3 namespace Drupal\Tests\views\Kernel\Handler;
5 use Drupal\user\Entity\Role;
6 use Drupal\user\Entity\User;
7 use Drupal\views\Entity\View;
8 use Drupal\Tests\views\Kernel\ViewsKernelTestBase;
9 use Drupal\views\Views;
12 * Provides a base class for base field access in views.
14 abstract class FieldFieldAccessTestBase extends ViewsKernelTestBase {
17 * Stores an user entity with access to fields.
19 * @var \Drupal\user\UserInterface
21 protected $userWithAccess;
24 * Stores an user entity without access to fields.
26 * @var \Drupal\user\UserInterface
28 protected $userWithoutAccess;
33 public static $modules = ['user'];
38 protected function setUp($import_test_views = TRUE) {
39 parent::setUp($import_test_views);
41 $this->installEntitySchema('user');
43 $role_with_access = Role::create([
44 'id' => 'with_access',
45 'permissions' => ['view test entity field'],
47 $role_with_access->save();
48 $role_without_access = Role::create([
49 'id' => 'without_access',
52 $role_without_access->save();
54 $this->userWithAccess = User::create([
55 'name' => $this->randomMachineName(),
56 'roles' => [$role_with_access->id()],
58 $this->userWithAccess->save();
59 $this->userWithoutAccess = User::create([
60 'name' => $this->randomMachineName(),
61 'roles' => [$role_without_access->id()],
63 $this->userWithoutAccess->save();
67 * Checks views field access for a given entity type and field name.
69 * To use this method, set up an entity of type $entity_type_id, with field
70 * $field_name. Create an entity instance that contains content $field_content
73 * This method will check that a user with permission can see the content in a
74 * view, and a user without access permission on that field cannot.
76 * @param string $entity_type_id
78 * @param string $field_name
80 * @param string $field_content
81 * The expected field content.
83 protected function assertFieldAccess($entity_type_id, $field_name, $field_content) {
84 \Drupal::state()->set('views_field_access_test-field', $field_name);
86 $entity_type = \Drupal::entityManager()->getDefinition($entity_type_id);
87 $view_id = $this->randomMachineName();
88 $data_table = $entity_type->getDataTable();
89 // Use the data table as long as the field is not 'uuid'. This is the only
90 // column that can only be obtained from the base table.
91 $base_table = ($data_table && ($field_name !== 'uuid')) ? $data_table : $entity_type->getBaseTable();
92 $entity = View::create([
94 'base_table' => $base_table,
97 'display_plugin' => 'default',
99 'display_options' => [
102 'table' => $base_table,
103 'field' => $field_name,
105 'plugin_id' => 'field',
114 /** @var \Drupal\Core\Session\AccountSwitcherInterface $account_switcher */
115 $account_switcher = \Drupal::service('account_switcher');
117 /** @var \Drupal\Core\Render\RendererInterface $renderer */
118 $renderer = \Drupal::service('renderer');
120 $account_switcher->switchTo($this->userWithAccess);
121 $executable = Views::getView($view_id);
122 $build = $executable->preview();
123 $this->setRawContent($renderer->renderRoot($build));
125 $this->assertText($field_content);
126 $this->assertTrue(isset($executable->field[$field_name]));
128 $account_switcher->switchTo($this->userWithoutAccess);
129 $executable = Views::getView($view_id);
130 $build = $executable->preview();
131 $this->setRawContent($renderer->renderRoot($build));
133 $this->assertNoText($field_content);
134 $this->assertFalse(isset($executable->field[$field_name]));
136 \Drupal::state()->delete('views_field_access_test-field');