abstract class EntityResourceTestBase in Drupal 10
Same name and namespace in other branches
- 8 core/modules/rest/tests/src/Functional/EntityResource/EntityResourceTestBase.php \Drupal\Tests\rest\Functional\EntityResource\EntityResourceTestBase
- 9 core/modules/rest/tests/src/Functional/EntityResource/EntityResourceTestBase.php \Drupal\Tests\rest\Functional\EntityResource\EntityResourceTestBase
Even though there is the generic EntityResource, it's necessary for every entity type to have its own test, because they each have different fields, validation constraints, et cetera. It's not because the generic case works, that every case works.
Furthermore, it's necessary to test every format separately, because there can be entity type-specific normalization or serialization problems.
Subclass this for every entity type. Also respect instructions in \Drupal\rest\Tests\ResourceTestBase.
For example, for the node test coverage, there is the (abstract) \Drupal\Tests\rest\Functional\EntityResource\Node\NodeResourceTestBase, which is then again subclassed for every authentication provider:
- \Drupal\Tests\rest\Functional\EntityResource\Node\NodeJsonAnonTest
- \Drupal\Tests\rest\Functional\EntityResource\Node\NodeJsonBasicAuthTest
- \Drupal\Tests\rest\Functional\EntityResource\Node\NodeJsonCookieTest
In other words: for every entity type there should be: 1. an abstract subclass that includes the entity type-specific authorization (permissions or perhaps custom access control handling, such as node grants), plus 2. a concrete subclass extending the abstract entity type-specific subclass that specifies the exact
$format;
,
$mimeType;
and
$auth;
for this concrete test. Usually that's all that's necessary: most concrete subclasses will be very thin.
For every of these concrete subclasses, a comprehensive test scenario will run per HTTP method:
- ::testGet()
- ::testPost()
- ::testPatch()
- ::testDelete()
If there is an entity type-specific edge case scenario to test, then add that to the entity type-specific abstract subclass. Example: \Drupal\Tests\rest\Functional\EntityResource\Comment\CommentResourceTestBase::testPostDxWithoutCriticalBaseFields
If there is an entity type-specific format-specific edge case to test, then add that to a concrete subclass. Example: \Drupal\Tests\hal\Functional\EntityResource\Comment\CommentHalJsonTestBase::$patchProtectedFieldNames
Hierarchy
- class \Drupal\Tests\BrowserTestBase extends \PHPUnit\Framework\TestCase uses \Drupal\Tests\PhpUnitCompatibilityTrait, \Symfony\Bridge\PhpUnit\ExpectDeprecationTrait, FunctionalTestSetupTrait, TestSetupTrait, BlockCreationTrait, ConfigTestTrait, ExtensionListTestTrait, ContentTypeCreationTrait, NodeCreationTrait, RandomGeneratorTrait, TestRequirementsTrait, PhpUnitWarnings, UiHelperTrait, UserCreationTrait, XdebugRequestTrait
- class \Drupal\Tests\rest\Functional\ResourceTestBase
- class \Drupal\Tests\rest\Functional\EntityResource\EntityResourceTestBase
- class \Drupal\Tests\rest\Functional\ResourceTestBase
Expanded class hierarchy of EntityResourceTestBase
11 files declare their use of EntityResourceTestBase
- BlockContentResourceTestBase.php in core/
modules/ block_content/ tests/ src/ Functional/ Rest/ BlockContentResourceTestBase.php - CommentResourceTestBase.php in core/
modules/ comment/ tests/ src/ Functional/ Rest/ CommentResourceTestBase.php - FileResourceTestBase.php in core/
modules/ file/ tests/ src/ Functional/ Rest/ FileResourceTestBase.php - MediaResourceTestBase.php in core/
modules/ media/ tests/ src/ Functional/ Rest/ MediaResourceTestBase.php - MenuLinkContentResourceTestBase.php in core/
modules/ menu_link_content/ tests/ src/ Functional/ Rest/ MenuLinkContentResourceTestBase.php
File
- core/
modules/ rest/ tests/ src/ Functional/ EntityResource/ EntityResourceTestBase.php, line 69
Namespace
Drupal\Tests\rest\Functional\EntityResourceView source
abstract class EntityResourceTestBase extends ResourceTestBase {
/**
* The tested entity type.
*
* @var string
*/
protected static $entityTypeId = NULL;
/**
* The fields that are protected against modification during PATCH requests.
*
* Keys are field names, values are expected access denied reasons.
*
* @var string[]
*/
protected static $patchProtectedFieldNames;
/**
* The fields that need a different (random) value for each new entity created
* by a POST request.
*
* @var string[]
*/
protected static $uniqueFieldNames = [];
/**
* Optionally specify which field is the 'label' field. Some entities do not
* specify a 'label' entity key. For example: User.
*
* @see ::getInvalidNormalizedEntityToCreate
*
* @var string|null
*/
protected static $labelFieldName = NULL;
/**
* The entity ID for the first created entity in testPost().
*
* The default value of 2 should work for most content entities.
*
* @see ::testPost()
*
* @var string|int
*/
protected static $firstCreatedEntityId = 2;
/**
* The entity ID for the second created entity in testPost().
*
* The default value of 3 should work for most content entities.
*
* @see ::testPost()
*
* @var string|int
*/
protected static $secondCreatedEntityId = 3;
/**
* The main entity used for testing.
*
* @var \Drupal\Core\Entity\EntityInterface
*/
protected $entity;
/**
* Another entity of the same type used for testing.
*
* @var \Drupal\Core\Entity\EntityInterface
*/
protected $anotherEntity;
/**
* The entity storage.
*
* @var \Drupal\Core\Entity\EntityStorageInterface
*/
protected $entityStorage;
/**
* Modules to install.
*
* @var array
*/
protected static $modules = [
'rest_test',
'text',
];
/**
* Provides an entity resource.
*
* @param bool $single_format
* Provisions a single-format entity REST resource. Defaults to FALSE.
*/
protected function provisionEntityResource($single_format = FALSE) {
if ($existing = $this->resourceConfigStorage
->load(static::$resourceConfigId)) {
$existing
->delete();
}
$format = $single_format ? [
static::$format,
] : [
static::$format,
'foobar',
];
// It's possible to not have any authentication providers enabled, when
// testing public (anonymous) usage of a REST resource.
$auth = isset(static::$auth) ? [
static::$auth,
] : [];
$this
->provisionResource($format, $auth);
}
/**
* {@inheritdoc}
*/
protected function setUp() : void {
parent::setUp();
// Calculate REST Resource config entity ID.
static::$resourceConfigId = 'entity.' . static::$entityTypeId;
$this->entityStorage = $this->container
->get('entity_type.manager')
->getStorage(static::$entityTypeId);
// Create an entity.
$this->entity = $this
->createEntity();
if ($this->entity instanceof FieldableEntityInterface) {
// Add access-protected field.
FieldStorageConfig::create([
'entity_type' => static::$entityTypeId,
'field_name' => 'field_rest_test',
'type' => 'text',
])
->setCardinality(1)
->save();
FieldConfig::create([
'entity_type' => static::$entityTypeId,
'field_name' => 'field_rest_test',
'bundle' => $this->entity
->bundle(),
])
->setLabel('Test field')
->setTranslatable(FALSE)
->save();
// Add multi-value field.
FieldStorageConfig::create([
'entity_type' => static::$entityTypeId,
'field_name' => 'field_rest_test_multivalue',
'type' => 'string',
])
->setCardinality(3)
->save();
FieldConfig::create([
'entity_type' => static::$entityTypeId,
'field_name' => 'field_rest_test_multivalue',
'bundle' => $this->entity
->bundle(),
])
->setLabel('Test field: multi-value')
->setTranslatable(FALSE)
->save();
// Reload entity so that it has the new field.
$reloaded_entity = $this->entityStorage
->loadUnchanged($this->entity
->id());
// Some entity types are not stored, hence they cannot be reloaded.
if ($reloaded_entity !== NULL) {
$this->entity = $reloaded_entity;
// Set a default value on the fields.
$this->entity
->set('field_rest_test', [
'value' => 'All the faith they had had had had no effect on the outcome of their life.',
]);
$this->entity
->set('field_rest_test_multivalue', [
[
'value' => 'One',
],
[
'value' => 'Two',
],
]);
$this->entity
->set('rest_test_validation', [
'value' => 'allowed value',
]);
$this->entity
->save();
}
}
}
/**
* Creates the entity to be tested.
*
* @return \Drupal\Core\Entity\EntityInterface
* The entity to be tested.
*/
protected abstract function createEntity();
/**
* Creates another entity to be tested.
*
* @return \Drupal\Core\Entity\EntityInterface
* Another entity based on $this->entity.
*/
protected function createAnotherEntity() {
$entity = $this->entity
->createDuplicate();
$label_key = $entity
->getEntityType()
->getKey('label');
if ($label_key) {
$entity
->set($label_key, $entity
->label() . '_dupe');
}
$entity
->save();
return $entity;
}
/**
* Returns the expected normalization of the entity.
*
* @see ::createEntity()
*
* @return array
*/
protected abstract function getExpectedNormalizedEntity();
/**
* Returns the normalized POST entity.
*
* @see ::testPost
*
* @return array
*/
protected abstract function getNormalizedPostEntity();
/**
* Returns the normalized PATCH entity.
*
* By default, reuses ::getNormalizedPostEntity(), which works fine for most
* entity types. A counterexample: the 'comment' entity type.
*
* @see ::testPatch
*
* @return array
*/
protected function getNormalizedPatchEntity() {
return $this
->getNormalizedPostEntity();
}
/**
* Gets the normalized POST entity with random values for its unique fields.
*
* @see ::testPost
* @see ::getNormalizedPostEntity
*
* @return array
* An array structure as returned by ::getNormalizedPostEntity().
*/
protected function getModifiedEntityForPostTesting() {
$normalized_entity = $this
->getNormalizedPostEntity();
// Ensure that all the unique fields of the entity type get a new random
// value.
foreach (static::$uniqueFieldNames as $field_name) {
$field_definition = $this->entity
->getFieldDefinition($field_name);
$field_type_class = $field_definition
->getItemDefinition()
->getClass();
$normalized_entity[$field_name] = $field_type_class::generateSampleValue($field_definition);
}
return $normalized_entity;
}
/**
* {@inheritdoc}
*/
protected function getExpectedUnauthorizedAccessMessage($method) {
$permission = $this->entity
->getEntityType()
->getAdminPermission();
if ($permission !== FALSE) {
return "The '{$permission}' permission is required.";
}
$http_method_to_entity_operation = [
'GET' => 'view',
'POST' => 'create',
'PATCH' => 'update',
'DELETE' => 'delete',
];
$operation = $http_method_to_entity_operation[$method];
$message = sprintf('You are not authorized to %s this %s entity', $operation, $this->entity
->getEntityTypeId());
if ($this->entity
->bundle() !== $this->entity
->getEntityTypeId()) {
$message .= ' of bundle ' . $this->entity
->bundle();
}
return "{$message}.";
}
/**
* {@inheritdoc}
*/
protected function getExpectedUnauthorizedAccessCacheability() {
return (new CacheableMetadata())
->setCacheTags(static::$auth ? [
'4xx-response',
'http_response',
] : [
'4xx-response',
'config:user.role.anonymous',
'http_response',
])
->setCacheContexts([
'user.permissions',
]);
}
/**
* The cacheability of unauthorized 'view' entity access.
*
* @param bool $is_authenticated
* Whether the current request is authenticated or not. This matters for
* some entity access control handlers, but not for most.
*
* @return \Drupal\Core\Cache\CacheableMetadata
* The expected cacheability.
*/
protected function getExpectedUnauthorizedEntityAccessCacheability($is_authenticated) {
return new CacheableMetadata();
}
/**
* The expected cache tags for the GET/HEAD response of the test entity.
*
* @see ::testGet
*
* @return string[]
*/
protected function getExpectedCacheTags() {
$expected_cache_tags = [
'config:rest.resource.entity.' . static::$entityTypeId,
];
if (!static::$auth) {
$expected_cache_tags[] = 'config:user.role.anonymous';
}
$expected_cache_tags[] = 'http_response';
return Cache::mergeTags($expected_cache_tags, $this->entity
->getCacheTags());
}
/**
* The expected cache contexts for the GET/HEAD response of the test entity.
*
* @see ::testGet
*
* @return string[]
*/
protected function getExpectedCacheContexts() {
return [
'url.site',
'user.permissions',
];
}
/**
* Tests a GET request for an entity, plus edge cases to ensure good DX.
*/
public function testGet() {
$this
->initAuthentication();
$has_canonical_url = $this->entity
->hasLinkTemplate('canonical');
// The URL and Guzzle request options that will be used in this test. The
// request options will be modified/expanded throughout this test:
// - to first test all mistakes a developer might make, and assert that the
// error responses provide a good DX
// - to eventually result in a well-formed request that succeeds.
$url = $this
->getEntityResourceUrl();
$request_options = [];
// DX: 404 when resource not provisioned, 403 if canonical route. HTML
// response because missing ?_format query string.
$response = $this
->request('GET', $url, $request_options);
$this
->assertSame($has_canonical_url ? 403 : 404, $response
->getStatusCode());
$this
->assertSame([
'text/html; charset=UTF-8',
], $response
->getHeader('Content-Type'));
$url
->setOption('query', [
'_format' => static::$format,
]);
// DX: 404 when resource not provisioned, 403 if canonical route. Non-HTML
// response because ?_format query string is present.
$response = $this
->request('GET', $url, $request_options);
if ($has_canonical_url) {
$expected_cacheability = $this
->getExpectedUnauthorizedAccessCacheability()
->addCacheTags([
'config:user.role.anonymous',
]);
$expected_cacheability
->addCacheableDependency($this
->getExpectedUnauthorizedEntityAccessCacheability(FALSE));
$this
->assertResourceErrorResponse(403, $this
->getExpectedUnauthorizedAccessMessage('GET'), $response, $expected_cacheability
->getCacheTags(), $expected_cacheability
->getCacheContexts(), 'MISS', FALSE);
}
else {
$this
->assertResourceErrorResponse(404, 'No route found for "GET ' . $this
->getEntityResourceUrl()
->setAbsolute()
->toString() . '"', $response);
}
$this
->provisionEntityResource();
// DX: forgetting authentication: authentication provider-specific error
// response.
if (static::$auth) {
$response = $this
->request('GET', $url, $request_options);
$this
->assertResponseWhenMissingAuthentication('GET', $response);
}
$request_options[RequestOptions::HEADERS]['REST-test-auth'] = '1';
// DX: 403 when attempting to use unallowed authentication provider.
$response = $this
->request('GET', $url, $request_options);
$this
->assertResourceErrorResponse(403, 'The used authentication method is not allowed on this route.', $response);
unset($request_options[RequestOptions::HEADERS]['REST-test-auth']);
$request_options[RequestOptions::HEADERS]['REST-test-auth-global'] = '1';
// DX: 403 when attempting to use unallowed global authentication provider.
$response = $this
->request('GET', $url, $request_options);
$this
->assertResourceErrorResponse(403, 'The used authentication method is not allowed on this route.', $response);
unset($request_options[RequestOptions::HEADERS]['REST-test-auth-global']);
$request_options = NestedArray::mergeDeep($request_options, $this
->getAuthenticationRequestOptions('GET'));
// First: single format. Drupal will automatically pick the only format.
$this
->provisionEntityResource(TRUE);
$expected_403_cacheability = $this
->getExpectedUnauthorizedAccessCacheability()
->addCacheableDependency($this
->getExpectedUnauthorizedEntityAccessCacheability(static::$auth !== FALSE));
// DX: 403 because unauthorized single-format route, ?_format is omittable.
$url
->setOption('query', []);
$response = $this
->request('GET', $url, $request_options);
if ($has_canonical_url) {
$this
->assertSame(403, $response
->getStatusCode());
$this
->assertSame([
'text/html; charset=UTF-8',
], $response
->getHeader('Content-Type'));
}
else {
$this
->assertResourceErrorResponse(403, FALSE, $response, $expected_403_cacheability
->getCacheTags(), $expected_403_cacheability
->getCacheContexts(), static::$auth ? FALSE : 'MISS', FALSE);
}
$this
->assertSame(static::$auth ? [] : [
'MISS',
], $response
->getHeader('X-Drupal-Cache'));
// DX: 403 because unauthorized.
$url
->setOption('query', [
'_format' => static::$format,
]);
$response = $this
->request('GET', $url, $request_options);
$this
->assertResourceErrorResponse(403, FALSE, $response, $expected_403_cacheability
->getCacheTags(), $expected_403_cacheability
->getCacheContexts(), static::$auth ? FALSE : 'MISS', FALSE);
// Then, what we'll use for the remainder of the test: multiple formats.
$this
->provisionEntityResource();
// DX: 406 because despite unauthorized, ?_format is not omittable.
$url
->setOption('query', []);
$response = $this
->request('GET', $url, $request_options);
if ($has_canonical_url) {
$this
->assertSame(403, $response
->getStatusCode());
$this
->assertSame([
'HIT',
], $response
->getHeader('X-Drupal-Dynamic-Cache'));
}
else {
$this
->assertSame(406, $response
->getStatusCode());
$this
->assertSame([
'UNCACHEABLE',
], $response
->getHeader('X-Drupal-Dynamic-Cache'));
}
$this
->assertSame([
'text/html; charset=UTF-8',
], $response
->getHeader('Content-Type'));
$this
->assertSame(static::$auth ? [] : [
'MISS',
], $response
->getHeader('X-Drupal-Cache'));
// DX: 403 because unauthorized.
$url
->setOption('query', [
'_format' => static::$format,
]);
$response = $this
->request('GET', $url, $request_options);
$this
->assertResourceErrorResponse(403, $this
->getExpectedUnauthorizedAccessMessage('GET'), $response, $expected_403_cacheability
->getCacheTags(), $expected_403_cacheability
->getCacheContexts(), static::$auth ? FALSE : 'MISS', FALSE);
$this
->assertArrayNotHasKey('Link', $response
->getHeaders());
$this
->setUpAuthorization('GET');
// 200 for well-formed HEAD request.
$response = $this
->request('HEAD', $url, $request_options);
$is_cacheable_by_dynamic_page_cache = empty(array_intersect([
'user',
'session',
], $this
->getExpectedCacheContexts()));
$this
->assertResourceResponse(200, '', $response, $this
->getExpectedCacheTags(), $this
->getExpectedCacheContexts(), static::$auth ? FALSE : 'MISS', $is_cacheable_by_dynamic_page_cache ? 'MISS' : 'UNCACHEABLE');
$head_headers = $response
->getHeaders();
// 200 for well-formed GET request. Page Cache hit because of HEAD request.
// Same for Dynamic Page Cache hit.
$response = $this
->request('GET', $url, $request_options);
$this
->assertResourceResponse(200, FALSE, $response, $this
->getExpectedCacheTags(), $this
->getExpectedCacheContexts(), static::$auth ? FALSE : 'HIT', $is_cacheable_by_dynamic_page_cache ? static::$auth ? 'HIT' : 'MISS' : 'UNCACHEABLE');
// Assert that Dynamic Page Cache did not store a ResourceResponse object,
// which needs serialization after every cache hit. Instead, it should
// contain a flattened response. Otherwise performance suffers.
// @see \Drupal\rest\EventSubscriber\ResourceResponseSubscriber::flattenResponse()
$cache_items = $this->container
->get('database')
->select('cache_dynamic_page_cache', 'c')
->fields('c', [
'cid',
'data',
])
->condition('c.cid', '%[route]=rest.%', 'LIKE')
->execute()
->fetchAllAssoc('cid');
if (!$is_cacheable_by_dynamic_page_cache) {
$this
->assertCount(0, $cache_items);
}
else {
$this
->assertCount(2, $cache_items);
$found_cache_redirect = FALSE;
$found_cached_200_response = FALSE;
$other_cached_responses_are_4xx = TRUE;
foreach ($cache_items as $cid => $cache_item) {
$cached_data = unserialize($cache_item->data);
if (!isset($cached_data['#cache_redirect'])) {
$cached_response = $cached_data['#response'];
if ($cached_response
->getStatusCode() === 200) {
$found_cached_200_response = TRUE;
}
elseif (!$cached_response
->isClientError()) {
$other_cached_responses_are_4xx = FALSE;
}
$this
->assertNotInstanceOf(ResourceResponseInterface::class, $cached_response);
$this
->assertInstanceOf(CacheableResponseInterface::class, $cached_response);
}
else {
$found_cache_redirect = TRUE;
}
}
$this
->assertTrue($found_cache_redirect);
$this
->assertTrue($found_cached_200_response);
$this
->assertTrue($other_cached_responses_are_4xx);
}
// Sort the serialization data first so we can do an identical comparison
// for the keys with the array order the same (it needs to match with
// identical comparison).
$expected = $this
->getExpectedNormalizedEntity();
static::recursiveKSort($expected);
$actual = $this->serializer
->decode((string) $response
->getBody(), static::$format);
static::recursiveKSort($actual);
$this
->assertEqualsCanonicalizing($expected, $actual);
// Not only assert the normalization, also assert deserialization of the
// response results in the expected object.
// Note: deserialization of the XML format is not supported, so only test
// this for other formats.
if (static::$format !== 'xml') {
$unserialized = $this->serializer
->deserialize((string) $response
->getBody(), get_class($this->entity), static::$format);
$this
->assertSame($unserialized
->uuid(), $this->entity
->uuid());
}
// Finally, assert that the expected 'Link' headers are present.
if ($this->entity
->getEntityType()
->getLinkTemplates()) {
$this
->assertArrayHasKey('Link', $response
->getHeaders());
$link_relation_type_manager = $this->container
->get('plugin.manager.link_relation_type');
$expected_link_relation_headers = array_map(function ($relation_name) use ($link_relation_type_manager) {
$link_relation_type = $link_relation_type_manager
->createInstance($relation_name);
return $link_relation_type
->isRegistered() ? $link_relation_type
->getRegisteredName() : $link_relation_type
->getExtensionUri();
}, array_keys($this->entity
->getEntityType()
->getLinkTemplates()));
$parse_rel_from_link_header = function ($value) use ($link_relation_type_manager) {
$matches = [];
if (preg_match('/rel="([^"]+)"/', $value, $matches) === 1) {
return $matches[1];
}
return FALSE;
};
$this
->assertSame($expected_link_relation_headers, array_map($parse_rel_from_link_header, $response
->getHeader('Link')));
}
$get_headers = $response
->getHeaders();
// Verify that the GET and HEAD responses are the same. The only difference
// is that there's no body. For this reason the 'Transfer-Encoding' and
// 'Vary' headers are also added to the list of headers to ignore, as they
// may be added to GET requests, depending on web server configuration. They
// are usually 'Transfer-Encoding: chunked' and 'Vary: Accept-Encoding'.
$ignored_headers = [
'Date',
'Content-Length',
'X-Drupal-Cache',
'X-Drupal-Dynamic-Cache',
'Transfer-Encoding',
'Vary',
];
$header_cleaner = function ($headers) use ($ignored_headers) {
foreach ($headers as $header => $value) {
if (strpos($header, 'X-Drupal-Assertion-') === 0 || in_array($header, $ignored_headers)) {
unset($headers[$header]);
}
}
return $headers;
};
$get_headers = $header_cleaner($get_headers);
$head_headers = $header_cleaner($head_headers);
$this
->assertSame($get_headers, $head_headers);
$this->resourceConfigStorage
->load(static::$resourceConfigId)
->disable()
->save();
$this
->refreshTestStateAfterRestConfigChange();
// DX: upon disabling a resource, it's immediately no longer available.
$this
->assertResourceNotAvailable($url, $request_options);
$this->resourceConfigStorage
->load(static::$resourceConfigId)
->enable()
->save();
$this
->refreshTestStateAfterRestConfigChange();
// DX: upon re-enabling a resource, immediate 200.
$response = $this
->request('GET', $url, $request_options);
$this
->assertResourceResponse(200, FALSE, $response, $this
->getExpectedCacheTags(), $this
->getExpectedCacheContexts(), static::$auth ? FALSE : 'MISS', $is_cacheable_by_dynamic_page_cache ? 'MISS' : 'UNCACHEABLE');
$this->resourceConfigStorage
->load(static::$resourceConfigId)
->delete();
$this
->refreshTestStateAfterRestConfigChange();
// DX: upon deleting a resource, it's immediately no longer available.
$this
->assertResourceNotAvailable($url, $request_options);
$this
->provisionEntityResource();
$url
->setOption('query', [
'_format' => 'non_existing_format',
]);
// DX: 406 when requesting unsupported format.
$response = $this
->request('GET', $url, $request_options);
$this
->assert406Response($response);
$this
->assertSame([
'text/plain; charset=UTF-8',
], $response
->getHeader('Content-Type'));
$request_options[RequestOptions::HEADERS]['Accept'] = static::$mimeType;
// DX: 406 when requesting unsupported format but specifying Accept header:
// should result in a text/plain response.
$response = $this
->request('GET', $url, $request_options);
$this
->assert406Response($response);
$this
->assertSame([
'text/plain; charset=UTF-8',
], $response
->getHeader('Content-Type'));
$url = Url::fromRoute('rest.entity.' . static::$entityTypeId . '.GET');
$url
->setRouteParameter(static::$entityTypeId, 987654321);
$url
->setOption('query', [
'_format' => static::$format,
]);
// DX: 404 when GETting non-existing entity.
$response = $this
->request('GET', $url, $request_options);
$path = str_replace('987654321', '{' . static::$entityTypeId . '}', $url
->setAbsolute()
->setOptions([
'base_url' => '',
'query' => [],
])
->toString());
$message = 'The "' . static::$entityTypeId . '" parameter was not converted for the path "' . $path . '" (route name: "rest.entity.' . static::$entityTypeId . '.GET")';
$this
->assertResourceErrorResponse(404, $message, $response);
}
/**
* Transforms a normalization: casts all non-string types to strings.
*
* @param array $normalization
* A normalization to transform.
*
* @return array
* The transformed normalization.
*/
protected static function castToString(array $normalization) {
foreach ($normalization as $key => $value) {
if (is_bool($value)) {
$normalization[$key] = (string) (int) $value;
}
elseif (is_int($value) || is_float($value)) {
$normalization[$key] = (string) $value;
}
elseif (is_array($value)) {
$normalization[$key] = static::castToString($value);
}
}
return $normalization;
}
/**
* Tests a POST request for an entity, plus edge cases to ensure good DX.
*/
public function testPost() {
// @todo Remove this in https://www.drupal.org/node/2300677.
if ($this->entity instanceof ConfigEntityInterface) {
$this
->markTestSkipped('POSTing config entities is not yet supported.');
}
$this
->initAuthentication();
$has_canonical_url = $this->entity
->hasLinkTemplate('canonical');
// Try with all of the following request bodies.
$unparseable_request_body = '!{>}<';
$parseable_valid_request_body = $this->serializer
->encode($this
->getNormalizedPostEntity(), static::$format);
$parseable_invalid_request_body = $this->serializer
->encode($this
->makeNormalizationInvalid($this
->getNormalizedPostEntity(), 'label'), static::$format);
$parseable_invalid_request_body_2 = $this->serializer
->encode($this
->getNormalizedPostEntity() + [
'uuid' => [
$this
->randomMachineName(129),
],
], static::$format);
$parseable_invalid_request_body_3 = $this->serializer
->encode($this
->getNormalizedPostEntity() + [
'field_rest_test' => [
[
'value' => $this
->randomString(),
],
],
], static::$format);
// The URL and Guzzle request options that will be used in this test. The
// request options will be modified/expanded throughout this test:
// - to first test all mistakes a developer might make, and assert that the
// error responses provide a good DX
// - to eventually result in a well-formed request that succeeds.
$url = $this
->getEntityResourcePostUrl();
$request_options = [];
// DX: 404 when resource not provisioned. HTML response because missing
// ?_format query string.
$response = $this
->request('POST', $url, $request_options);
$this
->assertSame(404, $response
->getStatusCode());
$this
->assertSame([
'text/html; charset=UTF-8',
], $response
->getHeader('Content-Type'));
$url
->setOption('query', [
'_format' => static::$format,
]);
// DX: 404 when resource not provisioned.
$response = $this
->request('POST', $url, $request_options);
$this
->assertResourceErrorResponse(404, 'No route found for "POST ' . $this
->getEntityResourcePostUrl()
->setAbsolute()
->toString() . '"', $response);
$this
->provisionEntityResource();
// Simulate the developer again forgetting the ?_format query string.
$url
->setOption('query', []);
// DX: 415 when no Content-Type request header. HTML response because
// missing ?_format query string.
$response = $this
->request('POST', $url, $request_options);
$this
->assertSame(415, $response
->getStatusCode());
$this
->assertSame([
'text/html; charset=UTF-8',
], $response
->getHeader('Content-Type'));
$this
->assertStringContainsString('A client error happened', (string) $response
->getBody());
$url
->setOption('query', [
'_format' => static::$format,
]);
// DX: 415 when no Content-Type request header.
$response = $this
->request('POST', $url, $request_options);
$this
->assertResourceErrorResponse(415, 'No "Content-Type" request header specified', $response);
$request_options[RequestOptions::HEADERS]['Content-Type'] = static::$mimeType;
if (static::$auth) {
// DX: forgetting authentication: authentication provider-specific error
// response.
$response = $this
->request('POST', $url, $request_options);
$this
->assertResponseWhenMissingAuthentication('POST', $response);
}
$request_options = NestedArray::mergeDeep($request_options, $this
->getAuthenticationRequestOptions('POST'));
// DX: 403 when unauthorized.
$response = $this
->request('POST', $url, $request_options);
$this
->assertResourceErrorResponse(403, $this
->getExpectedUnauthorizedAccessMessage('POST'), $response);
$this
->setUpAuthorization('POST');
// DX: 400 when no request body.
$response = $this
->request('POST', $url, $request_options);
$this
->assertResourceErrorResponse(400, 'No entity content received.', $response);
$request_options[RequestOptions::BODY] = $unparseable_request_body;
// DX: 400 when unparseable request body.
$response = $this
->request('POST', $url, $request_options);
$this
->assertResourceErrorResponse(400, 'Syntax error', $response);
$request_options[RequestOptions::BODY] = $parseable_invalid_request_body;
// DX: 422 when invalid entity: multiple values sent for single-value field.
$response = $this
->request('POST', $url, $request_options);
if ($label_field = $this->entity
->getEntityType()
->hasKey('label') ? $this->entity
->getEntityType()
->getKey('label') : static::$labelFieldName) {
$label_field_capitalized = $this->entity
->getFieldDefinition($label_field)
->getLabel();
$this
->assertResourceErrorResponse(422, "Unprocessable Entity: validation failed.\n{$label_field}: {$label_field_capitalized}: this field cannot hold more than 1 values.\n", $response);
}
$request_options[RequestOptions::BODY] = $parseable_invalid_request_body_2;
// DX: 422 when invalid entity: UUID field too long.
// @todo Fix this in https://www.drupal.org/node/2149851.
if ($this->entity
->getEntityType()
->hasKey('uuid')) {
$response = $this
->request('POST', $url, $request_options);
$this
->assertResourceErrorResponse(422, "Unprocessable Entity: validation failed.\nuuid.0.value: UUID: may not be longer than 128 characters.\n", $response);
}
$request_options[RequestOptions::BODY] = $parseable_invalid_request_body_3;
// DX: 403 when entity contains field without 'edit' access.
$response = $this
->request('POST', $url, $request_options);
$this
->assertResourceErrorResponse(403, "Access denied on creating field 'field_rest_test'.", $response);
$request_options[RequestOptions::BODY] = $parseable_valid_request_body;
// Before sending a well-formed request, allow the normalization and
// authentication provider edge cases to also be tested.
$this
->assertNormalizationEdgeCases('POST', $url, $request_options);
$this
->assertAuthenticationEdgeCases('POST', $url, $request_options);
$request_options[RequestOptions::HEADERS]['Content-Type'] = 'text/xml';
// DX: 415 when request body in existing but not allowed format.
$response = $this
->request('POST', $url, $request_options);
$this
->assertResourceErrorResponse(415, 'No route found that matches "Content-Type: text/xml"', $response);
$request_options[RequestOptions::HEADERS]['Content-Type'] = static::$mimeType;
// 201 for well-formed request.
$response = $this
->request('POST', $url, $request_options);
$this
->assertResourceResponse(201, FALSE, $response);
if ($has_canonical_url) {
$location = $this->entityStorage
->load(static::$firstCreatedEntityId)
->toUrl('canonical')
->setAbsolute(TRUE)
->toString();
$this
->assertSame([
$location,
], $response
->getHeader('Location'));
}
else {
$this
->assertSame([], $response
->getHeader('Location'));
}
$this
->assertFalse($response
->hasHeader('X-Drupal-Cache'));
// If the entity is stored, perform extra checks.
if (get_class($this->entityStorage) !== ContentEntityNullStorage::class) {
// Assert that the entity was indeed created, and that the response body
// contains the serialized created entity.
$created_entity = $this->entityStorage
->loadUnchanged(static::$firstCreatedEntityId);
$created_entity_normalization = $this->serializer
->normalize($created_entity, static::$format, [
'account' => $this->account,
]);
$this
->assertSame($created_entity_normalization, $this->serializer
->decode((string) $response
->getBody(), static::$format));
$this
->assertStoredEntityMatchesSentNormalization($this
->getNormalizedPostEntity(), $created_entity);
}
if ($this->entity
->getEntityType()
->getStorageClass() !== ContentEntityNullStorage::class && $this->entity
->getEntityType()
->hasKey('uuid')) {
// 500 when creating an entity with a duplicate UUID.
$normalized_entity = $this
->getModifiedEntityForPostTesting();
$normalized_entity[$created_entity
->getEntityType()
->getKey('uuid')] = [
[
'value' => $created_entity
->uuid(),
],
];
if ($label_field) {
$normalized_entity[$label_field] = [
[
'value' => $this
->randomMachineName(),
],
];
}
$request_options[RequestOptions::BODY] = $this->serializer
->encode($normalized_entity, static::$format);
$response = $this
->request('POST', $url, $request_options);
$this
->assertSame(500, $response
->getStatusCode());
$this
->assertStringContainsString('Internal Server Error', (string) $response
->getBody());
// 201 when successfully creating an entity with a new UUID.
$normalized_entity = $this
->getModifiedEntityForPostTesting();
$new_uuid = \Drupal::service('uuid')
->generate();
$normalized_entity[$created_entity
->getEntityType()
->getKey('uuid')] = [
[
'value' => $new_uuid,
],
];
if ($label_field) {
$normalized_entity[$label_field] = [
[
'value' => $this
->randomMachineName(),
],
];
}
$request_options[RequestOptions::BODY] = $this->serializer
->encode($normalized_entity, static::$format);
$response = $this
->request('POST', $url, $request_options);
$this
->assertResourceResponse(201, FALSE, $response);
$entities = $this->entityStorage
->loadByProperties([
$created_entity
->getEntityType()
->getKey('uuid') => $new_uuid,
]);
$new_entity = reset($entities);
$this
->assertNotNull($new_entity);
$new_entity
->delete();
}
}
/**
* Tests a PATCH request for an entity, plus edge cases to ensure good DX.
*/
public function testPatch() {
// @todo Remove this in https://www.drupal.org/node/2300677.
if ($this->entity instanceof ConfigEntityInterface) {
$this
->markTestSkipped('PATCHing config entities is not yet supported.');
}
// Patch testing requires that another entity of the same type exists.
$this->anotherEntity = $this
->createAnotherEntity();
$this
->initAuthentication();
$has_canonical_url = $this->entity
->hasLinkTemplate('canonical');
// Try with all of the following request bodies.
$unparseable_request_body = '!{>}<';
$parseable_valid_request_body = $this->serializer
->encode($this
->getNormalizedPatchEntity(), static::$format);
$parseable_invalid_request_body = $this->serializer
->encode($this
->makeNormalizationInvalid($this
->getNormalizedPatchEntity(), 'label'), static::$format);
$parseable_invalid_request_body_2 = $this->serializer
->encode($this
->getNormalizedPatchEntity() + [
'field_rest_test' => [
[
'value' => $this
->randomString(),
],
],
], static::$format);
// The 'field_rest_test' field does not allow 'view' access, so does not end
// up in the normalization. Even when we explicitly add it the normalization
// that we send in the body of a PATCH request, it is considered invalid.
$parseable_invalid_request_body_3 = $this->serializer
->encode($this
->getNormalizedPatchEntity() + [
'field_rest_test' => $this->entity
->get('field_rest_test')
->getValue(),
], static::$format);
// The URL and Guzzle request options that will be used in this test. The
// request options will be modified/expanded throughout this test:
// - to first test all mistakes a developer might make, and assert that the
// error responses provide a good DX
// - to eventually result in a well-formed request that succeeds.
$url = $this
->getEntityResourceUrl();
$request_options = [];
// DX: 404 when resource not provisioned, 405 if canonical route. Plain text
// or HTML response because missing ?_format query string.
$response = $this
->request('PATCH', $url, $request_options);
if ($has_canonical_url) {
$this
->assertSame(405, $response
->getStatusCode());
$this
->assertSame([
'GET, POST, HEAD',
], $response
->getHeader('Allow'));
$this
->assertSame([
'text/html; charset=UTF-8',
], $response
->getHeader('Content-Type'));
$this
->assertStringContainsString('A client error happened', (string) $response
->getBody());
}
else {
$this
->assertSame(404, $response
->getStatusCode());
$this
->assertSame([
'text/html; charset=UTF-8',
], $response
->getHeader('Content-Type'));
}
$url
->setOption('query', [
'_format' => static::$format,
]);
// DX: 404 when resource not provisioned, 405 if canonical route.
$response = $this
->request('PATCH', $url, $request_options);
if ($has_canonical_url) {
$this
->assertResourceErrorResponse(405, 'No route found for "PATCH ' . $this
->getEntityResourceUrl()
->setAbsolute()
->toString() . '": Method Not Allowed (Allow: GET, POST, HEAD)', $response);
}
else {
$this
->assertResourceErrorResponse(404, 'No route found for "PATCH ' . $this
->getEntityResourceUrl()
->setAbsolute()
->toString() . '"', $response);
}
$this
->provisionEntityResource();
// Simulate the developer again forgetting the ?_format query string.
$url
->setOption('query', []);
// DX: 415 when no Content-Type request header.
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertSame(415, $response
->getStatusCode());
$this
->assertSame([
'text/html; charset=UTF-8',
], $response
->getHeader('Content-Type'));
$this
->assertStringContainsString('A client error happened', (string) $response
->getBody());
$url
->setOption('query', [
'_format' => static::$format,
]);
// DX: 415 when no Content-Type request header.
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceErrorResponse(415, 'No "Content-Type" request header specified', $response);
$request_options[RequestOptions::HEADERS]['Content-Type'] = static::$mimeType;
if (static::$auth) {
// DX: forgetting authentication: authentication provider-specific error
// response.
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResponseWhenMissingAuthentication('PATCH', $response);
}
$request_options = NestedArray::mergeDeep($request_options, $this
->getAuthenticationRequestOptions('PATCH'));
// DX: 403 when unauthorized.
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceErrorResponse(403, $this
->getExpectedUnauthorizedAccessMessage('PATCH'), $response);
$this
->setUpAuthorization('PATCH');
// DX: 400 when no request body.
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceErrorResponse(400, 'No entity content received.', $response);
$request_options[RequestOptions::BODY] = $unparseable_request_body;
// DX: 400 when unparseable request body.
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceErrorResponse(400, 'Syntax error', $response);
$request_options[RequestOptions::BODY] = $parseable_invalid_request_body;
// DX: 422 when invalid entity: multiple values sent for single-value field.
$response = $this
->request('PATCH', $url, $request_options);
if ($label_field = $this->entity
->getEntityType()
->hasKey('label') ? $this->entity
->getEntityType()
->getKey('label') : static::$labelFieldName) {
$label_field_capitalized = $this->entity
->getFieldDefinition($label_field)
->getLabel();
$this
->assertResourceErrorResponse(422, "Unprocessable Entity: validation failed.\n{$label_field}: {$label_field_capitalized}: this field cannot hold more than 1 values.\n", $response);
}
$request_options[RequestOptions::BODY] = $parseable_invalid_request_body_2;
// DX: 403 when entity contains field without 'edit' access.
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceErrorResponse(403, "Access denied on updating field 'field_rest_test'.", $response);
// DX: 403 when entity trying to update an entity's ID field.
$request_options[RequestOptions::BODY] = $this->serializer
->encode($this
->makeNormalizationInvalid($this
->getNormalizedPatchEntity(), 'id'), static::$format);
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceErrorResponse(403, "Access denied on updating field '{$this->entity->getEntityType()->getKey('id')}'. The entity ID cannot be changed.", $response);
if ($this->entity
->getEntityType()
->hasKey('uuid')) {
// DX: 403 when entity trying to update an entity's UUID field.
$request_options[RequestOptions::BODY] = $this->serializer
->encode($this
->makeNormalizationInvalid($this
->getNormalizedPatchEntity(), 'uuid'), static::$format);
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceErrorResponse(403, "Access denied on updating field '{$this->entity->getEntityType()->getKey('uuid')}'. The entity UUID cannot be changed.", $response);
}
$request_options[RequestOptions::BODY] = $parseable_invalid_request_body_3;
// DX: 403 when entity contains field without 'edit' nor 'view' access, even
// when the value for that field matches the current value. This is allowed
// in principle, but leads to information disclosure.
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceErrorResponse(403, "Access denied on updating field 'field_rest_test'.", $response);
// DX: 403 when sending PATCH request with updated read-only fields.
$this
->assertPatchProtectedFieldNamesStructure();
[
$modified_entity,
$original_values,
] = static::getModifiedEntityForPatchTesting($this->entity);
// Send PATCH request by serializing the modified entity, assert the error
// response, change the modified entity field that caused the error response
// back to its original value, repeat.
foreach (static::$patchProtectedFieldNames as $patch_protected_field_name => $reason) {
$request_options[RequestOptions::BODY] = $this->serializer
->serialize($modified_entity, static::$format);
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceErrorResponse(403, "Access denied on updating field '" . $patch_protected_field_name . "'." . ($reason !== NULL ? ' ' . $reason : ''), $response);
$modified_entity
->get($patch_protected_field_name)
->setValue($original_values[$patch_protected_field_name]);
}
if ($this->entity instanceof FieldableEntityInterface) {
// Change the rest_test_validation field to prove that then its validation
// does run.
$override = [
'rest_test_validation' => [
[
'value' => 'ALWAYS_FAIL',
],
],
];
$valid_request_body = $override + $this
->getNormalizedPatchEntity() + $this->serializer
->normalize($modified_entity, static::$format);
$request_options[RequestOptions::BODY] = $this->serializer
->serialize($valid_request_body, static::$format);
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceErrorResponse(422, "Unprocessable Entity: validation failed.\nrest_test_validation: REST test validation failed\n", $response);
// Set the rest_test_validation field to always fail validation, which
// allows asserting that not modifying that field does not trigger
// validation errors.
$this->entity
->set('rest_test_validation', 'ALWAYS_FAIL');
$this->entity
->save();
// Information disclosure prevented: when a malicious user correctly
// guesses the current invalid value of a field, ensure a 200 is not sent
// because this would disclose to the attacker what the current value is.
// @see rest_test_entity_field_access()
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceErrorResponse(422, "Unprocessable Entity: validation failed.\nrest_test_validation: REST test validation failed\n", $response);
// All requests after the above one will not include this field (neither
// its current value nor any other), and therefore all subsequent test
// assertions should not trigger a validation error.
}
// 200 for well-formed PATCH request that sends all fields (even including
// read-only ones, but with unchanged values).
$valid_request_body = $this
->getNormalizedPatchEntity() + $this->serializer
->normalize($this->entity, static::$format);
$request_options[RequestOptions::BODY] = $this->serializer
->serialize($valid_request_body, static::$format);
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceResponse(200, FALSE, $response);
$request_options[RequestOptions::BODY] = $parseable_valid_request_body;
// Before sending a well-formed request, allow the normalization and
// authentication provider edge cases to also be tested.
$this
->assertNormalizationEdgeCases('PATCH', $url, $request_options);
$this
->assertAuthenticationEdgeCases('PATCH', $url, $request_options);
$request_options[RequestOptions::HEADERS]['Content-Type'] = 'text/xml';
// DX: 415 when request body in existing but not allowed format.
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceErrorResponse(415, 'No route found that matches "Content-Type: text/xml"', $response);
$request_options[RequestOptions::HEADERS]['Content-Type'] = static::$mimeType;
// 200 for well-formed request.
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceResponse(200, FALSE, $response);
$this
->assertFalse($response
->hasHeader('X-Drupal-Cache'));
// Assert that the entity was indeed updated, and that the response body
// contains the serialized updated entity.
$updated_entity = $this->entityStorage
->loadUnchanged($this->entity
->id());
$updated_entity_normalization = $this->serializer
->normalize($updated_entity, static::$format, [
'account' => $this->account,
]);
$this
->assertSame($updated_entity_normalization, $this->serializer
->decode((string) $response
->getBody(), static::$format));
$this
->assertStoredEntityMatchesSentNormalization($this
->getNormalizedPatchEntity(), $updated_entity);
// Ensure that fields do not get deleted if they're not present in the PATCH
// request. Test this using the configurable field that we added, but which
// is not sent in the PATCH request.
$this
->assertSame('All the faith they had had had had no effect on the outcome of their life.', $updated_entity
->get('field_rest_test')->value);
// Multi-value field: remove item 0. Then item 1 becomes item 0.
$normalization_multi_value_tests = $this
->getNormalizedPatchEntity();
$normalization_multi_value_tests['field_rest_test_multivalue'] = $this->entity
->get('field_rest_test_multivalue')
->getValue();
$normalization_remove_item = $normalization_multi_value_tests;
unset($normalization_remove_item['field_rest_test_multivalue'][0]);
$request_options[RequestOptions::BODY] = $this->serializer
->encode($normalization_remove_item, static::$format);
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceResponse(200, FALSE, $response);
$this
->assertSame([
0 => [
'value' => 'Two',
],
], $this->entityStorage
->loadUnchanged($this->entity
->id())
->get('field_rest_test_multivalue')
->getValue());
// Multi-value field: add one item before the existing one, and one after.
$normalization_add_items = $normalization_multi_value_tests;
$normalization_add_items['field_rest_test_multivalue'][2] = [
'value' => 'Three',
];
$request_options[RequestOptions::BODY] = $this->serializer
->encode($normalization_add_items, static::$format);
$response = $this
->request('PATCH', $url, $request_options);
$this
->assertResourceResponse(200, FALSE, $response);
$this
->assertSame([
0 => [
'value' => 'One',
],
1 => [
'value' => 'Two',
],
2 => [
'value' => 'Three',
],
], $this->entityStorage
->loadUnchanged($this->entity
->id())
->get('field_rest_test_multivalue')
->getValue());
}
/**
* Tests a DELETE request for an entity, plus edge cases to ensure good DX.
*/
public function testDelete() {
// @todo Remove this in https://www.drupal.org/node/2300677.
if ($this->entity instanceof ConfigEntityInterface) {
$this
->markTestSkipped('DELETEing config entities is not yet supported.');
}
$this
->initAuthentication();
$has_canonical_url = $this->entity
->hasLinkTemplate('canonical');
// The URL and Guzzle request options that will be used in this test. The
// request options will be modified/expanded throughout this test:
// - to first test all mistakes a developer might make, and assert that the
// error responses provide a good DX
// - to eventually result in a well-formed request that succeeds.
$url = $this
->getEntityResourceUrl();
$request_options = [];
// DX: 404 when resource not provisioned, but 405 if canonical route. Plain
// text or HTML response because missing ?_format query string.
$response = $this
->request('DELETE', $url, $request_options);
if ($has_canonical_url) {
$this
->assertSame(405, $response
->getStatusCode());
$this
->assertSame([
'GET, POST, HEAD',
], $response
->getHeader('Allow'));
$this
->assertSame([
'text/html; charset=UTF-8',
], $response
->getHeader('Content-Type'));
$this
->assertStringContainsString('A client error happened', (string) $response
->getBody());
}
else {
$this
->assertSame(404, $response
->getStatusCode());
$this
->assertSame([
'text/html; charset=UTF-8',
], $response
->getHeader('Content-Type'));
}
$url
->setOption('query', [
'_format' => static::$format,
]);
// DX: 404 when resource not provisioned, 405 if canonical route.
$response = $this
->request('DELETE', $url, $request_options);
if ($has_canonical_url) {
$this
->assertSame([
'GET, POST, HEAD',
], $response
->getHeader('Allow'));
$this
->assertResourceErrorResponse(405, 'No route found for "DELETE ' . $this
->getEntityResourceUrl()
->setAbsolute()
->toString() . '": Method Not Allowed (Allow: GET, POST, HEAD)', $response);
}
else {
$this
->assertResourceErrorResponse(404, 'No route found for "DELETE ' . $this
->getEntityResourceUrl()
->setAbsolute()
->toString() . '"', $response);
}
$this
->provisionEntityResource();
if (static::$auth) {
// DX: forgetting authentication: authentication provider-specific error
// response.
$response = $this
->request('DELETE', $url, $request_options);
$this
->assertResponseWhenMissingAuthentication('DELETE', $response);
}
$request_options = NestedArray::mergeDeep($request_options, $this
->getAuthenticationRequestOptions('PATCH'));
// DX: 403 when unauthorized.
$response = $this
->request('DELETE', $url, $request_options);
$this
->assertResourceErrorResponse(403, $this
->getExpectedUnauthorizedAccessMessage('DELETE'), $response);
$this
->setUpAuthorization('DELETE');
// Before sending a well-formed request, allow the authentication provider's
// edge cases to also be tested.
$this
->assertAuthenticationEdgeCases('DELETE', $url, $request_options);
// 204 for well-formed request.
$response = $this
->request('DELETE', $url, $request_options);
$this
->assertResourceResponse(204, '', $response);
}
/**
* {@inheritdoc}
*/
protected function assertNormalizationEdgeCases($method, Url $url, array $request_options) {
// \Drupal\serialization\Normalizer\EntityNormalizer::denormalize(): entity
// types with bundles MUST send their bundle field to be denormalizable.
$entity_type = $this->entity
->getEntityType();
if ($entity_type
->hasKey('bundle')) {
$bundle_field_name = $this->entity
->getEntityType()
->getKey('bundle');
$normalization = $this
->getNormalizedPostEntity();
// The bundle type itself can be validated only if there's a bundle entity
// type.
if ($entity_type
->getBundleEntityType()) {
$normalization[$bundle_field_name] = 'bad_bundle_name';
$request_options[RequestOptions::BODY] = $this->serializer
->encode($normalization, static::$format);
// DX: 422 when incorrect entity type bundle is specified.
$response = $this
->request($method, $url, $request_options);
$this
->assertResourceErrorResponse(422, '"bad_bundle_name" is not a valid bundle type for denormalization.', $response);
}
unset($normalization[$bundle_field_name]);
$request_options[RequestOptions::BODY] = $this->serializer
->encode($normalization, static::$format);
// DX: 422 when no entity type bundle is specified.
$response = $this
->request($method, $url, $request_options);
$this
->assertResourceErrorResponse(422, sprintf('Could not determine entity type bundle: "%s" field is missing.', $bundle_field_name), $response);
}
}
/**
* Asserts structure of $patchProtectedFieldNames.
*/
protected function assertPatchProtectedFieldNamesStructure() {
$is_null_or_string = function ($value) {
return is_null($value) || is_string($value);
};
$this
->assertTrue(Inspector::assertAllStrings(array_keys(static::$patchProtectedFieldNames)), 'In Drupal 8.6, the structure of $patchProtectedFieldNames changed. It used to be an array with field names as values. Now those values are the keys, and their values should be either NULL or a string: a string containing the reason for why the field cannot be PATCHed, or NULL otherwise.');
$this
->assertTrue(Inspector::assertAll($is_null_or_string, static::$patchProtectedFieldNames), 'In Drupal 8.6, the structure of $patchProtectedFieldNames changed. It used to be an array with field names as values. Now those values are the keys, and their values should be either NULL or a string: a string containing the reason for why the field cannot be PATCHed, or NULL otherwise.');
}
/**
* Gets an entity resource's GET/PATCH/DELETE URL.
*
* @return \Drupal\Core\Url
* The URL to GET/PATCH/DELETE.
*/
protected function getEntityResourceUrl() {
$has_canonical_url = $this->entity
->hasLinkTemplate('canonical');
// Note that the 'canonical' link relation type must be specified explicitly
// in the call to ::toUrl(). 'canonical' is the default for
// \Drupal\Core\Entity\Entity::toUrl(), but ConfigEntityBase overrides this.
return $has_canonical_url ? $this->entity
->toUrl('canonical') : Url::fromUri('base:entity/' . static::$entityTypeId . '/' . $this->entity
->id());
}
/**
* Gets an entity resource's POST URL.
*
* @return \Drupal\Core\Url
* The URL to POST to.
*/
protected function getEntityResourcePostUrl() {
$has_create_url = $this->entity
->hasLinkTemplate('create');
return $has_create_url ? Url::fromUri('internal:' . $this->entity
->getEntityType()
->getLinkTemplate('create')) : Url::fromUri('base:entity/' . static::$entityTypeId);
}
/**
* Clones the given entity and modifies all PATCH-protected fields.
*
* @param \Drupal\Core\Entity\EntityInterface $entity
* The entity being tested and to modify.
*
* @return array
* Contains two items:
* 1. The modified entity object.
* 2. The original field values, keyed by field name.
*
* @internal
*/
protected static function getModifiedEntityForPatchTesting(EntityInterface $entity) {
$modified_entity = clone $entity;
$original_values = [];
foreach (array_keys(static::$patchProtectedFieldNames) as $field_name) {
$field = $modified_entity
->get($field_name);
$original_values[$field_name] = $field
->getValue();
switch ($field
->getItemDefinition()
->getClass()) {
case EntityReferenceItem::class:
// EntityReferenceItem::generateSampleValue() picks one of the last 50
// entities of the supported type & bundle. We don't care if the value
// is valid, we only care that it's different.
$field
->setValue([
'target_id' => 99999,
]);
break;
case BooleanItem::class:
// BooleanItem::generateSampleValue() picks either 0 or 1. So a 50%
// chance of not picking a different value.
$field->value = (int) $field->value === 1 ? '0' : '1';
break;
case PathItem::class:
// PathItem::generateSampleValue() doesn't set a PID, which causes
// PathItem::postSave() to fail. Keep the PID (and other properties),
// just modify the alias.
$field->alias = str_replace(' ', '-', strtolower((new Random())
->sentences(3)));
break;
default:
$original_field = clone $field;
while ($field
->equals($original_field)) {
$field
->generateSampleItems();
}
break;
}
}
return [
$modified_entity,
$original_values,
];
}
/**
* Makes the given entity normalization invalid.
*
* @param array $normalization
* An entity normalization.
* @param string $entity_key
* The entity key whose normalization to make invalid.
*
* @return array
* The updated entity normalization, now invalid.
*/
protected function makeNormalizationInvalid(array $normalization, $entity_key) {
$entity_type = $this->entity
->getEntityType();
switch ($entity_key) {
case 'label':
// Add a second label to this entity to make it invalid.
if ($label_field = $entity_type
->hasKey('label') ? $entity_type
->getKey('label') : static::$labelFieldName) {
$normalization[$label_field][1]['value'] = 'Second Title';
}
break;
case 'id':
$normalization[$entity_type
->getKey('id')][0]['value'] = $this->anotherEntity
->id();
break;
case 'uuid':
$normalization[$entity_type
->getKey('uuid')][0]['value'] = $this->anotherEntity
->uuid();
break;
}
return $normalization;
}
/**
* Asserts a 406 response… or in some cases a 403 response, because weirdness.
*
* Asserting a 406 response should be easy, but it's not, due to bugs.
*
* Drupal returns a 403 response instead of a 406 response when:
* - there is a canonical route, i.e. one that serves HTML
* - unless the user is logged in with any non-global authentication provider,
* because then they tried to access a route that requires the user to be
* authenticated, but they used an authentication provider that is only
* accepted for specific routes, and HTML routes never have such specific
* authentication providers specified. (By default, only 'cookie' is a
* global authentication provider.)
*
* @todo Remove this in https://www.drupal.org/node/2805279.
*
* @param \Psr\Http\Message\ResponseInterface $response
* The response to assert.
*/
protected function assert406Response(ResponseInterface $response) {
if ($this->entity
->hasLinkTemplate('canonical') && ($this->account && static::$auth !== 'cookie')) {
$this
->assertSame(403, $response
->getStatusCode());
}
else {
// This is the desired response.
$this
->assertSame(406, $response
->getStatusCode());
$actual_link_header = $response
->getHeader('Link');
if ($actual_link_header) {
$this
->assertIsArray($actual_link_header);
$expected_type = explode(';', static::$mimeType)[0];
$this
->assertStringContainsString('?_format=' . static::$format . '>; rel="alternate"; type="' . $expected_type . '"', $actual_link_header[0]);
$this
->assertStringContainsString('?_format=foobar>; rel="alternate"', $actual_link_header[0]);
}
}
}
/**
* Asserts that a resource is unavailable: 404, 406 if it has canonical route.
*
* @param \Drupal\Core\Url $url
* URL to request.
* @param array $request_options
* Request options to apply.
*/
protected function assertResourceNotAvailable(Url $url, array $request_options) {
$has_canonical_url = $this->entity
->hasLinkTemplate('canonical');
$response = $this
->request('GET', $url, $request_options);
if (!$has_canonical_url) {
$this
->assertSame(404, $response
->getStatusCode());
}
else {
$this
->assert406Response($response);
}
}
/**
* Asserts that the stored entity matches the sent normalization.
*
* @param array $sent_normalization
* An entity normalization.
* @param \Drupal\Core\Entity\FieldableEntityInterface $modified_entity
* The entity object of the modified (PATCHed or POSTed) entity.
*/
protected function assertStoredEntityMatchesSentNormalization(array $sent_normalization, FieldableEntityInterface $modified_entity) {
foreach ($sent_normalization as $field_name => $field_normalization) {
// Some top-level keys in the normalization may not be fields on the
// entity (for example '_links' and '_embedded' in the HAL normalization).
if ($modified_entity
->hasField($field_name)) {
$field_definition = $modified_entity
->get($field_name)
->getFieldDefinition();
$property_definitions = $field_definition
->getItemDefinition()
->getPropertyDefinitions();
$expected_stored_data = [];
// Some fields don't have any property definitions, so there's nothing
// to denormalize.
if (empty($property_definitions)) {
$expected_stored_data = $field_normalization;
}
else {
// Denormalize every sent field item property to make it possible to
// compare against the stored value.
$denormalization_context = [
'field_definition' => $field_definition,
];
foreach ($field_normalization as $delta => $expected_field_item_normalization) {
foreach ($property_definitions as $property_name => $property_definition) {
// Not every property is required to be sent.
if (!array_key_exists($property_name, $field_normalization[$delta])) {
continue;
}
// Computed properties are not stored.
if ($property_definition
->isComputed()) {
continue;
}
$property_value = $field_normalization[$delta][$property_name];
$property_value_class = $property_definitions[$property_name]
->getClass();
$expected_stored_data[$delta][$property_name] = $this->serializer
->supportsDenormalization($property_value, $property_value_class, NULL, $denormalization_context) ? $this->serializer
->denormalize($property_value, $property_value_class, NULL, $denormalization_context) : $property_value;
}
}
// Fields are stored in the database, when read they are represented
// as strings in PHP memory.
$expected_stored_data = static::castToString($expected_stored_data);
}
$this
->assertEntityArraySubset($expected_stored_data, $modified_entity
->get($field_name)
->getValue());
}
}
}
/**
* Recursively asserts that the expected items are set in the tested entity.
*
* A response may include more properties, we only need to ensure that all
* items in the request exist in the response.
*
* @param $expected
* An array of expected values, may contain further nested arrays.
* @param $actual
* The object to test.
*/
protected function assertEntityArraySubset($expected, $actual) {
foreach ($expected as $key => $value) {
if (is_array($value)) {
$this
->assertEntityArraySubset($value, $actual[$key]);
}
else {
$this
->assertSame($value, $actual[$key]);
}
}
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
BlockCreationTrait:: |
protected | function | Creates a block instance based on default settings. Aliased as: drupalPlaceBlock | |
BrowserHtmlDebugTrait:: |
protected | property | The Base URI to use for links to the output files. | |
BrowserHtmlDebugTrait:: |
protected | property | Class name for HTML output logging. | |
BrowserHtmlDebugTrait:: |
protected | property | Counter for HTML output logging. | |
BrowserHtmlDebugTrait:: |
protected | property | Counter storage for HTML output logging. | |
BrowserHtmlDebugTrait:: |
protected | property | Directory name for HTML output logging. | |
BrowserHtmlDebugTrait:: |
protected | property | HTML output enabled. | |
BrowserHtmlDebugTrait:: |
protected | property | The file name to write the list of URLs to. | |
BrowserHtmlDebugTrait:: |
protected | property | HTML output test ID. | |
BrowserHtmlDebugTrait:: |
protected | function | Formats HTTP headers as string for HTML output logging. | |
BrowserHtmlDebugTrait:: |
protected | function | Returns headers in HTML output format. | 1 |
BrowserHtmlDebugTrait:: |
protected | function | Provides a Guzzle middleware handler to log every response received. | |
BrowserHtmlDebugTrait:: |
protected | function | Logs a HTML output message in a text file. | |
BrowserHtmlDebugTrait:: |
protected | function | Creates the directory to store browser output. | |
BrowserTestBase:: |
protected | property | The base URL. | |
BrowserTestBase:: |
protected | property | The config importer that can be used in a test. | |
BrowserTestBase:: |
protected | property | An array of custom translations suitable for drupal_rewrite_settings(). | |
BrowserTestBase:: |
protected | property | The database prefix of this test run. | |
BrowserTestBase:: |
protected | property | The theme to install as the default for testing. | 525 |
BrowserTestBase:: |
protected | property | Mink session manager. | |
BrowserTestBase:: |
protected | property | Mink default driver params. | |
BrowserTestBase:: |
protected | property | Mink class for the default driver to use. | 1 |
BrowserTestBase:: |
protected | property | The original container. | |
BrowserTestBase:: |
protected | property | The original array of shutdown function callbacks. | |
BrowserTestBase:: |
protected | property | ||
BrowserTestBase:: |
protected | property | The profile to install as a basis for testing. | 14 |
BrowserTestBase:: |
protected | property | The app root. | |
BrowserTestBase:: |
protected | property | Browser tests are run in separate processes to prevent collisions between code that may be loaded by tests. | |
BrowserTestBase:: |
protected | property | Time limit in seconds for the test. | |
BrowserTestBase:: |
protected | property | The translation file directory for the test environment. | |
BrowserTestBase:: |
protected | function | Clean up the test environment. | |
BrowserTestBase:: |
protected | function | Configuration accessor for tests. Returns non-overridden configuration. | |
BrowserTestBase:: |
public static | function | Ensures test files are deletable. | |
BrowserTestBase:: |
protected | function | Gets an instance of the default Mink driver. | |
BrowserTestBase:: |
protected | function | Gets the JavaScript drupalSettings variable for the currently-loaded page. | 1 |
BrowserTestBase:: |
protected | function | Obtain the HTTP client for the system under test. | |
BrowserTestBase:: |
protected | function | Get the Mink driver args from an environment variable, if it is set. Can be overridden in a derived class so it is possible to use a different value for a subset of tests, e.g. the JavaScript tests. | 1 |
BrowserTestBase:: |
protected | function | Helper function to get the options of select field. | |
BrowserTestBase:: |
public | function | Returns Mink session. | |
BrowserTestBase:: |
protected | function | Get session cookies from current session. | |
BrowserTestBase:: |
protected | function |
Retrieves the current calling line in the class under test. Overrides BrowserHtmlDebugTrait:: |
|
BrowserTestBase:: |
protected | function | Visits the front page when initializing Mink. | 3 |
BrowserTestBase:: |
protected | function | Initializes Mink sessions. | 1 |
BrowserTestBase:: |
public | function | Installs Drupal into the test site. | 1 |
BrowserTestBase:: |
protected | function | Registers additional Mink sessions. | |
BrowserTestBase:: |
protected | function | Sets up the root application path. | |
BrowserTestBase:: |
public static | function | ||
BrowserTestBase:: |
protected | function | 2 | |
BrowserTestBase:: |
protected | function | Transforms a nested array into a flat array suitable for submitForm(). | |
BrowserTestBase:: |
protected | function | Performs an xpath search on the contents of the internal browser. | |
BrowserTestBase:: |
public | function | Prevents serializing any properties. | |
ConfigTestTrait:: |
protected | function | Returns a ConfigImporter object to import test configuration. | |
ConfigTestTrait:: |
protected | function | Copies configuration objects from source storage to target storage. | |
ContentTypeCreationTrait:: |
protected | function | Creates a custom content type based on default settings. Aliased as: drupalCreateContentType | |
EntityResourceTestBase:: |
protected | property | Another entity of the same type used for testing. | |
EntityResourceTestBase:: |
protected | property | The main entity used for testing. | 22 |
EntityResourceTestBase:: |
protected | property | The entity storage. | |
EntityResourceTestBase:: |
protected static | property | The tested entity type. | 24 |
EntityResourceTestBase:: |
protected static | property | The entity ID for the first created entity in testPost(). | 2 |
EntityResourceTestBase:: |
protected static | property | Optionally specify which field is the 'label' field. Some entities do not specify a 'label' entity key. For example: User. | 1 |
EntityResourceTestBase:: |
protected static | property |
Modules to install. Overrides ResourceTestBase:: |
24 |
EntityResourceTestBase:: |
protected static | property | The fields that are protected against modification during PATCH requests. | 11 |
EntityResourceTestBase:: |
protected static | property | The entity ID for the second created entity in testPost(). | 2 |
EntityResourceTestBase:: |
protected static | property | The fields that need a different (random) value for each new entity created by a POST request. | 1 |
EntityResourceTestBase:: |
protected | function | Asserts a 406 response… or in some cases a 403 response, because weirdness. | |
EntityResourceTestBase:: |
protected | function | Recursively asserts that the expected items are set in the tested entity. | |
EntityResourceTestBase:: |
protected | function |
Asserts normalization-specific edge cases. Overrides ResourceTestBase:: |
|
EntityResourceTestBase:: |
protected | function | Asserts structure of $patchProtectedFieldNames. | |
EntityResourceTestBase:: |
protected | function | Asserts that a resource is unavailable: 404, 406 if it has canonical route. | |
EntityResourceTestBase:: |
protected | function | Asserts that the stored entity matches the sent normalization. | |
EntityResourceTestBase:: |
protected static | function | Transforms a normalization: casts all non-string types to strings. | |
EntityResourceTestBase:: |
protected | function | Creates another entity to be tested. | 1 |
EntityResourceTestBase:: |
abstract protected | function | Creates the entity to be tested. | 24 |
EntityResourceTestBase:: |
protected | function | Gets an entity resource's POST URL. | |
EntityResourceTestBase:: |
protected | function | Gets an entity resource's GET/PATCH/DELETE URL. | |
EntityResourceTestBase:: |
protected | function | The expected cache contexts for the GET/HEAD response of the test entity. | 9 |
EntityResourceTestBase:: |
protected | function | The expected cache tags for the GET/HEAD response of the test entity. | 2 |
EntityResourceTestBase:: |
abstract protected | function | Returns the expected normalization of the entity. | 24 |
EntityResourceTestBase:: |
protected | function |
Returns the expected cacheability of an unauthorized access response. Overrides ResourceTestBase:: |
|
EntityResourceTestBase:: |
protected | function |
Return the expected error message. Overrides ResourceTestBase:: |
17 |
EntityResourceTestBase:: |
protected | function | The cacheability of unauthorized 'view' entity access. | 4 |
EntityResourceTestBase:: |
protected static | function | Clones the given entity and modifies all PATCH-protected fields. | |
EntityResourceTestBase:: |
protected | function | Gets the normalized POST entity with random values for its unique fields. | |
EntityResourceTestBase:: |
protected | function | Returns the normalized PATCH entity. | 3 |
EntityResourceTestBase:: |
abstract protected | function | Returns the normalized POST entity. | 24 |
EntityResourceTestBase:: |
protected | function | Makes the given entity normalization invalid. | |
EntityResourceTestBase:: |
protected | function | Provides an entity resource. | |
EntityResourceTestBase:: |
protected | function |
Overrides ResourceTestBase:: |
2 |
EntityResourceTestBase:: |
public | function | Tests a DELETE request for an entity, plus edge cases to ensure good DX. | 1 |
EntityResourceTestBase:: |
public | function | Tests a GET request for an entity, plus edge cases to ensure good DX. | 2 |
EntityResourceTestBase:: |
public | function | Tests a PATCH request for an entity, plus edge cases to ensure good DX. | 1 |
EntityResourceTestBase:: |
public | function | Tests a POST request for an entity, plus edge cases to ensure good DX. | 2 |
ExtensionListTestTrait:: |
protected | function | Gets the path for the specified module. | |
ExtensionListTestTrait:: |
protected | function | Gets the path for the specified theme. | |
FunctionalTestSetupTrait:: |
protected | property | The flag to set 'apcu_ensure_unique_prefix' setting. | 1 |
FunctionalTestSetupTrait:: |
protected | property | The class loader to use for installation and initialization of setup. | |
FunctionalTestSetupTrait:: |
protected | property | The "#1" admin user. | |
FunctionalTestSetupTrait:: |
protected | function | Execute the non-interactive installer. | 1 |
FunctionalTestSetupTrait:: |
protected | function | Returns all supported database driver installer objects. | |
FunctionalTestSetupTrait:: |
protected | function | Initialize various configurations post-installation. | |
FunctionalTestSetupTrait:: |
protected | function | Initializes the kernel after installation. | |
FunctionalTestSetupTrait:: |
protected | function | Initialize settings created during install. | |
FunctionalTestSetupTrait:: |
protected | function | Initializes user 1 for the site to be installed. | |
FunctionalTestSetupTrait:: |
protected | function | Installs the default theme defined by `static::$defaultTheme` when needed. | |
FunctionalTestSetupTrait:: |
protected | function | Install modules defined by `static::$modules`. | 1 |
FunctionalTestSetupTrait:: |
protected | function | Returns the parameters that will be used when the test installs Drupal. | 4 |
FunctionalTestSetupTrait:: |
protected | function | Prepares the current environment for running the test. | 21 |
FunctionalTestSetupTrait:: |
protected | function | Creates a mock request and sets it on the generator. | |
FunctionalTestSetupTrait:: |
protected | function | Prepares site settings and services before installation. | 3 |
FunctionalTestSetupTrait:: |
protected | function | Resets and rebuilds the environment after setup. | |
FunctionalTestSetupTrait:: |
protected | function | Rebuilds \Drupal::getContainer(). | |
FunctionalTestSetupTrait:: |
protected | function | Resets all data structures after having enabled new modules. | |
FunctionalTestSetupTrait:: |
protected | function | Changes parameters in the services.yml file. | |
FunctionalTestSetupTrait:: |
protected | function | Sets up the base URL based upon the environment variable. | |
FunctionalTestSetupTrait:: |
protected | function | Rewrites the settings.php file of the test site. | 1 |
NodeCreationTrait:: |
protected | function | Creates a node based on default settings. Aliased as: drupalCreateNode | |
NodeCreationTrait:: |
public | function | Get a node from the database based on its title. Aliased as: drupalGetNodeByTitle | |
PhpUnitWarnings:: |
private static | property | Deprecation warnings from PHPUnit to raise with @trigger_error(). | |
PhpUnitWarnings:: |
public | function | Converts PHPUnit deprecation warnings to E_USER_DEPRECATED. | |
RandomGeneratorTrait:: |
protected | property | The random generator. | |
RandomGeneratorTrait:: |
protected | function | Gets the random generator for the utility methods. | |
RandomGeneratorTrait:: |
protected | function | Generates a unique random string containing letters and numbers. | |
RandomGeneratorTrait:: |
public | function | Generates a random PHP object. | |
RandomGeneratorTrait:: |
public | function | Generates a pseudo-random string of ASCII characters of codes 32 to 126. | |
RandomGeneratorTrait:: |
public | function | Callback for random string validation. | |
RefreshVariablesTrait:: |
protected | function | Refreshes in-memory configuration and state information. | 1 |
ResourceTestBase:: |
protected | property | The account to use for authentication, if any. | |
ResourceTestBase:: |
protected static | property | The authentication mechanism to use in this test. | 100 |
ResourceTestBase:: |
protected static | property | The format to use in this test. | 151 |
ResourceTestBase:: |
protected static | property | The MIME type that corresponds to $format. | 151 |
ResourceTestBase:: |
protected static | property | The REST Resource Config entity ID under test (i.e. a resource type). | 1 |
ResourceTestBase:: |
protected | property | The REST resource config entity storage. | |
ResourceTestBase:: |
protected | property | The serializer service. | |
ResourceTestBase:: |
abstract protected | function | Asserts authentication provider-specific edge cases. | |
ResourceTestBase:: |
protected | function | Asserts that a resource error response has the given message. | |
ResourceTestBase:: |
protected | function | Asserts that a resource response has the given status code and body. | |
ResourceTestBase:: |
abstract protected | function | Verifies the error response in case of missing authentication. | |
ResourceTestBase:: |
protected | function | Adds the Xdebug cookie to the request options. | |
ResourceTestBase:: |
protected | function | Returns Guzzle request options for authentication. | |
ResourceTestBase:: |
protected | function | Grants permissions to the anonymous role. | |
ResourceTestBase:: |
protected | function | Grants permissions to the authenticated role. | |
ResourceTestBase:: |
protected | function | Grants permissions to the tested role: anonymous or authenticated. | |
ResourceTestBase:: |
protected | function | Initializes authentication. | |
ResourceTestBase:: |
protected | function | Provisions the REST resource under test. | |
ResourceTestBase:: |
protected static | function | Recursively sorts an array by key. | |
ResourceTestBase:: |
protected | function | Refreshes the state of the tester to be in sync with the testee. | |
ResourceTestBase:: |
protected | function | Performs a HTTP request. Wraps the Guzzle HTTP client. | 1 |
ResourceTestBase:: |
abstract protected | function | Sets up the necessary authorization. | 25 |
SessionTestTrait:: |
protected | property | The name of the session cookie. | |
SessionTestTrait:: |
protected | function | Generates a session cookie name. | |
SessionTestTrait:: |
protected | function | Returns the session name in use on the child site. | |
StorageCopyTrait:: |
protected static | function | Copy the configuration from one storage to another and remove stale items. | |
TestRequirementsTrait:: |
private | function | Checks missing module requirements. | |
TestRequirementsTrait:: |
protected | function | Check module requirements for the Drupal use case. | |
TestRequirementsTrait:: |
protected static | function | Returns the Drupal root directory. | |
TestSetupTrait:: |
protected static | property | An array of config object names that are excluded from schema checking. | |
TestSetupTrait:: |
protected | property | The dependency injection container used in the test. | |
TestSetupTrait:: |
protected | property | The DrupalKernel instance used in the test. | |
TestSetupTrait:: |
protected | property | The site directory of the original parent site. | |
TestSetupTrait:: |
protected | property | The private file directory for the test environment. | |
TestSetupTrait:: |
protected | property | The public file directory for the test environment. | |
TestSetupTrait:: |
protected | property | The site directory of this test run. | |
TestSetupTrait:: |
protected | property | Set to TRUE to strict check all configuration saved. | 1 |
TestSetupTrait:: |
protected | property | The temporary file directory for the test environment. | |
TestSetupTrait:: |
protected | property | The test run ID. | |
TestSetupTrait:: |
protected | function | Changes the database connection to the prefixed one. | |
TestSetupTrait:: |
protected | function | Gets the config schema exclusions for this test. | |
TestSetupTrait:: |
public static | function | Returns the database connection to the site under test. | |
TestSetupTrait:: |
protected | function | Generates a database prefix for running tests. | 1 |
UiHelperTrait:: |
protected | property | The current user logged in using the Mink controlled browser. | |
UiHelperTrait:: |
protected | property | The number of meta refresh redirects to follow, or NULL if unlimited. | |
UiHelperTrait:: |
protected | property | The number of meta refresh redirects followed during ::drupalGet(). | |
UiHelperTrait:: |
public | function | Returns WebAssert object. | 1 |
UiHelperTrait:: |
protected | function | Builds an absolute URL from a system path or a URL object. | |
UiHelperTrait:: |
protected | function | Checks for meta refresh tag and if found call drupalGet() recursively. | |
UiHelperTrait:: |
protected | function | Clicks the element with the given CSS selector. | |
UiHelperTrait:: |
protected | function | Follows a link by complete name. | |
UiHelperTrait:: |
protected | function | Searches elements using a CSS selector in the raw content. | |
UiHelperTrait:: |
protected | function | Translates a CSS expression to its XPath equivalent. | |
UiHelperTrait:: |
protected | function | Retrieves a Drupal path or an absolute path. | |
UiHelperTrait:: |
protected | function | Logs in a user using the Mink controlled browser. | |
UiHelperTrait:: |
protected | function | Logs a user out of the Mink controlled browser and confirms. | |
UiHelperTrait:: |
protected | function | Returns whether a given user account is logged in. | |
UiHelperTrait:: |
protected | function | Takes a path and returns an absolute path. | |
UiHelperTrait:: |
protected | function | Retrieves the plain-text content from the current page. | |
UiHelperTrait:: |
protected | function | Get the current URL from the browser. | |
UiHelperTrait:: |
protected | function | Determines if test is using DrupalTestBrowser. | |
UiHelperTrait:: |
protected | function | Prepare for a request to testing site. | 1 |
UiHelperTrait:: |
protected | function | Fills and submits a form. | |
UserCreationTrait:: |
protected | function | Checks whether a given list of permission names is valid. | |
UserCreationTrait:: |
protected | function | Creates an administrative role. | |
UserCreationTrait:: |
protected | function | Creates a role with specified permissions. Aliased as: drupalCreateRole | |
UserCreationTrait:: |
protected | function | Create a user with a given set of permissions. Aliased as: drupalCreateUser | |
UserCreationTrait:: |
protected | function | Grant permissions to a user role. | |
UserCreationTrait:: |
protected | function | Switch the current logged in user. | |
UserCreationTrait:: |
protected | function | Creates a random user account and sets it as current user. | |
XdebugRequestTrait:: |
protected | function | Adds xdebug cookies, from request setup. |