You are here

Home » API reference » Media Download 1.0.x » DownloadTest.php » DownloadTest

public function DownloadTest::testMediaDownloadAccess in Media Download 1.0.x

Same name and namespace in other branches
  1. 1.2.x tests/src/Functional/DownloadTest.php \Drupal\Tests\media_download\Functional\DownloadTest::testMediaDownloadAccess()
  2. 1.1.x tests/src/Functional/DownloadTest.php \Drupal\Tests\media_download\Functional\DownloadTest::testMediaDownloadAccess()

Tests that media access works as expected.

Media access is delegated entirely to the Media module by placing an _entity_access requirement on the overridden canonical route.

This test case has the side effect of testing the page cache response policy, as without it there would normally be an error due to the attempted serialization of the response by Drupal's page cache module(s).

@covers \Drupal\media_download\PageCacheResponsePolicy @covers \Drupal\media_download\RouteSubscriber

File

tests/src/Functional/DownloadTest.php, line 106

Class

DownloadTest
Tests that the download functionality works as expected.

Namespace

Drupal\Tests\media_download\Functional

Code

public function testMediaDownloadAccess() {
  $allowed = $this
    ->drupalCreateUser([
    'view media',
  ]);
  $forbidden = $this
    ->drupalCreateUser();
  $this
    ->drupalLogin($forbidden);

  // Users without the 'view media' permission can expect to be met with a 403
  // Forbidden status code for all media downloads.
  $this
    ->drupalGet($this->media
    ->toUrl('canonical')
    ->toString());
  $this
    ->assertSession()
    ->statusCodeEquals(403);
  $this
    ->drupalLogin($allowed);

  // Users allowed access to media can expect to be met with a 200 OK.
  $this
    ->drupalGet($this->media
    ->toUrl('canonical')
    ->toString());
  $this
    ->assertSession()
    ->statusCodeEquals(200);
  $this->media->status->value = FALSE;
  $this->media
    ->save();

  // Setting the media as unpublished should prevent everyone but the owner
  // from accessing it.
  $this
    ->drupalGet($this->media
    ->toUrl('canonical')
    ->toString());
  $this
    ->assertSession()
    ->statusCodeEquals(403);
  $this
    ->drupalLogin($this->owner);

  // The owner should still be able to access the media.
  $this
    ->drupalGet($this->media
    ->toUrl('canonical')
    ->toString());
  $this
    ->assertSession()
    ->statusCodeEquals(200);
}