You are here

protected function NodeTest::setUpAuthorization in Drupal 8

Same name and namespace in other branches
  1. 9 core/modules/jsonapi/tests/src/Functional/NodeTest.php \Drupal\Tests\jsonapi\Functional\NodeTest::setUpAuthorization()
  2. 10 core/modules/jsonapi/tests/src/Functional/NodeTest.php \Drupal\Tests\jsonapi\Functional\NodeTest::setUpAuthorization()

Sets up the necessary authorization.

In case of a test verifying publicly accessible REST resources: grant permissions to the anonymous user role.

In case of a test verifying behavior when using a particular authentication provider: create a user with a particular set of permissions.

Because of the $method parameter, it's possible to first set up authentication for only GET, then add POST, et cetera. This then also allows for verifying a 403 in case of missing authorization.

Parameters

string $method: The HTTP method for which to set up authentication.

Overrides ResourceTestBase::setUpAuthorization

See also

::grantPermissionsToAnonymousRole()

::grantPermissionsToAuthenticatedRole()

2 calls to NodeTest::setUpAuthorization()
NodeTest::testPatchPath in core/modules/jsonapi/tests/src/Functional/NodeTest.php
Tests PATCHing a node's path with and without 'create url aliases'.
NodeTest::testPostNonExistingAuthor in core/modules/jsonapi/tests/src/Functional/NodeTest.php
Creating relationships to missing resources should be 404 per JSON:API 1.1.

File

core/modules/jsonapi/tests/src/Functional/NodeTest.php, line 79

Class

NodeTest
JSON:API integration test for the "Node" content entity type.

Namespace

Drupal\Tests\jsonapi\Functional

Code

protected function setUpAuthorization($method) {
  switch ($method) {
    case 'GET':
      $this
        ->grantPermissionsToTestedRole([
        'access content',
      ]);
      break;
    case 'POST':
      $this
        ->grantPermissionsToTestedRole([
        'access content',
        'create camelids content',
      ]);
      break;
    case 'PATCH':

      // Do not grant the 'create url aliases' permission to test the case
      // when the path field is protected/not accessible, see
      // \Drupal\Tests\rest\Functional\EntityResource\Term\TermResourceTestBase
      // for a positive test.
      $this
        ->grantPermissionsToTestedRole([
        'access content',
        'edit any camelids content',
      ]);
      break;
    case 'DELETE':
      $this
        ->grantPermissionsToTestedRole([
        'access content',
        'delete any camelids content',
      ]);
      break;
  }
}