Révision 59ae487e
Ajouté par Assos Assos il y a presque 7 ans
| drupal7/sites/all/modules/file_entity/file_entity.test | ||
|---|---|---|
| 1205 | 1205 |
$this->drupalGet('admin/structure/file-types');
|
| 1206 | 1206 |
$this->assertResponse(403, 'File types UI page is not accessible to unauthorized users.'); |
| 1207 | 1207 |
|
| 1208 |
$user = $this->drupalCreateUser(array('administer file types'));
|
|
| 1208 |
$user = $this->drupalCreateUser(array('administer file types', 'administer fields'));
|
|
| 1209 | 1209 |
$this->drupalLogin($user); |
| 1210 | 1210 |
|
| 1211 | 1211 |
$this->drupalGet('admin/structure/file-types');
|
| ... | ... | |
| 1671 | 1671 |
$this->assertEqual($build['#file']->$attribute, $expected_value, format_string('The %attribute was overridden correctly.', array('%attribute' => $attribute)));
|
| 1672 | 1672 |
} |
| 1673 | 1673 |
} |
| 1674 |
|
|
| 1675 |
/** |
|
| 1676 |
* @param EntityFieldQuery $query |
|
| 1677 |
* @param $expected |
|
| 1678 |
* An associative array of expected result. Keys are file ids, values are |
|
| 1679 |
* booleans to indicate if the result should include the file. |
|
| 1680 |
*/ |
|
| 1681 |
function assertEntityFieldQueryAccess(EntityFieldQuery $query, $expected, $account = NULL, $query_name = 'unnamed') {
|
|
| 1682 |
if ($account) {
|
|
| 1683 |
$query->addMetaData('account', $account);
|
|
| 1684 |
} |
|
| 1685 |
$query->addTag('entity_field_access');
|
|
| 1686 |
$results = $query->execute(); |
|
| 1687 |
$fids = isset($results['file']) ? array_keys($results['file']) : array(); |
|
| 1688 |
foreach ($expected as $fid => $in_result) {
|
|
| 1689 |
if ($in_result) {
|
|
| 1690 |
$this->assertTrue(in_array($fid, $fids), format_string("For the %name query, the result should contain %fid", array('%name' => $query_name, '%fid' => $fid)));
|
|
| 1691 |
} |
|
| 1692 |
else {
|
|
| 1693 |
$this->assertFalse(in_array($fid, $fids), format_string("For the %name query, the result should not contain %fid", array('%name' => $query_name, '%fid' => $fid)));
|
|
| 1694 |
} |
|
| 1695 |
} |
|
| 1696 |
} |
|
| 1697 |
|
|
| 1698 |
/** |
|
| 1699 |
* Test file entity access for entity field queries. |
|
| 1700 |
*/ |
|
| 1701 |
function testEntityFieldQueryAccess() {
|
|
| 1702 |
// Attach a text field to the default image file type. |
|
| 1703 |
$field = array( |
|
| 1704 |
'field_name' => drupal_strtolower($this->randomName()), |
|
| 1705 |
'type' => 'text', |
|
| 1706 |
'settings' => array( |
|
| 1707 |
'max_length' => 255, |
|
| 1708 |
) |
|
| 1709 |
); |
|
| 1710 |
field_create_field($field); |
|
| 1711 |
$instance = array( |
|
| 1712 |
'field_name' => $field['field_name'], |
|
| 1713 |
'entity_type' => 'file', |
|
| 1714 |
'bundle' => 'document', |
|
| 1715 |
'widget' => array( |
|
| 1716 |
'type' => 'text_textfield', |
|
| 1717 |
), |
|
| 1718 |
'display' => array( |
|
| 1719 |
'default' => array( |
|
| 1720 |
'type' => 'text_default', |
|
| 1721 |
), |
|
| 1722 |
), |
|
| 1723 |
); |
|
| 1724 |
field_create_instance($instance); |
|
| 1725 |
// Create test files. |
|
| 1726 |
$file_owner = $this->drupalCreateUser(array('view own files', 'view own private files'));
|
|
| 1727 |
$public_file = $this->createFileEntity(array( |
|
| 1728 |
'status' => 0, |
|
| 1729 |
)); |
|
| 1730 |
$private_file = $this->createFileEntity(array('scheme' => 'private'));
|
|
| 1731 |
$owned_public_file = $this->createFileEntity(array( |
|
| 1732 |
'uid' => $file_owner->uid, |
|
| 1733 |
'scheme' => 'public', |
|
| 1734 |
)); |
|
| 1735 |
$owned_private_file = $this->createFileEntity(array( |
|
| 1736 |
'uid' => $file_owner->uid, |
|
| 1737 |
'scheme' => 'private', |
|
| 1738 |
)); |
|
| 1739 |
$fids = array( |
|
| 1740 |
$public_file->fid, |
|
| 1741 |
$private_file->fid, |
|
| 1742 |
$owned_public_file->fid, |
|
| 1743 |
$owned_private_file->fid, |
|
| 1744 |
); |
|
| 1745 |
foreach (file_load_multiple($fids) as $file) {
|
|
| 1746 |
$file->{$field['field_name']}[LANGUAGE_NONE][0] = array('value' => 'find me');
|
|
| 1747 |
file_save($file); |
|
| 1748 |
} |
|
| 1749 |
|
|
| 1750 |
$efq_fids = new EntityFieldQuery(); |
|
| 1751 |
$queries['entity type and id conditions'] = $efq_fids |
|
| 1752 |
->entityCondition('entity_type', 'file')
|
|
| 1753 |
->entityCondition('entity_id', $fids);
|
|
| 1754 |
$efq_field_name = new EntityFieldQuery(); |
|
| 1755 |
$queries['single field condition'] = $efq_field_name |
|
| 1756 |
->fieldCondition($field['field_name'], 'value', 'find me'); |
|
| 1757 |
|
|
| 1758 |
foreach($queries as $name => $query) {
|
|
| 1759 |
$message = format_string('');
|
|
| 1760 |
// User should not see private files, only his own public files. |
|
| 1761 |
$this->assertEntityFieldQueryAccess(clone $query, array( |
|
| 1762 |
$public_file->fid => TRUE, |
|
| 1763 |
$private_file->fid => FALSE, |
|
| 1764 |
$owned_public_file->fid => TRUE, |
|
| 1765 |
$owned_private_file->fid => FALSE, |
|
| 1766 |
), $this->drupalCreateUser(array('create files')), $name);
|
|
| 1767 |
|
|
| 1768 |
// A user with the 'view own files' and 'view own private files' permissions should only see owned files and public files. |
|
| 1769 |
$this->drupalLogin($file_owner); |
|
| 1770 |
$this->assertEntityFieldQueryAccess(clone $query, array( |
|
| 1771 |
$public_file->fid => TRUE, |
|
| 1772 |
$private_file->fid => FALSE, |
|
| 1773 |
$owned_public_file->fid => TRUE, |
|
| 1774 |
$owned_private_file->fid => TRUE, |
|
| 1775 |
), $file_owner, $name); |
|
| 1776 |
|
|
| 1777 |
// User with the 'view files' permission should only see public files but cannot create files. |
|
| 1778 |
$this->assertEntityFieldQueryAccess(clone $query, array( |
|
| 1779 |
$public_file->fid => TRUE, |
|
| 1780 |
$private_file->fid => FALSE, |
|
| 1781 |
$owned_public_file->fid => TRUE, |
|
| 1782 |
$owned_private_file->fid => FALSE, |
|
| 1783 |
), $this->drupalCreateUser(array('view files')), $name);
|
|
| 1784 |
|
|
| 1785 |
// User with the 'view files' and 'view private files' permissions should only see all files. |
|
| 1786 |
$this->assertEntityFieldQueryAccess(clone $query, array( |
|
| 1787 |
$public_file->fid => TRUE, |
|
| 1788 |
$private_file->fid => TRUE, |
|
| 1789 |
$owned_public_file->fid => TRUE, |
|
| 1790 |
$owned_private_file->fid => TRUE, |
|
| 1791 |
), $this->drupalCreateUser(array('view files', 'view private files')), $name);
|
|
| 1792 |
|
|
| 1793 |
// User with the 'bypass file access' permissions should only see all files. |
|
| 1794 |
$this->assertEntityFieldQueryAccess(clone $query, array( |
|
| 1795 |
$public_file->fid => TRUE, |
|
| 1796 |
$private_file->fid => TRUE, |
|
| 1797 |
$owned_public_file->fid => TRUE, |
|
| 1798 |
$owned_private_file->fid => TRUE, |
|
| 1799 |
), $this->drupalCreateUser(array('bypass file access')), $name);
|
|
| 1800 |
} |
|
| 1801 |
} |
|
| 1674 | 1802 |
} |
Formats disponibles : Unified diff
Weekly update of contrib modules