
        // Add a comment to the page.
        $comment_subject = $this->randomMachineName(8);
        $comment_body = $this->randomMachineName(8);
        $comment = Comment::create([
            'subject' => $comment_subject,
            'comment_body' => $comment_body,
            'entity_id' => $node->id(),
            'entity_type' => 'node',
            'field_name' => 'comment',
            'status' => CommentInterface::PUBLISHED,
            'uid' => $account->id(),
        ]);
        $comment->save();
        // Create a node with two revisions, the initial one belonging to the
        // cancelling user.
        $revision_node = $this->drupalCreateNode([
            'uid' => $account->id(),
        ]);
        $revision = $revision_node->getRevisionId();
        $settings = get_object_vars($revision_node);
        $settings['revision'] = 1;
        // Set new/current revision to someone else.
        $settings['uid'] = 1;
        $revision_node = $this->drupalCreateNode($settings);
        // Attempt to cancel account.
        $this->drupalGet('user/' . $account->id() . '/cancel');
        $this->assertSession()
            ->pageTextContains('Are you sure you want to cancel your account?');
        $this->assertSession()
            ->pageTextContains("Your account will be removed and all account information deleted. All of your content will be assigned to the {$this->config('user.settings')->get('anonymous')} user.");
        // Confirm account cancellation.
        $timestamp = time();
        $this->submitForm([], 'Confirm');
        $this->assertSession()
            ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
        // Confirm account cancellation request.
        $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$timestamp}/" . user_pass_rehash($account, $timestamp));
        $user_storage->resetCache([
            $account->id(),
        ]);
        $this->assertNull($user_storage->load($account->id()), 'User is not found in the database.');
        // Confirm that user's content has been attributed to anonymous user.
        $anonymous_user = User::getAnonymousUser();
        $node_storage->resetCache([
            $node->id(),
        ]);
        $test_node = $node_storage->load($node->id());
        $this->assertEquals(0, $test_node->getOwnerId(), 'Node of the user has been attributed to anonymous user.');
        $this->assertTrue($test_node->isPublished());
        $test_node = $node_storage->loadRevision($revision);
        $this->assertEquals(0, $test_node->getRevisionUser()
            ->id(), 'Node revision of the user has been attributed to anonymous user.');
        $this->assertTrue($test_node->isPublished());
        $node_storage->resetCache([
            $revision_node->id(),
        ]);
        $test_node = $node_storage->load($revision_node->id());
        $this->assertNotEquals(0, $test_node->getOwnerId(), "Current revision of the user's node was not attributed to anonymous user.");
        $this->assertTrue($test_node->isPublished());
        $storage = \Drupal::entityTypeManager()->getStorage('comment');
        $storage->resetCache([
            $comment->id(),
        ]);
        $test_comment = $storage->load($comment->id());
        $this->assertEquals(0, $test_comment->getOwnerId(), 'Comment of the user has been attributed to anonymous user.');
        $this->assertTrue($test_comment->isPublished());
        $this->assertEquals($anonymous_user->getDisplayName(), $test_comment->getAuthorName(), 'Comment of the user has been attributed to anonymous user name.');
        // Confirm that the confirmation message made it through to the end user.
        $this->assertSession()
            ->pageTextContains("Account {$account->getAccountName()} has been deleted.");
    }
    
    /**
     * Delete account and anonymize all content using a batch process.
     */
    public function testUserAnonymizeBatch() : void {
        $node_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('node');
        $this->config('user.settings')
            ->set('cancel_method', 'user_cancel_reassign')
            ->save();
        $user_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('user');
        // Create a user.
        $account = $this->drupalCreateUser([
            'cancel account',
        ]);
        $this->drupalLogin($account);
        // Load a real user object.
        $user_storage->resetCache([
            $account->id(),
        ]);
        $account = $user_storage->load($account->id());
        // Create 11 nodes in order to trigger batch processing in
        // node_mass_update().
        $nodes = [];
        for ($i = 0; $i < 11; $i++) {
            $node = $this->drupalCreateNode([
                'uid' => $account->id(),
            ]);
            $nodes[$node->id()] = $node;
        }
        // Attempt to cancel account.
        $this->drupalGet('user/' . $account->id() . '/cancel');
        $this->assertSession()
            ->pageTextContains('Are you sure you want to cancel your account?');
        $this->assertSession()
            ->pageTextContains("Your account will be removed and all account information deleted. All of your content will be assigned to the {$this->config('user.settings')->get('anonymous')} user.");
        // Confirm account cancellation.
        $timestamp = time();
        $this->submitForm([], 'Confirm');
        $this->assertSession()
            ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
        // Confirm account cancellation request.
        $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$timestamp}/" . user_pass_rehash($account, $timestamp));
        $user_storage->resetCache([
            $account->id(),
        ]);
        $this->assertNull($user_storage->load($account->id()), 'User is not found in the database.');
        // Confirm that user's content has been attributed to anonymous user.
        $node_storage->resetCache(array_keys($nodes));
        $test_nodes = $node_storage->loadMultiple(array_keys($nodes));
        foreach ($test_nodes as $test_node) {
            $this->assertEquals(0, $test_node->getOwnerId(), 'Node ' . $test_node->id() . ' of the user has been attributed to anonymous user.');
            $this->assertTrue($test_node->isPublished());
        }
    }
    
    /**
     * Delete account and remove all content.
     */
    public function testUserDelete() : void {
        $node_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('node');
        $this->config('user.settings')
            ->set('cancel_method', 'user_cancel_delete')
            ->save();
        \Drupal::service('module_installer')->install([
            'comment',
        ]);
        $this->resetAll();
        $this->addDefaultCommentField('node', 'page');
        $user_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('user');
        // Create a user.
        $account = $this->drupalCreateUser([
            'cancel account',
            'post comments',
            'skip comment approval',
        ]);
        $this->drupalLogin($account);
        // Load a real user object.
        $user_storage->resetCache([
            $account->id(),
        ]);
        $account = $user_storage->load($account->id());
        // Create a simple node.
        $node = $this->drupalCreateNode([
            'uid' => $account->id(),
        ]);
        // Create comment.
        $edit = [];
        $edit['subject[0][value]'] = $this->randomMachineName(8);
        $edit['comment_body[0][value]'] = $this->randomMachineName(16);
        $this->drupalGet('comment/reply/node/' . $node->id() . '/comment');
        $this->submitForm($edit, 'Preview');
        $this->submitForm([], 'Save');
        $this->assertSession()
            ->pageTextContains('Your comment has been posted.');
        $comments = \Drupal::entityTypeManager()->getStorage('comment')
            ->loadByProperties([
            'subject' => $edit['subject[0][value]'],
        ]);
        $comment = reset($comments);
        $this->assertNotEmpty($comment->id(), 'Comment found.');
        // Create a node with two revisions, the initial one belonging to the
        // cancelling user.
        $revision_node = $this->drupalCreateNode([
            'uid' => $account->id(),
        ]);
        $revision = $revision_node->getRevisionId();
        $settings = get_object_vars($revision_node);
        $settings['revision'] = 1;
        // Set new/current revision to someone else.
        $settings['uid'] = 1;
        $revision_node = $this->drupalCreateNode($settings);
        // Attempt to cancel account.
        $this->drupalGet('user/' . $account->id() . '/cancel');
        $this->assertSession()
            ->pageTextContains('Are you sure you want to cancel your account?');
        $this->assertSession()
            ->pageTextContains('Your account will be removed and all account information deleted. All of your content will also be deleted.');
        // Confirm account cancellation.
        $timestamp = time();
        $this->submitForm([], 'Confirm');
        $this->assertSession()
            ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
        // Confirm account cancellation request.
        $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$timestamp}/" . user_pass_rehash($account, $timestamp));
        $user_storage->resetCache([
            $account->id(),
        ]);
        $this->assertNull($user_storage->load($account->id()), 'User is not found in the database.');
        // Confirm there's only one session in the database. The user will be logged
        // out and their session migrated.
        // @see _user_cancel_session_regenerate()
        $this->assertSame(1, (int) \Drupal::database()->select('sessions', 's')
            ->countQuery()
            ->execute()
            ->fetchField());
        // Confirm that user's content has been deleted.
        $node_storage->resetCache([
            $node->id(),
        ]);
        $this->assertNull($node_storage->load($node->id()), 'Node of the user has been deleted.');
        $this->assertNull($node_storage->loadRevision($revision), 'Node revision of the user has been deleted.');
        $node_storage->resetCache([
            $revision_node->id(),
        ]);
        $this->assertInstanceOf(Node::class, $node_storage->load($revision_node->id()));
        \Drupal::entityTypeManager()->getStorage('comment')
            ->resetCache([
            $comment->id(),
        ]);
        $this->assertNull(Comment::load($comment->id()), 'Comment of the user has been deleted.');
        // Confirm that the confirmation message made it through to the end user.
        $this->assertSession()
            ->pageTextContains("Account {$account->getAccountName()} has been deleted.");
    }
    
    /**
     * Create an administrative user and delete another user.
     */
    public function testUserCancelByAdmin() : void {
        $this->config('user.settings')
            ->set('cancel_method', 'user_cancel_reassign')
            ->save();
        // Create a regular user.
        $account = $this->drupalCreateUser([]);
        // Create administrative user.
        $admin_user = $this->drupalCreateUser([
            'administer users',
        ]);
        $this->drupalLogin($admin_user);
        // Delete regular user.
        $this->drupalGet('user/' . $account->id() . '/cancel');
        $this->assertSession()
            ->pageTextContains("Are you sure you want to cancel the account {$account->getAccountName()}?");
        $this->assertSession()
            ->pageTextContains('Cancellation method');
        // Confirm deletion.
        $this->submitForm([], 'Confirm');
        $this->assertSession()
            ->pageTextContains("Account {$account->getAccountName()} has been deleted.");
        $this->assertNull(User::load($account->id()), 'User is not found in the database.');
    }
    
    /**
     * Tests deletion of a user account without an email address.
     */
    public function testUserWithoutEmailCancelByAdmin() : void {
        $this->config('user.settings')
            ->set('cancel_method', 'user_cancel_reassign')
            ->save();
        // Create a regular user.
        $account = $this->drupalCreateUser([]);
        // This user has no email address.
        $account->mail = '';
        $account->save();
        // Create administrative user.
        $admin_user = $this->drupalCreateUser([
            'administer users',
        ]);
        $this->drupalLogin($admin_user);
        // Delete regular user without email address.
        $this->drupalGet('user/' . $account->id() . '/cancel');
        $this->assertSession()
            ->pageTextContains("Are you sure you want to cancel the account {$account->getAccountName()}?");
        $this->assertSession()
            ->pageTextContains('Cancellation method');
        // Confirm deletion.
        $this->submitForm([], 'Confirm');
        $this->assertSession()
            ->pageTextContains("Account {$account->getAccountName()} has been deleted.");
        $this->assertNull(User::load($account->id()), 'User is not found in the database.');
    }
    
    /**
     * Create an administrative user and mass-delete other users.
     */
    public function testMassUserCancelByAdmin() : void {
        \Drupal::service('module_installer')->install([
            'views',
        ]);
        $this->config('user.settings')
            ->set('cancel_method', 'user_cancel_reassign')
            ->save();
        $user_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('user');
        // Enable account cancellation notification.
        $this->config('user.settings')
            ->set('notify.status_canceled', TRUE)
            ->save();
        // Create administrative user.
        $admin_user = $this->drupalCreateUser([
            'administer users',
        ]);
        $this->drupalLogin($admin_user);
        // Create some users.
        $users = [];
        for ($i = 0; $i < 3; $i++) {
            $account = $this->drupalCreateUser([]);
            $users[$account->id()] = $account;
        }
        // Cancel user accounts, including own one.
        $edit = [];
        $edit['action'] = 'user_cancel_user_action';
        for ($i = 0; $i <= 4; $i++) {
            $edit['user_bulk_form[' . $i . ']'] = TRUE;
        }
        $this->drupalGet('admin/people');
        $this->submitForm($edit, 'Apply to selected items');
        $this->assertSession()
            ->pageTextContains('Are you sure you want to cancel these user accounts?');
        $this->assertSession()
            ->pageTextContains('Cancellation method');
        $this->assertSession()
            ->pageTextContains('Require email confirmation');
        $this->assertSession()
            ->pageTextContains('Notify user when account is canceled');
        // Confirm deletion.
        $this->submitForm([], 'Confirm');
        $status = TRUE;
        foreach ($users as $account) {
            $status = $status && str_contains($this->getTextContent(), "Account {$account->getAccountName()} has been deleted.");
            $user_storage->resetCache([
                $account->id(),
            ]);
            $status = $status && !$user_storage->load($account->id());
        }
        $this->assertTrue($status, 'Users deleted and not found in the database.');
        // Ensure that admin account was not cancelled.
        $this->assertSession()
            ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
        $admin_user = $user_storage->load($admin_user->id());
        $this->assertTrue($admin_user->isActive(), 'Administrative user is found in the database and enabled.');
        // Verify that uid 1's account was not cancelled.
        $user_storage->resetCache([
            1,
        ]);
        $user1 = $user_storage->load(1);
        $this->assertTrue($user1->isActive(), 'User #1 still exists and is not blocked.');
    }
    
    /**
     * Tests user cancel with node access.
     */
    public function testUserDeleteWithContentAndNodeAccess() : void {
        \Drupal::service('module_installer')->install([
            'node_access_test',
        ]);
        // Rebuild node access.
        node_access_rebuild();
        $account = $this->drupalCreateUser([
            'access content',
        ]);
        $node = $this->drupalCreateNode([
            'type' => 'page',
            'uid' => $account->id(),
        ]);
        $account->delete();
        $load2 = \Drupal::entityTypeManager()->getStorage('node')
            ->load($node->id());
        $this->assertEmpty($load2);
    }
    
    /**
     * Delete account and anonymize all content and it's translations.
     */
    public function testUserAnonymizeTranslations() : void {
        $this->config('user.settings')
            ->set('cancel_method', 'user_cancel_reassign')
            ->save();
        // Create comment field on page.
        $this->addDefaultCommentField('node', 'page');
        $user_storage = $this->container
            ->get('entity_type.manager')
            ->getStorage('user');
        \Drupal::service('module_installer')->install([
            'language',
            'locale',
        ]);
        \Drupal::service('router.builder')->rebuildIfNeeded();
        ConfigurableLanguage::createFromLangcode('ur')->save();
        // Rebuild the container to update the default language container variable.
        $this->rebuildContainer();
        $account = $this->drupalCreateUser([
            'cancel account',
        ]);
        $this->drupalLogin($account);
        $user_storage->resetCache([
            $account->id(),
        ]);
        $account = $user_storage->load($account->id());
        $node = $this->drupalCreateNode([
            'uid' => $account->id(),
        ]);
        // Add a comment to the page.
        $comment_subject = $this->randomMachineName(8);
        $comment_body = $this->randomMachineName(8);
        $comment = Comment::create([
            'subject' => $comment_subject,
            'comment_body' => $comment_body,
            'entity_id' => $node->id(),
            'entity_type' => 'node',
            'field_name' => 'comment',
            'status' => CommentInterface::PUBLISHED,
            'uid' => $account->id(),
        ]);
        $comment->save();
        $comment->addTranslation('ur', [
            'subject' => 'ur ' . $comment->label(),
            'status' => CommentInterface::PUBLISHED,
        ])
            ->save();
        // Attempt to cancel account.
        $this->drupalGet('user/' . $account->id() . '/cancel');
        $this->assertSession()
            ->pageTextContains('Are you sure you want to cancel your account?');
        $this->assertSession()
            ->pageTextContains('Your account will be removed and all account information deleted. All of your content will be assigned to the ' . $this->config('user.settings')
            ->get('anonymous') . ' user.');
        // Confirm account cancellation.
        $timestamp = time();
        $this->submitForm([], 'Confirm');
        $this->assertSession()
            ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
        // Confirm account cancellation request.
        $this->drupalGet('user/' . $account->id() . "/cancel/confirm/{$timestamp}/" . user_pass_rehash($account, $timestamp));
        $user_storage->resetCache([
            $account->id(),
        ]);
        $this->assertNull($user_storage->load($account->id()), 'User is not found in the database.');
        // Confirm that user's content has been attributed to anonymous user.
        $anonymous_user = User::getAnonymousUser();
        $storage = \Drupal::entityTypeManager()->getStorage('comment');
        $storage->resetCache([
            $comment->id(),
        ]);
        $test_comment = $storage->load($comment->id());
        $this->assertEquals(0, $test_comment->getOwnerId());
        $this->assertTrue($test_comment->isPublished(), 'Comment of the user has been attributed to anonymous user.');
        $this->assertEquals($anonymous_user->getDisplayName(), $test_comment->getAuthorName());
        $comment_translation = $test_comment->getTranslation('ur');
        $this->assertEquals(0, $comment_translation->getOwnerId());
        $this->assertTrue($comment_translation->isPublished(), 'Comment translation of the user has been attributed to anonymous user.');
        $this->assertEquals($anonymous_user->getDisplayName(), $comment_translation->getAuthorName());
        // Confirm that the confirmation message made it through to the end user.
        $this->assertSession()
            ->responseContains(t('%name has been deleted.', [
            '%name' => $account->getAccountName(),
        ]));
    }

}

Members

Title Sort descending Deprecated Modifiers Object type Summary Member alias Overriden Title Overrides
BlockCreationTrait::placeBlock protected function Creates a block instance based on default settings. Aliased as: drupalPlaceBlock
BrowserHtmlDebugTrait::$htmlOutputBaseUrl protected property The Base URI to use for links to the output files.
BrowserHtmlDebugTrait::$htmlOutputClassName protected property Class name for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputCounter protected property Counter for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputCounterStorage protected property Counter storage for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputDirectory protected property Directory name for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputEnabled protected property HTML output enabled.
BrowserHtmlDebugTrait::$htmlOutputFile protected property The file name to write the list of URLs to.
BrowserHtmlDebugTrait::$htmlOutputTestId protected property HTML output test ID.
BrowserHtmlDebugTrait::formatHtmlOutputHeaders protected function Formats HTTP headers as string for HTML output logging.
BrowserHtmlDebugTrait::getHtmlOutputHeaders protected function Returns headers in HTML output format. 1
BrowserHtmlDebugTrait::getResponseLogHandler protected function Provides a Guzzle middleware handler to log every response received.
BrowserHtmlDebugTrait::htmlOutput protected function Logs a HTML output message in a text file.
BrowserHtmlDebugTrait::initBrowserOutputFile protected function Creates the directory to store browser output.
BrowserTestBase::$baseUrl protected property The base URL.
BrowserTestBase::$configImporter protected property The config importer that can be used in a test.
BrowserTestBase::$customTranslations protected property An array of custom translations suitable for SettingsEditor::rewrite().
BrowserTestBase::$mink protected property Mink session manager.
BrowserTestBase::$minkDefaultDriverArgs protected property Mink default driver params.
BrowserTestBase::$minkDefaultDriverClass protected property Mink class for the default driver to use. 1
BrowserTestBase::$originalContainer protected property The original container.
BrowserTestBase::$originalShutdownCallbacks protected property The original array of shutdown function callbacks.
BrowserTestBase::$preserveGlobalState protected property
BrowserTestBase::$profile protected property The profile to install as a basis for testing. 40
BrowserTestBase::$runTestInSeparateProcess protected property Browser tests are run in separate processes to prevent collisions between
code that may be loaded by tests.
BrowserTestBase::$timeLimit protected property Time limit in seconds for the test.
BrowserTestBase::$translationFilesDirectory protected property The translation file directory for the test environment.
BrowserTestBase::cleanupEnvironment protected function Clean up the test environment.
BrowserTestBase::config protected function Configuration accessor for tests. Returns non-overridden configuration.
BrowserTestBase::filePreDeleteCallback public static function Ensures test files are deletable.
BrowserTestBase::getDefaultDriverInstance protected function Gets an instance of the default Mink driver.
BrowserTestBase::getDrupalSettings protected function Gets the JavaScript drupalSettings variable for the currently-loaded page. 1
BrowserTestBase::getHttpClient protected function Obtain the HTTP client for the system under test.
BrowserTestBase::getMinkDriverArgs protected function Gets the Mink driver args from an environment variable. 1
BrowserTestBase::getOptions protected function Helper function to get the options of select field.
BrowserTestBase::getSession public function Returns Mink session.
BrowserTestBase::getSessionCookies protected function Get session cookies from current session.
BrowserTestBase::getTestMethodCaller protected function Retrieves the current calling line in the class under test. Overrides BrowserHtmlDebugTrait::getTestMethodCaller
BrowserTestBase::initFrontPage protected function Visits the front page when initializing Mink. 3
BrowserTestBase::initMink protected function Initializes Mink sessions. 1
BrowserTestBase::installDrupal public function Installs Drupal into the test site. 2
BrowserTestBase::registerSessions protected function Registers additional Mink sessions.
BrowserTestBase::setUpAppRoot protected function Sets up the root application path.
BrowserTestBase::setUpBeforeClass public static function 1
BrowserTestBase::tearDown protected function 3
BrowserTestBase::translatePostValues protected function Transforms a nested array into a flat array suitable for submitForm().
BrowserTestBase::xpath protected function Performs an xpath search on the contents of the internal browser.
BrowserTestBase::__get public function
BrowserTestBase::__sleep public function Prevents serializing any properties.
CommentTestTrait::addDefaultCommentField protected function Adds the default comment field to an entity.
ConfigTestTrait::configImporter protected function Returns a ConfigImporter object to import test configuration.
ConfigTestTrait::copyConfig protected function Copies configuration objects from source storage to target storage.
ContentTypeCreationTrait::createContentType protected function Creates a custom content type based on default settings. Aliased as: drupalCreateContentType 1
ExtensionListTestTrait::getModulePath protected function Gets the path for the specified module.
ExtensionListTestTrait::getThemePath protected function Gets the path for the specified theme.
FunctionalTestSetupTrait::$apcuEnsureUniquePrefix protected property The flag to set &#039;apcu_ensure_unique_prefix&#039; setting. 1
FunctionalTestSetupTrait::$classLoader protected property The class loader to use for installation and initialization of setup.
FunctionalTestSetupTrait::$rootUser protected property The &quot;#1&quot; admin user.
FunctionalTestSetupTrait::$usesSuperUserAccessPolicy protected property Set to TRUE to make user 1 a super user. 10
FunctionalTestSetupTrait::doInstall protected function Execute the non-interactive installer. 2
FunctionalTestSetupTrait::getDatabaseTypes protected function Returns all supported database driver installer objects.
FunctionalTestSetupTrait::initConfig protected function Initialize various configurations post-installation. 1
FunctionalTestSetupTrait::initKernel protected function Initializes the kernel after installation.
FunctionalTestSetupTrait::initSettings protected function Initialize settings created during install.
FunctionalTestSetupTrait::initUserSession protected function Initializes user 1 for the site to be installed.
FunctionalTestSetupTrait::installDefaultThemeFromClassProperty protected function Installs the default theme defined by `static::$defaultTheme` when needed. 1
FunctionalTestSetupTrait::installModulesFromClassProperty protected function Install modules defined by `static::$modules`. 1
FunctionalTestSetupTrait::installParameters protected function Returns the parameters that will be used when the test installs Drupal. 8
FunctionalTestSetupTrait::prepareEnvironment protected function Prepares the current environment for running the test. 28
FunctionalTestSetupTrait::prepareRequestForGenerator protected function Creates a mock request and sets it on the generator.
FunctionalTestSetupTrait::prepareSettings protected function Prepares site settings and services before installation. 4
FunctionalTestSetupTrait::rebuildAll protected function Resets and rebuilds the environment after setup.
FunctionalTestSetupTrait::rebuildContainer protected function Rebuilds \Drupal::getContainer().
FunctionalTestSetupTrait::resetAll protected function Resets all data structures after having enabled new modules.
FunctionalTestSetupTrait::setContainerParameter protected function Changes parameters in the services.yml file.
FunctionalTestSetupTrait::setupBaseUrl protected function Sets up the base URL based upon the environment variable.
FunctionalTestSetupTrait::writeSettings protected function Rewrites the settings.php file of the test site. 1
NodeCreationTrait::createNode protected function Creates a node based on default settings. Aliased as: drupalCreateNode
NodeCreationTrait::getNodeByTitle public function Get a node from the database based on its title. Aliased as: drupalGetNodeByTitle
PhpUnitWarnings::$deprecationWarnings private static property Deprecation warnings from PHPUnit to raise with @trigger_error().
PhpUnitWarnings::addWarning public function Converts PHPUnit deprecation warnings to E_USER_DEPRECATED.
RandomGeneratorTrait::getRandomGenerator protected function Gets the random generator for the utility methods.
RandomGeneratorTrait::randomMachineName protected function Generates a unique random string containing letters and numbers.
RandomGeneratorTrait::randomObject public function Generates a random PHP object.
RandomGeneratorTrait::randomString public function Generates a pseudo-random string of ASCII characters of codes 32 to 126.
RandomGeneratorTrait::randomStringValidate Deprecated public function Callback for random string validation.
RefreshVariablesTrait::refreshVariables protected function Refreshes in-memory configuration and state information. 2
SessionTestTrait::$sessionName protected property The name of the session cookie.
SessionTestTrait::generateSessionName protected function Generates a session cookie name.
SessionTestTrait::getSessionName protected function Returns the session name in use on the child site.
StorageCopyTrait::replaceStorageContents protected static function Copy the configuration from one storage to another and remove stale items.
TestRequirementsTrait::checkModuleRequirements Deprecated private function Checks missing module requirements.
TestRequirementsTrait::checkRequirements Deprecated protected function Check module requirements for the Drupal use case.
TestRequirementsTrait::getDrupalRoot protected static function Returns the Drupal root directory.
TestSetupTrait::$configSchemaCheckerExclusions protected static property An array of config object names that are excluded from schema checking. 2
TestSetupTrait::$container protected property The dependency injection container used in the test.
TestSetupTrait::$databasePrefix protected property The database prefix of this test run.
TestSetupTrait::$kernel protected property The DrupalKernel instance used in the test.
TestSetupTrait::$originalSite protected property The site directory of the original parent site.
TestSetupTrait::$privateFilesDirectory protected property The private file directory for the test environment.
TestSetupTrait::$publicFilesDirectory protected property The public file directory for the test environment.
TestSetupTrait::$root protected property The app root.
TestSetupTrait::$siteDirectory protected property The site directory of this test run.
TestSetupTrait::$strictConfigSchema protected property Set to TRUE to strict check all configuration saved. 4
TestSetupTrait::$tempFilesDirectory protected property The temporary file directory for the test environment.
TestSetupTrait::$testId protected property The test run ID.
TestSetupTrait::changeDatabasePrefix protected function Changes the database connection to the prefixed one.
TestSetupTrait::getConfigSchemaExclusions protected function Gets the config schema exclusions for this test.
TestSetupTrait::getDatabaseConnection Deprecated public static function Returns the database connection to the site under test.
TestSetupTrait::prepareDatabasePrefix protected function Generates a database prefix for running tests. 1
UiHelperTrait::$loggedInUser protected property The current user logged in using the Mink controlled browser.
UiHelperTrait::$maximumMetaRefreshCount protected property The number of meta refresh redirects to follow, or NULL if unlimited.
UiHelperTrait::$metaRefreshCount protected property The number of meta refresh redirects followed during ::drupalGet().
UiHelperTrait::$useOneTimeLoginLinks protected property Use one-time login links instead of submitting the login form. 3
UiHelperTrait::assertSession public function Returns WebAssert object. 1
UiHelperTrait::buildUrl protected function Builds an absolute URL from a system path or a URL object.
UiHelperTrait::checkForMetaRefresh protected function Checks for meta refresh tag and if found call drupalGet() recursively.
UiHelperTrait::click protected function Clicks the element with the given CSS selector.
UiHelperTrait::clickLink protected function Follows a link by complete name.
UiHelperTrait::cssSelect protected function Searches elements using a CSS selector in the raw content.
UiHelperTrait::cssSelectToXpath protected function Translates a CSS expression to its XPath equivalent.
UiHelperTrait::drupalGet protected function Retrieves a Drupal path or an absolute path. 3
UiHelperTrait::drupalLogin protected function Logs in a user using the Mink controlled browser.
UiHelperTrait::drupalLogout protected function Logs a user out of the Mink controlled browser and confirms.
UiHelperTrait::drupalResetSession protected function Resets the current active session back to Anonymous session.
UiHelperTrait::drupalUserIsLoggedIn protected function Returns whether a given user account is logged in.
UiHelperTrait::getAbsoluteUrl protected function Takes a path and returns an absolute path.
UiHelperTrait::getTextContent protected function Retrieves the plain-text content from the current page.
UiHelperTrait::getUrl protected function Get the current URL from the browser.
UiHelperTrait::isTestUsingGuzzleClient protected function Determines if test is using DrupalTestBrowser.
UiHelperTrait::prepareRequest protected function Prepare for a request to testing site. 1
UiHelperTrait::submitForm protected function Fills and submits a form.
UserCancelTest::$defaultTheme protected property The theme to install as the default for testing. Overrides BrowserTestBase::$defaultTheme
UserCancelTest::$modules protected static property Modules to install. Overrides BrowserTestBase::$modules
UserCancelTest::setUp protected function Overrides BrowserTestBase::setUp
UserCancelTest::testMassUserCancelByAdmin public function Create an administrative user and mass-delete other users.
UserCancelTest::testUserAnonymize public function Delete account and anonymize all content.
UserCancelTest::testUserAnonymizeBatch public function Delete account and anonymize all content using a batch process.
UserCancelTest::testUserAnonymizeTranslations public function Delete account and anonymize all content and it&#039;s translations.
UserCancelTest::testUserBlock public function Disable account and keep all content.
UserCancelTest::testUserBlockUnpublish public function Disable account and unpublish all content.
UserCancelTest::testUserBlockUnpublishNodeAccess public function Tests nodes are unpublished even if inaccessible to cancelling user.
UserCancelTest::testUserCancelByAdmin public function Create an administrative user and delete another user.
UserCancelTest::testUserCancelChangePermission public function Tests ability to change the permission for canceling users.
UserCancelTest::testUserCancelInvalid public function Attempt invalid account cancellations.
UserCancelTest::testUserCancelUid1 public function Tests that user account for uid 1 cannot be cancelled.
UserCancelTest::testUserCancelWithoutPermission public function Attempt to cancel account without permission.
UserCancelTest::testUserDelete public function Delete account and remove all content.
UserCancelTest::testUserDeleteWithContentAndNodeAccess public function Tests user cancel with node access.
UserCancelTest::testUserWithoutEmailCancelByAdmin public function Tests deletion of a user account without an email address.
UserCreationTrait::checkPermissions protected function Checks whether a given list of permission names is valid.
UserCreationTrait::createAdminRole protected function Creates an administrative role.
UserCreationTrait::createRole protected function Creates a role with specified permissions. Aliased as: drupalCreateRole
UserCreationTrait::createUser protected function Create a user with a given set of permissions. Aliased as: drupalCreateUser
UserCreationTrait::grantPermissions protected function Grant permissions to a user role.
UserCreationTrait::setCurrentUser protected function Switch the current logged in user.
UserCreationTrait::setUpCurrentUser protected function Creates a random user account and sets it as current user.
XdebugRequestTrait::extractCookiesFromRequest protected function Adds xdebug cookies, from request setup.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.