Chris@18: createDefaultContent(61, 5, TRUE, TRUE, static::IS_NOT_MULTILINGUAL, FALSE); Chris@18: // Unpublish the last entity, so we can check access. Chris@18: $this->nodes[60]->setUnpublished()->save(); Chris@18: Chris@18: // Different databases have different sort orders, so a sort is required so Chris@18: // test expectations do not need to vary per database. Chris@18: $default_sort = ['sort' => 'drupal_internal__nid']; Chris@18: Chris@18: // 0. HEAD request allows a client to verify that JSON:API is installed. Chris@18: $this->httpClient->request('HEAD', $this->buildUrl('/jsonapi/node/article')); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: // 1. Load all articles (1st page). Chris@18: $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => $default_sort, Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertEquals(OffsetPage::SIZE_MAX, count($collection_output['data'])); Chris@18: $this->assertSession() Chris@18: ->responseHeaderEquals('Content-Type', 'application/vnd.api+json'); Chris@18: // 2. Load all articles (Offset 3). Chris@18: $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => ['page' => ['offset' => 3]] + $default_sort, Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertEquals(OffsetPage::SIZE_MAX, count($collection_output['data'])); Chris@18: $this->assertContains('page%5Boffset%5D=53', $collection_output['links']['next']['href']); Chris@18: // 3. Load all articles (1st page, 2 items) Chris@18: $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => ['page' => ['limit' => 2]] + $default_sort, Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertEquals(2, count($collection_output['data'])); Chris@18: // 4. Load all articles (2nd page, 2 items). Chris@18: $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => [ Chris@18: 'page' => [ Chris@18: 'limit' => 2, Chris@18: 'offset' => 2, Chris@18: ], Chris@18: ] + $default_sort, Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertEquals(2, count($collection_output['data'])); Chris@18: $this->assertContains('page%5Boffset%5D=4', $collection_output['links']['next']['href']); Chris@18: // 5. Single article. Chris@18: $uuid = $this->nodes[0]->uuid(); Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid)); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertArrayHasKey('type', $single_output['data']); Chris@18: $this->assertEquals($this->nodes[0]->getTitle(), $single_output['data']['attributes']['title']); Chris@18: Chris@18: // 5.1 Single article with access denied because unauthenticated. Chris@18: Json::decode($this->drupalGet('/jsonapi/node/article/' . $this->nodes[60]->uuid())); Chris@18: $this->assertSession()->statusCodeEquals(401); Chris@18: Chris@18: // 5.1 Single article with access denied while authenticated. Chris@18: $this->drupalLogin($this->userCanViewProfiles); Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $this->nodes[60]->uuid())); Chris@18: $this->assertSession()->statusCodeEquals(403); Chris@18: $this->assertEquals('/data', $single_output['errors'][0]['source']['pointer']); Chris@18: $this->drupalLogout(); Chris@18: Chris@18: // 6. Single relationship item. Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid . '/relationships/node_type')); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertArrayHasKey('type', $single_output['data']); Chris@18: $this->assertArrayNotHasKey('attributes', $single_output['data']); Chris@18: $this->assertArrayHasKey('related', $single_output['links']); Chris@18: // 7. Single relationship image. Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid . '/relationships/field_image')); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertArrayHasKey('type', $single_output['data']); Chris@18: $this->assertArrayNotHasKey('attributes', $single_output['data']); Chris@18: $this->assertArrayHasKey('related', $single_output['links']); Chris@18: // 8. Multiple relationship item. Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid . '/relationships/field_tags')); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertArrayHasKey('type', $single_output['data'][0]); Chris@18: $this->assertArrayNotHasKey('attributes', $single_output['data'][0]); Chris@18: $this->assertArrayHasKey('related', $single_output['links']); Chris@18: // 8b. Single related item, empty. Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid . '/field_heroless')); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertSame(NULL, $single_output['data']); Chris@18: // 9. Related tags with includes. Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid . '/field_tags', [ Chris@18: 'query' => ['include' => 'vid'], Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertEquals('taxonomy_term--tags', $single_output['data'][0]['type']); Chris@18: $this->assertArrayNotHasKey('tid', $single_output['data'][0]['attributes']); Chris@18: $this->assertContains( Chris@18: '/taxonomy_term/tags/', Chris@18: $single_output['data'][0]['links']['self']['href'] Chris@18: ); Chris@18: $this->assertEquals( Chris@18: 'taxonomy_vocabulary--taxonomy_vocabulary', Chris@18: $single_output['included'][0]['type'] Chris@18: ); Chris@18: // 10. Single article with includes. Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid, [ Chris@18: 'query' => ['include' => 'uid,field_tags'], Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertEquals('node--article', $single_output['data']['type']); Chris@18: $first_include = reset($single_output['included']); Chris@18: $this->assertEquals( Chris@18: 'user--user', Chris@18: $first_include['type'] Chris@18: ); Chris@18: $last_include = end($single_output['included']); Chris@18: $this->assertEquals( Chris@18: 'taxonomy_term--tags', Chris@18: $last_include['type'] Chris@18: ); Chris@18: Chris@18: // 10b. Single article with nested includes. Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid, [ Chris@18: 'query' => ['include' => 'field_tags,field_tags.vid'], Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertEquals('node--article', $single_output['data']['type']); Chris@18: $first_include = reset($single_output['included']); Chris@18: $this->assertEquals( Chris@18: 'taxonomy_term--tags', Chris@18: $first_include['type'] Chris@18: ); Chris@18: $last_include = end($single_output['included']); Chris@18: $this->assertEquals( Chris@18: 'taxonomy_vocabulary--taxonomy_vocabulary', Chris@18: $last_include['type'] Chris@18: ); Chris@18: Chris@18: // 11. Includes with relationships. Chris@18: $this->drupalGet('/jsonapi/node/article/' . $uuid . '/relationships/uid'); Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid . '/relationships/uid', [ Chris@18: 'query' => ['include' => 'uid'], Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertEquals('user--user', $single_output['data']['type']); Chris@18: $this->assertArrayHasKey('related', $single_output['links']); Chris@18: $this->assertArrayHasKey('included', $single_output); Chris@18: $first_include = reset($single_output['included']); Chris@18: $this->assertEquals( Chris@18: 'user--user', Chris@18: $first_include['type'] Chris@18: ); Chris@18: $this->assertFalse(empty($first_include['attributes'])); Chris@18: $this->assertTrue(empty($first_include['attributes']['mail'])); Chris@18: $this->assertTrue(empty($first_include['attributes']['pass'])); Chris@18: // 12. Collection with one access denied. Chris@18: $this->nodes[1]->set('status', FALSE); Chris@18: $this->nodes[1]->save(); Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => ['page' => ['limit' => 2]] + $default_sort, Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertEquals(1, count($single_output['data'])); Chris@18: $this->assertEquals(1, count(array_filter(array_keys($single_output['meta']['omitted']['links']), function ($key) { Chris@18: return $key !== 'help'; Chris@18: }))); Chris@18: $link_keys = array_keys($single_output['meta']['omitted']['links']); Chris@18: $this->assertSame('help', reset($link_keys)); Chris@18: $this->assertRegExp('/^item:[a-zA-Z0-9]{7}$/', next($link_keys)); Chris@18: $this->nodes[1]->set('status', TRUE); Chris@18: $this->nodes[1]->save(); Chris@18: // 13. Test filtering when using short syntax. Chris@18: $filter = [ Chris@18: 'uid.id' => ['value' => $this->user->uuid()], Chris@18: 'field_tags.id' => ['value' => $this->tags[0]->uuid()], Chris@18: ]; Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => ['filter' => $filter, 'include' => 'uid,field_tags'], Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertGreaterThan(0, count($single_output['data'])); Chris@18: // 14. Test filtering when using long syntax. Chris@18: $filter = [ Chris@18: 'and_group' => ['group' => ['conjunction' => 'AND']], Chris@18: 'filter_user' => [ Chris@18: 'condition' => [ Chris@18: 'path' => 'uid.id', Chris@18: 'value' => $this->user->uuid(), Chris@18: 'memberOf' => 'and_group', Chris@18: ], Chris@18: ], Chris@18: 'filter_tags' => [ Chris@18: 'condition' => [ Chris@18: 'path' => 'field_tags.id', Chris@18: 'value' => $this->tags[0]->uuid(), Chris@18: 'memberOf' => 'and_group', Chris@18: ], Chris@18: ], Chris@18: ]; Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => ['filter' => $filter, 'include' => 'uid,field_tags'], Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertGreaterThan(0, count($single_output['data'])); Chris@18: // 15. Test filtering when using invalid syntax. Chris@18: $filter = [ Chris@18: 'and_group' => ['group' => ['conjunction' => 'AND']], Chris@18: 'filter_user' => [ Chris@18: 'condition' => [ Chris@18: 'name-with-a-typo' => 'uid.id', Chris@18: 'value' => $this->user->uuid(), Chris@18: 'memberOf' => 'and_group', Chris@18: ], Chris@18: ], Chris@18: ]; Chris@18: $this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => ['filter' => $filter] + $default_sort, Chris@18: ]); Chris@18: $this->assertSession()->statusCodeEquals(400); Chris@18: // 16. Test filtering on the same field. Chris@18: $filter = [ Chris@18: 'or_group' => ['group' => ['conjunction' => 'OR']], Chris@18: 'filter_tags_1' => [ Chris@18: 'condition' => [ Chris@18: 'path' => 'field_tags.id', Chris@18: 'value' => $this->tags[0]->uuid(), Chris@18: 'memberOf' => 'or_group', Chris@18: ], Chris@18: ], Chris@18: 'filter_tags_2' => [ Chris@18: 'condition' => [ Chris@18: 'path' => 'field_tags.id', Chris@18: 'value' => $this->tags[1]->uuid(), Chris@18: 'memberOf' => 'or_group', Chris@18: ], Chris@18: ], Chris@18: ]; Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => ['filter' => $filter, 'include' => 'field_tags'] + $default_sort, Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertGreaterThanOrEqual(2, count($single_output['included'])); Chris@18: // 17. Single user (check fields lacking 'view' access). Chris@18: $user_url = Url::fromRoute('jsonapi.user--user.individual', [ Chris@18: 'entity' => $this->user->uuid(), Chris@18: ]); Chris@18: $response = $this->request('GET', $user_url, [ Chris@18: 'auth' => [ Chris@18: $this->userCanViewProfiles->getUsername(), Chris@18: $this->userCanViewProfiles->pass_raw, Chris@18: ], Chris@18: ]); Chris@18: $single_output = Json::decode($response->getBody()->__toString()); Chris@18: $this->assertEquals(200, $response->getStatusCode()); Chris@18: $this->assertEquals('user--user', $single_output['data']['type']); Chris@18: $this->assertEquals($this->user->get('name')->value, $single_output['data']['attributes']['name']); Chris@18: $this->assertTrue(empty($single_output['data']['attributes']['mail'])); Chris@18: $this->assertTrue(empty($single_output['data']['attributes']['pass'])); Chris@18: // 18. Test filtering on the column of a link. Chris@18: $filter = [ Chris@18: 'linkUri' => [ Chris@18: 'condition' => [ Chris@18: 'path' => 'field_link.uri', Chris@18: 'value' => 'https://', Chris@18: 'operator' => 'STARTS_WITH', Chris@18: ], Chris@18: ], Chris@18: ]; Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => ['filter' => $filter] + $default_sort, Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertGreaterThanOrEqual(1, count($single_output['data'])); Chris@18: // 19. Test non-existing route without 'Accept' header. Chris@18: $this->drupalGet('/jsonapi/node/article/broccoli'); Chris@18: $this->assertSession()->statusCodeEquals(404); Chris@18: // Even without the 'Accept' header the 404 error is formatted as JSON:API. Chris@18: $this->assertSession()->responseHeaderEquals('Content-Type', 'application/vnd.api+json'); Chris@18: // 20. Test non-existing route with 'Accept' header. Chris@18: $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/broccoli', [], [ Chris@18: 'Accept' => 'application/vnd.api+json', Chris@18: ])); Chris@18: $this->assertEquals(404, $single_output['errors'][0]['status']); Chris@18: $this->assertSession()->statusCodeEquals(404); Chris@18: // With the 'Accept' header we can know we want the 404 error formatted as Chris@18: // JSON:API. Chris@18: $this->assertSession()->responseHeaderContains('Content-Type', 'application/vnd.api+json'); Chris@18: // 22. Test sort criteria on multiple fields: both ASC. Chris@18: $output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => [ Chris@18: 'page[limit]' => 6, Chris@18: 'sort' => 'field_sort1,field_sort2', Chris@18: ], Chris@18: ])); Chris@18: $output_uuids = array_map(function ($result) { Chris@18: return $result['id']; Chris@18: }, $output['data']); Chris@18: $this->assertCount(6, $output_uuids); Chris@18: $this->assertSame([ Chris@18: Node::load(5)->uuid(), Chris@18: Node::load(4)->uuid(), Chris@18: Node::load(3)->uuid(), Chris@18: Node::load(2)->uuid(), Chris@18: Node::load(1)->uuid(), Chris@18: Node::load(10)->uuid(), Chris@18: ], $output_uuids); Chris@18: // 23. Test sort criteria on multiple fields: first ASC, second DESC. Chris@18: $output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => [ Chris@18: 'page[limit]' => 6, Chris@18: 'sort' => 'field_sort1,-field_sort2', Chris@18: ], Chris@18: ])); Chris@18: $output_uuids = array_map(function ($result) { Chris@18: return $result['id']; Chris@18: }, $output['data']); Chris@18: $this->assertCount(6, $output_uuids); Chris@18: $this->assertSame([ Chris@18: Node::load(1)->uuid(), Chris@18: Node::load(2)->uuid(), Chris@18: Node::load(3)->uuid(), Chris@18: Node::load(4)->uuid(), Chris@18: Node::load(5)->uuid(), Chris@18: Node::load(6)->uuid(), Chris@18: ], $output_uuids); Chris@18: // 24. Test sort criteria on multiple fields: first DESC, second ASC. Chris@18: $output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => [ Chris@18: 'page[limit]' => 6, Chris@18: 'sort' => '-field_sort1,field_sort2', Chris@18: ], Chris@18: ])); Chris@18: $output_uuids = array_map(function ($result) { Chris@18: return $result['id']; Chris@18: }, $output['data']); Chris@18: $this->assertCount(5, $output_uuids); Chris@18: $this->assertCount(2, $output['meta']['omitted']['links']); Chris@18: $this->assertSame([ Chris@18: Node::load(60)->uuid(), Chris@18: Node::load(59)->uuid(), Chris@18: Node::load(58)->uuid(), Chris@18: Node::load(57)->uuid(), Chris@18: Node::load(56)->uuid(), Chris@18: ], $output_uuids); Chris@18: // 25. Test sort criteria on multiple fields: both DESC. Chris@18: $output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => [ Chris@18: 'page[limit]' => 6, Chris@18: 'sort' => '-field_sort1,-field_sort2', Chris@18: ], Chris@18: ])); Chris@18: $output_uuids = array_map(function ($result) { Chris@18: return $result['id']; Chris@18: }, $output['data']); Chris@18: $this->assertCount(5, $output_uuids); Chris@18: $this->assertCount(2, $output['meta']['omitted']['links']); Chris@18: $this->assertSame([ Chris@18: Node::load(56)->uuid(), Chris@18: Node::load(57)->uuid(), Chris@18: Node::load(58)->uuid(), Chris@18: Node::load(59)->uuid(), Chris@18: Node::load(60)->uuid(), Chris@18: ], $output_uuids); Chris@18: // 25. Test collection count. Chris@18: $this->container->get('module_installer')->install(['jsonapi_test_collection_count']); Chris@18: $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article')); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertEquals(61, $collection_output['meta']['count']); Chris@18: $this->container->get('module_installer')->uninstall(['jsonapi_test_collection_count']); Chris@18: Chris@18: // Test documentation filtering examples. Chris@18: // 1. Only get published nodes. Chris@18: $filter = [ Chris@18: 'status-filter' => [ Chris@18: 'condition' => [ Chris@18: 'path' => 'status', Chris@18: 'value' => 1, Chris@18: ], Chris@18: ], Chris@18: ]; Chris@18: $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => ['filter' => $filter] + $default_sort, Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertGreaterThanOrEqual(OffsetPage::SIZE_MAX, count($collection_output['data'])); Chris@18: // 2. Nested Filters: Get nodes created by user admin. Chris@18: $filter = [ Chris@18: 'name-filter' => [ Chris@18: 'condition' => [ Chris@18: 'path' => 'uid.name', Chris@18: 'value' => $this->user->getAccountName(), Chris@18: ], Chris@18: ], Chris@18: ]; Chris@18: $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => ['filter' => $filter] + $default_sort, Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertGreaterThanOrEqual(OffsetPage::SIZE_MAX, count($collection_output['data'])); Chris@18: // 3. Filtering with arrays: Get nodes created by users [admin, john]. Chris@18: $filter = [ Chris@18: 'name-filter' => [ Chris@18: 'condition' => [ Chris@18: 'path' => 'uid.name', Chris@18: 'operator' => 'IN', Chris@18: 'value' => [ Chris@18: $this->user->getAccountName(), Chris@18: $this->getRandomGenerator()->name(), Chris@18: ], Chris@18: ], Chris@18: ], Chris@18: ]; Chris@18: $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => ['filter' => $filter] + $default_sort, Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertGreaterThanOrEqual(OffsetPage::SIZE_MAX, count($collection_output['data'])); Chris@18: // 4. Grouping filters: Get nodes that are published and create by admin. Chris@18: $filter = [ Chris@18: 'and-group' => [ Chris@18: 'group' => [ Chris@18: 'conjunction' => 'AND', Chris@18: ], Chris@18: ], Chris@18: 'name-filter' => [ Chris@18: 'condition' => [ Chris@18: 'path' => 'uid.name', Chris@18: 'value' => $this->user->getAccountName(), Chris@18: 'memberOf' => 'and-group', Chris@18: ], Chris@18: ], Chris@18: 'status-filter' => [ Chris@18: 'condition' => [ Chris@18: 'path' => 'status', Chris@18: 'value' => 1, Chris@18: 'memberOf' => 'and-group', Chris@18: ], Chris@18: ], Chris@18: ]; Chris@18: $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => ['filter' => $filter] + $default_sort, Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertGreaterThanOrEqual(OffsetPage::SIZE_MAX, count($collection_output['data'])); Chris@18: // 5. Grouping grouped filters: Get nodes that are promoted or sticky and Chris@18: // created by admin. Chris@18: $filter = [ Chris@18: 'and-group' => [ Chris@18: 'group' => [ Chris@18: 'conjunction' => 'AND', Chris@18: ], Chris@18: ], Chris@18: 'or-group' => [ Chris@18: 'group' => [ Chris@18: 'conjunction' => 'OR', Chris@18: 'memberOf' => 'and-group', Chris@18: ], Chris@18: ], Chris@18: 'admin-filter' => [ Chris@18: 'condition' => [ Chris@18: 'path' => 'uid.name', Chris@18: 'value' => $this->user->getAccountName(), Chris@18: 'memberOf' => 'and-group', Chris@18: ], Chris@18: ], Chris@18: 'sticky-filter' => [ Chris@18: 'condition' => [ Chris@18: 'path' => 'sticky', Chris@18: 'value' => 1, Chris@18: 'memberOf' => 'or-group', Chris@18: ], Chris@18: ], Chris@18: 'promote-filter' => [ Chris@18: 'condition' => [ Chris@18: 'path' => 'promote', Chris@18: 'value' => 0, Chris@18: 'memberOf' => 'or-group', Chris@18: ], Chris@18: ], Chris@18: ]; Chris@18: $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [ Chris@18: 'query' => ['filter' => $filter] + $default_sort, Chris@18: ])); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertEquals(0, count($collection_output['data'])); Chris@18: } Chris@18: Chris@18: /** Chris@18: * Test the GET method on articles referencing the same tag twice. Chris@18: */ Chris@18: public function testReferencingTwiceRead() { Chris@18: $this->createDefaultContent(1, 1, FALSE, FALSE, static::IS_NOT_MULTILINGUAL, TRUE); Chris@18: Chris@18: // 1. Load all articles (1st page). Chris@18: $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article')); Chris@18: $this->assertSession()->statusCodeEquals(200); Chris@18: $this->assertEquals(1, count($collection_output['data'])); Chris@18: $this->assertSession() Chris@18: ->responseHeaderEquals('Content-Type', 'application/vnd.api+json'); Chris@18: } Chris@18: Chris@18: /** Chris@18: * Test POST, PATCH and DELETE. Chris@18: */ Chris@18: public function testWrite() { Chris@18: $this->config('jsonapi.settings')->set('read_only', FALSE)->save(TRUE); Chris@18: Chris@18: $this->createDefaultContent(0, 3, FALSE, FALSE, static::IS_NOT_MULTILINGUAL, FALSE); Chris@18: // 1. Successful post. Chris@18: $collection_url = Url::fromRoute('jsonapi.node--article.collection.post'); Chris@18: $body = [ Chris@18: 'data' => [ Chris@18: 'type' => 'node--article', Chris@18: 'attributes' => [ Chris@18: 'langcode' => 'en', Chris@18: 'title' => 'My custom title', Chris@18: 'default_langcode' => '1', Chris@18: 'body' => [ Chris@18: 'value' => 'Custom value', Chris@18: 'format' => 'plain_text', Chris@18: 'summary' => 'Custom summary', Chris@18: ], Chris@18: ], Chris@18: 'relationships' => [ Chris@18: 'field_tags' => [ Chris@18: 'data' => [ Chris@18: [ Chris@18: 'type' => 'taxonomy_term--tags', Chris@18: 'id' => $this->tags[0]->uuid(), Chris@18: ], Chris@18: [ Chris@18: 'type' => 'taxonomy_term--tags', Chris@18: 'id' => $this->tags[1]->uuid(), Chris@18: ], Chris@18: ], Chris@18: ], Chris@18: ], Chris@18: ], Chris@18: ]; Chris@18: $response = $this->request('POST', $collection_url, [ Chris@18: 'body' => Json::encode($body), Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => ['Content-Type' => 'application/vnd.api+json'], Chris@18: ]); Chris@18: $created_response = Json::decode($response->getBody()->__toString()); Chris@18: $this->assertEquals(201, $response->getStatusCode()); Chris@18: $this->assertArrayNotHasKey('uuid', $created_response['data']['attributes']); Chris@18: $uuid = $created_response['data']['id']; Chris@18: $this->assertEquals(2, count($created_response['data']['relationships']['field_tags']['data'])); Chris@18: $this->assertEquals($created_response['data']['links']['self']['href'], $response->getHeader('Location')[0]); Chris@18: Chris@18: // 2. Authorization error. Chris@18: $response = $this->request('POST', $collection_url, [ Chris@18: 'body' => Json::encode($body), Chris@18: 'headers' => ['Content-Type' => 'application/vnd.api+json'], Chris@18: ]); Chris@18: $created_response = Json::decode($response->getBody()->__toString()); Chris@18: $this->assertEquals(401, $response->getStatusCode()); Chris@18: $this->assertNotEmpty($created_response['errors']); Chris@18: $this->assertEquals('Unauthorized', $created_response['errors'][0]['title']); Chris@18: Chris@18: // 2.1 Authorization error with a user without create permissions. Chris@18: $response = $this->request('POST', $collection_url, [ Chris@18: 'body' => Json::encode($body), Chris@18: 'auth' => [$this->userCanViewProfiles->getUsername(), $this->userCanViewProfiles->pass_raw], Chris@18: 'headers' => ['Content-Type' => 'application/vnd.api+json'], Chris@18: ]); Chris@18: $created_response = Json::decode($response->getBody()->__toString()); Chris@18: $this->assertEquals(403, $response->getStatusCode()); Chris@18: $this->assertNotEmpty($created_response['errors']); Chris@18: $this->assertEquals('Forbidden', $created_response['errors'][0]['title']); Chris@18: Chris@18: // 3. Missing Content-Type error. Chris@18: $response = $this->request('POST', $collection_url, [ Chris@18: 'body' => Json::encode($body), Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => ['Accept' => 'application/vnd.api+json'], Chris@18: ]); Chris@18: $created_response = Json::decode($response->getBody()->__toString()); Chris@18: $this->assertEquals(415, $response->getStatusCode()); Chris@18: Chris@18: // 4. Article with a duplicate ID. Chris@18: $invalid_body = $body; Chris@18: $invalid_body['data']['id'] = Node::load(1)->uuid(); Chris@18: $response = $this->request('POST', $collection_url, [ Chris@18: 'body' => Json::encode($invalid_body), Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => [ Chris@18: 'Accept' => 'application/vnd.api+json', Chris@18: 'Content-Type' => 'application/vnd.api+json', Chris@18: ], Chris@18: ]); Chris@18: $created_response = Json::decode($response->getBody()->__toString()); Chris@18: $this->assertEquals(409, $response->getStatusCode()); Chris@18: $this->assertNotEmpty($created_response['errors']); Chris@18: $this->assertEquals('Conflict', $created_response['errors'][0]['title']); Chris@18: // 5. Article with wrong reference UUIDs for tags. Chris@18: $body_invalid_tags = $body; Chris@18: $body_invalid_tags['data']['relationships']['field_tags']['data'][0]['id'] = 'lorem'; Chris@18: $body_invalid_tags['data']['relationships']['field_tags']['data'][1]['id'] = 'ipsum'; Chris@18: $response = $this->request('POST', $collection_url, [ Chris@18: 'body' => Json::encode($body_invalid_tags), Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => ['Content-Type' => 'application/vnd.api+json'], Chris@18: ]); Chris@18: $created_response = Json::decode($response->getBody()->__toString()); Chris@18: $this->assertEquals(404, $response->getStatusCode()); Chris@18: // 6. Decoding error. Chris@18: $response = $this->request('POST', $collection_url, [ Chris@18: 'body' => '{"bad json",,,}', Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => [ Chris@18: 'Content-Type' => 'application/vnd.api+json', Chris@18: 'Accept' => 'application/vnd.api+json', Chris@18: ], Chris@18: ]); Chris@18: $created_response = Json::decode($response->getBody()->__toString()); Chris@18: $this->assertEquals(400, $response->getStatusCode()); Chris@18: $this->assertNotEmpty($created_response['errors']); Chris@18: $this->assertEquals('Bad Request', $created_response['errors'][0]['title']); Chris@18: // 6.1 Denormalizing error. Chris@18: $response = $this->request('POST', $collection_url, [ Chris@18: 'body' => '{"data":{"type":"something"},"valid yet nonsensical json":[]}', Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => [ Chris@18: 'Content-Type' => 'application/vnd.api+json', Chris@18: 'Accept' => 'application/vnd.api+json', Chris@18: ], Chris@18: ]); Chris@18: $created_response = Json::decode($response->getBody()->__toString()); Chris@18: $this->assertEquals(422, $response->getStatusCode()); Chris@18: $this->assertNotEmpty($created_response['errors']); Chris@18: $this->assertEquals('Unprocessable Entity', $created_response['errors'][0]['title']); Chris@18: // 6.2 Relationships are not included in "data". Chris@18: $malformed_body = $body; Chris@18: unset($malformed_body['data']['relationships']); Chris@18: $malformed_body['relationships'] = $body['data']['relationships']; Chris@18: $response = $this->request('POST', $collection_url, [ Chris@18: 'body' => Json::encode($malformed_body), Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => [ Chris@18: 'Accept' => 'application/vnd.api+json', Chris@18: 'Content-Type' => 'application/vnd.api+json', Chris@18: ], Chris@18: ]); Chris@18: $created_response = Json::decode((string) $response->getBody()); Chris@18: $this->assertSame(400, $response->getStatusCode()); Chris@18: $this->assertNotEmpty($created_response['errors']); Chris@18: $this->assertSame("Bad Request", $created_response['errors'][0]['title']); Chris@18: $this->assertSame("Found \"relationships\" within the document's top level. The \"relationships\" key must be within resource object.", $created_response['errors'][0]['detail']); Chris@18: // 6.2 "type" not included in "data". Chris@18: $missing_type = $body; Chris@18: unset($missing_type['data']['type']); Chris@18: $response = $this->request('POST', $collection_url, [ Chris@18: 'body' => Json::encode($missing_type), Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => [ Chris@18: 'Accept' => 'application/vnd.api+json', Chris@18: 'Content-Type' => 'application/vnd.api+json', Chris@18: ], Chris@18: ]); Chris@18: $created_response = Json::decode((string) $response->getBody()); Chris@18: $this->assertSame(400, $response->getStatusCode()); Chris@18: $this->assertNotEmpty($created_response['errors']); Chris@18: $this->assertSame("Bad Request", $created_response['errors'][0]['title']); Chris@18: $this->assertSame("Resource object must include a \"type\".", $created_response['errors'][0]['detail']); Chris@18: // 7. Successful PATCH. Chris@18: $body = [ Chris@18: 'data' => [ Chris@18: 'id' => $uuid, Chris@18: 'type' => 'node--article', Chris@18: 'attributes' => ['title' => 'My updated title'], Chris@18: ], Chris@18: ]; Chris@18: $individual_url = Url::fromRoute('jsonapi.node--article.individual', [ Chris@18: 'entity' => $uuid, Chris@18: ]); Chris@18: $response = $this->request('PATCH', $individual_url, [ Chris@18: 'body' => Json::encode($body), Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => ['Content-Type' => 'application/vnd.api+json'], Chris@18: ]); Chris@18: $updated_response = Json::decode($response->getBody()->__toString()); Chris@18: $this->assertEquals(200, $response->getStatusCode()); Chris@18: $this->assertEquals('My updated title', $updated_response['data']['attributes']['title']); Chris@18: Chris@18: // 7.1 Unsuccessful PATCH due to access restrictions. Chris@18: $body = [ Chris@18: 'data' => [ Chris@18: 'id' => $uuid, Chris@18: 'type' => 'node--article', Chris@18: 'attributes' => ['title' => 'My updated title'], Chris@18: ], Chris@18: ]; Chris@18: $individual_url = Url::fromRoute('jsonapi.node--article.individual', [ Chris@18: 'entity' => $uuid, Chris@18: ]); Chris@18: $response = $this->request('PATCH', $individual_url, [ Chris@18: 'body' => Json::encode($body), Chris@18: 'auth' => [$this->userCanViewProfiles->getUsername(), $this->userCanViewProfiles->pass_raw], Chris@18: 'headers' => ['Content-Type' => 'application/vnd.api+json'], Chris@18: ]); Chris@18: $this->assertEquals(403, $response->getStatusCode()); Chris@18: Chris@18: // 8. Field access forbidden check. Chris@18: $body = [ Chris@18: 'data' => [ Chris@18: 'id' => $uuid, Chris@18: 'type' => 'node--article', Chris@18: 'attributes' => [ Chris@18: 'title' => 'My updated title', Chris@18: 'status' => 0, Chris@18: ], Chris@18: ], Chris@18: ]; Chris@18: $response = $this->request('PATCH', $individual_url, [ Chris@18: 'body' => Json::encode($body), Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => ['Content-Type' => 'application/vnd.api+json'], Chris@18: ]); Chris@18: $updated_response = Json::decode($response->getBody()->__toString()); Chris@18: $this->assertEquals(403, $response->getStatusCode()); Chris@18: $this->assertEquals("The current user is not allowed to PATCH the selected field (status). The 'administer nodes' permission is required.", Chris@18: $updated_response['errors'][0]['detail']); Chris@18: Chris@18: $node = \Drupal::entityManager()->loadEntityByUuid('node', $uuid); Chris@18: $this->assertEquals(1, $node->get('status')->value, 'Node status was not changed.'); Chris@18: // 9. Successful POST to related endpoint. Chris@18: $body = [ Chris@18: 'data' => [ Chris@18: [ Chris@18: 'id' => $this->tags[2]->uuid(), Chris@18: 'type' => 'taxonomy_term--tags', Chris@18: ], Chris@18: ], Chris@18: ]; Chris@18: $relationship_url = Url::fromRoute('jsonapi.node--article.field_tags.relationship.post', [ Chris@18: 'entity' => $uuid, Chris@18: ]); Chris@18: $response = $this->request('POST', $relationship_url, [ Chris@18: 'body' => Json::encode($body), Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => ['Content-Type' => 'application/vnd.api+json'], Chris@18: ]); Chris@18: $updated_response = Json::decode($response->getBody()->__toString()); Chris@18: $this->assertEquals(200, $response->getStatusCode()); Chris@18: $this->assertEquals(3, count($updated_response['data'])); Chris@18: $this->assertEquals('taxonomy_term--tags', $updated_response['data'][2]['type']); Chris@18: $this->assertEquals($this->tags[2]->uuid(), $updated_response['data'][2]['id']); Chris@18: // 10. Successful PATCH to related endpoint. Chris@18: $body = [ Chris@18: 'data' => [ Chris@18: [ Chris@18: 'id' => $this->tags[1]->uuid(), Chris@18: 'type' => 'taxonomy_term--tags', Chris@18: ], Chris@18: ], Chris@18: ]; Chris@18: $response = $this->request('PATCH', $relationship_url, [ Chris@18: 'body' => Json::encode($body), Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => ['Content-Type' => 'application/vnd.api+json'], Chris@18: ]); Chris@18: $this->assertEquals(204, $response->getStatusCode()); Chris@18: $this->assertEmpty($response->getBody()->__toString()); Chris@18: // 11. Successful DELETE to related endpoint. Chris@18: $response = $this->request('DELETE', $relationship_url, [ Chris@18: // Send a request with no body. Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => [ Chris@18: 'Content-Type' => 'application/vnd.api+json', Chris@18: 'Accept' => 'application/vnd.api+json', Chris@18: ], Chris@18: ]); Chris@18: $updated_response = Json::decode($response->getBody()->__toString()); Chris@18: $this->assertEquals( Chris@18: 'You need to provide a body for DELETE operations on a relationship (field_tags).', Chris@18: $updated_response['errors'][0]['detail'] Chris@18: ); Chris@18: $this->assertEquals(400, $response->getStatusCode()); Chris@18: $response = $this->request('DELETE', $relationship_url, [ Chris@18: // Send a request with no authentication. Chris@18: 'body' => Json::encode($body), Chris@18: 'headers' => ['Content-Type' => 'application/vnd.api+json'], Chris@18: ]); Chris@18: $this->assertEquals(401, $response->getStatusCode()); Chris@18: $response = $this->request('DELETE', $relationship_url, [ Chris@18: // Remove the existing relationship item. Chris@18: 'body' => Json::encode($body), Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => ['Content-Type' => 'application/vnd.api+json'], Chris@18: ]); Chris@18: $this->assertEquals(204, $response->getStatusCode()); Chris@18: $this->assertEmpty($response->getBody()->__toString()); Chris@18: // 12. PATCH with invalid title and body format. Chris@18: $body = [ Chris@18: 'data' => [ Chris@18: 'id' => $uuid, Chris@18: 'type' => 'node--article', Chris@18: 'attributes' => [ Chris@18: 'title' => '', Chris@18: 'body' => [ Chris@18: 'value' => 'Custom value', Chris@18: 'format' => 'invalid_format', Chris@18: 'summary' => 'Custom summary', Chris@18: ], Chris@18: ], Chris@18: ], Chris@18: ]; Chris@18: $response = $this->request('PATCH', $individual_url, [ Chris@18: 'body' => Json::encode($body), Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => [ Chris@18: 'Content-Type' => 'application/vnd.api+json', Chris@18: 'Accept' => 'application/vnd.api+json', Chris@18: ], Chris@18: ]); Chris@18: $updated_response = Json::decode($response->getBody()->__toString()); Chris@18: $this->assertEquals(422, $response->getStatusCode()); Chris@18: $this->assertCount(2, $updated_response['errors']); Chris@18: for ($i = 0; $i < 2; $i++) { Chris@18: $this->assertEquals("Unprocessable Entity", $updated_response['errors'][$i]['title']); Chris@18: $this->assertEquals(422, $updated_response['errors'][$i]['status']); Chris@18: } Chris@18: $this->assertEquals("title: This value should not be null.", $updated_response['errors'][0]['detail']); Chris@18: $this->assertEquals("body.0.format: The value you selected is not a valid choice.", $updated_response['errors'][1]['detail']); Chris@18: $this->assertEquals("/data/attributes/title", $updated_response['errors'][0]['source']['pointer']); Chris@18: $this->assertEquals("/data/attributes/body/format", $updated_response['errors'][1]['source']['pointer']); Chris@18: // 13. PATCH with field that doesn't exist on Entity. Chris@18: $body = [ Chris@18: 'data' => [ Chris@18: 'id' => $uuid, Chris@18: 'type' => 'node--article', Chris@18: 'attributes' => [ Chris@18: 'field_that_doesnt_exist' => 'foobar', Chris@18: ], Chris@18: ], Chris@18: ]; Chris@18: $response = $this->request('PATCH', $individual_url, [ Chris@18: 'body' => Json::encode($body), Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: 'headers' => [ Chris@18: 'Content-Type' => 'application/vnd.api+json', Chris@18: 'Accept' => 'application/vnd.api+json', Chris@18: ], Chris@18: ]); Chris@18: $updated_response = Json::decode($response->getBody()->__toString()); Chris@18: $this->assertEquals(422, $response->getStatusCode()); Chris@18: $this->assertEquals("The attribute field_that_doesnt_exist does not exist on the node--article resource type.", Chris@18: $updated_response['errors']['0']['detail']); Chris@18: // 14. Successful DELETE. Chris@18: $response = $this->request('DELETE', $individual_url, [ Chris@18: 'auth' => [$this->user->getUsername(), $this->user->pass_raw], Chris@18: ]); Chris@18: $this->assertEquals(204, $response->getStatusCode()); Chris@18: $response = $this->request('GET', $individual_url, []); Chris@18: $this->assertEquals(404, $response->getStatusCode()); Chris@18: } Chris@18: Chris@18: }