class UserCancelTest

Ensure that account cancellation methods work as expected.

Attributes

#[Group('user')] #[RunTestsInSeparateProcesses]

Hierarchy

Expanded class hierarchy of UserCancelTest

File

View on git.drupalcode.org

core/modules/user/tests/src/Functional/UserCancelTest.php, line 22

Namespace

Drupal\Tests\user\Functional
View source 
class UserCancelTest extends BrowserTestBase {
  use CommentTestTrait;
  use NodeAccessTrait;
  
  /**
   * {@inheritdoc}
   */
  protected static $modules = [
    'node',
    'comment',
  ];
  
  /**
   * {@inheritdoc}
   */
  protected $defaultTheme = 'stark';
  
  /**
   * {@inheritdoc}
   */
  protected function setUp() : void {
    parent::setUp();
    $this->drupalCreateContentType([
      'type' => 'page',
      'name' => 'Basic page',
    ]);
  }
  
  /**
   * Attempt to cancel account without permission.
   */
  public function testUserCancelWithoutPermission() : void {
    $node_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('node');
    $this->config('user.settings')
      ->set('cancel_method', 'user_cancel_reassign')
      ->save();
    $user_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('user');
    // Create a user.
    $account = $this->drupalCreateUser([]);
    $this->drupalLogin($account);
    // Load a real user object.
    $account = $user_storage->load($account->id());
    // Create a node.
    $node = $this->drupalCreateNode([
      'uid' => $account->id(),
    ]);
    // Attempt to cancel account.
    $this->drupalGet('user/' . $account->id() . '/edit');
    $this->assertSession()
      ->pageTextNotContains("Cancel account");
    // Attempt bogus account cancellation request confirmation.
    $timestamp = $account->getLastLoginTime();
    $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$timestamp}/" . user_pass_rehash($account, $timestamp));
    $this->assertSession()
      ->statusCodeEquals(403);
    $user_storage->resetCache([
      $account->id(),
    ]);
    $account = $user_storage->load($account->id());
    $this->assertTrue($account->isActive(), 'User account was not canceled.');
    // Confirm user's content has not been altered.
    $node_storage->resetCache([
      $node->id(),
    ]);
    $test_node = $node_storage->load($node->id());
    $this->assertEquals($account->id(), $test_node->getOwnerId(), 'Node of the user has not been altered.');
    $this->assertTrue($test_node->isPublished());
  }
  
  /**
   * Tests ability to change the permission for canceling users.
   */
  public function testUserCancelChangePermission() : void {
    \Drupal::service('module_installer')->install([
      'user_form_test',
    ]);
    $this->config('user.settings')
      ->set('cancel_method', 'user_cancel_reassign')
      ->save();
    // Create a regular user.
    $account = $this->drupalCreateUser([]);
    $admin_user = $this->drupalCreateUser([
      'cancel other accounts',
    ]);
    $this->drupalLogin($admin_user);
    // Delete regular user.
    $this->drupalGet('user_form_test_cancel/' . $account->id());
    $this->submitForm([], 'Confirm');
    // Confirm deletion.
    $this->assertSession()
      ->pageTextContains("Account {$account->getAccountName()} has been deleted.");
    $this->assertNull(User::load($account->id()), 'User is not found in the database.');
  }
  
  /**
   * Tests that user account for uid 1 cannot be cancelled.
   *
   * This should never be possible, or the site owner would become unable to
   * administer the site.
   */
  public function testUserCancelUid1() : void {
    $user_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('user');
    \Drupal::service('module_installer')->install([
      'views',
    ]);
    // Try to cancel uid 1's account with a different user.
    $admin_user = $this->drupalCreateUser([
      'administer users',
    ]);
    $this->drupalLogin($admin_user);
    $edit = [
      'action' => 'user_cancel_user_action',
      'user_bulk_form[0]' => TRUE,
    ];
    $this->drupalGet('admin/people');
    $this->submitForm($edit, 'Apply to selected items');
    // Verify that uid 1's account was not cancelled.
    $user1 = $user_storage->load(1);
    $this->assertTrue($user1->isActive(), 'User #1 still exists and is not blocked.');
  }
  
  /**
   * Attempt invalid account cancellations.
   */
  public function testUserCancelInvalid() : void {
    $node_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('node');
    $this->config('user.settings')
      ->set('cancel_method', 'user_cancel_reassign')
      ->save();
    $user_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('user');
    // Create a user.
    $account = $this->drupalCreateUser([
      'cancel account',
    ]);
    $this->drupalLogin($account);
    // Load a real user object.
    $account = $user_storage->load($account->id());
    // Create a node.
    $node = $this->drupalCreateNode([
      'uid' => $account->id(),
    ]);
    // Attempt to cancel account.
    $this->drupalGet('user/' . $account->id() . '/cancel');
    $timestamp = time();
    $this->submitForm([], 'Confirm');
    $this->assertSession()
      ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
    // Attempt bogus account cancellation request confirmation.
    $bogus_timestamp = $timestamp + 60;
    $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$bogus_timestamp}/" . user_pass_rehash($account, $bogus_timestamp));
    $this->assertSession()
      ->pageTextContains('You have tried to use an account cancellation link that has expired. Request a new one using the form below.');
    $account = $user_storage->load($account->id());
    $this->assertTrue($account->isActive(), 'User account was not canceled.');
    // Attempt expired account cancellation request confirmation.
    $bogus_timestamp = $timestamp - 86400 - 60;
    $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$bogus_timestamp}/" . user_pass_rehash($account, $bogus_timestamp));
    $this->assertSession()
      ->pageTextContains('You have tried to use an account cancellation link that has expired. Request a new one using the form below.');
    $account = $user_storage->load($account->id());
    $this->assertTrue($account->isActive(), 'User account was not canceled.');
    // Confirm user's content has not been altered.
    $test_node = $node_storage->load($node->id());
    $this->assertEquals($account->id(), $test_node->getOwnerId(), 'Node of the user has not been altered.');
    $this->assertTrue($test_node->isPublished());
  }
  
  /**
   * Disable account and keep all content.
   */
  public function testUserBlock() : void {
    $this->config('user.settings')
      ->set('cancel_method', 'user_cancel_block')
      ->save();
    $user_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('user');
    // Create a user.
    $web_user = $this->drupalCreateUser([
      'cancel account',
    ]);
    $this->drupalLogin($web_user);
    // Load a real user object.
    $account = $user_storage->load($web_user->id());
    // Attempt to cancel account.
    $this->drupalGet('user/' . $account->id() . '/cancel');
    $this->assertSession()
      ->pageTextContains('Are you sure you want to cancel your account?');
    $this->assertSession()
      ->pageTextContains('Your account will be blocked and you will no longer be able to log in. All of your content will remain attributed to your username.');
    $this->assertSession()
      ->pageTextNotContains('Cancellation method');
    // Confirm account cancellation.
    $timestamp = time();
    $this->submitForm([], 'Confirm');
    $this->assertSession()
      ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
    // Confirm account cancellation request.
    $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$timestamp}/" . user_pass_rehash($account, $timestamp));
    $account = $user_storage->load($account->id());
    $this->assertTrue($account->isBlocked(), 'User has been blocked.');
    // Confirm that the confirmation message made it through to the end user.
    $this->assertSession()
      ->pageTextContains("Account {$account->getAccountName()} has been disabled.");
  }
  
  /**
   * Disable account and unpublish all content.
   */
  public function testUserBlockUnpublish() : void {
    $node_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('node');
    $this->config('user.settings')
      ->set('cancel_method', 'user_cancel_block_unpublish')
      ->save();
    // Create comment field on page.
    $this->addDefaultCommentField('node', 'page');
    $user_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('user');
    // Create a user.
    $account = $this->drupalCreateUser([
      'cancel account',
    ]);
    $this->drupalLogin($account);
    // Load a real user object.
    $account = $user_storage->load($account->id());
    // Create a node with two revisions.
    $node = $this->drupalCreateNode([
      'uid' => $account->id(),
    ]);
    $settings = get_object_vars($node);
    $settings['revision'] = 1;
    $node = $this->drupalCreateNode($settings);
    // Add a comment to the page.
    $comment_subject = $this->randomMachineName(8);
    $comment_body = $this->randomMachineName(8);
    $comment = Comment::create([
      'subject' => $comment_subject,
      'comment_body' => $comment_body,
      'entity_id' => $node->id(),
      'entity_type' => 'node',
      'field_name' => 'comment',
      'status' => CommentInterface::PUBLISHED,
      'uid' => $account->id(),
    ]);
    $comment->save();
    // Attempt to cancel account.
    $this->drupalGet('user/' . $account->id() . '/cancel');
    $this->assertSession()
      ->pageTextContains('Are you sure you want to cancel your account?');
    $this->assertSession()
      ->pageTextContains('Your account will be blocked and you will no longer be able to log in. All of your content will be hidden from everyone but administrators.');
    // Confirm account cancellation.
    $timestamp = time();
    $this->submitForm([], 'Confirm');
    $this->assertSession()
      ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
    // Confirm account cancellation request.
    $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$timestamp}/" . user_pass_rehash($account, $timestamp));
    // Confirm that the user was redirected to the front page.
    $this->assertSession()
      ->addressEquals('');
    $this->assertSession()
      ->statusCodeEquals(200);
    // Confirm that the confirmation message made it through to the end user.
    $this->assertSession()
      ->pageTextContains("Account {$account->getAccountName()} has been disabled.");
    $account = $user_storage->load($account->id());
    $this->assertTrue($account->isBlocked(), 'User has been blocked.');
    // Confirm user's content has been unpublished.
    $test_node = $node_storage->load($node->id());
    $this->assertFalse($test_node->isPublished(), 'Node of the user has been unpublished.');
    $test_node = $node_storage->loadRevision($node->getRevisionId());
    $this->assertFalse($test_node->isPublished(), 'Node revision of the user has been unpublished.');
    $storage = \Drupal::entityTypeManager()->getStorage('comment');
    $comment = $storage->load($comment->id());
    $this->assertFalse($comment->isPublished(), 'Comment of the user has been unpublished.');
  }
  
  /**
   * Tests nodes are unpublished even if inaccessible to cancelling user.
   */
  public function testUserBlockUnpublishNodeAccess() : void {
    \Drupal::service('module_installer')->install([
      'node_access_test',
      'user_form_test',
    ]);
    // Setup node access.
    node_access_rebuild();
    $this->addPrivateField(NodeType::load('page'));
    \Drupal::state()->set('node_access_test.private', TRUE);
    $this->config('user.settings')
      ->set('cancel_method', 'user_cancel_block_unpublish')
      ->save();
    // Create a user.
    $user_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('user');
    $account = $this->drupalCreateUser([
      'cancel account',
    ]);
    // Load a real user object.
    $account = $user_storage->load($account->id());
    // Create a published private node.
    $node = $this->drupalCreateNode([
      'uid' => $account->id(),
      'type' => 'page',
      'status' => 1,
      'private' => TRUE,
    ]);
    // Cancel node author.
    $admin_user = $this->drupalCreateUser([
      'cancel other accounts',
    ]);
    $this->drupalLogin($admin_user);
    $this->drupalGet('user_form_test_cancel/' . $account->id());
    $this->submitForm([], 'Confirm');
    // Confirm node has been unpublished, even though the admin user
    // does not have permission to access it.
    $node_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('node');
    $test_node = $node_storage->load($node->id());
    $this->assertFalse($test_node->isPublished(), 'Node of the user has been unpublished.');
  }
  
  /**
   * Delete account and anonymize all content.
   */
  public function testUserAnonymize() : void {
    $node_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('node');
    $this->config('user.settings')
      ->set('cancel_method', 'user_cancel_reassign')
      ->save();
    // Create comment field on page.
    $this->addDefaultCommentField('node', 'page');
    $user_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('user');
    // Create a user.
    $account = $this->drupalCreateUser([
      'cancel account',
    ]);
    $this->drupalLogin($account);
    // Load a real user object.
    $account = $user_storage->load($account->id());
    // Create a simple node.
    $node = $this->drupalCreateNode([
      'uid' => $account->id(),
    ]);
    // Add a comment to the page.
    $comment_subject = $this->randomMachineName(8);
    $comment_body = $this->randomMachineName(8);
    $comment = Comment::create([
      'subject' => $comment_subject,
      'comment_body' => $comment_body,
      'entity_id' => $node->id(),
      'entity_type' => 'node',
      'field_name' => 'comment',
      'status' => CommentInterface::PUBLISHED,
      'uid' => $account->id(),
    ]);
    $comment->save();
    // Create a node with two revisions, the initial one belonging to the
    // cancelling user.
    $revision_node = $this->drupalCreateNode([
      'uid' => $account->id(),
    ]);
    $revision = $revision_node->getRevisionId();
    $settings = get_object_vars($revision_node);
    $settings['revision'] = 1;
    // Set new/current revision to someone else.
    $settings['uid'] = 1;
    $revision_node = $this->drupalCreateNode($settings);
    // Attempt to cancel account.
    $this->drupalGet('user/' . $account->id() . '/cancel');
    $this->assertSession()
      ->pageTextContains('Are you sure you want to cancel your account?');
    $this->assertSession()
      ->pageTextContains("Your account will be removed and all account information deleted. All of your content will be assigned to the {$this->config('user.settings')->get('anonymous')} user.");
    // Confirm account cancellation.
    $timestamp = time();
    $this->submitForm([], 'Confirm');
    $this->assertSession()
      ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
    // Confirm account cancellation request.
    $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$timestamp}/" . user_pass_rehash($account, $timestamp));
    $this->assertNull($user_storage->load($account->id()), 'User is not found in the database.');
    // Confirm that user's content has been attributed to anonymous user.
    $anonymous_user = User::getAnonymousUser();
    $test_node = $node_storage->load($node->id());
    $this->assertEquals(0, $test_node->getOwnerId(), 'Node of the user has been attributed to anonymous user.');
    $this->assertTrue($test_node->isPublished());
    $test_node = $node_storage->loadRevision($revision);
    $this->assertEquals(0, $test_node->getRevisionUser()
      ->id(), 'Node revision of the user has been attributed to anonymous user.');
    $this->assertTrue($test_node->isPublished());
    $test_node = $node_storage->load($revision_node->id());
    $this->assertNotEquals(0, $test_node->getOwnerId(), "Current revision of the user's node was not attributed to anonymous user.");
    $this->assertTrue($test_node->isPublished());
    $storage = \Drupal::entityTypeManager()->getStorage('comment');
    $test_comment = $storage->load($comment->id());
    $this->assertEquals(0, $test_comment->getOwnerId(), 'Comment of the user has been attributed to anonymous user.');
    $this->assertTrue($test_comment->isPublished());
    $this->assertEquals($anonymous_user->getDisplayName(), $test_comment->getAuthorName(), 'Comment of the user has been attributed to anonymous user name.');
    // Confirm that the confirmation message made it through to the end user.
    $this->assertSession()
      ->pageTextContains("Account {$account->getAccountName()} has been deleted.");
  }
  
  /**
   * Delete account and anonymize all content using a batch process.
   *
   * @see \Drupal\node\NodeBulkUpdate::process()
   */
  public function testUserAnonymizeBatch() : void {
    $node_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('node');
    $this->config('user.settings')
      ->set('cancel_method', 'user_cancel_reassign')
      ->save();
    $user_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('user');
    // Create a user.
    $account = $this->drupalCreateUser([
      'cancel account',
    ]);
    $this->drupalLogin($account);
    // Load a real user object.
    $account = $user_storage->load($account->id());
    // Create 11 nodes in order to trigger batch processing.
    $nodes = [];
    for ($i = 0; $i < 11; $i++) {
      $node = $this->drupalCreateNode([
        'uid' => $account->id(),
      ]);
      $nodes[$node->id()] = $node;
    }
    // Attempt to cancel account.
    $this->drupalGet('user/' . $account->id() . '/cancel');
    $this->assertSession()
      ->pageTextContains('Are you sure you want to cancel your account?');
    $this->assertSession()
      ->pageTextContains("Your account will be removed and all account information deleted. All of your content will be assigned to the {$this->config('user.settings')->get('anonymous')} user.");
    // Confirm account cancellation.
    $timestamp = time();
    $this->submitForm([], 'Confirm');
    $this->assertSession()
      ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
    // Confirm account cancellation request.
    $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$timestamp}/" . user_pass_rehash($account, $timestamp));
    $this->assertNull($user_storage->load($account->id()), 'User is not found in the database.');
    // Confirm that user's content has been attributed to anonymous user.
    $node_storage->resetCache(array_keys($nodes));
    $test_nodes = $node_storage->loadMultiple(array_keys($nodes));
    foreach ($test_nodes as $test_node) {
      $this->assertEquals(0, $test_node->getOwnerId(), 'Node ' . $test_node->id() . ' of the user has been attributed to anonymous user.');
      $this->assertTrue($test_node->isPublished());
    }
  }
  
  /**
   * Delete account and remove all content.
   */
  public function testUserDelete() : void {
    $node_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('node');
    $this->config('user.settings')
      ->set('cancel_method', 'user_cancel_delete')
      ->save();
    \Drupal::service('module_installer')->install([
      'comment',
    ]);
    $this->resetAll();
    $this->addDefaultCommentField('node', 'page');
    $user_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('user');
    // Create a user.
    $account = $this->drupalCreateUser([
      'cancel account',
      'post comments',
      'skip comment approval',
    ]);
    $this->drupalLogin($account);
    // Load a real user object.
    $account = $user_storage->load($account->id());
    // Create a simple node.
    $node = $this->drupalCreateNode([
      'uid' => $account->id(),
    ]);
    // Create comment.
    $edit = [];
    $edit['subject[0][value]'] = $this->randomMachineName(8);
    $edit['comment_body[0][value]'] = $this->randomMachineName(16);
    $this->drupalGet('comment/reply/node/' . $node->id() . '/comment');
    $this->submitForm($edit, 'Preview');
    $this->submitForm([], 'Save');
    $this->assertSession()
      ->pageTextContains('Your comment has been posted.');
    $comments = \Drupal::entityTypeManager()->getStorage('comment')
      ->loadByProperties([
      'subject' => $edit['subject[0][value]'],
    ]);
    $comment = reset($comments);
    $this->assertNotEmpty($comment->id(), 'Comment found.');
    // Create a node with two revisions, the initial one belonging to the
    // cancelling user.
    $revision_node = $this->drupalCreateNode([
      'uid' => $account->id(),
    ]);
    $revision = $revision_node->getRevisionId();
    $settings = get_object_vars($revision_node);
    $settings['revision'] = 1;
    // Set new/current revision to someone else.
    $settings['uid'] = 1;
    $revision_node = $this->drupalCreateNode($settings);
    // Attempt to cancel account.
    $this->drupalGet('user/' . $account->id() . '/cancel');
    $this->assertSession()
      ->pageTextContains('Are you sure you want to cancel your account?');
    $this->assertSession()
      ->pageTextContains('Your account will be removed and all account information deleted. All of your content will also be deleted.');
    // Confirm account cancellation.
    $timestamp = time();
    $this->submitForm([], 'Confirm');
    $this->assertSession()
      ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
    // Confirm account cancellation request.
    $this->drupalGet("user/" . $account->id() . "/cancel/confirm/{$timestamp}/" . user_pass_rehash($account, $timestamp));
    $this->assertNull($user_storage->load($account->id()), 'User is not found in the database.');
    // Confirm there's only one session in the database. The user will be logged
    // out and their session migrated.
    // @see _user_cancel_session_regenerate()
    $this->assertSame(1, (int) \Drupal::database()->select('sessions', 's')
      ->countQuery()
      ->execute()
      ->fetchField());
    // Confirm that user's content has been deleted.
    $this->assertNull($node_storage->load($node->id()), 'Node of the user has been deleted.');
    $this->assertNull($node_storage->loadRevision($revision), 'Node revision of the user has been deleted.');
    $this->assertInstanceOf(Node::class, $node_storage->load($revision_node->id()));
    $this->assertNull(Comment::load($comment->id()), 'Comment of the user has been deleted.');
    // Confirm that the confirmation message made it through to the end user.
    $this->assertSession()
      ->pageTextContains("Account {$account->getAccountName()} has been deleted.");
  }
  
  /**
   * Create an administrative user and delete other users.
   */
  public function testUserCancelByAdmin() : void {
    $this->config('user.settings')
      ->set('cancel_method', 'user_cancel_reassign')
      ->save();
    // Create administrative user.
    $admin_user = $this->drupalCreateUser([
      'administer users',
    ]);
    $this->drupalLogin($admin_user);
    // Test deletion of a user account without email confirmation.
    $account1 = $this->drupalCreateUser([]);
    // Delete regular user.
    $this->drupalGet('user/' . $account1->id() . '/cancel');
    $this->assertSession()
      ->pageTextContains("Are you sure you want to cancel the account {$account1->getAccountName()}?");
    $this->assertSession()
      ->pageTextContains('Cancellation method');
    // Confirm deletion.
    $this->submitForm([], 'Confirm');
    $this->assertSession()
      ->pageTextContains("Account {$account1->getAccountName()} has been deleted.");
    $this->assertNull(User::load($account1->id()), 'User is not found in the database.');
    // Test deletion of a user account with email confirmation.
    $account2 = $this->drupalCreateUser([]);
    // Delete regular user.
    $this->drupalGet('user/' . $account2->id() . '/cancel');
    $this->assertSession()
      ->pageTextContains("Are you sure you want to cancel the account {$account2->getAccountName()}?");
    $this->assertSession()
      ->pageTextContains('Cancellation method');
    // Confirm deletion.
    $this->submitForm([
      'edit-user-cancel-confirm' => 1,
    ], 'Confirm');
    $this->assertSession()
      ->pageTextContains("A confirmation request to cancel the account {$account2->getAccountName()} has been sent to the user's email address.");
    $this->assertNotNull(User::load($account2->id()), 'User is found in the database.');
  }
  
  /**
   * Tests deletion of a user account without an email address.
   */
  public function testUserWithoutEmailCancelByAdmin() : void {
    $this->config('user.settings')
      ->set('cancel_method', 'user_cancel_reassign')
      ->save();
    // Create a regular user.
    $account = $this->drupalCreateUser([]);
    // This user has no email address.
    $account->mail = '';
    $account->save();
    // Create administrative user.
    $admin_user = $this->drupalCreateUser([
      'administer users',
    ]);
    $this->drupalLogin($admin_user);
    // Delete regular user without email address.
    $this->drupalGet('user/' . $account->id() . '/cancel');
    $this->assertSession()
      ->pageTextContains("Are you sure you want to cancel the account {$account->getAccountName()}?");
    $this->assertSession()
      ->pageTextContains('Cancellation method');
    // Confirm deletion.
    $this->submitForm([], 'Confirm');
    $this->assertSession()
      ->pageTextContains("Account {$account->getAccountName()} has been deleted.");
    $this->assertNull(User::load($account->id()), 'User is not found in the database.');
  }
  
  /**
   * Create an administrative user and mass-delete other users.
   */
  public function testMassUserCancelByAdmin() : void {
    \Drupal::service('module_installer')->install([
      'views',
    ]);
    $this->config('user.settings')
      ->set('cancel_method', 'user_cancel_reassign')
      ->save();
    $user_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('user');
    // Enable account cancellation notification.
    $this->config('user.settings')
      ->set('notify.status_canceled', TRUE)
      ->save();
    // Create administrative user.
    $admin_user = $this->drupalCreateUser([
      'administer users',
    ]);
    $this->drupalLogin($admin_user);
    // Create some users.
    $users = [];
    for ($i = 0; $i < 3; $i++) {
      $account = $this->drupalCreateUser([]);
      $users[$account->id()] = $account;
    }
    // Cancel user accounts, including own one.
    $edit = [];
    $edit['action'] = 'user_cancel_user_action';
    for ($i = 0; $i <= 4; $i++) {
      $edit['user_bulk_form[' . $i . ']'] = TRUE;
    }
    $this->drupalGet('admin/people');
    $this->submitForm($edit, 'Apply to selected items');
    $this->assertSession()
      ->pageTextContains('Are you sure you want to cancel these user accounts?');
    $this->assertSession()
      ->pageTextContains('Cancellation method');
    $this->assertSession()
      ->pageTextContains('Require email confirmation');
    $this->assertSession()
      ->pageTextContains('Notify user when account is canceled');
    // Confirm deletion.
    $this->submitForm([], 'Confirm');
    $status = TRUE;
    foreach ($users as $account) {
      $status = $status && str_contains($this->getTextContent(), "Account {$account->getAccountName()} has been deleted.");
      $status = $status && !$user_storage->load($account->id());
    }
    $this->assertTrue($status, 'Users deleted and not found in the database.');
    // Ensure that admin account was not cancelled.
    $this->assertSession()
      ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
    $admin_user = $user_storage->load($admin_user->id());
    $this->assertTrue($admin_user->isActive(), 'Administrative user is found in the database and enabled.');
    // Verify that uid 1's account was not cancelled.
    $user1 = $user_storage->load(1);
    $this->assertTrue($user1->isActive(), 'User #1 still exists and is not blocked.');
  }
  
  /**
   * Tests user cancel with node access.
   */
  public function testUserDeleteWithContentAndNodeAccess() : void {
    \Drupal::service('module_installer')->install([
      'node_access_test',
    ]);
    // Rebuild node access.
    node_access_rebuild();
    $account = $this->drupalCreateUser([
      'access content',
    ]);
    $node = $this->drupalCreateNode([
      'type' => 'page',
      'uid' => $account->id(),
    ]);
    $account->delete();
    $load2 = \Drupal::entityTypeManager()->getStorage('node')
      ->load($node->id());
    $this->assertEmpty($load2);
  }
  
  /**
   * Delete account and anonymize all content and it's translations.
   */
  public function testUserAnonymizeTranslations() : void {
    $this->config('user.settings')
      ->set('cancel_method', 'user_cancel_reassign')
      ->save();
    // Create comment field on page.
    $this->addDefaultCommentField('node', 'page');
    $user_storage = $this->container
      ->get('entity_type.manager')
      ->getStorage('user');
    \Drupal::service('module_installer')->install([
      'language',
      'locale',
    ]);
    \Drupal::service('router.builder')->rebuildIfNeeded();
    ConfigurableLanguage::createFromLangcode('ur')->save();
    // Rebuild the container to update the default language container variable.
    $this->rebuildContainer();
    $account = $this->drupalCreateUser([
      'cancel account',
    ]);
    $this->drupalLogin($account);
    $account = $user_storage->load($account->id());
    $node = $this->drupalCreateNode([
      'uid' => $account->id(),
    ]);
    // Add a comment to the page.
    $comment_subject = $this->randomMachineName(8);
    $comment_body = $this->randomMachineName(8);
    $comment = Comment::create([
      'subject' => $comment_subject,
      'comment_body' => $comment_body,
      'entity_id' => $node->id(),
      'entity_type' => 'node',
      'field_name' => 'comment',
      'status' => CommentInterface::PUBLISHED,
      'uid' => $account->id(),
    ]);
    $comment->save();
    $comment->addTranslation('ur', [
      'subject' => 'ur ' . $comment->label(),
      'status' => CommentInterface::PUBLISHED,
    ])
      ->save();
    // Attempt to cancel account.
    $this->drupalGet('user/' . $account->id() . '/cancel');
    $this->assertSession()
      ->pageTextContains('Are you sure you want to cancel your account?');
    $this->assertSession()
      ->pageTextContains('Your account will be removed and all account information deleted. All of your content will be assigned to the ' . $this->config('user.settings')
      ->get('anonymous') . ' user.');
    // Confirm account cancellation.
    $timestamp = time();
    $this->submitForm([], 'Confirm');
    $this->assertSession()
      ->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
    // Confirm account cancellation request.
    $this->drupalGet('user/' . $account->id() . "/cancel/confirm/{$timestamp}/" . user_pass_rehash($account, $timestamp));
    $user_storage->resetCache([
      $account->id(),
    ]);
    $this->assertNull($user_storage->load($account->id()), 'User is not found in the database.');
    // Confirm that user's content has been attributed to anonymous user.
    $anonymous_user = User::getAnonymousUser();
    $storage = \Drupal::entityTypeManager()->getStorage('comment');
    $test_comment = $storage->load($comment->id());
    $this->assertEquals(0, $test_comment->getOwnerId());
    $this->assertTrue($test_comment->isPublished(), 'Comment of the user has been attributed to anonymous user.');
    $this->assertEquals($anonymous_user->getDisplayName(), $test_comment->getAuthorName());
    $comment_translation = $test_comment->getTranslation('ur');
    $this->assertEquals(0, $comment_translation->getOwnerId());
    $this->assertTrue($comment_translation->isPublished(), 'Comment translation of the user has been attributed to anonymous user.');
    $this->assertEquals($anonymous_user->getDisplayName(), $comment_translation->getAuthorName());
    // Confirm that the confirmation message made it through to the end user.
    $this->assertSession()
      ->pageTextContains($account->getAccountName() . ' has been deleted.');
  }

}

Members

Title Deprecated Modifiers Object type Summary Member alias Overriden Title Overrides
BlockCreationTrait::placeBlock protected function Creates a block instance based on default settings. Aliased as: drupalPlaceBlock
BodyFieldCreationTrait::createBodyField protected function Creates a field of an body field storage on the specified bundle.
BrowserHtmlDebugTrait::$htmlOutputBaseUrl protected property The Base URI to use for links to the output files.
BrowserHtmlDebugTrait::$htmlOutputClassName protected property Class name for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputCounter protected property Counter for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputCounterStorage protected property Counter storage for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputDirectory protected property Directory name for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputEnabled protected property HTML output enabled.
BrowserHtmlDebugTrait::$htmlOutputTestId protected property HTML output test ID.
BrowserHtmlDebugTrait::formatHtmlOutputHeaders protected function Formats HTTP headers as string for HTML output logging.
BrowserHtmlDebugTrait::getHtmlOutputHeaders protected function Returns headers in HTML output format. 1
BrowserHtmlDebugTrait::getResponseLogHandler protected function Provides a Guzzle middleware handler to log every response received.
BrowserHtmlDebugTrait::htmlOutput protected function Logs a HTML output message in a text file.
BrowserHtmlDebugTrait::initBrowserOutputFile protected function Creates the directory to store browser output.
BrowserTestBase::$baseUrl protected property The base URL.
BrowserTestBase::$configImporter protected property The config importer that can be used in a test.
BrowserTestBase::$mink protected property Mink session manager.
BrowserTestBase::$minkDefaultDriverArgs protected property Mink default driver params.
BrowserTestBase::$minkDefaultDriverClass protected property Mink class for the default driver to use. 1
BrowserTestBase::$originalShutdownCallbacks protected property The original array of shutdown function callbacks.
BrowserTestBase::$profile protected property The profile to install as a basis for testing. 42
BrowserTestBase::$timeLimit protected property Time limit in seconds for the test.
BrowserTestBase::cleanupEnvironment protected function Clean up the test environment.
BrowserTestBase::config protected function Configuration accessor for tests. Returns non-overridden configuration.
BrowserTestBase::filePreDeleteCallback public static function Ensures test files are deletable.
BrowserTestBase::getDefaultDriverInstance protected function Gets an instance of the default Mink driver.
BrowserTestBase::getDrupalSettings protected function Gets the JavaScript drupalSettings variable for the currently-loaded page. 1
BrowserTestBase::getHttpClient protected function Obtain the HTTP client for the system under test.
BrowserTestBase::getMinkDriverArgs protected function Gets the Mink driver args from an environment variable. 1
BrowserTestBase::getOptions Deprecated protected function Helper function to get the options of select field.
BrowserTestBase::getSession public function Returns Mink session.
BrowserTestBase::getSessionCookies protected function Get session cookies from current session.
BrowserTestBase::getTestMethodCaller protected function Retrieves the current calling line in the class under test. Overrides BrowserHtmlDebugTrait::getTestMethodCaller
BrowserTestBase::initFrontPage protected function Visits the front page when initializing Mink. 3
BrowserTestBase::initMink protected function Initializes Mink sessions. 1
BrowserTestBase::installDrupal public function Installs Drupal into the test site. 2
BrowserTestBase::registerSessions protected function Registers additional Mink sessions.
BrowserTestBase::setDebugDumpHandler public static function Registers the dumper CLI handler when the DebugDump extension is enabled.
BrowserTestBase::setUpAppRoot protected function Sets up the root application path.
BrowserTestBase::tearDown protected function 3
BrowserTestBase::translatePostValues protected function Transforms a nested array into a flat array suitable for submitForm().
BrowserTestBase::xpath protected function Performs an xpath search on the contents of the internal browser.
BrowserTestBase::__construct public function 1
BrowserTestBase::__sleep public function Prevents serializing any properties.
CommentTestTrait::addDefaultCommentField protected function Adds the default comment field to an entity.
ConfigTestTrait::configImporter protected function Returns a ConfigImporter object to import test configuration.
ConfigTestTrait::copyConfig protected function Copies configuration objects from source storage to target storage.
ContentTypeCreationTrait::createContentType protected function Creates a custom content type based on default settings. Aliased as: drupalCreateContentType 1
ExpectDeprecationTrait::expectDeprecation public function Adds an expected deprecation.
ExpectDeprecationTrait::setUpErrorHandler public function Sets up the test error handler.
ExpectDeprecationTrait::tearDownErrorHandler public function Tears down the test error handler.
ExtensionListTestTrait::getModulePath protected function Gets the path for the specified module.
ExtensionListTestTrait::getThemePath protected function Gets the path for the specified theme.
FunctionalTestSetupTrait::$apcuEnsureUniquePrefix protected property The flag to set &#039;apcu_ensure_unique_prefix&#039; setting. 1
FunctionalTestSetupTrait::$classLoader protected property The class loader to use for installation and initialization of setup.
FunctionalTestSetupTrait::$rootUser protected property The &quot;#1&quot; admin user.
FunctionalTestSetupTrait::$usesSuperUserAccessPolicy protected property Set to TRUE to make user 1 a super user.
FunctionalTestSetupTrait::doInstall protected function Execute the non-interactive installer. 1
FunctionalTestSetupTrait::initConfig protected function Initialize various configurations post-installation. 1
FunctionalTestSetupTrait::initKernel protected function Initializes the kernel after installation.
FunctionalTestSetupTrait::initSettings protected function Initialize settings created during install.
FunctionalTestSetupTrait::initUserSession protected function Initializes user 1 for the site to be installed.
FunctionalTestSetupTrait::installDefaultThemeFromClassProperty protected function Installs the default theme defined by `static::$defaultTheme` when needed. 1
FunctionalTestSetupTrait::installModulesFromClassProperty protected function Install modules defined by `static::$modules`. 1
FunctionalTestSetupTrait::installParameters protected function Returns the parameters that will be used when the test installs Drupal. 8
FunctionalTestSetupTrait::prepareEnvironment protected function Prepares the current environment for running the test. 29
FunctionalTestSetupTrait::prepareRequestForGenerator protected function Creates a mock request and sets it on the generator.
FunctionalTestSetupTrait::prepareSettings protected function Prepares site settings and services before installation. 4
FunctionalTestSetupTrait::rebuildAll protected function Resets and rebuilds the environment after setup.
FunctionalTestSetupTrait::rebuildContainer protected function Rebuilds \Drupal::getContainer().
FunctionalTestSetupTrait::resetAll protected function Resets all data structures after having enabled new modules.
FunctionalTestSetupTrait::setContainerParameter protected function Changes parameters in the services.yml file.
FunctionalTestSetupTrait::setupBaseUrl protected function Sets up the base URL based upon the environment variable.
FunctionalTestSetupTrait::writeSettings protected function Rewrites the settings.php file of the test site. 1
NodeAccessTrait::addPrivateField public function Adds the private field to a node type.
NodeCreationTrait::createNode protected function Creates a node based on default settings. Aliased as: drupalCreateNode
NodeCreationTrait::getNodeByTitle public function Get a node from the database based on its title. Aliased as: drupalGetNodeByTitle
RandomGeneratorTrait::getRandomGenerator protected function Gets the random generator for the utility methods.
RandomGeneratorTrait::randomMachineName protected function Generates a unique random string containing letters and numbers.
RandomGeneratorTrait::randomObject public function Generates a random PHP object.
RandomGeneratorTrait::randomString public function Generates a pseudo-random string of ASCII characters of codes 32 to 126.
RefreshVariablesTrait::refreshVariables protected function Refreshes in-memory configuration and state information. 2
SessionTestTrait::$sessionName protected property The name of the session cookie.
SessionTestTrait::generateSessionName protected function Generates a session cookie name.
SessionTestTrait::getSessionName protected function Returns the session name in use on the child site.
StorageCopyTrait::replaceStorageContents protected static function Copy the configuration from one storage to another and remove stale items.
TestRequirementsTrait::getDrupalRoot protected static function Returns the Drupal root directory.
TestSetupTrait::$configSchemaCheckerExclusions protected static property An array of config object names that are excluded from schema checking. 4
TestSetupTrait::$container protected property The dependency injection container used in the test.
TestSetupTrait::$databasePrefix protected property The database prefix of this test run.
TestSetupTrait::$kernel protected property The DrupalKernel instance used in the test.
TestSetupTrait::$originalSite protected property The site directory of the original parent site.
TestSetupTrait::$privateFilesDirectory protected property The private file directory for the test environment.
TestSetupTrait::$publicFilesDirectory protected property The public file directory for the test environment.
TestSetupTrait::$root protected property The app root.
TestSetupTrait::$siteDirectory protected property The site directory of this test run.
TestSetupTrait::$strictConfigSchema protected property Set to TRUE to strict check all configuration saved. 4
TestSetupTrait::$tempFilesDirectory protected property The temporary file directory for the test environment.
TestSetupTrait::$testId protected property The test run ID.
TestSetupTrait::changeDatabasePrefix protected function Changes the database connection to the prefixed one.
TestSetupTrait::getConfigSchemaExclusions protected function Gets the config schema exclusions for this test.
TestSetupTrait::prepareDatabasePrefix protected function Generates a database prefix for running tests. 1
UiHelperTrait::$loggedInUser protected property The current user logged in using the Mink controlled browser.
UiHelperTrait::$maximumMetaRefreshCount protected property The number of meta refresh redirects to follow, or NULL if unlimited.
UiHelperTrait::$metaRefreshCount protected property The number of meta refresh redirects followed during ::drupalGet().
UiHelperTrait::$useOneTimeLoginLinks protected property Use one-time login links instead of submitting the login form. 3
UiHelperTrait::assertSession public function Returns WebAssert object. 1
UiHelperTrait::buildUrl protected function Builds an absolute URL from a system path or a URL object.
UiHelperTrait::checkForMetaRefresh protected function Checks for meta refresh tag and if found call drupalGet() recursively.
UiHelperTrait::click protected function Clicks the element with the given CSS selector.
UiHelperTrait::clickLink protected function Follows a link by complete name.
UiHelperTrait::cssSelect protected function Searches elements using a CSS selector in the raw content.
UiHelperTrait::cssSelectToXpath protected function Translates a CSS expression to its XPath equivalent.
UiHelperTrait::drupalGet protected function Retrieves a Drupal path or an absolute path. 3
UiHelperTrait::drupalLogin protected function Logs in a user using the Mink controlled browser.
UiHelperTrait::drupalLogout protected function Logs a user out of the Mink controlled browser and confirms.
UiHelperTrait::drupalResetSession protected function Resets the current active session back to Anonymous session.
UiHelperTrait::drupalUserIsLoggedIn protected function Returns whether a given user account is logged in.
UiHelperTrait::getAbsoluteUrl protected function Takes a path and returns an absolute path.
UiHelperTrait::getTextContent protected function Retrieves the plain-text content from the current page.
UiHelperTrait::getUrl protected function Get the current URL from the browser.
UiHelperTrait::isTestUsingGuzzleClient protected function Determines if test is using DrupalTestBrowser.
UiHelperTrait::prepareRequest protected function Prepare for a request to testing site. 1
UiHelperTrait::submitForm protected function Fills and submits a form.
UserCancelTest::$defaultTheme protected property The theme to install as the default for testing. Overrides BrowserTestBase::$defaultTheme
UserCancelTest::$modules protected static property Modules to install. Overrides BrowserTestBase::$modules
UserCancelTest::setUp protected function Overrides BrowserTestBase::setUp
UserCancelTest::testMassUserCancelByAdmin public function Create an administrative user and mass-delete other users.
UserCancelTest::testUserAnonymize public function Delete account and anonymize all content.
UserCancelTest::testUserAnonymizeBatch public function Delete account and anonymize all content using a batch process.
UserCancelTest::testUserAnonymizeTranslations public function Delete account and anonymize all content and it&#039;s translations.
UserCancelTest::testUserBlock public function Disable account and keep all content.
UserCancelTest::testUserBlockUnpublish public function Disable account and unpublish all content.
UserCancelTest::testUserBlockUnpublishNodeAccess public function Tests nodes are unpublished even if inaccessible to cancelling user.
UserCancelTest::testUserCancelByAdmin public function Create an administrative user and delete other users.
UserCancelTest::testUserCancelChangePermission public function Tests ability to change the permission for canceling users.
UserCancelTest::testUserCancelInvalid public function Attempt invalid account cancellations.
UserCancelTest::testUserCancelUid1 public function Tests that user account for uid 1 cannot be cancelled.
UserCancelTest::testUserCancelWithoutPermission public function Attempt to cancel account without permission.
UserCancelTest::testUserDelete public function Delete account and remove all content.
UserCancelTest::testUserDeleteWithContentAndNodeAccess public function Tests user cancel with node access.
UserCancelTest::testUserWithoutEmailCancelByAdmin public function Tests deletion of a user account without an email address.
UserCreationTrait::checkPermissions protected function Checks whether a given list of permission names is valid.
UserCreationTrait::createAdminRole protected function Creates an administrative role.
UserCreationTrait::createRole protected function Creates a role with specified permissions. Aliased as: drupalCreateRole
UserCreationTrait::createUser protected function Create a user with a given set of permissions. Aliased as: drupalCreateUser 1
UserCreationTrait::grantPermissions protected function Grant permissions to a user role.
UserCreationTrait::setCurrentUser protected function Switch the current logged in user.
UserCreationTrait::setUpCurrentUser protected function Creates a random user account and sets it as current user.
XdebugRequestTrait::extractCookiesFromRequest protected function Adds xdebug cookies, from request setup.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.