class ParagraphsAccessTest

Same name in this branch

8.x-1.x paragraphs/tests/src/Kernel/ParagraphsAccessTest.php \Drupal\Tests\paragraphs\Kernel\ParagraphsAccessTest
8.x-1.x paragraphs/tests/src/Functional/WidgetStable/ParagraphsAccessTest.php \Drupal\Tests\paragraphs\Functional\WidgetStable\ParagraphsAccessTest
8.x-1.x paragraphs/tests/src/Functional/WidgetLegacy/ParagraphsAccessTest.php \Drupal\Tests\paragraphs\Functional\WidgetLegacy\ParagraphsAccessTest

Tests the access check of paragraphs.

@group paragraphs

Hierarchy

class \Drupal\Tests\paragraphs\Functional\WidgetLegacy\ParagraphsTestBase extends \Drupal\Tests\BrowserTestBase uses \Drupal\Tests\field_ui\Traits\FieldUiTestTrait
- class \Drupal\Tests\paragraphs\Functional\WidgetStable\ParagraphsTestBase uses ParagraphsTestBaseTrait
  - class \Drupal\Tests\paragraphs\Functional\WidgetStable\ParagraphsAccessTest uses \Drupal\Tests\field_ui\Traits\FieldUiTestTrait

Expanded class hierarchy of ParagraphsAccessTest

File

paragraphs/tests/src/Functional/WidgetStable/ParagraphsAccessTest.php, line 18

Namespace

Drupal\Tests\paragraphs\Functional\WidgetStable

View source

class ParagraphsAccessTest extends ParagraphsTestBase {
  use FieldUiTestTrait;

  /**
   * Modules to enable.
   *
   * @var array
   */
  protected static $modules = array(
    'content_translation',
    'image',
    'field',
    'field_ui',
    'block',
    'language',
    'node',
  );

  /**
   * {@inheritdoc}
   */
  protected function setUp() : void {
    parent::setUp();
    ConfigurableLanguage::create([
      'id' => 'de',
      'label' => '1German',
    ])
      ->save();
    ConfigurableLanguage::create([
      'id' => 'fr',
      'label' => '2French',
    ])
      ->save();
    $this
      ->addParagraphedContentType('paragraphed_content_demo', 'field_paragraphs_demo');
    $this
      ->loginAsAdmin([
      'administer site configuration',
      'administer content translation',
      'administer languages',
    ]);
    $this
      ->addParagraphsType('nested_paragraph');
    $this
      ->addParagraphsField('nested_paragraph', 'field_paragraphs_demo', 'paragraph');
    $this
      ->addParagraphsType('images');
    static::fieldUIAddNewField('admin/structure/paragraphs_type/images', 'images_demo', 'Images', 'image', [
      'cardinality' => -1,
    ], [
      'settings[alt_field]' => FALSE,
    ]);
    $this
      ->addParagraphsType('text_image');
    static::fieldUIAddNewField('admin/structure/paragraphs_type/text_image', 'image_demo', 'Images', 'image', [
      'cardinality' => -1,
    ], [
      'settings[alt_field]' => FALSE,
    ]);
    static::fieldUIAddNewField('admin/structure/paragraphs_type/text_image', 'text_demo', 'Text', 'text_long', [], []);
    $this
      ->addParagraphsType('text');
    static::fieldUIAddExistingField('admin/structure/paragraphs_type/text', 'field_text_demo', 'Text', []);
    $edit = [
      'entity_types[node]' => TRUE,
      'entity_types[paragraph]' => TRUE,
      'settings[node][paragraphed_content_demo][translatable]' => TRUE,
      'settings[node][paragraphed_content_demo][fields][field_paragraphs_demo]' => FALSE,
      'settings[paragraph][images][translatable]' => TRUE,
      'settings[paragraph][text_image][translatable]' => TRUE,
      'settings[paragraph][text][translatable]' => TRUE,
      'settings[paragraph][nested_paragraph][translatable]' => TRUE,
      'settings[paragraph][nested_paragraph][fields][field_paragraphs_demo]' => FALSE,
      'settings[paragraph][nested_paragraph][settings][language][language_alterable]' => TRUE,
      'settings[paragraph][images][fields][field_images_demo]' => TRUE,
      'settings[paragraph][text_image][fields][field_image_demo]' => TRUE,
      'settings[paragraph][text_image][fields][field_text_demo]' => TRUE,
      'settings[node][paragraphed_content_demo][settings][language][language_alterable]' => TRUE,
    ];
    $this
      ->drupalGet('admin/config/regional/content-language');
    $this
      ->submitForm($edit, 'Save configuration');
    $view_display = \Drupal::service('entity_display.repository')
      ->getViewDisplay('paragraph', 'images');
    $view_display
      ->setComponent('field_images_demo', [
      'settings' => [
        'image_style' => 'medium',
      ],
    ]);
    $view_display
      ->save();
  }

  /**
   * Tests the Paragraph access and permissions.
   */
  public function testParagraphAccessCheck() {
    $permissions = [
      'administer site configuration',
      'administer node display',
      'administer paragraph display',
      'create paragraphed_content_demo content',
      'edit any paragraphed_content_demo content',
    ];
    $this
      ->loginAsAdmin($permissions);

    // Remove the "access content" for anonymous users. That results in
    // anonymous users not being able to "view" the host entity.

    /* @var Role $role */
    $role = \Drupal::entityTypeManager()
      ->getStorage('user_role')
      ->load(RoleInterface::ANONYMOUS_ID);
    $role
      ->revokePermission('access content');
    $role
      ->save();

    // Set field_images from demo to private file storage.
    $edit = array(
      'field_storage[subform][settings][uri_scheme]' => 'private',
    );
    $this
      ->drupalGet('admin/structure/paragraphs_type/images/fields/paragraph.images.field_images_demo');
    $this
      ->submitForm($edit, 'Save settings');

    // Use the stable widget.
    $form_display = EntityFormDisplay::load('node.paragraphed_content_demo.default')
      ->setComponent('field_paragraphs_demo', [
      'type' => 'paragraphs',
    ]);
    $form_display
      ->save();

    // Create a new demo node.
    $this
      ->drupalGet('node/add/paragraphed_content_demo');

    // Add a new Paragraphs images item.
    $this
      ->submitForm([], 'Add images');
    $images = $this
      ->getTestFiles('image');

    // Create a file, upload it.
    $file_system = \Drupal::service('file_system');
    $file_system
      ->copy($images[0]->uri, 'temporary://privateImage.jpg');
    $file_path = $this->container
      ->get('file_system')
      ->realpath('temporary://privateImage.jpg');

    // Create a file, upload it.
    $file_system
      ->copy($images[1]->uri, 'temporary://privateImage2.jpg');
    $file_path_2 = $this->container
      ->get('file_system')
      ->realpath('temporary://privateImage2.jpg');
    $edit = array(
      'title[0][value]' => 'Security test node',
      'files[field_paragraphs_demo_0_subform_field_images_demo_0][]' => $file_path,
    );
    $this
      ->submitForm($edit, 'Upload');
    $edit = array(
      'files[field_paragraphs_demo_0_subform_field_images_demo_1][]' => $file_path_2,
    );
    $this
      ->submitForm($edit, 'Upload');
    $this
      ->submitForm([], 'Preview');
    $image_style = ImageStyle::load('medium');
    $img1_url = $image_style
      ->buildUrl('private://' . date('Y-m') . '/privateImage.jpg');
    $image_url = \Drupal::service('file_url_generator')
      ->transformRelative($img1_url);
    $this
      ->assertSession()
      ->responseContains($image_url);
    $this
      ->clickLink('Back to content editing');
    $this
      ->submitForm([], 'Save');
    $node = $this
      ->drupalGetNodeByTitle('Security test node');
    $this
      ->drupalGet('node/' . $node
      ->id());

    // Check the text and image after publish.
    $this
      ->assertSession()
      ->responseContains($image_url);
    $this
      ->drupalGet($img1_url);
    $this
      ->assertSession()
      ->statusCodeEquals(200);

    // Logout to become anonymous.
    $this
      ->drupalLogout();

    // @todo Requesting the same $img_url again triggers a caching problem on
    // drupal.org test bot, thus we request a different file here.
    $img_url = $image_style
      ->buildUrl('private://' . date('Y-m') . '/privateImage2.jpg');
    $image_url = \Drupal::service('file_url_generator')
      ->transformRelative($img_url);

    // Check the text and image after publish. Anonymous should not see content.
    $this
      ->assertSession()
      ->responseNotContains($image_url);
    $this
      ->drupalGet($img_url);
    $this
      ->assertSession()
      ->statusCodeEquals(403);

    // Login as admin with no delete permissions.
    $this
      ->loginAsAdmin($permissions);

    // Create a new demo node.
    $this
      ->drupalGet('node/add/paragraphed_content_demo');
    $this
      ->submitForm([], 'Add text');
    $this
      ->assertSession()
      ->pageTextContains('Text');
    $edit = [
      'title[0][value]' => 'delete_permissions',
      'field_paragraphs_demo[0][subform][field_text_demo][0][value]' => 'Test',
    ];
    $this
      ->submitForm($edit, 'Save');

    // Edit the node.
    $this
      ->clickLink('Edit');

    // Check the remove button is present.
    $this
      ->assertNotNull($this
      ->xpath('//*[@name="field_paragraphs_demo_0_remove"]'));

    // Delete the Paragraph and save.
    $this
      ->submitForm([], 'field_paragraphs_demo_0_remove');
    $this
      ->submitForm([], 'Save');
    $node = $this
      ->getNodeByTitle('delete_permissions');
    $this
      ->assertSession()
      ->addressEquals('node/' . $node
      ->id());

    // Create an unpublished Paragraph and assert if it is displayed for the
    // user.
    $permissions = [
      'create paragraphed_content_demo content',
      'edit any paragraphed_content_demo content',
      'view unpublished paragraphs',
      'administer paragraph form display',
    ];
    $this
      ->loginAsAdmin($permissions);
    $edit = [
      'fields[status][region]' => 'content',
      'fields[status][type]' => 'boolean_checkbox',
    ];
    $this
      ->drupalGet('admin/structure/paragraphs_type/text/form-display');
    $this
      ->submitForm($edit, 'Save');
    $this
      ->drupalGet('node/add/paragraphed_content_demo');
    $this
      ->submitForm([], 'Add text');
    $this
      ->assertSession()
      ->pageTextContains('Text');
    $edit = [
      'title[0][value]' => 'unpublished_permissions',
      'field_paragraphs_demo[0][subform][field_text_demo][0][value]' => 'recognizable_test',
      'field_paragraphs_demo[0][subform][status][value]' => FALSE,
    ];
    $this
      ->submitForm($edit, 'Save');
    $this
      ->assertSession()
      ->pageTextContains('recognizable_test');
    $this
      ->assertSession()
      ->responseContains('paragraph--unpublished');
    $this
      ->drupalLogout();
    $node = $this
      ->drupalGetNodeByTitle('unpublished_permissions');

    // Login as an user without the view unpublished Paragraph permission.
    $user = $this
      ->drupalCreateUser([
      'administer nodes',
      'edit any paragraphed_content_demo content',
    ]);
    $this
      ->drupalLogin($user);

    // Assert that the Paragraph is not displayed.
    $this
      ->drupalGet('node/' . $node
      ->id());
    $this
      ->assertSession()
      ->pageTextNotContains('recognizable_test');
    $this
      ->assertSession()
      ->responseNotContains('paragraph--unpublished');

    // Grant to the user the view unpublished Paragraph permission.
    $this
      ->grantPermissions(Role::load(Role::AUTHENTICATED_ID), [
      'view unpublished paragraphs',
    ]);

    // Assert that the Paragraph is displayed.
    $this
      ->drupalGet('node/' . $node
      ->id());
    $this
      ->assertSession()
      ->pageTextContains('recognizable_test');
    $this
      ->assertSession()
      ->responseContains('paragraph--unpublished');

    // Grant to the user the administer Paragraphs settings permission.
    $this
      ->grantPermissions(Role::load(Role::AUTHENTICATED_ID), [
      'administer paragraphs settings',
    ]);

    // Disable the show unpublished Paragraphs setting.
    $this
      ->drupalGet('admin/config/content/paragraphs');
    $this
      ->submitForm([
      'show_unpublished' => FALSE,
    ], 'Save configuration');

    // Assert that the Paragraph is not displayed even if the user has the
    // permission to do so.
    $this
      ->drupalGet('node/' . $node
      ->id());
    $this
      ->assertSession()
      ->pageTextNotContains('recognizable_test');
    $this
      ->assertSession()
      ->responseNotContains('paragraph--unpublished');

    // Enable the show unpublished Paragraphs setting.
    $this
      ->drupalGet('admin/config/content/paragraphs');
    $this
      ->submitForm([
      'show_unpublished' => TRUE,
    ], 'Save configuration');

    // Assert that the Paragraph is displayed when the user has the permission
    // to do so.
    $this
      ->drupalGet('node/' . $node
      ->id());
    $this
      ->assertSession()
      ->pageTextContains('recognizable_test');
    $this
      ->assertSession()
      ->responseContains('paragraph--unpublished');
  }

  /**
   * Tests the Paragraph validation with filter access.
   */
  public function testParagraphsTextFormatValidation() {
    $filtered_html_format = FilterFormat::create([
      'format' => 'filtered_html',
      'name' => 'Filtered HTML',
    ]);
    $filtered_html_format
      ->save();
    $permissions = [
      'create paragraphed_content_demo content',
      'edit any paragraphed_content_demo content',
      $filtered_html_format
        ->getPermissionName(),
    ];
    $this
      ->loginAsAdmin($permissions);

    // Create a node with a Text Paragraph using the filtered html format.
    $this
      ->drupalGet('node/add/paragraphed_content_demo');
    $this
      ->submitForm([], 'Add text');
    $this
      ->assertSession()
      ->pageTextContains('Text');
    $edit = [
      'title[0][value]' => 'access_validation_test',
      'field_paragraphs_demo[0][subform][field_text_demo][0][value]' => 'Test',
    ];
    $this
      ->submitForm($edit, 'Save');
    $this
      ->assertSession()
      ->pageTextContains('paragraphed_content_demo access_validation_test has been created.');
    $this
      ->drupalLogout();

    // Login as an user without the Text Format permission.
    $user = $this
      ->drupalCreateUser([
      'administer nodes',
      'edit any paragraphed_content_demo content',
    ]);
    $this
      ->drupalLogin($user);
    $node = $this
      ->getNodeByTitle('access_validation_test');
    $this
      ->drupalGet('node/' . $node
      ->id() . '/edit');
    $this
      ->submitForm([], 'Save');
    $this
      ->assertSession()
      ->pageTextContains('paragraphed_content_demo access_validation_test has been updated.');
    $this
      ->drupalGet('node/' . $node
      ->id() . '/edit');
    $this
      ->submitForm([], 'field_paragraphs_demo_0_collapse');
    $this
      ->submitForm([], 'Save');
    $this
      ->assertSession()
      ->pageTextContains('paragraphed_content_demo access_validation_test has been updated.');
    $this
      ->assertSession()
      ->pageTextNotContains('The value you selected is not a valid choice.');
  }

}

Members

Name	Modifiers	Type	Description	Overrides
ParagraphsAccessTest::$modules	protected static	property	Modules to enable. Overrides ParagraphsTestBase::$modules
ParagraphsAccessTest::setUp	protected	function	Overrides ParagraphsTestBase::setUp
ParagraphsAccessTest::testParagraphAccessCheck	public	function	Tests the Paragraph access and permissions.
ParagraphsAccessTest::testParagraphsTextFormatValidation	public	function	Tests the Paragraph validation with filter access.
ParagraphsTestBase::$admin_permissions	protected	property	List of permissions used by loginAsAdmin().
ParagraphsTestBase::$admin_user	protected	property	Drupal user object created by loginAsAdmin().	1
ParagraphsTestBase::$defaultTheme	protected	property		2
ParagraphsTestBase::loginAsAdmin		function	Creates an user with admin permissions and log in.
ParagraphsTestBase::removeDefaultParagraphType	protected	function	Removes the default paragraph type. Overrides ParagraphsTestBase::removeDefaultParagraphType
ParagraphsTestBase::setAddMode	protected	function	Sets the Paragraphs widget add mode. Overrides ParagraphsTestBase::setAddMode
ParagraphsTestBase::setAllowedParagraphsTypes	protected	function	Sets the allowed Paragraphs types that can be added.
ParagraphsTestBase::setDefaultParagraphType	protected	function	Sets the default paragraph type.
ParagraphsTestBase::setParagraphsTypeWeight	protected	function	Sets the weight of a given Paragraphs type.
ParagraphsTestBase::setParagraphsWidgetMode	protected	function	Sets the Paragraphs widget display mode.
ParagraphsTestBaseTrait::$workflow	protected	property	The workflow entity.
ParagraphsTestBaseTrait::addFieldtoParagraphType	protected	function	Adds a field to a given paragraph type.
ParagraphsTestBaseTrait::addParagraphedContentType	protected	function	Adds a content type with a Paragraphs field.
ParagraphsTestBaseTrait::addParagraphsField	protected	function	Adds a Paragraphs field to a given entity type.
ParagraphsTestBaseTrait::addParagraphsType	protected	function	Adds a Paragraphs type.
ParagraphsTestBaseTrait::addParagraphsTypeIcon	protected	function	Adds an icon to a paragraphs type.
ParagraphsTestBaseTrait::coreVersion	protected	function	Checks the core version.
ParagraphsTestBaseTrait::createEditorialWorkflow	protected	function	Creates a workflow entity.
ParagraphsTestBaseTrait::setParagraphsWidgetSettings	protected	function	Sets some of the settings of a paragraphs field widget.

Main menu

Search 8.x-1.x

API Navigation

class ParagraphsAccessTest

Hierarchy

File

Namespace

Members

Main menu

You are here

Search 8.x-1.x

API Navigation

class ParagraphsAccessTest

Hierarchy

File

Namespace

Members