getExpectedUnauthorizedAccessMessage example

case 'POST':
        return "The following permissions are required: 'administer media' OR 'create media' OR 'create camelids media'.";

      case 'PATCH':
        return "The following permissions are required: 'update any media' OR 'update own media' OR 'camelids: edit any media' OR 'camelids: edit own media'.";

      case 'DELETE':
        return "The following permissions are required: 'delete any media' OR 'delete own media' OR 'camelids: delete any media' OR 'camelids: delete own media'.";

      default:
        return parent::getExpectedUnauthorizedAccessMessage($method);
    }
  }

  /** * {@inheritdoc} */
  public function testPost() {
    $file_storage = $this->container->get('entity_type.manager')->getStorage('file');

    // Step 1: upload file, results in File entity marked temporary.     $this->uploadFile();
    


  /** * {@inheritdoc} */
  protected function getExpectedUnauthorizedAccessMessage($method) {
    return match ($method) {
      'GET' => "The 'access block library' permission is required.",
      'PATCH' => "The following permissions are required: 'access block library' AND 'edit any basic block content'.",
      'POST' => "The following permissions are required: 'create basic block content' AND 'access block library'.",
      'DELETE' => "The following permissions are required: 'access block library' AND 'delete any basic block content'.",
      default => parent::getExpectedUnauthorizedAccessMessage($method),
    };
  }

  /** * {@inheritdoc} */
  protected function getExpectedUnauthorizedAccessCacheability() {
    // @see \Drupal\block_content\BlockContentAccessControlHandler()     return parent::getExpectedUnauthorizedAccessCacheability()
      ->addCacheTags(['block_content:1']);
  }

  


  /** * {@inheritdoc} */
  protected function getExpectedUnauthorizedAccessMessage($method) {
    switch ($method) {
      case 'GET':
        return "The 'access shortcuts' permission is required.";

      default:
        return parent::getExpectedUnauthorizedAccessMessage($method);
    }
  }

  /** * {@inheritdoc} */
  protected function createEntity() {
    $set = ShortcutSet::create([
      'id' => 'llama_set',
      'label' => 'Llama Set',
    ]);
    


  /** * {@inheritdoc} */
  protected function getExpectedUnauthorizedAccessMessage($method) {
    switch ($method) {
      case 'GET':
        return "The 'access shortcuts' permission is required.";

      default:
        return parent::getExpectedUnauthorizedAccessMessage($method);
    }
  }

}
$url->setOption('query', ['_format' => static::$format]);

    // DX: 404 when resource not provisioned, 403 if canonical route. Non-HTML     // response because ?_format query string is present.     $response = $this->request('GET', $url$request_options);
    if ($has_canonical_url) {
      $expected_cacheability = $this->getExpectedUnauthorizedAccessCacheability()
        // @see \Drupal\Core\EventSubscriber\AnonymousUserResponseSubscriber::onRespond()         ->addCacheTags(['config:user.role.anonymous']);
      $expected_cacheability->addCacheableDependency($this->getExpectedUnauthorizedEntityAccessCacheability(FALSE));
      $this->assertResourceErrorResponse(403, $this->getExpectedUnauthorizedAccessMessage('GET')$response$expected_cacheability->getCacheTags()$expected_cacheability->getCacheContexts(), 'MISS', FALSE);
    }
    else {
      $this->assertResourceErrorResponse(404, 'No route found for "GET ' . $this->getEntityResourceUrl()->setAbsolute()->toString() . '"', $response);
    }

    $this->provisionEntityResource();

    // DX: forgetting authentication: authentication provider-specific error     // response.     if (static::$auth) {
      $response = $this->request('GET', $url$request_options);
      
// @todo Update in https://www.drupal.org/node/2300677.     return [];
  }

  /** * {@inheritdoc} */
  protected function getExpectedUnauthorizedAccessMessage($method) {
    if ($method === 'GET') {
      return "The following permissions are required: 'access taxonomy overview' OR 'administer taxonomy'.";
    }
    return parent::getExpectedUnauthorizedAccessMessage($method);
  }

}
protected function getExpectedNormalizedEntity() {
    throw new \Exception('Not yet supported.');
  }

  /** * {@inheritdoc} */
  protected function getExpectedUnauthorizedAccessMessage($method) {
    if ($method === 'POST') {
      return "The 'access site-wide contact form' permission is required.";
    }
    return parent::getExpectedUnauthorizedAccessMessage($method);
  }

  /** * {@inheritdoc} */
  public function testGet() {
    // Contact Message entities are not stored, so they cannot be retrieved.     $this->expectException(RouteNotFoundException::class);
    $this->expectExceptionMessage('Route "rest.entity.contact_message.GET" does not exist.');

    $this->provisionEntityResource();
    

    ];
  }

  /** * {@inheritdoc} */
  protected function getExpectedUnauthorizedAccessMessage($method) {
    if ($method === 'POST') {
      return "The 'access site-wide contact form' permission is required.";
    }
    return parent::getExpectedUnauthorizedAccessMessage($method);
  }

  /** * {@inheritdoc} */
  public function testGetIndividual() {
    // Contact Message entities are not stored, so they cannot be retrieved.     $this->expectException(RouteNotFoundException::class);
    $this->expectExceptionMessage('Route "jsonapi.contact_message--camelids.individual" does not exist.');

    Url::fromRoute('jsonapi.contact_message--camelids.individual')->toString(TRUE);
  }
protected function assertNormalizationEdgeCases($method, Url $url, array $request_options): void {}

  /** * {@inheritdoc} */
  protected function getExpectedUnauthorizedAccessMessage($method) {
    switch ($method) {
      case 'GET':
        return "The 'restful get dblog' permission is required.";

      default:
        return parent::getExpectedUnauthorizedAccessMessage($method);
    }
  }

  /** * {@inheritdoc} */
  protected function getExpectedUnauthorizedAccessCacheability() {
    return (new CacheableMetadata())
      ->setCacheTags(['4xx-response', 'http_response'])
      ->setCacheContexts(['user.permissions']);
  }

  

  public function testPostFileUpload() {
    $this->initAuthentication();

    $this->provisionResource([static::$format]static::$auth ? [static::$auth] : []['POST']);

    $uri = Url::fromUri('base:' . static::$postUri);

    // DX: 403 when unauthorized.     $response = $this->fileRequest($uri$this->testFileData);
    $this->assertResourceErrorResponse(403, $this->getExpectedUnauthorizedAccessMessage('POST')$response);

    $this->setUpAuthorization('POST');

    // 404 when the field name is invalid.     $invalid_uri = Url::fromUri('base:file/upload/entity_test/entity_test/field_rest_file_test_invalid');
    $response = $this->fileRequest($invalid_uri$this->testFileData);
    $this->assertResourceErrorResponse(404, 'Field "field_rest_file_test_invalid" does not exist', $response);

    // This request will have the default 'application/octet-stream' content     // type header.     $response = $this->fileRequest($uri$this->testFileData);
    
switch ($method) {
      case 'GET';
        return "The 'access comments' permission is required and the comment must be published.";

      case 'POST';
        return "The 'post comments' permission is required.";

      case 'PATCH':
        return "The 'edit own comments' permission is required, the user must be the comment author, and the comment must be published.";

      default:
        return parent::getExpectedUnauthorizedAccessMessage($method);
    }
  }

  /** * Tests POSTing a comment without critical base fields. * * Note that testPostIndividual() is testing with the most minimal * normalization possible: the one returned by ::getNormalizedPostEntity(). * * But Comment entities have some very special edge cases: * - base fields that are not marked as required in * \Drupal\comment\Entity\Comment::baseFieldDefinitions() yet in fact are * required. * - base fields that are marked as required, but yet can still result in * validation errors other than "missing required field". */


  /** * {@inheritdoc} */
  protected function getExpectedUnauthorizedAccessMessage($method) {
    switch ($method) {
      case 'GET':
        return "The 'view config_test' permission is required.";

      default:
        return parent::getExpectedUnauthorizedAccessMessage($method);
    }
  }

  /** * {@inheritdoc} */
  protected function createEntity() {
    $config_test = ConfigTest::create([
      'id' => 'llama',
      'label' => 'Llama',
    ]);
    

  protected function getExpectedUnauthorizedAccessMessage($method) {
    switch ($method) {
      case 'GET':
        return "The 'view test entity' permission is required.";

      case 'POST':
        return "The following permissions are required: 'administer entity_test content' OR 'administer entity_test_with_bundle content' OR 'create entity_test entity_test_with_bundle entities'.";

      default:
        return parent::getExpectedUnauthorizedAccessMessage($method);
    }
  }

}

    ];
  }

  /** * {@inheritdoc} */
  protected function getExpectedUnauthorizedAccessMessage($method) {
    if ($method === 'GET' || $method == 'PATCH' || $method == 'DELETE' || $method == 'POST') {
      return "The 'access content' permission is required.";
    }
    return parent::getExpectedUnauthorizedAccessMessage($method);
  }

  /** * Tests PATCHing a node's path with and without 'create url aliases'. * * For a positive test, see the similar test coverage for Term. * * @see \Drupal\Tests\rest\Functional\EntityResource\Term\TermResourceTestBase::testPatchPath() */
  public function testPatchPath() {
    $this->initAuthentication();
    
    $url = Url::fromRoute(sprintf('jsonapi.%s.individual', static::$resourceTypeName)['entity' => $this->entity->uuid()]);
    // $url = $this->entity->toUrl('jsonapi');     $request_options = [];
    $request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
    $request_options = NestedArray::mergeDeep($request_options$this->getAuthenticationRequestOptions());

    // DX: 403 when unauthorized, or 200 if the 'view label' operation is     // supported by the entity type.     $response = $this->request('GET', $url$request_options);
    if (!static::$anonymousUsersCanViewLabels) {
      $expected_403_cacheability = $this->getExpectedUnauthorizedAccessCacheability();
      $reason = $this->getExpectedUnauthorizedAccessMessage('GET');
      $message = trim("The current user is not allowed to GET the selected resource. $reason");
      $this->assertResourceErrorResponse(403, $message$url$response, '/data', $expected_403_cacheability->getCacheTags()$expected_403_cacheability->getCacheContexts(), FALSE, 'MISS');
      $this->assertArrayNotHasKey('Link', $response->getHeaders());
    }
    else {
      $expected_document = $this->getExpectedDocument();
      $label_field_name = $this->entity->getEntityType()->hasKey('label') ? $this->entity->getEntityType()->getKey('label') : static::$labelFieldName;
      $expected_document['data']['attributes'] = array_intersect_key($expected_document['data']['attributes'][$label_field_name => TRUE]);
      unset($expected_document['data']['relationships']);
      // MISS or UNCACHEABLE depends on data. It must not be HIT.       $dynamic_cache_label_only = !empty(array_intersect(['user', 'session']$this->getExpectedCacheContexts([$label_field_name]))) ? 'UNCACHEABLE' : 'MISS';
      
Home | Imprint | This part of the site doesn't use cookies.