function CommentTest::testCollectionFilterAccess

Same name in other branches
  1. 8.9.x core/modules/jsonapi/tests/src/Functional/CommentTest.php \Drupal\Tests\jsonapi\Functional\CommentTest::testCollectionFilterAccess()
  2. 10 core/modules/jsonapi/tests/src/Functional/CommentTest.php \Drupal\Tests\jsonapi\Functional\CommentTest::testCollectionFilterAccess()
  3. 11.x core/modules/jsonapi/tests/src/Functional/CommentTest.php \Drupal\Tests\jsonapi\Functional\CommentTest::testCollectionFilterAccess()

File

core/modules/jsonapi/tests/src/Functional/CommentTest.php, line 421

Class

CommentTest
JSON:API integration test for the "Comment" content entity type.

Namespace

Drupal\Tests\jsonapi\Functional

Code

public function testCollectionFilterAccess() {
    // Verify the expected behavior in the common case.
    $this->doTestCollectionFilterAccessForPublishableEntities('subject', 'access comments', 'administer comments');
    $collection_url = Url::fromRoute('jsonapi.entity_test--bar.collection');
    $request_options = [];
    $request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
    $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions());
    // Go back to a simpler scenario: revoke the admin permission, publish the
    // comment and uninstall the query access test module.
    $this->revokePermissionsFromTestedRole([
        'administer comments',
    ]);
    $this->entity
        ->setPublished()
        ->save();
    $this->assertTrue($this->container
        ->get('module_installer')
        ->uninstall([
        'jsonapi_test_field_filter_access',
    ], TRUE), 'Uninstalled modules.');
    // ?filter[spotlight.LABEL]: 1 result. Just as already tested above in
    // ::doTestCollectionFilterAccessForPublishableEntities().
    $collection_filter_url = $collection_url->setOption('query', [
        "filter[spotlight.subject]" => $this->entity
            ->label(),
    ]);
    $response = $this->request('GET', $collection_filter_url, $request_options);
    $doc = Json::decode((string) $response->getBody());
    $this->assertCount(1, $doc['data']);
    // Mark the commented entity as inaccessible.
    \Drupal::state()->set('jsonapi__entity_test_filter_access_blacklist', [
        $this->entity
            ->getCommentedEntityId(),
    ]);
    Cache::invalidateTags([
        'state:jsonapi__entity_test_filter_access_blacklist',
    ]);
    // ?filter[spotlight.LABEL]: 0 results.
    $response = $this->request('GET', $collection_filter_url, $request_options);
    $doc = Json::decode((string) $response->getBody());
    $this->assertCount(0, $doc['data']);
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.