protected function FileTest::setUpAuthorization in JSON:API 8.2
Same name and namespace in other branches
- 8 tests/src/Functional/FileTest.php \Drupal\Tests\jsonapi\Functional\FileTest::setUpAuthorization()
Sets up the necessary authorization.
In case of a test verifying publicly accessible REST resources: grant permissions to the anonymous user role.
In case of a test verifying behavior when using a particular authentication provider: create a user with a particular set of permissions.
Because of the $method parameter, it's possible to first set up authentication for only GET, then add POST, et cetera. This then also allows for verifying a 403 in case of missing authorization.
Parameters
string $method: The HTTP method for which to set up authentication.
Overrides ResourceTestBase::setUpAuthorization
See also
::grantPermissionsToAnonymousRole()
::grantPermissionsToAuthenticatedRole()
File
- tests/
src/ Functional/ FileTest.php, line 67
Class
- FileTest
- JSON:API integration test for the "File" content entity type.
Namespace
Drupal\Tests\jsonapi\FunctionalCode
protected function setUpAuthorization($method) {
switch ($method) {
case 'GET':
$this
->grantPermissionsToTestedRole([
'access content',
]);
break;
case 'PATCH':
case 'DELETE':
// \Drupal\file\FileAccessControlHandler::checkAccess() grants 'update'
// and 'delete' access only to the user that owns the file. So there is
// no permission to grant: instead, the file owner must be changed from
// its default (user 1) to the current user.
$this
->makeCurrentUserFileOwner();
break;
}
}