You are here

public function ResourceTest::testAuthentication in Drupal 9

Same name and namespace in other branches
  1. 8 core/modules/rest/tests/src/Functional/ResourceTest.php \Drupal\Tests\rest\Functional\ResourceTest::testAuthentication()
  2. 10 core/modules/rest/tests/src/Functional/ResourceTest.php \Drupal\Tests\rest\Functional\ResourceTest::testAuthentication()

Tests that a resource without authentication cannot be enabled.

File

core/modules/rest/tests/src/Functional/ResourceTest.php, line 92

Class

ResourceTest
Tests the structure of a REST resource.

Namespace

Drupal\Tests\rest\Functional

Code

public function testAuthentication() {
  RestResourceConfig::create([
    'id' => 'entity.entity_test',
    'granularity' => RestResourceConfigInterface::METHOD_GRANULARITY,
    'configuration' => [
      'GET' => [
        'supported_formats' => [
          'hal_json',
        ],
      ],
    ],
  ])
    ->save();

  // Verify that accessing the resource returns 401.
  $this
    ->drupalGet($this->entity
    ->toUrl()
    ->setRouteParameter('_format', 'hal_json'));

  // \Drupal\Core\Routing\RequestFormatRouteFilter considers the canonical,
  // non-REST route a match, but a lower quality one: no format restrictions
  // means there's always a match and hence when there is no matching REST
  // route, the non-REST route is used, but can't render into
  // application/hal+json, so it returns a 406.
  $this
    ->assertSession()
    ->statusCodeEquals(406);
}