Skip to content
Snippets Groups Projects
Normal view Permalink
private.test 7 KiB
Newer Older
Chris Gross's avatar
daily build
Chris Gross committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 
<?php

/**
 * @file
 * Tests for private module.
 */
class PrivateTestCase extends DrupalWebTestCase {

  public static function getInfo() {
    return array(
      'name' => 'Private functionality',
      'description' => 'Checks behavior of Private.',
      'group' => 'Examples',
    );
  }

  /**
   * Enable modules and create user with specific permissions.
   */
  public function setUp() {
    parent::setUp('private', 'search');
    node_access_rebuild();
  }

  /**
   * Test the "private" node access.
   *
   * - Create 3 users with "access content" and "create article" permissions.
   * - Each user creates one private and one not private article.
   * - Run cron to update search index.
   * - Test that each user can view the other user's non-private article.
   * - Test that each user cannot view the other user's private article.
   * - Test that each user finds only appropriate (non-private + own private)
   *   in search results.
   * - Create another user with 'view private content'.
   * - Test that user 4 can view all content created above.
   * - Test that user 4 can search for all content created above.
   * - Test that user 4 cannot edit private content above.
   * - Create another user with 'edit private content'
   * - Test that user 5 can edit private content.
   * - Test that user 5 can delete private content.
   * - Test listings of nodes with 'node_access' tag on database search.
   */
  function testNodeAccessBasic() {
    $num_simple_users = 3;
    $simple_users = array();

    // nodes keyed by uid and nid: $nodes[$uid][$nid] = $is_private;
    $nodes_by_user = array();
    $titles = array(); // Titles keyed by nid
    $private_nodes = array(); // Array of nids marked private.
    for ($i = 0; $i < $num_simple_users; $i++) {
      $simple_users[$i] = $this->drupalCreateUser(array('access content', 'create article content', 'search content'));
    }
    foreach ($simple_users as $web_user) {
      $this->drupalLogin($web_user);
      foreach (array(0 => 'Public', 1 => 'Private') as $is_private => $type) {
        $edit = array(
          'title' => t('@private_public Article created by @user', array('@private_public' => $type, '@user' => $web_user->name)),
        );
        if ($is_private) {
          $edit['private'] = TRUE;
          $edit['body[und][0][value]'] = 'private node';
        }
        else {
          $edit['body[und][0][value]'] = 'public node';
        }
        $this->drupalPost('node/add/article', $edit, t('Save'));
        debug(t('Created article with private=@private', array('@private' => $is_private)));
        $this->assertText(t('Article @title has been created', array('@title' => $edit['title'])));
        $nid = db_query('SELECT nid FROM {node} WHERE title = :title', array(':title' => $edit['title']))->fetchField();
        $this->assertText(t('New node @nid was created and private=@private', array('@nid' => $nid, '@private' => $is_private)));
        $private_status = db_query('SELECT private FROM {private} where nid = :nid', array(':nid' => $nid))->fetchField();
        $this->assertTrue($is_private == $private_status, t('Node was properly set to private or not private in private table.'));
        if ($is_private) {
          $private_nodes[] = $nid;
        }
        $titles[$nid] = $edit['title'];
        $nodes_by_user[$web_user->uid][$nid] = $is_private;
      }
    }
    debug($nodes_by_user);
    $this->cronRun();  // Build the search index.
    foreach ($simple_users as $web_user) {
      $this->drupalLogin($web_user);
      // Check to see that we find the number of search results expected.
      $this->checkSearchResults('Private node', 1);
      // Check own nodes to see that all are readable.
      foreach (array_keys($nodes_by_user) as $uid) {
        // All of this user's nodes should be readable to same.
        if ($uid == $web_user->uid) {
          foreach ($nodes_by_user[$uid] as $nid => $is_private) {
            $this->drupalGet('node/' . $nid);
            $this->assertResponse(200);
            $this->assertTitle($titles[$nid] . ' | Drupal', t('Correct title for node found'));
          }
        }
        else {
          // Otherwise, for other users, private nodes should get a 403,
          // but we should be able to read non-private nodes.
          foreach ($nodes_by_user[$uid] as $nid => $is_private) {
            $this->drupalGet('node/' . $nid);
            $this->assertResponse($is_private ? 403 : 200, t('Node @nid by user @uid should get a @response for this user (@web_user_uid)', array('@nid' => $nid, '@uid' => $uid, '@response' => $is_private ? 403 : 200, '@web_user_uid' => $web_user->uid)));
            if (!$is_private) {
              $this->assertTitle($titles[$nid] . ' | Drupal', t('Correct title for node was found'));
            }
          }
        }
      }

      // Check to see that the correct nodes are shown on examples/node_access.
      $this->drupalGet('examples/node_access');
      $accessible = $this->xpath("//tr[contains(@class,'accessible')]");
      $this->assertEqual(count($accessible), 1, t('One private item accessible'));
      foreach ($accessible as $row) {
        $this->assertEqual($row->td[2], $web_user->uid, t('Accessible row owned by this user'));
      }
    }

    // Now test that a user with 'access private content' can view content.
    $access_user = $this->drupalCreateUser(array('access content', 'create article content', 'access private content', 'search content'));
    $this->drupalLogin($access_user);

    // Check to see that we find the number of search results expected.
    $this->checkSearchResults('Private node', 3);

    foreach ($nodes_by_user as $uid => $private_status) {
      foreach ($private_status as $nid => $is_private) {
        $this->drupalGet('node/' . $nid);
        $this->assertResponse(200);
      }
    }

    // Test that a privileged user can edit and delete private content.
    // This test should go last, as the nodes get deleted.
    $edit_user = $this->drupalCreateUser(array('access content', 'access private content', 'edit private content'));
    $this->drupalLogin($edit_user);
    foreach ($private_nodes as $nid) {
      $body = $this->randomName();
      $edit = array('body[und][0][value]' => $body);
      $this->drupalPost('node/' . $nid . '/edit', $edit, t('Save'));
      $this->assertText(t('has been updated'));
      $this->drupalPost('node/' . $nid . '/edit', array(), t('Delete'));
      $this->drupalPost(NULL, array(), t('Delete'));
      $this->assertText(t('has been deleted'));
    }


  }

  /**
   * On the search page, search for a string and assert the expected number
   * of results.
   * @param $search_query
   *   String to search for
   * @param $expected_result_count
   *   Expected result count
   */
  function checkSearchResults($search_query, $expected_result_count) {
    $this->drupalPost('search/node', array('keys' => $search_query), t('Search'));
    $search_results = $this->xpath("//ol[contains(@class, 'search-results')]/li");
    $this->assertEqual(count($search_results), $expected_result_count, t('Found the expected number of search results'));
  }
}