3 namespace Drupal\Tests\editor\Functional;
5 use Drupal\Component\Serialization\Json;
6 use Drupal\Core\EventSubscriber\MainContentViewSubscriber;
7 use Drupal\filter\Entity\FilterFormat;
8 use Drupal\Tests\BrowserTestBase;
11 * Tests Quick Edit module integration endpoints.
15 class QuickEditIntegrationLoadingTest extends BrowserTestBase {
22 public static $modules = ['quickedit', 'filter', 'node', 'editor'];
25 * The basic permissions necessary to view content and use in-place editing.
29 protected static $basicPermissions = ['access content', 'create article content', 'use text format filtered_html', 'access contextual links'];
31 protected function setUp() {
34 // Create a text format.
35 $filtered_html_format = FilterFormat::create([
36 'format' => 'filtered_html',
37 'name' => 'Filtered HTML',
45 $filtered_html_format->save();
47 // Create a node type.
48 $this->drupalCreateContentType([
53 // Create one node of the above node type using the above text format.
54 $this->drupalCreateNode([
58 'value' => '<p>Do you also love Drupal?</p><img src="druplicon.png" data-caption="Druplicon" />',
59 'format' => 'filtered_html',
66 * Test loading of untransformed text when a user doesn't have access to it.
68 public function testUsersWithoutPermission() {
69 // Create 3 users, each with insufficient permissions, i.e. without either
70 // or both of the following permissions:
71 // - the 'access in-place editing' permission
72 // - the 'edit any article content' permission (necessary to edit node 1)
74 $this->drupalCreateUser(static::$basicPermissions),
75 $this->drupalCreateUser(array_merge(static::$basicPermissions, ['edit any article content'])),
76 $this->drupalCreateUser(array_merge(static::$basicPermissions, ['access in-place editing'])),
79 // Now test with each of the 3 users with insufficient permissions.
80 foreach ($users as $user) {
81 $this->drupalLogin($user);
82 $this->drupalGet('node/1');
84 // Ensure the text is transformed.
85 $this->assertRaw('<p>Do you also love Drupal?</p><figure role="group" class="caption caption-img"><img src="druplicon.png" /><figcaption>Druplicon</figcaption></figure>');
87 $client = $this->getHttpClient();
89 // Retrieving the untransformed text should result in an 403 response and
90 // return a different error message depending of the missing permission.
91 $response = $client->post($this->buildUrl('editor/node/1/body/en/full'), [
92 'query' => http_build_query([MainContentViewSubscriber::WRAPPER_FORMAT => 'drupal_ajax']),
93 'cookies' => $this->getSessionCookies(),
95 'Accept' => 'application/json',
96 'Content-Type' => 'application/x-www-form-urlencoded',
98 'http_errors' => FALSE,
101 $this->assertEquals(403, $response->getStatusCode());
102 if (!$user->hasPermission('access in-place editing')) {
103 $message = "The 'access in-place editing' permission is required.";
109 $body = Json::decode($response->getBody());
110 $this->assertIdentical($message, $body['message']);
115 * Test loading of untransformed text when a user does have access to it.
117 public function testUserWithPermission() {
118 $user = $this->drupalCreateUser(array_merge(static::$basicPermissions, ['edit any article content', 'access in-place editing']));
119 $this->drupalLogin($user);
120 $this->drupalGet('node/1');
122 // Ensure the text is transformed.
123 $this->assertRaw('<p>Do you also love Drupal?</p><figure role="group" class="caption caption-img"><img src="druplicon.png" /><figcaption>Druplicon</figcaption></figure>');
124 $client = $this->getHttpClient();
125 $response = $client->post($this->buildUrl('editor/node/1/body/en/full'), [
126 'query' => http_build_query([MainContentViewSubscriber::WRAPPER_FORMAT => 'drupal_ajax']),
127 'cookies' => $this->getSessionCookies(),
129 'Accept' => 'application/json',
130 'Content-Type' => 'application/x-www-form-urlencoded',
132 'http_errors' => FALSE,
135 $this->assertEquals(200, $response->getStatusCode());
136 $ajax_commands = Json::decode($response->getBody());
137 $this->assertIdentical(1, count($ajax_commands), 'The untransformed text POST request results in one AJAX command.');
138 $this->assertIdentical('editorGetUntransformedText', $ajax_commands[0]['command'], 'The first AJAX command is an editorGetUntransformedText command.');
139 $this->assertIdentical('<p>Do you also love Drupal?</p><img src="druplicon.png" data-caption="Druplicon" />', $ajax_commands[0]['data'], 'The editorGetUntransformedText command contains the expected data.');