www.aleph1.co.uk Git - yaffs-website/blob - web/modules/contrib/entity/tests/src/Kernel/QueryAccess/QueryAccessTest.php

   1 <?php
   2
   3 namespace Drupal\Tests\entity\Kernel\QueryAccess;
   4
   5 use Drupal\entity_module_test\Entity\EnhancedEntity;
   6 use Drupal\KernelTests\Core\Entity\EntityKernelTestBase;
   7 use Drupal\views\Tests\ViewResultAssertionTrait;
   8 use Drupal\views\Views;
   9
  10 /**
  11  * Test query access filtering for EntityQuery and Views.
  12  *
  13  * @group entity
  14  *
  15  * @see \Drupal\entity\QueryAccess\QueryAccessHandler
  16  * @see \Drupal\entity\QueryAccess\EntityQueryAlter
  17  * @see \Drupal\entity\QueryAccess\ViewsQueryAlter
  18  */
  19 class QueryAccessTest extends EntityKernelTestBase {
  20
  21   use ViewResultAssertionTrait;
  22
  23   /**
  24    * The test entities.
  25    *
  26    * @var \Drupal\Core\Entity\ContentEntityInterface[]
  27    */
  28   protected $entities;
  29
  30   /**
  31    * The entity_test_enhanced storage.
  32    *
  33    * @var \Drupal\Core\Entity\EntityStorageInterface
  34    */
  35   protected $storage;
  36
  37   /**
  38    * {@inheritdoc}
  39    */
  40   public static $modules = [
  41     'entity',
  42     'entity_module_test',
  43     'user',
  44     'views',
  45     'system',
  46   ];
  47
  48   /**
  49    * {@inheritdoc}
  50    */
  51   protected function setUp() {
  52     parent::setUp();
  53
  54     $this->installEntitySchema('entity_test_enhanced');
  55     $this->installConfig(['entity_module_test']);
  56
  57     // Create uid: 1 here so that it's skipped in test cases.
  58     $admin_user = $this->createUser();
  59
  60     $first_entity = EnhancedEntity::create([
  61       'type' => 'first',
  62       'label' => 'First',
  63       'status' => 1,
  64     ]);
  65     $first_entity->save();
  66
  67     $first_entity->set('name', 'First!');
  68     $first_entity->set('status', 0);
  69     $first_entity->setNewRevision(TRUE);
  70     $first_entity->save();
  71
  72     $second_entity = EnhancedEntity::create([
  73       'type' => 'first',
  74       'label' => 'Second',
  75       'status' => 0,
  76     ]);
  77     $second_entity->save();
  78
  79     $second_entity->set('name', 'Second!');
  80     $second_entity->set('status', 1);
  81     $second_entity->setNewRevision(TRUE);
  82     $second_entity->save();
  83
  84     $third_entity = EnhancedEntity::create([
  85       'type' => 'second',
  86       'label' => 'Third',
  87       'status' => 1,
  88     ]);
  89     $third_entity->save();
  90
  91     $third_entity->set('name', 'Third!');
  92     $third_entity->setNewRevision(TRUE);
  93     $third_entity->save();
  94
  95     $this->entities = [$first_entity, $second_entity, $third_entity];
  96     $this->storage = \Drupal::entityTypeManager()->getStorage('entity_test_enhanced');
  97   }
  98
  99   /**
 100    * Tests EntityQuery filtering.
 101    */
 102   public function testEntityQuery() {
 103     // Admin permission, full access.
 104     $admin_user = $this->createUser([], ['administer entity_test_enhanced']);
 105     \Drupal::currentUser()->setAccount($admin_user);
 106
 107     $result = $this->storage->getQuery()->sort('id')->execute();
 108     $this->assertEquals([
 109       $this->entities[0]->id(),
 110       $this->entities[1]->id(),
 111       $this->entities[2]->id(),
 112     ], array_values($result));
 113
 114     // No view permissions, no access.
 115     $user = $this->createUser([], ['access content']);
 116     \Drupal::currentUser()->setAccount($user);
 117
 118     $result = $this->storage->getQuery()->execute();
 119     $this->assertEmpty($result);
 120
 121     // View (published-only).
 122     $user = $this->createUser([], ['view entity_test_enhanced']);
 123     \Drupal::currentUser()->setAccount($user);
 124
 125     $result = $this->storage->getQuery()->sort('id')->execute();
 126     $this->assertEquals([
 127       $this->entities[1]->id(),
 128       $this->entities[2]->id(),
 129     ], array_values($result));
 130
 131     // View $bundle (published-only).
 132     $user = $this->createUser([], ['view first entity_test_enhanced']);
 133     \Drupal::currentUser()->setAccount($user);
 134
 135     $result = $this->storage->getQuery()->sort('id')->execute();
 136     $this->assertEquals([
 137       $this->entities[1]->id(),
 138     ], array_values($result));
 139   }
 140
 141   /**
 142    * Tests EntityQuery filtering when all revisions are queried.
 143    */
 144   public function testEntityQueryWithRevisions() {
 145     // Admin permission, full access.
 146     $admin_user = $this->createUser([], ['administer entity_test_enhanced']);
 147     \Drupal::currentUser()->setAccount($admin_user);
 148
 149     $result = $this->storage->getQuery()->allRevisions()->sort('id')->execute();
 150     $this->assertEquals([
 151       '1' => $this->entities[0]->id(),
 152       '2' => $this->entities[0]->id(),
 153       '3' => $this->entities[1]->id(),
 154       '4' => $this->entities[1]->id(),
 155       '5' => $this->entities[2]->id(),
 156       '6' => $this->entities[2]->id(),
 157     ], $result);
 158
 159     // No view permissions, no access.
 160     $user = $this->createUser([], ['access content']);
 161     \Drupal::currentUser()->setAccount($user);
 162
 163     $result = $this->storage->getQuery()->execute();
 164     $this->assertEmpty($result);
 165
 166     // View (published-only).
 167     $user = $this->createUser([], ['view entity_test_enhanced']);
 168     \Drupal::currentUser()->setAccount($user);
 169
 170     $result = $this->storage->getQuery()->allRevisions()->sort('id')->execute();
 171     $this->assertEquals([
 172       '1' => $this->entities[0]->id(),
 173       '4' => $this->entities[1]->id(),
 174       '5' => $this->entities[2]->id(),
 175       '6' => $this->entities[2]->id(),
 176     ], $result);
 177
 178     // View $bundle (published-only).
 179     $user = $this->createUser([], ['view first entity_test_enhanced']);
 180     \Drupal::currentUser()->setAccount($user);
 181
 182     $result = $this->storage->getQuery()->allRevisions()->sort('id')->execute();
 183     $this->assertEquals([
 184       '1' => $this->entities[0]->id(),
 185       '4' => $this->entities[1]->id(),
 186     ], $result);
 187   }
 188
 189   /**
 190    * Tests Views filtering.
 191    */
 192   public function testViews() {
 193     // Admin permission, full access.
 194     $admin_user = $this->createUser([], ['administer entity_test_enhanced']);
 195     \Drupal::currentUser()->setAccount($admin_user);
 196
 197     $view = Views::getView('entity_test_enhanced');
 198     $view->execute();
 199     $this->assertIdenticalResultset($view, [
 200       ['id' => $this->entities[0]->id()],
 201       ['id' => $this->entities[1]->id()],
 202       ['id' => $this->entities[2]->id()],
 203     ], ['id' => 'id']);
 204
 205     // No view permissions, no access.
 206     $user = $this->createUser([], ['access content']);
 207     \Drupal::currentUser()->setAccount($user);
 208
 209     $view = Views::getView('entity_test_enhanced');
 210     $view->execute();
 211     $this->assertIdenticalResultset($view, []);
 212
 213     // View (published-only).
 214     $user = $this->createUser([], ['view entity_test_enhanced']);
 215     \Drupal::currentUser()->setAccount($user);
 216
 217     $view = Views::getView('entity_test_enhanced');
 218     $view->execute();
 219     $this->assertIdenticalResultset($view, [
 220       ['id' => $this->entities[1]->id()],
 221       ['id' => $this->entities[2]->id()],
 222     ], ['id' => 'id']);
 223
 224     // View $bundle (published-only).
 225     $user = $this->createUser([], ['view first entity_test_enhanced']);
 226     \Drupal::currentUser()->setAccount($user);
 227
 228     $view = Views::getView('entity_test_enhanced');
 229     $view->execute();
 230     $this->assertIdenticalResultset($view, [
 231       ['id' => $this->entities[1]->id()],
 232     ], ['id' => 'id']);
 233   }
 234
 235   /**
 236    * Tests Views filtering when all revisions are queried.
 237    */
 238   public function testViewsWithRevisions() {
 239     // Admin permission, full access.
 240     $admin_user = $this->createUser([], ['administer entity_test_enhanced']);
 241     \Drupal::currentUser()->setAccount($admin_user);
 242
 243     $view = Views::getView('entity_test_enhanced_revisions');
 244     $view->execute();
 245     $this->assertIdenticalResultset($view, [
 246       ['vid' => '1', 'id' => $this->entities[0]->id()],
 247       ['vid' => '2', 'id' => $this->entities[0]->id()],
 248       ['vid' => '3', 'id' => $this->entities[1]->id()],
 249       ['vid' => '4', 'id' => $this->entities[1]->id()],
 250       ['vid' => '5', 'id' => $this->entities[2]->id()],
 251       ['vid' => '6', 'id' => $this->entities[2]->id()],
 252     ], ['vid' => 'vid']);
 253
 254     // No view permissions, no access.
 255     $user = $this->createUser([], ['access content']);
 256     \Drupal::currentUser()->setAccount($user);
 257
 258     $view = Views::getView('entity_test_enhanced');
 259     $view->execute();
 260     $this->assertIdenticalResultset($view, []);
 261
 262     // View (published-only).
 263     $user = $this->createUser([], ['view entity_test_enhanced']);
 264     \Drupal::currentUser()->setAccount($user);
 265
 266     $view = Views::getView('entity_test_enhanced_revisions');
 267     $view->execute();
 268     $this->assertIdenticalResultset($view, [
 269       ['vid' => '1', 'id' => $this->entities[0]->id()],
 270       ['vid' => '4', 'id' => $this->entities[1]->id()],
 271       ['vid' => '5', 'id' => $this->entities[2]->id()],
 272       ['vid' => '6', 'id' => $this->entities[2]->id()],
 273     ], ['vid' => 'vid']);
 274
 275     // View $bundle (published-only).
 276     $user = $this->createUser([], ['view first entity_test_enhanced']);
 277     \Drupal::currentUser()->setAccount($user);
 278
 279     $view = Views::getView('entity_test_enhanced_revisions');
 280     $view->execute();
 281     $this->assertIdenticalResultset($view, [
 282       ['vid' => '1', 'id' => $this->entities[0]->id()],
 283       ['vid' => '4', 'id' => $this->entities[1]->id()],
 284     ], ['vid' => 'vid']);
 285   }
 286
 287   /**
 288    * Tests filtering based on a configurable field.
 289    *
 290    * QueryAccessSubscriber adds a condition that ensures that the field value
 291    * is either empty or matches "marketing".
 292    *
 293    * @see \Drupal\entity_module_test\EventSubscriber\QueryAccessSubscriber
 294    */
 295   public function testConfigurableField() {
 296     $this->entities[0]->set('assigned', 'marketing');
 297     $this->entities[0]->save();
 298     // The field is case sensitive, so the third entity should be ignored.
 299     $this->entities[2]->set('assigned', 'MarKeTing');
 300     $this->entities[2]->save();
 301     $user = $this->createUser([
 302       'mail' => 'user3@example.com',
 303     ], ['access content']);
 304     \Drupal::currentUser()->setAccount($user);
 305
 306     // EntityQuery.
 307     $result = $this->storage->getQuery()->sort('id')->execute();
 308     $this->assertEquals([
 309       $this->entities[0]->id(),
 310       $this->entities[1]->id(),
 311     ], array_values($result));
 312
 313     // EntityQuery with revisions.
 314     $result = $this->storage->getQuery()->allRevisions()->sort('id')->execute();
 315     $this->assertEquals([
 316       '1' => $this->entities[0]->id(),
 317       '2' => $this->entities[0]->id(),
 318       '3' => $this->entities[1]->id(),
 319       '4' => $this->entities[1]->id(),
 320       '5' => $this->entities[2]->id(),
 321     ], $result);
 322
 323     // View.
 324     $view = Views::getView('entity_test_enhanced');
 325     $view->execute();
 326     $this->assertIdenticalResultset($view, [
 327       ['id' => $this->entities[0]->id()],
 328       ['id' => $this->entities[1]->id()],
 329     ], ['id' => 'id']);
 330
 331     // View with revisions.
 332     $view = Views::getView('entity_test_enhanced_revisions');
 333     $view->execute();
 334     $this->assertIdenticalResultset($view, [
 335       ['vid' => '1', 'id' => $this->entities[0]->id()],
 336       ['vid' => '2', 'id' => $this->entities[0]->id()],
 337       ['vid' => '3', 'id' => $this->entities[1]->id()],
 338       ['vid' => '4', 'id' => $this->entities[1]->id()],
 339       ['vid' => '5', 'id' => $this->entities[2]->id()],
 340     ], ['vid' => 'vid']);
 341   }
 342
 343 }