$user_role->revokePermission($permission);
}
$user_role->save();
- assert('[] === $user_role->getPermissions()', 'The anonymous user role has no permissions at all.');
+ assert([] === $user_role->getPermissions(), 'The anonymous user role has no permissions at all.');
if (static::$auth !== FALSE) {
// Ensure the authenticated user role has no permissions at all.
$user_role->revokePermission($permission);
}
$user_role->save();
- assert('[] === $user_role->getPermissions()', 'The authenticated user role has no permissions at all.');
+ assert([] === $user_role->getPermissions(), 'The authenticated user role has no permissions at all.');
// Create an account.
$this->account = $this->createUser();
/**
* Verifies the error response in case of missing authentication.
+ *
+ * @param string $method
+ * HTTP method.
+ * @param \Psr\Http\Message\ResponseInterface $response
+ * The response to assert.
*/
- abstract protected function assertResponseWhenMissingAuthentication(ResponseInterface $response);
+ abstract protected function assertResponseWhenMissingAuthentication($method, ResponseInterface $response);
/**
* Asserts normalization-specific edge cases.
*/
abstract protected function assertAuthenticationEdgeCases($method, Url $url, array $request_options);
+ /**
+ * Returns the expected cacheability of an unauthorized access response.
+ *
+ * @return \Drupal\Core\Cache\RefinableCacheableDependencyInterface
+ * The expected cacheability.
+ */
+ abstract protected function getExpectedUnauthorizedAccessCacheability();
+
/**
* Initializes authentication.
*
* The expected response body. FALSE in case this should not be asserted.
* @param \Psr\Http\Message\ResponseInterface $response
* The response to assert.
+ * @param string[]|false $expected_cache_tags
+ * (optional) The expected cache tags in the X-Drupal-Cache-Tags response
+ * header, or FALSE if that header should be absent. Defaults to FALSE.
+ * @param string[]|false $expected_cache_contexts
+ * (optional) The expected cache contexts in the X-Drupal-Cache-Contexts
+ * response header, or FALSE if that header should be absent. Defaults to
+ * FALSE.
+ * @param string|false $expected_page_cache_header_value
+ * (optional) The expected X-Drupal-Cache response header value, or FALSE if
+ * that header should be absent. Possible strings: 'MISS', 'HIT'. Defaults
+ * to FALSE.
+ * @param string|false $expected_dynamic_page_cache_header_value
+ * (optional) The expected X-Drupal-Dynamic-Cache response header value, or
+ * FALSE if that header should be absent. Possible strings: 'MISS', 'HIT'.
+ * Defaults to FALSE.
*/
- protected function assertResourceResponse($expected_status_code, $expected_body, ResponseInterface $response) {
+ protected function assertResourceResponse($expected_status_code, $expected_body, ResponseInterface $response, $expected_cache_tags = FALSE, $expected_cache_contexts = FALSE, $expected_page_cache_header_value = FALSE, $expected_dynamic_page_cache_header_value = FALSE) {
$this->assertSame($expected_status_code, $response->getStatusCode());
- $this->assertSame([static::$mimeType], $response->getHeader('Content-Type'));
- if ($expected_body !== FALSE) {
- $this->assertSame($expected_body, (string) $response->getBody());
+ if ($expected_status_code === 204) {
+ // DELETE responses should not include a Content-Type header. But Apache
+ // sets it to 'text/html' by default. We also cannot detect the presence
+ // of Apache either here in the CLI. For now having this documented here
+ // is all we can do.
+ // $this->assertSame(FALSE, $response->hasHeader('Content-Type'));
+ $this->assertSame('', (string) $response->getBody());
+ }
+ else {
+ $this->assertSame([static::$mimeType], $response->getHeader('Content-Type'));
+ if ($expected_body !== FALSE) {
+ $this->assertSame($expected_body, (string) $response->getBody());
+ }
+ }
+
+ // Expected cache tags: X-Drupal-Cache-Tags header.
+ $this->assertSame($expected_cache_tags !== FALSE, $response->hasHeader('X-Drupal-Cache-Tags'));
+ if (is_array($expected_cache_tags)) {
+ $this->assertSame($expected_cache_tags, explode(' ', $response->getHeader('X-Drupal-Cache-Tags')[0]));
+ }
+
+ // Expected cache contexts: X-Drupal-Cache-Contexts header.
+ $this->assertSame($expected_cache_contexts !== FALSE, $response->hasHeader('X-Drupal-Cache-Contexts'));
+ if (is_array($expected_cache_contexts)) {
+ $this->assertSame($expected_cache_contexts, explode(' ', $response->getHeader('X-Drupal-Cache-Contexts')[0]));
+ }
+
+ // Expected Page Cache header value: X-Drupal-Cache header.
+ if ($expected_page_cache_header_value !== FALSE) {
+ $this->assertTrue($response->hasHeader('X-Drupal-Cache'));
+ $this->assertSame($expected_page_cache_header_value, $response->getHeader('X-Drupal-Cache')[0]);
+ }
+ else {
+ $this->assertFalse($response->hasHeader('X-Drupal-Cache'));
+ }
+
+ // Expected Dynamic Page Cache header value: X-Drupal-Dynamic-Cache header.
+ if ($expected_dynamic_page_cache_header_value !== FALSE) {
+ $this->assertTrue($response->hasHeader('X-Drupal-Dynamic-Cache'));
+ $this->assertSame($expected_dynamic_page_cache_header_value, $response->getHeader('X-Drupal-Dynamic-Cache')[0]);
+ }
+ else {
+ $this->assertFalse($response->hasHeader('X-Drupal-Dynamic-Cache'));
}
}
* The expected error message.
* @param \Psr\Http\Message\ResponseInterface $response
* The error response to assert.
+ * @param string[]|false $expected_cache_tags
+ * (optional) The expected cache tags in the X-Drupal-Cache-Tags response
+ * header, or FALSE if that header should be absent. Defaults to FALSE.
+ * @param string[]|false $expected_cache_contexts
+ * (optional) The expected cache contexts in the X-Drupal-Cache-Contexts
+ * response header, or FALSE if that header should be absent. Defaults to
+ * FALSE.
+ * @param string|false $expected_page_cache_header_value
+ * (optional) The expected X-Drupal-Cache response header value, or FALSE if
+ * that header should be absent. Possible strings: 'MISS', 'HIT'. Defaults
+ * to FALSE.
+ * @param string|false $expected_dynamic_page_cache_header_value
+ * (optional) The expected X-Drupal-Dynamic-Cache response header value, or
+ * FALSE if that header should be absent. Possible strings: 'MISS', 'HIT'.
+ * Defaults to FALSE.
*/
- protected function assertResourceErrorResponse($expected_status_code, $expected_message, ResponseInterface $response) {
+ protected function assertResourceErrorResponse($expected_status_code, $expected_message, ResponseInterface $response, $expected_cache_tags = FALSE, $expected_cache_contexts = FALSE, $expected_page_cache_header_value = FALSE, $expected_dynamic_page_cache_header_value = FALSE) {
$expected_body = ($expected_message !== FALSE) ? $this->serializer->encode(['message' => $expected_message], static::$format) : FALSE;
- $this->assertResourceResponse($expected_status_code, $expected_body, $response);
+ $this->assertResourceResponse($expected_status_code, $expected_body, $response, $expected_cache_tags, $expected_cache_contexts, $expected_page_cache_header_value, $expected_dynamic_page_cache_header_value);
}
/**