function WorkflowCustomStateTransitionAccessTest::testCustomWorkflowAccessOperations

Same name and namespace in other branches
  1. 9 core/modules/workflows/tests/src/Functional/WorkflowCustomStateTransitionAccessTest.php \Drupal\Tests\workflows\Functional\WorkflowCustomStateTransitionAccessTest::testCustomWorkflowAccessOperations()
  2. 8.9.x core/modules/workflows/tests/src/Functional/WorkflowCustomStateTransitionAccessTest.php \Drupal\Tests\workflows\Functional\WorkflowCustomStateTransitionAccessTest::testCustomWorkflowAccessOperations()
  3. 10 core/modules/workflows/tests/src/Functional/WorkflowCustomStateTransitionAccessTest.php \Drupal\Tests\workflows\Functional\WorkflowCustomStateTransitionAccessTest::testCustomWorkflowAccessOperations()

Tests the custom state/transition operation access rules.

File

core/modules/workflows/tests/src/Functional/WorkflowCustomStateTransitionAccessTest.php, line 61

Class

WorkflowCustomStateTransitionAccessTest
Test custom provided workflow access for state/transition operations.

Namespace

Drupal\Tests\workflows\Functional

Code

public function testCustomWorkflowAccessOperations() : void {
    $this->drupalLogin($this->adminUser);
    $forbidden_paths = [
        'admin/config/workflow/workflows/manage/test_type/state/cannot_delete/delete',
        'admin/config/workflow/workflows/manage/test_type/state/cannot_update',
        'admin/config/workflow/workflows/manage/test_type/transition/cannot_update',
        'admin/config/workflow/workflows/manage/test_type/transition/cannot_delete/delete',
        'admin/config/workflow/workflows/manage/test_type/add_state',
        'admin/config/workflow/workflows/manage/test_type/add_transition',
    ];
    // Until the list of forbidden operations have been set, the admin user
    // should be able to access all the forbidden paths.
    foreach ($forbidden_paths as $forbidden_path) {
        $this->drupalGet($forbidden_path);
        $this->assertSession()
            ->statusCodeEquals(200);
    }
    // Update the forbidden operations which deny access to the actions
    // represented by the above paths.
    $this->container
        ->get('state')
        ->set('workflow_type_test_forbidden_operations', [
        'update-state:cannot_update',
        'delete-state:cannot_delete',
        'update-transition:cannot_update',
        'delete-transition:cannot_delete',
        'add-state',
        'add-transition',
    ]);
    foreach ($forbidden_paths as $forbidden_path) {
        $this->drupalGet($forbidden_path);
        $this->assertSession()
            ->statusCodeEquals(403);
    }
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.