function CommentTest::testCollectionFilterAccess
Same name in other branches
- 9 core/modules/jsonapi/tests/src/Functional/CommentTest.php \Drupal\Tests\jsonapi\Functional\CommentTest::testCollectionFilterAccess()
- 10 core/modules/jsonapi/tests/src/Functional/CommentTest.php \Drupal\Tests\jsonapi\Functional\CommentTest::testCollectionFilterAccess()
- 11.x core/modules/jsonapi/tests/src/Functional/CommentTest.php \Drupal\Tests\jsonapi\Functional\CommentTest::testCollectionFilterAccess()
File
-
core/
modules/ jsonapi/ tests/ src/ Functional/ CommentTest.php, line 411
Class
- CommentTest
- JSON:API integration test for the "Comment" content entity type.
Namespace
Drupal\Tests\jsonapi\FunctionalCode
public function testCollectionFilterAccess() {
// Verify the expected behavior in the common case.
$this->doTestCollectionFilterAccessForPublishableEntities('subject', 'access comments', 'administer comments');
$collection_url = Url::fromRoute('jsonapi.entity_test--bar.collection');
$request_options = [];
$request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
$request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions());
// Go back to a simpler scenario: revoke the admin permission, publish the
// comment and uninstall the query access test module.
$this->revokePermissionsFromTestedRole([
'administer comments',
]);
$this->entity
->setPublished()
->save();
$this->assertTrue($this->container
->get('module_installer')
->uninstall([
'jsonapi_test_field_filter_access',
], TRUE), 'Uninstalled modules.');
// ?filter[spotlight.LABEL]: 1 result. Just as already tested above in
// ::doTestCollectionFilterAccessForPublishableEntities().
$collection_filter_url = $collection_url->setOption('query', [
"filter[spotlight.subject]" => $this->entity
->label(),
]);
$response = $this->request('GET', $collection_filter_url, $request_options);
$doc = Json::decode((string) $response->getBody());
$this->assertCount(1, $doc['data']);
// Mark the commented entity as inaccessible.
\Drupal::state()->set('jsonapi__entity_test_filter_access_blacklist', [
$this->entity
->getCommentedEntityId(),
]);
Cache::invalidateTags([
'state:jsonapi__entity_test_filter_access_blacklist',
]);
// ?filter[spotlight.LABEL]: 0 results.
$response = $this->request('GET', $collection_filter_url, $request_options);
$doc = Json::decode((string) $response->getBody());
$this->assertCount(0, $doc['data']);
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.