Problem/Motivation

In #540008: Add a container parameter that can remove the special behavior of UID#1 an approach was taken where we can simply flag tests that are failing if we turn off user 1's super user powers, so that they can be taken care of in a followup. This issue is to collect all of these followups.

The goal is to have no tests in Drupal core that rely on UID1's special privileges so that we:

  1. Know these tests are correctly assigning the necessary permissions to run
  2. Can turn off the super user access policy in D11, knowing it won't break core
  3. Can remove the super user access policy in D12, providing an admin account recovery tool to replace it

Steps to reproduce

Go into any of the tests flagged with:

  /**
   * {@inheritdoc}
   *
   * @todo Remove and fix test to not rely on super user.
   * @see https://www.drupal.org/project/drupal/issues/3437620
   */

And:

  1. Remove the code below that sets the usesSuperUserAccessPolicy to TRUE.
  2. Run the test to see which test methods are failing

Proposed resolution

Assign the right permissions to make the test go green without the super user access policy. Those few tests that specifically test said policy can obviously stay, but will be removed along with the policy in D12.

Remaining tasks

  • core/modules/block/tests/src/
    • Functional/BlockHtmlTest.php
    • Functional/BlockXssTest.php
    • FunctionalJavascript/BlockContextualLinksTest.php

Issue fork drupal-3439829

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

vensires created an issue. See original summary.

vensires’s picture

vensires
Location Greece
commented
Title: Fix all tests that rely on UID1's super user behavior - Blocks » Fix Blocks tests that rely on UID1's super user behavior

dimitriskr made their first commit to this issue’s fork.

thebumik made their first commit to this issue’s fork.

thebumik changed the visibility of the branch 3439829-fix-blocks-tests to hidden.

thebumik opened merge request !7422

thebumik’s picture

thebumik commented
Status: Active » Needs review

Would greatly appreciate it if someone could review my pull request for this. Any feedback would be invaluable!

smustgrave’s picture

smustgrave commented
Status: Needs review » Needs work

Appears to have some javascript failures that appear to be related.

thebumik’s picture

thebumik commented
Status: Needs work » Needs review
nicxvan’s picture

nicxvan commented
Status: Needs review » Reviewed & tested by the community

The tests are now green and you removed the super user option from all three listed files.

I see you also removed a root login and cleaned up some comments.

Looks great to me.

nicxvan’s picture

nicxvan commented

To add to my review as far as I can tell the permissions given were the minimal needed.

      'administer blocks',
      'access administration pages',

and then the one testing contextual links also had:

      'access contextual links',

  • larowlan committed f48f361e on 11.x 
    Issue #3439829 by thebumik, dimitriskr, vensires: Fix Blocks tests that...

  • larowlan committed bdf86730 on 10.3.x 
    Issue #3439829 by thebumik, dimitriskr, vensires: Fix Blocks tests that...
larowlan’s picture

larowlan
Location 🇦🇺🏝.au GMT+10
commented
Version: 11.x-dev » 10.3.x-dev
Status: Reviewed & tested by the community » Fixed

Committed to 11,x and backported to 10.3.x
Thanks!

larowlan closed merge request !7422

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.