Commit be832f3b authored by alexpott's avatar alexpott

Issue #2817727 by Wim Leers: Add test coverage to prove controller is called...

Issue #2817727 by Wim Leers: Add test coverage to prove controller is called *after* authentication validation

(cherry picked from commit 622deefb)
parent 333a973f
......@@ -22,7 +22,7 @@ class BasicAuthTest extends WebTestBase {
*
* @var array
*/
public static $modules = array('basic_auth', 'router_test', 'locale');
public static $modules = array('basic_auth', 'router_test', 'locale', 'basic_auth_test');
/**
* Test http basic authentication.
......@@ -175,4 +175,25 @@ function testUnauthorizedErrorMessage() {
$this->assertText('Access denied', "A user friendly access denied message is displayed");
}
/**
* Tests if the controller is called before authentication.
*
* @see https://www.drupal.org/node/2817727
*/
public function testControllerNotCalledBeforeAuth() {
$this->drupalGet('/basic_auth_test/state/modify');
$this->assertResponse(401);
$this->drupalGet('/basic_auth_test/state/read');
$this->assertResponse(200);
$this->assertRaw('nope');
$account = $this->drupalCreateUser();
$this->basicAuthGet('/basic_auth_test/state/modify', $account->getUsername(), $account->pass_raw);
$this->assertResponse(200);
$this->assertRaw('Done');
$this->drupalGet('/basic_auth_test/state/read');
$this->assertResponse(200);
$this->assertRaw('yep');
}
}
name: 'HTTP Basic Authentication test'
type: module
description: 'Support module for HTTP Basic Authentication testing.'
package: Testing
version: VERSION
core: 8.x
basic_auth_test.state.modify:
path: '/basic_auth_test/state/modify'
defaults:
_controller: '\Drupal\basic_auth_test\BasicAuthTestController::modifyState'
options:
_auth:
- basic_auth
requirements:
_user_is_logged_in: 'TRUE'
basic_auth_test.state.read:
path: '/basic_auth_test/state/read'
defaults:
_controller: '\Drupal\basic_auth_test\BasicAuthTestController::readState'
requirements:
_access: 'TRUE'
<?php
namespace Drupal\basic_auth_test;
class BasicAuthTestController {
/**
* @see \Drupal\basic_auth\Tests\Authentication\BasicAuthTest::testControllerNotCalledBeforeAuth()
*/
public function modifyState() {
\Drupal::state()->set('basic_auth_test.state.controller_executed', TRUE);
return ['#markup' => 'Done'];
}
/**
* @see \Drupal\basic_auth\Tests\Authentication\BasicAuthTest::testControllerNotCalledBeforeAuth()
*/
public function readState() {
// Mark this page as being uncacheable.
\Drupal::service('page_cache_kill_switch')->trigger();
return [
'#markup' => \Drupal::state()->get('basic_auth_test.state.controller_executed') ? 'yep' : 'nope',
'#cache' => [
'max-age' => 0,
],
];
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment