function EntityAccessControlHandlerTest::testFieldAccess

Same name and namespace in other branches
  1. 9 core/tests/Drupal/KernelTests/Core/Entity/EntityAccessControlHandlerTest.php \Drupal\KernelTests\Core\Entity\EntityAccessControlHandlerTest::testFieldAccess()
  2. 8.9.x core/tests/Drupal/KernelTests/Core/Entity/EntityAccessControlHandlerTest.php \Drupal\KernelTests\Core\Entity\EntityAccessControlHandlerTest::testFieldAccess()
  3. 10 core/tests/Drupal/KernelTests/Core/Entity/EntityAccessControlHandlerTest.php \Drupal\KernelTests\Core\Entity\EntityAccessControlHandlerTest::testFieldAccess()

Tests the default access handling for the ID and UUID fields.

@covers ::fieldAccess @dataProvider providerTestFieldAccess

File

core/tests/Drupal/KernelTests/Core/Entity/EntityAccessControlHandlerTest.php, line 307

Class

EntityAccessControlHandlerTest
Tests the entity access control handler.

Namespace

Drupal\KernelTests\Core\Entity

Code

public function testFieldAccess($entity_class, array $entity_create_values, $expected_id_create_access) : void {
    // Set up a non-admin user that is allowed to create and update test
    // entities.
    \Drupal::currentUser()->setAccount($this->createUser([
        'administer entity_test content',
    ], NULL, FALSE, [
        'uid' => 2,
    ]));
    // Create the entity to test field access with.
    $entity = $entity_class::create($entity_create_values);
    // On newly-created entities, field access must allow setting the UUID
    // field.
    $this->assertTrue($entity->get('uuid')
        ->access('edit'));
    $this->assertTrue($entity->get('uuid')
        ->access('edit', NULL, TRUE)
        ->isAllowed());
    // On newly-created entities, field access will not allow setting the ID
    // field if the ID is of type serial. It will allow access if it is of type
    // string.
    $this->assertEquals($expected_id_create_access, $entity->get('id')
        ->access('edit'));
    $this->assertEquals($expected_id_create_access, $entity->get('id')
        ->access('edit', NULL, TRUE)
        ->isAllowed());
    // Save the entity and check that we can not update the ID or UUID fields
    // anymore.
    $entity->save();
    // If the ID has been set as part of the create ensure it has been set
    // correctly.
    if (isset($entity_create_values['id'])) {
        $this->assertSame($entity_create_values['id'], $entity->id());
    }
    // The UUID is hard-coded by the data provider.
    $this->assertSame('60e3a179-79ed-4653-ad52-5e614c8e8fbe', $entity->uuid());
    $this->assertFalse($entity->get('uuid')
        ->access('edit'));
    $access_result = $entity->get('uuid')
        ->access('edit', NULL, TRUE);
    $this->assertTrue($access_result->isForbidden());
    $this->assertEquals('The entity UUID cannot be changed.', $access_result->getReason());
    // Ensure the ID is still not allowed to be edited.
    $this->assertFalse($entity->get('id')
        ->access('edit'));
    $access_result = $entity->get('id')
        ->access('edit', NULL, TRUE);
    $this->assertTrue($access_result->isForbidden());
    $this->assertEquals('The entity ID cannot be changed.', $access_result->getReason());
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.