protected function CookieResourceTestTrait::assertResponseWhenMissingAuthentication in Drupal 9
Same name and namespace in other branches
- 8 core/modules/rest/tests/src/Functional/CookieResourceTestTrait.php \Drupal\Tests\rest\Functional\CookieResourceTestTrait::assertResponseWhenMissingAuthentication()
File
- core/
modules/ rest/ tests/ src/ Functional/ CookieResourceTestTrait.php, line 94
Class
- CookieResourceTestTrait
- Trait for ResourceTestBase subclasses testing $auth=cookie.
Namespace
Drupal\Tests\rest\FunctionalCode
protected function assertResponseWhenMissingAuthentication($method, ResponseInterface $response) {
// Requests needing cookie authentication but missing it results in a 403
// response. The cookie authentication mechanism sets no response message.
// Hence, effectively, this is just the 403 response that one gets as the
// anonymous user trying to access a certain REST resource.
// @see \Drupal\user\Authentication\Provider\Cookie
// @todo https://www.drupal.org/node/2847623
if ($method === 'GET') {
$expected_cookie_403_cacheability = $this
->getExpectedUnauthorizedAccessCacheability()
->addCacheableDependency($this
->getExpectedUnauthorizedEntityAccessCacheability(FALSE));
// - \Drupal\Core\EventSubscriber\AnonymousUserResponseSubscriber applies
// to cacheable anonymous responses: it updates their cacheability.
// - A 403 response to a GET request is cacheable.
// Therefore we must update our cacheability expectations accordingly.
if (in_array('user.permissions', $expected_cookie_403_cacheability
->getCacheContexts(), TRUE)) {
$expected_cookie_403_cacheability
->addCacheTags([
'config:user.role.anonymous',
]);
}
// @todo Fix \Drupal\block\BlockAccessControlHandler::mergeCacheabilityFromConditions() in https://www.drupal.org/node/2867881
if (static::$entityTypeId === 'block') {
$expected_cookie_403_cacheability
->setCacheTags(str_replace('user:2', 'user:0', $expected_cookie_403_cacheability
->getCacheTags()));
}
$this
->assertResourceErrorResponse(403, FALSE, $response, $expected_cookie_403_cacheability
->getCacheTags(), $expected_cookie_403_cacheability
->getCacheContexts(), 'MISS', FALSE);
}
else {
$this
->assertResourceErrorResponse(403, FALSE, $response);
}
}