function ContactPersonalTest::testPersonalContactAccess

Tests access to the personal contact form.

File

drupal/core/modules/contact/lib/Drupal/contact/Tests/ContactPersonalTest.php, line 84

Definition of Drupal\contact\Tests\ContactPersonalTest.

Class

ContactPersonalTest

Tests the personal contact form.

Namespace

Code

function testPersonalContactAccess() {

  // Test allowed access to admin user's contact form.
  $this
    ->drupalLogin($this->web_user);
  $this
    ->drupalGet('user/' . $this->admin_user->uid . '/contact');
  $this
    ->assertResponse(200);

  // Test denied access to admin user's own contact form.
  $this
    ->drupalLogout();
  $this
    ->drupalLogin($this->admin_user);
  $this
    ->drupalGet('user/' . $this->admin_user->uid . '/contact');
  $this
    ->assertResponse(403);

  // Test allowed access to user with contact form enabled.
  $this
    ->drupalLogin($this->web_user);
  $this
    ->drupalGet('user/' . $this->contact_user->uid . '/contact');
  $this
    ->assertResponse(200);

  // Test denied access to the user's own contact form.
  $this
    ->drupalGet('user/' . $this->web_user->uid . '/contact');
  $this
    ->assertResponse(403);

  // Test always denied access to the anonymous user contact form.
  $this
    ->drupalGet('user/0/contact');
  $this
    ->assertResponse(403);

  // Test that anonymous users can access the contact form.
  $this
    ->drupalLogout();
  user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array(
    'access user contact forms',
  ));
  $this
    ->drupalGet('user/' . $this->contact_user->uid . '/contact');
  $this
    ->assertResponse(200);

  // Test that anonymous users can access admin user's contact form.
  $this
    ->drupalGet('user/' . $this->admin_user->uid . '/contact');
  $this
    ->assertResponse(200);

  // Revoke the personal contact permission for the anonymous user.
  user_role_revoke_permissions(DRUPAL_ANONYMOUS_RID, array(
    'access user contact forms',
  ));
  $this
    ->drupalGet('user/' . $this->contact_user->uid . '/contact');
  $this
    ->assertResponse(403);
  $this
    ->drupalGet('user/' . $this->admin_user->uid . '/contact');
  $this
    ->assertResponse(403);

  // Disable the personal contact form.
  $this
    ->drupalLogin($this->admin_user);
  $edit = array(
    'contact_default_status' => FALSE,
  );
  $this
    ->drupalPost('admin/config/people/accounts', $edit, t('Save configuration'));
  $this
    ->assertText(t('The configuration options have been saved.'), 'Setting successfully saved.');
  $this
    ->drupalLogout();

  // Re-create our contacted user with personal contact forms disabled by
  // default.
  $this->contact_user = $this
    ->drupalCreateUser();

  // Test denied access to a user with contact form disabled.
  $this
    ->drupalLogin($this->web_user);
  $this
    ->drupalGet('user/' . $this->contact_user->uid . '/contact');
  $this
    ->assertResponse(403);

  // Test allowed access for admin user to a user with contact form disabled.
  $this
    ->drupalLogin($this->admin_user);
  $this
    ->drupalGet('user/' . $this->contact_user->uid . '/contact');
  $this
    ->assertResponse(200);

  // Re-create our contacted user as a blocked user.
  $this->contact_user = $this
    ->drupalCreateUser();
  $this->contact_user->status = 0;
  $this->contact_user
    ->save();

  // Test that blocked users can still be contacted by admin.
  $this
    ->drupalGet('user/' . $this->contact_user->uid . '/contact');
  $this
    ->assertResponse(200);

  // Test that blocked users cannot be contacted by non-admins.
  $this
    ->drupalLogin($this->web_user);
  $this
    ->drupalGet('user/' . $this->contact_user->uid . '/contact');
  $this
    ->assertResponse(403);
}