function CsrfAccessCheckTest::testCsrfTokenInvalid

Same name in other branches
  1. 9 core/tests/Drupal/Tests/Core/Access/CsrfAccessCheckTest.php \Drupal\Tests\Core\Access\CsrfAccessCheckTest::testCsrfTokenInvalid()
  2. 8.9.x core/tests/Drupal/Tests/Core/Access/CsrfAccessCheckTest.php \Drupal\Tests\Core\Access\CsrfAccessCheckTest::testCsrfTokenInvalid()
  3. 11.x core/tests/Drupal/Tests/Core/Access/CsrfAccessCheckTest.php \Drupal\Tests\Core\Access\CsrfAccessCheckTest::testCsrfTokenInvalid()

@covers ::access

File

core/tests/Drupal/Tests/Core/Access/CsrfAccessCheckTest.php, line 77

Class

CsrfAccessCheckTest
@coversDefaultClass \Drupal\Core\Access\CsrfAccessCheck @group Access

Namespace

Drupal\Tests\Core\Access

Code

public function testCsrfTokenInvalid() : void {
    $this->csrfToken
        ->expects($this->once())
        ->method('validate')
        ->with('test_query', 'test-path')
        ->willReturn(FALSE);
    $this->routeMatch
        ->expects($this->once())
        ->method('getRawParameters')
        ->willReturn([]);
    $route = new Route('/test-path', [], [
        '_csrf_token' => 'TRUE',
    ]);
    $request = Request::create('/test-path?token=test_query');
    $this->assertEquals(AccessResult::forbidden("'csrf_token' URL query argument is invalid.")->setCacheMaxAge(0), $this->accessCheck
        ->access($route, $request, $this->routeMatch));
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.