function UserPermissionsTest::testUserPermissionChanges

Tests changing user permissions through the permissions pages.

File

core/modules/user/tests/src/Functional/UserPermissionsTest.php, line 58

Class

UserPermissionsTest

Verifies role permissions can be added and removed via the permissions page.

Namespace

Code

public function testUserPermissionChanges() {
    $permissions_hash_generator = $this->container
        ->get('user_permissions_hash_generator');
    $storage = $this->container
        ->get('entity_type.manager')
        ->getStorage('user_role');
    // Create an additional role and mark it as admin role.
    Role::create([
        'is_admin' => TRUE,
        'id' => 'administrator',
        'label' => 'Administrator',
    ])->save();
    $storage->resetCache();
    $this->drupalLogin($this->adminUser);
    $rid = $this->rid;
    $account = $this->adminUser;
    $previous_permissions_hash = $permissions_hash_generator->generate($account);
    $this->assertSame($previous_permissions_hash, $permissions_hash_generator->generate($this->loggedInUser));
    // Add a permission.
    $this->assertFalse($account->hasPermission('administer users'), 'User does not have "administer users" permission.');
    $edit = [];
    $edit[$rid . '[administer users]'] = TRUE;
    $this->drupalGet('admin/people/permissions');
    $this->submitForm($edit, 'Save permissions');
    $this->assertSession()
        ->pageTextContains('The changes have been saved.');
    $storage->resetCache();
    $this->assertTrue($account->hasPermission('administer users'), 'User now has "administer users" permission.');
    $current_permissions_hash = $permissions_hash_generator->generate($account);
    $this->assertSame($current_permissions_hash, $permissions_hash_generator->generate($this->loggedInUser));
    $this->assertNotEquals($previous_permissions_hash, $current_permissions_hash, 'Permissions hash has changed.');
    $previous_permissions_hash = $current_permissions_hash;
    // Remove a permission.
    $this->assertTrue($account->hasPermission('access user profiles'), 'User has "access user profiles" permission.');
    $edit = [];
    $edit[$rid . '[access user profiles]'] = FALSE;
    $this->drupalGet('admin/people/permissions');
    $this->submitForm($edit, 'Save permissions');
    $this->assertSession()
        ->pageTextContains('The changes have been saved.');
    $storage->resetCache();
    $this->assertFalse($account->hasPermission('access user profiles'), 'User no longer has "access user profiles" permission.');
    $current_permissions_hash = $permissions_hash_generator->generate($account);
    $this->assertSame($current_permissions_hash, $permissions_hash_generator->generate($this->loggedInUser));
    $this->assertNotEquals($previous_permissions_hash, $current_permissions_hash, 'Permissions hash has changed.');
    // Permissions can be changed using the module-specific pages with the same
    // result.
    $edit = [];
    $edit[$rid . '[access user profiles]'] = TRUE;
    $this->drupalGet('admin/people/permissions/module/user');
    $this->submitForm($edit, 'Save permissions');
    $this->assertSession()
        ->pageTextContains('The changes have been saved.');
    $storage->resetCache();
    $this->assertTrue($account->hasPermission('access user profiles'), 'User again has "access user profiles" permission.');
    $current_permissions_hash = $permissions_hash_generator->generate($account);
    $this->assertSame($current_permissions_hash, $permissions_hash_generator->generate($this->loggedInUser));
    $this->assertEquals($previous_permissions_hash, $current_permissions_hash, 'Permissions hash has reverted.');
    // Ensure that the admin role doesn't have any checkboxes.
    $this->drupalGet('admin/people/permissions');
    foreach (array_keys($this->container
        ->get('user.permissions')
        ->getPermissions()) as $permission) {
        $this->assertSession()
            ->checkboxChecked('administrator[' . $permission . ']');
        $this->assertSession()
            ->fieldDisabled('administrator[' . $permission . ']');
    }
}