public function CoffeeTest::testCoffeeCsrf in Coffee 8
Tests that CSRF tokens are correctly handled.
File
- tests/
src/ Functional/ CoffeeTest.php, line 163
Class
- CoffeeTest
- Tests Coffee module functionality.
Namespace
Drupal\Tests\coffee\FunctionalCode
public function testCoffeeCsrf() {
$account = $this
->drupalCreateUser([
'access coffee',
'access administration pages',
]);
$this
->drupalLogin($account);
// Set up a new menu with one link.
$menu = Menu::create([
'id' => 'coffee',
'label' => 'Coffee',
'description' => 'Menu for testing Coffee.',
]);
$menu
->save();
$menu_link = MenuLinkContent::create([
'title' => 'Coffee test',
'provider' => 'menu_link_content',
'menu_name' => 'coffee',
'link' => [
'uri' => 'internal:/coffee-test-csrf',
],
]);
$menu_link
->save();
$this
->config('coffee.configuration')
->set('coffee_menus', [
'coffee',
])
->save();
// Get the link with CSRF token.
$result = $this
->drupalGet('/admin/coffee/get-data');
$result = json_decode($result);
// For some reason, drupalGet('path?token=foo') does not work, and
// we have to explicitly set the token in the query options.
$token = substr($result[0]->value, strpos($result[0]->value, 'token=') + 6);
$this
->drupalGet('/coffee-test-csrf', [
'query' => [
'token' => $token,
],
]);
$this
->assertResponse(200);
}