You are here

Home » API reference » Preview Link 2.0.x » PreviewLinkSessionTokenTest.php » PreviewLinkSessionTokenTest

public function PreviewLinkSessionTokenTest::testSessionToken in Preview Link 2.0.x

Same name and namespace in other branches
  1. 2.x tests/src/Functional/PreviewLinkSessionTokenTest.php \Drupal\Tests\preview_link\Functional\PreviewLinkSessionTokenTest::testSessionToken()

Tests session token unlocks multiple entities.

File

tests/src/Functional/PreviewLinkSessionTokenTest.php, line 58

Class

PreviewLinkSessionTokenTest
Tests tokens claimed against sessions.

Namespace

Drupal\Tests\preview_link\Functional

Code

public function testSessionToken() : void {
  $entity1 = EntityTestRevPub::create([
    'name' => 'test entity 1',
  ]);
  $entity1
    ->save();
  $entity2 = EntityTestRevPub::create([
    'name' => 'test entity 2',
  ]);
  $entity2
    ->save();

  // Navigating to these entities proves no access and primes caches.
  $this
    ->drupalGet($entity1
    ->toUrl());
  $this
    ->assertSession()
    ->statusCodeEquals(403);
  $this
    ->drupalGet($entity2
    ->toUrl());
  $this
    ->assertSession()
    ->statusCodeEquals(403);
  $previewLink = PreviewLink::create()
    ->setEntities([
    $entity1,
    $entity2,
  ]);
  $previewLink
    ->save();
  $previewLinkUrl1 = Url::fromRoute('entity.entity_test_revpub.preview_link', [
    $entity1
      ->getEntityTypeId() => $entity1
      ->id(),
    'preview_token' => $previewLink
      ->getToken(),
  ]);
  $this
    ->drupalGet($previewLinkUrl1);
  $this
    ->assertSession()
    ->statusCodeEquals(200);

  // Navigating to canonical should redirect to preview link.
  $this
    ->drupalGet($entity2
    ->toUrl());
  $previewLinkUrl2 = Url::fromRoute('entity.entity_test_revpub.preview_link', [
    $entity2
      ->getEntityTypeId() => $entity2
      ->id(),
    'preview_token' => $previewLink
      ->getToken(),
  ]);
  $this
    ->assertSession()
    ->statusCodeEquals(200);
  $this
    ->assertSession()
    ->addressEquals($previewLinkUrl2);
  $this
    ->assertSession()
    ->pageTextContains('You are viewing this page because a preview link granted you access. Click here to remove token.');

  // Now back to the canonical route for the original entity.
  $this
    ->drupalGet($entity1
    ->toUrl());
  $this
    ->assertSession()
    ->statusCodeEquals(200);
  $this
    ->assertSession()
    ->addressEquals($previewLinkUrl1);
  $this
    ->assertSession()
    ->pageTextContains('You are viewing this page because a preview link granted you access. Click here to remove token.');

  // Each canonical page now inaccessible after removing session tokens.
  $this
    ->drupalGet(Url::fromRoute('preview_link.session_tokens.remove'));
  $this
    ->assertSession()
    ->pageTextContains('Removed preview link tokens.');
  $this
    ->drupalGet($entity1
    ->toUrl());
  $this
    ->assertSession()
    ->statusCodeEquals(403);
  $this
    ->drupalGet($entity2
    ->toUrl());
  $this
    ->assertSession()
    ->statusCodeEquals(403);

  /** @var \Drupal\preview_link_test\StateLogger $logger */
  $logger = \Drupal::service('logger.preview_link_test');
  $messages = array_map(function ($log) : string {
    [
      1 => $message,
      2 => $messagePlaceholders,
      3 => $context,
    ] = $log;
    return empty($messagePlaceholders) ? $message : strtr($message, $messagePlaceholders);
  }, $logger
    ->getLogs());
  $channels = array_map(function ($log) : ?string {
    return $log[3]['channel'] ?? NULL;
  }, $logger
    ->getLogs());
  $this
    ->assertContains('preview_link', $channels);
  $this
    ->assertContains('Redirecting to preview link of test entity 2', $messages);

  // The log sent to 'php' channel in ExceptionLoggingSubscriber::onError
  // must not be triggered.
  $this
    ->assertNotContains('php', $channels);
}