You are here

public function QuickEditImageControllerTest::testAccess in Drupal 8

Tests that routes restrict access for un-privileged users.

File

core/modules/image/tests/src/Functional/QuickEditImageControllerTest.php, line 78

Class

QuickEditImageControllerTest
Tests the endpoints used by the "image" in-place editor.

Namespace

Drupal\Tests\image\Functional

Code

public function testAccess() {

  // Create an anonymous user.
  $user = $this
    ->createUser();
  $this
    ->drupalLogin($user);

  // Create a test Node.
  $node = $this
    ->drupalCreateNode([
    'type' => 'article',
    'title' => t('Test Node'),
  ]);
  $this
    ->drupalGet('quickedit/image/info/node/' . $node
    ->id() . '/' . $this->fieldName . '/' . $node
    ->language()
    ->getId() . '/default');
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  /** @var \Symfony\Component\BrowserKit\Client $client */
  $client = $this
    ->getSession()
    ->getDriver()
    ->getClient();
  $client
    ->request('POST', '/quickedit/image/upload/node/' . $node
    ->id() . '/' . $this->fieldName . '/' . $node
    ->language()
    ->getId() . '/default');
  $this
    ->assertEquals('403', $client
    ->getResponse()
    ->getStatus());
}