public function SecuritytxtPermissionsTest::testDisabledAccess in Security.txt 8
Test permissions to all Security.txt paths when Security.txt is disabled.
File
- tests/
src/ Functional/ SecuritytxtPermissionsTest.php, line 25
Class
- SecuritytxtPermissionsTest
- Permission check.
Namespace
Drupal\Tests\securitytxt\FunctionalCode
public function testDisabledAccess() {
/* Test access for Anonymous role with no permissions. */
$this
->drupalGet('admin/config/system/securitytxt');
$this
->assertSession()
->statusCodeEquals(403, 'Access denied for Anonymous user to securitytxt configure page.');
$this
->drupalGet('admin/config/system/securitytxt/sign');
$this
->assertSession()
->statusCodeEquals(403, 'Access denied for Anonymous user to securitytxt sign page.');
$this
->drupalGet('.well-known/security.txt');
$this
->assertSession()
->statusCodeEquals(403, 'Access denied for Anonymous user to security.txt page.');
$this
->drupalGet('.well-known/security.txt.sig');
$this
->assertSession()
->statusCodeEquals(403, 'Access denied for Anonymous user to security.txt.sig page.');
/* Test access for Authenticated user with no permissions. */
$this
->drupalLogin($this->authenticatedUser);
$this
->drupalGet('admin/config/system/securitytxt');
$this
->assertSession()
->statusCodeEquals(403, 'Access denied for Authenticated user with no permissions to securitytxt configure page.');
$this
->drupalGet('admin/config/system/securitytxt/sign');
$this
->assertSession()
->statusCodeEquals(403, 'Access denied for Authenticated user with no permissions to securitytxt sign page.');
$this
->drupalGet('.well-known/security.txt');
$this
->assertSession()
->statusCodeEquals(403, 'Access denied for Authenticated user with no permissions to security.txt page.');
$this
->drupalGet('.well-known/security.txt.sig');
$this
->assertSession()
->statusCodeEquals(403, 'Access denied for Authenticated user with no permissions to security.txt.sig page.');
$this
->drupalLogout();
/* Test access for Authenticated user with 'view securitytxt' permissions. */
$this
->drupalLogin($this->viewPermissionUser);
$this
->drupalGet('admin/config/system/securitytxt');
$this
->assertSession()
->statusCodeEquals(403, 'Access denied for Authenticated user with "view securitytxt" to securitytxt configure page.');
$this
->drupalGet('admin/config/system/securitytxt/sign');
$this
->assertSession()
->statusCodeEquals(403, 'Access denied for Authenticated user with "view securitytxt" to securitytxt sign page.');
$this
->drupalGet('.well-known/security.txt');
$this
->assertSession()
->statusCodeEquals(404, 'File Not Found for Authenticated user with "view securitytxt" to security.txt page.');
$this
->drupalGet('.well-known/security.txt.sig');
$this
->assertSession()
->statusCodeEquals(404, 'File Not Found for Authenticated user with "view securitytxt" to security.txt.sig page.');
$this
->drupalLogout();
/* Test access for Authenticated user with 'administer securitytxt' permissions. */
$this
->drupalLogin($this->administerPermissionUser);
$this
->drupalGet('admin/config/system/securitytxt');
$this
->assertSession()
->statusCodeEquals(200, 'Access granted to Authenticated user with "administer securitytxt" to securitytxt configure page.');
$this
->drupalGet('admin/config/system/securitytxt/sign');
$this
->assertSession()
->statusCodeEquals(200, 'Access granted to Authenticated user with "administer securitytxt" to securitytxt sign page.');
$this
->drupalGet('.well-known/security.txt');
$this
->assertSession()
->statusCodeEquals(403, 'Access denied for Authenticated user with "administer securitytxt" to security.txt page.');
$this
->drupalGet('.well-known/security.txt.sig');
$this
->assertSession()
->statusCodeEquals(403, 'Access denied for Authenticated user with "administer securitytxt" to security.txt.sig page.');
$this
->drupalLogout();
/* Test access for Authenticated user with 'view securitytxt' & 'administer securitytxt' permissions. */
$this
->drupalLogin($this->viewAndAdministerPermissionUser);
$this
->drupalGet('admin/config/system/securitytxt');
$this
->assertSession()
->statusCodeEquals(200, 'Access granted to Authenticated user with both securitytxt perms to securitytxt configure page.');
$this
->drupalGet('admin/config/system/securitytxt/sign');
$this
->assertSession()
->statusCodeEquals(200, 'Access granted to Authenticated user with both securitytxt perms to securitytxt sign page.');
$this
->drupalGet('.well-known/security.txt');
$this
->assertSession()
->statusCodeEquals(404, 'Access denied for Authenticated user with both securitytxt perms to security.txt page.');
$this
->drupalGet('.well-known/security.txt.sig');
$this
->assertSession()
->statusCodeEquals(404, 'Access denied for Authenticated user with both securitytxt perms to security.txt.sig page.');
$this
->drupalLogout();
}