grantPermissions example

$this->drupalGet('admin/people/permissions/module/node,automated_cron');
    $this->assertSession()->statusCodeEquals(403);
  }

  /** * Verify that bundle-specific pages work properly. */
  public function testAccessBundlePermission() {
    $this->drupalLogin($this->adminUser);

    \Drupal::service('module_installer')->install(['contact', 'taxonomy']);
    $this->grantPermissions(Role::load($this->rid)['administer contact forms', 'administer taxonomy']);

    // Bundles that do not have permissions have no permissions pages.     $edit = [];
    $edit['label'] = 'Test contact type';
    $edit['id'] = 'test_contact_type';
    $edit['recipients'] = 'webmaster@example.com';
    $this->drupalGet('admin/structure/contact/add');
    $this->submitForm($edit, 'Save');
    $this->assertSession()->pageTextContains('Contact form ' . $edit['label'] . ' has been added.');
    $this->drupalGet('admin/structure/contact/manage/test_contact_type/permissions');
    $this->assertSession()->statusCodeEquals(403);

    
$refreshableApps = $refreshableApps->filter($requestedApps);
        }

        if ($refreshableApps->isEmpty()) {
            $io->note('Nothing to install, update or delete.');

            return self::SUCCESS;
        }

        if (!$input->getOption('force')) {
            try {
                $this->grantPermissions($refreshableApps$io);
            } catch (UserAbortedCommandException) {
                $io->error('Aborting due to user input.');

                return self::FAILURE;
            }
        }

        if (!$input->getOption('no-validate')) {
            $hasViolations = $this->validateRefreshableApps($refreshableApps$io$context);

            if ($hasViolations === 1) {
                

    if (isset($weight)) {
      $role->set('weight', $weight);
    }
    $result = $role->save();

    $this->assertSame(SAVED_NEW, $resultnew FormattableMarkup('Created role ID @rid with name @name.', ['@name' => var_export($role->label(), TRUE), '@rid' => var_export($role->id(), TRUE)]));

    if ($result === SAVED_NEW) {
      // Grant the specified permissions to the role, if any.       if (!empty($permissions)) {
        $this->grantPermissions($role$permissions);
        $assigned_permissions = Role::load($role->id())->getPermissions();
        $missing_permissions = array_diff($permissions$assigned_permissions);
        $this->assertEmpty($missing_permissions);
      }
      return $role->id();
    }
    else {
      return FALSE;
    }
  }

  
// Test permissions.     $this->drupalLogin($this->nonAdminUser);
    /** @var \Drupal\user\RoleInterface $role */
    $role = Role::load(RoleInterface::AUTHENTICATED_ID);

    // Test 'view all media revisions' permission ('view media' permission is     // needed as well).     user_role_revoke_permissions($role->id()['view media', 'view all media revisions']);
    $this->drupalGet('media/' . $media->id() . '/revisions/' . $media->getRevisionId() . '/view');
    $assert->statusCodeEquals(403);
    $this->grantPermissions($role['view media', 'view all media revisions']);
    $this->drupalGet('media/' . $media->id() . '/revisions/' . $media->getRevisionId() . '/view');
    $assert->statusCodeEquals(200);

    // Confirm the revision page shows the correct title.     $assert->pageTextContains($media->getName());

    // Confirm that the last revision is the default revision.     $this->assertTrue($media->isDefaultRevision(), 'Last revision is the default.');
  }

  /** * Tests creating revisions of a File media item. */
// Verify that unprivileged users can't access the widget view.     $this->drupalGet('admin/content/media-widget', $url_options);
    $assert_session->responseContains('Access denied');
    $this->drupalGet('admin/content/media-widget-table', $url_options);
    $assert_session->responseContains('Access denied');
    $this->drupalGet('media-library', $url_options);
    $assert_session->responseContains('Access denied');

    // Allow users with 'view media' permission to access the media library view     // and controller. Since we are using the node entity type in the state     // object, ensure the user also has permission to work with those.     $this->grantPermissions($role[
      'create basic_page content',
      'view media',
    ]);
    $this->drupalGet('admin/content/media-widget', $url_options);
    $assert_session->elementExists('css', '.js-media-library-view');
    $this->drupalGet('admin/content/media-widget-table', $url_options);
    $assert_session->elementExists('css', '.js-media-library-view');
    $this->drupalGet('media-library', $url_options);
    $assert_session->elementExists('css', '.js-media-library-view');
    // Assert the user does not have access to the media add form if the user     // does not have the 'create media' permission.
protected function getAuthenticationRequestOptions($method) {
    return [];
  }

  /** * Grants permissions to the anonymous role. * * @param string[] $permissions * Permissions to grant. */
  protected function grantPermissionsToAnonymousRole(array $permissions) {
    $this->grantPermissions(Role::load(RoleInterface::ANONYMOUS_ID)$permissions);
  }

  /** * Grants permissions to the authenticated role. * * @param string[] $permissions * Permissions to grant. */
  protected function grantPermissionsToAuthenticatedRole(array $permissions) {
    $this->grantPermissions(Role::load(RoleInterface::AUTHENTICATED_ID)$permissions);
  }

  
$uuid = $node->uuid();

    // Assert the precondition: the 'ca' translation has a different title.     $document = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid));
    $document_ca = Json::decode($this->drupalGet('/ca/jsonapi/node/article/' . $uuid));
    $this->assertSame('en', $document['data']['attributes']['langcode']);
    $this->assertSame('ca', $document_ca['data']['attributes']['langcode']);
    $this->assertSame($node->getTitle()$document['data']['attributes']['title']);
    $this->assertSame($node->getTitle() . ' (ca)', $document_ca['data']['attributes']['title']);

    // PATCH the 'ca' translation.     $this->grantPermissions(Role::load(RoleInterface::ANONYMOUS_ID)[
      'bypass node access',
    ]);
    $request_options = [];
    $request_options[RequestOptions::HEADERS]['Content-Type'] = 'application/vnd.api+json';
    $request_options[RequestOptions::BODY] = Json::encode([
      'data' => [
        'type' => 'node--article',
        'id' => $uuid,
        'attributes' => [
          'title' => $document_ca['data']['attributes']['title'] . ' UPDATED',
        ],
      ],
// Create a few example media items for use in selection.     $this->createMediaItems([
      'type_one' => [
        'Cat',
        'Dog',
      ],
    ]);

    // Allow the anonymous user to create pages and view media.     $role = Role::load(RoleInterface::ANONYMOUS_ID);
    $this->grantPermissions($role[
      'access content',
      'create basic_page content',
      'view media',
    ]);
  }

  /** * Tests that the widget works as expected for anonymous users. */
  public function testWidgetAnonymous() {
    $assert_session = $this->assertSession();

    
public function testBlocks() {
    foreach ($this->getBlockTests() as $test) {
      call_user_func_array([$this, 'doTestBlocks']array_values($test));
    }
  }

  /** * Tests opening off-canvas dialog by click blocks and elements in the blocks. */
  protected function doTestBlocks($theme$block_plugin$new_page_text$element_selector$label_selector$button_text$toolbar_item$permissions) {
    if ($permissions) {
      $this->grantPermissions(Role::load(Role::AUTHENTICATED_ID)$permissions);
    }
    if ($new_page_text) {
      // Some asserts can be based on this value, so it should not be the same       // for different blocks, because it can be saved in the site config.       $new_page_text = $new_page_text . ' ' . $theme . ' ' . $block_plugin;
    }
    $web_assert = $this->assertSession();
    $page = $this->getSession()->getPage();
    $this->enableTheme($theme);
    $block = $this->placeBlock($block_plugin);
    $block_selector = $this->getBlockSelector($block);
    
$this->drupalLogin($this->nonAdminUser);
    /** @var \Drupal\user\RoleInterface $role */
    $role = Role::load(RoleInterface::AUTHENTICATED_ID);

    user_role_revoke_permissions($role->id()['view media']);

    // Test 'create BUNDLE media' permission.     $this->drupalGet('media/add/' . $media_type->id());
    $this->assertCacheContext('user.permissions');
    $assert_session->statusCodeEquals(403);
    $permissions = ['create ' . $media_type->id() . ' media'];
    $this->grantPermissions($role$permissions);
    $this->drupalGet('media/add/' . $media_type->id());
    $this->assertCacheContext('user.permissions');
    $assert_session->statusCodeEquals(200);
    user_role_revoke_permissions($role->id()$permissions);
    $role = Role::load(RoleInterface::AUTHENTICATED_ID);

    // Verify the author can not view the unpublished media item without     // 'view own unpublished media' permission.     $this->grantPermissions($role['view media']);
    $this->drupalGet('media/' . $user_media->id());
    $this->assertNoCacheContext('user');
    
public function testContextualLinksVisibility() {
    $this->drupalGet('user');
    $contextualLinks = $this->assertSession()->waitForElement('css', '.contextual button');
    $this->assertEmpty($contextualLinks);

    // Ensure visibility remains correct after cached paged load.     $this->drupalGet('user');
    $contextualLinks = $this->assertSession()->waitForElement('css', '.contextual button');
    $this->assertEmpty($contextualLinks);

    // Grant permissions to use contextual links on blocks.     $this->grantPermissions(Role::load(Role::AUTHENTICATED_ID)[
      'access contextual links',
      'administer blocks',
    ]);

    $this->drupalGet('user');
    $contextualLinks = $this->assertSession()->waitForElement('css', '.contextual button');
    $this->assertNotEmpty($contextualLinks);

    // Confirm touchevents detection is loaded with Contextual Links     $this->assertSession()->elementExists('css', 'html.no-touchevents');

    
return NULL;
  }

  /** * Grants permissions to the authenticated role. * * @param string[] $permissions * Permissions to grant. */
  protected function grantPermissionsToTestedRole(array $permissions) {
    $this->grantPermissions(Role::load(RoleInterface::AUTHENTICATED_ID)$permissions);
  }

  /** * Revokes permissions from the authenticated role. * * @param string[] $permissions * Permissions to revoke. */
  protected function revokePermissionsFromTestedRole(array $permissions) {
    $role = Role::load(RoleInterface::AUTHENTICATED_ID);
    foreach ($permissions as $permission) {
      
$this->user = $this->drupalCreateUser([
      'create article content',
      'edit any article content',
      'delete any article content',
    ]);

    // Create a user that can.     $this->userCanViewProfiles = $this->drupalCreateUser([
      'access user profiles',
    ]);

    $this->grantPermissions(Role::load(RoleInterface::ANONYMOUS_ID)[
      'access user profiles',
      'administer taxonomy',
    ]);

    \Drupal::service('router.builder')->rebuild();
  }

  /** * Performs a HTTP request. Wraps the Guzzle HTTP client. * * Why wrap the Guzzle HTTP client? Because any error response is returned via * an exception, which would make the tests unnecessarily complex to read. * * @param string $method * HTTP method. * @param \Drupal\Core\Url $url * URL to request. * @param array $request_options * Request options to apply. * * @return \Psr\Http\Message\ResponseInterface * The request response. * * @throws \GuzzleHttp\Exception\GuzzleException * * @see \GuzzleHttp\ClientInterface::request */
/** * Tests that the Media overview page (/admin/content/media). */
  public function testMediaOverviewPage() {
    $assert_session = $this->assertSession();

    // Check the view exists, is access-restricted, and some defaults are there.     $this->drupalGet('/admin/content/media');
    $assert_session->statusCodeEquals(403);
    $role = Role::load(RoleInterface::AUTHENTICATED_ID);
    $this->grantPermissions($role['access media overview']);
    $this->getSession()->reload();
    $assert_session->statusCodeEquals(200);
    $assert_session->titleEquals('Media | Drupal');
    $assert_session->fieldExists('Media name');
    $assert_session->selectExists('type');
    $assert_session->selectExists('status');
    $assert_session->selectExists('langcode');
    $assert_session->buttonExists('Filter');
    $header = $assert_session->elementExists('css', 'th#view-thumbnail-target-id-table-column');
    $this->assertSame('Thumbnail', $header->getText());
    $header = $assert_session->elementExists('css', 'th#view-name-table-column');
    
'access toolbar',
    ]);
    $this->drupalLogin($user);
  }

  /** * Tests blocks with overridden related configuration removed when overridden. */
  public function testOverriddenConfigurationRemoved() {
    $web_assert = $this->assertSession();
    $page = $this->getSession()->getPage();
    $this->grantPermissions(Role::load(Role::AUTHENTICATED_ID)['administer site configuration', 'administer menu']);

    // Confirm the branding block does include 'site_information' section when     // the site name is not overridden.     $branding_block = $this->placeBlock('system_branding_block');
    $this->drupalGet('user');
    $this->enableEditMode();
    $this->openBlockForm($this->getBlockSelector($branding_block));
    $web_assert->fieldExists('settings[site_information][site_name]');
    // Confirm the branding block does not include 'site_information' section     // when the site name is overridden.     $this->container->get('state')->set('settings_tray_override_test.site_name', TRUE);
    
Home | Imprint | This part of the site doesn't use cookies.