You are here

protected function QuickEditEndPointAccessTest::assertAccessIsBlocked in Drupal 9

Same name and namespace in other branches
  1. 8 core/modules/quickedit/tests/src/Functional/QuickEditEndPointAccessTest.php \Drupal\Tests\quickedit\Functional\QuickEditEndPointAccessTest::assertAccessIsBlocked()
  2. 10 core/modules/quickedit/tests/src/Functional/QuickEditEndPointAccessTest.php \Drupal\Tests\quickedit\Functional\QuickEditEndPointAccessTest::assertAccessIsBlocked()

Asserts that access to the passed URL is blocked.

Parameters

string $url: The URL to check.

array $body: The payload to send with the request.

1 call to QuickEditEndPointAccessTest::assertAccessIsBlocked()
QuickEditEndPointAccessTest::testEndPointAccess in core/modules/quickedit/tests/src/Functional/QuickEditEndPointAccessTest.php
Tests that Quick Edit endpoints are protected from anonymous requests.

File

core/modules/quickedit/tests/src/Functional/QuickEditEndPointAccessTest.php, line 80

Class

QuickEditEndPointAccessTest
Tests accessing the Quick Edit endpoints.

Namespace

Drupal\Tests\quickedit\Functional

Code

protected function assertAccessIsBlocked($url, array $body) {
  $client = $this
    ->getHttpClient();
  $message = [
    'message' => "The 'access in-place editing' permission is required.",
  ];
  $response = $client
    ->post($url, [
    RequestOptions::BODY => http_build_query($body),
    RequestOptions::QUERY => [
      MainContentViewSubscriber::WRAPPER_FORMAT => 'drupal_ajax',
    ],
    RequestOptions::COOKIES => $this
      ->getSessionCookies(),
    RequestOptions::HEADERS => [
      'Accept' => 'application/json',
      'Content-Type' => 'application/x-www-form-urlencoded',
    ],
    RequestOptions::HTTP_ERRORS => FALSE,
  ]);
  $this
    ->assertEquals(403, $response
    ->getStatusCode());
  $response_message = Json::decode($response
    ->getBody());
  $this
    ->assertSame($message, $response_message);
}