public function KeyAuthTest::testUserKeyAuthForm in Key auth 8
Test the user key auth form.
File
- tests/
src/ Functional/ KeyAuthTest.php, line 108
Class
- KeyAuthTest
- Tests for key authentication provider.
Namespace
Drupal\Tests\key_auth\FunctionalCode
public function testUserKeyAuthForm() {
// Enable both key detection methods.
$this->keyAuthConfig
->set('detection_methods', [
KeyAuth::DETECTION_METHOD_HEADER,
KeyAuth::DETECTION_METHOD_QUERY,
])
->save();
// Make sure the form is not accessible.
$this
->drupalGet(Url::fromRoute('key_auth.user_key_auth_form', [
'user' => 1,
]));
$this
->assertSession()
->statusCodeEquals(403);
// Create a user without key auth access.
$user1 = $this
->drupalCreateUser([]);
// Log in.
$this
->drupalLogin($user1);
// Access should still be denied.
$this
->drupalGet(Url::fromRoute('key_auth.user_key_auth_form', [
'user' => $user1
->id(),
]));
$this
->assertSession()
->statusCodeEquals(403);
// Log out.
$this
->drupalLogout();
// Create a user with key auth access.
$user2 = $this
->drupalCreateUser([
'use key authentication',
]);
// Log in.
$this
->drupalLogin($user2);
// Set a key.
$user2
->set('api_key', $this->keyAuth
->generateKey())
->save();
// Access should be granted.
$this
->drupalGet(Url::fromRoute('key_auth.user_key_auth_form', [
'user' => $user2
->id(),
]));
$this
->assertSession()
->statusCodeEquals(200);
// Check that the key is on the page.
$this
->assertSession()
->pageTextContains($user2->api_key->value);
// Check that both buttons appear.
$this
->assertSession()
->elementExists('css', '#edit-new');
$this
->assertSession()
->elementExists('css', '#edit-delete');
// Test deleting the key.
$this
->drupalPostForm(NULL, [], 'Delete current key');
$user2 = $this
->loadUser($user2
->id());
$this
->assertEmpty($user2->api_key->value);
$this
->assertSession()
->pageTextContains('You currently do not have a key');
$this
->assertSession()
->elementNotExists('css', '#edit-delete');
// Test generating a new key.
$this
->drupalPostForm(NULL, [], 'Generate new key');
$user2 = $this
->loadUser($user2
->id());
$this
->assertNotEmpty($user2->api_key->value);
$this
->assertSession()
->pageTextContains($user2->api_key->value);
$this
->assertSession()
->elementExists('css', '#edit-delete');
// Check that the authentication options are present on the form.
$this
->assertSession()
->pageTextContains('Include the following header');
$this
->assertSession()
->pageTextContains('Include the following query');
// Remove one key detection methods.
$this->keyAuthConfig
->set('detection_methods', [
KeyAuth::DETECTION_METHOD_QUERY,
])
->save();
// Check that it was removed.
$this
->drupalGet(Url::fromRoute('key_auth.user_key_auth_form', [
'user' => $user2
->id(),
]));
$this
->assertSession()
->pageTextNotContains('Include the following header');
// Try to access other user's form.
$this
->drupalGet(Url::fromRoute('key_auth.user_key_auth_form', [
'user' => $user1
->id(),
]));
$this
->assertSession()
->statusCodeEquals(403);
// Create a user with adnin access and log in.
$user3 = $this
->drupalCreateUser([
'administer users',
'use key authentication',
]);
$this
->drupalLogin($user3);
// Try to access all user forms as admin.
foreach ([
$user1
->id(),
$user2
->id(),
$user3
->id(),
] as $uid) {
$this
->drupalGet(Url::fromRoute('key_auth.user_key_auth_form', [
'user' => $uid,
]));
$this
->assertSession()
->statusCodeEquals(200);
}
}