public function CartEntityAccessTest::testAdministrativeAccess in Commerce Core 8.2
Tests that cart access does not grant administrative access.
File
- modules/
cart/ tests/ src/ Functional/ CartEntityAccessTest.php, line 193
Class
- CartEntityAccessTest
- Tests cart access.
Namespace
Drupal\Tests\commerce_cart\FunctionalCode
public function testAdministrativeAccess() {
$customer = $this
->drupalCreateUser([
'view own commerce_order',
]);
// Authorized cart.
$cart = \Drupal::service('commerce_cart.cart_provider')
->createCart('default', $this->store, $customer);
assert($cart instanceof OrderInterface);
$this
->drupalLogin($customer);
foreach ($cart
->getEntityType()
->getLinkTemplates() as $rel => $link_template) {
if ($rel === 'state-transition-form') {
continue;
}
$this
->drupalGet($cart
->toUrl($rel));
$this
->assertSession()
->statusCodeEquals(403);
}
// Anonymous active cart.
$this
->switchSession('anonymous');
$this
->drupalGet('product/' . $this->variation
->getProductId());
$this
->submitForm([], 'Add to cart');
$cart = Order::load(3);
foreach ($cart
->getEntityType()
->getLinkTemplates() as $rel => $link_template) {
if ($rel === 'state-transition-form') {
continue;
}
$this
->drupalGet($cart
->toUrl($rel));
$this
->assertSession()
->statusCodeEquals(403);
}
}