Mercurial > hg > isophonics-drupal-site

diff core/modules/rest/tests/src/Functional/BasicAuthResourceTestTrait.php @ 17:129ea1e6d783

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update, including to Drupal core 8.6.10
author Chris Cannam
date Thu, 28 Feb 2019 13:21:36 +0000
parents 1fec387a4317
children
line wrap: on
line diff
--- a/core/modules/rest/tests/src/Functional/BasicAuthResourceTestTrait.php	Tue Jul 10 15:07:59 2018 +0100
+++ b/core/modules/rest/tests/src/Functional/BasicAuthResourceTestTrait.php	Thu Feb 28 13:21:36 2019 +0000
@@ -14,8 +14,6 @@
  *   authenticated, a 401 response must be sent.
  * - Because every request must send an authorization, there is no danger of
  *   CSRF attacks.
- *
- * @see \Drupal\Tests\rest\Functional\BasicAuthResourceWithInterfaceTranslationTestTrait
  */
 trait BasicAuthResourceTestTrait {
 
@@ -34,10 +32,23 @@
    * {@inheritdoc}
    */
   protected function assertResponseWhenMissingAuthentication($method, ResponseInterface $response) {
+    if ($method !== 'GET') {
+      return $this->assertResourceErrorResponse(401, 'No authentication credentials provided.', $response);
+    }
+
     $expected_page_cache_header_value = $method === 'GET' ? 'MISS' : FALSE;
-    // @see \Drupal\basic_auth\Authentication\Provider\BasicAuth::challengeException()
-    $expected_dynamic_page_cache_header_value = $expected_page_cache_header_value;
-    $this->assertResourceErrorResponse(401, 'No authentication credentials provided.', $response, ['4xx-response', 'config:system.site', 'config:user.role.anonymous', 'http_response'], ['user.roles:anonymous'], $expected_page_cache_header_value, $expected_dynamic_page_cache_header_value);
+    $expected_cacheability = $this->getExpectedUnauthorizedAccessCacheability()
+      ->addCacheableDependency($this->getExpectedUnauthorizedEntityAccessCacheability(FALSE))
+      // @see \Drupal\basic_auth\Authentication\Provider\BasicAuth::challengeException()
+      ->addCacheableDependency($this->config('system.site'))
+      // @see \Drupal\Core\EventSubscriber\AnonymousUserResponseSubscriber::onRespond()
+      ->addCacheTags(['config:user.role.anonymous']);
+    // Only add the 'user.roles:anonymous' cache context if its parent cache
+    // context is not already present.
+    if (!in_array('user.roles', $expected_cacheability->getCacheContexts(), TRUE)) {
+      $expected_cacheability->addCacheContexts(['user.roles:anonymous']);
+    }
+    $this->assertResourceErrorResponse(401, 'No authentication credentials provided.', $response, $expected_cacheability->getCacheTags(), $expected_cacheability->getCacheContexts(), $expected_page_cache_header_value, FALSE);
   }
 
   /**