RulesAdminAccessTest.php

Namespace

Drupal\Tests\rules\Unit\Integration\RulesAction

File

tests/src/Unit/Integration/RulesAction/RulesAdminAccessTest.php

View source 
<?php

namespace Drupal\Tests\rules\Unit\Integration\RulesAction;

use Drupal\Tests\rules\Unit\Integration\RulesIntegrationTestBase;
use Drupal\rules\Core\RulesActionBase;
use Drupal\Core\Session\AccountInterface;
use Prophecy\Argument;

/**
 * Tests access control for the configuration interface of Rules plugins.
 *
 * @group Rules
 */
class RulesAdminAccessTest extends RulesIntegrationTestBase {
  
  /**
   * Test administrative access to plugin configuration UI.
   */
  public function testRespectsAdminPermissions() {
    // 3 user classes to test.
    $super_admin = $this->prophesize(AccountInterface::class);
    $super_admin->hasPermission(Argument::any())
      ->willReturn(TRUE);
    $power_user = $this->prophesize(AccountInterface::class);
    $power_user->hasPermission('admin this plugin')
      ->willReturn(TRUE);
    $power_user->hasPermission(Argument::any())
      ->willReturn(FALSE);
    $joe_user = $this->prophesize(AccountInterface::class);
    $joe_user->hasPermission(Argument::any())
      ->willReturn(FALSE);
    // Our plug-in will behave as if it has the annotation property
    // 'configuration_access'. getPluginDefinition should be called only
    // twice, since the super admin should get approval before it is called.
    // I use getMockBuilder since I need the actual code from the
    // RulesActionBase class for the test.
    $action = $this->getMockBuilder(RulesActionBase::class)
      ->disableOriginalConstructor()
      ->onlyMethods([
      'getPluginDefinition',
    ])
      ->getMockForAbstractClass();
    $action->expects($this->exactly(2))
      ->method('getPluginDefinition')
      ->willReturn([
      'plugin_id' => 'some_action',
      'configure_permissions' => [
        'admin this plugin',
      ],
    ]);
    $user = $super_admin->reveal();
    $this->assertTrue($action->checkConfigurationAccess($user), "Super-user has admin access");
    $user = $power_user->reveal();
    $this->assertTrue($action->checkConfigurationAccess($user), "Power-user has admin access");
    $user = $joe_user->reveal();
    $this->assertFalse($action->checkConfigurationAccess($user), "Ordinary user lacks admin access");
  }

}

Classes

Title Deprecated Summary
RulesAdminAccessTest Tests access control for the configuration interface of Rules plugins.