$nid =
$this->
uploadNodeFile($test_file,
$field_name,
$type_name, TRUE,
['private' => TRUE
]);
\Drupal::
entityTypeManager()->
getStorage('node'
)->
resetCache([$nid]);
/** @var \Drupal\node\NodeInterface $node */
$node =
$node_storage->
load($nid);
$node_file = File::
load($node->
{$field_name}->target_id
);
// Ensure the file can be viewed.
$this->
drupalGet('node/' .
$node->
id());
$this->
assertSession()->
responseContains($node_file->
getFilename());
// Ensure the file can be downloaded.
$this->
drupalGet($node_file->
createFileUrl(FALSE
));
$this->
assertSession()->
statusCodeEquals(200
);
$this->
drupalLogOut();
// Ensure the file cannot be downloaded after logging out.
$this->
drupalGet($node_file->
createFileUrl(FALSE
));
$this->
assertSession()->
statusCodeEquals(403
);
// Create a field with no view access. See
// field_test_entity_field_access().
$no_access_field_name = 'field_no_view_access';
$this->
createFileField($no_access_field_name, 'node',
$type_name,
['uri_scheme' => 'private'
]);
// Test with the field that should deny access through field access.
$this->
drupalLogin($this->adminUser
);
$nid =
$this->
uploadNodeFile($test_file,
$no_access_field_name,
$type_name, TRUE,
['private' => TRUE
]);