Commit 0ce78238 authored by Liam Morland's avatar Liam Morland
Browse files

Merge branch 'feature/ISTWCMS-4530-l26yan-Add-and-configure-user-protect-module' into '8.x-3.x'

ISTWCMS-4530: Add and configure User Protect module

See merge request !62
parents a19e64c6 de9fe937
......@@ -104,6 +104,7 @@ class UwWcmsBasicTest extends BrowserTestBase {
$test_paths = [
'' => TRUE,
'admin' => [
'uw_role_site_owner',
'uw_role_site_manager',
'uw_role_content_editor',
'uw_role_content_author',
......@@ -178,6 +179,7 @@ class UwWcmsBasicTest extends BrowserTestBase {
$roles = [
'authenticated user',
'administrator',
'uw_role_site_owner',
'uw_role_site_manager',
'uw_role_content_editor',
'uw_role_content_author',
......@@ -905,6 +907,32 @@ class UwWcmsBasicTest extends BrowserTestBase {
$this->assertSession()->checkboxNotChecked('edit-uw-role-content-author-assign-roles');
$this->assertSession()->checkboxNotChecked('edit-uw-role-form-editor-assign-roles');
$this->assertSession()->checkboxNotChecked('edit-uw-role-form-results-access-assign-roles');
// Check Edit protection rule Authenticated user page.
$this->drupalGet('admin/config/people/userprotect/manage/uw_protect_authenticated_user');
$this->assertSession()->statusCodeEquals(200);
// Get Name field value: Authenticated user.
$this->getSession()->getPage()->findField('edit-label')->getValue('Authenticated user');
// Get Role field value: Authenticated user.
$this->getSession()->getPage()->findById('edit-entity-id')->getValue('Authenticated user');
// Only status and cancel operation are checked in proection field.
$this->assertSession()->checkboxChecked('edit-protection-user-status');
$this->assertSession()->checkboxChecked('edit-protection-user-delete');
$this->assertSession()->checkboxNotChecked('edit-protection-user-name');
$this->assertSession()->checkboxNotChecked('edit-protection-user-mail');
$this->assertSession()->checkboxNotChecked('edit-protection-user-pass');
$this->assertSession()->checkboxNotChecked('edit-protection-user-roles');
$this->assertSession()->checkboxNotChecked('edit-protection-user-edit');
// Only Administrator is checked in Bypass for roles.
$this->assertSession()->checkboxChecked('edit-bypass-roles-administrator');
$this->assertSession()->checkboxNotChecked('edit-bypass-roles-anonymous');
$this->assertSession()->checkboxNotChecked('edit-bypass-roles-authenticated');
$this->assertSession()->checkboxNotChecked('edit-bypass-roles-uw-role-site-owner');
$this->assertSession()->checkboxNotChecked('edit-bypass-roles-uw-role-site-manager');
$this->assertSession()->checkboxNotChecked('edit-bypass-roles-uw-role-content-editor');
$this->assertSession()->checkboxNotChecked('edit-bypass-roles-uw-role-content-author');
$this->assertSession()->checkboxNotChecked('edit-bypass-roles-uw-role-form-editor');
$this->assertSession()->checkboxNotChecked('edit-bypass-roles-uw-role-form-results-access');
// The other users do not have access permissions and roleassign pages.
$roles = [
'authenticated user',
......@@ -920,7 +948,43 @@ class UwWcmsBasicTest extends BrowserTestBase {
$this->assertSession()->statusCodeEquals(403);
$this->drupalGet('admin/people/roleassign');
$this->assertSession()->statusCodeEquals(403);
$this->drupalGet('admin/config/people/userprotect/manage/uw_protect_authenticated_user');
$this->assertSession()->statusCodeEquals(403);
}
// Administrator still has access to "status" and "cancel account"
// options for users with all roles..
$this->drupalLogin($this->drupalUsers['administrator']);
$this->drupalGet('admin/people');
$this->assertSession()->statusCodeEquals(200);
$this->getSession()->getPage()->clickLink('uw_role_site_owner');
$this->getSession()->getPage()->clickLink('Edit');
$this->assertSession()->pageTextContains('Status');
$this->assertSession()->buttonExists('edit-delete');
$this->drupalLogout();
// Site owner oes not have access to "status" and "cancel account"
// for other users.
$this->drupalLogin($this->drupalUsers['uw_role_site_owner']);
$this->drupalGet('admin/people');
$this->assertSession()->statusCodeEquals(200);
$this->getSession()->getPage()->clickLink('uw_role_site_manager');
$this->getSession()->getPage()->clickLink('Edit');
$this->assertSession()->pageTextContains('has been protected from the following editing operations: Status');
$this->assertSession()->buttonNotExists('edit-delete');
$this->drupalLogout();
// All other roles (e.g. site manager) do not have access
// to other accounts (e.g. content author).
$this->drupalLogin($this->drupalUsers['uw_role_site_manager']);
$this->drupalGet('users/uwrolecontentauthor');
$this->assertSession()->statusCodeEquals(403);
// The users are able to change their own account (email and password).
$this->drupalGet('users/uwrolesitemanager');
$this->assertSession()->statusCodeEquals(200);
$this->clickLink('Edit profile');
$this->assertSession()->statusCodeEquals(200);
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment