You are here

public function RestRegisterUserTest::testRegisterUser in Drupal 9

Same name and namespace in other branches
  1. 8 core/modules/user/tests/src/Functional/RestRegisterUserTest.php \Drupal\Tests\user\Functional\RestRegisterUserTest::testRegisterUser()

Tests that only anonymous users can register users.

File

core/modules/user/tests/src/Functional/RestRegisterUserTest.php, line 74

Class

RestRegisterUserTest
Tests user registration via REST resource.

Namespace

Drupal\Tests\user\Functional

Code

public function testRegisterUser() {
  $config = $this
    ->config('user.settings');

  // Test out different setting User Registration and Email Verification.
  // Allow visitors to register with no email verification.
  $config
    ->set('register', UserInterface::REGISTER_VISITORS);
  $config
    ->set('verify_mail', 0);
  $config
    ->save();
  $user = $this
    ->registerUser('Palmer.Eldritch');
  $this
    ->assertFalse($user
    ->isBlocked());
  $this
    ->assertFalse(empty($user
    ->getPassword()));
  $email_count = count($this
    ->drupalGetMails());
  $this
    ->assertEquals(0, $email_count);

  // Attempt to register without sending a password.
  $response = $this
    ->registerRequest('Rick.Deckard', FALSE);
  $this
    ->assertResourceErrorResponse(422, "No password provided.", $response);

  // Attempt to register with a password when e-mail verification is on.
  $config
    ->set('register', UserInterface::REGISTER_VISITORS);
  $config
    ->set('verify_mail', 1);
  $config
    ->save();
  $response = $this
    ->registerRequest('Estraven', TRUE);
  $this
    ->assertResourceErrorResponse(422, 'A Password cannot be specified. It will be generated on login.', $response);

  // Allow visitors to register with email verification.
  $config
    ->set('register', UserInterface::REGISTER_VISITORS);
  $config
    ->set('verify_mail', 1);
  $config
    ->save();
  $name = 'Jason.Taverner';
  $user = $this
    ->registerUser($name, FALSE);
  $this
    ->assertTrue(empty($user
    ->getPassword()));
  $this
    ->assertTrue($user
    ->isBlocked());
  $this
    ->resetAll();
  $this
    ->assertMailString('body', 'You may now log in by clicking this link', 1);

  // Allow visitors to register with Admin approval and no email verification.
  $config
    ->set('register', UserInterface::REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL);
  $config
    ->set('verify_mail', 0);
  $config
    ->save();
  $name = 'Argaven';
  $user = $this
    ->registerUser($name);
  $this
    ->resetAll();
  $this
    ->assertFalse(empty($user
    ->getPassword()));
  $this
    ->assertTrue($user
    ->isBlocked());
  $this
    ->assertMailString('body', 'Your application for an account is', 2);
  $this
    ->assertMailString('body', 'Argaven has applied for an account', 2);

  // Allow visitors to register with Admin approval and e-mail verification.
  $config
    ->set('register', UserInterface::REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL);
  $config
    ->set('verify_mail', 1);
  $config
    ->save();
  $name = 'Bob.Arctor';
  $user = $this
    ->registerUser($name, FALSE);
  $this
    ->resetAll();
  $this
    ->assertTrue(empty($user
    ->getPassword()));
  $this
    ->assertTrue($user
    ->isBlocked());
  $this
    ->assertMailString('body', 'Your application for an account is', 2);
  $this
    ->assertMailString('body', 'Bob.Arctor has applied for an account', 2);

  // Verify that an authenticated user cannot register a new user, despite
  // being granted permission to do so because only anonymous users can
  // register themselves, authenticated users with the necessary permissions
  // can POST a new user to the "user" REST resource.
  $this
    ->initAuthentication();
  $response = $this
    ->registerRequest($this->account
    ->getAccountName());
  $this
    ->assertResourceErrorResponse(403, "Only anonymous users can register a user.", $response);
}