function WorkspaceEntityDeleteTest::testNodeDeleteWithBypassAccessPermission

Test node deletion with workspaces and the 'bypass node access' permission.

File

core/modules/workspaces/tests/src/Functional/WorkspaceEntityDeleteTest.php, line 129

Class

WorkspaceEntityDeleteTest

Tests entity deletions with workspaces.

Namespace

Code

public function testNodeDeleteWithBypassAccessPermission() : void {
    $assert_session = $this->assertSession();
    $permissions = [
        'administer workspaces',
        'create workspace',
        'access content overview',
        'bypass node access',
    ];
    $editor = $this->drupalCreateUser($permissions);
    $this->drupalLogin($editor);
    // Create a published node in Live.
    $published_live = $this->createNodeThroughUi('Test 1 published - live', 'article');
    $stage = Workspace::load('stage');
    $this->switchToWorkspace($stage);
    // A user with the 'bypass node access' permission will be able to see the
    // 'Delete' operation button, but it shouldn't be able to perform the
    // deletion.
    $this->drupalGet('admin/content');
    $assert_session->linkByHrefExists($published_live->toUrl('delete-form')
        ->toString());
    $this->clickLink('Delete');
    $assert_session->pageTextContains('This content item can only be deleted in the Live workspace.');
    $assert_session->buttonNotExists('Delete');
    $this->drupalGet($published_live->toUrl('delete-form')
        ->toString());
    $assert_session->pageTextContains('This content item can only be deleted in the Live workspace.');
    $assert_session->buttonNotExists('Delete');
    // Go back to Live and check that the delete form is not affected by the
    // workspace delete protection.
    $this->switchToLive();
    $this->drupalGet($published_live->toUrl('delete-form')
        ->toString());
    $assert_session->pageTextNotContains('This content item can only be deleted in the Live workspace.');
    $assert_session->buttonExists('Delete');
}