public function AccessTest::testAccessWithValidToken in Access unpublished 8
Checks entity access before and after token creation.
File
- tests/
src/ Functional/ AccessTest.php, line 63
Class
- AccessTest
- Tests the article creation.
Namespace
Drupal\Tests\access_unpublished\FunctionalCode
public function testAccessWithValidToken() {
$assert_session = $this
->assertSession();
// Create tokens for the entity.
$requestTime = \Drupal::time()
->getRequestTime();
$expiredToken = AccessToken::create([
'entity_type' => 'node',
'entity_id' => $this->entity
->id(),
'value' => 'iAmExpired',
'expire' => $requestTime - 100,
]);
$expiredToken
->save();
$validToken = AccessToken::create([
'entity_type' => 'node',
'entity_id' => $this->entity
->id(),
'value' => 'iAmValid',
'expire' => $requestTime + 100,
]);
$validToken
->save();
// Verify that entity is accessible, but only with the correct hash.
$this
->drupalGet($this->entity
->toUrl('canonical'), [
'query' => [
'auHash' => 'iAmValid',
],
]);
$assert_session
->statusCodeEquals(200);
$this
->drupalGet($this->entity
->toUrl('canonical'), [
'query' => [
'auHash' => 123456,
],
]);
$assert_session
->statusCodeEquals(403);
$this
->drupalGet($this->entity
->toUrl());
$assert_session
->statusCodeEquals(403);
// Delete the token.
$validToken
->delete();
// Verify that the entity is not accessible.
$this
->drupalGet($this->entity
->toUrl('canonical'), [
'query' => [
'auHash' => 'iAmValid',
],
]);
$assert_session
->statusCodeEquals(403);
}