www.aleph1.co.uk Git - yaffs-website/blob - web/core/tests/Drupal/Tests/Core/Entity/EntityAccessCheckTest.php

   1 <?php
   2
   3 namespace Drupal\Tests\Core\Entity;
   4
   5 use Drupal\Core\Cache\Context\CacheContextsManager;
   6 use Drupal\Core\DependencyInjection\Container;
   7 use Drupal\Core\Routing\RouteMatchInterface;
   8 use Drupal\Core\Session\AccountInterface;
   9 use Drupal\node\NodeInterface;
  10 use Symfony\Component\HttpFoundation\ParameterBag;
  11 use Symfony\Component\Routing\Route;
  12 use Drupal\Core\Access\AccessibleInterface;
  13 use Drupal\Core\Access\AccessResult;
  14 use Drupal\Core\Entity\EntityAccessCheck;
  15 use Drupal\Core\Entity\EntityInterface;
  16 use Drupal\Tests\UnitTestCase;
  17
  18 /**
  19  * Unit test of entity access checking system.
  20  *
  21  * @coversDefaultClass \Drupal\Core\Entity\EntityAccessCheck
  22  *
  23  * @group Access
  24  * @group Entity
  25  */
  26 class EntityAccessCheckTest extends UnitTestCase {
  27
  28   /**
  29    * {@inheritdoc}
  30    */
  31   protected function setUp() {
  32     $cache_contexts_manager = $this->prophesize(CacheContextsManager::class)->reveal();
  33     $container = new Container();
  34     $container->set('cache_contexts_manager', $cache_contexts_manager);
  35     \Drupal::setContainer($container);
  36   }
  37
  38   /**
  39    * Tests the method for checking access to routes.
  40    */
  41   public function testAccess() {
  42     $route = new Route('/foo/{var_name}', [], ['_entity_access' => 'var_name.update'], ['parameters' => ['var_name' => ['type' => 'entity:node']]]);
  43     /** @var \Drupal\Core\Session\AccountInterface $account */
  44     $account = $this->prophesize(AccountInterface::class)->reveal();
  45
  46     /** @var \Drupal\node\NodeInterface|\Prophecy\Prophecy\ObjectProphecy $route_match */
  47     $node = $this->prophesize(NodeInterface::class);
  48     $node->access('update', $account, TRUE)->willReturn(AccessResult::allowed());
  49     $node = $node->reveal();
  50
  51     /** @var \Drupal\Core\Routing\RouteMatchInterface|\Prophecy\Prophecy\ObjectProphecy $route_match */
  52     $route_match = $this->prophesize(RouteMatchInterface::class);
  53     $route_match->getRawParameters()->willReturn(new ParameterBag(['var_name' => 1]));
  54     $route_match->getParameters()->willReturn(new ParameterBag(['var_name' => $node]));
  55     $route_match = $route_match->reveal();
  56
  57     $access_check = new EntityAccessCheck();
  58     $this->assertEquals(AccessResult::allowed(), $access_check->access($route, $route_match, $account));
  59   }
  60
  61   /**
  62    * @covers ::access
  63    */
  64   public function testAccessWithTypePlaceholder() {
  65     $route = new Route('/foo/{entity_type}/{var_name}', [], ['_entity_access' => 'var_name.update'], ['parameters' => ['var_name' => ['type' => 'entity:{entity_type}']]]);
  66     /** @var \Drupal\Core\Session\AccountInterface $account */
  67     $account = $this->prophesize(AccountInterface::class)->reveal();
  68
  69     /** @var \Drupal\node\NodeInterface|\Prophecy\Prophecy\ObjectProphecy $node */
  70     $node = $this->prophesize(NodeInterface::class);
  71     $node->access('update', $account, TRUE)->willReturn(AccessResult::allowed());
  72     $node = $node->reveal();
  73
  74     /** @var \Drupal\Core\Routing\RouteMatchInterface|\Prophecy\Prophecy\ObjectProphecy $route_match */
  75     $route_match = $this->createRouteMatchForObject($node);
  76
  77     $access_check = new EntityAccessCheck();
  78     $this->assertEquals(AccessResult::allowed(), $access_check->access($route, $route_match, $account));
  79   }
  80
  81   /**
  82    * @covers ::access
  83    */
  84   public function testAccessWithDifferentRouteParameters() {
  85     $route = new Route(
  86       '/foo/{var_name}',
  87       [],
  88       ['_entity_access' => 'var_name.update'],
  89       ['parameters' => ['var_name' => ['type' => 'entity:node']]]
  90     );
  91     /** @var \Drupal\Core\Session\AccountInterface $account */
  92     $account = $this->prophesize(AccountInterface::class)->reveal();
  93     $access_check = new EntityAccessCheck();
  94
  95     // Confirm an EntityInterface route parameter's ::access() is called.
  96     /** @var \Drupal\Core\Entity\EntityInterface|\Prophecy\Prophecy\ObjectProphecy $node */
  97     $node = $this->prophesize(EntityInterface::class);
  98     $node->access('update', $account, TRUE)->willReturn(AccessResult::allowed());
  99     $route_match = $this->createRouteMatchForObject($node->reveal());
 100     $this->assertEquals(AccessResult::allowed(), $access_check->access($route, $route_match, $account));
 101
 102     // AccessibleInterface is not entity-like: ::access() should not be called.
 103     /** @var \Drupal\Core\Access\AccessibleInterface|\Prophecy\Prophecy\ObjectProphecy $node */
 104     $node = $this->prophesize(AccessibleInterface::class);
 105     $node->access('update', $account, TRUE)->willReturn(AccessResult::allowed());
 106     $route_match = $this->createRouteMatchForObject($node->reveal());
 107     $this->assertEquals(AccessResult::neutral(), $access_check->access($route, $route_match, $account));
 108   }
 109
 110   /**
 111    * Wrap any object with a route match, and return that.
 112    *
 113    * @param \stdClass $object
 114    *   Any object, including prophesized mocks based on interfaces.
 115    * @return RouteMatchInterface
 116    *   A prophesized RouteMatchInterface.
 117    */
 118   private function createRouteMatchForObject(\stdClass $object) {
 119     $route_match = $this->prophesize(RouteMatchInterface::class);
 120     $route_match->getRawParameters()->willReturn(new ParameterBag(['entity_type' => 'node', 'var_name' => 1]));
 121     $route_match->getParameters()->willReturn(new ParameterBag(['entity_type' => 'node', 'var_name' => $object]));
 122     return $route_match->reveal();
 123   }
 124
 125 }