/**
* Tests the matchRequest() function for access denied.
*
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
*/
public function testMatchRequestDenied()
{
$this->setupRouter();
$request = new Request();
$this->accessManager->expects($this->once())->method('checkRequest')->with($request)->will($this->returnValue(FALSE));
$this->router->matchRequest($request);
}
/**
* Tests the matchRequest() function for access denied.
*
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
*/
public function testMatchRequestDenied()
{
$this->setupRouter();
$request = new Request();
$access_result = AccessResult::forbidden();
$this->accessManager->expects($this->once())->method('checkRequest')->with($request)->willReturn($access_result);
$parameters = $this->router->matchRequest($request);
$expected = [AccessAwareRouterInterface::ACCESS_RESULT => $access_result];
$this->assertSame($expected, $request->attributes->all());
$this->assertSame($expected, $parameters);
}
protected function setupFactoryAndLocalTaskPlugins(array $definitions, $active_plugin_id) {
$map = [];
$access_manager_map = [];
foreach ($definitions as $plugin_id => $info) {
$info += ['access' => AccessResult::allowed()];
$mock = $this->prophesize(LocalTaskInterface::class);
$mock->willImplement(CacheableDependencyInterface::class);
$mock->getRouteName()->willReturn($info['route_name']);
$mock->getTitle()->willReturn($info['title']);
$mock->getRouteParameters(Argument::cetera())->willReturn([]);
$mock->getOptions(Argument::cetera())->willReturn([]);
$mock->getActive()->willReturn($plugin_id === $active_plugin_id);
$mock->getWeight()->willReturn(isset($info['weight']) ? $info['weight'] : 0);
$mock->getCacheContexts()->willReturn(isset($info['cache_contexts']) ? $info['cache_contexts'] : []);
$mock->getCacheTags()->willReturn(isset($info['cache_tags']) ? $info['cache_tags'] : []);
$mock->getCacheMaxAge()->willReturn(isset($info['cache_max_age']) ? $info['cache_max_age'] : Cache::PERMANENT);
$access_manager_map[] = [$info['route_name'], [], $this->account, TRUE, $info['access']];
$map[] = [$info['id'], [], $mock->reveal()];
}
$this->accessManager->expects($this->any())
->method('checkNamedRoute')
->willReturnMap($access_manager_map);
$this->factory->expects($this->any())
->method('createInstance')
->will($this->returnValueMap($map));
}
/**
* Tests the checkAccess() tree manipulator.
*
* @covers ::checkAccess
*/
public function testCheckAccess()
{
// Those menu links that are non-external will have their access checks
// performed. 8 routes, but 1 is external, 2 already have their 'access'
// property set, and 1 is a child if an inaccessible menu link, so only 4
// calls will be made.
$this->accessManager->expects($this->exactly(4))->method('checkNamedRoute')->will($this->returnValueMap(array(array('example1', array(), $this->currentUser, NULL, FALSE), array('example2', array('foo' => 'bar'), $this->currentUser, NULL, TRUE), array('example3', array('baz' => 'qux'), $this->currentUser, NULL, FALSE), array('example5', array(), $this->currentUser, NULL, TRUE))));
$this->mockTree();
$this->originalTree[5]->subtree[7]->access = TRUE;
$this->originalTree[8]->access = FALSE;
$tree = $this->defaultMenuTreeManipulators->checkAccess($this->originalTree);
// Menu link 1: route without parameters, access forbidden, hence removed.
$this->assertFalse(array_key_exists(1, $tree));
// Menu link 2: route with parameters, access granted.
$element = $tree[2];
$this->assertTrue($element->access);
// Menu link 3: route with parameters, access forbidden, hence removed,
// including its children.
$this->assertFalse(array_key_exists(3, $tree[2]->subtree));
// Menu link 4: child of menu link 3, which already is removed.
$this->assertSame(array(), $tree[2]->subtree);
// Menu link 5: no route name, treated as external, hence access granted.
$element = $tree[5];
$this->assertTrue($element->access);
// Menu link 6: external URL, hence access granted.
$element = $tree[6];
$this->assertTrue($element->access);
// Menu link 7: 'access' already set.
$element = $tree[5]->subtree[7];
$this->assertTrue($element->access);
// Menu link 8: 'access' already set, to FALSE, hence removed.
$this->assertFalse(array_key_exists(8, $tree));
}
/**
* Tests the optimized node access checking.
*
* @covers ::checkNodeAccess
* @covers ::collectNodeLinks
* @covers ::checkAccess
*/
public function testCheckNodeAccess()
{
$links = array(1 => MenuLinkMock::create(array('id' => 'node.1', 'route_name' => 'entity.node.canonical', 'title' => 'foo', 'parent' => '', 'route_parameters' => array('node' => 1))), 2 => MenuLinkMock::create(array('id' => 'node.2', 'route_name' => 'entity.node.canonical', 'title' => 'bar', 'parent' => '', 'route_parameters' => array('node' => 2))), 3 => MenuLinkMock::create(array('id' => 'node.3', 'route_name' => 'entity.node.canonical', 'title' => 'baz', 'parent' => 'node.2', 'route_parameters' => array('node' => 3))), 4 => MenuLinkMock::create(array('id' => 'node.4', 'route_name' => 'entity.node.canonical', 'title' => 'qux', 'parent' => 'node.3', 'route_parameters' => array('node' => 4))), 5 => MenuLinkMock::create(array('id' => 'test.1', 'route_name' => 'test_route', 'title' => 'qux', 'parent' => '')), 6 => MenuLinkMock::create(array('id' => 'test.2', 'route_name' => 'test_route', 'title' => 'qux', 'parent' => 'test.1')));
$tree = array();
$tree[1] = new MenuLinkTreeElement($links[1], FALSE, 1, FALSE, array());
$tree[2] = new MenuLinkTreeElement($links[2], TRUE, 1, FALSE, array(3 => new MenuLinkTreeElement($links[3], TRUE, 2, FALSE, array(4 => new MenuLinkTreeElement($links[4], FALSE, 3, FALSE, array())))));
$tree[5] = new MenuLinkTreeElement($links[5], TRUE, 1, FALSE, array(6 => new MenuLinkTreeElement($links[6], FALSE, 2, FALSE, array())));
$query = $this->getMock('Drupal\\Core\\Entity\\Query\\QueryInterface');
$query->expects($this->at(0))->method('condition')->with('nid', array(1, 2, 3, 4));
$query->expects($this->at(1))->method('condition')->with('status', NODE_PUBLISHED);
$query->expects($this->once())->method('execute')->willReturn(array(1, 2, 4));
$this->queryFactory->expects($this->once())->method('get')->with('node')->willReturn($query);
$node_access_result = AccessResult::allowed()->cachePerPermissions()->addCacheContexts(['user.node_grants:view']);
$tree = $this->defaultMenuTreeManipulators->checkNodeAccess($tree);
$this->assertEquals($node_access_result, $tree[1]->access);
$this->assertEquals($node_access_result, $tree[2]->access);
// Ensure that access denied is set.
$this->assertEquals(AccessResult::neutral(), $tree[2]->subtree[3]->access);
$this->assertEquals($node_access_result, $tree[2]->subtree[3]->subtree[4]->access);
// Ensure that other routes than entity.node.canonical are set as well.
$this->assertNull($tree[5]->access);
$this->assertNull($tree[5]->subtree[6]->access);
// On top of the node access checking now run the ordinary route based
// access checkers.
// Ensure that the access manager is just called for the non-node routes.
$this->accessManager->expects($this->at(0))->method('checkNamedRoute')->with('test_route', [], $this->currentUser, TRUE)->willReturn(AccessResult::allowed());
$this->accessManager->expects($this->at(1))->method('checkNamedRoute')->with('test_route', [], $this->currentUser, TRUE)->willReturn(AccessResult::neutral());
$tree = $this->defaultMenuTreeManipulators->checkAccess($tree);
$this->assertEquals($node_access_result, $tree[1]->access);
$this->assertEquals($node_access_result, $tree[2]->access);
$this->assertEquals(AccessResult::neutral(), $tree[2]->subtree[3]->access);
$this->assertEquals(AccessResult::allowed()->cachePerPermissions(), $tree[5]->access);
$this->assertEquals(AccessResult::neutral()->cachePerPermissions(), $tree[5]->subtree[6]->access);
}
/**
* Tests the matchRequest() function for access denied with reason message.
*/
public function testCheckAccessResultWithReason()
{
$this->setupRouter();
$request = new Request();
$reason = $this->getRandomGenerator()->string();
$access_result = AccessResult::forbidden($reason);
$this->accessManager->expects($this->once())->method('checkRequest')->with($request)->willReturn($access_result);
$this->setExpectedException(AccessDeniedHttpException::class, $reason);
$this->router->matchRequest($request);
}
/**
* Tests that if access is granted, AccessSubscriber will not throw an exception.
*/
public function testAccessSubscriberDoesNotAlterRequestIfAccessManagerGrantsAccess()
{
$this->parameterBag->expects($this->once())->method('has')->with(RouteObjectInterface::ROUTE_OBJECT)->will($this->returnValue(TRUE));
$this->parameterBag->expects($this->once())->method('get')->with(RouteObjectInterface::ROUTE_OBJECT)->will($this->returnValue($this->route));
$this->accessManager->expects($this->once())->method('check')->with($this->equalTo($this->route))->will($this->returnValue(TRUE));
$subscriber = new AccessSubscriber($this->accessManager, $this->currentUser);
// We're testing that no exception is thrown in this case. There is no
// return.
$subscriber->onKernelRequestAccessCheck($this->event);
}
/**
* {@inheritdoc}
*/
protected function setUp()
{
$this->configFactory = $this->getConfigFactoryStub(['system.site' => ['page.403' => '/access-denied-page', 'page.404' => '/not-found-page']]);
$this->kernel = $this->getMock('Symfony\\Component\\HttpKernel\\HttpKernelInterface');
$this->logger = $this->getMock('Psr\\Log\\LoggerInterface');
$this->redirectDestination = $this->getMock('\\Drupal\\Core\\Routing\\RedirectDestinationInterface');
$this->redirectDestination->expects($this->any())->method('getAsArray')->willReturn(['destination' => 'test']);
$this->accessUnawareRouter = $this->getMock('Symfony\\Component\\Routing\\Matcher\\UrlMatcherInterface');
$this->accessUnawareRouter->expects($this->any())->method('match')->willReturn(['_controller' => 'mocked']);
$this->accessManager = $this->getMock('Drupal\\Core\\Access\\AccessManagerInterface');
$this->accessManager->expects($this->any())->method('checkNamedRoute')->willReturn(AccessResult::allowed()->addCacheTags(['foo', 'bar']));
$this->customPageSubscriber = new CustomPageExceptionHtmlSubscriber($this->configFactory, $this->kernel, $this->logger, $this->redirectDestination, $this->accessUnawareRouter, $this->accessManager);
$path_validator = $this->getMock('Drupal\\Core\\Path\\PathValidatorInterface');
$path_validator->expects($this->any())->method('getUrlIfValidWithoutAccessCheck')->willReturn(Url::fromRoute('foo', ['foo' => 'bar']));
$container = new ContainerBuilder();
$container->set('path.validator', $path_validator);
\Drupal::setContainer($container);
// You can't create an exception in PHP without throwing it. Store the
// current error_log, and disable it temporarily.
$this->errorLog = ini_set('error_log', file_exists('/dev/null') ? '/dev/null' : 'nul');
}
/**
* {@inheritdoc}
*/
protected function setUp()
{
$this->controllerResolver = $this->getMock('Drupal\\Core\\Controller\\ControllerResolverInterface');
$this->request = $this->getMock('Symfony\\Component\\HttpFoundation\\Request');
$this->routeProvider = $this->getMock('Drupal\\Core\\Routing\\RouteProviderInterface');
$this->moduleHandler = $this->getMock('Drupal\\Core\\Extension\\ModuleHandlerInterface');
$this->cacheBackend = $this->getMock('Drupal\\Core\\Cache\\CacheBackendInterface');
$this->accessManager = $this->getMock('Drupal\\Core\\Access\\AccessManagerInterface');
$this->accessManager->expects($this->any())->method('checkNamedRoute')->will($this->returnValue(FALSE));
$this->account = $this->getMock('Drupal\\Core\\Session\\AccountInterface');
$this->discovery = $this->getMock('Drupal\\Component\\Plugin\\Discovery\\DiscoveryInterface');
$this->factory = $this->getMock('Drupal\\Component\\Plugin\\Factory\\FactoryInterface');
$this->localActionManager = new TestLocalActionManager($this->controllerResolver, $this->request, $this->routeProvider, $this->moduleHandler, $this->cacheBackend, $this->accessManager, $this->account, $this->discovery, $this->factory);
}
/**
* Tests the access checking of the getContextualLinksArrayByGroup method.
*
* @see \Drupal\Core\Menu\ContextualLinkManager::getContextualLinksArrayByGroup()
*/
public function testGetContextualLinksArrayByGroupAccessCheck()
{
$definitions = array('test_plugin1' => array('id' => 'test_plugin1', 'class' => '\\Drupal\\Core\\Menu\\ContextualLinkDefault', 'title' => 'Plugin 1', 'weight' => 0, 'group' => 'group1', 'route_name' => 'test_route', 'options' => array()), 'test_plugin2' => array('id' => 'test_plugin2', 'class' => '\\Drupal\\Core\\Menu\\ContextualLinkDefault', 'title' => 'Plugin 2', 'weight' => 2, 'group' => 'group1', 'route_name' => 'test_route2', 'options' => array('key' => 'value')));
$this->pluginDiscovery->expects($this->once())->method('getDefinitions')->will($this->returnValue($definitions));
$this->accessManager->expects($this->any())->method('checkNamedRoute')->will($this->returnValueMap(array(array('test_route', array('key' => 'value'), $this->account, FALSE, TRUE), array('test_route2', array('key' => 'value'), $this->account, FALSE, FALSE))));
// Set up mocking of the plugin factory.
$map = array();
foreach ($definitions as $plugin_id => $definition) {
$plugin = $this->getMock('Drupal\\Core\\Menu\\ContextualLinkInterface');
$plugin->expects($this->any())->method('getRouteName')->will($this->returnValue($definition['route_name']));
$plugin->expects($this->any())->method('getTitle')->will($this->returnValue($definition['title']));
$plugin->expects($this->any())->method('getWeight')->will($this->returnValue($definition['weight']));
$plugin->expects($this->any())->method('getOptions')->will($this->returnValue($definition['options']));
$map[] = array($plugin_id, array(), $plugin);
}
$this->factory->expects($this->any())->method('createInstance')->will($this->returnValueMap($map));
$result = $this->contextualLinkManager->getContextualLinksArrayByGroup('group1', array('key' => 'value'));
// Ensure that access checking was respected.
$this->assertTrue(isset($result['test_plugin1']));
$this->assertFalse(isset($result['test_plugin2']));
}
/**
* Setup the access manager to always allow access to routes.
*/
public function setupAccessManagerToAllow()
{
$this->accessManager->expects($this->any())->method('check')->willReturn((new AccessResultAllowed())->cachePerPermissions());
}
/**
* Setup the access manager to always allow access to routes.
*/
public function setupAccessManagerToAllow()
{
$this->accessManager->expects($this->any())->method('checkRequest')->will($this->returnValue(AccessResult::allowed()));
}
/**
* Setup the access manager to always return TRUE.
*/
public function setupAccessManagerWithTrue()
{
$this->accessManager->expects($this->any())->method('checkNamedRoute')->will($this->returnValue(TRUE));
}
/**
* Setup the access manager to always allow access to routes.
*/
public function setupAccessManagerToAllow()
{
$this->accessManager->expects($this->any())->method('check')->willReturn(TRUE);
}
