www.aleph1.co.uk Git - yaffs-website/blob - web/core/modules/system/tests/src/Kernel/MenuAccessControlHandlerTest.php

   1 <?php
   2
   3 namespace Drupal\Tests\system\Kernel;
   4
   5 use Drupal\Core\Access\AccessResult;
   6 use Drupal\Core\Cache\Context\CacheContextsManager;
   7 use Drupal\Core\DependencyInjection\ContainerBuilder;
   8 use Drupal\KernelTests\KernelTestBase;
   9 use Drupal\simpletest\UserCreationTrait;
  10 use Drupal\system\Entity\Menu;
  11
  12 /**
  13  * @coversDefaultClass \Drupal\system\MenuAccessControlHandler
  14  * @group system
  15  */
  16 class MenuAccessControlHandlerTest extends KernelTestBase {
  17
  18   use UserCreationTrait {
  19     createUser as drupalCreateUser;
  20   }
  21
  22   /**
  23    * Modules to enable.
  24    *
  25    * @var array
  26    */
  27   public static $modules = [
  28     'system',
  29     'user',
  30   ];
  31
  32   /**
  33    * The menu access control handler.
  34    *
  35    * @var \Drupal\Core\Entity\EntityAccessControlHandlerInterface
  36    */
  37   protected $accessControlHandler;
  38
  39   /**
  40    * {@inheritdoc}
  41    */
  42   protected function setUp() {
  43     parent::setUp();
  44     $this->installEntitySchema('menu');
  45     $this->installEntitySchema('user');
  46     $this->installSchema('system', 'sequences');
  47     $this->accessControlHandler = $this->container->get('entity_type.manager')->getAccessControlHandler('menu');
  48   }
  49
  50   /**
  51    * @covers ::checkAccess
  52    * @covers ::checkCreateAccess
  53    * @dataProvider testAccessProvider
  54    */
  55   public function testAccess($which_user, $which_entity, $view_label_access_result, $view_access_result, $update_access_result, $delete_access_result, $create_access_result) {
  56     // We must always create user 1, so that a "normal" user has a ID >1.
  57     $root_user = $this->drupalCreateUser();
  58
  59     if ($which_user === 'user1') {
  60       $user = $root_user;
  61     }
  62     else {
  63       $permissions = ($which_user === 'admin')
  64         ? ['administer menu']
  65         : [];
  66       $user = $this->drupalCreateUser($permissions);
  67     }
  68
  69     $entity_values = ($which_entity === 'unlocked')
  70       ? ['locked' => FALSE]
  71       : ['locked' => TRUE];
  72     $entity_values['id'] = 'llama';
  73     $entity = Menu::create($entity_values);
  74     $entity->save();
  75
  76     static::assertEquals($view_label_access_result, $this->accessControlHandler->access($entity, 'view label', $user, TRUE));
  77     static::assertEquals($view_access_result, $this->accessControlHandler->access($entity, 'view', $user, TRUE));
  78     static::assertEquals($update_access_result, $this->accessControlHandler->access($entity, 'update', $user, TRUE));
  79     static::assertEquals($delete_access_result, $this->accessControlHandler->access($entity, 'delete', $user, TRUE));
  80     static::assertEquals($create_access_result, $this->accessControlHandler->createAccess(NULL, $user, [], TRUE));
  81   }
  82
  83   public function testAccessProvider() {
  84     $c = new ContainerBuilder();
  85     $cache_contexts_manager = $this->prophesize(CacheContextsManager::class);
  86     $cache_contexts_manager->assertValidTokens()->willReturn(TRUE);
  87     $cache_contexts_manager->reveal();
  88     $c->set('cache_contexts_manager', $cache_contexts_manager);
  89     \Drupal::setContainer($c);
  90
  91     return [
  92       'permissionless + unlocked' => [
  93         'permissionless',
  94         'unlocked',
  95         AccessResult::allowed(),
  96         AccessResult::neutral()->addCacheContexts(['user.permissions'])->setReason("The 'administer menu' permission is required."),
  97         AccessResult::neutral()->addCacheContexts(['user.permissions'])->setReason("The 'administer menu' permission is required."),
  98         AccessResult::neutral()->addCacheContexts(['user.permissions'])->setReason("The 'administer menu' permission is required.")->addCacheTags(['config:system.menu.llama']),
  99         AccessResult::neutral()->addCacheContexts(['user.permissions'])->setReason("The 'administer menu' permission is required."),
 100       ],
 101       'permissionless + locked' => [
 102         'permissionless',
 103         'locked',
 104         AccessResult::allowed(),
 105         AccessResult::neutral()->addCacheContexts(['user.permissions'])->setReason("The 'administer menu' permission is required."),
 106         AccessResult::neutral()->addCacheContexts(['user.permissions'])->setReason("The 'administer menu' permission is required."),
 107         AccessResult::forbidden()->addCacheTags(['config:system.menu.llama'])->setReason("The Menu config entity is locked."),
 108         AccessResult::neutral()->addCacheContexts(['user.permissions'])->setReason("The 'administer menu' permission is required."),
 109       ],
 110       'admin + unlocked' => [
 111         'admin',
 112         'unlocked',
 113         AccessResult::allowed(),
 114         AccessResult::allowed()->addCacheContexts(['user.permissions']),
 115         AccessResult::allowed()->addCacheContexts(['user.permissions']),
 116         AccessResult::allowed()->addCacheContexts(['user.permissions'])->addCacheTags(['config:system.menu.llama']),
 117         AccessResult::allowed()->addCacheContexts(['user.permissions']),
 118       ],
 119       'admin + locked' => [
 120         'admin',
 121         'locked',
 122         AccessResult::allowed(),
 123         AccessResult::allowed()->addCacheContexts(['user.permissions']),
 124         AccessResult::allowed()->addCacheContexts(['user.permissions']),
 125         AccessResult::forbidden()->addCacheTags(['config:system.menu.llama'])->setReason("The Menu config entity is locked."),
 126         AccessResult::allowed()->addCacheContexts(['user.permissions']),
 127       ],
 128       'user1 + unlocked' => [
 129         'user1',
 130         'unlocked',
 131         AccessResult::allowed(),
 132         AccessResult::allowed()->addCacheContexts(['user.permissions']),
 133         AccessResult::allowed()->addCacheContexts(['user.permissions']),
 134         AccessResult::allowed()->addCacheContexts(['user.permissions'])->addCacheTags(['config:system.menu.llama']),
 135         AccessResult::allowed()->addCacheContexts(['user.permissions']),
 136       ],
 137       'user1 + locked' => [
 138         'user1',
 139         'locked',
 140         AccessResult::allowed(),
 141         AccessResult::allowed()->addCacheContexts(['user.permissions']),
 142         AccessResult::allowed()->addCacheContexts(['user.permissions']),
 143         AccessResult::forbidden()->addCacheTags(['config:system.menu.llama'])->setReason("The Menu config entity is locked."),
 144         AccessResult::allowed()->addCacheContexts(['user.permissions']),
 145       ],
 146     ];
 147   }
 148
 149 }