You are here

protected function FileResourceTestBase::setUpAuthorization in Drupal 8

Same name and namespace in other branches
  1. 9 core/modules/file/tests/src/Functional/Rest/FileResourceTestBase.php \Drupal\Tests\file\Functional\Rest\FileResourceTestBase::setUpAuthorization()
  2. 10 core/modules/file/tests/src/Functional/Rest/FileResourceTestBase.php \Drupal\Tests\file\Functional\Rest\FileResourceTestBase::setUpAuthorization()

Sets up the necessary authorization.

In case of a test verifying publicly accessible REST resources: grant permissions to the anonymous user role.

In case of a test verifying behavior when using a particular authentication provider: create a user with a particular set of permissions.

Because of the $method parameter, it's possible to first set up authentication for only GET, then add POST, et cetera. This then also allows for verifying a 403 in case of missing authorization.

Parameters

string $method: The HTTP method for which to set up authentication.

Overrides ResourceTestBase::setUpAuthorization

See also

::grantPermissionsToAnonymousRole()

::grantPermissionsToAuthenticatedRole()

1 call to FileResourceTestBase::setUpAuthorization()
FileHalJsonAnonTest::testGetBcUriField in core/modules/file/tests/src/Functional/Hal/FileHalJsonAnonTest.php
@group legacy @expectedDeprecation Replacing the file uri with the URL is deprecated in drupal:8.8.0 and is removed from drupal:9.0.0. Use the provided url property instead and disable hal.settings:bc_file_uri_as_url_normalizer. See…

File

core/modules/file/tests/src/Functional/Rest/FileResourceTestBase.php, line 48

Class

FileResourceTestBase

Namespace

Drupal\Tests\file\Functional\Rest

Code

protected function setUpAuthorization($method) {
  switch ($method) {
    case 'GET':
      $this
        ->grantPermissionsToTestedRole([
        'access content',
      ]);
      break;
    case 'PATCH':
    case 'DELETE':

      // \Drupal\file\FileAccessControlHandler::checkAccess() grants 'update'
      // and 'delete' access only to the user that owns the file. So there is
      // no permission to grant: instead, the file owner must be changed from
      // its default (user 1) to the current user.
      $this
        ->makeCurrentUserFileOwner();
      break;
  }
}