[drupal-devel] [SimpleTest] preparing to test xxxxx_access hook

Kuba Zygmunt kuba.zygmunt at gmail.com
Sat Jun 18 09:26:43 UTC 2005


After reading once more time, from Drupal.org site :

   * Build a few tests which exercise Drupal's access control
mechanism. In particular,
     the user_access() function. Assure that the right page is shown
when denied

I was thinking how to test Drupal. I've found two ways:
 One -> testing user_access function, by starting xxx_access (for ex.
story_access) function in Drupal test unit.
 Second -> testing web response on specific request, in this way, I
will have to simulate browser.

Yesterday night I focused on story_access function. I write simple
test which needs to be improved:
function testStoryAccess() {
   global $user;

       $tempUser = $user; // store global variable in a templ
       $op = 'create';
       unset($user);  // or $user =""; to delete global variable;
       $user->uid = 2; // $user_id
       $node->uid = 2; // $node_id
       $result = story_access($op, $node );

       $this->assertTrue($result, 'Bad access hook');

       // przywroc usera
       $user = $tempUser; // restore global variable,

so I can change $user->uid, and $node->uid, and $op (create, edit etc)
 to test behavior of story_access(), I can also put it in the loop to
test all uids existing in our installation. But it isn't necessary, I
think. Maybe the solution is to test all uid which belong to different
roles. I can obtain from database uid and the roles assigned to them,
them check what permission they have ( in the table {permission} ) and
finally build right test using assertTrue or assertFalse for example
if in the role doesn't exist right perm then will be assertFalse )

Do you think, is it  a good idea ?
(in shortly)
1. get uid of users with different roles,
2. check perm string for each role.
3. build test ( False or True )
4. test all cases in the loop

Kuba Zygmunt

More information about the drupal-devel mailing list