ISTWCMS-4530 Test user protect

tests/src/Functional/UwWcmsBasicTest.php

@@ -951,6 +951,40 @@ class UwWcmsBasicTest extends BrowserTestBase {
       $this->drupalGet('admin/config/people/userprotect/manage/uw_protect_authenticated_user');
       $this->assertSession()->statusCodeEquals(403);
     }
+
+    // Administrator still has access to "status" and "cancel account"
+    // options for users with all roles..
+    $this->drupalLogin($this->drupalUsers['administrator']);
+    $this->drupalGet('admin/people');
+    $this->assertSession()->statusCodeEquals(200);
+    $this->getSession()->getPage()->clickLink('uw_role_site_owner');
+    $this->getSession()->getPage()->clickLink('Edit');
+    $this->assertSession()->pageTextContains('Status');
+    $this->assertSession()->buttonExists('edit-delete');
+    $this->drupalLogout();
+
+    // Site owner oes not have access to "status" and "cancel account"
+    // for other users.
+    $this->drupalLogin($this->drupalUsers['uw_role_site_owner']);
+    $this->drupalGet('admin/people');
+    $this->assertSession()->statusCodeEquals(200);
+    $this->getSession()->getPage()->clickLink('uw_role_site_manager');
+    $this->getSession()->getPage()->clickLink('Edit');
+    $this->assertSession()->pageTextContains('has been protected from the following editing operations: Status');
+    $this->assertSession()->buttonNotExists('edit-delete');
+    $this->drupalLogout();
+
+    // All other roles (e.g. site manager) do not have access
+    // to other accounts (e.g. content author).
+    $this->drupalLogin($this->drupalUsers['uw_role_site_manager']);
+    $this->drupalGet('users/uwrolecontentauthor');
+    $this->assertSession()->statusCodeEquals(403);
+
+    // The users are able to change their own account (email and password).
+    $this->drupalGet('users/uwrolesitemanager');
+    $this->assertSession()->statusCodeEquals(200);
+    $this->clickLink('Edit profile');
+    $this->assertSession()->statusCodeEquals(200);
   }
 
 }