function FieldNoteItemTest::testFieldNoteAccess

Test multiple access scenarios for the field_note field.

File

modules/field_permission_example/tests/src/Kernel/FieldNoteItemTest.php, line 178

Class

FieldNoteItemTest
Tests our sticky-note field type.

Namespace

Drupal\Tests\field_permission_example\Kernel

Code

public function testFieldNoteAccess() {
  // Let's set up some scenarios.
  $scenarios = [
    'admin_type' => [
      'perms' => [
        'administer the field note field',
      ],
      'can_view_any' => TRUE,
      'can_edit_any' => TRUE,
      'can_view_own' => TRUE,
      'can_edit_own' => TRUE,
    ],
    'low_access' => [
      'perms' => [
        'view test entity',
      ],
      'can_view_any' => FALSE,
      'can_edit_any' => FALSE,
      'can_view_own' => FALSE,
      'can_edit_own' => FALSE,
    ],
    'view_any' => [
      'perms' => [
        'view test entity',
        'view any field note',
      ],
      'can_view_any' => TRUE,
      'can_edit_any' => FALSE,
      'can_view_own' => FALSE,
      'can_edit_own' => FALSE,
    ],
    'edit_any' => [
      'perms' => [
        'view test entity',
        'view any field note',
        'edit any field note',
      ],
      'can_view_any' => TRUE,
      'can_edit_any' => TRUE,
      'can_view_own' => FALSE,
      'can_edit_own' => FALSE,
    ],
    'view_own' => [
      'perms' => [
        'view test entity',
        'view own field note',
      ],
      'can_view_any' => FALSE,
      'can_edit_any' => FALSE,
      'can_view_own' => TRUE,
      'can_edit_own' => FALSE,
    ],
    'edit_own' => [
      'perms' => [
        'view test entity',
        'view own field note',
        'edit own field note',
      ],
      'can_view_any' => FALSE,
      'can_edit_any' => FALSE,
      'can_view_own' => TRUE,
      'can_edit_own' => TRUE,
    ],
  ];
  $value = 'This is an epic entity';
  // We also need to test users as an entity to attach to.  They work
  // a little differently than most content entity types:
  $arbitrary_user = $this->createUser([], 'Some User');
  $arbitrary_user->user_field_note = $value;
  $arbitrary_user->save();
  $storage = $this->container
    ->get('entity_type.manager')
    ->getStorage('entity_test');
  foreach ($scenarios as $name => $scenario) {
    $test_user = $this->createUser($scenario['perms'], $name);
    $entity = $storage->create([
      'entity_test',
    ]);
    $entity->field_field_note = $value;
    $entity->name->value = $this->randomMachineName();
    $entity->save();
    foreach ([
      'can_view_any',
      'can_edit_any',
    ] as $op) {
      $this->doAccessAssertion($entity, 'field_field_note', $test_user, $name, $op, $scenario[$op]);
      $this->doAccessAssertion($arbitrary_user, 'user_field_note', $test_user, $name, $op, $scenario[$op]);
    }
    if ($scenario['can_view_own'] or $scenario['can_edit_own']) {
      $entity->user_id = $test_user;
      $entity->save();
      $test_user->user_field_note = $value;
      $test_user->save();
      foreach ([
        'can_view_own',
        'can_edit_own',
      ] as $op) {
        $this->doAccessAssertion($entity, 'field_field_note', $test_user, $name, $op, $scenario[$op]);
        $this->doAccessAssertion($test_user, 'user_field_note', $test_user, $name, $op, $scenario[$op]);
      }
    }
  }
}