Mercurial > hg > isophonics-drupal-site

comparison core/modules/rest/tests/src/Functional/CookieResourceTestTrait.php @ 14:1fec387a4317

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update Drupal core to 8.5.2 via Composer
author Chris Cannam
date Mon, 23 Apr 2018 09:46:53 +0100
parents 7a779792577d
children 129ea1e6d783
comparison
equal deleted inserted replaced
13:5fb285c0d0e3 14:1fec387a4317
59 $request_body = [ 59 $request_body = [
60 'name' => $this->account->name->value, 60 'name' => $this->account->name->value,
61 'pass' => $this->account->passRaw, 61 'pass' => $this->account->passRaw,
62 ]; 62 ];
63 63
64 $request_options[RequestOptions::BODY] = $this->serializer->encode($request_body, 'json'); 64 $request_options[RequestOptions::BODY] = $this->serializer->encode($request_body, static::$format);
65 $request_options[RequestOptions::HEADERS] = [ 65 $request_options[RequestOptions::HEADERS] = [
66 'Content-Type' => static::$mimeType, 66 'Content-Type' => static::$mimeType,
67 ]; 67 ];
68 $response = $this->request('POST', $user_login_url, $request_options); 68 $response = $this->request('POST', $user_login_url, $request_options);
69 69
89 } 89 }
90 90
91 /** 91 /**
92 * {@inheritdoc} 92 * {@inheritdoc}
93 */ 93 */
94 protected function assertResponseWhenMissingAuthentication(ResponseInterface $response) { 94 protected function assertResponseWhenMissingAuthentication($method, ResponseInterface $response) {
95 // Requests needing cookie authentication but missing it results in a 403 95 // Requests needing cookie authentication but missing it results in a 403
96 // response. The cookie authentication mechanism sets no response message. 96 // response. The cookie authentication mechanism sets no response message.
97 // Hence, effectively, this is just the 403 response that one gets as the
98 // anonymous user trying to access a certain REST resource.
99 // @see \Drupal\user\Authentication\Provider\Cookie
97 // @todo https://www.drupal.org/node/2847623 100 // @todo https://www.drupal.org/node/2847623
98 $this->assertResourceErrorResponse(403, FALSE, $response); 101 if ($method === 'GET') {
102 $expected_cookie_403_cacheability = $this->getExpectedUnauthorizedAccessCacheability();
103 // - \Drupal\Core\EventSubscriber\AnonymousUserResponseSubscriber applies
104 // to cacheable anonymous responses: it updates their cacheability.
105 // - A 403 response to a GET request is cacheable.
106 // Therefore we must update our cacheability expectations accordingly.
107 if (in_array('user.permissions', $expected_cookie_403_cacheability->getCacheContexts(), TRUE)) {
108 $expected_cookie_403_cacheability->addCacheTags(['config:user.role.anonymous']);
109 }
110 // @todo Fix \Drupal\block\BlockAccessControlHandler::mergeCacheabilityFromConditions() in https://www.drupal.org/node/2867881
111 if (static::$entityTypeId === 'block') {
112 $expected_cookie_403_cacheability->setCacheTags(str_replace('user:2', 'user:0', $expected_cookie_403_cacheability->getCacheTags()));
113 }
114 $this->assertResourceErrorResponse(403, FALSE, $response, $expected_cookie_403_cacheability->getCacheTags(), $expected_cookie_403_cacheability->getCacheContexts(), 'MISS', 'MISS');
115 }
116 else {
117 $this->assertResourceErrorResponse(403, FALSE, $response);
118 }
99 } 119 }
100 120
101 /** 121 /**
102 * {@inheritdoc} 122 * {@inheritdoc}
103 */ 123 */