function RestfulEntityAndPropertyAccessTestCase::testCreateAccess in RESTful 7
Same name and namespace in other branches
- 7.2 tests/RestfulEntityAndPropertyAccessTestCase.test \RestfulEntityAndPropertyAccessTestCase::testCreateAccess()
Test access control for creating an entity.
File
- tests/
RestfulEntityAndPropertyAccessTestCase.test, line 25 - Contains RestfulEntityAndPropertyAccessTestCase
Class
- RestfulEntityAndPropertyAccessTestCase
- @file Contains RestfulEntityAndPropertyAccessTestCase
Code
function testCreateAccess() {
$handler = restful_get_restful_handler('test_articles');
$request = array(
'label' => $this
->randomName(),
);
// Non-privileged user.
$user1 = $this
->drupalCreateUser();
try {
$handler
->setAccount($user1);
$handler
->post('', $request);
$this
->fail('Non-privileged user can create entity.');
} catch (Exception $e) {
$this
->pass('Non-privileged user cannot create entity.');
}
// Privileged user.
$user2 = $this
->drupalCreateUser(array(
'create article content',
));
$handler
->setAccount($user2);
$result = $handler
->post('', $request);
$this
->assertTrue($result[0], 'Privileged user can create entity.');
// Privileged user, with limited access to property.
restful_test_deny_access_field();
$handler
->setAccount($user2);
$result = $handler
->post('', $request);
$this
->assertTrue($result[0], 'Privileged user can create entity, with limited access to property.');
// Privileged user, with limited access to property, and that property
// passed in the request.
$text1 = $this
->randomName();
$request['body'] = $text1;
try {
$handler
->setAccount($user1);
$handler
->post('', $request);
$this
->fail('Non-privileged user can create entity with unaccessible property that was passed in the request.');
} catch (Exception $e) {
$this
->pass('Non-privileged user cannot create entity with unaccessible property that was passed in the request.');
}
restful_test_clear_access_field();
}