'Organic groups access', 'description' => 'Test the visibility of nodes that are handled by organic groups access.', 'group' => 'Organic groups access', ); } function setUp() { parent::setUp('entity', 'og', 'og_access'); node_access_rebuild(); } /** * Group with access field . */ function testOgAccess() { $user1 = $this->drupalCreateUser(); $user2 = $this->drupalCreateUser(); $this->drupalLogin($user1); // Create group and group content node types. $group_type = $this->drupalCreateContentType(); og_create_field(OG_GROUP_FIELD, 'node', $group_type->type); og_create_field(OG_ACCESS_FIELD, 'node', $group_type->type); // Create a group node and enable access. $settings = array(); $settings['type'] = $group_type->type; $settings[OG_GROUP_FIELD][LANGUAGE_NONE][0]['value'] = 1; $settings[OG_ACCESS_FIELD][LANGUAGE_NONE][0]['value'] = 1; $group_node = $this->drupalCreateNode($settings); $group = og_get_group('node', $group_node->nid); // Assert the user is a group member. $this->assertTrue(og_is_member($group->gid, 'user', $user1), t('User is a group member.')); // Assert the user can view the group. $this->drupalGet('node/' . $group_node->nid); $this->assertResponse('200', t('Group member can view group node.')); // Assert another user is not a group member. $this->drupalLogin($user2); $this->assertFalse(og_is_member($group->gid, 'user', $user2), t('User is not a group member.')); // Assert non-member can't view the group. $this->drupalGet('node/' . $group_node->nid); $this->assertResponse('403', t('Non group member can not view group node.')); } /** * Group with access field and group content with default definition. */ function testOgContentAccessDefault() { $user1 = $this->drupalCreateUser(); $user2 = $this->drupalCreateUser(); $this->drupalLogin($user1); // Create group and group content node types. $group_type = $this->drupalCreateContentType(); og_create_field(OG_GROUP_FIELD, 'node', $group_type->type); og_create_field(OG_ACCESS_FIELD, 'node', $group_type->type); $group_content_type = $this->drupalCreateContentType(); og_create_field(OG_AUDIENCE_FIELD, 'node', $group_content_type->type); og_create_field(OG_CONTENT_ACCESS_FIELD, 'node', $group_content_type->type); // Create a group node and enable access. $settings = array(); $settings['type'] = $group_type->type; $settings[OG_GROUP_FIELD][LANGUAGE_NONE][0]['value'] = 1; $settings[OG_ACCESS_FIELD][LANGUAGE_NONE][0]['value'] = 1; $group_node = $this->drupalCreateNode($settings); $group = og_get_group('node', $group_node->nid); // Create a group content node and set default access. $settings = array(); $settings['type'] = $group_content_type->type; $settings[OG_AUDIENCE_FIELD][LANGUAGE_NONE][0]['gid'] = $group->gid; $settings[OG_CONTENT_ACCESS_FIELD][LANGUAGE_NONE][0]['value'] = OG_CONTENT_ACCESS_DEFAULT; $group_content_node = $this->drupalCreateNode($settings); // Assert the user can view the group. // Assert the user is a group member. $this->assertTrue(og_is_member($group->gid, 'user', $user1), t('User is a group member.')); $this->drupalGet('node/' . $group_content_node->nid); $this->assertResponse('200', t('Group member can view group node.')); // Assert another user is not a group member. $this->drupalLogin($user2); $this->assertFalse(og_is_member($group->gid, 'user', $user2), t('User is not a group member.')); // Assert non-member can't view the group. $this->drupalGet('node/' . $group_content_node->nid); $this->assertResponse('403', t('Non group member can not view group node.')); } /** * Group with access field and group content with different definition from * the group. */ function testOgContentAccessNotDefault() { $user1 = $this->drupalCreateUser(); $user2 = $this->drupalCreateUser(); $this->drupalLogin($user1); // Create group and group content node types. $group_type = $this->drupalCreateContentType(); og_create_field(OG_GROUP_FIELD, 'node', $group_type->type); og_create_field(OG_ACCESS_FIELD, 'node', $group_type->type); $group_content_type = $this->drupalCreateContentType(); og_create_field(OG_AUDIENCE_FIELD, 'node', $group_content_type->type); og_create_field(OG_CONTENT_ACCESS_FIELD, 'node', $group_content_type->type); // Test group content access, one time when the group is set to be public, // and one time set to private. foreach (array(0, 1) as $state) { // Make sure user1 is logged in. $this->drupalLogin($user1); // Create a group node and enable access. $settings = array(); $settings['type'] = $group_type->type; $settings[OG_GROUP_FIELD][LANGUAGE_NONE][0]['value'] = 1; $settings[OG_ACCESS_FIELD][LANGUAGE_NONE][0]['value'] = $state; $group_node = $this->drupalCreateNode($settings); $group = og_get_group('node', $group_node->nid); // Create a group content node and set public access. $settings = array(); $settings['type'] = $group_content_type->type; $settings[OG_AUDIENCE_FIELD][LANGUAGE_NONE][0]['gid'] = $group->gid; $settings[OG_CONTENT_ACCESS_FIELD][LANGUAGE_NONE][0]['value'] = OG_CONTENT_ACCESS_PUBLIC; $public_node = $this->drupalCreateNode($settings); // Create a group content node and set private access. $settings[OG_CONTENT_ACCESS_FIELD][LANGUAGE_NONE][0]['value'] = OG_CONTENT_ACCESS_PRIVATE; $private_node = $this->drupalCreateNode($settings); // Assert the user can view the group. $this->assertTrue(og_is_member($group->gid, 'user', $user1), t('User is a group member.')); $this->drupalGet('node/' . $public_node->nid); $this->assertResponse('200', t('Group member can view public group node.')); $this->drupalGet('node/' . $private_node->nid); $this->assertResponse('200', t('Group member can view private group node.')); // Assert another user is not a group member. $this->drupalLogin($user2); $this->assertFalse(og_is_member($group->gid, 'user', $user2), t('User is not a group member.')); // Assert non-member can't view the group. $this->drupalGet('node/' . $public_node->nid); $this->assertResponse('200', t('Non group member can view public group node.')); $this->drupalGet('node/' . $private_node->nid); $this->assertResponse('403', t('Non group member can not view private group node.')); } } /** * Test "Strict private" variable enabled or disabled. */ function testOgStrictPrivate() { $user1 = $this->drupalCreateUser(); $user2 = $this->drupalCreateUser(); $this->drupalLogin($user1); // Create group and group content node types. $group_type = $this->drupalCreateContentType(); og_create_field(OG_GROUP_FIELD, 'node', $group_type->type); og_create_field(OG_ACCESS_FIELD, 'node', $group_type->type); $group_content_type = $this->drupalCreateContentType(); og_create_field(OG_AUDIENCE_FIELD, 'node', $group_content_type->type); og_create_field(OG_CONTENT_ACCESS_FIELD, 'node', $group_content_type->type); // Create a group node and set as private. $settings = array(); $settings['type'] = $group_type->type; $settings[OG_GROUP_FIELD][LANGUAGE_NONE][0]['value'] = 1; $settings[OG_ACCESS_FIELD][LANGUAGE_NONE][0]['value'] = 1; $group_node1 = $this->drupalCreateNode($settings); $group1 = og_get_group('node', $group_node1->nid); // Create a group node and set as public. $settings[OG_ACCESS_FIELD][LANGUAGE_NONE][0]['value'] = 0; $group_node2 = $this->drupalCreateNode($settings); $group2 = og_get_group('node', $group_node2->nid); // Create a group content node and set default access. $settings = array(); $settings['type'] = $group_content_type->type; $settings[OG_AUDIENCE_FIELD][LANGUAGE_NONE][0]['gid'] = $group1->gid; $settings[OG_AUDIENCE_FIELD][LANGUAGE_NONE][1]['gid'] = $group2->gid; $settings[OG_CONTENT_ACCESS_FIELD][LANGUAGE_NONE][0]['value'] = OG_CONTENT_ACCESS_DEFAULT; $node = $this->drupalCreateNode($settings); // Assert the user can view the group. $this->assertTrue(og_is_member($group1->gid, 'user', $user1), t('User is a group member.')); $this->drupalGet('node/' . $node->nid); $this->assertResponse('200', t('Group member can view public group node.')); // Assert another user is not a group member. $this->drupalLogin($user2); $this->assertFalse(og_is_member($group1->gid, 'user', $user2), t('User is not a group member.')); // Strict private enabled. variable_set('group_access_strict_private', 1); $this->drupalGet('node/' . $node->nid); $this->assertResponse('403', t('Non group member can not view group node when "strict private" is enabled.')); // Assert all groups were registered in {node_access}. $records = db_query('SELECT realm, gid FROM {node_access} WHERE nid = :nid', array(':nid' => $node->nid))->fetchAll(); $this->assertEqual(count($records), 2, t('Returned the correct number of rows.')); $this->assertEqual($records[0]->realm, 'group_access_authenticated', t('Grant realm is correct for public group content.')); $this->assertEqual($records[0]->gid, $group1->gid, t('First gid is the first group ID.')); $this->assertEqual($records[1]->gid, $group2->gid, t('Second gid is the second group ID.')); // Strict private enabled. variable_set('group_access_strict_private', 0); node_access_rebuild(); $this->drupalGet('node/' . $node->nid); $this->assertResponse('200', t('Non group member can view public group node.')); // Assert "all" realm was registered in {node_access}. $records = db_query('SELECT realm, gid FROM {node_access} WHERE nid = :nid', array(':nid' => $node->nid))->fetchAll(); $this->assertEqual(count($records), 1, t('Returned the correct number of rows.')); $this->assertEqual($records[0]->realm, 'all', t('Grant realm is correct for public group content.')); } }