3 namespace Drupal\Tests\media_entity\Functional;
5 use Drupal\media_entity\Entity\Media;
6 use Drupal\user\Entity\Role;
9 * Basic access tests for Media Entity.
13 class MediaAccessTest extends MediaEntityFunctionalTestBase {
16 * The test media bundle.
18 * @var \Drupal\media_entity\MediaBundleInterface
20 protected $testBundle;
25 protected function setUp() {
27 $this->testBundle = $this->drupalCreateMediaBundle();
31 * Test some access control functionality.
33 public function testMediaAccess() {
35 $assert_session = $this->assertSession();
38 $media = Media::create([
39 'bundle' => $this->testBundle->id(),
43 $user_media = Media::create([
44 'bundle' => $this->testBundle->id(),
46 'uid' => $this->nonAdminUser->id(),
50 // We are logged-in as admin, so test 'administer media' permission.
51 $this->drupalGet('media/' . $user_media->id());
52 $assert_session->statusCodeEquals(200);
53 $this->drupalGet('media/' . $user_media->id() . '/edit');
54 $assert_session->statusCodeEquals(200);
55 $this->drupalGet('media/' . $user_media->id() . '/delete');
56 $assert_session->statusCodeEquals(200);
58 $this->drupalLogin($this->nonAdminUser);
59 /** @var \Drupal\user\RoleInterface $role */
60 $role = Role::load('authenticated');
62 // Test 'view media' permission.
63 $this->drupalGet('media/' . $media->id());
64 $assert_session->statusCodeEquals(403);
65 $this->grantPermissions($role, ['view media']);
66 $this->drupalGet('media/' . $media->id());
67 $assert_session->statusCodeEquals(200);
69 // Test 'create media' permission.
70 $this->drupalGet('media/add/' . $this->testBundle->id());
71 $assert_session->statusCodeEquals(403);
72 $this->grantPermissions($role, ['create media']);
73 $this->drupalGet('media/add/' . $this->testBundle->id());
74 $assert_session->statusCodeEquals(200);
76 // Test 'update media' and 'delete media' permissions.
77 $this->drupalGet('media/' . $user_media->id() . '/edit');
78 $assert_session->statusCodeEquals(403);
79 $this->drupalGet('media/' . $user_media->id() . '/delete');
80 $assert_session->statusCodeEquals(403);
81 $this->grantPermissions($role, ['update media']);
82 $this->grantPermissions($role, ['delete media']);
83 $this->drupalGet('media/' . $user_media->id() . '/edit');
84 $assert_session->statusCodeEquals(200);
85 $this->drupalGet('media/' . $user_media->id() . '/delete');
86 $assert_session->statusCodeEquals(200);
88 // Test 'update any media' and 'delete any media' permissions.
89 $this->drupalGet('media/' . $media->id() . '/edit');
90 $assert_session->statusCodeEquals(403);
91 $this->drupalGet('media/' . $media->id() . '/delete');
92 $assert_session->statusCodeEquals(403);
93 $this->grantPermissions($role, ['update any media']);
94 $this->grantPermissions($role, ['delete any media']);
95 $this->drupalGet('media/' . $media->id() . '/edit');
96 $assert_session->statusCodeEquals(200);
97 $this->drupalGet('media/' . $media->id() . '/delete');
98 $assert_session->statusCodeEquals(200);