3 namespace Drupal\Tests\block\Functional\Rest;
5 use Drupal\block\Entity\Block;
6 use Drupal\Tests\rest\Functional\EntityResource\EntityResourceTestBase;
8 abstract class BlockResourceTestBase extends EntityResourceTestBase {
13 public static $modules = ['block'];
18 protected static $entityTypeId = 'block';
21 * @var \Drupal\block\BlockInterface
28 protected function setUpAuthorization($method) {
31 $this->entity->setVisibilityConfig('user_role', [])->save();
34 $this->grantPermissionsToTestedRole(['administer blocks']);
37 $this->grantPermissionsToTestedRole(['administer blocks']);
45 protected function createEntity() {
46 $block = Block::create([
47 'plugin' => 'llama_block',
52 // All blocks can be viewed by the anonymous user by default. An interesting
53 // side effect of this is that any anonymous user is also able to read the
54 // corresponding block config entity via REST, even if an authentication
55 // provider is configured for the block config entity REST resource! In
56 // other words: Block entities do not distinguish between 'view' as in
57 // "render on a page" and 'view' as in "read the configuration".
58 // This prevents that.
59 // @todo Fix this in https://www.drupal.org/node/2820315.
60 $block->setVisibilityConfig('user_role', [
62 'roles' => ['non-existing-role' => 'non-existing-role'],
64 'context_mapping' => [
65 'user' => '@user.current_user_context:current_user',
76 protected function getExpectedNormalizedEntity() {
78 'uuid' => $this->entity->uuid(),
91 'plugin' => 'llama_block',
96 'label_display' => 'visible',
101 return $normalization;
107 protected function getNormalizedPostEntity() {
108 // @todo Update in https://www.drupal.org/node/2300677.
114 protected function getExpectedCacheContexts() {
115 // @see ::createEntity()
122 protected function getExpectedCacheTags() {
123 // Because the 'user.permissions' cache context is missing, the cache tag
124 // for the anonymous user role is never added automatically.
125 return array_values(array_diff(parent::getExpectedCacheTags(), ['config:user.role.anonymous']));
131 protected function getExpectedUnauthorizedAccessMessage($method) {
132 if ($this->config('rest.settings')->get('bc_entity_resource_permissions')) {
133 return parent::getExpectedUnauthorizedAccessMessage($method);
138 return "You are not authorized to view this block entity.";
140 return parent::getExpectedUnauthorizedAccessMessage($method);
147 protected function getExpectedUnauthorizedAccessCacheability() {
148 // @see \Drupal\block\BlockAccessControlHandler::checkAccess()
149 return parent::getExpectedUnauthorizedAccessCacheability()
152 'config:block.block.llama',
154 static::$auth ? 'user:2' : 'user:0',
156 ->setCacheContexts(['user.roles']);