| Current Path : /var/www/html/rocksensor1/web/core/modules/system/tests/src/Functional/System/ |
Linux ift1.ift-informatik.de 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64 |
| Current File : /var/www/html/rocksensor1/web/core/modules/system/tests/src/Functional/System/AccessDeniedTest.php |
<?php
declare(strict_types=1);
namespace Drupal\Tests\system\Functional\System;
use Drupal\Tests\BrowserTestBase;
use Drupal\Tests\system\Functional\Cache\AssertPageCacheContextsAndTagsTrait;
use Drupal\user\RoleInterface;
/**
* Tests page access denied functionality, including custom 403 pages.
*
* @group system
*/
class AccessDeniedTest extends BrowserTestBase {
use AssertPageCacheContextsAndTagsTrait;
/**
* {@inheritdoc}
*/
protected static $modules = ['block', 'node', 'system_test'];
/**
* {@inheritdoc}
*/
protected $defaultTheme = 'stark';
protected $adminUser;
/**
* {@inheritdoc}
*/
protected function setUp(): void {
parent::setUp();
$this->drupalPlaceBlock('page_title_block');
// Create an administrative user.
$this->adminUser = $this->drupalCreateUser([
'access administration pages',
'administer site configuration',
'link to any page',
'administer blocks',
]);
$this->adminUser->roles[] = 'administrator';
$this->adminUser->save();
user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, ['access user profiles']);
user_role_grant_permissions(RoleInterface::AUTHENTICATED_ID, ['access user profiles']);
}
public function testAccessDenied(): void {
$this->drupalGet('admin');
$this->assertSession()->pageTextContains('Access denied');
$this->assertSession()->statusCodeEquals(403);
// Ensure that users without permission are denied access and have the
// correct path information in drupalSettings.
$this->drupalLogin($this->createUser([]));
$this->drupalGet('admin', ['query' => ['foo' => 'bar']]);
$settings = $this->getDrupalSettings();
$this->assertEquals('admin', $settings['path']['currentPath']);
$this->assertTrue($settings['path']['currentPathIsAdmin']);
$this->assertEquals(['foo' => 'bar'], $settings['path']['currentQuery']);
$this->drupalLogin($this->adminUser);
// Set a custom 404 page without a starting slash.
$edit = [
'site_403' => 'user/' . $this->adminUser->id(),
];
$this->drupalGet('admin/config/system/site-information');
$this->submitForm($edit, 'Save configuration');
$this->assertSession()->pageTextContains("The path '{$edit['site_403']}' has to start with a slash.");
// Use a custom 403 page.
$edit = [
'site_403' => '/user/' . $this->adminUser->id(),
];
$this->drupalGet('admin/config/system/site-information');
$this->submitForm($edit, 'Save configuration');
// Enable the user login block.
$block = $this->drupalPlaceBlock('user_login_block', ['id' => 'login']);
// Log out and check that the user login block is shown on custom 403 pages.
$this->drupalLogout();
$this->drupalGet('admin');
$this->assertSession()->pageTextContains($this->adminUser->getAccountName());
$this->assertSession()->pageTextContains('Username');
// Log back in and remove the custom 403 page.
$this->drupalLogin($this->adminUser);
$edit = [
'site_403' => '',
];
$this->drupalGet('admin/config/system/site-information');
$this->submitForm($edit, 'Save configuration');
// Logout and check that the user login block is shown on default 403 pages.
$this->drupalLogout();
$this->drupalGet('admin');
$this->assertSession()->pageTextContains('Access denied');
$this->assertSession()->statusCodeEquals(403);
$this->assertSession()->pageTextContains('Username');
// Log back in, set the custom 403 page to /user/login and remove the block
$this->drupalLogin($this->adminUser);
$this->config('system.site')->set('page.403', '/user/login')->save();
$block->disable()->save();
// Check that we can log in from the 403 page.
$this->drupalLogout();
$edit = [
'name' => $this->adminUser->getAccountName(),
'pass' => $this->adminUser->pass_raw,
];
$this->drupalGet('admin/config/system/site-information');
$this->submitForm($edit, 'Log in');
// Check that we're still on the same page.
$this->assertSession()->pageTextContains('Basic site settings');
}
/**
* Tests that an inaccessible custom 403 page falls back to the default.
*/
public function testAccessDeniedCustomPageWithAccessDenied(): void {
// Sets up a 403 page not accessible by the anonymous user.
$this->config('system.site')->set('page.403', '/system-test/custom-4xx')->save();
$this->drupalGet('/system-test/always-denied');
$this->assertSession()->pageTextNotContains('Admin-only 4xx response');
$this->assertSession()->pageTextContains('You are not authorized to access this page.');
$this->assertSession()->statusCodeEquals(403);
// Verify the access cacheability metadata for custom 403 is bubbled.
$this->assertCacheContext('user.roles');
$this->drupalLogin($this->adminUser);
$this->drupalGet('/system-test/always-denied');
$this->assertSession()->pageTextContains('Admin-only 4xx response');
$this->assertSession()->statusCodeEquals(403);
// Verify the access cacheability metadata for custom 403 is bubbled.
$this->assertCacheContext('user.roles');
}
}