Project

General

Profile

Paste
Download (12.8 KB) Statistics
| Branch: | Revision:

root / drupal7 / sites / all / modules / content_access / tests / content_access.test @ ae34fb26

1
<?php
2

    
3
/**
4
 * @file
5
 * Automated SimpleTest Case for content access module.
6
 */
7

    
8
require_once drupal_get_path('module', 'content_access') . '/tests/content_access_test_help.php';
9

    
10
class ContentAccessModuleTestCase extends ContentAccessTestCase {
11

    
12
  /**
13
   * Implements get_info() for information.
14
   */
15
  public static function getInfo() {
16
    return array(
17
      'name' => t('Content Access Module Tests'),
18
      'description' => t('Various tests to check permission settings on nodes.'),
19
      'group' => t('Content Access'),
20
    );
21
  }
22

    
23
  function setUp($module = '') {
24
    parent::setUp();
25

    
26
    // Create test nodes.
27
    $this->node1 = $this->drupalCreateNode(array('type' => $this->content_type->type));
28
    $this->node2 = $this->drupalCreateNode(array('type' => $this->content_type->type));
29
  }
30

    
31
  /**
32
   * Test for viewing nodes.
33
   */
34
  function testViewAccess() {
35
    // Restrict access to the content type (access is only allowed for the
36
    // author).
37
    $access_permissions = array(
38
      'view[1]' => FALSE,
39
      'view[2]' => FALSE,
40
    );
41
    $this->changeAccessContentType($access_permissions);
42

    
43
    // Logout admin and try to access the node anonymously.
44
    $this->drupalLogout();
45
    $this->drupalGet('node/' . $this->node1->nid);
46
    $this->assertText(t('Access denied'), 'node is not viewable');
47

    
48
    // Login test user, view node, access must be denied.
49
    $this->drupalLogin($this->test_user);
50
    $this->drupalGet('node/' . $this->node1->nid);
51
    $this->assertText(t('Access denied'), 'node is not viewable');
52

    
53
    // Login admin and grant access for viewing to the test user.
54
    $this->drupalLogin($this->admin_user);
55
    $this->changeAccessContentTypeKeyword('view');
56

    
57
    // Logout admin and try to access the node anonymously.
58
    // Access must be denied again.
59
    $this->drupalLogout();
60
    $this->drupalGet('node/' . $this->node1->nid);
61
    $this->assertText(t('Access denied'), 'node is not viewable');
62

    
63
    // Login test user, view node, access must be granted.
64
    $this->drupalLogin($this->test_user);
65
    $this->drupalGet('node/' . $this->node1->nid);
66
    $this->assertNoText(t('Access denied'), 'node is viewable');
67

    
68
    // Login admin and enable per node access.
69
    $this->drupalLogin($this->admin_user);
70
    $this->changeAccessPerNode();
71

    
72
    // Restrict access on node2 for the test user role.
73
    $this->changeAccessNodeKeyword($this->node2, 'view', FALSE);
74

    
75
    // Logout admin and try to access both nodes anonymously.
76
    $this->drupalLogout();
77
    $this->drupalGet('node/' . $this->node1->nid);
78
    $this->assertText(t('Access denied'), 'node1 is not viewable');
79
    $this->drupalGet('node/' . $this->node2->nid);
80
    $this->assertText(t('Access denied'), 'node2 is not viewable');
81

    
82
    // Login test user, view node1, access must be granted.
83
    $this->drupalLogin($this->test_user);
84
    $this->drupalGet('node/' . $this->node1->nid);
85
    $this->assertNoText(t('Access denied'), 'node1 is viewable');
86

    
87
    // View node2, access must be denied.
88
    $this->drupalGet('node/' . $this->node2->nid);
89
    $this->assertText(t('Access denied'), 'node2 is not viewable');
90

    
91
    // Login admin, swap permissions between content type and node2.
92
    $this->drupalLogin($this->admin_user);
93

    
94
    // Restrict access to content type.
95
    $this->changeAccessContentTypeKeyword('view', FALSE);
96

    
97
    // Grant access to node2.
98
    $this->changeAccessNodeKeyword($this->node2, 'view');
99

    
100
    // Logout admin and try to access both nodes anonymously.
101
    $this->drupalLogout();
102
    $this->drupalGet('node/' . $this->node1->nid);
103
    $this->assertText(t('Access denied'), 'node1 is not viewable');
104
    $this->drupalGet('node/' . $this->node2->nid);
105
    $this->assertText(t('Access denied'), 'node2 is not viewable');
106

    
107
    // Login test user, view node1, access must be denied.
108
    $this->drupalLogin($this->test_user);
109
    $this->drupalGet('node/' . $this->node1->nid);
110
    $this->assertText(t('Access denied'), 'node1 is not viewable');
111

    
112
    // View node2, access must be granted.
113
    $this->drupalGet('node/' . $this->node2->nid);
114
    $this->assertNoText(t('Access denied'), 'node2 is viewable');
115
  }
116

    
117
  /**
118
   * Test for editing nodes.
119
   */
120
  function testEditAccess() {
121
    // Logout admin and try to edit the node anonymously.
122
    $this->drupalLogout();
123
    $this->drupalGet('node/' . $this->node1->nid . '/edit');
124
    $this->assertText(t('Access denied'), 'edit access denied for anonymous');
125

    
126
    // Login test user, edit node, access must be denied.
127
    $this->drupalLogin($this->test_user);
128
    $this->drupalGet('node/' . $this->node1->nid . '/edit');
129
    $this->assertText(t('Access denied'), 'edit access denied for test user');
130

    
131
    // Login admin and grant access for editing to the test user.
132
    $this->drupalLogin($this->admin_user);
133
    $this->changeAccessContentTypeKeyword('update');
134

    
135
    // Logout admin and try to edit the node anonymously.
136
    // Access must be denied again.
137
    $this->drupalLogout();
138
    $this->drupalGet('node/' . $this->node1->nid . '/edit');
139
    $this->assertText(t('Access denied'), 'edit access denied for anonymous');
140

    
141
    // Login test user, edit node, access must be granted.
142
    $this->drupalLogin($this->test_user);
143
    $this->drupalGet('node/' . $this->node1->nid . '/edit');
144
    $this->assertNoText(t('Access denied'), 'node1 is editable');
145

    
146
    // Login admin and enable per node access.
147
    $this->drupalLogin($this->admin_user);
148
    $this->changeAccessPerNode();
149

    
150
    // Restrict access for this content type for the test user.
151
    $this->changeAccessContentTypeKeyword('update', FALSE);
152

    
153
    // Allow acces for node1 only.
154
    $this->changeAccessNodeKeyword($this->node1, 'update');
155

    
156
    // Logout admin and try to edit both nodes anonymously.
157
    $this->drupalLogout();
158
    $this->drupalGet('node/' . $this->node1->nid . '/edit');
159
    $this->assertText(t('Access denied'), 'node1 is not editable');
160
    $this->drupalGet('node/' . $this->node2->nid . '/edit');
161
    $this->assertText(t('Access denied'), 'node2 is not editable');
162

    
163
    // Login test user, edit node1, access must be granted.
164
    $this->drupalLogin($this->test_user);
165
    $this->drupalGet('node/' . $this->node1->nid . '/edit');
166
    $this->assertNoText(t('Access denied'), 'node1 is editable');
167

    
168
    // Edit node2, access must be denied.
169
    $this->drupalGet('node/' . $this->node2->nid . '/edit');
170
    $this->assertText(t('Access denied'), 'node2 is not editable');
171

    
172
    // Login admin, swap permissions between node1 and node2.
173
    $this->drupalLogin($this->admin_user);
174

    
175
    // Grant edit access to node2.
176
    $this->changeAccessNodeKeyword($this->node2, 'update');
177
    // Restrict edit acces to node1.
178
    $this->changeAccessNodeKeyword($this->node1, 'update', FALSE);
179

    
180
    // Logout admin and try to edit both nodes anonymously.
181
    $this->drupalLogout();
182
    $this->drupalGet('node/' . $this->node1->nid . '/edit');
183
    $this->assertText(t('Access denied'), 'node1 is not editable');
184
    $this->drupalGet('node/' . $this->node2->nid . '/edit');
185
    $this->assertText(t('Access denied'), 'node2 is not editable');
186

    
187
    // Login test user, edit node1, access must be denied.
188
    $this->drupalLogin($this->test_user);
189
    $this->drupalGet('node/' . $this->node1->nid . '/edit');
190
    $this->assertText(t('Access denied'), 'node1 is not editable');
191

    
192
    // Edit node2, access must be granted.
193
    $this->drupalGet('node/' . $this->node2->nid . '/edit');
194
    $this->assertNoText(t('Access denied'), 'node2 is editable');
195
  }
196

    
197
  /**
198
   * Test for deleting nodes.
199
   */
200
  function testDeleteAccess() {
201
    // Logout admin and try to delete the node anonymously.
202
    $this->drupalLogout();
203
    $this->drupalGet('node/' . $this->node1->nid . '/delete');
204
    $this->assertText(t('Access denied'), 'delete access denied for anonymous');
205

    
206
    // Login test user, delete node, access must be denied.
207
    $this->drupalLogin($this->test_user);
208
    $this->drupalGet('node/' . $this->node1->nid . '/delete');
209
    $this->assertText(t('Access denied'), 'delete access denied for test user');
210

    
211
    // Login admin and grant access for deleting to the test user.
212
    $this->drupalLogin($this->admin_user);
213

    
214
    $this->changeAccessContentTypeKeyword('delete');
215

    
216
    // Logout admin and try to edit the node anonymously.
217
    // Access must be denied again.
218
    $this->drupalLogout();
219
    $this->drupalGet('node/' . $this->node1->nid . '/delete');
220
    $this->assertText(t('Access denied'), 'delete access denied for anonymous');
221

    
222
    // Login test user, delete node, access must be granted.
223
    $this->drupalLogin($this->test_user);
224
    $this->drupalPost('node/' . $this->node1->nid . '/delete', array(), 'Delete');
225
    $this->assertRaw(t('%node has been deleted', array('%node' => $this->node1->title)), 'Test node was deleted successfully by test user');
226

    
227
    // Login admin and recreate test node1.
228
    $this->drupalLogin($this->admin_user);
229
    $this->node1 = $this->drupalCreateNode(array('type' => $this->content_type->type));
230

    
231
    // Enable per node access.
232
    $this->changeAccessPerNode();
233

    
234
    // Restrict access for this content type for the test user.
235
    $this->changeAccessContentTypeKeyword('delete', FALSE);
236

    
237
    // Allow acces for node1 only.
238
    $this->changeAccessNodeKeyword($this->node1, 'delete');
239

    
240
    // Logout admin and try to delete both nodes anonymously.
241
    $this->drupalLogout();
242
    $this->drupalGet('node/' . $this->node1->nid . '/delete');
243
    $this->assertText(t('Access denied'), 'node1 is not deletable');
244
    $this->drupalGet('node/' . $this->node2->nid . '/delete');
245
    $this->assertText(t('Access denied'), 'node2 is not deletable');
246

    
247
    // Login test user, delete node1, access must be granted.
248
    $this->drupalLogin($this->test_user);
249
    $this->drupalGet('node/' . $this->node1->nid . '/delete');
250
    $this->assertNoText(t('Access denied'), 'node1 is deletable');
251

    
252
    // Delete node2, access must be denied.
253
    $this->drupalGet('node/' . $this->node2->nid . '/delete');
254
    $this->assertText(t('Access denied'), 'node2 is not deletable');
255

    
256
    // Login admin, swap permissions between node1 and node2.
257
    $this->drupalLogin($this->admin_user);
258

    
259
    // Grant delete access to node2.
260
    $this->changeAccessNodeKeyword($this->node2, 'delete');
261
    // Restrict delete acces to node1.
262
    $this->changeAccessNodeKeyword($this->node1, 'delete', FALSE);
263

    
264
    // Logout admin and try to delete both nodes anonymously.
265
    $this->drupalLogout();
266
    $this->drupalGet('node/' . $this->node1->nid . '/delete');
267
    $this->assertText(t('Access denied'), 'node1 is not deletable');
268
    $this->drupalGet('node/' . $this->node2->nid . '/delete');
269
    $this->assertText(t('Access denied'), 'node2 is not deletable');
270

    
271
    // Login test user, delete node1, access must be denied.
272
    $this->drupalLogin($this->test_user);
273
    $this->drupalGet('node/' . $this->node1->nid . '/delete');
274
    $this->assertText(t('Access denied'), 'node1 is not deletable');
275

    
276
    // Delete node2, access must be granted.
277
    $this->drupalGet('node/' . $this->node2->nid . '/delete');
278
    $this->assertNoText(t('Access denied'), 'node2 is deletable');
279
  }
280

    
281
  /**
282
   * Test own view access.
283
   */
284
  function testOwnViewAccess() {
285
    // Setup 2 test users.
286
    $test_user1 = $this->test_user;
287
    $test_user2 = $this->drupalCreateUser(array('access content'));
288

    
289
    // Change ownership of test nodes to test users.
290
    $this->node1->uid = $test_user1->uid;
291
    node_save($this->node1);
292
    $this->node2->uid = $test_user2->uid;
293
    node_save($this->node2);
294

    
295
    // Remove all view permissions for this content type.
296
    $access_permissions = array(
297
      'view[1]' => FALSE,
298
      'view[2]' => FALSE,
299
      'view_own[1]' => FALSE,
300
      'view_own[2]' => FALSE,
301
    );
302
    $this->changeAccessContentType($access_permissions);
303

    
304
    // Allow view own content for test user 1 and 2 roles.
305
    $this->changeAccessContentTypeKeyword('view_own', TRUE, $test_user1);
306
    $this->changeAccessContentTypeKeyword('view_own', TRUE, $test_user2);
307

    
308
    // Logout admin and try to access both nodes anonymously.
309
    $this->drupalLogout();
310
    $this->drupalGet('node/' . $this->node1->nid);
311
    $this->assertText(t('Access denied'), 'node1 is not viewable');
312
    $this->drupalGet('node/' . $this->node2->nid);
313
    $this->assertText(t('Access denied'), 'node2 is not viewable');
314

    
315
    // Login test user 1, view node1, access must be granted.
316
    $this->drupalLogin($test_user1);
317
    $this->drupalGet('node/' . $this->node1->nid);
318
    $this->assertNoText(t('Access denied'), 'node1 is viewable');
319

    
320
    // View node2, access must be denied.
321
    $this->drupalGet('node/' . $this->node2->nid);
322
    $this->assertText(t('Access denied'), 'node2 is not viewable');
323

    
324
    // Login test user 2, view node1, access must be denied.
325
    $this->drupalLogin($test_user2);
326
    $this->drupalGet('node/' . $this->node1->nid);
327
    $this->assertText(t('Access denied'), 'node1 is not viewable');
328

    
329
    // View node2, access must be granted.
330
    $this->drupalGet('node/' . $this->node2->nid);
331
    $this->assertNoText(t('Access denied'), 'node2 is viewable');
332
  }
333
}