View source
<?php
namespace Drupal\Tests\system\Functional\System;
use Drupal\Component\Render\FormattableMarkup;
use Drupal\Tests\BrowserTestBase;
use Drupal\Tests\system\Functional\Cache\AssertPageCacheContextsAndTagsTrait;
use Drupal\user\RoleInterface;
class AccessDeniedTest extends BrowserTestBase {
use AssertPageCacheContextsAndTagsTrait;
public static $modules = [
'block',
'node',
'system_test',
];
protected $defaultTheme = 'stark';
protected $adminUser;
protected function setUp() {
parent::setUp();
$this
->drupalPlaceBlock('page_title_block');
$this->adminUser = $this
->drupalCreateUser([
'access administration pages',
'administer site configuration',
'link to any page',
'administer blocks',
]);
$this->adminUser->roles[] = 'administrator';
$this->adminUser
->save();
user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, [
'access user profiles',
]);
user_role_grant_permissions(RoleInterface::AUTHENTICATED_ID, [
'access user profiles',
]);
}
public function testAccessDenied() {
$this
->drupalGet('admin');
$this
->assertText(t('Access denied'), 'Found the default 403 page');
$this
->assertSession()
->statusCodeEquals(403);
$this
->drupalLogin($this
->createUser([]));
$this
->drupalGet('admin', [
'query' => [
'foo' => 'bar',
],
]);
$settings = $this
->getDrupalSettings();
$this
->assertEqual($settings['path']['currentPath'], 'admin');
$this
->assertEqual($settings['path']['currentPathIsAdmin'], TRUE);
$this
->assertEqual($settings['path']['currentQuery'], [
'foo' => 'bar',
]);
$this
->drupalLogin($this->adminUser);
$edit = [
'site_403' => 'user/' . $this->adminUser
->id(),
];
$this
->drupalPostForm('admin/config/system/site-information', $edit, t('Save configuration'));
$this
->assertRaw(new FormattableMarkup("The path '%path' has to start with a slash.", [
'%path' => $edit['site_403'],
]));
$edit = [
'site_403' => '/user/' . $this->adminUser
->id(),
];
$this
->drupalPostForm('admin/config/system/site-information', $edit, t('Save configuration'));
$block = $this
->drupalPlaceBlock('user_login_block', [
'id' => 'login',
]);
$this
->drupalLogout();
$this
->drupalGet('admin');
$this
->assertText($this->adminUser
->getAccountName(), 'Found the custom 403 page');
$this
->assertText(t('Username'), 'Blocks are shown on the custom 403 page');
$this
->drupalLogin($this->adminUser);
$edit = [
'site_403' => '',
];
$this
->drupalPostForm('admin/config/system/site-information', $edit, t('Save configuration'));
$this
->drupalLogout();
$this
->drupalGet('admin');
$this
->assertText(t('Access denied'), 'Found the default 403 page');
$this
->assertSession()
->statusCodeEquals(403);
$this
->assertText(t('Username'), 'Blocks are shown on the default 403 page');
$this
->drupalLogin($this->adminUser);
$this
->config('system.site')
->set('page.403', '/user/login')
->save();
$block
->disable()
->save();
$this
->drupalLogout();
$edit = [
'name' => $this->adminUser
->getAccountName(),
'pass' => $this->adminUser->pass_raw,
];
$this
->drupalPostForm('admin/config/system/site-information', $edit, t('Log in'));
$this
->assertText(t('Basic site settings'));
}
public function testAccessDeniedCustomPageWithAccessDenied() {
$this
->config('system.site')
->set('page.403', '/system-test/custom-4xx')
->save();
$this
->drupalGet('/system-test/always-denied');
$this
->assertNoText('Admin-only 4xx response');
$this
->assertText('You are not authorized to access this page.');
$this
->assertSession()
->statusCodeEquals(403);
$this
->assertCacheContext('user.roles');
$this
->drupalLogin($this->adminUser);
$this
->drupalGet('/system-test/always-denied');
$this
->assertText('Admin-only 4xx response');
$this
->assertSession()
->statusCodeEquals(403);
$this
->assertCacheContext('user.roles');
}
}