Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
<?php
/**
* @file
* Definition of Drupal\node\Tests\NodeRevisionPermissionsTest.
*/
namespace Drupal\node\Tests;
/**
* Tests user permissions for node revisions.
*/
class NodeRevisionPermissionsTest extends NodeTestBase {
protected $node_revisions = array();
protected $accounts = array();
// Map revision permission names to node revision access ops.
protected $map = array(
'view' => 'view revisions',
'update' => 'revert revisions',
'delete' => 'delete revisions',
);
public static function getInfo() {
return array(
'name' => 'Node revision permissions',
'description' => 'Tests user permissions for node revision operations.',
'group' => 'Node',
);
}
function setUp() {
parent::setUp();
// Create a node with several revisions.
$node = $this->drupalCreateNode();
$this->node_revisions[] = $node;
for ($i = 0; $i < 3; $i++) {
// Create a revision for the same nid and settings with a random log.
$revision = clone $node;
Angie Byron
committed
$revision->setNewRevision();
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
$revision->log = $this->randomName(32);
node_save($revision);
$this->node_revisions[] = $revision;
}
// Create three users, one with each revision permission.
foreach ($this->map as $op => $permission) {
// Create the user.
$account = $this->drupalCreateUser(
array(
'access content',
'edit any page content',
'delete any page content',
$permission,
)
);
$account->op = $op;
$this->accounts[] = $account;
}
// Create an admin account (returns TRUE for all revision permissions).
$admin_account = $this->drupalCreateUser(array('access content', 'administer nodes'));
$admin_account->is_admin = TRUE;
$this->accounts['admin'] = $admin_account;
// Create a normal account (returns FALSE for all revision permissions).
$normal_account = $this->drupalCreateUser();
$normal_account->op = FALSE;
$this->accounts[] = $normal_account;
}
/**
* Tests the _node_revision_access() function.
*/
function testNodeRevisionAccess() {
$revision = node_revision_load($this->node_revisions[1]->vid);
$parameters = array(
'op' => array_keys($this->map),
'account' => $this->accounts,
);
$permutations = $this->generatePermutations($parameters);
foreach ($permutations as $case) {
if (!empty($case['account']->is_admin) || $case['op'] == $case['account']->op) {
$this->assertTrue(_node_revision_access($revision, $case['op'], $case['account']), "{$this->map[$case['op']]} granted.");
}
else {
$this->assertFalse(_node_revision_access($revision, $case['op'], $case['account']), "{$this->map[$case['op']]} not granted.");
}
}
// Test that access is FALSE for a node administrator with an invalid $node
// or $op parameters.
$admin_account = $this->accounts['admin'];
$this->assertFalse(_node_revision_access($revision, 'invalid-op', $admin_account), '_node_revision_access() returns FALSE with an invalid op.');
// Test that the $account parameter defaults to the "logged in" user.
$original_user = $GLOBALS['user'];
$GLOBALS['user'] = $admin_account;
$this->assertTrue(_node_revision_access($revision, 'view'), '_node_revision_access() returns TRUE when used with global user.');
$GLOBALS['user'] = $original_user;
}
}