/**
* Tests role requirements on routes.
*
* @param string $path
* The path to check access for.
* @param array $grant_accounts
* A list of accounts which should have access to the given path.
* @param array $deny_accounts
* A list of accounts which should not have access to the given path.
*
* @see \Drupal\Tests\Core\Route\RouterRoleTest::getTestRouteCollection
* @see \Drupal\Tests\Core\Route\RouterRoleTest::roleAccessProvider
*
* @dataProvider roleAccessProvider
*/
public function testRoleAccess($path, $grant_accounts, $deny_accounts)
{
$role_access_check = new RoleAccessCheck();
$collection = $this->getTestRouteCollection();
foreach ($grant_accounts as $account) {
$message = sprintf('Access granted for user with the roles %s on path: %s', implode(', ', $account->getRoles()), $path);
$this->assertEquals(AccessResult::allowed()->addCacheContexts(['user.roles']), $role_access_check->access($collection->get($path), $account), $message);
}
// Check all users which don't have access.
foreach ($deny_accounts as $account) {
$message = sprintf('Access denied for user %s with the roles %s on path: %s', $account->id(), implode(', ', $account->getRoles()), $path);
$has_access = $role_access_check->access($collection->get($path), $account);
$this->assertEquals(AccessResult::neutral()->addCacheContexts(['user.roles']), $has_access, $message);
}
}
/**
* Tests role requirements on routes.
*
* @param string $path
* The path to check access for.
* @param array $grant_accounts
* A list of accounts which should have access to the given path.
* @param array $deny_accounts
* A list of accounts which should not have access to the given path.
*
* @see \Drupal\Tests\Core\Route\RouterRoleTest::getTestRouteCollection
* @see \Drupal\Tests\Core\Route\RouterRoleTest::roleAccessProvider
*
* @dataProvider roleAccessProvider
*/
public function testRoleAccess($path, $grant_accounts, $deny_accounts)
{
$role_access_check = new RoleAccessCheck();
$collection = $this->getTestRouteCollection();
foreach ($grant_accounts as $account) {
$message = sprintf('Access granted for user with the roles %s on path: %s', implode(', ', $account->getRoles()), $path);
$this->assertSame(AccessCheckInterface::ALLOW, $role_access_check->access($collection->get($path), $account), $message);
}
// Check all users which don't have access.
foreach ($deny_accounts as $account) {
$message = sprintf('Access denied for user %s with the roles %s on path: %s', $account->id(), implode(', ', $account->getRoles()), $path);
$has_access = $role_access_check->access($collection->get($path), $account);
$this->assertSame(AccessCheckInterface::DENY, $has_access, $message);
}
}
/**
* Tests role requirements on routes.
*
* @param string $path
* The path to check access for.
* @param array $grant_accounts
* A list of accounts which should have access to the given path.
* @param array $deny_accounts
* A list of accounts which should not have access to the given path.
*
* @see \Drupal\Tests\Core\Route\RouterRoleTest::getTestRouteCollection
* @see \Drupal\Tests\Core\Route\RouterRoleTest::roleAccessProvider
*
* @dataProvider roleAccessProvider
*/
public function testRoleAccess($path, $grant_accounts, $deny_accounts)
{
$cache_contexts_manager = $this->prophesize(CacheContextsManager::class);
$cache_contexts_manager->assertValidTokens()->willReturn(TRUE);
$cache_contexts_manager->reveal();
$container = new Container();
$container->set('cache_contexts_manager', $cache_contexts_manager);
\Drupal::setContainer($container);
$role_access_check = new RoleAccessCheck();
$collection = $this->getTestRouteCollection();
foreach ($grant_accounts as $account) {
$message = sprintf('Access granted for user with the roles %s on path: %s', implode(', ', $account->getRoles()), $path);
$this->assertEquals(AccessResult::allowed()->addCacheContexts(['user.roles']), $role_access_check->access($collection->get($path), $account), $message);
}
// Check all users which don't have access.
foreach ($deny_accounts as $account) {
$message = sprintf('Access denied for user %s with the roles %s on path: %s', $account->id(), implode(', ', $account->getRoles()), $path);
$has_access = $role_access_check->access($collection->get($path), $account);
$this->assertEquals(AccessResult::neutral()->addCacheContexts(['user.roles']), $has_access, $message);
}
}
