You are here

public function MenuUiTest::testMenuParentsJsAccess in Drupal 10

Same name and namespace in other branches
  1. 8 core/modules/menu_ui/tests/src/Functional/MenuUiTest.php \Drupal\Tests\menu_ui\Functional\MenuUiTest::testMenuParentsJsAccess()
  2. 9 core/modules/menu_ui/tests/src/Functional/MenuUiTest.php \Drupal\Tests\menu_ui\Functional\MenuUiTest::testMenuParentsJsAccess()

Tests if admin users, other than UID1, can access parents AJAX callback.

File

core/modules/menu_ui/tests/src/Functional/MenuUiTest.php, line 961

Class

MenuUiTest
Add a custom menu, add menu links to the custom menu and Tools menu, check their data, and delete them using the UI.

Namespace

Drupal\Tests\menu_ui\Functional

Code

public function testMenuParentsJsAccess() {
  $this
    ->drupalLogin($this
    ->drupalCreateUser([
    'administer menu',
  ]));

  // Just check access to the callback overall, the POST data is irrelevant.
  $this
    ->drupalGet('admin/structure/menu/parents', [
    'query' => [
      MainContentViewSubscriber::WRAPPER_FORMAT => 'drupal_ajax',
    ],
  ], [
    'X-Requested-With: XMLHttpRequest',
  ]);
  $this
    ->assertSession()
    ->statusCodeEquals(200);

  // Log in as authenticated user.
  $this
    ->drupalLogin($this
    ->drupalCreateUser());

  // Check that a simple user is not able to access the menu.
  $this
    ->drupalGet('admin/structure/menu/parents', [
    'query' => [
      MainContentViewSubscriber::WRAPPER_FORMAT => 'drupal_ajax',
    ],
  ], [
    'X-Requested-With: XMLHttpRequest',
  ]);
  $this
    ->assertSession()
    ->statusCodeEquals(403);
}