3 namespace Drupal\Tests\block_content\Kernel;
5 use Drupal\block_content\BlockContentAccessControlHandler;
6 use Drupal\block_content\Entity\BlockContent;
7 use Drupal\block_content\Entity\BlockContentType;
8 use Drupal\Core\Access\AccessibleInterface;
9 use Drupal\Core\Access\AccessResult;
10 use Drupal\KernelTests\KernelTestBase;
11 use Drupal\user\Entity\Role;
12 use Drupal\user\Entity\User;
15 * Tests the block content entity access handler.
17 * @coversDefaultClass \Drupal\block_content\BlockContentAccessControlHandler
19 * @group block_content
21 class BlockContentAccessHandlerTest extends KernelTestBase {
26 public static $modules = [
34 * The BlockContent access controller to test.
36 * @var \Drupal\block_content\BlockContentAccessControlHandler
38 protected $accessControlHandler;
41 * The BlockContent entity used for testing.
43 * @var \Drupal\block_content\Entity\BlockContent
45 protected $blockEntity;
50 * @var \Drupal\user\RoleInterface
57 protected function setUp() {
59 $this->installSchema('system', ['sequence']);
60 $this->installSchema('system', ['sequences']);
61 $this->installSchema('user', ['users_data']);
62 $this->installEntitySchema('user');
63 $this->installEntitySchema('block_content');
65 // Create a block content type.
66 $block_content_type = BlockContentType::create([
68 'label' => 'A square block type',
69 'description' => "Provides a block type that is square.",
71 $block_content_type->save();
73 $this->blockEntity = BlockContent::create([
74 'info' => 'The Block',
77 $this->blockEntity->save();
79 // Create user 1 test does not have all permissions.
84 $this->role = Role::create([
86 'label' => 'roly poly',
89 $this->accessControlHandler = new BlockContentAccessControlHandler(\Drupal::entityTypeManager()->getDefinition('block_content'), \Drupal::service('event_dispatcher'));
93 * @covers ::checkAccess
95 * @dataProvider providerTestAccess
97 public function testAccess($operation, $published, $reusable, $permissions, $parent_access, $expected_access) {
98 $published ? $this->blockEntity->setPublished() : $this->blockEntity->setUnpublished();
99 $reusable ? $this->blockEntity->setReusable() : $this->blockEntity->setNonReusable();
101 $user = User::create([
103 'mail' => 'hi@example.com',
107 foreach ($permissions as $permission) {
108 $this->role->grantPermission($permission);
112 $user->addRole($this->role->id());
115 if ($parent_access) {
116 $parent_entity = $this->prophesize(AccessibleInterface::class);
117 $expected_parent_result = NULL;
118 switch ($parent_access) {
120 $expected_parent_result = AccessResult::allowed();
124 $expected_parent_result = AccessResult::neutral();
128 $expected_parent_result = AccessResult::forbidden();
131 $parent_entity->access($operation, $user, TRUE)
132 ->willReturn($expected_parent_result)
135 $this->blockEntity->setAccessDependency($parent_entity->reveal());
138 $this->blockEntity->save();
140 $result = $this->accessControlHandler->access($this->blockEntity, $operation, $user, TRUE);
141 switch ($expected_access) {
143 $this->assertTrue($result->isAllowed());
147 $this->assertTrue($result->isForbidden());
151 $this->assertTrue($result->isNeutral());
155 $this->fail('Unexpected access type');
160 * Dataprovider for testAccess().
162 public function providerTestAccess() {
164 'view:published:reusable' => [
172 'view:unpublished:reusable' => [
180 'view:unpublished:reusable:admin' => [
184 ['administer blocks'],
188 'view:published:reusable:admin' => [
192 ['administer blocks'],
196 'view:published:non_reusable' => [
204 'view:published:non_reusable:parent_allowed' => [
212 'view:published:non_reusable:parent_neutral' => [
220 'view:published:non_reusable:parent_forbidden' => [
229 foreach (['update', 'delete'] as $operation) {
231 $operation . ':published:reusable' => [
239 $operation . ':unpublished:reusable' => [
247 $operation . ':unpublished:reusable:admin' => [
251 ['administer blocks'],
255 $operation . ':published:reusable:admin' => [
259 ['administer blocks'],
263 $operation . ':published:non_reusable' => [
271 $operation . ':published:non_reusable:parent_allowed' => [
279 $operation . ':published:non_reusable:parent_neutral' => [
287 $operation . ':published:non_reusable:parent_forbidden' => [