function EntityResourceTestBase::testDelete

Tests a DELETE request for an entity, plus edge cases to ensure good DX.

File

core/modules/rest/tests/src/Functional/EntityResource/EntityResourceTestBase.php, line 1109

Class

EntityResourceTestBase

Defines a base class for testing all entity resources.

Namespace

Code

public function testDelete() : void {
  // @todo Remove this in https://www.drupal.org/node/2300677.
  if ($this->entity instanceof ConfigEntityInterface) {
    $this->markTestSkipped('DELETEing config entities is not yet supported.');
  }
  $this->initAuthentication();
  $has_canonical_url = $this->entity
    ->hasLinkTemplate('canonical');
  // The URL and Guzzle request options that will be used in this test. The
  // request options will be modified/expanded throughout this test:
  // - to first test all mistakes a developer might make, and assert that the
  //   error responses provide a good DX
  // - to eventually result in a well-formed request that succeeds.
  $url = $this->getEntityResourceUrl();
  $request_options = [];
  // DX: 404 when resource not provisioned, but 405 if canonical route. Plain
  // text  or HTML response because missing ?_format query string.
  $response = $this->request('DELETE', $url, $request_options);
  if ($has_canonical_url) {
    $this->assertSame(405, $response->getStatusCode());
    $this->assertSame([
      'GET, POST, HEAD',
    ], $response->getHeader('Allow'));
    $this->assertSame([
      'text/html; charset=UTF-8',
    ], $response->getHeader('Content-Type'));
    $this->assertStringContainsString('A client error happened', (string) $response->getBody());
  }
  else {
    $this->assertSame(404, $response->getStatusCode());
    $this->assertSame([
      'text/html; charset=UTF-8',
    ], $response->getHeader('Content-Type'));
  }
  $url->setOption('query', [
    '_format' => static::$format,
  ]);
  // DX: 404 when resource not provisioned, 405 if canonical route.
  $response = $this->request('DELETE', $url, $request_options);
  if ($has_canonical_url) {
    $this->assertSame([
      'GET, POST, HEAD',
    ], $response->getHeader('Allow'));
    $this->assertResourceErrorResponse(405, 'No route found for "DELETE ' . $this->getEntityResourceUrl()
      ->setAbsolute()
      ->toString() . '": Method Not Allowed (Allow: GET, POST, HEAD)', $response);
  }
  else {
    $this->assertResourceErrorResponse(404, 'No route found for "DELETE ' . $this->getEntityResourceUrl()
      ->setAbsolute()
      ->toString() . '"', $response);
  }
  $this->provisionEntityResource();
  if (static::$auth) {
    // DX: forgetting authentication: authentication provider-specific error
    // response.
    $response = $this->request('DELETE', $url, $request_options);
    $this->assertResponseWhenMissingAuthentication('DELETE', $response);
  }
  $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions('PATCH'));
  // DX: 403 when unauthorized.
  $response = $this->request('DELETE', $url, $request_options);
  $this->assertResourceErrorResponse(403, $this->getExpectedUnauthorizedAccessMessage('DELETE'), $response);
  $this->setUpAuthorization('DELETE');
  // Before sending a well-formed request, allow the authentication provider's
  // edge cases to also be tested.
  $this->assertAuthenticationEdgeCases('DELETE', $url, $request_options);
  // 204 for well-formed request.
  $response = $this->request('DELETE', $url, $request_options);
  $this->assertResourceResponse(204, '', $response);
}