You are here

protected static function ResourceResponseTestTrait::getAccessDeniedResponse in Drupal 9

Same name and namespace in other branches
  1. 8 core/modules/jsonapi/tests/src/Functional/ResourceResponseTestTrait.php \Drupal\Tests\jsonapi\Functional\ResourceResponseTestTrait::getAccessDeniedResponse()

Gets a generic forbidden response.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity for which to generate the forbidden response.

\Drupal\Core\Access\AccessResultInterface $access: The denied AccessResult. This can carry a reason and cacheability data.

\Drupal\Core\Url $via_link: The source URL for the errors of the response.

string|null $relationship_field_name: (optional) The field name to which the forbidden result applies. Useful for testing related/relationship routes and includes.

string|null $detail: (optional) Details for the JSON:API error object.

string|bool|null $pointer: (optional) Document pointer for the JSON:API error object. FALSE to omit the pointer.

Return value

\Drupal\jsonapi\CacheableResourceResponse The forbidden ResourceResponse.

3 calls to ResourceResponseTestTrait::getAccessDeniedResponse()
ResourceResponseTestTrait::getExpectedIncludedResourceResponse in core/modules/jsonapi/tests/src/Functional/ResourceResponseTestTrait.php
Gets an array of expected ResourceResponses for the given include paths.
ResourceTestBase::getExpectedGetRelationshipResponse in core/modules/jsonapi/tests/src/Functional/ResourceTestBase.php
Gets an expected ResourceResponse for the given relationship.
ResourceTestBase::getExpectedRelatedResponse in core/modules/jsonapi/tests/src/Functional/ResourceTestBase.php
Builds an expected related ResourceResponse for the given field.

File

core/modules/jsonapi/tests/src/Functional/ResourceResponseTestTrait.php, line 502

Class

ResourceResponseTestTrait
Utility methods for handling resource responses.

Namespace

Drupal\Tests\jsonapi\Functional

Code

protected static function getAccessDeniedResponse(EntityInterface $entity, AccessResultInterface $access, Url $via_link, $relationship_field_name = NULL, $detail = NULL, $pointer = NULL) {
  $detail = $detail ? $detail : 'The current user is not allowed to GET the selected resource.';
  if ($access instanceof AccessResultReasonInterface && ($reason = $access
    ->getReason())) {
    $detail .= ' ' . $reason;
  }
  $error = [
    'status' => '403',
    'title' => 'Forbidden',
    'detail' => $detail,
    'links' => [
      'info' => [
        'href' => HttpExceptionNormalizer::getInfoUrl(403),
      ],
    ],
  ];
  if ($pointer || $pointer !== FALSE && $relationship_field_name) {
    $error['source']['pointer'] = $pointer ? $pointer : $relationship_field_name;
  }
  if ($via_link) {
    $error['links']['via']['href'] = $via_link
      ->setAbsolute()
      ->toString();
  }
  return (new CacheableResourceResponse([
    'jsonapi' => static::$jsonApiMember,
    'errors' => [
      $error,
    ],
  ], 403))
    ->addCacheableDependency((new CacheableMetadata())
    ->addCacheTags([
    '4xx-response',
    'http_response',
  ])
    ->addCacheContexts([
    'url.site',
  ]))
    ->addCacheableDependency($access);
}