Révision 59ae487e
Ajouté par Assos Assos il y a presque 7 ans
drupal7/sites/all/modules/file_entity/file_entity.test | ||
---|---|---|
1205 | 1205 |
$this->drupalGet('admin/structure/file-types'); |
1206 | 1206 |
$this->assertResponse(403, 'File types UI page is not accessible to unauthorized users.'); |
1207 | 1207 |
|
1208 |
$user = $this->drupalCreateUser(array('administer file types')); |
|
1208 |
$user = $this->drupalCreateUser(array('administer file types', 'administer fields'));
|
|
1209 | 1209 |
$this->drupalLogin($user); |
1210 | 1210 |
|
1211 | 1211 |
$this->drupalGet('admin/structure/file-types'); |
... | ... | |
1671 | 1671 |
$this->assertEqual($build['#file']->$attribute, $expected_value, format_string('The %attribute was overridden correctly.', array('%attribute' => $attribute))); |
1672 | 1672 |
} |
1673 | 1673 |
} |
1674 |
|
|
1675 |
/** |
|
1676 |
* @param EntityFieldQuery $query |
|
1677 |
* @param $expected |
|
1678 |
* An associative array of expected result. Keys are file ids, values are |
|
1679 |
* booleans to indicate if the result should include the file. |
|
1680 |
*/ |
|
1681 |
function assertEntityFieldQueryAccess(EntityFieldQuery $query, $expected, $account = NULL, $query_name = 'unnamed') { |
|
1682 |
if ($account) { |
|
1683 |
$query->addMetaData('account', $account); |
|
1684 |
} |
|
1685 |
$query->addTag('entity_field_access'); |
|
1686 |
$results = $query->execute(); |
|
1687 |
$fids = isset($results['file']) ? array_keys($results['file']) : array(); |
|
1688 |
foreach ($expected as $fid => $in_result) { |
|
1689 |
if ($in_result) { |
|
1690 |
$this->assertTrue(in_array($fid, $fids), format_string("For the %name query, the result should contain %fid", array('%name' => $query_name, '%fid' => $fid))); |
|
1691 |
} |
|
1692 |
else { |
|
1693 |
$this->assertFalse(in_array($fid, $fids), format_string("For the %name query, the result should not contain %fid", array('%name' => $query_name, '%fid' => $fid))); |
|
1694 |
} |
|
1695 |
} |
|
1696 |
} |
|
1697 |
|
|
1698 |
/** |
|
1699 |
* Test file entity access for entity field queries. |
|
1700 |
*/ |
|
1701 |
function testEntityFieldQueryAccess() { |
|
1702 |
// Attach a text field to the default image file type. |
|
1703 |
$field = array( |
|
1704 |
'field_name' => drupal_strtolower($this->randomName()), |
|
1705 |
'type' => 'text', |
|
1706 |
'settings' => array( |
|
1707 |
'max_length' => 255, |
|
1708 |
) |
|
1709 |
); |
|
1710 |
field_create_field($field); |
|
1711 |
$instance = array( |
|
1712 |
'field_name' => $field['field_name'], |
|
1713 |
'entity_type' => 'file', |
|
1714 |
'bundle' => 'document', |
|
1715 |
'widget' => array( |
|
1716 |
'type' => 'text_textfield', |
|
1717 |
), |
|
1718 |
'display' => array( |
|
1719 |
'default' => array( |
|
1720 |
'type' => 'text_default', |
|
1721 |
), |
|
1722 |
), |
|
1723 |
); |
|
1724 |
field_create_instance($instance); |
|
1725 |
// Create test files. |
|
1726 |
$file_owner = $this->drupalCreateUser(array('view own files', 'view own private files')); |
|
1727 |
$public_file = $this->createFileEntity(array( |
|
1728 |
'status' => 0, |
|
1729 |
)); |
|
1730 |
$private_file = $this->createFileEntity(array('scheme' => 'private')); |
|
1731 |
$owned_public_file = $this->createFileEntity(array( |
|
1732 |
'uid' => $file_owner->uid, |
|
1733 |
'scheme' => 'public', |
|
1734 |
)); |
|
1735 |
$owned_private_file = $this->createFileEntity(array( |
|
1736 |
'uid' => $file_owner->uid, |
|
1737 |
'scheme' => 'private', |
|
1738 |
)); |
|
1739 |
$fids = array( |
|
1740 |
$public_file->fid, |
|
1741 |
$private_file->fid, |
|
1742 |
$owned_public_file->fid, |
|
1743 |
$owned_private_file->fid, |
|
1744 |
); |
|
1745 |
foreach (file_load_multiple($fids) as $file) { |
|
1746 |
$file->{$field['field_name']}[LANGUAGE_NONE][0] = array('value' => 'find me'); |
|
1747 |
file_save($file); |
|
1748 |
} |
|
1749 |
|
|
1750 |
$efq_fids = new EntityFieldQuery(); |
|
1751 |
$queries['entity type and id conditions'] = $efq_fids |
|
1752 |
->entityCondition('entity_type', 'file') |
|
1753 |
->entityCondition('entity_id', $fids); |
|
1754 |
$efq_field_name = new EntityFieldQuery(); |
|
1755 |
$queries['single field condition'] = $efq_field_name |
|
1756 |
->fieldCondition($field['field_name'], 'value', 'find me'); |
|
1757 |
|
|
1758 |
foreach($queries as $name => $query) { |
|
1759 |
$message = format_string(''); |
|
1760 |
// User should not see private files, only his own public files. |
|
1761 |
$this->assertEntityFieldQueryAccess(clone $query, array( |
|
1762 |
$public_file->fid => TRUE, |
|
1763 |
$private_file->fid => FALSE, |
|
1764 |
$owned_public_file->fid => TRUE, |
|
1765 |
$owned_private_file->fid => FALSE, |
|
1766 |
), $this->drupalCreateUser(array('create files')), $name); |
|
1767 |
|
|
1768 |
// A user with the 'view own files' and 'view own private files' permissions should only see owned files and public files. |
|
1769 |
$this->drupalLogin($file_owner); |
|
1770 |
$this->assertEntityFieldQueryAccess(clone $query, array( |
|
1771 |
$public_file->fid => TRUE, |
|
1772 |
$private_file->fid => FALSE, |
|
1773 |
$owned_public_file->fid => TRUE, |
|
1774 |
$owned_private_file->fid => TRUE, |
|
1775 |
), $file_owner, $name); |
|
1776 |
|
|
1777 |
// User with the 'view files' permission should only see public files but cannot create files. |
|
1778 |
$this->assertEntityFieldQueryAccess(clone $query, array( |
|
1779 |
$public_file->fid => TRUE, |
|
1780 |
$private_file->fid => FALSE, |
|
1781 |
$owned_public_file->fid => TRUE, |
|
1782 |
$owned_private_file->fid => FALSE, |
|
1783 |
), $this->drupalCreateUser(array('view files')), $name); |
|
1784 |
|
|
1785 |
// User with the 'view files' and 'view private files' permissions should only see all files. |
|
1786 |
$this->assertEntityFieldQueryAccess(clone $query, array( |
|
1787 |
$public_file->fid => TRUE, |
|
1788 |
$private_file->fid => TRUE, |
|
1789 |
$owned_public_file->fid => TRUE, |
|
1790 |
$owned_private_file->fid => TRUE, |
|
1791 |
), $this->drupalCreateUser(array('view files', 'view private files')), $name); |
|
1792 |
|
|
1793 |
// User with the 'bypass file access' permissions should only see all files. |
|
1794 |
$this->assertEntityFieldQueryAccess(clone $query, array( |
|
1795 |
$public_file->fid => TRUE, |
|
1796 |
$private_file->fid => TRUE, |
|
1797 |
$owned_public_file->fid => TRUE, |
|
1798 |
$owned_private_file->fid => TRUE, |
|
1799 |
), $this->drupalCreateUser(array('bypass file access')), $name); |
|
1800 |
} |
|
1801 |
} |
|
1674 | 1802 |
} |
Formats disponibles : Unified diff
Weekly update of contrib modules