CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
getExpectedUnauthorizedEntityAccessCacheability example
'POST' => "The following permissions are required: 'create basic block content' AND 'access block library'.",
'DELETE' => "The following permissions are required: 'access block library' AND 'delete any basic block content'.",
default => parent::getExpectedUnauthorizedAccessMessage($method),
};
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedEntityAccessCacheability($is_authenticated) {
// @see \Drupal\block_content\BlockContentAccessControlHandler() return parent::getExpectedUnauthorizedEntityAccessCacheability($is_authenticated)
->addCacheTags(['block_content:1']);
}
/** * {@inheritdoc} */
protected function getExpectedCacheTags() {
return Cache::mergeTags(parent::getExpectedCacheTags(), ['config:filter.format.plain_text']);
}
/** * {@inheritdoc} */
'DELETE' => "The following permissions are required: 'access block library' AND 'delete any basic block content'.",
default => parent::getExpectedUnauthorizedAccessMessage($method),
};
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedEntityAccessCacheability($is_authenticated) {
// @see \Drupal\block_content\BlockContentAccessControlHandler() return parent::getExpectedUnauthorizedEntityAccessCacheability($is_authenticated)
->addCacheTags(['block_content:1']);
}
/** * {@inheritdoc} */
protected function getExpectedCacheTags() {
return Cache::mergeTags(parent::getExpectedCacheTags(), ['config:filter.format.plain_text']);
}
/** * {@inheritdoc} */
protected function assertResponseWhenMissingAuthentication($method, ResponseInterface $response) {
// Requests needing cookie authentication but missing it results in a 403 // response. The cookie authentication mechanism sets no response message. // Hence, effectively, this is just the 403 response that one gets as the // anonymous user trying to access a certain REST resource. // @see \Drupal\user\Authentication\Provider\Cookie // @todo https://www.drupal.org/node/2847623 if ($method === 'GET') {
$expected_cookie_403_cacheability = $this->getExpectedUnauthorizedAccessCacheability()
// @see \Drupal\Core\EventSubscriber\AnonymousUserResponseSubscriber::onRespond() ->addCacheableDependency($this->getExpectedUnauthorizedEntityAccessCacheability(FALSE));
// - \Drupal\Core\EventSubscriber\AnonymousUserResponseSubscriber applies // to cacheable anonymous responses: it updates their cacheability. // - A 403 response to a GET request is cacheable. // Therefore we must update our cacheability expectations accordingly. if (in_array('user.permissions', $expected_cookie_403_cacheability->getCacheContexts(), TRUE)) {
$expected_cookie_403_cacheability->addCacheTags(['config:user.role.anonymous']);
}
// @todo Fix \Drupal\block\BlockAccessControlHandler::mergeCacheabilityFromConditions() in https://www.drupal.org/node/2867881 if (static::$entityTypeId === 'block') {
$expected_cookie_403_cacheability->setCacheTags(str_replace('user:2', 'user:0', $expected_cookie_403_cacheability->getCacheTags()));
}
'multiple parents: [3,2] (both non-root parents)' => [
[3, 2],
],
];
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedEntityAccessCacheability($is_authenticated) {
// @see \Drupal\taxonomy\TermAccessControlHandler::checkAccess() return parent::getExpectedUnauthorizedEntityAccessCacheability($is_authenticated)
->addCacheTags(['taxonomy_term:1']);
}
}
[3, 2],
],
];
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedEntityAccessCacheability($is_authenticated) {
// @see \Drupal\taxonomy\TermAccessControlHandler::checkAccess() return parent::getExpectedUnauthorizedEntityAccessCacheability($is_authenticated)
->addCacheTags(['taxonomy_term:1']);
}
}
default:
return parent::getExpectedUnauthorizedAccessMessage($method);
}
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedEntityAccessCacheability($is_authenticated) {
// @see \Drupal\user\UserAccessControlHandler::checkAccess() return parent::getExpectedUnauthorizedEntityAccessCacheability($is_authenticated)
->addCacheTags(['user:3']);
}
/** * {@inheritdoc} */
protected function getExpectedCacheContexts() {
return [
'url.site',
// Due to the 'mail' field's access varying by user. 'user',
];
return parent::getExpectedUnauthorizedAccessMessage($method);
}
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedEntityAccessCacheability($is_authenticated) {
// @see \Drupal\user\UserAccessControlHandler::checkAccess() return parent::getExpectedUnauthorizedEntityAccessCacheability($is_authenticated)
->addCacheTags(['user:3']);
}
/** * {@inheritdoc} */
protected function getExpectedCacheContexts() {
return [
'url.site',
// Due to the 'mail' field's access varying by user. 'user',
];
$this->assertSame(['text/html; charset=UTF-8'], $response->getHeader('Content-Type'));
$url->setOption('query', ['_format' => static::$format]);
// DX: 404 when resource not provisioned, 403 if canonical route. Non-HTML // response because ?_format query string is present. $response = $this->request('GET', $url, $request_options);
if ($has_canonical_url) {
$expected_cacheability = $this->getExpectedUnauthorizedAccessCacheability()
// @see \Drupal\Core\EventSubscriber\AnonymousUserResponseSubscriber::onRespond() ->addCacheTags(['config:user.role.anonymous']);
$expected_cacheability->addCacheableDependency($this->getExpectedUnauthorizedEntityAccessCacheability(FALSE));
$this->assertResourceErrorResponse(403, $this->getExpectedUnauthorizedAccessMessage('GET'), $response, $expected_cacheability->getCacheTags(), $expected_cacheability->getCacheContexts(), 'MISS', FALSE);
}
else {
$this->assertResourceErrorResponse(404, 'No route found for "GET ' . $this->getEntityResourceUrl()->setAbsolute()->toString() . '"', $response);
}
$this->provisionEntityResource();
// DX: forgetting authentication: authentication provider-specific error // response. if (static::$auth) {
$url->setOption('query', ['_format' => static::$format]);
// DX: 404 when resource not provisioned, 403 if canonical route. Non-HTML // response because ?_format query string is present. $response = $this->request('GET', $url, $request_options);
if ($has_canonical_url) {
$expected_cacheability = $this->getExpectedUnauthorizedAccessCacheability()
// @see \Drupal\Core\EventSubscriber\AnonymousUserResponseSubscriber::onRespond() ->addCacheTags(['config:user.role.anonymous']);
$expected_cacheability->addCacheableDependency($this->getExpectedUnauthorizedEntityAccessCacheability(FALSE));
$this->assertResourceErrorResponse(403, $this->getExpectedUnauthorizedAccessMessage('GET'), $response, $expected_cacheability->getCacheTags(), $expected_cacheability->getCacheContexts(), 'MISS', FALSE);
}
else {
$this->assertResourceErrorResponse(404, 'No route found for "GET ' . $this->getEntityResourceUrl()->setAbsolute()->toString() . '"', $response);
}
$this->provisionEntityResource();
// DX: forgetting authentication: authentication provider-specific error // response. if (static::$auth) {
$response = $this->request('POST', $url, $request_options);
$unserialized = $this->serializer->deserialize((string) $response->getBody(), get_class($this->entity), static::$format);
$this->assertResourceResponse(201, FALSE, $response);
$this->assertTrue($unserialized->isPublished());
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedEntityAccessCacheability($is_authenticated) {
// @see \Drupal\comment\CommentAccessControlHandler::checkAccess() return parent::getExpectedUnauthorizedEntityAccessCacheability($is_authenticated)
->addCacheTags(['comment:1']);
}
}
$unserialized = $this->serializer->deserialize((string) $response->getBody(), get_class($this->entity), static::$format);
$this->assertResourceResponse(201, FALSE, $response);
$this->assertTrue($unserialized->isPublished());
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedEntityAccessCacheability($is_authenticated) {
// @see \Drupal\comment\CommentAccessControlHandler::checkAccess() return parent::getExpectedUnauthorizedEntityAccessCacheability($is_authenticated)
->addCacheTags(['comment:1']);
}
}
'format' => \DateTime::RFC3339,
],
],
];
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedEntityAccessCacheability($is_authenticated) {
// @see \Drupal\media\MediaAccessControlHandler::checkAccess() return parent::getExpectedUnauthorizedEntityAccessCacheability($is_authenticated)
->addCacheTags(['media:1']);
}
}
],
],
];
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedEntityAccessCacheability($is_authenticated) {
// @see \Drupal\media\MediaAccessControlHandler::checkAccess() return parent::getExpectedUnauthorizedEntityAccessCacheability($is_authenticated)
->addCacheTags(['media:1']);
}
}
protected function getExpectedUnauthorizedAccessCacheability() {
return (new CacheableMetadata())
->setCacheTags(['4xx-response', 'http_response'])
->setCacheContexts(['user.roles']);
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedEntityAccessCacheability($is_authenticated) {
// @see \Drupal\block\BlockAccessControlHandler::checkAccess() return parent::getExpectedUnauthorizedEntityAccessCacheability($is_authenticated)
->addCacheTags([
'config:block.block.llama',
$is_authenticated ? 'user:2' : 'user:0',
]);
}
}
return (new CacheableMetadata())
->setCacheTags(['4xx-response', 'http_response'])
->setCacheContexts(['user.roles']);
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedEntityAccessCacheability($is_authenticated) {
// @see \Drupal\block\BlockAccessControlHandler::checkAccess() return parent::getExpectedUnauthorizedEntityAccessCacheability($is_authenticated)
->addCacheTags([
'config:block.block.llama',
$is_authenticated ? 'user:2' : 'user:0',
]);
}
}
default:
return parent::getExpectedUnauthorizedAccessMessage($method);
}
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedEntityAccessCacheability($is_authenticated) {
// @see \Drupal\search\SearchPageAccessControlHandler::checkAccess() return parent::getExpectedUnauthorizedEntityAccessCacheability($is_authenticated)
->addCacheTags(['config:search.page.hinode_search']);
}
}
return parent::getExpectedUnauthorizedAccessMessage($method);
}
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedEntityAccessCacheability($is_authenticated) {
// @see \Drupal\search\SearchPageAccessControlHandler::checkAccess() return parent::getExpectedUnauthorizedEntityAccessCacheability($is_authenticated)
->addCacheTags(['config:search.page.hinode_search']);
}
}
/**
* {@inheritdoc}
*/
protected function assertResponseWhenMissingAuthentication($method, ResponseInterface $response) {
if ($method !== 'GET') {
return $this->assertResourceErrorResponse(401, 'No authentication credentials provided.', $response);
}
$expected_page_cache_header_value = $method === 'GET' ? 'MISS' : FALSE;
$expected_cacheability = $this->getExpectedUnauthorizedAccessCacheability()
->addCacheableDependency($this->getExpectedUnauthorizedEntityAccessCacheability(FALSE))
// @see \Drupal\basic_auth\Authentication\Provider\BasicAuth::challengeException() ->addCacheableDependency($this->config('system.site'))
// @see \Drupal\Core\EventSubscriber\AnonymousUserResponseSubscriber::onRespond() ->addCacheTags(['config:user.role.anonymous']);
// Only add the 'user.roles:anonymous' cache context if its parent cache // context is not already present. if (!in_array('user.roles', $expected_cacheability->getCacheContexts(), TRUE)) {
$expected_cacheability->addCacheContexts(['user.roles:anonymous']);
}
$this->assertResourceErrorResponse(401, 'No authentication credentials provided.', $response, $expected_cacheability->getCacheTags(), $expected_cacheability->getCacheContexts(), $expected_page_cache_header_value, FALSE);
}
protected function assertResponseWhenMissingAuthentication($method, ResponseInterface $response) {
if ($method !== 'GET') {
return $this->assertResourceErrorResponse(401, 'No authentication credentials provided.', $response);
}
$expected_page_cache_header_value = $method === 'GET' ? 'MISS' : FALSE;
$expected_cacheability = $this->getExpectedUnauthorizedAccessCacheability()
->addCacheableDependency($this->getExpectedUnauthorizedEntityAccessCacheability(FALSE))
// @see \Drupal\basic_auth\Authentication\Provider\BasicAuth::challengeException() ->addCacheableDependency($this->config('system.site'))
// @see \Drupal\Core\EventSubscriber\AnonymousUserResponseSubscriber::onRespond() ->addCacheTags(['config:user.role.anonymous']);
// Only add the 'user.roles:anonymous' cache context if its parent cache // context is not already present. if (!in_array('user.roles', $expected_cacheability->getCacheContexts(), TRUE)) {
$expected_cacheability->addCacheContexts(['user.roles:anonymous']);
}
$this->assertResourceErrorResponse(401, 'No authentication credentials provided.', $response, $expected_cacheability->getCacheTags(), $expected_cacheability->getCacheContexts(), $expected_page_cache_header_value, FALSE);
}