You are here

public function CreateTest::testCreateNode in Zircon Profile 8

Same name and namespace in other branches
  1. 8.0 core/modules/rest/src/Tests/CreateTest.php \Drupal\rest\Tests\CreateTest::testCreateNode()

Tests several valid and invalid create requests for 'node' entity type.

File

core/modules/rest/src/Tests/CreateTest.php, line 176
Contains \Drupal\rest\Tests\CreateTest.

Class

CreateTest
Tests the creation of resources.

Namespace

Drupal\rest\Tests

Code

public function testCreateNode() {
  $entity_type = 'node';

  // Enables the REST service for 'node' entity type.
  $this
    ->enableService('entity:' . $entity_type, 'POST');

  // Create two accounts that have the required permissions to create
  // resources. The second one has administrative permissions.
  $accounts = $this
    ->createAccountPerEntity($entity_type);

  // Verify create requests per user.
  foreach ($accounts as $key => $account) {
    $this
      ->drupalLogin($account);

    // Populate some entity properties before create the entity.
    $entity_values = $this
      ->entityValues($entity_type);
    $entity = Node::create($entity_values);

    // Verify that user cannot create content when trying to write to fields
    // where it is not possible.
    if (!$account
      ->hasPermission('administer nodes')) {
      $serialized = $this->serializer
        ->serialize($entity, $this->defaultFormat, [
        'account' => $account,
      ]);
      $this
        ->httpRequest('entity/' . $entity_type, 'POST', $serialized, $this->defaultMimeType);
      $this
        ->assertResponse(403);

      // Remove fields where non-administrative users cannot write.
      $entity = $this
        ->removeNodeFieldsForNonAdminUsers($entity);
    }
    else {

      // Changed and revision_timestamp fields can never be added.
      unset($entity->changed);
      unset($entity->revision_timestamp);
    }
    $serialized = $this->serializer
      ->serialize($entity, $this->defaultFormat, [
      'account' => $account,
    ]);

    // Create the entity over the REST API.
    $this
      ->assertCreateEntityOverRestApi($entity_type, $serialized);

    // Get the new entity ID from the location header and try to read it from
    // the database.
    $this
      ->assertReadEntityIdFromHeaderAndDb($entity_type, $entity, $entity_values);

    // Try to send invalid data that cannot be correctly deserialized.
    $this
      ->assertCreateEntityInvalidData($entity_type);

    // Try to send no data at all, which does not make sense on POST requests.
    $this
      ->assertCreateEntityNoData($entity_type);

    // Try to send invalid data to trigger the entity validation constraints. Send a UUID that is too long.
    $this
      ->assertCreateEntityInvalidSerialized($entity, $entity_type);

    // Try to create an entity without proper permissions.
    $this
      ->assertCreateEntityWithoutProperPermissions($entity_type, $serialized);
  }
}