You are here

class RolesNegotiationFunctionalTest in Simple OAuth (OAuth2) & OpenID Connect 8.2

Same name and namespace in other branches
  1. 8.3 simple_oauth_extras/tests/src/Functional/RolesNegotiationFunctionalTest.php \Drupal\Tests\simple_oauth_extras\Functional\RolesNegotiationFunctionalTest

@group simple_oauth_extras

Hierarchy

Expanded class hierarchy of RolesNegotiationFunctionalTest

File

simple_oauth_extras/tests/src/Functional/RolesNegotiationFunctionalTest.php, line 15

Namespace

Drupal\Tests\simple_oauth_extras\Functional
View source
class RolesNegotiationFunctionalTest extends BrowserTestBase {
  use RequestHelperTrait;
  public static $modules = [
    'image',
    'simple_oauth',
    'simple_oauth_extras',
    'text',
    'user',
  ];

  /**
   * @var \Drupal\Core\Url
   */
  protected $url;

  /**
   * @var \Drupal\Core\Url
   */
  protected $tokenTestUrl;

  /**
   * @var \Drupal\simple_oauth\Entity\Oauth2ClientInterface
   */
  protected $client;

  /**
   * @var \Drupal\user\UserInterface
   */
  protected $user;

  /**
   * @var \GuzzleHttp\ClientInterface
   */
  protected $httpClient;

  /**
   * @var string
   */
  protected $privateKeyPath;

  /**
   * @var string
   */
  protected $publicKeyPath;

  /**
   * @var string
   */
  protected $clientSecret;

  /**
   * {@inheritdoc}
   */
  public function setUp() {
    parent::setUp();
    $this->htmlOutputEnabled = FALSE;
    $this->tokenTestUrl = Url::fromRoute('oauth2_token.user_debug');
    $this->url = Url::fromRoute('oauth2_token.token');
    $this->user = $this
      ->drupalCreateUser();

    // Set up a HTTP client that accepts relative URLs.
    $this->httpClient = $this->container
      ->get('http_client_factory')
      ->fromOptions([
      'base_uri' => $this->baseUrl,
    ]);
    $this->clientSecret = $this
      ->getRandomGenerator()
      ->string();

    // Create a role 'foo' and add two permissions to it.
    $role = Role::create([
      'id' => 'foo',
      'label' => 'Foo',
      'is_admin' => FALSE,
    ]);
    $role
      ->grantPermission('view own simple_oauth entities');
    $role
      ->save();
    $role = Role::create([
      'id' => 'bar',
      'label' => 'Bar',
      'is_admin' => FALSE,
    ]);
    $role
      ->grantPermission('administer simple_oauth entities');
    $role
      ->save();
    $role = Role::create([
      'id' => 'oof',
      'label' => 'Oof',
      'is_admin' => FALSE,
    ]);
    $role
      ->grantPermission('delete own simple_oauth entities');
    $role
      ->save();
    $this->user
      ->addRole('foo');
    $this->user
      ->addRole('bar');
    $this->user
      ->save();

    // Create a Oauth2Client.
    $this->client = Oauth2Client::create([
      'owner_id' => 1,
      'user_id' => $this->user
        ->id(),
      'label' => $this
        ->getRandomGenerator()
        ->name(),
      'secret' => $this->clientSecret,
      'confidential' => TRUE,
      'roles' => [
        [
          'target_id' => 'oof',
        ],
      ],
    ]);
    $this->client
      ->save();

    // Configure the public and private keys.
    $path = $this->container
      ->get('module_handler')
      ->getModule('simple_oauth')
      ->getPath();
    $temp_dir = sys_get_temp_dir();
    $public_path = '/' . $path . '/tests/certificates/public.key';
    $private_path = '/' . $path . '/tests/certificates/private.key';
    file_put_contents($temp_dir . '/public.key', file_get_contents(DRUPAL_ROOT . $public_path));
    file_put_contents($temp_dir . '/private.key', file_get_contents(DRUPAL_ROOT . $private_path));
    chmod($temp_dir . '/public.key', 0660);
    chmod($temp_dir . '/private.key', 0660);
    $this->publicKeyPath = $temp_dir . '/public.key';
    $this->privateKeyPath = $temp_dir . '/private.key';
    $settings = $this
      ->config('simple_oauth.settings');
    $settings
      ->set('public_key', $this->publicKeyPath);
    $settings
      ->set('private_key', $this->privateKeyPath);
    $settings
      ->save();
  }

  /**
   * Test access to own published node with missing role on User entity.
   */
  public function testRequestWithRoleRemovedFromUser() {
    $access_token = $this
      ->getAccessToken([
      'foo',
      'bar',
    ]);

    // Get detailed information about the authenticated user.
    $response = $this
      ->request('GET', $this->tokenTestUrl, [
      'query' => [
        '_format' => 'json',
      ],
      'headers' => [
        'Authorization' => 'Bearer ' . $access_token,
      ],
    ]);
    $parsed_response = Json::decode($response
      ->getBody()
      ->getContents());
    $this
      ->assertEquals($this->user
      ->id(), $parsed_response['id']);
    $this
      ->assertEquals([
      'foo',
      'bar',
      'authenticated',
      'oof',
    ], $parsed_response['roles']);
    $this
      ->assertTrue($parsed_response['permissions']['view own simple_oauth entities']['access']);
    $this
      ->assertTrue($parsed_response['permissions']['administer simple_oauth entities']['access']);
    $this->user
      ->removeRole('bar');
    $this->user
      ->save();

    // We have edited the user, but there was a non-expired existing token for
    // that user. Even though the TokenUser has the roles assigned, the
    // underlying user doesn't, so access should not be granted.
    $response = $this
      ->request('GET', $this->tokenTestUrl, [
      'query' => [
        '_format' => 'json',
      ],
      'headers' => [
        'Authorization' => 'Bearer ' . $access_token,
      ],
    ]);
    $parsed_response = Json::decode($response
      ->getBody()
      ->getContents());

    // The token was successfully removed. The negotiated user is the anonymous
    // user.
    $this
      ->assertEquals(0, $parsed_response['id']);
    $this
      ->assertEquals([
      'anonymous',
    ], $parsed_response['roles']);
    $this
      ->assertFalse($parsed_response['permissions']['view own simple_oauth entities']['access']);
    $this
      ->assertFalse($parsed_response['permissions']['administer simple_oauth entities']['access']);

    // Request the access token again. This time the user doesn't have the role
    // requested at the time of generating the token.
    $access_token = $this
      ->getAccessToken([
      'foo',
      'bar',
    ]);
    $response = $this
      ->request('GET', $this->tokenTestUrl, [
      'query' => [
        '_format' => 'json',
      ],
      'headers' => [
        'Authorization' => 'Bearer ' . $access_token,
      ],
    ]);
    $parsed_response = Json::decode($response
      ->getBody()
      ->getContents());

    // The negotiated user is the expected user.
    $this
      ->assertEquals($this->user
      ->id(), $parsed_response['id']);
    $this
      ->assertEquals([
      'foo',
      'authenticated',
      'oof',
    ], $parsed_response['roles']);
    $this
      ->assertTrue($parsed_response['permissions']['view own simple_oauth entities']['access']);
    $this
      ->assertFalse($parsed_response['permissions']['administer simple_oauth entities']['access']);
  }

  /**
   * Test access to own unpublished node but with the role removed from client.
   */
  public function testRequestWithRoleRemovedFromClient() {
    $access_token = $this
      ->getAccessToken([
      'oof',
    ]);

    // Get detailed information about the authenticated user.
    $response = $this
      ->request('GET', $this->tokenTestUrl, [
      'query' => [
        '_format' => 'json',
      ],
      'headers' => [
        'Authorization' => 'Bearer ' . $access_token,
      ],
    ]);
    $parsed_response = Json::decode($response
      ->getBody()
      ->getContents());
    $this
      ->assertEquals($this->user
      ->id(), $parsed_response['id']);
    $this
      ->assertEquals([
      'authenticated',
      'oof',
    ], $parsed_response['roles']);
    $this
      ->assertTrue($parsed_response['permissions']['delete own simple_oauth entities']['access']);
    $this->client
      ->set('roles', []);

    // After saving the client entity, the token should be deleted.
    $this->client
      ->save();

    // User should NOT have access to view own simple_oauth entities,
    // because the scope is indicated in the token request, but
    // missing from the client content entity.
    $response = $this
      ->request('GET', $this->tokenTestUrl, [
      'query' => [
        '_format' => 'json',
      ],
      'headers' => [
        'Authorization' => 'Bearer ' . $access_token,
      ],
    ]);
    $parsed_response = Json::decode($response
      ->getBody()
      ->getContents());

    // The token was successfully removed. The negotiated user is the anonymous
    // user.
    $this
      ->assertEquals(0, $parsed_response['id']);
    $this
      ->assertEquals([
      'anonymous',
    ], $parsed_response['roles']);
    $this
      ->assertFalse($parsed_response['permissions']['view own simple_oauth entities']['access']);
    $access_token = $this
      ->getAccessToken([
      'oof',
    ]);

    // Get detailed information about the authenticated user.
    $response = $this
      ->request('GET', $this->tokenTestUrl, [
      'query' => [
        '_format' => 'json',
      ],
      'headers' => [
        'Authorization' => 'Bearer ' . $access_token,
      ],
    ]);
    $parsed_response = Json::decode($response
      ->getBody()
      ->getContents());
    $this
      ->assertEquals($this->user
      ->id(), $parsed_response['id']);
    $this
      ->assertEquals([
      'authenticated',
    ], $parsed_response['roles']);
    $this
      ->assertFalse($parsed_response['permissions']['delete own simple_oauth entities']['access']);
  }

  /**
   * Test access to own unpublished node but with missing scope.
   */
  public function testRequestWithMissingScope() {
    $access_token = $this
      ->getAccessToken();
    $response = $this
      ->request('GET', $this->tokenTestUrl, [
      'query' => [
        '_format' => 'json',
      ],
      'headers' => [
        'Authorization' => 'Bearer ' . $access_token,
      ],
    ]);
    $parsed_response = Json::decode($response
      ->getBody()
      ->getContents());
    $this
      ->assertEquals($this->user
      ->id(), $parsed_response['id']);

    //
    $this
      ->assertEquals([
      'authenticated',
      'oof',
    ], $parsed_response['roles']);
    $this
      ->assertFalse($parsed_response['permissions']['view own simple_oauth entities']['access']);
  }

  /**
   * Return an access token.
   *
   * @param array $scopes
   *   The scopes.
   *
   * @return string
   *   The access token.
   */
  private function getAccessToken(array $scopes = []) {
    $valid_payload = [
      'grant_type' => 'client_credentials',
      'client_id' => $this->client
        ->uuid(),
      'client_secret' => $this->clientSecret,
    ];
    if (!empty($scopes)) {
      $valid_payload['scope'] = implode(' ', $scopes);
    }
    $response = $this
      ->request('POST', $this->url, [
      'form_params' => $valid_payload,
    ]);
    $parsed_response = Json::decode($response
      ->getBody()
      ->getContents());
    return $parsed_response['access_token'];
  }

}

Members

Namesort descending Modifiers Type Description Overrides
AssertHelperTrait::castSafeStrings protected static function Casts MarkupInterface objects into strings.
AssertLegacyTrait::assert protected function Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertTrue() instead.
AssertLegacyTrait::assertCacheTag protected function Asserts whether an expected cache tag was present in the last response.
AssertLegacyTrait::assertElementNotPresent protected function Asserts that the element with the given CSS selector is not present.
AssertLegacyTrait::assertElementPresent protected function Asserts that the element with the given CSS selector is present.
AssertLegacyTrait::assertEqual protected function Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertEquals() instead.
AssertLegacyTrait::assertEscaped protected function Passes if the raw text IS found escaped on the loaded page, fail otherwise.
AssertLegacyTrait::assertField protected function Asserts that a field exists with the given name or ID.
AssertLegacyTrait::assertFieldById protected function Asserts that a field exists with the given ID and value.
AssertLegacyTrait::assertFieldByName protected function Asserts that a field exists with the given name and value.
AssertLegacyTrait::assertFieldByXPath protected function Asserts that a field exists in the current page by the given XPath.
AssertLegacyTrait::assertFieldChecked protected function Asserts that a checkbox field in the current page is checked.
AssertLegacyTrait::assertFieldsByValue protected function Asserts that a field exists in the current page with a given Xpath result.
AssertLegacyTrait::assertHeader protected function Checks that current response header equals value.
AssertLegacyTrait::assertIdentical protected function Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertSame() instead.
AssertLegacyTrait::assertIdenticalObject protected function Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertEquals() instead.
AssertLegacyTrait::assertLink protected function Passes if a link with the specified label is found.
AssertLegacyTrait::assertLinkByHref protected function Passes if a link containing a given href (part) is found.
AssertLegacyTrait::assertNoCacheTag protected function Asserts whether an expected cache tag was absent in the last response.
AssertLegacyTrait::assertNoEscaped protected function Passes if the raw text is not found escaped on the loaded page.
AssertLegacyTrait::assertNoField protected function Asserts that a field does NOT exist with the given name or ID.
AssertLegacyTrait::assertNoFieldById protected function Asserts that a field does not exist with the given ID and value.
AssertLegacyTrait::assertNoFieldByName protected function Asserts that a field does not exist with the given name and value.
AssertLegacyTrait::assertNoFieldByXPath protected function Asserts that a field does not exist or its value does not match, by XPath.
AssertLegacyTrait::assertNoFieldChecked protected function Asserts that a checkbox field in the current page is not checked.
AssertLegacyTrait::assertNoLink protected function Passes if a link with the specified label is not found.
AssertLegacyTrait::assertNoLinkByHref protected function Passes if a link containing a given href (part) is not found.
AssertLegacyTrait::assertNoOption protected function Asserts that a select option does NOT exist in the current page.
AssertLegacyTrait::assertNoPattern protected function Triggers a pass if the Perl regex pattern is not found in the raw content.
AssertLegacyTrait::assertNoRaw protected function Passes if the raw text IS not found on the loaded page, fail otherwise. 1
AssertLegacyTrait::assertNotEqual protected function Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertNotEquals() instead.
AssertLegacyTrait::assertNoText protected function Passes if the page (with HTML stripped) does not contains the text. 1
AssertLegacyTrait::assertNotIdentical protected function Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertNotSame() instead.
AssertLegacyTrait::assertNoUniqueText protected function Passes if the text is found MORE THAN ONCE on the text version of the page.
AssertLegacyTrait::assertOption protected function Asserts that a select option in the current page exists.
AssertLegacyTrait::assertOptionByText protected function Asserts that a select option with the visible text exists.
AssertLegacyTrait::assertOptionSelected protected function Asserts that a select option in the current page is checked.
AssertLegacyTrait::assertPattern protected function Triggers a pass if the Perl regex pattern is found in the raw content.
AssertLegacyTrait::assertRaw protected function Passes if the raw text IS found on the loaded page, fail otherwise. 1
AssertLegacyTrait::assertResponse protected function Asserts the page responds with the specified response code. 1
AssertLegacyTrait::assertText protected function Passes if the page (with HTML stripped) contains the text. 1
AssertLegacyTrait::assertTextHelper protected function Helper for assertText and assertNoText.
AssertLegacyTrait::assertTitle protected function Pass if the page title is the given string.
AssertLegacyTrait::assertUniqueText protected function Passes if the text is found ONLY ONCE on the text version of the page.
AssertLegacyTrait::assertUrl protected function Passes if the internal browser's URL matches the given path.
AssertLegacyTrait::buildXPathQuery protected function Builds an XPath query.
AssertLegacyTrait::constructFieldXpath protected function Helper: Constructs an XPath for the given set of attributes and value.
AssertLegacyTrait::getAllOptions protected function Get all option elements, including nested options, in a select.
AssertLegacyTrait::getRawContent protected function Gets the current raw content.
AssertLegacyTrait::pass protected function Deprecated Scheduled for removal in Drupal 10.0.0. Use self::assertTrue() instead.
AssertLegacyTrait::verbose protected function
BlockCreationTrait::placeBlock protected function Creates a block instance based on default settings. Aliased as: drupalPlaceBlock
BrowserHtmlDebugTrait::$htmlOutputBaseUrl protected property The Base URI to use for links to the output files.
BrowserHtmlDebugTrait::$htmlOutputClassName protected property Class name for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputCounter protected property Counter for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputCounterStorage protected property Counter storage for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputDirectory protected property Directory name for HTML output logging.
BrowserHtmlDebugTrait::$htmlOutputEnabled protected property HTML output output enabled.
BrowserHtmlDebugTrait::$htmlOutputFile protected property The file name to write the list of URLs to.
BrowserHtmlDebugTrait::$htmlOutputTestId protected property HTML output test ID.
BrowserHtmlDebugTrait::formatHtmlOutputHeaders protected function Formats HTTP headers as string for HTML output logging.
BrowserHtmlDebugTrait::getHtmlOutputHeaders protected function Returns headers in HTML output format. 1
BrowserHtmlDebugTrait::htmlOutput protected function Logs a HTML output message in a text file.
BrowserHtmlDebugTrait::initBrowserOutputFile protected function Creates the directory to store browser output.
BrowserTestBase::$baseUrl protected property The base URL.
BrowserTestBase::$configImporter protected property The config importer that can be used in a test.
BrowserTestBase::$customTranslations protected property An array of custom translations suitable for drupal_rewrite_settings().
BrowserTestBase::$databasePrefix protected property The database prefix of this test run.
BrowserTestBase::$defaultTheme protected property The theme to install as the default for testing. 1,597
BrowserTestBase::$mink protected property Mink session manager.
BrowserTestBase::$minkDefaultDriverArgs protected property
BrowserTestBase::$minkDefaultDriverClass protected property 1
BrowserTestBase::$originalContainer protected property The original container.
BrowserTestBase::$originalShutdownCallbacks protected property The original array of shutdown function callbacks.
BrowserTestBase::$preserveGlobalState protected property
BrowserTestBase::$profile protected property The profile to install as a basis for testing. 39
BrowserTestBase::$root protected property The app root.
BrowserTestBase::$runTestInSeparateProcess protected property Browser tests are run in separate processes to prevent collisions between code that may be loaded by tests.
BrowserTestBase::$timeLimit protected property Time limit in seconds for the test.
BrowserTestBase::$translationFilesDirectory protected property The translation file directory for the test environment.
BrowserTestBase::cleanupEnvironment protected function Clean up the Simpletest environment.
BrowserTestBase::config protected function Configuration accessor for tests. Returns non-overridden configuration.
BrowserTestBase::cssSelectToXpath protected function Translates a CSS expression to its XPath equivalent.
BrowserTestBase::drupalGetHeader protected function Gets the value of an HTTP response header.
BrowserTestBase::drupalGetHeaders Deprecated protected function Returns all response headers.
BrowserTestBase::filePreDeleteCallback public static function Ensures test files are deletable.
BrowserTestBase::getDefaultDriverInstance protected function Gets an instance of the default Mink driver.
BrowserTestBase::getDrupalSettings protected function Gets the JavaScript drupalSettings variable for the currently-loaded page. 1
BrowserTestBase::getHttpClient protected function Obtain the HTTP client for the system under test.
BrowserTestBase::getMinkDriverArgs protected function Get the Mink driver args from an environment variable, if it is set. Can be overridden in a derived class so it is possible to use a different value for a subset of tests, e.g. the JavaScript tests. 1
BrowserTestBase::getOptions protected function Helper function to get the options of select field.
BrowserTestBase::getResponseLogHandler protected function Provides a Guzzle middleware handler to log every response received. Overrides BrowserHtmlDebugTrait::getResponseLogHandler
BrowserTestBase::getSession public function Returns Mink session.
BrowserTestBase::getSessionCookies protected function Get session cookies from current session.
BrowserTestBase::getTestMethodCaller protected function Retrieves the current calling line in the class under test. Overrides BrowserHtmlDebugTrait::getTestMethodCaller
BrowserTestBase::initFrontPage protected function Visits the front page when initializing Mink. 3
BrowserTestBase::initMink protected function Initializes Mink sessions. 1
BrowserTestBase::installDrupal public function Installs Drupal into the Simpletest site. 1
BrowserTestBase::registerSessions protected function Registers additional Mink sessions.
BrowserTestBase::tearDown protected function 3
BrowserTestBase::translatePostValues protected function Transforms a nested array into a flat array suitable for drupalPostForm().
BrowserTestBase::xpath protected function Performs an xpath search on the contents of the internal browser.
BrowserTestBase::__construct public function 1
BrowserTestBase::__sleep public function Prevents serializing any properties.
ConfigTestTrait::configImporter protected function Returns a ConfigImporter object to import test configuration.
ConfigTestTrait::copyConfig protected function Copies configuration objects from source storage to target storage.
ContentTypeCreationTrait::createContentType protected function Creates a custom content type based on default settings. Aliased as: drupalCreateContentType 1
FunctionalTestSetupTrait::$apcuEnsureUniquePrefix protected property The flag to set 'apcu_ensure_unique_prefix' setting. 1
FunctionalTestSetupTrait::$classLoader protected property The class loader to use for installation and initialization of setup.
FunctionalTestSetupTrait::$configDirectories Deprecated protected property The config directories used in this test.
FunctionalTestSetupTrait::$rootUser protected property The "#1" admin user.
FunctionalTestSetupTrait::doInstall protected function Execute the non-interactive installer. 1
FunctionalTestSetupTrait::getDatabaseTypes protected function Returns all supported database driver installer objects.
FunctionalTestSetupTrait::initConfig protected function Initialize various configurations post-installation. 2
FunctionalTestSetupTrait::initKernel protected function Initializes the kernel after installation.
FunctionalTestSetupTrait::initSettings protected function Initialize settings created during install.
FunctionalTestSetupTrait::initUserSession protected function Initializes user 1 for the site to be installed.
FunctionalTestSetupTrait::installDefaultThemeFromClassProperty protected function Installs the default theme defined by `static::$defaultTheme` when needed.
FunctionalTestSetupTrait::installModulesFromClassProperty protected function Install modules defined by `static::$modules`. 1
FunctionalTestSetupTrait::installParameters protected function Returns the parameters that will be used when Simpletest installs Drupal. 9
FunctionalTestSetupTrait::prepareEnvironment protected function Prepares the current environment for running the test. 23
FunctionalTestSetupTrait::prepareRequestForGenerator protected function Creates a mock request and sets it on the generator.
FunctionalTestSetupTrait::prepareSettings protected function Prepares site settings and services before installation. 2
FunctionalTestSetupTrait::rebuildAll protected function Resets and rebuilds the environment after setup.
FunctionalTestSetupTrait::rebuildContainer protected function Rebuilds \Drupal::getContainer().
FunctionalTestSetupTrait::resetAll protected function Resets all data structures after having enabled new modules.
FunctionalTestSetupTrait::setContainerParameter protected function Changes parameters in the services.yml file.
FunctionalTestSetupTrait::setupBaseUrl protected function Sets up the base URL based upon the environment variable.
FunctionalTestSetupTrait::writeSettings protected function Rewrites the settings.php file of the test site.
NodeCreationTrait::createNode protected function Creates a node based on default settings. Aliased as: drupalCreateNode
NodeCreationTrait::getNodeByTitle public function Get a node from the database based on its title. Aliased as: drupalGetNodeByTitle
PhpunitCompatibilityTrait::getMock Deprecated public function Returns a mock object for the specified class using the available method.
PhpunitCompatibilityTrait::setExpectedException Deprecated public function Compatibility layer for PHPUnit 6 to support PHPUnit 4 code.
RandomGeneratorTrait::$randomGenerator protected property The random generator.
RandomGeneratorTrait::getRandomGenerator protected function Gets the random generator for the utility methods.
RandomGeneratorTrait::randomMachineName protected function Generates a unique random string containing letters and numbers. 1
RandomGeneratorTrait::randomObject public function Generates a random PHP object.
RandomGeneratorTrait::randomString public function Generates a pseudo-random string of ASCII characters of codes 32 to 126.
RandomGeneratorTrait::randomStringValidate public function Callback for random string validation.
RefreshVariablesTrait::refreshVariables protected function Refreshes in-memory configuration and state information. 3
RequestHelperTrait::request protected function Performs a HTTP request. Wraps the Guzzle HTTP client.
RolesNegotiationFunctionalTest::$client protected property
RolesNegotiationFunctionalTest::$clientSecret protected property
RolesNegotiationFunctionalTest::$httpClient protected property
RolesNegotiationFunctionalTest::$modules public static property Modules to enable. Overrides BrowserTestBase::$modules
RolesNegotiationFunctionalTest::$privateKeyPath protected property
RolesNegotiationFunctionalTest::$publicKeyPath protected property
RolesNegotiationFunctionalTest::$tokenTestUrl protected property
RolesNegotiationFunctionalTest::$url protected property
RolesNegotiationFunctionalTest::$user protected property
RolesNegotiationFunctionalTest::getAccessToken private function Return an access token.
RolesNegotiationFunctionalTest::setUp public function Overrides BrowserTestBase::setUp
RolesNegotiationFunctionalTest::testRequestWithMissingScope public function Test access to own unpublished node but with missing scope.
RolesNegotiationFunctionalTest::testRequestWithRoleRemovedFromClient public function Test access to own unpublished node but with the role removed from client.
RolesNegotiationFunctionalTest::testRequestWithRoleRemovedFromUser public function Test access to own published node with missing role on User entity.
SessionTestTrait::$sessionName protected property The name of the session cookie.
SessionTestTrait::generateSessionName protected function Generates a session cookie name.
SessionTestTrait::getSessionName protected function Returns the session name in use on the child site.
StorageCopyTrait::replaceStorageContents protected static function Copy the configuration from one storage to another and remove stale items.
TestRequirementsTrait::checkModuleRequirements private function Checks missing module requirements.
TestRequirementsTrait::checkRequirements protected function Check module requirements for the Drupal use case. 1
TestRequirementsTrait::getDrupalRoot protected static function Returns the Drupal root directory.
TestSetupTrait::$configSchemaCheckerExclusions protected static property An array of config object names that are excluded from schema checking.
TestSetupTrait::$container protected property The dependency injection container used in the test.
TestSetupTrait::$kernel protected property The DrupalKernel instance used in the test.
TestSetupTrait::$originalSite protected property The site directory of the original parent site.
TestSetupTrait::$privateFilesDirectory protected property The private file directory for the test environment.
TestSetupTrait::$publicFilesDirectory protected property The public file directory for the test environment.
TestSetupTrait::$siteDirectory protected property The site directory of this test run.
TestSetupTrait::$strictConfigSchema protected property Set to TRUE to strict check all configuration saved. 2
TestSetupTrait::$tempFilesDirectory protected property The temporary file directory for the test environment.
TestSetupTrait::$testId protected property The test run ID.
TestSetupTrait::changeDatabasePrefix protected function Changes the database connection to the prefixed one.
TestSetupTrait::getConfigSchemaExclusions protected function Gets the config schema exclusions for this test.
TestSetupTrait::getDatabaseConnection public static function Returns the database connection to the site running Simpletest.
TestSetupTrait::prepareDatabasePrefix protected function Generates a database prefix for running tests. 2
UiHelperTrait::$loggedInUser protected property The current user logged in using the Mink controlled browser.
UiHelperTrait::$maximumMetaRefreshCount protected property The number of meta refresh redirects to follow, or NULL if unlimited.
UiHelperTrait::$metaRefreshCount protected property The number of meta refresh redirects followed during ::drupalGet().
UiHelperTrait::assertSession public function Returns WebAssert object. 1
UiHelperTrait::buildUrl protected function Builds an a absolute URL from a system path or a URL object.
UiHelperTrait::checkForMetaRefresh protected function Checks for meta refresh tag and if found call drupalGet() recursively.
UiHelperTrait::click protected function Clicks the element with the given CSS selector.
UiHelperTrait::clickLink protected function Follows a link by complete name.
UiHelperTrait::cssSelect protected function Searches elements using a CSS selector in the raw content.
UiHelperTrait::drupalGet protected function Retrieves a Drupal path or an absolute path. 3
UiHelperTrait::drupalLogin protected function Logs in a user using the Mink controlled browser.
UiHelperTrait::drupalLogout protected function Logs a user out of the Mink controlled browser and confirms.
UiHelperTrait::drupalPostForm protected function Executes a form submission.
UiHelperTrait::drupalUserIsLoggedIn protected function Returns whether a given user account is logged in.
UiHelperTrait::getAbsoluteUrl protected function Takes a path and returns an absolute path.
UiHelperTrait::getTextContent protected function Retrieves the plain-text content from the current page.
UiHelperTrait::getUrl protected function Get the current URL from the browser.
UiHelperTrait::prepareRequest protected function Prepare for a request to testing site. 1
UiHelperTrait::submitForm protected function Fills and submits a form.
UserCreationTrait::checkPermissions protected function Checks whether a given list of permission names is valid.
UserCreationTrait::createAdminRole protected function Creates an administrative role.
UserCreationTrait::createRole protected function Creates a role with specified permissions. Aliased as: drupalCreateRole
UserCreationTrait::createUser protected function Create a user with a given set of permissions. Aliased as: drupalCreateUser
UserCreationTrait::grantPermissions protected function Grant permissions to a user role.
UserCreationTrait::setCurrentUser protected function Switch the current logged in user.
UserCreationTrait::setUpCurrentUser protected function Creates a random user account and sets it as current user.
XdebugRequestTrait::extractCookiesFromRequest protected function Adds xdebug cookies, from request setup.