function EntityResourceTestBase::testDelete

Tests a DELETE request for an entity, plus edge cases to ensure good DX.

File

core/modules/rest/tests/src/Functional/EntityResource/EntityResourceTestBase.php, line 1097

Class

EntityResourceTestBase

Defines a base class for testing all entity resources.

Namespace

Code

public function testDelete() {
    // @todo Remove this in https://www.drupal.org/node/2300677.
    if ($this->entity instanceof ConfigEntityInterface) {
        $this->markTestSkipped('DELETEing config entities is not yet supported.');
    }
    $this->initAuthentication();
    $has_canonical_url = $this->entity
        ->hasLinkTemplate('canonical');
    // The URL and Guzzle request options that will be used in this test. The
    // request options will be modified/expanded throughout this test:
    // - to first test all mistakes a developer might make, and assert that the
    //   error responses provide a good DX
    // - to eventually result in a well-formed request that succeeds.
    $url = $this->getEntityResourceUrl();
    $request_options = [];
    // DX: 404 when resource not provisioned, but 405 if canonical route. Plain
    // text  or HTML response because missing ?_format query string.
    $response = $this->request('DELETE', $url, $request_options);
    if ($has_canonical_url) {
        $this->assertSame(405, $response->getStatusCode());
        $this->assertSame([
            'GET, POST, HEAD',
        ], $response->getHeader('Allow'));
        $this->assertSame([
            'text/html; charset=UTF-8',
        ], $response->getHeader('Content-Type'));
        $this->assertStringContainsString('A client error happened', (string) $response->getBody());
    }
    else {
        $this->assertSame(404, $response->getStatusCode());
        $this->assertSame([
            'text/html; charset=UTF-8',
        ], $response->getHeader('Content-Type'));
    }
    $url->setOption('query', [
        '_format' => static::$format,
    ]);
    // DX: 404 when resource not provisioned, 405 if canonical route.
    $response = $this->request('DELETE', $url, $request_options);
    if ($has_canonical_url) {
        $this->assertSame([
            'GET, POST, HEAD',
        ], $response->getHeader('Allow'));
        $this->assertResourceErrorResponse(405, 'No route found for "DELETE ' . str_replace($this->baseUrl, '', $this->getEntityResourceUrl()
            ->setAbsolute()
            ->toString()) . '": Method Not Allowed (Allow: GET, POST, HEAD)', $response);
    }
    else {
        $this->assertResourceErrorResponse(404, 'No route found for "DELETE ' . str_replace($this->baseUrl, '', $this->getEntityResourceUrl()
            ->setAbsolute()
            ->toString()) . '"', $response);
    }
    $this->provisionEntityResource();
    if (static::$auth) {
        // DX: forgetting authentication: authentication provider-specific error
        // response.
        $response = $this->request('DELETE', $url, $request_options);
        $this->assertResponseWhenMissingAuthentication('DELETE', $response);
    }
    $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions('PATCH'));
    // DX: 403 when unauthorized.
    $response = $this->request('DELETE', $url, $request_options);
    $this->assertResourceErrorResponse(403, $this->getExpectedUnauthorizedAccessMessage('DELETE'), $response);
    $this->setUpAuthorization('DELETE');
    // Before sending a well-formed request, allow the authentication provider's
    // edge cases to also be tested.
    $this->assertAuthenticationEdgeCases('DELETE', $url, $request_options);
    // 204 for well-formed request.
    $response = $this->request('DELETE', $url, $request_options);
    $this->assertResourceResponse(204, '', $response);
}