summaryrefslogtreecommitdiffstats
path: root/core
diff options
context:
space:
mode:
authorAlex Pott2018-12-15 22:21:22 (GMT)
committerAlex Pott2018-12-15 22:21:28 (GMT)
commitc0465bbfc282a4c08d84eaa34d5939303b4be980 (patch)
treead63b56a2999a1bba03d62661a281201cc7522e2 /core
parentdade5a356a7bdfa48b71da3fab124e855368d6aa (diff)
Issue #2927768 by justinlevi, Lendude, pritish.kumar, Wim Leers, dawehner: Update RestRegisterUserTest to use the ResourceTestBase base class instead of the deprecated RESTTestBase
(cherry picked from commit 478177541ccb9a4c0cfe7125d48c7509b8b1f211)
Diffstat (limited to 'core')
-rw-r--r--core/modules/user/src/Tests/RestRegisterUserTest.php173
-rw-r--r--core/modules/user/tests/src/Functional/RestRegisterUserTest.php270
2 files changed, 270 insertions, 173 deletions
diff --git a/core/modules/user/src/Tests/RestRegisterUserTest.php b/core/modules/user/src/Tests/RestRegisterUserTest.php
deleted file mode 100644
index 31bcce4..0000000
--- a/core/modules/user/src/Tests/RestRegisterUserTest.php
+++ /dev/null
@@ -1,173 +0,0 @@
-<?php
-
-namespace Drupal\user\Tests;
-
-use Drupal\Core\Url;
-use Drupal\rest\Tests\RESTTestBase;
-use Drupal\user\Entity\Role;
-use Drupal\user\RoleInterface;
-
-/**
- * Tests user registration via REST resource.
- *
- * @group user
- */
-class RestRegisterUserTest extends RESTTestBase {
-
- /**
- * {@inheritdoc}
- */
- public static $modules = ['hal'];
-
- /**
- * {@inheritdoc}
- */
- public function setUp() {
- parent::setUp();
-
- $this->enableService('user_registration', 'POST', 'hal_json');
-
- Role::load(RoleInterface::ANONYMOUS_ID)
- ->grantPermission('restful post user_registration')
- ->save();
-
- Role::load(RoleInterface::AUTHENTICATED_ID)
- ->grantPermission('restful post user_registration')
- ->save();
- }
-
- /**
- * Tests that only anonymous users can register users.
- */
- public function testRegisterUser() {
- // Verify that an authenticated user cannot register a new user, despite
- // being granted permission to do so because only anonymous users can
- // register themselves, authenticated users with the necessary permissions
- // can POST a new user to the "user" REST resource.
- $user = $this->createUser();
- $this->drupalLogin($user);
- $this->registerRequest('palmer.eldritch');
- $this->assertResponse('403', 'Only anonymous users can register users.');
- $this->drupalLogout();
-
- $user_settings = $this->config('user.settings');
-
- // Test out different setting User Registration and Email Verification.
- // Allow visitors to register with no email verification.
- $user_settings->set('register', USER_REGISTER_VISITORS);
- $user_settings->set('verify_mail', 0);
- $user_settings->save();
- $user = $this->registerUser('Palmer.Eldritch');
- $this->assertFalse($user->isBlocked());
- $this->assertFalse(empty($user->getPassword()));
- $email_count = count($this->drupalGetMails());
- $this->assertEqual(0, $email_count);
-
- // Attempt to register without sending a password.
- $this->registerRequest('Rick.Deckard', FALSE);
- $this->assertResponse('422', 'No password provided');
-
- // Allow visitors to register with email verification.
- $user_settings->set('register', USER_REGISTER_VISITORS);
- $user_settings->set('verify_mail', 1);
- $user_settings->save();
- $user = $this->registerUser('Jason.Taverner', FALSE);
- $this->assertTrue(empty($user->getPassword()));
- $this->assertTrue($user->isBlocked());
- $this->assertMailString('body', 'You may now log in by clicking this link', 1);
-
- // Attempt to register with a password when e-mail verification is on.
- $this->registerRequest('Estraven', TRUE);
- $this->assertResponse('422', 'A Password cannot be specified. It will be generated on login.');
-
- // Allow visitors to register with Admin approval and e-mail verification.
- $user_settings->set('register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL);
- $user_settings->set('verify_mail', 1);
- $user_settings->save();
- $user = $this->registerUser('Bob.Arctor', FALSE);
- $this->assertTrue(empty($user->getPassword()));
- $this->assertTrue($user->isBlocked());
- $this->assertMailString('body', 'Your application for an account is', 2);
- $this->assertMailString('body', 'Bob.Arctor has applied for an account', 2);
-
- // Attempt to register with a password when e-mail verification is on.
- $this->registerRequest('Ursula', TRUE);
- $this->assertResponse('422', 'A Password cannot be specified. It will be generated on login.');
-
- // Allow visitors to register with Admin approval and no email verification.
- $user_settings->set('register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL);
- $user_settings->set('verify_mail', 0);
- $user_settings->save();
- $user = $this->registerUser('Argaven');
- $this->assertFalse(empty($user->getPassword()));
- $this->assertTrue($user->isBlocked());
- $this->assertMailString('body', 'Your application for an account is', 2);
- $this->assertMailString('body', 'Argaven has applied for an account', 2);
-
- // Attempt to register without sending a password.
- $this->registerRequest('Tibe', FALSE);
- $this->assertResponse('422', 'No password provided');
- }
-
- /**
- * Creates serialize user values.
- *
- * @param string $name
- * The name of the user. Use only valid values for emails.
- *
- * @param bool $include_password
- * Whether to include a password in the user values.
- *
- * @return string
- * Serialized user values.
- */
- protected function createSerializedUser($name, $include_password = TRUE) {
- global $base_url;
- // New user info to be serialized.
- $data = [
- "_links" => ["type" => ["href" => $base_url . "/rest/type/user/user"]],
- "langcode" => [["value" => "en"]],
- "name" => [["value" => $name]],
- "mail" => [["value" => "$name@example.com"]],
- ];
- if ($include_password) {
- $data['pass']['value'] = 'SuperSecretPassword';
- }
-
- // Create a HAL+JSON version for the user entity we want to create.
- $serialized = $this->container->get('serializer')
- ->serialize($data, 'hal_json');
- return $serialized;
- }
-
- /**
- * Registers a user via REST resource.
- *
- * @param $name
- * User name.
- *
- * @param bool $include_password
- *
- * @return bool|\Drupal\user\Entity\User
- */
- protected function registerUser($name, $include_password = TRUE) {
- // Verify that an anonymous user can register.
- $this->registerRequest($name, $include_password);
- $this->assertResponse('200', 'HTTP response code is correct.');
- $user = user_load_by_name($name);
- $this->assertFalse(empty($user), 'User was create as expected');
- return $user;
- }
-
- /**
- * Make a REST user registration request.
- *
- * @param $name
- * @param $include_password
- */
- protected function registerRequest($name, $include_password = TRUE) {
- $serialized = $this->createSerializedUser($name, $include_password);
- $this->httpRequest(Url::fromRoute('rest.user_registration.POST', ['_format' => 'hal_json']), 'POST', $serialized, 'application/hal+json');
- }
-
-}
diff --git a/core/modules/user/tests/src/Functional/RestRegisterUserTest.php b/core/modules/user/tests/src/Functional/RestRegisterUserTest.php
new file mode 100644
index 0000000..32e875c
--- /dev/null
+++ b/core/modules/user/tests/src/Functional/RestRegisterUserTest.php
@@ -0,0 +1,270 @@
+<?php
+
+namespace Drupal\Tests\user\Functional;
+
+use Drupal\Core\Url;
+use Drupal\Tests\rest\Functional\CookieResourceTestTrait;
+use Drupal\Tests\rest\Functional\ResourceTestBase;
+use GuzzleHttp\RequestOptions;
+use Drupal\Core\Test\AssertMailTrait;
+
+/**
+ * Tests user registration via REST resource.
+ *
+ * @group user
+ */
+class RestRegisterUserTest extends ResourceTestBase {
+
+ use CookieResourceTestTrait;
+
+ use AssertMailTrait {
+ getMails as drupalGetMails;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected static $format = 'hal_json';
+
+ /**
+ * {@inheritdoc}
+ */
+ protected static $mimeType = 'application/hal+json';
+
+ /**
+ * {@inheritdoc}
+ */
+ protected static $auth = 'cookie';
+
+ /**
+ * {@inheritdoc}
+ */
+ protected static $resourceConfigId = 'user_registration';
+
+ /**
+ * {@inheritdoc}
+ */
+ public static $modules = ['hal', 'user'];
+
+ const USER_EMAIL_DOMAIN = '@example.com';
+
+ const TEST_EMAIL_DOMAIN = 'simpletest@example.com';
+
+ /**
+ * {@inheritdoc}
+ */
+ public function setUp() {
+ parent::setUp();
+
+ $auth = isset(static::$auth) ? [static::$auth] : [];
+ $this->provisionResource([static::$format], $auth);
+
+ $this->setUpAuthorization('POST');
+ }
+
+ /**
+ * Tests that only anonymous users can register users.
+ */
+ public function testRegisterUser() {
+ $config = $this->config('user.settings');
+
+ // Test out different setting User Registration and Email Verification.
+ // Allow visitors to register with no email verification.
+ $config->set('register', USER_REGISTER_VISITORS);
+ $config->set('verify_mail', 0);
+ $config->save();
+ $user = $this->registerUser('Palmer.Eldritch');
+ $this->assertFalse($user->isBlocked());
+ $this->assertFalse(empty($user->getPassword()));
+ $email_count = count($this->drupalGetMails());
+
+ $this->assertEquals($email_count, 0);
+
+ // Attempt to register without sending a password.
+ $response = $this->registerRequest('Rick.Deckard', FALSE);
+ $this->assertResourceErrorResponse(422, "No password provided.", $response);
+
+ // Attempt to register with a password when e-mail verification is on.
+ $config->set('register', USER_REGISTER_VISITORS);
+ $config->set('verify_mail', 1);
+ $config->save();
+ $response = $this->registerRequest('Estraven', TRUE);
+ $this->assertResourceErrorResponse(422, 'A Password cannot be specified. It will be generated on login.', $response);
+
+ // Allow visitors to register with email verification.
+ $config->set('register', USER_REGISTER_VISITORS);
+ $config->set('verify_mail', 1);
+ $config->save();
+ $name = 'Jason.Taverner';
+ $user = $this->registerUser($name, FALSE);
+ $this->assertTrue(empty($user->getPassword()));
+ $this->assertTrue($user->isBlocked());
+ $this->resetAll();
+
+ $this->assertMailString('body', 'You may now log in by clicking this link', 1);
+
+ // Allow visitors to register with Admin approval and no email verification.
+ $config->set('register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL);
+ $config->set('verify_mail', 0);
+ $config->save();
+ $name = 'Argaven';
+ $user = $this->registerUser($name);
+ $this->resetAll();
+ $this->assertFalse(empty($user->getPassword()));
+ $this->assertTrue($user->isBlocked());
+ $this->assertMailString('body', 'Your application for an account is', 2);
+ $this->assertMailString('body', 'Argaven has applied for an account', 2);
+
+ // Allow visitors to register with Admin approval and e-mail verification.
+ $config->set('register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL);
+ $config->set('verify_mail', 1);
+ $config->save();
+ $name = 'Bob.Arctor';
+ $user = $this->registerUser($name, FALSE);
+ $this->resetAll();
+ $this->assertTrue(empty($user->getPassword()));
+ $this->assertTrue($user->isBlocked());
+
+ $this->assertMailString('body', 'Your application for an account is', 2);
+ $this->assertMailString('body', 'Bob.Arctor has applied for an account', 2);
+
+ // Verify that an authenticated user cannot register a new user, despite
+ // being granted permission to do so because only anonymous users can
+ // register themselves, authenticated users with the necessary permissions
+ // can POST a new user to the "user" REST resource.
+ $this->initAuthentication();
+ $response = $this->registerRequest($this->account->getAccountName());
+ $this->assertResourceErrorResponse(403, "Only anonymous users can register a user.", $response);
+ }
+
+ /**
+ * Create the request body.
+ *
+ * @param string $name
+ * Name.
+ * @param bool $include_password
+ * Include Password.
+ * @param bool $include_email
+ * Include Email.
+ *
+ * @return array
+ * Return the request body.
+ */
+ protected function createRequestBody($name, $include_password = TRUE, $include_email = TRUE) {
+ global $base_url;
+ $request_body = [
+ '_links' => ['type' => ["href" => $base_url . "/rest/type/user/user"]],
+ 'langcode' => [['value' => 'en']],
+ 'name' => [['value' => $name]],
+ ];
+
+ if ($include_email) {
+ $request_body['mail'] = [['value' => $name . self::USER_EMAIL_DOMAIN]];
+ }
+
+ if ($include_password) {
+ $request_body['pass']['value'] = 'SuperSecretPassword';
+ }
+
+ return $request_body;
+ }
+
+ /**
+ * Helper function to generate the request body.
+ *
+ * @param array $request_body
+ * The request body array.
+ *
+ * @return array
+ * Return the request options.
+ */
+ protected function createRequestOptions(array $request_body) {
+ $request_options = $this->getAuthenticationRequestOptions('POST');
+ $request_options[RequestOptions::BODY] = $this->serializer->encode($request_body, static::$format);
+ $request_options[RequestOptions::HEADERS]['Content-Type'] = static::$mimeType;
+
+ return $request_options;
+ }
+
+ /**
+ * Registers a user via REST resource.
+ *
+ * @param string $name
+ * User name.
+ * @param bool $include_password
+ * Include the password.
+ * @param bool $include_email
+ * Include the email?
+ *
+ * @return bool|\Drupal\user\Entity\User
+ * Return bool or the user.
+ */
+ protected function registerUser($name, $include_password = TRUE, $include_email = TRUE) {
+ // Verify that an anonymous user can register.
+ $response = $this->registerRequest($name, $include_password, $include_email);
+ $this->assertResourceResponse(200, FALSE, $response);
+ $user = user_load_by_name($name);
+ $this->assertFalse(empty($user), 'User was create as expected');
+ return $user;
+ }
+
+ /**
+ * Make a REST user registration request.
+ *
+ * @param string $name
+ * The name.
+ * @param bool $include_password
+ * Include the password?
+ * @param bool $include_email
+ * Include the email?
+ *
+ * @return \Psr\Http\Message\ResponseInterface
+ * Return the Response.
+ */
+ protected function registerRequest($name, $include_password = TRUE, $include_email = TRUE) {
+
+ $user_register_url = Url::fromRoute('user.register')
+ ->setRouteParameter('_format', static::$format);
+ $request_body = $this->createRequestBody($name, $include_password, $include_email);
+ $request_options = $this->createRequestOptions($request_body);
+ $response = $this->request('POST', $user_register_url, $request_options);
+
+ return $response;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function setUpAuthorization($method) {
+ switch ($method) {
+ case 'POST':
+ $this->grantPermissionsToAuthenticatedRole(['restful post user_registration']);
+ $this->grantPermissionsToAnonymousRole(['restful post user_registration']);
+ break;
+
+ default:
+ throw new \UnexpectedValueException();
+ }
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function assertNormalizationEdgeCases($method, Url $url, array $request_options) {}
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessMessage($method) {}
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedBcUnauthorizedAccessMessage($method) {}
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessCacheability() {}
+
+}