diff --git a/src/Access/SwitchAccessCheck.php b/src/Access/SwitchAccessCheck.php index c9b596c..806c509 100644 --- a/src/Access/SwitchAccessCheck.php +++ b/src/Access/SwitchAccessCheck.php @@ -36,7 +36,7 @@ class SwitchAccessCheck implements AccessInterface { $account_roles = $account->getRoles(); foreach ($account_roles as $role_id) { $role = Role::load($role_id); - if (preg_match("/masquerade as \d+/", $role)) { + if (preg_match("/masquerade as \d+/", $role->id())) { return AccessResult::allowed()->cachePerUser(); } } diff --git a/src/Tests/MasqueradeAccessTest.php b/src/Tests/MasqueradeAccessTest.php index 9c005ad..5dd9ff1 100644 --- a/src/Tests/MasqueradeAccessTest.php +++ b/src/Tests/MasqueradeAccessTest.php @@ -15,95 +15,11 @@ use Drupal\Core\Session\UserSession; * * @todo Convert into DUTB. This is essentially a unit test for * masquerade_target_user_access() only. + * + * @group masquerade */ class MasqueradeAccessTest extends MasqueradeWebTestBase { - public static $modules = array('node', 'comment'); - - public static function getInfo() { - return array( - 'name' => 'Masquerade Access', - 'description' => 'Tests masquerade access mechanism.', - 'group' => 'Masquerade', - ); - } - - function setUp() { - parent::setUp(); - - // Create and configure User module's admin role. - // Users in this role get all permissions assigned by default. - $this->admin_role = entity_create('user_role', array( - 'id' => 'administrator', - 'label' => 'Administrator', - )); - $this->admin_role->save(); - $this->container->get('config.factory') - ->get('user.settings') - ->set('admin_role', $this->admin_role->id()) - ->save(); - $permissions = $this->container->get('module_handler')->invokeAll('permission'); - user_role_grant_permissions($this->admin_role->id(), array_keys($permissions)); - - // Create an additional 'moderator' role with some typical permissions. - $this->moderator_role = entity_create('user_role', array( - 'id' => 'moderator', - 'label' => 'Moderator', - )); - $this->moderator_role->save(); - user_role_grant_permissions($this->moderator_role->id(), array_keys(user_permission())); - user_role_grant_permissions($this->moderator_role->id(), array_keys(comment_permission())); - - // Create an additional 'editor' role with some typical permissions. - $this->editor_role = entity_create('user_role', array( - 'id' => 'editor', - 'label' => 'Editor', - )); - $this->editor_role->save(); - user_role_grant_permissions($this->editor_role->id(), array_keys(node_permission())); - - // Create a 'masquerade' role. - $this->masquerade_role = entity_create('user_role', array( - 'id' => 'masquerade', - 'label' => 'Masquerade', - )); - $this->masquerade_role->save(); - user_role_grant_permissions($this->masquerade_role->id(), array('masquerade')); - - // Create test users with varying privilege levels: - // uid 1. - //$this->root_user - - // Administrative user with User module's admin role *only*. - $this->admin_user = $this->drupalCreateUser(); - $this->admin_user->setUsername('admin_user'); - $this->admin_user->addRole($this->admin_role->id()); - $this->admin_user->save(); - - // Moderator user. - $this->moderator_user = $this->drupalCreateUser(); - $this->moderator_user->setUsername('moderator_user'); - $this->moderator_user->addRole($this->moderator_role->id()); - $this->moderator_user->addRole($this->masquerade_role->id()); - $this->moderator_user->save(); - - // Editor user. - $this->editor_user = $this->drupalCreateUser(); - $this->editor_user->setUsername('editor_user'); - $this->editor_user->addRole($this->editor_role->id()); - $this->editor_user->addRole($this->masquerade_role->id()); - $this->editor_user->save(); - - // Masquerade user. - $this->masquerade_user = $this->drupalCreateUser(); - $this->masquerade_user->setUsername('masquerade_user'); - $this->masquerade_user->addRole($this->masquerade_role->id()); - $this->masquerade_user->save(); - - // Authenticated user. - $this->auth_user = $this->drupalCreateUser(); - } - /** * Tests masquerade access for different source and target users. * @@ -153,7 +69,7 @@ class MasqueradeAccessTest extends MasqueradeWebTestBase { $edit = array( 'masquerade_as' => $this->masquerade_user->getUsername(), ); - $this->drupalPost('masquerade', $edit, t('Switch')); + $this->drupalPostForm('masquerade', $edit, t('Switch')); $this->assertRaw(t('You cannot masquerade as yourself. Please choose a different user to masquerade as.')); $this->assertNoText(t('Unmasquerade')); @@ -173,7 +89,7 @@ class MasqueradeAccessTest extends MasqueradeWebTestBase { $edit = array( 'masquerade_as' => $target_account->getUsername(), ); - $this->drupalPost('masquerade', $edit, t('Switch')); + $this->drupalPostForm('masquerade', $edit, t('Switch')); $this->assertNoRaw(t('You are not allowed to masquerade as %name.', array( '%name' => $target_account->getUsername(), ))); @@ -190,7 +106,7 @@ class MasqueradeAccessTest extends MasqueradeWebTestBase { $edit = array( 'masquerade_as' => $target_account->getUsername(), ); - $this->drupalPost('masquerade', $edit, t('Switch')); + $this->drupalPostForm('masquerade', $edit, t('Switch')); $this->assertRaw(t('You are not allowed to masquerade as %name.', array( '%name' => $target_account->getUsername(), ))); diff --git a/src/Tests/MasqueradeTest.php b/src/Tests/MasqueradeTest.php index a992ebb..9a61bce 100644 --- a/src/Tests/MasqueradeTest.php +++ b/src/Tests/MasqueradeTest.php @@ -9,33 +9,24 @@ namespace Drupal\masquerade\Tests; /** * Tests form permissions and user switching functionality. + * + * @group masquerade */ class MasqueradeTest extends MasqueradeWebTestBase { - public static function getInfo() { - return array( - 'name' => 'Masquerade functionality', - 'description' => 'Tests form permissions and user switching functionality.', - 'group' => 'Masquerade', - ); - } - function testMasquerade() { - $this->admin_user = $this->drupalCreateUser(array('masquerade')); - $this->web_user = $this->drupalCreateUser(); - $this->drupalLogin($this->admin_user); // Verify that a token is required. $this->drupalGet('user/0/masquerade'); $this->assertResponse(403); - $this->drupalGet('user/' . $this->web_user->id() . '/masquerade'); + $this->drupalGet('user/' . $this->auth_user->id() . '/masquerade'); $this->assertResponse(403); // Verify that the admin user is able to masquerade. $this->assertSessionByUid($this->admin_user->id(), FALSE); - $this->masqueradeAs($this->web_user); - $this->assertSessionByUid($this->web_user->id(), $this->admin_user->id()); + $this->masqueradeAs($this->auth_user); + $this->assertSessionByUid($this->auth_user->id(), $this->admin_user->id()); $this->assertNoSessionByUid($this->admin_user->id()); // Verify that a token is required to unmasquerade. @@ -51,8 +42,8 @@ class MasqueradeTest extends MasqueradeWebTestBase { $this->assertResponse(403); // Verify that the user can unmasquerade. - $this->unmasquerade($this->web_user); - $this->assertNoSessionByUid($this->web_user->id()); + $this->unmasquerade($this->auth_user); + $this->assertNoSessionByUid($this->auth_user->id()); $this->assertSessionByUid($this->admin_user->id(), FALSE); } diff --git a/src/Tests/MasqueradeWebTestBase.php b/src/Tests/MasqueradeWebTestBase.php index 56a7e0b..0a3516c 100644 --- a/src/Tests/MasqueradeWebTestBase.php +++ b/src/Tests/MasqueradeWebTestBase.php @@ -8,8 +8,12 @@ namespace Drupal\masquerade\Tests; use Drupal\Component\Utility\Crypt; +use Drupal\Component\Utility\String; +use Drupal\Core\Site\Settings; use Drupal\simpletest\WebTestBase; +use Drupal\user\RoleInterface; use Drupal\user\UserInterface; +use stdClass; /** * Base test class for Masquerade module web tests. @@ -20,7 +24,124 @@ use Drupal\user\UserInterface; */ abstract class MasqueradeWebTestBase extends WebTestBase { - public static $modules = array('masquerade'); + /** + * {@inheritdoc} + */ + public static $modules = array('masquerade', 'node', 'comment', 'user'); + + /** + * Various users for the tests. + * + * @var \Drupal\user\UserInterface + */ + protected $admin_user, $auth_user, $editor_user, $masquerade_user, $moderator_user, $root_user; + + /** + * Various roles for the tests. + * + * @var \Drupal\user\RoleInterface + */ + protected $admin_role, $editor_role, $masquerade_role, $moderator_role; + + /** + * {@inheritdoc} + */ + function setUp() { + parent::setUp(); + + // Create and configure User module's admin role. + // Users in this role get all permissions assigned by default. + $this->admin_role = entity_create('user_role', array( + 'id' => 'administrator', + 'label' => 'Administrator', + )); + $this->admin_role->save(); + $this->container->get('config.factory') + ->getEditable('user.settings') + ->set('admin_role', $this->admin_role->id()) + ->save(); + $permissions = $this->container->get('user.permissions')->getPermissions(); + foreach (array_keys($permissions) as $permission) { + $this->admin_role->grantPermission($permission); + } + $this->admin_role->save(); + + // Create an additional 'moderator' role with some typical permissions. + $this->moderator_role = entity_create('user_role', array( + 'id' => 'moderator', + 'label' => 'Moderator', + )); + $this->grantRolePermissions($this->moderator_role, 'comment'); + $this->grantRolePermissions($this->moderator_role, 'user'); + $this->moderator_role->save(); + + // Create an additional 'editor' role with some typical permissions. + $this->editor_role = entity_create('user_role', array( + 'id' => 'editor', + 'label' => 'Editor', + )); + $this->grantRolePermissions($this->editor_role, 'node'); + $this->editor_role->save(); + + // Create a 'masquerade' role. + $this->masquerade_role = entity_create('user_role', array( + 'id' => 'masquerade', + 'label' => 'Masquerade', + )); + $this->grantRolePermissions($this->masquerade_role, 'masquerade'); + $this->masquerade_role->save(); + + // Create test users with varying privilege levels: + // uid 1. + $this->root_user = $this->drupalCreateUser(); + $this->root_user->addRole($this->admin_role->id()); + $this->root_user->save(); + + // Administrative user with User module's admin role *only*. + $this->admin_user = $this->drupalCreateUser(); + $this->admin_user->setUsername('admin_user'); + $this->admin_user->addRole($this->admin_role->id()); + $this->admin_user->save(); + + // Moderator user. + $this->moderator_user = $this->drupalCreateUser(); + $this->moderator_user->setUsername('moderator_user'); + $this->moderator_user->addRole($this->moderator_role->id()); + $this->moderator_user->addRole($this->masquerade_role->id()); + $this->moderator_user->save(); + + // Editor user. + $this->editor_user = $this->drupalCreateUser(); + $this->editor_user->setUsername('editor_user'); + $this->editor_user->addRole($this->editor_role->id()); + $this->editor_user->addRole($this->masquerade_role->id()); + $this->editor_user->save(); + + // Masquerade user. + $this->masquerade_user = $this->drupalCreateUser(); + $this->masquerade_user->setUsername('masquerade_user'); + $this->masquerade_user->addRole($this->masquerade_role->id()); + $this->masquerade_user->save(); + + // Authenticated user. + $this->auth_user = $this->drupalCreateUser(); + } + + /** + * Helper function to grant all of a module's permissions to a role. + * + * @param \Drupal\user\RoleInterface $role + * A Role object. + * @param string $module_name + * Name of the module to grant permissions for. + */ + protected function grantRolePermissions(RoleInterface $role, $module_name) { + foreach ($this->container->get('user.permissions')->getPermissions() as $permission => $definition) { + if ($definition['provider'] == $module_name) { + $role->grantPermission($permission); + } + } + } /** * Masquerades as another user. @@ -84,8 +205,11 @@ abstract class MasqueradeWebTestBase extends WebTestBase { $result = db_query('SELECT * FROM {sessions} WHERE uid = :uid', array( ':uid' => $uid, ))->fetchAll(); - // If there is more than one session, then that must be unexpected. - if (count($result) > 1) { + if (empty($result)) { + $this->fail(String::format('No session found for uid @uid', array('@uid' => $uid))); + } + elseif (count($result) > 1) { + // If there is more than one session, then that must be unexpected. $this->fail("Found more than 1 session for uid $uid."); } else { @@ -119,6 +243,7 @@ abstract class MasqueradeWebTestBase extends WebTestBase { } } else { + $session = new stdClass(); $session->session = array(); } @@ -159,7 +284,7 @@ abstract class MasqueradeWebTestBase extends WebTestBase { // Use the session_id assigned by WebTestBase::drupalLogin() instead of // $this->session_id until the core bug is fixed. $session_id = isset($this->loggedInUser->session_id) ? $this->loggedInUser->session_id : ''; - return Crypt::hmacBase64($value, $session_id . $private_key . drupal_get_hash_salt()); + return Crypt::hmacBase64($value, $session_id . $private_key . Settings::getHashSalt()); } }