public function MenuLinkContentTest::testLinkOptionsSerialization in Drupal 8
Same name and namespace in other branches
- 9 core/modules/jsonapi/tests/src/Functional/MenuLinkContentTest.php \Drupal\Tests\jsonapi\Functional\MenuLinkContentTest::testLinkOptionsSerialization()
Test requests using a serialized field item property.
See also
https://security.drupal.org/node/161923
File
- core/
modules/ jsonapi/ tests/ src/ Functional/ MenuLinkContentTest.php, line 194
Class
- MenuLinkContentTest
- JSON:API integration test for the "MenuLinkContent" content entity type.
Namespace
Drupal\Tests\jsonapi\FunctionalCode
public function testLinkOptionsSerialization() {
$this
->config('jsonapi.settings')
->set('read_only', FALSE)
->save(TRUE);
$document = $this
->getPostDocument();
$document['data']['attributes']['link']['options'] = "O:44:\"Symfony\\Component\\Process\\Pipes\\WindowsPipes\":8:{s:51:\"\\Symfony\\Component\\Process\\Pipes\\WindowsPipes\0files\";a:1:{i:0;s:3:\"foo\";}s:57:\"\0Symfony\\Component\\Process\\Pipes\\WindowsPipes\0fileHandles\";a:0:{}s:55:\"\0Symfony\\Component\\Process\\Pipes\\WindowsPipes\0readBytes\";a:2:{i:1;i:0;i:2;i:0;}s:59:\"\0Symfony\\Component\\Process\\Pipes\\WindowsPipes\0disableOutput\";b:0;s:5:\"pipes\";a:0:{}s:58:\"\0Symfony\\Component\\Process\\Pipes\\AbstractPipes\0inputBuffer\";s:0:\"\";s:52:\"\0Symfony\\Component\\Process\\Pipes\\AbstractPipes\0input\";N;s:54:\"\0Symfony\\Component\\Process\\Pipes\\AbstractPipes\0blocked\";b:1;}";
$url = Url::fromRoute(sprintf('jsonapi.%s.collection.post', static::$resourceTypeName));
$request_options = [];
$request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
$request_options[RequestOptions::HEADERS]['Content-Type'] = 'application/vnd.api+json';
$request_options[RequestOptions::BODY] = Json::encode($document);
$request_options = NestedArray::mergeDeep($request_options, $this
->getAuthenticationRequestOptions());
// Ensure 403 when unauthorized.
$response = $this
->request('POST', $url, $request_options);
$reason = $this
->getExpectedUnauthorizedAccessMessage('POST');
$this
->assertResourceErrorResponse(403, (string) $reason, $url, $response);
$this
->setUpAuthorization('POST');
// Ensure that an exception is thrown.
$response = $this
->request('POST', $url, $request_options);
$this
->assertResourceErrorResponse(500, (string) 'The generic FieldItemNormalizer cannot denormalize string values for "options" properties of the "link" field (field item class: Drupal\\link\\Plugin\\Field\\FieldType\\LinkItem).', $url, $response);
// Create a menu link content entity without the serialized property.
unset($document['data']['attributes']['link']['options']);
$request_options[RequestOptions::BODY] = Json::encode($document);
$response = $this
->request('POST', $url, $request_options);
$document = Json::decode((string) $response
->getBody());
$internal_id = $document['data']['attributes']['drupal_internal__id'];
// Load the created menu item and add link options to it.
$menu_link = MenuLinkContent::load($internal_id);
$menu_link
->get('link')
->first()
->set('options', [
'fragment' => 'test',
]);
$menu_link
->save();
// Fetch the link.
unset($request_options[RequestOptions::BODY]);
$url = Url::fromRoute(sprintf('jsonapi.%s.individual', static::$resourceTypeName), [
'entity' => $document['data']['id'],
]);
$response = $this
->request('GET', $url, $request_options);
$response_body = (string) $response
->getBody();
// Ensure that the entity can be updated using a response document.
$request_options[RequestOptions::BODY] = $response_body;
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceResponse(200, Json::decode($response_body), $response);
}