function testing_example_node_access

Implements hook_node_access().

Demonstrates a bug that we'll find in our test.

Related topics

Example: Testing
This example demonstrates Drupal 8 testing frameworks.

File

modules/testing_example/testing_example.module, line 31

Code

function testing_example_node_access(NodeInterface $node, $op, AccountInterface $account) {
  // Gather the node type.
  $type = $node->getType();
  // If it's not a testing_example node, or if it's not operations we care
  // about, then just ignore.
  if ($type != 'testing_example' || $op != 'update' && $op != 'delete') {
    return AccessResult::neutral();
  }
  // This code has a BUG that we'll find in testing.
  //
  // This is the incorrect version we'll use to demonstrate test failure.
  // The correct version should have ($op == 'update' || $op == 'delete').
  // The author had mistakenly always tested with User 1 so it always
  // allowed access and the bug wasn't noticed!
  if ($op == 'delete' && ($account->hasPermission('extra special edit any testing_example') && $account->id() == $node->getAuthorId())) {
    return AccessResult::allowed();
  }
  return AccessResult::forbidden();
}