3 namespace Drupal\Tests\entity\Kernel\QueryAccess;
5 use Drupal\entity_module_test\Entity\EnhancedEntity;
6 use Drupal\KernelTests\Core\Entity\EntityKernelTestBase;
7 use Drupal\views\Tests\ViewResultAssertionTrait;
8 use Drupal\views\Views;
11 * Test query access filtering for EntityQuery and Views.
15 * @see \Drupal\entity\QueryAccess\QueryAccessHandler
16 * @see \Drupal\entity\QueryAccess\EntityQueryAlter
17 * @see \Drupal\entity\QueryAccess\ViewsQueryAlter
19 class QueryAccessTest extends EntityKernelTestBase {
21 use ViewResultAssertionTrait;
26 * @var \Drupal\Core\Entity\ContentEntityInterface[]
31 * The entity_test_enhanced storage.
33 * @var \Drupal\Core\Entity\EntityStorageInterface
40 public static $modules = [
51 protected function setUp() {
54 $this->installEntitySchema('entity_test_enhanced');
55 $this->installConfig(['entity_module_test']);
57 // Create uid: 1 here so that it's skipped in test cases.
58 $admin_user = $this->createUser();
60 $first_entity = EnhancedEntity::create([
65 $first_entity->save();
67 $first_entity->set('name', 'First!');
68 $first_entity->set('status', 0);
69 $first_entity->setNewRevision(TRUE);
70 $first_entity->save();
72 $second_entity = EnhancedEntity::create([
77 $second_entity->save();
79 $second_entity->set('name', 'Second!');
80 $second_entity->set('status', 1);
81 $second_entity->setNewRevision(TRUE);
82 $second_entity->save();
84 $third_entity = EnhancedEntity::create([
89 $third_entity->save();
91 $third_entity->set('name', 'Third!');
92 $third_entity->setNewRevision(TRUE);
93 $third_entity->save();
95 $this->entities = [$first_entity, $second_entity, $third_entity];
96 $this->storage = \Drupal::entityTypeManager()->getStorage('entity_test_enhanced');
100 * Tests EntityQuery filtering.
102 public function testEntityQuery() {
103 // Admin permission, full access.
104 $admin_user = $this->createUser([], ['administer entity_test_enhanced']);
105 \Drupal::currentUser()->setAccount($admin_user);
107 $result = $this->storage->getQuery()->sort('id')->execute();
108 $this->assertEquals([
109 $this->entities[0]->id(),
110 $this->entities[1]->id(),
111 $this->entities[2]->id(),
112 ], array_values($result));
114 // No view permissions, no access.
115 $user = $this->createUser([], ['access content']);
116 \Drupal::currentUser()->setAccount($user);
118 $result = $this->storage->getQuery()->execute();
119 $this->assertEmpty($result);
121 // View (published-only).
122 $user = $this->createUser([], ['view entity_test_enhanced']);
123 \Drupal::currentUser()->setAccount($user);
125 $result = $this->storage->getQuery()->sort('id')->execute();
126 $this->assertEquals([
127 $this->entities[1]->id(),
128 $this->entities[2]->id(),
129 ], array_values($result));
131 // View $bundle (published-only).
132 $user = $this->createUser([], ['view first entity_test_enhanced']);
133 \Drupal::currentUser()->setAccount($user);
135 $result = $this->storage->getQuery()->sort('id')->execute();
136 $this->assertEquals([
137 $this->entities[1]->id(),
138 ], array_values($result));
142 * Tests EntityQuery filtering when all revisions are queried.
144 public function testEntityQueryWithRevisions() {
145 // Admin permission, full access.
146 $admin_user = $this->createUser([], ['administer entity_test_enhanced']);
147 \Drupal::currentUser()->setAccount($admin_user);
149 $result = $this->storage->getQuery()->allRevisions()->sort('id')->execute();
150 $this->assertEquals([
151 '1' => $this->entities[0]->id(),
152 '2' => $this->entities[0]->id(),
153 '3' => $this->entities[1]->id(),
154 '4' => $this->entities[1]->id(),
155 '5' => $this->entities[2]->id(),
156 '6' => $this->entities[2]->id(),
159 // No view permissions, no access.
160 $user = $this->createUser([], ['access content']);
161 \Drupal::currentUser()->setAccount($user);
163 $result = $this->storage->getQuery()->execute();
164 $this->assertEmpty($result);
166 // View (published-only).
167 $user = $this->createUser([], ['view entity_test_enhanced']);
168 \Drupal::currentUser()->setAccount($user);
170 $result = $this->storage->getQuery()->allRevisions()->sort('id')->execute();
171 $this->assertEquals([
172 '1' => $this->entities[0]->id(),
173 '4' => $this->entities[1]->id(),
174 '5' => $this->entities[2]->id(),
175 '6' => $this->entities[2]->id(),
178 // View $bundle (published-only).
179 $user = $this->createUser([], ['view first entity_test_enhanced']);
180 \Drupal::currentUser()->setAccount($user);
182 $result = $this->storage->getQuery()->allRevisions()->sort('id')->execute();
183 $this->assertEquals([
184 '1' => $this->entities[0]->id(),
185 '4' => $this->entities[1]->id(),
190 * Tests Views filtering.
192 public function testViews() {
193 // Admin permission, full access.
194 $admin_user = $this->createUser([], ['administer entity_test_enhanced']);
195 \Drupal::currentUser()->setAccount($admin_user);
197 $view = Views::getView('entity_test_enhanced');
199 $this->assertIdenticalResultset($view, [
200 ['id' => $this->entities[0]->id()],
201 ['id' => $this->entities[1]->id()],
202 ['id' => $this->entities[2]->id()],
205 // No view permissions, no access.
206 $user = $this->createUser([], ['access content']);
207 \Drupal::currentUser()->setAccount($user);
209 $view = Views::getView('entity_test_enhanced');
211 $this->assertIdenticalResultset($view, []);
213 // View (published-only).
214 $user = $this->createUser([], ['view entity_test_enhanced']);
215 \Drupal::currentUser()->setAccount($user);
217 $view = Views::getView('entity_test_enhanced');
219 $this->assertIdenticalResultset($view, [
220 ['id' => $this->entities[1]->id()],
221 ['id' => $this->entities[2]->id()],
224 // View $bundle (published-only).
225 $user = $this->createUser([], ['view first entity_test_enhanced']);
226 \Drupal::currentUser()->setAccount($user);
228 $view = Views::getView('entity_test_enhanced');
230 $this->assertIdenticalResultset($view, [
231 ['id' => $this->entities[1]->id()],
236 * Tests Views filtering when all revisions are queried.
238 public function testViewsWithRevisions() {
239 // Admin permission, full access.
240 $admin_user = $this->createUser([], ['administer entity_test_enhanced']);
241 \Drupal::currentUser()->setAccount($admin_user);
243 $view = Views::getView('entity_test_enhanced_revisions');
245 $this->assertIdenticalResultset($view, [
246 ['vid' => '1', 'id' => $this->entities[0]->id()],
247 ['vid' => '2', 'id' => $this->entities[0]->id()],
248 ['vid' => '3', 'id' => $this->entities[1]->id()],
249 ['vid' => '4', 'id' => $this->entities[1]->id()],
250 ['vid' => '5', 'id' => $this->entities[2]->id()],
251 ['vid' => '6', 'id' => $this->entities[2]->id()],
252 ], ['vid' => 'vid']);
254 // No view permissions, no access.
255 $user = $this->createUser([], ['access content']);
256 \Drupal::currentUser()->setAccount($user);
258 $view = Views::getView('entity_test_enhanced');
260 $this->assertIdenticalResultset($view, []);
262 // View (published-only).
263 $user = $this->createUser([], ['view entity_test_enhanced']);
264 \Drupal::currentUser()->setAccount($user);
266 $view = Views::getView('entity_test_enhanced_revisions');
268 $this->assertIdenticalResultset($view, [
269 ['vid' => '1', 'id' => $this->entities[0]->id()],
270 ['vid' => '4', 'id' => $this->entities[1]->id()],
271 ['vid' => '5', 'id' => $this->entities[2]->id()],
272 ['vid' => '6', 'id' => $this->entities[2]->id()],
273 ], ['vid' => 'vid']);
275 // View $bundle (published-only).
276 $user = $this->createUser([], ['view first entity_test_enhanced']);
277 \Drupal::currentUser()->setAccount($user);
279 $view = Views::getView('entity_test_enhanced_revisions');
281 $this->assertIdenticalResultset($view, [
282 ['vid' => '1', 'id' => $this->entities[0]->id()],
283 ['vid' => '4', 'id' => $this->entities[1]->id()],
284 ], ['vid' => 'vid']);
288 * Tests filtering based on a configurable field.
290 * QueryAccessSubscriber adds a condition that ensures that the field value
291 * is either empty or matches "marketing".
293 * @see \Drupal\entity_module_test\EventSubscriber\QueryAccessSubscriber
295 public function testConfigurableField() {
296 $this->entities[0]->set('assigned', 'marketing');
297 $this->entities[0]->save();
298 // The field is case sensitive, so the third entity should be ignored.
299 $this->entities[2]->set('assigned', 'MarKeTing');
300 $this->entities[2]->save();
301 $user = $this->createUser([
302 'mail' => 'user3@example.com',
303 ], ['access content']);
304 \Drupal::currentUser()->setAccount($user);
307 $result = $this->storage->getQuery()->sort('id')->execute();
308 $this->assertEquals([
309 $this->entities[0]->id(),
310 $this->entities[1]->id(),
311 ], array_values($result));
313 // EntityQuery with revisions.
314 $result = $this->storage->getQuery()->allRevisions()->sort('id')->execute();
315 $this->assertEquals([
316 '1' => $this->entities[0]->id(),
317 '2' => $this->entities[0]->id(),
318 '3' => $this->entities[1]->id(),
319 '4' => $this->entities[1]->id(),
320 '5' => $this->entities[2]->id(),
324 $view = Views::getView('entity_test_enhanced');
326 $this->assertIdenticalResultset($view, [
327 ['id' => $this->entities[0]->id()],
328 ['id' => $this->entities[1]->id()],
331 // View with revisions.
332 $view = Views::getView('entity_test_enhanced_revisions');
334 $this->assertIdenticalResultset($view, [
335 ['vid' => '1', 'id' => $this->entities[0]->id()],
336 ['vid' => '2', 'id' => $this->entities[0]->id()],
337 ['vid' => '3', 'id' => $this->entities[1]->id()],
338 ['vid' => '4', 'id' => $this->entities[1]->id()],
339 ['vid' => '5', 'id' => $this->entities[2]->id()],
340 ], ['vid' => 'vid']);