Add the inverse, assertRoleHasNoPermission().

palantirnet · Dec 5, 2016 · 7c68a8c · 7c68a8c
1 parent d06bf96
commit 7c68a8c
Showing 1 changed file with 35 additions and 1 deletion.
diff --git a/src/Palantirnet/PalantirBehatExtension/Context/DrupalUserContext.php b/src/Palantirnet/PalantirBehatExtension/Context/DrupalUserContext.php
@@ -49,4 +49,38 @@ public function assertRoleHasPermission($role, TableNode $perms)
     }//end assertRoleHasPermission()
 
 
-}//end class
+    /**
+     * Asserts a role does not have a list of permissions.
+     *
+     * @Then the :role role should not have the permission(s):
+     *
+     * @param String    $role  The role to check for the list of permissions.
+     * @param TableNode $perms The permissions this role should not have.
+     *
+     * @return void
+     *
+     * @throws \Exception
+     */
+    public function assertRoleHasNoPermission($role, TableNode $perms)
+    {
+        // Get the role storage object so we can query it for permissions.
+        $roleStorage = \Drupal::entityManager()->getStorage('user_role');
+
+        // Convert the single role given to an array for the isPermissionInRoles() function.
+        $rids = array($role);
+
+        foreach($perms->getHash() as $row){
+            // Grab the value out of the row. It will always be the first value.
+            $perm = reset($row);
+
+            // Check the permission against the role.
+            $has_permission = $roleStorage->isPermissionInRoles($perm, $rids);
+            if($has_permission) {
+                throw new \Exception('Role "'.$role.'" has permission "'.$perm.'" but it should not.');
+            }
+        }
+
+    }//end assertRoleHasNoPermission()
+
+
+}//end class}