You are here

public function CreateTest::testCreateEntityTest in Zircon Profile 8

Same name and namespace in other branches
  1. 8.0 core/modules/rest/src/Tests/CreateTest.php \Drupal\rest\Tests\CreateTest::testCreateEntityTest()

Tests valid and invalid create requests for 'entity_test' entity type.

File

core/modules/rest/src/Tests/CreateTest.php, line 109
Contains \Drupal\rest\Tests\CreateTest.

Class

CreateTest
Tests the creation of resources.

Namespace

Drupal\rest\Tests

Code

public function testCreateEntityTest() {
  $entity_type = 'entity_test';

  // Enables the REST service for 'entity_test' entity type.
  $this
    ->enableService('entity:' . $entity_type, 'POST');

  // Create two accounts with the required permissions to create resources.
  // The second one has administrative permissions.
  $accounts = $this
    ->createAccountPerEntity($entity_type);

  // Verify create requests per user.
  foreach ($accounts as $key => $account) {
    $this
      ->drupalLogin($account);

    // Populate some entity properties before create the entity.
    $entity_values = $this
      ->entityValues($entity_type);
    $entity = EntityTest::create($entity_values);

    // Serialize the entity before the POST request.
    $serialized = $this->serializer
      ->serialize($entity, $this->defaultFormat, [
      'account' => $account,
    ]);

    // Create the entity over the REST API.
    $this
      ->assertCreateEntityOverRestApi($entity_type, $serialized);

    // Get the entity ID from the location header and try to read it from the
    // database.
    $this
      ->assertReadEntityIdFromHeaderAndDb($entity_type, $entity, $entity_values);

    // Try to create an entity with an access protected field.
    // @see entity_test_entity_field_access()
    $normalized = $this->serializer
      ->normalize($entity, $this->defaultFormat, [
      'account' => $account,
    ]);
    $normalized['field_test_text'][0]['value'] = 'no access value';
    $this
      ->httpRequest('entity/' . $entity_type, 'POST', $this->serializer
      ->serialize($normalized, $this->defaultFormat, [
      'account' => $account,
    ]), $this->defaultMimeType);
    $this
      ->assertResponse(403);
    $this
      ->assertFalse(EntityTest::loadMultiple(), 'No entity has been created in the database.');

    // Try to create a field with a text format this user has no access to.
    $entity->field_test_text->value = $entity_values['field_test_text'][0]['value'];
    $entity->field_test_text->format = 'full_html';
    $serialized = $this->serializer
      ->serialize($entity, $this->defaultFormat, [
      'account' => $account,
    ]);
    $this
      ->httpRequest('entity/' . $entity_type, 'POST', $serialized, $this->defaultMimeType);

    // The value selected is not a valid choice because the format must be
    // 'plain_txt'.
    $this
      ->assertResponse(422);
    $this
      ->assertFalse(EntityTest::loadMultiple(), 'No entity has been created in the database.');

    // Restore the valid test value.
    $entity->field_test_text->format = 'plain_text';
    $serialized = $this->serializer
      ->serialize($entity, $this->defaultFormat, [
      'account' => $account,
    ]);

    // Try to send invalid data that cannot be correctly deserialized.
    $this
      ->assertCreateEntityInvalidData($entity_type);

    // Try to send no data at all, which does not make sense on POST requests.
    $this
      ->assertCreateEntityNoData($entity_type);

    // Try to send invalid data to trigger the entity validation constraints.
    // Send a UUID that is too long.
    $this
      ->assertCreateEntityInvalidSerialized($entity, $entity_type);

    // Try to create an entity without proper permissions.
    $this
      ->assertCreateEntityWithoutProperPermissions($entity_type, $serialized, [
      'account' => $account,
    ]);
  }
}