search

localgovdrupal / localgov_microsites_group

LocalGov Drupal Microsites Group integration
1 stars 2 forks source link

Rewrite kernel tests to functional tests for failing testGetPermissions() #427

Open finnlewis opened 1 year ago

finnlewis commented 1 year ago

See https://github.com/localgovdrupal/localgov_microsites_group/blob/2.x/tests/src/Kernel/GroupPermissionsHelperTest.php#L141

https://github.com/localgovdrupal/localgov_microsites_group/issues/396#issuecomment-1739399147

This is the test that is failing: https://github.com/localgovdrupal/localgov_microsites_group/blob/2.x/tests/src/Kernel/GroupPermissionsHelperTest.php#L141

Can anyone re-write this test to test in a different way? @ekes was wondering if maybe a functional browser test to do the same thing might be appropriate?

@millnut might be able to look at this 😄

finnlewis commented 1 year ago

@ekes and @millnut I've just been testing the group content permissions in the browser and I'm getting some funny results.

Fresh install composer create-project localgovdrupal/localgov_microsites_project:3.x-dev MY_PROJECT --no-install;

  1. Create microsites controller user
  2. Create a microsite admin user
  3. Create a microsite
  4. Assign admin user to microsite 1
  5. On another browser, log into microsite 1 as admin1 https://localgov-micro-1.lndo.site/user/login
  6. Create content at https://localgov-micro-1.lndo.site/group/1/node/create
  7. See blog post:
  8. https://localgov-micro-1.lndo.site/group/1/content/create/group_node%3Alocalgov_blog_post

Now then...

  1. Go back to the control site logged in as user 1.
  2. Edit group type permissions: https://localgov-micro.lndo.site/admin/group/types/manage/microsite/permissions
  3. Remove all permissions for blog posts and channels from 'Member' and 'Admin' roles
  4. Save
  5. Clear cache

image

Expected behaviour: the admin1 user on site1 should not be able to create blog posts.

Observed behaviour: the admin1 user on site1 CAN create blog posts.

finnlewis commented 1 year ago

Further to this... I've tried the group settings where we have the ability to enable and disable content types for each group, and this does not appear to have any effect either:

image

finnlewis commented 12 months ago

@hc-konrad follow this issue for udates!

xtianjohnson commented 12 months ago

@xtianjohnson following for updates.

ekes commented 11 months ago

Manual testing core D10 + group + group_permissions.

Granting group_permissions to a role any group seems to effect all the groups (at least that the user is a member of).

So far so... there's certainly a thing going on between group + group_permissions at the moment that's not specific to localgov microsites.

millnut commented 11 months ago

Thanks for digging into this more @ekes it looks like we have ended up on the conclusion with it being group_permissions, do you think it's worth adding that as a note to https://www.drupal.org/project/group_permissions/issues/3388880

ekes commented 11 months ago

https://www.drupal.org/project/group_permissions/issues/3395306

The test certainly confirms the cache clear issue, but also if I'm correct shows removal of permissions failing again.

ekes commented 11 months ago

I'll be honest here. My temptation is now to remove group_permissions and use custom entity access to set if content can be created - it will then always be possible to be viewed if it has been created.