View source
<?php
namespace Drupal\Tests\jsonapi\Functional;
use Drupal\Component\Serialization\Json;
use Drupal\Component\Utility\NestedArray;
use Drupal\Core\Url;
use Drupal\file\Entity\File;
use Drupal\Tests\jsonapi\Traits\CommonCollectionFilterAccessTestPatternsTrait;
use Drupal\Tests\rest\Functional\BcTimestampNormalizerUnixTestTrait;
use Drupal\user\Entity\User;
use GuzzleHttp\RequestOptions;
class FileTest extends ResourceTestBase {
use BcTimestampNormalizerUnixTestTrait;
use CommonCollectionFilterAccessTestPatternsTrait;
public static $modules = [
'file',
'user',
];
protected static $entityTypeId = 'file';
protected static $resourceTypeName = 'file--file';
protected $entity;
protected static $patchProtectedFieldNames = [
'uri' => NULL,
'filemime' => NULL,
'filesize' => NULL,
'status' => NULL,
'changed' => NULL,
];
protected $author;
protected function setUpAuthorization($method) {
switch ($method) {
case 'GET':
$this
->grantPermissionsToTestedRole([
'access content',
]);
break;
case 'PATCH':
case 'DELETE':
$this
->makeCurrentUserFileOwner();
break;
}
}
protected function makeCurrentUserFileOwner() {
$account = User::load(2);
$this->entity
->setOwnerId($account
->id());
$this->entity
->setOwner($account);
$this->entity
->save();
}
protected function createEntity() {
$this->author = User::load(1);
$file = File::create();
$file
->setOwnerId($this->author
->id());
$file
->setFilename('drupal.txt');
$file
->setMimeType('text/plain');
$file
->setFileUri('public://drupal.txt');
$file
->set('status', FILE_STATUS_PERMANENT);
$file
->save();
file_put_contents($file
->getFileUri(), 'Drupal');
return $file;
}
protected function createAnotherEntity($key) {
$duplicate = parent::createAnotherEntity($key);
$duplicate
->setFileUri("public://{$key}.txt");
$duplicate
->save();
return $duplicate;
}
protected function getExpectedDocument() {
$self_url = Url::fromUri('base:/jsonapi/file/file/' . $this->entity
->uuid())
->setAbsolute()
->toString(TRUE)
->getGeneratedUrl();
$normalization = [
'jsonapi' => [
'meta' => [
'links' => [
'self' => 'http://jsonapi.org/format/1.0/',
],
],
'version' => '1.0',
],
'links' => [
'self' => $self_url,
],
'data' => [
'id' => $this->entity
->uuid(),
'type' => 'file--file',
'links' => [
'self' => $self_url,
],
'attributes' => [
'changed' => $this->entity
->getChangedTime(),
'created' => (int) $this->entity
->getCreatedTime(),
'fid' => 1,
'filemime' => 'text/plain',
'filename' => 'drupal.txt',
'filesize' => (int) $this->entity
->getSize(),
'langcode' => 'en',
'status' => TRUE,
'url' => base_path() . $this->siteDirectory . '/files/drupal.txt',
'uri' => [
'url' => base_path() . $this->siteDirectory . '/files/drupal.txt',
'value' => 'public://drupal.txt',
],
'uuid' => $this->entity
->uuid(),
],
'relationships' => [
'uid' => [
'data' => [
'id' => $this->author
->uuid(),
'type' => 'user--user',
],
'links' => [
'related' => $self_url . '/uid',
'self' => $self_url . '/relationships/uid',
],
],
],
],
];
if (floatval(\Drupal::VERSION) < 8.5) {
$normalization['data']['attributes']['uri'] = $normalization['data']['attributes']['uri']['url'];
}
return $normalization;
}
protected function getPostDocument() {
return [
'data' => [
'type' => 'file--file',
'attributes' => [
'filename' => 'drupal.txt',
],
],
];
}
public function testPostIndividual() {
$this
->markTestSkipped();
}
protected function getExpectedUnauthorizedAccessMessage($method) {
if ($method === 'GET') {
return "The 'access content' permission is required.";
}
if (floatval(\Drupal::VERSION) >= 8.6 && ($method === 'PATCH' || $method === 'DELETE')) {
return "Only the file owner can update or delete the file entity.";
}
return parent::getExpectedUnauthorizedAccessMessage($method);
}
public function testGetIndividual() {
if (floatval(\Drupal::VERSION) < 8.5) {
$this
->markTestSkipped('File entities had a dysfunctional access control handler until 8.5, this is necessary for this test coverage to work.');
}
return parent::testGetIndividual();
}
public function testCollectionFilterAccess() {
$label_field_name = 'filename';
$this
->doTestCollectionFilterAccessBasedOnPermissions($label_field_name, 'access content');
$collection_url = Url::fromRoute('jsonapi.entity_test--bar.collection');
$collection_filter_url = $collection_url
->setOption('query', [
"filter[spotlight.{$label_field_name}]" => $this->entity
->label(),
]);
$request_options = [];
$request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
$request_options = NestedArray::mergeDeep($request_options, $this
->getAuthenticationRequestOptions());
$this->entity
->setFileUri('private://drupal.txt');
$this->entity
->setOwner($this->account);
$this->entity
->save();
$response = $this
->request('GET', $collection_filter_url, $request_options);
$doc = Json::decode((string) $response
->getBody());
$this
->assertCount(1, $doc['data']);
$this->entity
->setOwner(User::load(0));
$this->entity
->save();
$response = $this
->request('GET', $collection_filter_url, $request_options);
$doc = Json::decode((string) $response
->getBody());
$this
->assertCount(0, $doc['data']);
}
}