core/modules/file/tests/src/Kernel/FileManagedAccessTest.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

<?php

declare(strict_types=1);

namespace Drupal\Tests\file\Kernel;

use Drupal\Core\Session\AccountInterface;
use Drupal\file\Entity\File;
use Drupal\file\FileInterface;
use Drupal\KernelTests\KernelTestBase;
use Drupal\Tests\user\Traits\UserCreationTrait;
use Drupal\user\Entity\User;

/**
 * Tests access to managed files.
 *
 * @group file
 */
class FileManagedAccessTest extends KernelTestBase {

  use UserCreationTrait;

  /**
   * {@inheritdoc}
   */
  protected static $modules = [
    'file',
    'system',
    'user',
  ];

  /**
   * Tests if public file is always accessible.
   */
  public function testFileAccess(): void {
    $this->installEntitySchema('user');
    $this->installEntitySchema('file');
    $this->installSchema('file', ['file_usage']);
    $this->installConfig('user');

    $anonymous = User::create(['uid' => 0, 'name' => '']);
    $anonymous->save();
    user_role_grant_permissions(AccountInterface::ANONYMOUS_ROLE, ['access content']);

    // Create an authenticated user to check file access.
    $account = $this->createUser(['access site reports', 'access content'], NULL, FALSE, ['uid' => 2]);

    // Create a new file entity in the public:// stream wrapper.
    $file_public = File::create([
      'uid' => 1,
      'filename' => 'drupal.txt',
      'uri' => 'public://drupal.txt',
      'status' => FileInterface::STATUS_PERMANENT,
    ]);
    $file_public->save();

    $this->assertTrue($file_public->access('view', $account));
    $this->assertTrue($file_public->access('download', $account));

    $this->assertTrue($file_public->access('view', $anonymous));
    $this->assertTrue($file_public->access('download', $anonymous));

    // Create a new file entity in the private:// stream wrapper.
    $file_private = File::create([
      'uid' => 1,
      'filename' => 'drupal.txt',
      'uri' => 'private://drupal.txt',
      'status' => FileInterface::STATUS_PERMANENT,
    ]);
    $file_private->save();

    $this->assertFalse($file_private->access('view', $account));
    $this->assertFalse($file_private->access('download', $account));

    $this->assertFalse($file_private->access('view', $anonymous));
    $this->assertFalse($file_private->access('download', $anonymous));
  }

}