3 namespace Drupal\Tests\file\Functional\Rest;
5 use Drupal\file\Entity\File;
6 use Drupal\Tests\rest\Functional\BcTimestampNormalizerUnixTestTrait;
7 use Drupal\Tests\rest\Functional\EntityResource\EntityResourceTestBase;
8 use Drupal\user\Entity\User;
10 abstract class FileResourceTestBase extends EntityResourceTestBase {
12 use BcTimestampNormalizerUnixTestTrait;
17 public static $modules = ['file', 'user'];
22 protected static $entityTypeId = 'file';
25 * @var \Drupal\file\FileInterface
32 protected static $patchProtectedFieldNames = [
41 * @var \Drupal\user\UserInterface
48 protected function setUpAuthorization($method) {
51 $this->grantPermissionsToTestedRole(['access content']);
56 // \Drupal\file\FileAccessControlHandler::checkAccess() grants 'update'
57 // and 'delete' access only to the user that owns the file. So there is
58 // no permission to grant: instead, the file owner must be changed from
59 // its default (user 1) to the current user.
60 $this->makeCurrentUserFileOwner();
68 protected function grantPermissionsToTestedRole(array $permissions) {
69 // testPatch() and testDelete() test the 'bc_entity_resource_permissions' BC
70 // layer; also call makeCurrentUserFileOwner() then.
71 if ($permissions === ['restful patch entity:file'] || $permissions === ['restful delete entity:file']) {
72 $this->makeCurrentUserFileOwner();
74 parent::grantPermissionsToTestedRole($permissions);
78 * Makes the current user the file owner.
80 protected function makeCurrentUserFileOwner() {
81 $account = static::$auth ? User::load(2) : User::load(0);
82 $this->entity->setOwnerId($account->id());
83 $this->entity->setOwner($account);
84 $this->entity->save();
90 protected function createEntity() {
91 $this->author = User::load(1);
93 $file = File::create();
94 $file->setOwnerId($this->author->id());
95 $file->setFilename('drupal.txt');
96 $file->setMimeType('text/plain');
97 $file->setFileUri('public://drupal.txt');
98 $file->set('status', FILE_STATUS_PERMANENT);
101 file_put_contents($file->getFileUri(), 'Drupal');
109 protected function getExpectedNormalizedEntity() {
112 $this->formatExpectedTimestampItemValues($this->entity->getChangedTime()),
115 $this->formatExpectedTimestampItemValues((int) $this->entity->getCreatedTime()),
124 'value' => 'text/plain',
129 'value' => 'drupal.txt',
134 'value' => (int) $this->entity->getSize(),
149 'target_id' => (int) $this->author->id(),
150 'target_type' => 'user',
151 'target_uuid' => $this->author->uuid(),
152 'url' => base_path() . 'user/' . $this->author->id(),
157 'url' => base_path() . $this->siteDirectory . '/files/drupal.txt',
158 'value' => 'public://drupal.txt',
163 'value' => $this->entity->uuid(),
172 protected function getNormalizedPostEntity() {
176 'target_id' => $this->author->id(),
181 'value' => 'drupal.txt',
190 protected function getNormalizedPatchEntity() {
191 return array_diff_key($this->getNormalizedPostEntity(), ['uid' => TRUE]);
197 protected function getExpectedCacheContexts() {
206 public function testPost() {
207 // Drupal does not allow creating file entities independently. It allows you
208 // to create file entities that are referenced from another entity (e.g. an
209 // image for a node's image field).
210 // For that purpose, there is the "file_upload" REST resource plugin.
211 // @see \Drupal\file\FileAccessControlHandler::checkCreateAccess()
212 // @see \Drupal\file\Plugin\rest\resource\FileUploadResource
213 $this->markTestSkipped();
219 protected function getExpectedUnauthorizedAccessMessage($method) {
220 if ($this->config('rest.settings')->get('bc_entity_resource_permissions')) {
221 return parent::getExpectedUnauthorizedAccessMessage($method);
224 if ($method === 'GET') {
225 return "The 'access content' permission is required.";
227 if ($method === 'PATCH' || $method === 'DELETE') {
228 return 'Only the file owner can update or delete the file entity.';
230 return parent::getExpectedUnauthorizedAccessMessage($method);