Ensure private node on /tracker is only visible to users with permission.
function testTrackerNodeAccess() {
// Create user with node test view permission.
$access_user = $this
->drupalCreateUser(array(
'node test view',
'access user profiles',
));
// Create user without node test view permission.
$no_access_user = $this
->drupalCreateuser(array(
'access user profiles',
));
$this
->drupalLogin($access_user);
// Create some nodes.
$private_node = $this
->drupalCreateNode(array(
'title' => t('Private node test'),
'private' => TRUE,
));
$public_node = $this
->drupalCreateNode(array(
'title' => t('Public node test'),
'private' => FALSE,
));
// User with access should see both nodes created.
$this
->drupalGet('tracker');
$this
->assertText($private_node->title, 'Private node is visible to user with private access.');
$this
->assertText($public_node->title, 'Public node is visible to user with private access.');
$this
->drupalGet('user/' . $access_user->uid . '/track');
$this
->assertText($private_node->title, 'Private node is visible to user with private access.');
$this
->assertText($public_node->title, 'Public node is visible to user with private access.');
// User without access should not see private node.
$this
->drupalLogin($no_access_user);
$this
->drupalGet('tracker');
$this
->assertNoText($private_node->title, 'Private node is not visible to user without private access.');
$this
->assertText($public_node->title, 'Public node is visible to user without private access.');
$this
->drupalGet('user/' . $access_user->uid . '/track');
$this
->assertNoText($private_node->title, 'Private node is not visible to user without private access.');
$this
->assertText($public_node->title, 'Public node is visible to user without private access.');
}