You are here

public function StyleSerializerTest::testFieldapiField in Drupal 9

Same name and namespace in other branches
  1. 8 core/modules/rest/tests/src/Functional/Views/StyleSerializerTest.php \Drupal\Tests\rest\Functional\Views\StyleSerializerTest::testFieldapiField()

Tests the field row style using fieldapi fields.

File

core/modules/rest/tests/src/Functional/Views/StyleSerializerTest.php, line 666

Class

StyleSerializerTest
Tests the serializer style plugin.

Namespace

Drupal\Tests\rest\Functional\Views

Code

public function testFieldapiField() {
  $this
    ->drupalCreateContentType([
    'type' => 'page',
  ]);
  $node = $this
    ->drupalCreateNode();
  $result = Json::decode($this
    ->drupalGet('test/serialize/node-field', [
    'query' => [
      '_format' => 'json',
    ],
  ]));
  $this
    ->assertEquals($node
    ->id(), $result[0]['nid']);
  $this
    ->assertEquals($node->body->processed, $result[0]['body']);

  // Make sure that serialized fields are not exposed to XSS.
  $node = $this
    ->drupalCreateNode();
  $node->body = [
    'value' => '<script type="text/javascript">alert("node-body");</script>' . $this
      ->randomMachineName(32),
    'format' => filter_default_format(),
  ];
  $node
    ->save();
  $result = Json::decode($this
    ->drupalGet('test/serialize/node-field', [
    'query' => [
      '_format' => 'json',
    ],
  ]));
  $this
    ->assertEquals($node
    ->id(), $result[1]['nid']);
  $this
    ->assertStringNotContainsString("<script", $this
    ->getSession()
    ->getPage()
    ->getContent(), "No script tag is present in the raw page contents.");
  $this
    ->drupalLogin($this->adminUser);

  // Add an alias and make the output raw.
  $row_options = 'admin/structure/views/nojs/display/test_serializer_node_display_field/rest_export_1/row_options';

  // Test an empty string for an alias, this should not be used. This also
  // tests that the form can be submitted with no aliases.
  $this
    ->drupalGet($row_options);
  $this
    ->submitForm([
    'row_options[field_options][title][raw_output]' => '1',
  ], 'Apply');
  $this
    ->submitForm([], 'Save');
  $view = Views::getView('test_serializer_node_display_field');
  $view
    ->setDisplay('rest_export_1');
  $this
    ->executeView($view);

  // Test the raw 'created' value against each row.
  foreach (Json::decode($this
    ->drupalGet('test/serialize/node-field', [
    'query' => [
      '_format' => 'json',
    ],
  ])) as $index => $values) {
    $this
      ->assertSame($view->result[$index]->_entity->title->value, $values['title'], 'Expected raw title value found.');
  }

  // Test that multiple raw body fields are shown.
  // Set the body field to unlimited cardinality.
  $storage_definition = $node
    ->getFieldDefinition('body')
    ->getFieldStorageDefinition();
  $storage_definition
    ->setCardinality(FieldStorageDefinitionInterface::CARDINALITY_UNLIMITED);
  $storage_definition
    ->save();
  $this
    ->drupalGet($row_options);
  $this
    ->submitForm([
    'row_options[field_options][body][raw_output]' => '1',
  ], 'Apply');
  $this
    ->submitForm([], 'Save');
  $node = $this
    ->drupalCreateNode();
  $body = [
    'value' => '<script type="text/javascript">alert("node-body");</script>' . $this
      ->randomMachineName(32),
    'format' => filter_default_format(),
  ];

  // Add two body items.
  $node->body = [
    $body,
    $body,
  ];
  $node
    ->save();
  $view = Views::getView('test_serializer_node_display_field');
  $view
    ->setDisplay('rest_export_1');
  $this
    ->executeView($view);
  $result = Json::decode($this
    ->drupalGet('test/serialize/node-field', [
    'query' => [
      '_format' => 'json',
    ],
  ]));
  $this
    ->assertSame($node->body
    ->count(), count($result[2]['body']), 'Expected count of values');
  $this
    ->assertEquals($result[2]['body'], array_map(function ($item) {
    return $item['value'];
  }, $node->body
    ->getValue()), 'Expected raw body values found.');
}